禁用跟踪/跟踪apache
我对跟踪/跟踪HTTP方法有一个问题。 我禁用了httpd.conf中的跟踪,禁用了TraceEnable。 当我尝试测试它是否真的被禁用时,我得到的是:禁用跟踪/跟踪apache,apache,ssl,nginx,Apache,Ssl,Nginx,我对跟踪/跟踪HTTP方法有一个问题。 我禁用了httpd.conf中的跟踪,禁用了TraceEnable。 当我尝试测试它是否真的被禁用时,我得到的是: < HTTP/1.1 405 Method Not Allowed 通过RFC指定TRACK/TRACE()的行为,没有定义不成功调用的行为。你遇到的正是这种未定义的行为 如果通过TRACK/TRACE进行的呼叫成功,则以下情况为真: HTTP状态代码为200 消息/http的内容类型 其他任何事情都被视为失败。405也被视为故障(客
< HTTP/1.1 405 Method Not Allowed
通过RFC指定TRACK/TRACE()的行为,没有定义不成功调用的行为。你遇到的正是这种未定义的行为 如果通过TRACK/TRACE进行的呼叫成功,则以下情况为真:
消息/http的内容类型其他任何事情都被视为失败。405也被视为故障(客户端触发的故障,因此状态代码为4xx),因此,就RFC而言,这完全符合请求类型的定义方式。所以,真正的问题是,在RFC之外,你期望与你所拥有的不同之处是什么?错误响应?两个站点的错误响应实际上都是405。我使用这个命令来测试跟踪方法:curl--SSL站点的unsecure-v-X跟踪和curl-v-X跟踪响应的内容是405方法不允许非SSL和SSL-one的完整html我在我的问题中添加了SSL和非SSL跟踪的响应,可能会这样help@chupya当前位置问题仍然存在-你为什么关心明确不允许的方法的内容响应?RFC没有定义它。然而,在SSL版本上,请求仍然会传递到PHP(这似乎是生成站点输出的底层方法)。在这种情况下,您能给我看一下相关的配置吗?我的问题是,这是否是正常行为,nginx和apache的配置是否正确,以及跟踪方法是否真的被禁用。我对TRACE方法给出的不同响应感到困惑。根据您的请求,我添加了配置文件。好的,因此预期会出现不同的行为。在405到php后端的情况下,您有一个
proxy_pass* Connected to example.com (xx.xx.xx.xx) port 80 (#0)
> TRACE / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: example.com
> Accept: */*
>
< HTTP/1.1 405 Not Allowed
* Server nginx admin is not blacklisted
< Server: nginx admin
< Date: Mon, 08 Jun 2015 11:26:45 GMT
< Content-Type: text/html
< Content-Length: 166
< Connection: close
<
<html>
<head><title>405 Not Allowed</title></head>
<body bgcolor="white">
<center><h1>405 Not Allowed</h1></center>
<hr><center>nginx</center>
</body>
</html>
* Closing connection 0
* Connected to www.example.com (xx.xx.xx.xx) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
* subject: OU=GT45927005; OU=See www.rapidssl.com/resources/cps (c)15; OU=Domain Control Validated - RapidSSL(R); CN=www.smartnation.ro
* start date: 2015-05-03 09:14:54 GMT
* expire date: 2016-05-05 19:37:10 GMT
* issuer: C=US; O=GeoTrust Inc.; CN=RapidSSL SHA256 CA - G3
* SSL certificate verify ok.
> TRACE / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: www.example.com
> Accept: */*
>
< HTTP/1.1 405 Method Not Allowed
< Date: Mon, 08 Jun 2015 11:30:55 GMT
* Server Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 is not blacklisted
< Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< X-Pingback: https://www.example.com/xmlrpc.php
< Set-Cookie: PHPSESSID=6b7fbfb366741438c07a9041452ea469; path=/
< Set-Cookie: _pmxi_session=%7C%7C%7C%7C; path=/
< Connection: close
< Transfer-Encoding: chunked
< Content-Type: text/html; charset=UTF-8
<
<!DOCTYPE html>
<!--[if lt IE 7 ]><html class="ie ie6" lang="en"> <![endif]-->
<!--[if IE 7 ]><html class="ie ie7" lang="en"> <![endif]-->
<!--[if IE 8 ]><html class="ie ie8" lang="en"> <![endif]-->
<!--[if (gte IE 9)|!(IE)]><!--><html lang="en"> <!--<![endif]-->
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1.0,maximum-scale=1.0,user-scalable=no" />
<meta name="apple-mobile-web-app-capable" content="yes" />
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta http-equiv="content-language" content="en" />
etc...
