Recently I have noticed that my Apache error log file shows it is generating segmentation faults. After doing little research I came to know that there is not simple solution to find of causes of this problem. I got an error that read as follows:

[Mon May 8 11:20:09 2006] [notice] Apache/2 (WebAppBETA) child pid 1256 exit signal Segmentation fault (11)
[Mon May 8 11:23:12 2006] [notice] Apache/2 (WebAppBETA) child pid 1301 exit signal Segmentation fault (11)

The problem is that our application development team has hacked (aka modified source code) Apache 2.0 source tree for application my company developing. To get rid of this problem I was asked to configure a Linux system so that Apache can dump core files on segmentation faults.

Nginx默认是显示版本号的，如：

[root@bkjz ~]# curl -I www.nginx.org
HTTP/1.1 200 OK
Server: nginx/0.8.44
Date: Tue, 13 Jul 2010 14:05:11 GMT
Content-Type: text/html
Content-Length: 8284
Last-Modified: Tue, 13 Jul 2010 12:00:13 GMT
Connection: keep-alive
Keep-Alive: timeout=15
Accept-Ranges: bytes

这样就给人家看到你的服务器nginx版本是0.8.44，前些时间暴出了一些Nginx版本漏洞，就是说有些版本有漏洞，而有些版本没有。这样暴露出来的版本号就容易变成攻击者可利用的信息。所以，从安全的角度来说，隐藏版本号会相对安全些！

一般情况下，软件的漏洞信息和特定版本是相关的，因此，软件的版本号对攻击者来说是很有价值的。

在默认情况下，系统会把Apache版本模块都显示出来（http返回头信息）。如果列举目录的话，会显示域名信息（文件列表正文），如：

[root@localhost conf]# curl -I 192.168.146.188  
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2011 09:17:42 GMT
Server: Apache/2.2.4 (Unix) PHP/5.2.6
Last-Modified: Sat, 20 Nov 2004 20:16:24 GMT
ETag: "be0533-2c-3e9564c23b600"
Accept-Ranges: bytes
Content-Length: 44
Content-Type: text/html

 I'm getting the following error in my nginx server error log file:

2010/04/16 13:24:16 [crit] 21974#0: *3188937 open() "/usr/local/nginx/html/50x.html" failed (24: Too many open files), client: 88.x.y.z, server: example.com, request: "GET /file/images/background.jpg HTTP/1.1", upstream: "http://10.8.4.227:81//file/images/background.jpg", host: "example.com"

...

2010/12/21 12:39:25 [crit] 20157#0: *230260 open() "/usr/local/nginx/html/50x.html" failed (24: Too many open files), client: 58.245.186.49, server: example.com, request: "GET /style/all.css HTTP/1.1", host: "example.com", referrer: "http://domain.com/x.php?..."

2010/12/21 12:39:25 [alert] 20157#0: accept() failed (24: Too many open files)

Apache模块 mod_rewrite

概述

此模块提供了一个基于正则表达式分析器的重写引擎来实时重写URL请求。它支持每个完整规则可以拥有不限数量的子规则以及附加条件规则的灵活而且强大的URL操作机制。此URL操作可以依赖于各种测试，比如服务器变量、环境变量、HTTP头、时间标记，甚至各种格式的用于匹配URL组成部分的查找数据库。

此模块可以操作URL的所有部分(包括路径信息部分)，在服务器级的(httpd.conf)和目录级的(.htaccess)配置都有效，还可以生成最终请求字符串。此重写操作的结果可以是内部子处理，也可以是外部请求的转向，甚至还可以是内部代理处理。

但是，所有这些功能和灵活性带来一个问题，那就是复杂性，因此，不要指望一天之内就能看懂整个模块。

更多的讨论、细节、示例，请查看详细的URL重写文档。

Apache模块 mod_rewrite

URL重写

Nginx限制IP,限制目录访问的设置

当您试图通过使用 HTTP 访问一台正在运行 Internet 信息服务 (IIS) 7.0 的服务器上的内容时，IIS 7.0 返回一个表示该响应的状态的数字代码。HTTP 状态代码记录在 IIS 日志中。此外，HTTP 状态代码可能会显示在客户端浏览器中。

HTTP 状态代码可能表示请求是否成功或不成功。HTTP 状态代码也可能显示请求成功的确切原因。

    mod_pagespeed is an open-source Apache module that automatically optimizes web pages and resources on them. It does this by rewriting the resources using filters that implement web performance best practices. Webmasters and web developers can use mod_pagespeed to improve the performance of their web pages when serving content with the Apache HTTP Server.

mod_pagespeed includes several filter that optimize JavaScript, HTML and CSS stylesheets. It also includes filters for optimizing JPEG and PNG images. The filters are based on a set of best practices known to enhance web page performance. Webmasters who set up mod_pagespeed in addition to configuring proper caching and compression on their Apache distribution should expect to see an improvement in the loading time of the pages on their websites.