Apache HTTP版本漏洞
<p>如图所示:出现此类漏洞,查看详情描述中受影响版本范围
<img src="http://60.191.64.5:16100/server/index.php?s=/api/attachment/visitFile/sign/44a509b93905bb0b76460cf626c15e2a" alt="" /></p>
<h2>解决方案:</h2>
<p><strong>升级httpd2.4.52及以上</strong></p>
<h4>1.先查看httpd版本</h4>
<p>apachectl -v或者httpd -v
<img src="http://60.191.64.5:16100/server/index.php?s=/api/attachment/visitFile/sign/ae26a083d157231f0150940380e51df4" alt="" /></p>
<h4>2.卸载原有httpd</h4>
<p>rpm -qa|grep httpd
<img src="http://60.191.64.5:16100/server/index.php?s=/api/attachment/visitFile/sign/d25a1375b4a3f4c1277a496a0b683049" alt="" />
yum remove -y httpd-2.4.6-97.el7.centos.x86_64
yum remove -y httpd-tools-2.4.6-97.el7.centos.x86_64</p>
<h4>3.上传安装包apr、apr-util、httpd安装包至服务器/risen/soft/workspace下</h4>
<p>[点击下载httpd安装包](<a href="http://101.69.243.254:5010/files/%E5%AE%9E%E6%96%BD%E8%BD%AF%E4%BB%B6%E5%AE%89%E8%A3%85%E5%8C%85/httpd/linux%E7%89%88/">http://101.69.243.254:5010/files/%E5%AE%9E%E6%96%BD%E8%BD%AF%E4%BB%B6%E5%AE%89%E8%A3%85%E5%8C%85/httpd/linux%E7%89%88/</a> "点击下载httpd安装包")</p>
<h4>4.解压安装包</h4>
<p>tar -xvf apr-1.7.0.tar.gz
tar -xvf apr-util-1.6.1.tar.gz
tar -xvf httpd-2.4.52.tar.gz</p>
<h4>5.安装编译apr</h4>
<p>cd apr-1.7.0/
./configure --prefix=/usr/local/apr
<img src="http://60.191.64.5:16100/server/index.php?s=/api/attachment/visitFile/sign/98587846aac0ef24b07f28324ce0389f" alt="" />
make && make install
<img src="http://60.191.64.5:16100/server/index.php?s=/api/attachment/visitFile/sign/1ca9f31dcfe25577c122495180ec0b1e" alt="" />
编译过程没有出错,则执行下一步</p>
<h4>6.安装编译apr-util</h4>
<p>cd apr-util-1.6.1/
./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr/bin/apr-1-config
<img src="http://60.191.64.5:16100/server/index.php?s=/api/attachment/visitFile/sign/9656b418fb77a9599caefa5db7da5a8d" alt="" />
make && make install
<img src="http://60.191.64.5:16100/server/index.php?s=/api/attachment/visitFile/sign/9cd712ed6762845196d2ef1946349b81" alt="" />
编译过程中如果出现以下错误
<img src="http://60.191.64.5:16100/server/index.php?s=/api/attachment/visitFile/sign/e5f4a943007b0c25d1bf473c84fe88e6" alt="" />
则是确实expat-devel依赖,安装即可
yum install -y expat-devel
安装完以后重新执行./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr/bin/apr-1-config和make && make install</p>
<h4>7.安装编译httpd</h4>
<p>cd ../httpd-2.4.52
./configure --prefix=/usr/local/apache2 --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util/
<img src="http://60.191.64.5:16100/server/index.php?s=/api/attachment/visitFile/sign/8344a31f184d9ec70d4dd66d52e60183" alt="" />
make && make install
<img src="http://60.191.64.5:16100/server/index.php?s=/api/attachment/visitFile/sign/a424f573bc56219fb1a4f890df5c4fee" alt="" />
8.更改httpd配置
cd /usr/local/apache2/
Vim conf/httpd.conf
<img src="http://60.191.64.5:16100/server/index.php?s=/api/attachment/visitFile/sign/7b32764d5533aa2feb4da8978cb507cd" alt="" />
保存退出
启动httpd
/usr/local/apache2/bin/apachectl start
查看httpd服务是否启动成功
ps -ef |grep httpd
<img src="http://60.191.64.5:16100/server/index.php?s=/api/attachment/visitFile/sign/c5b19a5c0103242c9e3e0e6deda5abcd" alt="" />
查看httpd版本
/usr/local/apache2/bin/apachectl -v
<img src="http://60.191.64.5:16100/server/index.php?s=/api/attachment/visitFile/sign/ba6e2cc92c03d619700b2872ba93bc8c" alt="" /></p>