11.22 访问日志不记录静态文件
网站大多元素为静态文件,如图片、css、js等,这些元素可以不用记录
编辑虚拟主机配置文件“httpd-vhosts.conf”:
[root@cham002 ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
。。。。。。
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com 2111.com.cn
# <Directory /data/wwwroot/111.com>
# <FilesMatch 123.php>
# AllowOverride AuthConfig
# AuthName "111.com user auth"
# AuthType Basic
#AuthUserFile /data/.htpasswd
# require valid-user
#</FilesMatch>
# </Directory>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^111.com$
RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
</IfModule>
ErrorLog "logs/111.com-error_log"
SetEnvIf Request_URI ".*\.gif$" img
SetEnvIf Request_URI ".*\.jpg$" img
SetEnvIf Request_URI ".*\.png$" img
SetEnvIf Request_URI ".*\.bmp$" img
SetEnvIf Request_URI ".*\.swf$" img
SetEnvIf Request_URI ".*\.js$" img
SetEnvIf Request_URI ".*\.css$" img
CustomLog "logs/111.com-access_log" combined env=!img
</VirtualHost>
[root@cham002 ~]# /usr/local/apache2.4/bin/apachectl graceful 重新加载
[root@cham002 ~]# /usr/local/apache2.4/bin/apachectl -t
[root@cham002 ~]# curl -x127.0.0.1:80 111.com/123214143523eee5353434 -I
HTTP/1.1 404 Not Found
Date: Thu, 21 Dec 2017 05:48:51 GMT
Server: Apache/2.4.29 (Unix) PHP/7.1.6
Content-Type: text/html; charset=iso-8859-1
[root@cham002 ~]# tail /usr/local/apache2.4/logs/111.com-access_log
192.168.230.1 - cham [20/Dec/2017:22:31:12 +0800] "GET / HTTP/1.1" 200 18 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36"
192.168.230.135 - - [21/Dec/2017:10:09:44 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 18 "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:10:19:31 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 18 "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:10:19:37 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 200 - "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:10:19:53 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 18 "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:10:20:23 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 18 "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:10:22:28 +0800] "HEAD HTTP://2111.com.cn/ HTTP/1.1" 301 - "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:13:45:52 +0800] "HEAD HTTP://111.com/123214143523535 HTTP/1.1" 404 - "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:13:47:05 +0800] "HEAD HTTP://111.com/123214143523eee535 HTTP/1.1" 404 - "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:13:48:51 +0800] "HEAD HTTP://111.com/123214143523eee5353434 HTTP/1.1" 404 - "-" "curl/7.29.0"
[root@cham002 ~]# curl -x127.0.0.1:80 111.com/123214143523eee53.jpg -I 这个是不记录的
HTTP/1.1 404 Not Found
Date: Thu, 21 Dec 2017 05:49:35 GMT
Server: Apache/2.4.29 (Unix) PHP/7.1.6
Content-Type: text/html; charset=iso-8859-1
[root@cham002 ~]# tail /usr/local/apache2.4/logs/111.com-access_log
192.168.230.1 - cham [20/Dec/2017:22:31:12 +0800] "GET / HTTP/1.1" 200 18 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36"
