Chip 2004 November

home *** CD-ROM | disk | FTP | other *** search

/ Chip 2004 November / CMCD1104.ISO / Software / Complet / Apache / apache_2.0.52-win32-x86-no_ssl.msi / Data.Cab / F277909_security_tips.html.ko.euckr < prev next >

Wrap

Extensible Markup Language | 2004-05-07 | 17KB | 341 lines

<?xml version="1.0" encoding="EUC-KR"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="ko" xml:lang="ko"><head> <title>║╕╛╚ ╞┴ - Apache HTTP Server</title> <link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> <link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> <link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> <link href="../images/favicon.ico" rel="shortcut icon" /></head> <body id="manual-page"><div id="page-header"> <p class="menu"><a href="../mod/">╕≡╡Γ</a> | <a href="../mod/directives.html">┴÷╜├╛ε╡Θ</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">┐δ╛ε</a> | <a href="../sitemap.html">╗τ└╠╞«╕╩</a></p> <p class="apache">Apache HTTP Server Version 2.0</p> <img alt="" src="../images/feather.gif" /></div> <div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> <div id="path"> <a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs-project/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>║╕╛╚ ╞┴</h1> <div class="toplang"> <p><span>░í┤╔╟╤ ╛≡╛ε: </span><a href="../en/misc/security_tips.html" hreflang="en" rel="alternate" title="English"> en </a> | <a href="../ko/misc/security_tips.html" title="Korean"> ko </a></p> </div> <p>└Ñ╝¡╣÷╕ª ┐ε┐╡╟╥╢º ╡╡┐≥└╠ ╡╔ ║╕╛╚ ░ⁿ╖├ ╚∙╞«┐═ ╞┴└╠┤┘. ╛ε╢▓ ░═└║ └╧╣▌└√└╠░φ, ╛ε╢▓ ░═└║ ╛╞╞──í┐í╕╕ ╟╪┤τ╟╧┤┬ ░═└╠┤┘.