Belie

ㅇ 도커 그룹 계정 확인

[root@localhost vulninsp]# cat /etc/group | grep docker
docker:x:982:vulninsp

ㅇ 도커버전 확인하기
[root@localhost Desktop]# docker version
Client: Docker Engine - Community
 Version:           20.10.16
 API version:       1.41
 Go version:        go1.17.10
 Git commit:        aa7e414
 Built:             Thu May 12 09:19:45 2022
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.16
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.17.10
  Git commit:       f756502
  Built:            Thu May 12 09:18:08 2022
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.4
  GitCommit:        212e8b6fa2f44b9c21b2798135fc6fb7c53efc16
 runc:
  Version:          1.1.1
  GitCommit:        v1.1.1-0-g52de29d
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0


ㅇ 도커 상태 확인하기
[root@localhost vulninsp]# sudo systemctl status docker
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
   Active: active (running) since 월 2022-05-16 20:51:05 KST; 1min 35s ago
     Docs: https://docs.docker.com
 Main PID: 85039 (dockerd)
    Tasks: 7
   Memory: 57.8M
   CGroup: /system.slice/docker.service
           └─85039 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

 5월 16 20:51:04 localhost.localdomain dockerd[85039]: time="2022-05-16T20:51:04.314495166+09:00" level=info ...grpc
 5월 16 20:51:04 localhost.localdomain dockerd[85039]: time="2022-05-16T20:51:04.314500646+09:00" level=info ...grpc
 5월 16 20:51:04 localhost.localdomain dockerd[85039]: time="2022-05-16T20:51:04.337640072+09:00" level=info ...rt."
 5월 16 20:51:04 localhost.localdomain dockerd[85039]: time="2022-05-16T20:51:04.967537486+09:00" level=info ...ess"
 5월 16 20:51:05 localhost.localdomain dockerd[85039]: time="2022-05-16T20:51:05.066402652+09:00" level=info ...ing"
 5월 16 20:51:05 localhost.localdomain dockerd[85039]: time="2022-05-16T20:51:05.114139274+09:00" level=info ...ne."
 5월 16 20:51:05 localhost.localdomain dockerd[85039]: time="2022-05-16T20:51:05.152550449+09:00" level=info ...0.16
 5월 16 20:51:05 localhost.localdomain dockerd[85039]: time="2022-05-16T20:51:05.156610072+09:00" level=info ...ion"
 5월 16 20:51:05 localhost.localdomain systemd[1]: Started Docker Application Container Engine.
 5월 16 20:51:05 localhost.localdomain dockerd[85039]: time="2022-05-16T20:51:05.175801889+09:00" level=info ...ock"
Hint: Some lines were ellipsized, use -l to show in full.


ㅇ 설치된 도커 이미지 확인
[root@localhost vulninsp]# docker images
REPOSITORY   TAG       IMAGE ID       CREATED      SIZE
httpd        latest    c58ef9bfbb57   5 days ago   144MB

ㅇ 리눅스 브리지 확인 명령어
[root@localhost webdata]# brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.0242613f2156 no vethca119f4
virbr0 8000.525400a24e2c yes virbr0-nic

ㅇ 인터페이스별 ip확인 명령어
[root@localhost webdata]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:b2:4b:09 brd ff:ff:ff:ff:ff:ff
    inet 192.168.32.129/24 brd 192.168.32.255 scope global noprefixroute dynamic ens33
       valid_lft 1597sec preferred_lft 1597sec
    inet6 fe80::e3df:acdb:2665:b9b3/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: virbr0: <BROADCAST,MULTICAST> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:a2:4e:2c brd ff:ff:ff:ff:ff:ff
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:a2:4e:2c brd ff:ff:ff:ff:ff:ff
5: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:61:3f:21:56 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:61ff:fe3f:2156/64 scope link 
       valid_lft forever preferred_lft forever
21: vethca119f4@if20: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default 
    link/ether 16:90:70:ef:5f:e8 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::1490:70ff:feef:5fe8/64 scope link 
       valid_lft forever preferred_lft forever

ㅇ docker ps -a
- 실행 상태의 컨테이너 상태 보기
  -a, --all             stop된 컨테이너까지 모두 보기
  -q, --quiet           컨테이너 ID만 표시
      --no-trunc        정보를 생략하지 않고 표시

