码迷,mamicode.com
首页 > Web开发 > 详细

Apache web服务

时间:2017-05-17 23:48:55      阅读:416      评论:0      收藏:0      [点我收藏+]

标签:apache web服务

第九单元

Apache web服务

 

 

Apache安装

1 yum install httpd -y                  ###安装apache软件包###

2 systemctl start httpd                 ###开启服务###

3 systemctl enable httpd.service        ###开机自动开启服务###

4 systemctl stop firewalld.service      ###关闭防火墙###

5 systemctl disable firewalld.service   ###开机自动关闭###

6 netstat -antlp   | grep httpd         ###查看监听端口###

 

apache基本信息

 

 

1 apache的默认发布目录

 

index.html

 

2 apache的配置文件

 

/etc/httpd/conf/httpd.conf                ###主配置文件###

 

ServerRoot "/etc/httpd"             ###用于指定Apache的运行目录###

Listen 80                                    ###监听端口###

User apache                         ###运行apache程序的用户和组###

Group apache

ServerAdmin root@localhost                   ###管理员邮箱###

DocumentRoot "/var/www/html"             ###网页文件的存放目录###

<Directory "/var/www/html">    ##<Directory>语句块自定义目录权限##

Require all granted                       

</Directory>

ErrorLog "logs/error_log"                ###错误日志存放位置###

AddDefaultCharset UTF-8                  ###默认支持的语言###

IncludeOptional conf.d/*.conf            ###加载其它配置文件###

DirectoryIndex index.html                ###默认主页名称###

 

 

/etc/httpd/conf.d/*.conf                  ###子配置文件###

 

3 apache的默认发布目录

 

/var/www/html

 

4 apache的默认端口

 

80

技术分享 

apache的基本配置

 

1 )默认文件的修改

 

1 vim     /var/www/html/index.html           ###编写默认文件###

内容:

 

<h1> hello world </h1>

 

2 vim     /var/www/html/ westos.html         ###编写默认文件###

内容:

<h1> westos linux </h1>

 

 

3 vim     /etc/httpd/conf/httpd.con

 

168 <IfModule dir_module>

169     DirectoryIndex westos.html index.html   ###默认westos.html为默认文件,如果westos.html不存在,则默认文件为index.html#####

170 </IfModule>

 

4  systemctl restart httpd.service      ###重新启动服务###

 

 

测试:

登入 172.25.254.112 查看显示的内容是index.html还是westos.html

 技术分享

如果将westos.html文件删除

 技术分享

 

过程如下:

 

[root@mariadb mysqladmin]# cd /var/www/html/

[root@mariadb html]# ls

admin  cgi  mysqladmin

[root@mariadb html]# vim index.html

技术分享

[root@mariadb html]# vim westos.html

[root@mariadb html]# vim /etc/httpd/conf/httpd.conf

技术分享

[root@mariadb html]# systemctl restart httpd.service

[root@mariadb html]# rm -fr westos.html

 

2 )默认目录的修改

selinux是disabled的时候:

 

1 mkdir /westos/www/test -p   ###建立一个目录作为默认目录###

2 vim /westos/www/test/westos.html   ###编写默认文件###

内容:

<h1> westos‘s page </h1>

 

3 vim /etc/httpd/conf/httpd.conf

 

121 DocumentRoot "/westos/www/test"     ###修改默认目录###

122

123 <Directory "/westos/www/test">      ###设置默认目录访问权限####

124     Require all granted            ####允许所有人访问####

125 </Directory>

 

4  systemctl restart httpd.service    ###重启服务###

 

测试:

登入172.25.254.112查看内容:

技术分享 

 

过程如下:

[root@mariadb html]# mkdir /westos/www/test -p

[root@mariadb html]# vim /westos/www/test/westos.html

技术分享

[root@mariadb html]# vim /etc/httpd/conf/httpd.conf

技术分享

[root@mariadb html]# systemctl restart httpd.service

 

 

selinux是enforcing状态:

在添加下面两步:

1 semanage fcontext -a -t httpd_sys_content_t ‘/westos(/.*)?‘###修改安全上下文###

2 restorecon -RvvF /westos/    ###刷新###

 

3 )apache的访问控制

 

设定ip的访问:

 

1 mkdir /var/www/html/admin/

2 vim /var/www/html/admin/index.html

 

<h1> admin‘s page </h1>

 

3 vim /etc/httpd/conf/httpd.conf

 

<Directory "/var/www/html/admin">              

        Order Allow,Deny                 ###允许所有人访问admin目录但只有78主机不能访问###

        Allow from All

        Deny from 172.25.254.78

</Directory>

 