</p> </div> <div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#uptodate">├╓╜┼╞╟└╕╖╬ └»┴÷╟╧▒Γ</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#serverroot">ServerRoot ╡≡╖║┼Σ╕« ▒╟╟╤</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#ssi">Server Side Includes</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#cgi">└╧╣▌└√└╬ CGI</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#nsaliasedcgi">ScriptAlias╟╧┴÷ ╛╩└║ CGI</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#saliasedcgi">ScriptAlias╟╤ CGI</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#dynamic">╡┐└√ │╗┐δ└╗ ╗²╝║╟╧┤┬ ┤┘╕Ñ ╣µ╣²</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#systemsettings">╜├╜║┼█ ╝│┴ñ ║╕╚ú╟╧▒Γ</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#protectserverfiles">▒Γ║╗└√└╕╖╬ ╝¡╣÷┐í └╓┤┬ ╞─└╧ ║╕╚ú╟╧▒Γ</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#watchyourlogs">╖╬▒╫ ╗∞╞∞║╕▒Γ</a></li> </ul></div> <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="section"> <h2><a name="uptodate" id="uptodate">├╓╜┼╞╟└╕╖╬ └»┴÷╟╧▒Γ</a></h2> <p>╛╞╞──í └Ñ╝¡╣÷┤┬ ╛╚└ⁿ░· ║╕╛╚ ╣«┴ª┐í ░ⁿ╜╔└╠ ╕╣└║ ░│╣▀└┌ ░°╡┐├╝╖╬ └»╕φ╟╧┤┘. ▒╫╖»│¬ ┼⌐░╟ └█░╟ ╣▀╟Ñ╚─ ╣▀░▀╡╟┤┬ ╣«┴ª╡Θ└╗ ╟╟╟╥ ╝÷ ╛°┤┘. ▒╫╖í╝¡ ╝╥╟┴╞«┐■╛ε╕ª ├╓╜┼╣÷└ⁿ└╕╖╬ └»┴÷╟╧┤┬ ░═└╠ ┴▀┐Σ╟╧┤┘. ╛╞╞──í┐í╝¡ ┴≈┴ó └Ñ╝¡╣÷╕ª ┤┘┐ε╖╬╡σ╟▀┤┘╕Θ, ╗⌡╖╬┐ε ╣÷└ⁿ░· ║╕╛╚ ╛≈╡Ñ└╠╞«╕ª ╛╦╖┴┴╓┤┬ <a href="http://httpd.apache.org/lists.html#http-announce">╛╞╞──í └Ñ╝¡╣÷ ╣▀╟Ñ ╕▐└╧╕╡╕«╜║╞«</a>╕ª ▒╕╡╢╟╧▒µ ░¡╖┬╚≈ ▒╟╟╤┤┘. ╛╞╞──í ╝╥╟┴╞«┐■╛ε╕ª ╣Φ╞≈╟╧┤┬ ╕╣└║ ┴ª╗∩└┌╡Θ╡╡ ║±╜┴╟╤ ╝¡║±╜║╕ª ┴ª░°╟╤┤┘.</p> <p>╣░╖╨ └Ñ╝¡╣÷ ─┌╡σ╢º╣«┐í └Ñ╝¡╣÷░í ░°░▌└╗ ┤τ╟╧┤┬ ░µ┐∞┤┬ ╕╣┴÷ ╛╩┤┘. ▒╫║╕┤┘ ├▀░í ─┌╡σ, CGI ╜║┼⌐╕│╞«, ╟╧└º ┐ε┐╡├╝┴ª└╟ ╣«┴ª╖╬ ░°░▌└╗ ┤τ╟╧┤┬ ░µ┐∞░í ╕╣┤┘. ▒╫╖»╣╟╖╬ ╟╫╗≤ ┴╓└╟╟╧╕τ ╜├╜║┼█└╟ ╕≡╡τ ╝╥╟┴╞«┐■╛ε╕ª ╛≈╡Ñ└╠╞«╟╪╛▀ ╟╤┤┘.