192.168.230.135 - - [21/Dec/2017:10:09:44 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 18 "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:10:19:31 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 18 "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:10:19:37 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 200 - "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:10:19:53 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 18 "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:10:20:23 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 18 "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:10:22:28 +0800] "HEAD HTTP://2111.com.cn/ HTTP/1.1" 301 - "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:13:45:52 +0800] "HEAD HTTP://111.com/123214143523535 HTTP/1.1" 404 - "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:13:47:05 +0800] "HEAD HTTP://111.com/123214143523eee535 HTTP/1.1" 404 - "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:13:48:51 +0800] "HEAD HTTP://111.com/123214143523eee5353434 HTTP/1.1" 404 - "-" "curl/7.29.0"
说明: 将所有访问图片的请求定义为变量img,在访问记录(日志)中将其排除即可。重新加载后使用curl访问img变量中所指定格式的文件内容时将不会产生访问记录。 取消,去掉 env=!img即可
11.23 访问日志切割
配置
日志一直记录总有一天会把整个磁盘占满,所以有必要让它自动切割,并删除老的日志文件
编辑虚拟主机配置文件:
[root@cham002 111.com]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com 2111.com.cn
# <Directory /data/wwwroot/111.com>
# <FilesMatch 123.php>
# AllowOverride AuthConfig
# AuthName "111.com user auth"
# AuthType Basic
#AuthUserFile /data/.htpasswd
# require valid-user
#</FilesMatch>
# </Directory>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^111.com$
RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
</IfModule>
ErrorLog "logs/111.com-error_log"
SetEnvIf Request_URI ".*\.gif$" img
SetEnvIf Request_URI ".*\.jpg$" img
SetEnvIf Request_URI ".*\.png$" img
SetEnvIf Request_URI ".*\.bmp$" img
SetEnvIf Request_URI ".*\.swf$" img
SetEnvIf Request_URI ".*\.js$" img
SetEnvIf Request_URI ".*\.css$" img
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/111.com-access_%Y%m%d.log 86400" combined env=!img
</VirtualHost>
#使用rotatelogs工具,以系统时间为基准,每天切割一次日志,并且日志名字格式为“111.com-access_%Y%m%d.log”。
#每小时切割一次日志,语法:
#CustomLog "|/usr/local/apache2.4/bin/rotatelogs logs/access_%Y%m%d%H.log 3600" combined
说明: rotatelogs是Apache切割日志的工具;-l表示使用系统(CST=Chinese time)时间,如果加-l选项,将以默认的(UTC)时间为准;日志文件名“%Y%m%d”表示年月日;时间间隔设定为一天(1day=24h=1440min=86400s)。
检查重载配置文件:
[root@cham002 111.com]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@cham002 111.com]# /usr/local/apache2.4/bin/apachectl graceful
[root@cham002 111.com]# ls /usr/local/apache2.4/logs/
111.com-access_log 111.com-error_log abc.com-access_log abc.com-error_log access_log error_log httpd.pid
[root@cham002 111.com]# curl -x127.0.0.1:80 111.com/123.php
hello 123.php[root@cham/usr/local/apache2.4/bin/apachectl graceful
[root@cham002 111.com]# ls /usr/local/apache2.4/logs/
111.com-access_20171221.log 111.com-error_log abc.com-error_log error_log
111.com-access_log abc.com-access_log access_log httpd.pid
[root@cham002 111.com]# cat /usr/local/apache2.4/logs/111.com-access_20171221.log
127.0.0.1 - - [21/Dec/2017:14:13:14 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 14 "-" "curl/7.29.0"
11.24 静态元素过期时间
当浏览器访问网站时会把静态文件(如图片文件、css、js文件等)缓存到本地电脑,这样下次访问的时候就不用去远程下载了,可以自定义清除该部分缓存的时间,即设定静态元素过期时间。该设置可用于优化网站,特别是公司内网。
[root@cham002 111.com]# ls
123.php index.php photo.jpg 把photo.jpg 改成photo1.jpg
[root@cham002 111.com]# mv photo.jpg photo1.jpg
[root@cham002 111.com]# ls
123.php index.php photo1.jpg
第一次访问是200
第2次访问变成304 Not Modified!
配置
编辑虚拟主机配置文件:
[root@cham002 111.com]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com 2111.com.cn
# <Directory /data/wwwroot/111.com>
# <FilesMatch 123.php>
# AllowOverride AuthConfig
# AuthName "111.com user auth"
# AuthType Basic
#AuthUserFile /data/.htpasswd
# require valid-user
#</FilesMatch>
# </Directory>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^111.com$
RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
