PAL.C.T MINI SHELL
<?xml version="1.0" encoding="EUC-KR"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="ko" xml:lang="ko"><head>
<meta content="text/html; charset=EUC-KR" http-equiv="Content-Type" />
<!--
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
This file is generated from xml source: DO NOT EDIT
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-->
<title> - Apache HTTP Server Version 2.4</title>
<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="../style/css/prettify.css" />
<script src="../style/scripts/prettify.min.js" type="text/javascript">
</script>
<link href="../images/favicon.ico" rel="shortcut icon" /></head>
<body id="manual-page"><div id="page-header">
<p class="menu"><a href="../mod/"></a> | <a href="../mod/directives.html">þ</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html"></a> | <a href="../sitemap.html">Ʈ</a></p>
<p class="apache">Apache HTTP Server Version 2.4</p>
<img alt="" src="../images/feather.gif" /></div>
<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div>
<div id="path">
<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.4</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1> </h1>
<div class="toplang">
<p><span> : </span><a href="../en/misc/security_tips.html" hreflang="en" rel="alternate" title="English"> en </a> |
<a href="../fr/misc/security_tips.html" hreflang="fr" rel="alternate" title="Français"> fr </a> |
<a href="../ko/misc/security_tips.html" title="Korean"> ko </a> |
<a href="../tr/misc/security_tips.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p>
</div>
<div class="outofdate"> ֽ ƴմϴ.
ֱٿ ϼ.</div>
<p> Ҷ Ʈ ̴.
Ϲ̰, ġ شϴ ̴.</p>
</div>
<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#uptodate">ֽ ϱ</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#serverroot">ServerRoot 丮 </a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#ssi">Server Side Includes</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#cgi">Ϲ CGI</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#nsaliasedcgi">ScriptAlias CGI</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#saliasedcgi">ScriptAlias CGI</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#dynamic"> ϴ ٸ </a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#systemsettings">ý ȣϱ</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#protectserverfiles">⺻ ִ ȣϱ</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#watchyourlogs">α 캸</a></li>
</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="uptodate" id="uptodate">ֽ ϱ</a></h2>
<p>ġ
ü ϴ. ũ ۰ ǥ ߰ߵǴ
. Ʈ ֽŹ ϴ
߿ϴ. ġ ٿεߴٸ,
ο Ʈ ˷ִ <a href="http://httpd.apache.org/lists.html#http-announce">ġ
ǥ ϸƮ</a> ϱ Ѵ.
ġ Ʈ ϴ ڵ鵵
Ѵ.</p>
<p> ڵ嶧 ϴ
ʴ. ߰ ڵ, CGI ũƮ, ü
ϴ 찡 . Ƿ ϸ
ý Ʈ Ʈؾ Ѵ.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="serverroot" id="serverroot">ServerRoot 丮 </a></h2>
<p> root ڰ ġ , û ϱ
<code class="directive"><a href="../mod/mpm_common.html#user">User</a></code> þ
ڷ ȯѴ. root ϴ ɾ ִٸ,
root ̿ ڰ ϵ ؾ Ѵ.
ϵ root ־ ϰ, 丮 丮
. , ServerRoot /usr/local/apache
Ѵٸ root ڰ 丮
Ѵ:</p>
<div class="example"><p><code>
mkdir /usr/local/apache <br />
cd /usr/local/apache <br />
mkdir bin conf logs <br />
chown 0 . bin conf logs <br />
chgrp 0 . bin conf logs <br />
chmod 755 . bin conf logs
</code></p></div>
<p> /, /usr, /usr/local root ִ.
httpd ġҶ ȣؾ Ѵ:</p>
<div class="example"><p><code>
cp httpd /usr/local/apache/bin <br />
chown 0 /usr/local/apache/bin/httpd <br />
chgrp 0 /usr/local/apache/bin/httpd <br />
chmod 511 /usr/local/apache/bin/httpd
</code></p></div>
<p>htdocs 丮 ٸ ڵ ֵ
ִ -- root װ ִ ,
ʾƾ Ѵ.</p>
<p>root ƴ ڰ root ϰų Ⱑ
ִٸ ý root ĥ ִ.