</p> </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="section"> <h2><a name="serverroot" id="serverroot">ServerRoot ╡≡╖║┼Σ╕« ▒╟╟╤</a></h2> <p>║╕┼δ root ╗τ┐δ└┌░í ╛╞╞──í╕ª ╜├└█╟╤ ╚─, ┐Σ├╗└╗ ╝¡║±╜║╟╧▒Γ└º╟╪ <code class="directive"><a href="../mod/mpm_common.html#user">User</a></code> ┴÷╜├╛ε╖╬ ┴÷┴ñ╟╤ ╗τ┐δ└┌╖╬ ║»╚»╟╤┤┘. root░í ╜╟╟α╟╧┤┬ ╕φ╖╔╛ε░í └╓┤┘╕Θ, root └╠┐▄└╟ ╗τ┐δ└┌░í ╝÷┴ñ╟╧┴÷ ╕°╟╧╡╡╖╧ ┴╓└╟╟╪╛▀ ╟╤┤┘. └╠ ╞─└╧╡Θ└╗ root╕╕ ╛╡ ╝÷ └╓╛ε╛▀ ╟╧░φ, ╡≡╖║┼Σ╕«┐═ ╕≡╡τ ╗≤└º╡≡╖║┼Σ╕«╡╡ ╕╢┬∙░í┴÷┤┘. ┐╣╕ª ╡Θ╛ε, ServerRoot╖╬ /usr/local/apache╕ª ╗τ┐δ╟╤┤┘╕Θ root ╗τ┐δ└┌░í ┤┘└╜░· ░░└╠ ╡≡╖║┼Σ╕«╕ª ╕╕╡Θ▒µ ┴ª╛╚╟╤┤┘:</p> <div class="example"><p><code> mkdir /usr/local/apache <br /> cd /usr/local/apache <br /> mkdir bin conf logs <br /> chown 0 . bin conf logs <br /> chgrp 0 . bin conf logs <br /> chmod 755 . bin conf logs </code></p></div> <p>▒╫╖»╕Θ /, /usr, /usr/local └║ root╕╕└╠ ╝÷┴ñ╟╥ ╝÷ └╓┤┘. httpd ╜╟╟α╞─└╧└╗ ╝│─í╟╥╢º ┤┘└╜░· ░░└╠ ║╕╚ú╟╪╛▀ ╟╤┤┘:</p> <div class="example"><p><code> cp httpd /usr/local/apache/bin <br /> chown 0 /usr/local/apache/bin/httpd <br /> chgrp 0 /usr/local/apache/bin/httpd <br /> chmod 511 /usr/local/apache/bin/httpd </code></p></div> <p>htdocs ╟╧└º╡≡╖║┼Σ╕«┤┬ ┤┘╕Ñ ╗τ┐δ└┌╡Θ└╠ ╝÷┴ñ╟╥ ╝÷ └╓╡╡╖╧ ╕╕╡Θ ╝÷ └╓┤┘ -- root┤┬ ▒╫░≈┐í └╓┤┬ ╞─└╧└╗ ╜╟╟α╟╧┴÷╡╡, ╕╕╡Θ┴÷╡╡ ╛╩╛╞╛▀ ╟╤┤┘.</p> <p>root░í ╛╞┤╤ ╗τ┐δ└┌░í root░í ╜╟╟α╟╧░┼│¬ ╛▓▒Γ░í┤╔╟╤ ╞─└╧└╗ ╝÷┴ñ╟╥ ╝÷ └╓┤┘╕Θ ╜├╜║┼█└╟ root ▒╟╟╤└╗ ╚╔─Ñ ╝÷ └╓┤┘. ┐╣╕ª ╡Θ╛ε, ┤⌐▒║░í httpd ╜╟╟α╞─└╧└╗ ║»░µ╟╧┐┤┤┘╕Θ ┤┘└╜╣° ╜├└█╟╥╢º └╙└╟└╟ ─┌╡σ╕ª ╜╟╟α╟╧░╘ ╡╚┤┘. logs ╡≡╖║┼Σ╕«░í (root░í ╛╞┤╤ ╗τ┐δ└┌┐í░╘) ╛▓▒Γ░í┤╔╟╧┤┘╕Θ ┤⌐▒║░í ╖╬▒╫╞─└╧└╗ ┤┘╕Ñ ╜├╜║┼█╞─└╧╖╬ ╜╔║╝╕╡┼⌐╕ª ░╔╛ε╝¡ root░í ╞─└╧┐í └╙└╟└╟ └┌╖ß╕ª ╡ñ╛ε╛╡ ╝÷ └╓┤┘. ╖╬▒╫╞─└╧└╠ (root░í ╛╞┤╤ ╗τ┐δ└┌┐í░╘) ╛▓▒Γ░í┤╔╟╧┤┘╕Θ ┤⌐▒║░í ╖╬▒╫┐í └╠╗≤╟╤ └┌╖ß╕ª ▒Γ╖╧╟╥ ╝÷ └╓┤┘.