Apacheweb服务

第九单元

创新互联公司始终坚持【策划先行,效果至上】的经营理念,通过多达十年累计超上千家客户的网站建设总结了一套系统有效的全网整合营销推广解决方案,现已广泛运用于各行各业的客户,其中包括:成都报废汽车回收等企业,备受客户称誉。

Apache web服务

 

 

一 Apache安装

1 yum install httpd -y                  ###安装apache软件包###

2 systemctl start httpd                 ###开启服务###

3 systemctl enable httpd.service        ###开机自动开启服务###

4 systemctl stop firewalld.service      ###关闭防火墙###

5 systemctl disable firewalld.service   ###开机自动关闭###

6 netstat -antlp   | grep httpd         ###查看监听端口###

 

二 apache基本信息

 

 

1 apache的默认发布目录

 

index.html

 

2 apache的配置文件

 

/etc/httpd/conf/httpd.conf                ###主配置文件###

 

ServerRoot "/etc/httpd"             ###用于指定Apache的运行目录###

Listen 80                                    ###监听端口###

User apache                         ###运行apache程序的用户和组###

Group apache

ServerAdmin root@localhost                   ###管理员邮箱###

DocumentRoot "/var/www/html"             ###网页文件的存放目录###

   ##语句块自定义目录权限##

Require all granted                       

ErrorLog "logs/error_log"                ###错误日志存放位置###

AddDefaultCharset UTF-8                  ###默认支持的语言###

IncludeOptional conf.d/*.conf            ###加载其它配置文件###

DirectoryIndex index.html                ###默认主页名称###

 

 

/etc/httpd/conf.d/*.conf                  ###子配置文件###

 

3 apache的默认发布目录

 

/var/www/html

 

4 apache的默认端口

 

80

Apache web服务 

三 apache的基本配置

 

1 )默认文件的修改

 

1 vim     /var/www/html/index.html           ###编写默认文件###

内容:

 

hello world

 

2 vim     /var/www/html/ westos.html         ###编写默认文件###

内容:

westos linux

 

 

3 vim     /etc/httpd/conf/httpd.con

 

168

169     DirectoryIndex westos.html index.html   ###默认westos.html为默认文件,如果westos.html不存在,则默认文件为index.html#####

170

 

4  systemctl restart httpd.service      ###重新启动服务###

 

 

测试:

登入 172.25.254.112 查看显示的内容是index.html还是westos.html

 Apache web服务

如果将westos.html文件删除

 Apache web服务

 

过程如下:

 

[root@mariadb MySQLadmin]# cd /var/www/html/

[root@mariadb html]# ls

admin  cgi  mysqladmin

[root@mariadb html]# vim index.html

Apache web服务

[root@mariadb html]# vim westos.html

[root@mariadb html]# vim /etc/httpd/conf/httpd.conf

Apache web服务

[root@mariadb html]# systemctl restart httpd.service

[root@mariadb html]# rm -fr westos.html

 

2 )默认目录的修改

当selinux是disabled的时候:

 

1 mkdir /westos/www/test -p   ###建立一个目录作为默认目录###

2 vim /westos/www/test/westos.html   ###编写默认文件###

内容:

westos's page

 

3 vim /etc/httpd/conf/httpd.conf

 

121 DocumentRoot "/westos/www/test"     ###修改默认目录###

122

123      ###设置默认目录访问权限####

124     Require all granted            ####允许所有人访问####

125

 

4  systemctl restart httpd.service    ###重启服务###

 

测试:

登入172.25.254.112查看内容:

Apache web服务 

 

过程如下:

[root@mariadb html]# mkdir /westos/www/test -p

[root@mariadb html]# vim /westos/www/test/westos.html

Apache web服务

[root@mariadb html]# vim /etc/httpd/conf/httpd.conf

Apache web服务

[root@mariadb html]# systemctl restart httpd.service

 

 

当selinux是enforcing状态:

在添加下面两步:

1 semanage fcontext -a -t httpd_sys_content_t '/westos(/.*)?'###修改安全上下文###

2 restorecon -RvvF /westos/    ###刷新###

 

3 )apache的访问控制

 

设定ip的访问:

 

1 mkdir /var/www/html/admin/

2 vim /var/www/html/admin/index.html

 

admin's page

 

3 vim /etc/httpd/conf/httpd.conf

 