, httpd Ͽٸ Ҷ
ڵ带 ϰ ȴ. logs 丮 (root ƴ
ڿ) Ⱑϴٸ α ٸ ýϷ
ɺũ ɾ root Ͽ ڷḦ
ִ. α (root ƴ ڿ) Ⱑϴٸ
α ̻ ڷḦ ִ.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="ssi" id="ssi">Server Side Includes</a></h2>
<p>Server Side Includes (SSI) ڿ Ȼ
̴.</p>
<p>ù° ϸ ø ̴. ġ Ͽ
SSI þ ִ ο SSI мؾ
Ѵ. ϰ , ϴ
ȯ濡 ɰ ִ.</p>
<p>, SSI Ϲ CGI ũƮ
. SSI Ͽ "exec cmd" ϸ httpd.conf
ġ ϵ ڿ CGI
ũƮ α ִ.</p>
<p> Ȱϸ鼭 SSI Ű
ִ.</p>
<p>SSI ִ ظ ݸϱ ڴ
<a href="#cgi">Ϲ CGI</a> ϴ
<a href="../suexec.html">suexec</a> ִ</p>
<p>.html̳ .htm Ȯڸ SSI Ϸ ϴ ϴ.
Ư ϰų ŷ ȯ濡
ϴ. SSI Ϲ ϴ .shtml
Ȯڸ Ѵ. ϸ ּȭϰ
Ҹ ִ.</p>
<p>ٸ SSI ũƮ α
ϵ ̴. <code class="directive"><a href="../mod/core.html#options">Options</a></code> þ <code>Includes</code>
<code>IncludesNOEXEC</code> Ѵ. ũƮ
<code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code> þ
丮 ִٸ <--#include virtual="..." -->
Ͽ CGI ũƮ ϶.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="cgi" id="cgi">Ϲ CGI</a></h2>
<p>ᱹ CGI ũƮ/α ڸ ŷؾ
ϰ, ǰ Ǽ̰ CGI Ȼ ߰
־ Ѵ. ⺻ CGI ũƮ
ýۿ ɾ ֱ
ְ Ȯ ſ ϴ.</p>
<p> CGI ũƮ ڷ DZ ٸ
ũƮ (ǰ Ǽ̰) 浹 ɼ ִ.
, A B ſ ȾϿ, B CGI
ͺ̽ ũƮ ۼ ִ. ġ
1.2 ԵǾ ġ Ư (hook)
ϴ <a href="../suexec.html">suEXEC</a> ũƮ
ٸ ڷ ϴ ϳ. ٸ
<a href="http://cgiwrap.unixtools.org/">CGIWrap</a> ִ.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="nsaliasedcgi" id="nsaliasedcgi">ScriptAlias CGI</a></h2>
<p> Ҷ ڰ 丮
CGI ũƮ ϵ ִ:</p>
<ul>
<li> ǰ Ǽ̰ ڰ ý ݿ Ű
ũƮ ۼ ʴ´ٰ ϴ´.</li>
<li>ý ٸ κ ؼ,
ϳ ٰ ϴ .</li>
<li>ڰ , Ƹ ƹ 湮ʴ .</li>
</ul>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="saliasedcgi" id="saliasedcgi">ScriptAlias CGI</a></h2>
<p>Ư 丮 CGI ֵ ϸ ڴ
̵ 丮 ִ. scriptalias
CGI Ȯ ϴ. , ŷϴ ڸ 丮
ְ, ڰ ο CGI ũƮ/α
Ȼ ˻ ̰ ִٸ.</p>
<p>κ Ʈ scriptalias CGI
Ѵ.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="dynamic" id="dynamic"> ϴ ٸ </a></h2>
<p>
mod_php, mod_perl, mod_tcl, mod_python Ϻη
ϴ Ӻ ũƮ ڷ (<code class="directive"><a href="../mod/mpm_common.html#user">User</a></code> þ ) DZ,
ũƮ ϴ ũƮ ڰ
ִ Ϳ ִ. ũƮ
, ϴٰ ʴ .</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="systemsettings" id="systemsettings">ý ȣϱ</a></h2>
<p> Ϸ ڰ
<code>.htaccess</code> Ͽ ȱ
ϱ ٶ ̴.
ִ.</p>
<p> Ͽ ߰Ѵ</p>
<div class="example"><p><code>
<Directory /> <br />
AllowOverride None <br />
</Directory>
</code></p></div>
<p> 밡ϵ 丮 ϰ
<code>.htaccess</code> .</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="protectserverfiles" id="protectserverfiles">⺻ ִ ȣϱ</a></h2>
<p> ġ ⺻ ٿ ߸ ˰ִ.
, Ϲ URL Ģ Ͽ ã
ִٸ, Ư ġ ʴ Ŭ̾Ʈ
ִ.</p>
<p> , Ʒ :</p>
<div class="example"><p><code>
# cd /; ln -s / public_html <br />
<code>http://localhost/~root/</code> Ѵ
</code></p></div>
<p> Ŭ̾Ʈ ü Ͻý ƴٴ ִ.