</p> </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="section"> <h2><a name="ssi" id="ssi">Server Side Includes</a></h2> <p>Server Side Includes (SSI)┤┬ ╝¡╣÷ ░ⁿ╕«└┌┐í░╘ ║╕╛╚╗≤ ╕ε░í┴÷ └ß└τ└√└╬ └º╟Φ└╠┤┘.</p> <p>├╣╣°┬░ └º╟Φ└║ ╝¡╣÷└╟ ║╬╟╧╕ª ┤├╕«┤┬ ┴í└╠┤┘. ╛╞╞──í┤┬ ╞─└╧┐í SSI ┴÷╜├╛ε░í └╓┤┬┴÷ ┐⌐║╬┐═ ░ⁿ░Φ╛°└╠ ╕≡╡τ SSI ╞─└╧└╗ ║╨╝«╟╪╛▀ ╟╤┤┘. ┴╢▒▌ ║╬╟╧░í ┤├┴÷╕╕, ╝¡╣÷╕ª ┐⌐╖» ╗τ╢≈└╠ ░░└╠ ╗τ┐δ╟╧┤┬ ╚»░µ┐í╝¡┤┬ ╜╔░ó╟╥ ╝÷ └╓┤┘.</p> <p>╢╟, SSI ╞─└╧└║ └╧╣▌└√└╬ CGI ╜║┼⌐╕│╞«┐═ ╡┐└╧╟╤ └º╟Φ└╗ ░í┴°┤┘. SSI ╞─└╧┐í╝¡ "exec cmd"╕ª ╗τ┐δ╟╧╕Θ httpd.conf┐í╝¡ ╛╞╞──í╕ª ╜╟╟α╟╧╡╡╖╧ ╝│┴ñ╟╤ ╗τ┐δ└┌┐═ ▒╫╖∞ ▒╟╟╤└╕╖╬ CGI ╜║┼⌐╕│╞«│¬ ╟┴╖╬▒╫╖Ñ└╗ ╜╟╟α╟╥ ╝÷ └╓┤┘.</p> <p>└σ┴í└╗ ╚░┐δ╟╧╕Θ╝¡ SSI ╞─└╧└╟ ║╕╛╚└╗ ╟Γ╗≤╜├┼░┤┬ ╣µ╣²└╠ └╓┤┘.</p> <p>SSI ╞─└╧└╠ ░í┴«┐├ ╝÷ └╓┤┬ ╟╟╟╪╕ª ░▌╕«╟╧▒Γ└º╟╪ ╝¡╣÷░ⁿ╕«└┌┤┬ <a href="#cgi">└╧╣▌└√└╬ CGI</a> └²┐í╝¡ ╝│╕φ╟╧┤┬ ╣µ╣²└╕╖╬ <a href="../suexec.html">suexec</a>╕ª ╗τ┐δ╟╥ ╝÷ └╓┤┘</p> <p>.html└╠│¬ .htm ╚«└σ└┌╕ª SSI ╞─└╧╖╬ ╗τ┐δ╟╧┤┬ ░═└║ └º╟Φ╟╧┤┘. ╞»╚≈ ┐⌐╖» ╗τ╢≈└╠ ░°└»╟╧░┼│¬ ┼δ╜┼╖«└╠ ╕╣└║ ╝¡╣÷ ╚»░µ┐í╝¡ └º╟Φ╟╧┤┘. SSI ╞─└╧└║ └╧╣▌└√└╕╖╬ ╕╣└╠ ╗τ┐δ╟╧┤┬ .shtml ░░└║ ║░╡╡└╟ ╚«└σ└┌╕ª ░í┴«╛▀ ╟╤┤┘. ▒╫╖»╕Θ ╝¡╣÷ ║╬╟╧╕ª ├╓╝╥╚¡╟╧░φ └º╟Φ┐Σ╝╥╕ª ╜▒░╘ ░ⁿ╕«╟╥ ╝÷ └╓┤┘.</p> <p>┤┘╕Ñ ╣µ╣²└║ SSI ╞Σ└╠┴÷░í ╜║┼⌐╕│╞«│¬ ╟┴╖╬▒╫╖Ñ└╗ ╜╟╟α╟╧┴÷ ╕°╟╧╡╡╖╧ ╕╕╡σ┤┬ ░═└╠┤┘. <code class="directive"><a href="../mod/core.html#options">Options</a></code> ┴÷╜├╛ε┐í╝¡ <code>Includes</code> ┤δ╜┼ <code>IncludesNOEXEC</code>╕ª ╗τ┐δ╟╤┤┘. ▒╫╖í╡╡ ╜║┼⌐╕│╞«░í <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code> ┴÷╜├╛ε╖╬ ┴÷┴ñ╟╤ ╡≡╖║┼Σ╕«┐í └╓┤┘╕Θ <--#include virtual="..." -->╕ª ╗τ┐δ╟╧┐⌐ CGI ╜║┼⌐╕│╞«╕ª ╜╟╟α╟╥ ╝÷ └╓└╜└╗ ┴╓└╟╟╧╢≤.