配置apache url过滤正则表达式匹配

ProxyPassMatch Directive
Description: Maps remote servers into the local server URL-space using regular expressions

Syntax: ProxyPassMatch [regex] !|url [key=value [key=value …]]

Context: server config, virtual host, directory

Status: Extension

Module: mod_proxy

Compatibility: available in Apache 2.2.5 and later

This directive is equivalent to ProxyPass but makes use of regular expressions instead of simple prefix matching. The supplied regular expression is matched against the url, and if it matches, the server will substitute any parenthesized matches into the given string and use it as a new url.
Suppose the local server has address http://example.com/; then
ProxyPassMatch ^(/.*\.gif)$ http://backend.example.com$1

will cause a local request for http://example.com/foo/bar.gif to be internally converted into a proxy request to http://backend.example.com/foo/bar.gif.
Note

The URL argument must be parsable as a URL before regexp substitutions (as well as after). This limits the matches you can use. For instance, if we had used

ProxyPassMatch ^(/.*\.gif)$ http://backend.example.com:8000$1

in our previous example, it would fail with a syntax error at server startup. This is a bug (PR 46665 in the ASF bugzilla), and the workaround is to reformulate the match:

ProxyPassMatch ^/(.*\.gif)$ http://backend.example.com:8000/$1

The ! directive is useful in situations where you don’t want to reverse-proxy a subdirectory.
例子

负载均衡下linux建立链接失败的问题

该问题可能与linux的操作系统参数tcp_tw_recycle和tcp_timestamps有关系,理论的解释如下:

如下为tcpip握手部分的linux源码:
if (tmp_opt.saw_tstamp &&
tcp_death_row.sysctl_tw_recycle &&
(dst = inet_csk_route_req(sk, req)) != NULL &&
(peer = rt_get_peer((struct rtable *)dst)) != NULL &&
peer->v4daddr == saddr) {
if (get_seconds() < peer->tcp_ts_stamp + TCP_PAWS_MSL &&
(s32)(peer->tcp_ts – req->ts_recent) >
TCP_PAWS_WINDOW) {
NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_PAWSPASSIVEREJECTED);
goto drop_and_release;
}
}
tmp_opt.saw_tstamp:该socket支持tcp_timestamp
sysctl_tw_recycle:本机系统开启tcp_tw_recycle选项
TCP_PAWS_MSL:60s,该条件判断表示该源ip的上次tcp通讯发生在60s内
TCP_PAWS_WINDOW:该条件判断表示该源ip的上次tcp通讯的timestamp 大于本次tcp

LINUX当前的参数设置为tcp_tw_recycle=1, tcp_timestamps=1,在这种配置下,如果后一个SYN的timestamp属性比前一个SYN的要小,LINUX就不会为后一个SYN发送ACK,导致问题现象。

这就能解释为什么本地服务器的syn包有时候已经到对方没有回报文,有时候有时好的,导致不能建立链接。

建议的的方案:
1、 先把临时上线的两台测试服务器的操作系统参数修改tcp_timestamps关闭,tcp_tw_recycle修改为打开,切换防火墙验证是否可行
具体操作:
echo 1 > /proc/sys/net/ipv4/tcp_tw_recycle
echo 0 > /proc/sys/net/ipv4/tcp_timestamps

wordpress更新域名后不可访问的处理办法

1、登录wordpress所在的服务器
2、连接wordpress数据库
select * from wp_options where option_value like '%vm-image%';
3、更新siteurl和home字段对应的信息:
update wp_options set option_value='http://judexie.com' where option_id=1;
update wp_options set option_value='http://judexie.com' where option_id=2;

4、检查已经更新正确
select * from wp_options where option_value like '%vm-image%';
select * from wp_options where option_value like '%jude%';

5、重新管理浏览器登录后确认修改正确