</IfModule>
<IfModule mod_expires.c>
ExpiresActive on #打开该功能的开关
ExpiresByType image/gif "access plus 1 days"
ExpiresByType image/jpeg "access plus 24 hours"
ExpiresByType image/png "access plus 24 hours"
ExpiresByType text/css "now plus 2 hour"
ExpiresByType application/x-javascript "now plus 2 hours"
ExpiresByType application/javascript "now plus 2 hours"
ExpiresByType application/x-shockwave-flash "now plus 2 hours"
ExpiresDefault "now plus 0 min"
#以上是定义不同类型的文件缓存的时间
</IfModule>
RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
ErrorLog "logs/111.com-error_log"
SetEnvIf Request_URI ".*\.gif$" img
SetEnvIf Request_URI ".*\.jpg$" img
SetEnvIf Request_URI ".*\.png$" img
SetEnvIf Request_URI ".*\.jpg$" img
SetEnvIf Request_URI ".*\.png$" img
SetEnvIf Request_URI ".*\.bmp$" img
SetEnvIf Request_URI ".*\.swf$" img
SetEnvIf Request_URI ".*\.js$" img
SetEnvIf Request_URI ".*\.css$" img
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/111.com-access_%Y%m%d.log 86400" combined env=!img
</VirtualHost>
说明: 在配置文件添加mod_expires.c模块内容,其余不变。
检测
[root@cham002 111.com]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@cham002 111.com]# /usr/local/apache2.4/bin/apachectl -M |grep expire
检测Apache配置文件是否开启expire模块:没有打开
[root@cham002 111.com]# vim /usr/local/apache2.4/conf/httpd.conf
[root@cham002 111.com]# /usr/local/apache2.4/bin/apachectl graceful
[root@cham002 111.com]# /usr/local/apache2.4/bin/apachectl -M |grep expi
expires_module (shared)
ctrl+f5强制刷新,清空浏览器缓存。因为配置了expires.c模块右边小框里面就出现了它的过期时间等信息
用curl也是一样的,出现了它的过期时间等信息
[root@cham002 111.com]# curl -x127.0.0.1:80 111.com/photo1.jpg -I
HTTP/1.1 200 OK
Date: Thu, 21 Dec 2017 06:46:42 GMT
Server: Apache/2.4.29 (Unix) PHP/7.1.6
Last-Modified: Thu, 19 Oct 2017 09:44:16 GMT
ETag: "976c5-55be33310dc00"
Accept-Ranges: bytes
Content-Length: 620229
Cache-Control: max-age=86400
Expires: Fri, 22 Dec 2017 06:46:42 GMT
Content-Type: image/jpeg
说明: 当前时间“Date: Tue, 01 Aug 2017 10:17:36 GMT”,缓存时长“Cache-Control: max-age=86400s”,失效时间“Expires: Wed, 02 Aug 2017 10:17:36 GMT”,即png格式图片缓存时长为1天。
扩展:
apache日志记录客户端请求的域名
正常情况下,根本就没有必要记录这一项,毕竟咱们大都根据虚拟主机来设置相应的访问日志,但也有个别的情况,比如 ServerName *.abc.com这样泛解析的形式,所以有必要记录一下用户请求的域名到底是哪个。 而apache的LogFormat 中正好有一项值满足了这个需求。即 %V 这里是大写的V ,小写的v 记录的是咱们在虚拟主机中设置的ServerName ,这个的确是没有必要记录的。
apache只记录指定URI的日志
需求: 把类似请求 www.aaa.com/aaa/... 这样的请求才记录日志。
方法: 在httpd.conf 或者 相关的虚拟主机配置文件中添加:
SetEnvIf Request_URI "^/aaa/.*" aaa-request
CustomLog "|/usr/local/apache/bin/rotatelogs -l /usr/local/apache/logs/aaa-access_%Y%m%d.log 86400" combined env=aaa-request
原理和不记录图片等静态访问的日志( http://www.lishiming.net/thread-561-1-1.html )是一样的。
apache日志中记录代理IP以及真实客户端IP
默认情况下log日志格式为:
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
,其中%h 是记录访问者的IP,如果在web的前端有一层代理,那么这个%h其实就是代理机器的IP,这不是我们想要的。我们需要的是记录客户端的真实IP,“%{X-FORWARDED-FOR}i ”该字段会记录客户端真实IP,所以log日志的格式应改为:
LogFormat "%h %{X-FORWARDED-FOR}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
扩展:
rotatelogs命令
语法: rotatelogs [ -l ] logfile [ rotationtime [ offset ]] rotatelogs [ filesizeM ] logfile
选项: -l:使用本地时间代替GMT时间作为时间基准。注意:在一个改变GMT偏移量(比如夏令时)的环境中使用-l会导致不可预料的结果。所以一定要加上-l 否则出现的日志时间和实际时间是相差8小时的。 rotationtime:日志文件滚动的以秒为单位的间隔时间。 offset:相对于UTC的时差的分钟数。如果省略,则假定为”0″并使用UTC时间。比如,要指定UTC时差为”-5小时”的地区的当地时间,则此参数应为”-300″。 filesizeM:指定以filesizeM文件大小滚动,而不是按照时间或时差滚动。
日志切割方法2:
使用cronolog命令:
一:每一天建立一个新日志
CustomLog "|bin/cronolog logs/access_%Y%m%d.log" combined
二:每小时建立一个新日志
CustomLog "|bin/cronolog logs/access_%Y%m%d%h.log" combined