</p> </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="section"> <h2><a name="cgi" id="cgi">└╧╣▌└√└╬ CGI</a></h2> <p>░ß▒╣ ┤τ╜┼└║ ╟╫╗≤ CGI ╜║┼⌐╕│╞«/╟┴╖╬▒╫╖Ñ└╟ └·└┌╕ª ╜┼╖┌╟╪╛▀ ╟╧░φ, ░φ└╟░╟ ╜╟╝÷└╠░╟ CGI└╟ └ß└τ└√└╬ ║╕╛╚╗≤ ╟π┴í└╗ ╣▀░▀╟╥ ╝÷ └╓╛ε╛▀ ╟╤┤┘. ▒Γ║╗└√└╕╖╬ CGI ╜║┼⌐╕│╞«┤┬ └Ñ╝¡╣÷ ╗τ┐δ└┌ ▒╟╟╤└╕╖╬ ╜├╜║┼█┐í╝¡ ╛ε╢▓ ╕φ╖╔╛ε╢≤╡╡ ╜╟╟α╟╥ ╝÷ └╓▒Γ╢º╣«┐í ┴╓└╟└╓░╘ ╚«└╬╟╧┴÷ ╛╩└╕╕Θ ╕┼┐∞ └º╟Φ╟╧┤┘.</p> <p>╕≡╡τ CGI ╜║┼⌐╕│╞«░í ░░└║ ╗τ┐δ└┌╖╬ ╜╟╟α╡╟▒Γ╢º╣«┐í ┤┘╕Ñ ╜║┼⌐╕│╞«┐═ (░φ└╟░╟ ╜╟╝÷└╠░╟) ├µ╡╣╟╥ ░í┤╔╝║└╠ └╓┤┘. ┐╣╕ª ╡Θ╛ε, ╗τ┐δ└┌ A┤┬ ╗τ┐δ└┌ B╕ª ╕┼┐∞ ╜╚╛ε╟╧┐⌐, ╗τ┐δ└┌ B└╟ CGI ╡Ñ└╠┼═║ú└╠╜║╕ª ┴÷┐÷╣÷╕«┤┬ ╜║┼⌐╕│╞«╕ª └█╝║╟╥ ╝÷ └╓┤┘. ╛╞╞──í 1.2 ╣÷└ⁿ║╬┼═ ╞≈╟╘╡╟╛·░φ ╛╞╞──í ╝¡╣÷┐í╝¡ ╞»║░╟╤ ╚┼(hook)└╕╖╬ ╡┐└█╟╧┤┬ <a href="../suexec.html">suEXEC</a>┤┬ ╜║┼⌐╕│╞«╕ª ┤┘╕Ñ ╗τ┐δ└┌╖╬ ╜╟╟α╟╧┤┬ ╣µ╣²┴▀ ╟╧│¬┤┘. ┤┘╕Ñ ┤δ┴▀└√└╬ ╣µ╣²┐í┤┬ <a href="http://cgiwrap.unixtools.org/">CGIWrap</a>└╠ └╓┤┘.</p> </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="section"> <h2><a name="nsaliasedcgi" id="nsaliasedcgi">ScriptAlias╟╧┴÷ ╛╩└║ CGI</a></h2> <p>┤┘└╜ ┴╢░╟└╗ ╕╕┴╖╟╥╢º╕╕ ╗τ┐δ└┌░í ╛ε╢▓ ╡≡╖║┼Σ╕«┐í╝¡╢≤╡╡ CGI ╜║┼⌐╕│╞«╕ª ╜╟╟α╟╧╡╡╖╧ ╟π┐δ╟╥ ╝÷ └╓┤┘:</p> <ul> <li>┤τ╜┼└║ ░φ└╟░╟ ╜╟╝÷└╠░╟ ╗τ┐δ└┌░í ╜├╜║┼█└╗ ░°░▌┐í │δ├Γ╜├┼░┤┬ ╜║┼⌐╕│╞«╕ª └█╝║╟╧┴÷ ╛╩┤┬┤┘░φ ╣╧┤┬┤┘.</li> <li>╜├╜║┼█└╟ ┤┘╕Ñ ║╬║╨└╟ ║╕╛╚└╠ ╛α╟╪╝¡, └ß└τ└√└╬ ╟π┴í└╗ ╟╧│¬ ┤⌡ ╕╕╡Θ╛ε╡╡ │¬║ⁿ┴· ░═└╠ ╛°┤┘░φ ╗²░ó╟╧┤┬ ░µ┐∞.</li> <li>╗τ┐δ└┌░í ╛°░φ, ╛╞╕╢ ╛╞╣½╡╡ ╝¡╣÷╕ª ╣µ╣«╟╧┴÷╛╩┤┬ ░µ┐∞.</li> </ul> </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="section"> <h2><a name="saliasedcgi" id="saliasedcgi">ScriptAlias╟╤ CGI</a></h2> <p>╞»┴ñ ╡≡╖║┼Σ╕«┐í╝¡╕╕ CGI╕ª ╜╟╟α╟╥ ╝÷ └╓╡╡╖╧ ┴ª╟╤╟╧╕Θ ░ⁿ╕«└┌┤┬ └╠╡Θ ╡≡╖║┼Σ╕«╕ª ┼δ┴ª╟╥ ╝÷ └╓┤┘. └╠ ░µ┐∞┤┬ scriptalias╟╧┴÷ ╛╩└║ CGI║╕┤┘ ╚«╜╟╚≈ ╛╚└ⁿ╟╧┤┘. ┤▄, ╜┼╖┌╟╧┤┬ ╗τ┐δ└┌╕╕ ╡≡╖║┼Σ╕«┐í ┴ó▒┘╟╥ ╝÷ └╓░φ, ░ⁿ╕«└┌░í ╗⌡╖╬┐ε CGI ╜║┼⌐╕│╞«/╟┴╖╬▒╫╖Ñ└╟ └ß└τ└√└╬ ║╕╛╚╗≤ ╟π┴í└╗ ░╦╗τ╟╥ ┐δ└╠░í └╓┤┘╕Θ.</p> <p>┤δ║╬║╨└╟ ╗τ└╠╞«┤┬ scriptalias╟╧┴÷ ╛╩└║ CGI ╣µ╜─ ┤δ╜┼ └╠ ╣µ╜─└╗ ╗τ┐δ╟╤┤┘.