[root@localhost webdata]# docker ps --no-trunc -q -a
9ab08bee69df7e8eecb80591481d1c20aaa3c468e226b754a7cd7fb71310dfff
d99a427d1c1982b97149f8c660c6c9c540ea2fa50f0111fdb6e88bc493ad93de
79065ea6ac74cbb60bb44e81f2575faf82ceb196624c10bce9dd50ba451ba081
6ccbf7837a4628b1ac8674c7ab76151441d5b1095f7791318cef3190ac0f5f54
65a8eb2f1827f1fccb38fbc6f3c5728be8ee273c689c5bd408b5ceb8494739b7
e4bc6d859c34230261111761232a0477fb9e9bc9afffee1fd54745911a790246
e635400312b526f6fc6be5d5db0811a264adf8741c4d4870eb1b92e8d5ebc9fa
b11b4b8e87cf6dcbc355cfd2aea48ff46b0296ebda5d27d7b1ab0ff07de585fc


ㅇ docker inspect [컨테이너명]
- 컨테이너 상세 정보 확인

[root@localhost webdata]# docker inspect 9ab08bee69df7e8eecb80591481d1c20aaa3c468e226b754a7cd7fb71310dfff
[
    {
        "Id": "9ab08bee69df7e8eecb80591481d1c20aaa3c468e226b754a7cd7fb71310dfff",
        "Created": "2022-05-16T12:46:31.92991461Z",
        "Path": "httpd-foreground",
        "Args": [],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 92187,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2022-05-16T12:46:32.681279154Z",
            "FinishedAt": "0001-01-01T00:00:00Z"
        },
        "Image": "sha256:c58ef9bfbb5789a9882cee610ba778b1368d21b513d6caf32e3075542e13fe81",
        "ResolvConfPath": "/var/lib/docker/containers/9ab08bee69df7e8eecb80591481d1c20aaa3c468e226b754a7cd7fb71310dfff/resolv.conf",
        "HostnamePath": "/var/lib/docker/containers/9ab08bee69df7e8eecb80591481d1c20aaa3c468e226b754a7cd7fb71310dfff/hostname",
        "HostsPath": "/var/lib/docker/containers/9ab08bee69df7e8eecb80591481d1c20aaa3c468e226b754a7cd7fb71310dfff/hosts",
        "LogPath": "/var/lib/docker/containers/9ab08bee69df7e8eecb80591481d1c20aaa3c468e226b754a7cd7fb71310dfff/9ab08bee69df7e8eecb80591481d1c20aaa3c468e226b754a7cd7fb71310dfff-json.log",
        "Name": "/vibrant_mcnulty",
        "RestartCount": 0,
        "Driver": "overlay2",
        "Platform": "linux",
        "MountLabel": "",
        "ProcessLabel": "",
        "AppArmorProfile": "",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": [
                "/var/webdata:/usr/local/apache2/htdocs"
            ],
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "json-file",
                "Config": {}
            },
            "NetworkMode": "default",
            "PortBindings": {
                "80/tcp": [
                    {
                        "HostIp": "",
                        "HostPort": "8080"
                    }
                ]
            },
            "RestartPolicy": {
                "Name": "no",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": null,
            "CapAdd": null,
            "CapDrop": null,
            "CgroupnsMode": "host",
            "Dns": [],
            "DnsOptions": [],
            "DnsSearch": [],
            "ExtraHosts": null,
            "GroupAdd": null,
            "IpcMode": "private",
            "Cgroup": "",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "Privileged": false,
            "PublishAllPorts": false,
            "ReadonlyRootfs": false,
            "SecurityOpt": null,
            "UTSMode": "",
            "UsernsMode": "",
            "ShmSize": 67108864,
            "Runtime": "runc",
            "ConsoleSize": [
                0,
                0
            ],
            "Isolation": "",
            "CpuShares": 0,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": [],
            "BlkioDeviceReadBps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteIOps": null,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": [],
            "DeviceCgroupRules": null,
            "DeviceRequests": null,
            "KernelMemory": 0,
            "KernelMemoryTCP": 0,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": null,
            "OomKillDisable": false,
            "PidsLimit": null,
            "Ulimits": null,
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0,
            "MaskedPaths": [
                "/proc/asound",
                "/proc/acpi",
                "/proc/kcore",
                "/proc/keys",
                "/proc/latency_stats",
                "/proc/timer_list",
                "/proc/timer_stats",
                "/proc/sched_debug",
                "/proc/scsi",
                "/sys/firmware"
            ],