             

        Order Allow,Deny                 ###允许所有人访问admin目录但只有78主机不能访问###

        Allow from All

        Deny from 172.25.254.78

 

 

<     ###只允许78访问访问admin目录####

        Order Deny,Allow

        Allow from 172.25.254.78

        Deny from All

 

3 systemctl restart httpd.service       ###重启服务###

 

过程如下:

[root@mariadb ~]# mkdir /var/www/html/admin/

[root@mariadb ~]# vim /var/www/html/admin/index.html

Apache web服务

[root@mariadb ~]# vim /etc/httpd/conf/httpd.conf

Apache web服务

 

[root@mariadb ~]# systemctl restart httpd.service 

 

特定用户的访问:

1 htpasswd -cm /etc/httpd/accessuser admin   ###设定用户,-c指创建,-m指定名称,改命令为创建了一个用户admin,该用户信息存放在/etc/httpd/accessuser#####

2 htpasswd -m /etc/httpd/accessuser tom    ###创建用户tom,第二次创建不用加-c,不然会将第一次创建的用户信息覆盖###

3 vim /etc/httpd/conf/httpd.conf

 

    AuthUserFile /etc/httpd/accessuser      ###用户认证文件###

    AuthName "please input your name and password !!"  ###用户认证提示信息###

    AuthType basic              ###认证类型###

    Require user tom            ###认证用户,只有tom可以访问,如果是Require valid-user 则认证文件中的所有用户###

 

过程如下:

 

[root@mariadb ~]# vim /etc/httpd/conf/httpd.conf

 

Apache web服务

 

[root@mariadb ~]# cd /etc/httpd/

[root@mariadb httpd]# htpasswd -cm /etc/httpd/accessuser admin

New password:

Re-type new password:

Adding password for user admin

[root@mariadb httpd]# cat /etc/httpd/accessuser

admin:$apr1$/2PFvsol$SDJa/.mb1dmWnjHzZEPu11

[root@mariadb httpd]# htpasswd -m /etc/httpd/accessuser tom

New password:

Re-type new password:

Adding password for user tom

[root@mariadb httpd]# cat /etc/httpd/accessuser

admin:$apr1$/2PFvsol$SDJa/.mb1dmWnjHzZEPu11

tom:$apr1$pZ1snUMw$Sd/oscb2DOr0j6aCTvoDB1

[root@mariadb httpd]# mkdir -p  /var/www/html/admin

[root@mariadb httpd]# systemctl restart httpd.service 

 

测试:

登入172.25.254.112/admin

 Apache web服务

4)apache语言支持

php  html  cqi

 

默认支持:html

php语言:

1 yum   install  php   -y

2 vim /var/www/html/index.php

        phpinfo();

?>

3 systemctl restart httpd.service

 

过程如下:

[root@mariadb html]# yum install php

[root@mariadb html]# vim /var/www/html/index.html

Apache web服务

[root@mariadb html]# systemctl restart httpd.service

Apache web服务 

cgi语言:

1 yum install httpd-manual -y

2 mkdir /var/www/html/cgi

3 cd /var/www/html/cgi/

4 vim index.cgi

 

#!/usr/bin/perl

print "Content-type: text/html\n\n";

print `date`;

 

5 chmod +x index.cgi

6 vim /etc/httpd/conf/httpd.conf

 

179     DirectoryIndex  index.html index.cgi

135

136     Options +ExecCGI

137     AddHandler cgi-script .cgi

138

 

[root@mariadb httpd]# yum install httpd-manual -y

Apache web服务

[root@mariadb httpd]# systemctl restart httpd.service

[root@mariadb httpd]# mkdir /var/www/html/cgi

[root@mariadb httpd]# touch /var/www/html/cgi/index.cgi

[root@mariadb httpd]# cd /var/www/html/cgi/

[root@mariadb cgi]# vim index.cgi

Apache web服务

[root@mariadb cgi]# chmod +x index.cgi

[root@mariadb cgi]# vim /etc/httpd/conf/httpd.conf

Apache web服务

[root@mariadb cgi]# systemctl restart httpd.service

 

 

测试:

登入172.25.254.112/cgi

 Apache web服务

 

三 虚拟主机

1 ) 定义:

可以让我们的一台aoache服务器在被访问不同域名的时候显示不同的主页,虚拟主机允许您从一个httpd服务器同时为多个网站提供服务

2 )建立测试页:

cd /var/www/

mkdir virtual

mkdir virtual/news.westos.com

mkdir virtual/money.westos.com

mkdir virtual/money.westos.com/html

mkdir virtual/news.westos.com/html

echo "money.westos.com's page" > virtual/money.westos.com/html/index.html

echo "news.westos.com's page" > virtual/news.westos.com/html/index.html

3 )配置

1 cd /etc/httpd/conf.d/                   ##在子配置文件里配置

2 vim default.conf                         ###没有指定域名的访问都访问default

             ####虚拟主机开启的端口####

        DocumentRoot "/var/www/html"        ###虚拟主机的默认发布目录###

        CustomLog "logs/default.log" combined  ###虚拟主机日志###

3 vim news.conf                             ###指定域名为news.westos.com的访问###

 

        ServerName "news.westos.com"          ###指定服务器名称###

        DocumentRoot "/var/www/virtual/news.westos.com/html"

        CustomLog "logs/news.log" combined

   ###默认发布目录访问授权#

        Require all granted

4 vim money.conf                            ###指定域名为money.westos.com的访问###

 

        ServerName "money.westos.com"

        DocumentRoot "/var/www/virtual/money.westos.com/html"

        CustomLog "logs/money.log" combined

        Require all granted

 

5 systemctl restart httpd.service    ###重启服务###

 

6 在在浏览器的主机上要进行本地解析:

[root@foundation12 Desktop]# vim /etc/hosts

172.25.254.112 www.westos.com news.westos.com money.westos.com

 

测试:

分别登入www.westos.com , new.westos.com , money.westos.com

 Apache web服务

Apache web服务

Apache web服务

 

过程如下:

 

[root@server ~]# cd /var/www/                        ###建立测试页###

[root@server www]# mkdir virtual

[root@server www]# ls

cgi-bin  html  virtual

[root@server www]# mkdir virtual/news.westos.com

[root@server www]# mkdir virtual/money.westos.com

[root@server www]# mkdir virtual/money.westos.com/html

[root@server www]# mkdir virtual/news.westos.com/html

[root@server www]# echo "money.westos.com's page" > virtual/money.westos.com/html/index.html

[root@server www]# echo "news.westos.com's page" > virtual/news.westos.com/html/index.html

[root@server conf]# cd /etc/httpd/conf.d/    ##在子配置文件里配置###

[root@server conf.d]# ls

autoindex.conf  php.conf  userdir.conf

manual.conf     README    welcome.conf

[root@server conf.d]# vim default.conf       

 Apache web服务

[root@server conf.d]# vim news.conf

 

Apache web服务

[root@server conf.d]# cp news.conf  money.conf

[root@server conf.d]# vim money.conf

 

Apache web服务

 

[root@server conf]# cd /etc/httpd/conf.d

[root@server conf.d]# ls

autoindex.conf  manual.conf  news.conf  README        welcome.conf

default.conf    money.conf   php.conf   userdir.conf

[root@server conf.d]# systemctl restart httpd.service    ###重启服务###

 

 

在浏览器的主机上要进行本地解析:

[root@foundation12 Desktop]# vim /etc/hosts

172.25.254.112 www.westos.com news.westos.com money.westos.com

 Apache web服务

 

4 )配置https

 

http的访问是明文的访问,https的访问是加密的访问。

https访问的监听端口是443

 

1 netstat -antlpe | grep httpd               ###查看与httpd有关的端口有哪些##

2 yum install mod_ssl -y                     ###只有安装了ssl才会有443端口###

Apache web服务

3 vim /etc/httpd/conf.d/ssl.conf             ###安装号ssl后就会出现ssl.conf文件,文件内容有443端口####

4 yum install crypto-utils.x86_64 -y         ###安装生成自签名证书的软件包###

5 genkey www.westos.com                      ###调用genkey生成证书###

 

--> 记录生成的证书和关联的私钥的位置

Apache web服务 

--> 选择合适的密钥大小

 Apache web服务

--> 在生成随机数时比较慢,敲键盘和移动鼠标可以加速

 Apache web服务

--> 拒绝向认证机构(CA)发送证书请求(CSR)