</p> </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="section"> <h2><a name="dynamic" id="dynamic">╡┐└√ │╗┐δ└╗ ╗²╝║╟╧┤┬ ┤┘╕Ñ ╣µ╣²</a></h2> <p> mod_php, mod_perl, mod_tcl, mod_python ░░└╠ ╝¡╣÷└╟ └╧║╬╖╬ ╡┐└█╟╧┤┬ └╙║ú╡≡╡σ ╜║┼⌐╕│╞«┤┬ ╝¡╣÷┐═ ░░└║ ╗τ┐δ└┌╖╬ (<code class="directive"><a href="../mod/mpm_common.html#user">User</a></code> ┴÷╜├╛ε ┬ⁿ░φ) ╜╟╟α╡╟▒Γ╢º╣«┐í, ╜║┼⌐╕│╞« ┐ú┴°└╠ ╜╟╟α╟╧┤┬ ╜║┼⌐╕│╞«┤┬ └ß└τ└√└╕╖╬ ╝¡╣÷ ╗τ┐δ└┌░í ┴ó▒┘╟╥ ╝÷ └╓┤┬ ╕≡╡τ ░═┐í ┴ó▒┘╟╥ ╝÷ └╓┤┘. ╛ε╢▓ ╜║┼⌐╕│╞« ┐ú┴°└║ ╛ε┤└┴ñ╡╡ ┴ª╟╤└╗ ╟╧┴÷╕╕, ╛╚└ⁿ╟╧┤┘░φ ░í┴ñ╟╧┴÷ ╛╩┤┬ ░═└╠ ┴┴┤┘.</p> </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="section"> <h2><a name="systemsettings" id="systemsettings">╜├╜║┼█ ╝│┴ñ ║╕╚ú╟╧▒Γ</a></h2> <p>┴ñ╕╗╖╬ ╛╚└ⁿ╟╤ ╝¡╣÷╕ª ┐ε┐╡╟╧╖┴╕Θ ╗τ┐δ└┌░í <code>.htaccess</code> ╞─└╧└╗ ╗τ┐δ╟╧┐⌐ ┤τ╜┼└╠ ╝│┴ñ╟╤ ║╕╛╚▒Γ┤╔└╗ ║»░µ╟╧▒µ ╣┘╢≤┴÷ ╛╩└╗ ░═└╠┤┘. ▒╫╖»▒Γ└º╟╪ ┤┘└╜░· ░░└║ ╣µ╣²└╠ └╓┤┘.</p> <p>╝¡╣÷ ╝│┴ñ╞─└╧┐í ┤┘└╜└╗ ├▀░í╟╤┤┘</p> <div class="example"><p><code> <Directory /> <br /> AllowOverride None <br /> </Directory> </code></p></div> <p>▒╫╖»╕Θ ╗τ┐δ░í┤╔╟╧╡╡╖╧ ╕φ╜├└√└╕╖╬ ╟π┐δ╟╤ ╡≡╖║┼Σ╕«╕ª ┴ª┐▄╟╧░φ┤┬ <code>.htaccess</code> ╞─└╧└╗ ╗τ┐δ╟╥ ╝÷ ╛°┤┘.</p> </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="section"> <h2><a name="protectserverfiles" id="protectserverfiles">▒Γ║╗└√└╕╖╬ ╝¡╣÷┐í └╓┤┬ ╞─└╧ ║╕╚ú╟╧▒Γ</a></h2> <p>╗τ╢≈╡Θ└║ ┴╛┴╛ ╛╞╞──í└╟ ▒Γ║╗ ┴ó▒┘┐í ┤δ╟╪ └▀╕° ╛╦░φ└╓┤┘. ┴∩, ╝¡╣÷░í └╧╣▌└√└╬ URL ┤δ└└ ▒╘─ó└╗ ╗τ┐δ╟╧┐⌐ ╞─└╧└╗ ├ú└╗ ╝÷ └╓┤┘╕Θ, ╞»║░╚≈ ┴╢─í╕ª ╟╧┴÷ ╛╩┤┬╟╤ ┼¼╢≤└╠╛≡╞«┐í░╘ ╞─└╧└╠ ╝¡║±╜║╡╔ ╝÷ └╓┤┘.