假设我有一个文件 list_of_naughty_ip_blocks.conf。我可以使用 include 指令来实现 httpd.conf 中下面第 8 行的等效功能吗?如果可以,正确的语法是什么?list_of_naughty_ip_blocks.conf 的格式和语法有什么需要注意的吗?
SetEnvIfNoCase User-Agent "FNetwork" UnwantedRobot
SetEnvIfNoCase User-Agent "NG 1.x" UnwantedRobot
SetEnvIfNoCase User-Agent "larbin" UnwantedRobot
<Directory "/var/www/">
Order Allow,Deny
Allow from all
Deny from env=UnwantedRobot
Deny from "list_of_naughty_ip_blocks.conf"
</Directory>
为清晰起见,进行了编辑。
答案1
只需在包含文件中包含“Deny from”关键短语:
<Location /secret/>
Order Allow,Deny
Allow from all
Deny from env=UnwantedRobot
Include conf.d/moredeny.inc
</Location>
在 moredeny.inc
Deny from 192.168.1.1
Deny from 192.168.66.1
Deny from 192.168.1.1
答案2
答案3
一种“肮脏”的方式是使用在模式sed后附加一行env=UnwantedRobot。假设您在以下内容中httpd.conf:
<Directory "/var/www/">
Order Allow,Deny
Allow from all
Deny from env=UnwantedRobot
</Directory>
该ip.txt文件包括:
1.2.3.4
5.6.7.8
运行以下命令:
$ while read ip; do sed -i '/env=UnwantedRobot/ a\
\tDeny\ from\ '"$ip"'' httpd.conf; done < ip.txt
你将得到结果:
<Directory "/var/www/">
Order Allow,Deny
Allow from all
Deny from env=UnwantedRobot
Deny from 5.6.7.8
Deny from 1.2.3.4
</Directory>
-i意味着就地编辑文件a代表附加