 

<<Directory "/var/www/html/admin">     ###只允许78访问访问admin目录####

        Order Deny,Allow

        Allow from 172.25.254.78

        Deny from All

</Directory>

 

3 systemctl restart httpd.service       ###重启服务###

 

过程如下:

[root@mariadb ~]# mkdir /var/www/html/admin/

[root@mariadb ~]# vim /var/www/html/admin/index.html

技术分享

[root@mariadb ~]# vim /etc/httpd/conf/httpd.conf

技术分享

 

[root@mariadb ~]# systemctl restart httpd.service 

 

特定用户的访问:

1 htpasswd -cm /etc/httpd/accessuser admin   ###设定用户,-c指创建,-m指定名称,改命令为创建了一个用户admin,该用户信息存放在/etc/httpd/accessuser#####

2 htpasswd -m /etc/httpd/accessuser tom    ###创建用户tom,第二次创建不用加-c,不然会将第一次创建的用户信息覆盖###

3 vim /etc/httpd/conf/httpd.conf

 

<Directory "/var/www/html/admin">

    AuthUserFile /etc/httpd/accessuser      ###用户认证文件###

    AuthName "please input your name and password !!"  ###用户认证提示信息###

    AuthType basic              ###认证类型###

    Require user tom            ###认证用户,只有tom可以访问,如果是Require valid-user 则认证文件中的所有用户###

</Directory>

 

过程如下:

 

[root@mariadb ~]# vim /etc/httpd/conf/httpd.conf

 

技术分享

 

[root@mariadb ~]# cd /etc/httpd/

[root@mariadb httpd]# htpasswd -cm /etc/httpd/accessuser admin

New password:

Re-type new password:

Adding password for user admin

[root@mariadb httpd]# cat /etc/httpd/accessuser

admin:$apr1$/2PFvsol$SDJa/.mb1dmWnjHzZEPu11

[root@mariadb httpd]# htpasswd -m /etc/httpd/accessuser tom

New password:

Re-type new password:

Adding password for user tom

[root@mariadb httpd]# cat /etc/httpd/accessuser

admin:$apr1$/2PFvsol$SDJa/.mb1dmWnjHzZEPu11

tom:$apr1$pZ1snUMw$Sd/oscb2DOr0j6aCTvoDB1

[root@mariadb httpd]# mkdir -p  /var/www/html/admin

[root@mariadb httpd]# systemctl restart httpd.service 

 

测试:

登入172.25.254.112/admin

 技术分享

4)apache语言支持

php  html  cqi

 

默认支持:html

php语言:

1 yum   install  php   -y

2 vim /var/www/html/index.php

<?php

        phpinfo();

?>

3 systemctl restart httpd.service

 

过程如下:

[root@mariadb html]# yum install php

[root@mariadb html]# vim /var/www/html/index.html

技术分享

[root@mariadb html]# systemctl restart httpd.service

技术分享 

cgi语言:

1 yum install httpd-manual -y

2 mkdir /var/www/html/cgi

3 cd /var/www/html/cgi/

4 vim index.cgi

 

#!/usr/bin/perl

print "Content-type: text/html\n\n";

print `date`;

 

5 chmod +x index.cgi

6 vim /etc/httpd/conf/httpd.conf

 

179     DirectoryIndex  index.html index.cgi

135 <Directory "/var/www/html/cgi">

136     Options +ExecCGI

137     AddHandler cgi-script .cgi

138 </Directory>

 

[root@mariadb httpd]# yum install httpd-manual -y

技术分享

[root@mariadb httpd]# systemctl restart httpd.service

[root@mariadb httpd]# mkdir /var/www/html/cgi

[root@mariadb httpd]# touch /var/www/html/cgi/index.cgi

[root@mariadb httpd]# cd /var/www/html/cgi/

[root@mariadb cgi]# vim index.cgi

技术分享

[root@mariadb cgi]# chmod +x index.cgi

[root@mariadb cgi]# vim /etc/httpd/conf/httpd.conf

技术分享

[root@mariadb cgi]# systemctl restart httpd.service

 

 

测试:

登入172.25.254.112/cgi

 技术分享

 

虚拟主机

1 ) 定义:

可以让我们的一台aoache服务器在被访问不同域名的时候显示不同的主页,虚拟主机允许您从一个httpd服务器同时为多个网站提供服务

2 )建立测试页:

cd /var/www/

mkdir virtual

mkdir virtual/news.westos.com

mkdir virtual/money.westos.com

mkdir virtual/money.westos.com/html

mkdir virtual/news.westos.com/html

echo "money.westos.com‘s page" > virtual/money.westos.com/html/index.html

echo "news.westos.com‘s page" > virtual/news.westos.com/html/index.html

3 )配置

1 cd /etc/httpd/conf.d/                   ##在子配置文件里配置

2 vim default.conf                         ###没有指定域名的访问都访问default

<virtualhost    _default_:80>              ####虚拟主机开启的端口####

        DocumentRoot "/var/www/html"        ###虚拟主机的默认发布目录###

        CustomLog "logs/default.log" combined  ###虚拟主机日志###

</Virtualhost>

3 vim news.conf                             ###指定域名为news.westos.com的访问###

 

<Virtualhost *:80>

        ServerName "news.westos.com"          ###指定服务器名称###

        DocumentRoot "/var/www/virtual/news.westos.com/html"

        CustomLog "logs/news.log" combined

</Virtualhost>

<Directory "/var/www/virtual/news.westos.com/html">    ###默认发布目录访问授权#

        Require all granted

</Directory>

4 vim money.conf                            ###指定域名为money.westos.com的访问###

 

<Virtualhost *:80>

        ServerName "money.westos.com"

        DocumentRoot "/var/www/virtual/money.westos.com/html"

        CustomLog "logs/money.log" combined

</Virtualhost>

<Directory "/var/www/virtual/money.westos.com/html">

        Require all granted

</Directory>

 

5 systemctl restart httpd.service    ###重启服务###

 

6 在在浏览器的主机上要进行本地解析:

[root@foundation12 Desktop]# vim /etc/hosts

172.25.254.112 www.westos.com news.westos.com money.westos.com

 

测试:

分别登入www.westos.com , new.westos.com , money.westos.com

 技术分享

技术分享

技术分享

 

过程如下:

 

[root@server ~]# cd /var/www/                        ###建立测试页###

[root@server www]# mkdir virtual

[root@server www]# ls

cgi-bin  html  virtual

[root@server www]# mkdir virtual/news.westos.com

[root@server www]# mkdir virtual/money.westos.com

[root@server www]# mkdir virtual/money.westos.com/html

[root@server www]# mkdir virtual/news.westos.com/html

[root@server www]# echo "money.westos.com‘s page" > virtual/money.westos.com/html/index.html

[root@server www]# echo "news.westos.com‘s page" > virtual/news.westos.com/html/index.html

[root@server conf]# cd /etc/httpd/conf.d/    ##在子配置文件里配置###

[root@server conf.d]# ls

autoindex.conf  php.conf  userdir.conf

manual.conf     README    welcome.conf

[root@server conf.d]# vim default.conf       

 技术分享


[root@server conf.d]# vim news.conf

 

技术分享

[root@server conf.d]# cp news.conf  money.conf

[root@server conf.d]# vim money.conf

 

技术分享

 

[root@server conf]# cd /etc/httpd/conf.d

[root@server conf.d]# ls

autoindex.conf  manual.conf  news.conf  README        welcome.conf

default.conf    money.conf   php.conf   userdir.conf

[root@server conf.d]# systemctl restart httpd.service    ###重启服务###

 

 

在浏览器的主机上要进行本地解析:

[root@foundation12 Desktop]# vim /etc/hosts

172.25.254.112 www.westos.com news.westos.com money.westos.com

 技术分享

 

4 )配置https

 

http的访问是明文的访问,https的访问是加密的访问。

https访问的监听端口是443

 

1 netstat -antlpe | grep httpd               ###查看与httpd有关的端口有哪些##

2 yum install mod_ssl -y                     ###只有安装了ssl才会有443端口###

技术分享

3 vim /etc/httpd/conf.d/ssl.conf             ###安装号ssl后就会出现ssl.conf文件,文件内容有443端口####

4 yum install crypto-utils.x86_64 -y         ###安装生成自签名证书的软件包###

5 genkey www.westos.com                      ###调用genkey生成证书###

 

--> 记录生成的证书和关联的私钥的位置

技术分享 

--> 选择合适的密钥大小

 技术分享

--> 在生成随机数时比较慢,敲键盘和移动鼠标可以加速

 技术分享

--> 拒绝向认证机构(CA)发送证书请求(CSR)

 技术分享

--> 拒绝加密私钥

 技术分享

--> 为服务器提供合适的身份。Common Name必须与服务器的主机全名完全匹配(注意,任何逗号都应使用前导反斜线[\]进行转义)

 技术分享

-->

 

 

6 vim   ssl.conf

 技术分享

 

7 vim login.conf

<VirtualHost    *:443>                        ###https的监听端口###

        ServerName "login.westos.com"