</p> <p>┐╣╕ª ╡Θ╛ε, ╛╞╖í┐═ ░░└║ ░µ┐∞:</p> <div class="example"><p><code> # cd /; ln -s / public_html <br /> <code>http://localhost/~root/</code> ┐í ┴ó▒┘╟╤┤┘ </code></p></div> <p>▒╫╖»╕Θ ┼¼╢≤└╠╛≡╞«┤┬ └ⁿ├╝ ╞─└╧╜├╜║┼█└╗ ╡╣╛╞┤┘┤╥ ╝÷ └╓┤┘. └╠╕ª ╕╖▒Γ└º╟╪ ╝¡╣÷╝│┴ñ┐í╝¡ ┤┘└╜░· ░░└║ ┴╢─í╕ª ╟╤┤┘:</p> <div class="example"><p><code> <Directory /> <br /> Order Deny,Allow <br /> Deny from all <br /> </Directory> </code></p></div> <p>▒╫╖»╕Θ ╞─└╧╜├╜║┼█ └º─í┐í ┤δ╟╪ ▒Γ║╗ ┴ó▒┘└╠ ░┼║╬╡╚┤┘. ┐°╟╧┤┬ ┐╡┐¬┐í ┴ó▒┘╟╥ ╝÷ └╓╡╡╖╧ ┤┘└╜░· ░░└║ <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> ║φ╖╧└╗ ├▀░í╟╤┤┘.</p> <div class="example"><p><code> <Directory /usr/users/*/public_html> <br /> Order Deny,Allow <br /> Allow from all <br /> </Directory> <br /> <Directory /usr/local/httpd> <br /> Order Deny,Allow <br /> Allow from all <br /> </Directory> </code></p></div> <p><code class="directive"><a href="../mod/core.html#location">Location</a></code>░· <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> ┴÷╜├╛ε╕ª ░░└╠ ╗τ┐δ╟╧┤┬ ░µ┐∞ ╞»║░╚≈ ┴╓└╟╕ª ▒Γ┐∩┐⌐╢≤. ┐╣╕ª ╡Θ╛ε, <code><Directory /></code>░í ┴ó▒┘└╗ ░┼║╬╟╧┤⌡╢≤╡╡ <code><Location /></code> ┴÷╜├╛ε░í └╠╕ª ╣½╜├╟╥ ╝÷ └╓┤┘</p> <p><code class="directive"><a href="../mod/mod_userdir.html#userdir">UserDir</a></code> ┴÷╜├╛ε╕ª ╗τ┐δ╟╧┤┬ ░µ┐∞┐í╡╡ ┴╓└╟╟╧╢≤. ┴÷╜├╛ε╕ª "./" ░░└╠ ╝│┴ñ╟╧╕Θ root ╗τ┐δ└┌┐í ┤δ╟╪ ╣┘╖╬ └º└╟ ░µ┐∞┐═ ░░└║ ╣«┴ª░í ╣▀╗²╟╤┤┘. ╛╞╞──í 1.3 └╠╗≤└╗ ╗τ┐δ╟╤┤┘╕Θ ╝¡╣÷ ╝│┴ñ╞─└╧┐í ╛╞╖í ┴┘└╗ ├▀░í╟╧▒µ ░¡╖┬╚≈ ▒╟╟╤┤┘:</p> <div class="example"><p><code> UserDir disabled root </code></p></div> </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="section"> <h2><a name="watchyourlogs" id="watchyourlogs">╖╬▒╫ ╗∞╞∞║╕▒Γ</a></h2> <p>╜╟┴ª╖╬ ╝¡╣÷┐í╝¡ ╣½╜╝ └╧└╠ └╓╛ε│¬░φ └╓┤┬┴÷ ╛╦╖┴╕Θ <a href="../logs.html">╖╬▒╫╞─└╧</a>└╗ ╗∞╞∞║┴╛▀ ╟╤┤┘. ╖╬▒╫╞─└╧└║ └╠╣╠ └╧╛ε│¡ └╧╕╕└╗ ║╕░φ╟╧┴÷╕╕, ╝¡╣÷┐í ╛ε╢▓ ░°░▌└╠ └╓╛·┤┬┴÷ ╛╦╖┴┴╓░φ ╟÷└τ ╟╩┐Σ╟╤ ╕╕┼¡ ╛╚└ⁿ╟╤┴÷ ╚«└╬╟╧░╘ ╟╪┴╪┤┘.