            "ReadonlyPaths": [
                "/proc/bus",
                "/proc/fs",
                "/proc/irq",
                "/proc/sys",
                "/proc/sysrq-trigger"
            ]
        },
        "GraphDriver": {
            "Data": {
                "LowerDir": "/var/lib/docker/overlay2/ab80a9042f27614f935c79dd45bebaca84232feb6b40ae6d7e9ef83e7b64ca6a-init/diff:/var/lib/docker/overlay2/e673648aa5e04c86dff49892dff80e9fe7100e1deebfb5ec94bbd36468ae0d7d/diff:/var/lib/docker/overlay2/8511384abf66a44281983725d794d2aaf8a7df007da92600c162cf4fc4c7f7ef/diff:/var/lib/docker/overlay2/fe1cdc98ddbbf93118ac681df3987403c2e467238ddd0264c40d5513d0e7306e/diff:/var/lib/docker/overlay2/873dd40e901f58a7ad2e2ce6166c5b27e2a14709686b73356fec5762369e0be4/diff:/var/lib/docker/overlay2/746088e809e8922bcc9f8f1315043b454230247dff6314426177c23684e1194c/diff",
                "MergedDir": "/var/lib/docker/overlay2/ab80a9042f27614f935c79dd45bebaca84232feb6b40ae6d7e9ef83e7b64ca6a/merged",
                "UpperDir": "/var/lib/docker/overlay2/ab80a9042f27614f935c79dd45bebaca84232feb6b40ae6d7e9ef83e7b64ca6a/diff",
                "WorkDir": "/var/lib/docker/overlay2/ab80a9042f27614f935c79dd45bebaca84232feb6b40ae6d7e9ef83e7b64ca6a/work"
            },
            "Name": "overlay2"
        },
        "Mounts": [
            {
                "Type": "bind",
                "Source": "/var/webdata",
                "Destination": "/usr/local/apache2/htdocs",
                "Mode": "",
                "RW": true,
                "Propagation": "rprivate"
            }
        ],
        "Config": {
            "Hostname": "9ab08bee69df",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "80/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/apache2/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "HTTPD_PREFIX=/usr/local/apache2",
                "HTTPD_VERSION=2.4.53",
                "HTTPD_SHA256=d0bbd1121a57b5f2a6ff92d7b96f8050c5a45d3f14db118f64979d525858db63",
                "HTTPD_PATCHES="
            ],
            "Cmd": [
                "httpd-foreground"
            ],
            "Image": "httpd:2.4",
            "Volumes": null,
            "WorkingDir": "/usr/local/apache2",
            "Entrypoint": null,
            "OnBuild": null,
            "Labels": {},
            "StopSignal": "SIGWINCH"
        },
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "954c60335a3680950a19303a72a5ea728c565f28374e1605cd4da47c1c24d392",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {
                "80/tcp": [
                    {
                        "HostIp": "0.0.0.0",
                        "HostPort": "8080"
                    },
                    {
                        "HostIp": "::",
                        "HostPort": "8080"
                    }
                ]
            },
            "SandboxKey": "/var/run/docker/netns/954c60335a36",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "6dd4823947516e3dd20b4efc60c7ec1eac10aacf854ed274fc40041ed8f4f49a",
            "Gateway": "172.17.0.1",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "172.17.0.2",
            "IPPrefixLen": 16,
            "IPv6Gateway": "",
            "MacAddress": "02:42:ac:11:00:02",
            "Networks": {
                "bridge": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": null,
                    "NetworkID": "9d900230fbfed7337d8f3ee3ed9f007aec0da7450c506d239bd25c3eac94e963",
                    "EndpointID": "6dd4823947516e3dd20b4efc60c7ec1eac10aacf854ed274fc40041ed8f4f49a",
                    "Gateway": "172.17.0.1",
                    "IPAddress": "172.17.0.2",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:ac:11:00:02",
                    "DriverOpts": null
                }
            }
        }
    }
]

- docker inspect data_share | grep -i volumes
[root@localhost webdata]# docker inspect 9ab08bee69df7e8eecb80591481d1c20aaa3c468e226b754a7cd7fb71310dfff  | grep -i volumes
            "VolumesFrom": null,
            "Volumes": null,
[root@localhost webdata]# docker inspect 9ab08bee69df7e8eecb80591481d1c20aaa3c468e226b754a7cd7fb71310dfff  | grep -i /htdocs
                "/var/webdata:/usr/local/apache2/htdocs"
                "Destination": "/usr/local/apache2/htdocs",