Listen 0.0.0.0:8081
Listen [::]:8081
Listen 0.0.0.0:443
Listen [::]:443
<VirtualHost xx.xx.xx.xx:8081>
ServerName example.com
ServerAlias www.example.com
DocumentRoot /home/account/public_html
ServerAdmin webmaster@example.com
UseCanonicalName Off
#CustomLog /usr/local/apache/domlogs/example.com combined
#CustomLog /usr/local/apache/domlogs/example.com-bytes_log "%{%s}t %I .\n%{%s}t %O ."
## User account # Needed for Cpanel::ApacheConf
UserDir enabled account
<IfModule mod_suphp.c>
suPHP_UserGroup account account
</IfModule>
<IfModule !mod_disable_suexec.c>
<IfModule !mod_ruid2.c>
SuexecUserGroup account account
</IfModule>
</IfModule>
<IfModule mod_ruid2.c>
RMode config
RUidGid account account
</IfModule>
<IfModule itk.c>
# For more information on MPM ITK, please read:
# http://mpm-itk.sesse.net/
AssignUserID account account
</IfModule>
ScriptAlias /cgi-bin/ /home/account/public_html/cgi-bin/
# To customize this VirtualHost use an include file at the following location
# Include "/usr/local/apache/conf/userdata/std/2/account/example.com/*.conf"
</VirtualHost>
<VirtualHost xx.xx.xx.xx:443>
ServerName example.com
ServerAlias www.example.com
DocumentRoot /home/account/public_html
ServerAdmin webmaster@example.com
UseCanonicalName Off
#CustomLog /usr/local/apache/domlogs/example.com combined
#CustomLog /usr/local/apache/domlogs/example.com-bytes_log "%{%s}t %I .\n%{%s}t %O ."
## User natsmart # Needed for Cpanel::ApacheConf
UserDir enabled account
<IfModule mod_suphp.c>
suPHP_UserGroup account account
</IfModule>
<IfModule !mod_disable_suexec.c>
<IfModule !mod_ruid2.c>
SuexecUserGroup account account
</IfModule>
</IfModule>
<IfModule mod_ruid2.c>
RMode config
RUidGid account account
</IfModule>
<IfModule itk.c>
# For more information on MPM ITK, please read:
# http://mpm-itk.sesse.net/
AssignUserID account account
</IfModule>
ScriptAlias /cgi-bin/ /home/account/public_html/cgi-bin/
SSLEngine on
SSLCertificateFile /var/cpanel/ssl/installed/certs/www_example_com_dfe76_6dcdf_1462477030_fd971317dfc02602ec168052ed2c7119.crt
SSLCertificateKeyFile /var/cpanel/ssl/installed/keys/dfe76_6dcdf_d9471fcd7e80d319080f6db604599d49.key
SSLCACertificateFile /var/cpanel/ssl/installed/cabundles/GeoTrust_Inc__6473a1b25f37e0f134912eb5d8d02a9c_1653082772.cabundle
#CustomLog /usr/local/apache/domlogs/example.com-ssl_log combined
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
<Directory "/home/account/public_html/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
# To customize this VirtualHost use an include file at the following location
# Include "/usr/local/apache/conf/userdata/ssl/2/account/example.com/*.conf"
</VirtualHost>
server {
error_log /var/log/nginx/vhost-error_log warn;
listen xx.xx.xx.xx:80;
listen [::]:80;
server_name example.com www.example.com;
access_log /usr/local/apache/domlogs/example.com-bytes_log bytes_log;
access_log /usr/local/apache/domlogs/example.com combined;
root /home/account/public_html;
#location / {
location ~*.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso)$ {
expires 1M;
try_files $uri @backend;
}
location / {
error_page 405 = @backend;
add_header X-Cache "HIT from Backend";
proxy_pass http://xx.xx.xx.xx:8081;
include proxy.inc;
include microcache.inc;
}
location @backend {
internal;
proxy_pass http://xx.xx.xx.xx:8081;
include proxy.inc;
include microcache.inc;
}
location ~ .*\.(php|jsp|cgi|pl|py)?$ {
proxy_pass http://xx.xx.xx.xx:8081;
include proxy.inc;
include microcache.inc;
}
location ~ /\.ht {
deny all;
}
}