How to turn off reverse parsing of ssh in apache-Apache-php.cn

Home

Operation and Maintenance

Apache

How to turn off reverse parsing of ssh in apache

步履不停

Jun 29, 2019 pm 01:27 PM

apachessh

How to turn off reverse parsing of ssh in apache

When we connect to apache, ssh, mysql and other servers, if the connection is too slow, the possible reason is reverse query of dns. Some netizens have this situation: the situation is that you have to enter your account and password to log in for ssh, ftp, etc. Only after entering the password, you have to wait 30 seconds, which is said to be the DNS reverse resolution timeout.

Why do we need reverse resolution of domain names? This is because it prevents fake IPs from connecting to the server and resolves the IP into domain names to improve installation and see if the IP is fake. This is one of the functions of DNS reverse query.

If the connection is too slow after turning on the reverse parsing function of apache, ssh, mysql and other servers. There are two solutions:

You need to build your own dns resolution or change the hosts file to turn off the dns reverse resolution function of the service.

Let’s talk about the second method first. This method is the simplest, but after turning off dns reverse analysis, the situation of forged IP login cannot be prevented.

1. Turn off the reverse parsing of mysql and ssh

找到 /etc/mysql/my.cnf 
在 [mysqld]标记下面添加:
skip-name-resolve 不把IP地址解析为主机名； 与访问控制（mysql.user数据表）有关的检查全部通过IP地址行进
skip-host-cache  不使用高速缓存区来存放主机名和IP地址的对应关系
然后保存
/etc/init.d/mysql restart 重启mysql。

Attached is the ssh:

取消sshd服务的dns反向解析#vi /etc/ssh/sshd_config找到选项UseDNS ，取消注释，改为
UseDNS no
重启sshd服务
/etc/init.d/sshd  restart

2. Build your own dns server and add known servers The domain name is added.

This is because these records require DNS resolution (the program requires PTR reverse resolution, that is, the mapping relationship between IP and domain name, which is mainly used to verify whether the IP is a legal IP). The solution is as follows:
Method 1: Write commonly used IP addresses into the hosts file, and then check in /etc/nsswitch.conf whether the program queries the hosts file first (usually the default is this)
Method 2: Set up a dns server (It can be the local machine), add reverse resolution, and add this dns server to /etc/resolv.conf. Examples are as follows:

/********************************************************************************
reverse mapping
********************************************************************************/

zone "0.0.127.in-addr.arpa" in {
        type master;
        notify no;
        file "named.local";
        allow-update {"none";};
};

zone "20.172.in-addr.arpa" in {
        type master;
        file "master/20.172";
};

zone "168.192.in-addr.arpa" in {
        type master;
        file "master/168.192";
};

zone "16.172.in-addr.arpa" in {
        type master;
        file "master/16.172";
};

zone "17.172.in-addr.arpa" in {
        type master;
        file "master/17.172";
};

For more technical articles related to Apache, please visit the Apache Tutorial column to learn!

The above is the detailed content of How to turn off reverse parsing of ssh in apache. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Apache's Continuing Importance: Reasons for Its LongevityApr 22, 2025 am 12:08 AM

Reasons for Apache's continued importance include its diversity, flexibility, strong community support, widespread use and high reliability in enterprise-level applications, and continuous innovation in emerging technologies. Specifically, 1) The Apache project covers multiple fields from web servers to big data processing, providing rich solutions; 2) The global community of the Apache Software Foundation (ASF) provides continuous support and development momentum for the project; 3) Apache shows high stability and scalability in enterprise-level applications such as finance and telecommunications; 4) Apache continues to innovate in emerging technologies such as cloud computing and big data, such as breakthroughs from ApacheFlink and ApacheArrow.

Beyond the Hype: Assessing Apache's Current RoleApr 21, 2025 am 12:14 AM

Apache remains important in today's technology ecosystem. 1) In the fields of web services and big data processing, ApacheHTTPServer, Kafka and Hadoop are still the first choice. 2) In the future, we need to pay attention to cloud nativeization, performance optimization and ecosystem simplification to maintain competitiveness.

Apache's Impact: Web Hosting and Content DeliveryApr 20, 2025 am 12:12 AM

ApacheHTTPServer has a huge impact on WebHosting and content distribution. 1) Apache started in 1995 and quickly became the first choice in the market, providing modular design and flexibility. 2) In web hosting, Apache is widely used for stability and security and supports multiple operating systems. 3) In terms of content distribution, combining CDN use improves website speed and reliability. 4) Apache significantly improves website performance through performance optimization configurations such as content compression and cache headers.

Apache's Role: Serving HTML, CSS, JavaScript, and MoreApr 19, 2025 am 12:09 AM

Apache can serve HTML, CSS, JavaScript and other files. 1) Configure the virtual host and document root directory, 2) receive, process and return requests, 3) use .htaccess files to implement URL rewrite, 4) debug by checking permissions, viewing logs and testing configurations, 5) enable cache, compressing files, and adjusting KeepAlive settings to optimize performance.

What Apache is Known For: Key Features and AchievementsApr 18, 2025 am 12:03 AM

ApacheHTTPServer has become a leader in the field of web servers for its modular design, high scalability, security and performance optimization. 1. Modular design supports various protocols and functions by loading different modules. 2. Highly scalable to adapt to the needs of small to large applications. 3. Security protects the website through mod_security and multiple authentication mechanisms. 4. Performance optimization improves loading speed through data compression and caching.

The Enduring Relevance of Apache: Examining Its Current StatusApr 17, 2025 am 12:06 AM

ApacheHTTPServer remains important in modern web environments because of its stability, scalability and rich ecosystem. 1) Stability and reliability make it suitable for high availability environments. 2) A wide ecosystem provides rich modules and extensions. 3) Easy to configure and manage, and can be quickly started even for beginners.

Apache's Popularity: Reasons for Its SuccessApr 16, 2025 am 12:05 AM

The reasons for Apache's success include: 1) strong open source community support, 2) flexibility and scalability, 3) stability and reliability, and 4) a wide range of application scenarios. Through community technical support and sharing, Apache provides flexible modular design and configuration options, ensuring its adaptability and stability under a variety of needs, and is widely used in different scenarios from personal blogs to large corporate websites.

Apache's Legacy: What Made It Famous?Apr 15, 2025 am 12:19 AM

Apachebecamefamousduetoitsopen-sourcenature,modulardesign,andstrongcommunitysupport.1)Itsopen-sourcemodelandpermissiveApacheLicenseencouragedwidespreadadoption.2)Themodulararchitectureallowedforextensivecustomizationandadaptability.3)Avibrantcommunit

See all articles

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Assassin's Creed Shadows: Seashell Riddle Solution

3 weeks agoByDDD

What's New in Windows 11 KB5054979 & How to Fix Update Issues

2 weeks agoByDDD

Where to find the Crane Control Keycard in Atomfall

3 weeks agoByDDD

Assassin's Creed Shadows - How To Find The Blacksmith And Unlock Weapon And Armour Customisation

1 months agoByDDD

Roblox: Dead Rails - How To Complete Every Challenge

3 weeks agoByDDD

Hot Tools

mPDF

mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.