ㅇ docker top [컨테이너명]
- 가동중인 컨테이너에서 프로세스를 확인.
[root@localhost webdata]# docker top 9ab08bee69df7e8eecb80591481d1c20aaa3c468e226b754a7cd7fb71310dfff
UID                 PID                 PPID                C                   STIME               TTY                 TIME                CMD
root                92187               92168               0                   21:46               ?                   00:00:00            httpd -DFOREGROUND
33                  92218               92187               0                   21:46               ?                   00:00:00            httpd -DFOREGROUND
33                  92219               92187               0                   21:46               ?                   00:00:00            httpd -DFOREGROUND
33                  92220               92187               0                   21:46               ?                   00:00:00            httpd -DFOREGROUND


ㅇ docker container ls
- 모든 컨테이너는 컨테이너ID 정보

--all, -a : 실행중, 정지중 모두 포함하여 모든 컨테이너 표시
--filter, -f : 표시할 컨테이너 필터링 
--last, -n : 마지막으로 실행된 N건의 컨테이너만 표시
--latest, -l : 마지막으로 실행된 컨테이너만 표시
--no-trunc : 정보를 생략하지 않고 표시
--quiet, -q : 컨테이너 아이디만 표시
--size, -s : 파일 크기 표시
--format : 표시 포맷 지정 

[root@localhost webdata]# docker container ls --no-trunc -q -a
9ab08bee69df7e8eecb80591481d1c20aaa3c468e226b754a7cd7fb71310dfff
d99a427d1c1982b97149f8c660c6c9c540ea2fa50f0111fdb6e88bc493ad93de
79065ea6ac74cbb60bb44e81f2575faf82ceb196624c10bce9dd50ba451ba081
6ccbf7837a4628b1ac8674c7ab76151441d5b1095f7791318cef3190ac0f5f54
65a8eb2f1827f1fccb38fbc6f3c5728be8ee273c689c5bd408b5ceb8494739b7
e4bc6d859c34230261111761232a0477fb9e9bc9afffee1fd54745911a790246
e635400312b526f6fc6be5d5db0811a264adf8741c4d4870eb1b92e8d5ebc9fa
b11b4b8e87cf6dcbc355cfd2aea48ff46b0296ebda5d27d7b1ab0ff07de585fc


ㅇ docker port [ 컨테이너 ID]
- 가동중인 컨테이너에서 실행되고 있는 프로세스가 전송되는 포트 확인
[root@localhost webdata]# docker port 9ab08bee69df7e8eecb80591481d1c20aaa3c468e226b754a7cd7fb71310dfff
80/tcp -> 0.0.0.0:8080
80/tcp -> :::8080
컨테이너의 80번 포트 -> 호스트 80번 포트로 전송

ㅇ docker logs [컨테이너명]
- 가동중인 컨테이너 로그 확인

[root@localhost webdata]# docker logs 9ab08bee69df7e8eecb80591481d1c20aaa3c468e226b754a7cd7fb71310dfff
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[Mon May 16 12:46:32.746618 2022] [mpm_event:notice] [pid 1:tid 140523366030656] AH00489: Apache/2.4.53 (Unix) configured -- resuming normal operations
[Mon May 16 12:46:32.747014 2022] [core:notice] [pid 1:tid 140523366030656] AH00094: Command line: 'httpd -D FOREGROUND'
172.17.0.1 - - [16/May/2022:12:47:54 +0000] "GET /inn.html HTTP/1.1" 200 -
172.17.0.1 - - [16/May/2022:12:48:11 +0000] "GET /inn.html HTTP/1.1" 200 19
172.17.0.1 - - [16/May/2022:13:23:41 +0000] "GET /inn.html HTTP/1.1" 304 -
172.17.0.1 - - [16/May/2022:13:23:41 +0000] "GET /inn.html HTTP/1.1" 304 -
172.17.0.1 - - [16/May/2022:13:23:42 +0000] "GET /inn.html HTTP/1.1" 304 -

ㅇ 기타 뭥밍

[root@localhost vulninsp]# ps -ef | grep 'docker'
root      85039      1  0 20:51 ?        00:00:02 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
root      87095  85039  0 21:15 ?        00:00:00 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 8080 -container-ip 172.17.0.2 -container-port 80
root      87099  85039  0 21:15 ?        00:00:00 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 8080 -container-ip 172.17.0.2 -container-port 80
[root@localhost vulninsp]# ps -ef | grep 'containerd'
root      85028      1  0 20:51 ?        00:00:00 /usr/bin/containerd
root      85039      1  0 20:51 ?        00:00:02 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
root      87111      1  0 21:15 ?        00:00:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id b11b4b8e87cf6dcbc355cfd2aea48ff46b0296ebda5d27d7b1ab0ff07de585fc -address /run/containerd/containerd.sock
root      87445  84580  0 21:17 pts/0    00:00:00 grep --color=auto containerd