        DocumentRoot "/var/www/virtual/login.westos.com/html"

        CustomLog "logs/login.log" combined

SSLEngine on                                 ###开启https的功能###

SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt   ###证书###

        SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key  ##秘钥###

</VirtualHost>

 

<Directory "/var/www/virtual/login.westos.com/html">

        Require all granted

</Directory>

 

 

 

 

过程如下:

[root@localhost conf.d]# yum install mod_ssl.x86_64 -y

[root@localhost conf.d]# yum install crypto-utils.x86_64 -y

[root@localhost conf.d]# genkey www.westos.com

/usr/bin/keyutil -c makecert -g 512 -s "CN=www.westos.com, OU=linux, O=westos, L=xi‘an, ST=Shannxi, C=CN" -v 1 -a -z /etc/pki/tls/.rand.3946 -o /etc/pki/tls/certs/www.westos.com.crt -k /etc/pki/tls/private/www.westos.com.key

cmdstr: makecert

 

cmd_CreateNewCert

command:  makecert

keysize = 512 bits

subject = CN=www.westos.com, OU=linux, O=westos, L=xi‘an, ST=Shannxi, C=CN

valid for 1 months

random seed from /etc/pki/tls/.rand.3946

output will be written to /etc/pki/tls/certs/www.westos.com.crt

output key written to /etc/pki/tls/private/www.westos.com.key

 

 

Generating key. This may take a few moments...

 

Made a key

Opened tmprequest for writing

/usr/bin/keyutil Copying the cert pointer

Created a certificate

Wrote 486 bytes of encoded data to /etc/pki/tls/private/www.westos.com.key

Wrote the key to:

/etc/pki/tls/private/www.westos.com.key

[root@localhost conf.d]# ls

autoindex.conf  money.conf  README    tmprequest    welcome.conf

default.conf    news.conf   ssl.conf  userdir.conf

[root@localhost conf.d]# vim ssl.conf

 

[1]+  Stopped                 vim ssl.conf

[root@localhost conf.d]# fg

vim ssl.conf

 

[1]+  Stopped                 vim ssl.conf

[root@localhost conf.d]# fg

vim ssl.conf

[root@localhost conf.d]# systemctl restart httpd.service

[root@localhost conf.d]# netstat -antlpe | grep httpd

tcp6       0      0 :::443                  :::*                    LISTEN      0          97088      4088/httpd          

tcp6       0      0 :::80                   :::*                    LISTEN      0          97074      4088/httpd          

[root@localhost conf.d]# cp -p money.conf login.conf

[root@localhost conf.d]# mkdir /var/www/virtual/login.westos.com/html -p

[root@localhost conf.d]# vim /var/www/virtual/login.westos.com/html/index.html

[root@localhost conf.d]# vim login.conf

 

<VirtualHost    *:443>                        ###https的监听端口###

        ServerName "login.westos.com"

        DocumentRoot "/var/www/virtual/login.westos.com/html"

        CustomLog "logs/login.log" combined

SSLEngine on                          ###开启https功能###

SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt##证书##

        SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key##密钥##

</VirtualHost>

 

<Directory "/var/www/virtual/login.westos.com/html">

        Require all granted

</Directory>

 

 

[root@localhost conf.d]# systemctl restart httpd.service

 

测试:登入login.westos.com

 

 

5)网页重写

1 vim login.conf

 

<Virtualhost *:443>

        ServerName "login.westos.com"

        DocumentRoot "/var/www/virtual/login.westos.com/html"

        CustomLog "logs/login.log" combined

        SSLEngine on

SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt

        SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key

</Virtualhost>

<Directory "/var/www/virtual/login.westos.com/html">

        Require all granted

</Directory>

 

<Virtualhost *:80>                  ###网页重写实现自动访问https###

        ServerName login.westos.com

        RewriteEngine on

        RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]

</Virtualhost>

 

^(/.*)$                  ###客户主机在地址栏中写入的所有字符,除了换行符###

https://                 ###定向成为的访问协议###

%{HTTP_HOST}             ###客户请求主机###

$1                       ###指^(/.*)$的值###

[redirect=301]           ###301指临时重定向,302指永久重定向###

 

2 systemctl restart httpd.service

 

测试:

在客户主机中添加解析

 

172.25.254.112      login.westos.com

 

访问http://login.westos.com 会自动跳转到

https://login.westos.com

 

技术分享

技术分享

技术分享

技术分享

Apache web服务

标签:apache web服务

原文地址:http://12774272.blog.51cto.com/12764272/1926663

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!