1.http基本配置
Apache主配置文件: /etc/httpd/conf/httpd.conf
...
Listen 80 ##修改默认端口
...
<IfModule dir_module>
DirectoryIndex index.html westos ##修改默认读取文件及顺序
</IfModule>
...
DocumentRoot "/www/html" ##修改默认家目录
<Directory "/www">
Require all granted ##给予网络文件访问权限,授权
</Directory>
...
2.虚拟主机
mkdir /var/www/news
mkdir /var/www/qq
echo news.westos.com > /var/www/news/westos
echo qq.westos.com > /var/www/qq/westos
echo www.westos.com > /var/www/html/westos
cd /etc/httpd/conf.d/ ##http子配置文件目录
vim default.conf ##编辑默认子配置文件
<Virtualhost _default_:80>
Documentroot /var/www/html ##默认家目录
customlog "logs/default.log" combined ##日志存放地址
</Virtualhost>
<Directory /var/www/html>
require all granted ##授权
</Directory>
cp default.conf news.conf
vim news.conf
<Virtualhost *:80>
Servername news.westos.com ##访问的域名
Documentroot /var/www/news ##域名对应的家目录
customlog "logs/news.log" combined
</Virtualhost>
<Directory /var/www/news>
require all granted
</Directory>
cp news.conf qq.conf
vim qq.conf
<Virtualhost *:80>
Servername qq.westos.com ##访问的域名
Documentroot /var/www/qq ##域名对应的家目录
customlog "logs/qq.log" combined
</Virtualhost>
<Directory /var/www/qq>
require all granted
</Directory>
systemctl restart httpd
1)添加目录访问权限,用户
cd /etc/httpd/conf
htpasswd -cm apacheuser admin ##建立apache用户,第一个建立的+c,并记录到apacheuser中
htpasswd -m apacheuser lee
cat apacheuser
vim /etc/httpd/conf.d/news.conf
...
<Directory /var/www/news/admin>
Authuserfile /etc/httpd/conf/apacheuser ##用户和密码文件所在位置
Authname "Please passwd"
Authtype basic ##类型
# Require user admin ##白名单
Require valid-user ##允许所有用户访问
</Directory>
...
2)添加目录访问权限,ip
vim /etc/httpd/conf.d/news.conf
...
<Directory /var/www/news>
Order deny,allow
allow from 172.25.254.25
deny from all
</Directory>
...
3.配置HTTPS
1)生成自签名证书
1> 确保已安装crypto-utils软件包。
[root@apache-server ~]# yum install crypto-utils mod_ssl -y
2> 调用genkey,同时为生成的文件指定唯一名称(例如,服务器的主机全名)。
–days可以指定证书有效期
[root@apache-server ~]# genkey apache-server.com
2)安装证书及其私钥
1> 确定已安装mod_ssl软件包。
[root@apache-server ~]# yum install mod_ssl -y
2> vim /etc/httpd/conf.d/yu.conf
<Virtualhost *:443>
Servername yu.westos.com
Documentroot /var/www/yu
Customlog "logs/yu.log" combined
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/apache-server.crt ##指定证书文件
SSLCertificateKeyFile /etc/pki/tls/private/apache-server.key ##指定锁文件
</Virtualhost>
<Directory "/var/www/yu">
Require all granted
</Directory>
<Virtualhost *:80> ##端口转换
Servername yu.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
[root@apache-server ~]# systemctl restart httpd