̸ ġ Ѵ:</p>
<div class="example"><p><code>
<Directory /> <br />
Order Deny,Allow <br />
Deny from all <br />
</Directory>
</code></p></div>
<p> Ͻý ġ ⺻ źεȴ.
ϴ ֵ <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> ߰Ѵ.</p>
<div class="example"><p><code>
<Directory /usr/users/*/public_html> <br />
Order Deny,Allow <br />
Allow from all <br />
</Directory> <br />
<Directory /usr/local/httpd> <br />
Order Deny,Allow <br />
Allow from all <br />
</Directory>
</code></p></div>
<p><code class="directive"><a href="../mod/core.html#location">Location</a></code> <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> þ ϴ
Ư Ǹ ←. , <code><Directory
/></code> źϴ <code><Location
/></code> þ ̸ ִ</p>
<p><code class="directive"><a href="../mod/mod_userdir.html#userdir">UserDir</a></code> þ
ϴ 쿡 ϶. þ "./" ϸ
root ڿ ٷ Ѵ.
ġ 1.3 ̻ Ѵٸ Ͽ Ʒ ߰ϱ
Ѵ:</p>
<div class="example"><p><code>
UserDir disabled root
</code></p></div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="watchyourlogs" id="watchyourlogs">α 캸</a></h2>
<p> ־ ִ ˷ <a href="../logs.html">α</a> Ѵ. α
̹ Ͼ ϸ , ־
˷ְ ʿ ŭ Ȯϰ ش.</p>
<p> :</p>
<div class="example"><p><code>
grep -c "/jsp/source.jsp?/jsp/ /jsp/source.jsp??" access_log <br />
grep "client denied" error_log | tail -n 10
</code></p></div>
<p>ù° <a href="http://online.securityfocus.com/bid/4876/info/">߸
Source.JSP û ˾Ƴ ִ Tomcat
</a> ̿Ϸ Ƚ ˷ְ, ι°
źε ֱ Ŭ̾Ʈ 10 ش:</p>
<div class="example"><p><code>
[Thu Jul 11 17:18:39 2002] [error] [client foo.bar.com] client denied
by server configuration: /usr/local/apache/htdocs/.htpasswd
</code></p></div>
<p> α ̹ Ǹ Ѵ.
Ŭ̾Ʈ <code>.htpasswd</code> Ͽ
־ٸ <a href="../logs.html#accesslog"> α</a>
̴:</p>
<div class="example"><p><code>
foo.bar.com - - [12/Jul/2002:01:59:13 +0200] "GET /.htpasswd HTTP/1.1"
</code></p></div>
<p>, Ͽ κ ּó
̴:</p>
<div class="example"><p><code>
<Files ".ht*"> <br />
Order allow,deny <br />
Deny from all <br />
<Files>
</code></p></div>
</div></div>
<div class="bottomlang">
<p><span> : </span><a href="../en/misc/security_tips.html" hreflang="en" rel="alternate" title="English"> en </a> |
<a href="../fr/misc/security_tips.html" hreflang="fr" rel="alternate" title="Français"> fr </a> |
<a href="../ko/misc/security_tips.html" title="Korean"> ko </a> |
<a href="../tr/misc/security_tips.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p>
</div><div class="top"><a href="#page-header"><img src="../images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>
<script type="text/javascript"><!--//--><![CDATA[//><!--
var comments_shortname = 'httpd';
var comments_identifier = 'http://httpd.apache.org/docs/2.4/misc/security_tips.html';
(function(w, d) {
if (w.location.hostname.toLowerCase() == "httpd.apache.org") {
d.write('<div id="comments_thread"><\/div>');
var s = d.createElement('script');
s.type = 'text/javascript';
s.async = true;
s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;
(d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);
}
else {
d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>');
}
})(window, document);
//--><!]]></script></div><div id="footer">
<p class="apache">Copyright 2015 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
<p class="menu"><a href="../mod/"></a> | <a href="../mod/directives.html">þ</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html"></a> | <a href="../sitemap.html">Ʈ</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
if (typeof(prettyPrint) !== 'undefined') {
prettyPrint();
}
//--><!]]></script>
</body></html>
y~or�5J�={Ee�u磝Qk���ᯘG{?+]ן?�wM3X�^歌>{7پK>on\jy�R�g/=fOr�oNVv~Y+�NGuÝHWyw[eQʨSb>�>}Gmx[o[<�{Ϯ_qF�vM����IENDB`