DNS Server 지정

server 168.26.63.1 (KT DNS)

Set type=ns 도메인 네임서버 정보

Set type=mx 도메인 메일서버 정보

Set type=soa 도메인 soa(Start-of-Authority) 정보

%h                요청하는 컴퓨터의 호스트명

%l                 원격 지원 시 사용자의 로그명

%u                요청하는 사람의 사용자명(사용자 인증이 필요한 페이지에 관련된 것만 해당)

%d                요청이 이루어진 날짜와 시간

%r                 문서명이 포함된 요청의 맨 첫 줄

%>s              요청에 대한 응답 상태

%b                콘텐츠의 바이트 수를 브라우저로 전송

%{NAME}i      NAME 헤더 라인의 값; 예) Accept, User-Agent 등

1). 디렉토리 제한 방식

1. /var/www/html/image1 폴더 생성

2. 링크 될 이미지를 만들어 놓는다

3. .htaccess 파일을 생성후 아래 내용을 작성하여 저장

SetEnvIfNoCase Referer "http://localhost" local_referal
SetEnvIfNoCase Referer "http://127.0.0.1" local_referal
#SetEnvIfNoCase Referer "http://도메인명" local_referal
SetEnvIfNoCase Referer "http://192.168.18.128" local_referal ##사설 IP 주소
SetEnvIfNoCase Referer "http://210.93.15.30/" local_referal ##공인 IP 주소

Order Deny,Allow
Deny from all
Allow from env=local_referal

- SetEnvIf를 사용하지 않고 SetEnvIfNoCase 를 사용한 이유

현재의 도메인 네임 체계에서는 대소문자를 가리지 않는다. 그러므로 HTTP_REFERER 의 값이 http://www.oops.org 이든 http://WWW.OOPS.ORG 가 동일하게 적용이 된다. 즉 http://www.oops.org 에서만 image가 하이퍼 링크를 하는 것을 가능하게 하려 하는데 어느 누군가 http://WWW.OOPS.ORG 와 같이 대문자로 접근을 했을 경우 이를 처리를 하지 못하는 경우가 발생할수 있으므로 대소문자 구분을 하지 않는 SetEnvIfNoCase 를 사용하는 것.

2)이미지 파일 확장자로 제한하는 방법 (Referer 사용)

1. /var/www/html/image2 폴더 생성

2. 링크 될 이미지를 만들어 놓는다

3. .htaccess 파일을 생성후 아래 내용을 작성하여 저장

SetEnvIfNoCase Referer "http://localhost" local_referal
SetEnvIfNoCase Referer "http://127.0.0.1" local_referal
#SetEnvIfNoCase Referer "http://도메인명" local_referal
SetEnvIfNoCase Referer "http://192.168.18.128" local_referal ##사설 IP 주소
SetEnvIfNoCase Referer "http://210.93.15.30/" local_referal ##공인 IP 주소

<Files ~ "\.(gif|jpg|jpeg|png|bmp)$">
Order Deny,Allow
Deny from all
Allow from env=local_referal
</Files>

3) 이미지 파일 확장자로 제한하는 방법 2(Rewriting Rule 사용)

1. /html/var/www/images3 폴더 생성

2. 링크 될 이미지를 만들어 놓는다

3. .htaccess 파일을 생성후 아래 내용을 작성하여 저장

RewriteEngine On ## RewriteEngine 모드 ON
RewriteCond %{HTTP_REFERER{ !^$
RewriteCond %{HTTP_REFERER} !^http://192.168.18.128.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://210.93.15.30.*$ [NC]
RewriteRule .(jpg|jpeg|gif|bmp)$ ../angryman.png [NC,L] ## 차단되는 그림 (안쓰면 엑박 / 쓰면 대체 이미지)

/var/log/error_log의 로그에 다음과 같이 출력 될 경우

[Sun Nov 17 00:12:35 2013] [alert] [client 210.93.15.30] /var/www/html/image3/.htaccess: RewriteEngine not allowed here, referer: http://210.93.15.30/test.html

/etc/httpd/conf/httpd.conf 파일 326 line

# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All

#

4) 이미지 파일 확장자로 제한시 특정 디렉토리는 제외하는 방법
위의 '2)' 설정에 다음 내용을 추가하면 /upload/ 디렉토리에 있는 .jpg 파일이라도 외부 링크를 허용하게 된다