</p> <p>┐⌐╖»░í┴÷ ┐╣:</p> <div class="example"><p><code> grep -c "/jsp/source.jsp?/jsp/ /jsp/source.jsp??" access_log <br /> grep "client denied" error_log | tail -n 10 </code></p></div> <p>├╣╣°┬░ ┐╣┤┬ <a href="http://online.securityfocus.com/bid/4876/info/">└▀╕°╡╚ Source.JSP ┐Σ├╗└╕╖╬ ╝¡╣÷┴ñ║╕╕ª ╛╦╛╞│╛ ╝÷ └╓┤┬ Tomcat└╟ ├δ╛α┴í</a>╕ª └╠┐δ╟╧╖┴┤┬ ░°░▌ ╚╜╝÷╕ª ╛╦╖┴┴╓░φ, ╡╬╣°┬░ ┐╣┤┬ ┴ó▒┘└╠ ░┼║╬╡╚ ├╓▒┘ ┼¼╢≤└╠╛≡╞« 10░│╕ª ┤┘└╜░· ░░└╠ ║╕┐⌐┴╪┤┘:</p> <div class="example"><p><code> [Thu Jul 11 17:18:39 2002] [error] [client foo.bar.com] client denied by server configuration: /usr/local/apache/htdocs/.htpasswd </code></p></div> <p>└▀ ╛╦ ╡φ└╠ ╖╬▒╫╞─└╧└║ └╠╣╠ ╣▀╗²╟╤ ╗τ░╟╕╕└╗ ║╕░φ╟╤┤┘. ▒╫╖í╝¡ ┼¼╢≤└╠╛≡╞«░í <code>.htpasswd</code> ╞─└╧┐í ┴ó▒┘╟╥ ╝÷ └╓╛·┤┘╕Θ <a href="../logs.html#accesslog">┴ó▒┘ ╖╬▒╫</a>┐í ┤┘└╜░· ░░└║ ▒Γ╖╧└╠ │▓└╗ ░═└╠┤┘:</p> <div class="example"><p><code> foo.bar.com - - [12/Jul/2002:01:59:13 +0200] "GET /.htpasswd HTTP/1.1" </code></p></div> <p>┴∩, ┤τ╜┼└║ ╝¡╣÷ ╝│┴ñ╞─└╧┐í╝¡ ┤┘└╜ ║╬║╨└╗ ┴╓╝«├│╕«╟▀└╗ ░═└╠┤┘:</p> <div class="example"><p><code> <Files ~ "^\.ht"> <br /> Order allow,deny <br /> Deny from all <br /> <Files> </code></p></div> </div></div> <div class="bottomlang"> <p><span>░í┤╔╟╤ ╛≡╛ε: </span><a href="../en/misc/security_tips.html" hreflang="en" rel="alternate" title="English"> en </a> | <a href="../ko/misc/security_tips.html" title="Korean"> ko </a></p> </div><div id="footer"> <p class="apache">Copyright 1999-2004 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> <p class="menu"><a href="../mod/">╕≡╡Γ</a> | <a href="../mod/directives.html">┴÷╜├╛ε╡Θ</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">┐δ╛ε</a> | <a href="../sitemap.html">╗τ└╠╞«╕╩</a></p></div> </body></html>