################################Apache########################
1.火墙基本设置
firewall-cmd --list-all ####查询当前防火墙策略
firewall-cmd --permanent --add-service=http ####配置防火墙打开http协议,并保存,以致重启有效
firewall-cmd --permanent --add-service=https
firewall-cmd --reload ####防火墙策略配置后重新载入
firewall-cmd --list-all ####查询当前防火墙策略
semanage fcontext -a -t httpd_sys_content_t 'www(/.*)?' ####修改安全上下文
restorecon -RvvF /www/ ####刷新
Servername news.westos.com
Documentroot /var/www/news
customlog "logs/news.log" combined
< /Virtualhost>
< Directory /var/www/html>
require all granted
< /Directory>
< Directory /var/www/news/admin>
Authuserfile /etc/httpd/conf/apacheusr
Authname "Please input your name and passwd"
Authtype basic
Require valid-user
</Directory>
mkdir /var/www/login
vim login.conf
< Virtualhost *:443>
Servername login.westos.com
Documentroot /var/www/login
Customlog "logs/login.log" combined
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/apache.example.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/apache.example.com.key
< /Virtualhost>
< Directory "var/www/login">
Require all granted
< /Directory>
< Virtualhost *:80>
Servername login.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
< /Virtualhost>
yum install crypto-utils -y
genkey apache.example.com
1. 确定已安装mod_ssl软件包。 [root@server0 ~]# yum install mod_ssl
systemctl start named ##开启named软件
firewall-cmd --permanent --add-service=dns
firewall-cmd --reload
firewall-cmd --list-all ##使火墙不产生影响
netstat -antulpe | grep named ##查看端口有没有打开
vim /etc/named.conf
options {
listen-on port 53 { any; }; ####dns服务查询的权限
listen-on-v6 port 53 { ::1; };
directory "/var/named"; ####指定服务器的工作目录
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; }; ####为那些dns客户机提供服务
zone "westoslinux.com" IN { ####
type master;
file "westoslinux.com.zone"; ####
allow-update { none; };
};
$TTL 1D
@ IN SOA dns.westoslinux.com. root.westoslinux.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westoslinux.com.
dns A 172.25.254.63
www A 172.25.254.11
www A 172.25.254.22
options {
listen-on port 53 { any; }; ####dns服务查询的权限
listen-on-v6 port 53 { ::1; };
directory "/var/named"; ####指定服务器的工作目录
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; }; ####为那些dns客户机提供服务
vim /etc/named.rfc1912.zones
zone "254.25.172.in-addr.arpa" IN {
type master;
file "westoslinux.com.ptr";
allow-update { none; };
};
---------------------------------------------------
vim westoslinux.com.ptr
---------------------------------------------------
$TTL 1D
@ IN SOA dns.westoslinux.com. root.westoslinux.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westoslinux.com.
dns A 172.25.254.63
88 PTR www.westoslinux.com.
/etc/init.d/named configuretest :dns配置文件检测 添加网关: route add default gw 192.168.0.254
1.mysql
yum install mysql mysql-server
mysqladmin -uroot -predhat password westos 修改本地mysql root密码
mysqladmin -uroot -predhat -h 192.168.0.188 password westos 修改远程192.168.0.188 mysql服务器 root密码
mysql_secure_installation 第一次安装mysql以后通过这条命令可以对mysql进行设置
mysql -uroot -predhat 从本机登录mysql数据库
show databases; 显示数据库
use mysql; 进入数据库
show tables; 显示数据库中的表
desc user; 查看user表的数据结构
flush privileges; 刷新数据库信息
select host.user,password from user; 查询user表中的host,user,password字段
create database westos; 创建westos数据库
use westos;
create table linux( 创建表,username,password字段
username varchar(15) not null,
password varchar(15) not null
);
select * from mysql.user; 查询mysql库下的user表中的所以
alter table linux add age varchar(4); 添加age字段到linux表中
ALTER TABLE linux DROP age 删除age字段
ALTER TABLE linux ADD age VARCHAR(5) AFTER name 在name字段后添加字段age
show tables;
desc linux;
insert into linux values ('user1','passwd1'); 在linux表中插入值为username = user1,password = password1
update linux set password=password('passwd2') where username=user1; 更新linux表中user1 的密码为password2
delete from linux where username=user1; 删除linux表中user1的所以内容
2.权限下放
grant select on *.* to user1@localhostidentified by 'passwd1'; 授权user1 密码为passwd1 并且只能在本地 查询数据库的所以内容
grant all on mysql.* to user2@'%' identified by 'passwd2'; 授权user2 密码为passwd2 可以从远程任意主机登录mysql 并且可以对mysql数据库任意操作
3.备份
/var/lib/mysql
mysqldump -uroot -predhat mysql > mysql.bak 备份mysql库到mysql.bak
mysql -uroot -predhat westos < mysql.bak 恢复mysql.bak 到westos库
mysql 密码恢复
/etc/init.d/mysqld stop
mysqld_safe --skip-grant-tables & 跳过grant-tables授权表 不需要认证登录本地mysql数据库
update mysql.user set password=password('westos') where user='root'; 更新mysql.user 表中条件为root用户的密码为加密westos
/etc/init.d/mysql restart
4.phpmyadmin
yum install php php-mysql httpd mysql mysql-server
tar jxf phpmyadmin-*.tar.bz2 -C /var/www/html
mv phpmyadmin phpadmin
cp config.sample.inc.php config.inc.php
vim config.inc.php
add
$cfg['blowfish_secret'] = 'test';