 Apache web服务

--> 拒绝加密私钥

 Apache web服务

--> 为服务器提供合适的身份。Common Name必须与服务器的主机全名完全匹配(注意,任何逗号都应使用前导反斜线[\]进行转义)

 Apache web服务

-->

 

 

6 vim   ssl.conf

 Apache web服务

 

7 vim login.conf

                       ###https的监听端口###

        ServerName "login.westos.com"

        DocumentRoot "/var/www/virtual/login.westos.com/html"

        CustomLog "logs/login.log" combined

SSLEngine on                                 ###开启https的功能###

SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt   ###证书###

        SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key  ##秘钥###

 

        Require all granted

 

 

 

 

过程如下:

[root@localhost conf.d]# yum install mod_ssl.x86_64 -y

[root@localhost conf.d]# yum install crypto-utils.x86_64 -y

[root@localhost conf.d]# genkey www.westos.com

/usr/bin/keyutil -c makecert -g 512 -s "CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=Shannxi, C=CN" -v 1 -a -z /etc/pki/tls/.rand.3946 -o /etc/pki/tls/certs/www.westos.com.crt -k /etc/pki/tls/private/www.westos.com.key

cmdstr: makecert

 

cmd_CreateNewCert

command:  makecert

keysize = 512 bits

subject = CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=Shannxi, C=CN

valid for 1 months

random seed from /etc/pki/tls/.rand.3946

output will be written to /etc/pki/tls/certs/www.westos.com.crt

output key written to /etc/pki/tls/private/www.westos.com.key

 

 

Generating key. This may take a few moments...

 

Made a key

Opened tmprequest for writing

/usr/bin/keyutil Copying the cert pointer

Created a certificate

Wrote 486 bytes of encoded data to /etc/pki/tls/private/www.westos.com.key

Wrote the key to:

/etc/pki/tls/private/www.westos.com.key

[root@localhost conf.d]# ls

autoindex.conf  money.conf  README    tmprequest    welcome.conf

default.conf    news.conf   ssl.conf  userdir.conf

[root@localhost conf.d]# vim ssl.conf

 

[1]+  Stopped                 vim ssl.conf

[root@localhost conf.d]# fg

vim ssl.conf

 

[1]+  Stopped                 vim ssl.conf

[root@localhost conf.d]# fg

vim ssl.conf

[root@localhost conf.d]# systemctl restart httpd.service

[root@localhost conf.d]# netstat -antlpe | grep httpd

tcp6       0      0 :::443                  :::*                    LISTEN      0          97088      4088/httpd          

tcp6       0      0 :::80                   :::*                    LISTEN      0          97074      4088/httpd          

[root@localhost conf.d]# cp -p money.conf login.conf

[root@localhost conf.d]# mkdir /var/www/virtual/login.westos.com/html -p

[root@localhost conf.d]# vim /var/www/virtual/login.westos.com/html/index.html

[root@localhost conf.d]# vim login.conf

 

                       ###https的监听端口###

        ServerName "login.westos.com"

        DocumentRoot "/var/www/virtual/login.westos.com/html"

        CustomLog "logs/login.log" combined

SSLEngine on                          ###开启https功能###

SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt##证书##

        SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key##密钥##

 

        Require all granted

 

 

[root@localhost conf.d]# systemctl restart httpd.service

 

测试:登入login.westos.com

 

 

5)网页重写

1 vim login.conf

 

        ServerName "login.westos.com"

        DocumentRoot "/var/www/virtual/login.westos.com/html"

        CustomLog "logs/login.log" combined

        SSLEngine on

SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt

        SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key

        Require all granted

 

                 ###网页重写实现自动访问https###

        ServerName login.westos.com

        RewriteEngine on

        RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]

 

^(/.*)$                  ###客户主机在地址栏中写入的所有字符,除了换行符###

https://                 ###定向成为的访问协议###

%{HTTP_HOST}             ###客户请求主机###

$1                       ###指^(/.*)$的值###

[redirect=301]           ###301指临时重定向,302指永久重定向###

 

2 systemctl restart httpd.service

 

测试:

在客户主机中添加解析

 

172.25.254.112      login.westos.com

 

访问http://login.westos.com 会自动跳转到

https://login.westos.com

 

Apache web服务

Apache web服务

Apache web服务

Apache web服务


网站栏目:Apacheweb服务
URL网址:http://myzitong.com/article/gehjgi.html