[Apache]
#yum install -y httpd
#mkdir -p /data/www/html
#vim /data/www/html/test.html
hello world
#vim /etc/httpd/conf/httpd.conf
DocumentRoot "/data/www/html"
<Directory "/data/www/html">
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.html test.html
</IfModule>
#semanage fcontext -a -t httpd_sys_content_t ‘/data(/.*)?‘ //更改安全上下文
#restorecon -FvvR /westos/
#systemctl restart httpd.service
#curl -I localhost
HTTP/1.1 200 OK
Date: Sun, 15 Mar 2015 06:58:08 GMT
Server: Apache/2.4.6 (Red Hat)
Last-Modified: Sun, 15 Mar 2015 06:23:52 GMT
ETag: "28-5114dc6fc9141"
Accept-Ranges: bytes
Content-Length: 40
Content-Type: text/html; charset=UTF-8
[配置虚拟主机]
#vim /etc/httpd/conf.d/virtual.conf
<VirtualHost *:80>
ServerName www.sina.com
ServerAlias sina.com
DocumentRoot /virtual/www.sina.com/html
</VirtualHost>
<Directory "/virtual/www.sina.com/html">
Require all granted
</Directory>
<VirtualHost *:80>
ServerName www.alibaba.com
ServerAlias alibaba.com
DocumentRoot /virtual/www.alibaba.com/html
</VirtualHost>
<Directory "/virtual/www.alibaba.com/html">
Require all granted
</Directory>
#vim /etc/httpd/conf.d/defualt.conf
<VirtualHost _default_:80>
DocumentRoot /data/www/html
ErrorLog logs/www.html.com.log //在/etc/httpd/logs/www.html.com.log
</VirtualHost>
<Directory "/data/www/html">
Require all granted
</Directory>
配置基于用户的身份验证
用两个账户创建Apache密码文件:
#useradd damin
#htpasswd -cm /etc/httpd/.htpasswd admin //首次加-c创建密码文件下来就不需要了。
#htpasswd -m /etc/httpd/.htpasswd test
#vim /etc/httpd/conf.d/virtual.conf
<Directory /virtual/www.sina.com/html>
AuthName “Please input your name and password !”
AuthType basic
AuthUserFile /etc/httpd/.htpasswd
Require valid-user
</Directory>
#systemctl restart httpd
[配置HTTPS]
#使用genkey实用程序(通过crypto-utils软件包分发),生成自签名证书及其关联的
私钥。为了简化起见,genkey将在“正确”的位置(/etc/pki/tls目录)创建证书及其
关联的密钥。相应地,必须以授权用户(root)身份运行该实用程序。
#yum install -y crypto-utils mod_ssl
#genkey www.alibaba.com
#ls -l /etc/pki/tls/private/www.alibaba.com.key
#ls -l /etc/pki/tls/certs/www.alibaba.com.crt
确保这两个文件只有root可读
#vim /etc/httpd/conf.d/virtual.conf
把所有80端口的请求全部重定向由https来处理
<Virtualhost *:80>
ServerName www.alibaba.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
加密端口为443
VirtualHost *:443>
servername www.alibaba.com
documentroot /virtual/www/html
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/www.alibaba.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/www.alibaba.com.key
<Directory "/virtual/www.alibaba.com/html">
require all granted
</Directory>
</VirtualHost>
<VirtualHost *:80>
servername www.alibaba.com
rewriteengine on
rewriterule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</VirtualHost>
#systemctl restart httpd
本文出自 “在时间里愛着你” 博客,谢绝转载!
原文地址:http://solongcc.blog.51cto.com/8979378/1630465
