Apache

最新推荐文章于 2023-05-15 22:06:34 发布

SZDTBFWL

最新推荐文章于 2023-05-15 22:06:34 发布

阅读量250

点赞数

本文链接：https://blog.csdn.net/szdtbfwl/article/details/77141064

版权

实验在redhat7.2上进行

yum install -y httpd

systemc

1.安装apache软件包:
[root@apacheserver ~]# yum install httpd httpd-manual

2.启动apache服务:
[root@apacheserver ~]# systemctl start httpd
[root@apacheserver ~]# systemctl enable httpd

3.查看监听端口:

[root@apacheserver ~]# netstat -antlpe | grep httpd

4.设置防火墙不阻挡apache

[root@apacheserver ~]# firewall-cmd --permanent --add-service=http
success
[root@apacheserver ~]# firewall-cmd --permanent --add-service=https
success
[root@apacheserver ~]# firewall-cmd --list-all
public (default, active)
interfaces: eth0
sources:
services: dhcpv6-client dns http https ssh
ports: 8080/tcp
masquerade: no
forward-ports:
icmp-blocks:
rich rules:

到此apache的基本配置就完成了，我们可以在客户端用浏览器访问apache服务器，

5.测试页的撰写

在/var/www/html/下建立文件index.html

[root@apacheserver ~]# vim /var/www/html/index.html

[root@apacheserver ~]# cat /var/www/html/index.html

hello

此时在客户端用浏览器访问就会看到index.html的内容

修改Apache默认的设置

1.修改Apache默认的监听端口

1>修改配置文件

[root@apacheserver ~]# vim /etc/httpd/conf/httpd.conf
42 Listen 8080
2>重启服务

[root@apacheserver ~]# systemctl restart httpd
3>在客户端浏览器输入服务器ip：端口号

172.25.254.101：8080

2.修改Apache默认发布目录

1>新建默认发布目录

[root@apacheserver ~]# mkdir /westos/html -p

2>修改配置文件

[root@apacheserver ~]# vim /etc/httpd/conf/httpd.conf
DocumentRoot "/westos/html"
<Directory "/westos">
Require all granted
</Directory>
3>写新发布目录里写发布文件index.html

[root@apacheserver html]# vim index.html
[root@apacheserver html]# cat index.html
new directory

3>重启服务

[root@apacheserver ~]# systemctl restart httpd
4>在客户端浏览器测试，此时会报错，原因是安全上下文不匹配

[root@apacheserver ~]# ls -lZd /var/www/html/

drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 /var/www/html/

[root@apacheserver ~]# ls -lZd /westos/html

drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 /westos/html

[root@apacheserver ～]# restorecon -RvvF /westos/
restorecon reset /westos context unconfined_u:object_r:default_t:s0->system_u:object_r:httpd_sys_content_t:s0
restorecon reset /westos/html context unconfined_u:object_r:default_t:s0->system_u:object_r:httpd_sys_content_t:s0
[root@apacheserver ～]# ls -lZd /westos/html
drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 /westos/html

[root@apacheserver ~]# systemctl restart httpd

再次测试：

基于域名配置虚拟主机

1.修改客户端的/etc/hosts

172.25.254.190 www.westos.com apache.westos.com music.westos.com

2.建立虚拟主机的发布目录和发布文件

[root@apache www]# mkdir news

[root@apache www]# mkdir music

[root@apache www]# echo new > /var/www/news/index.html

[root@apache www]# echo music > /var/www/music/index.html

3.写虚拟主机的配置文件
[root@apache www]# cd /etc/httpd/conf.d/

[root@apache conf.d]# vim default.conf

<virtualhost _default_:80>
   documentroot /var/www/html
   customlog "logs/default.log" combined
</virtualhost>

<directory /var/www/html>
   require all granted
</directory>
[root@apache conf.d]# vim news.conf
<virtualhost *:80>
   servername apache.westos.com
   documentroot /var/www/news
   customlog "logs/news.log" combined
</virtualhost>

<directory /var/www/news>
   require all granted
</directory>
[root@apache conf.d]# vim music.conf
<virtualhost *:80>
   servername music.westos.com
   documentroot /var/www/music
   customlog "logs/music.log" combined
</virtualhost>

<directory /var/www/music>
   require all granted
</directory>
4.重启服务
[root@apache conf.d]# systemctl restart httpd

Apache内置用户验证机制

1.在/etc/httpd/conf/创建用户
[root@apache conf]# htpasswd -cm apacheuser admin
New password:
Re-type new password:
Adding password for user admin
[root@apache conf]# htpasswd -m apacheuser hao
New password:
Re-type new password:
Adding password for user hao

2.在/etc/httpd/conf.d/修改虚拟主机配置文件
[root@apache conf.d]# vim news.conf
添加内容：
<directory /var/www/news/admin>
   authuserfile /etc/httpd/conf/apacheuser
   authname "input name,passwd"
   authtype basic
   require valid-user
</directory>

3.重启服务
[root@apache conf.d]# systemctl restart httpd

拒绝或允许某一个ip来访问apache网页：
[root@apache conf.d]# vim /etc/httpd/conf.d/news.conf
禁止172.25.254.90访问，要是允许就oerder deny，allow
<directory /var/www/news/admin>
   order allow,deny                          ##哪个在前先做哪个
   allow from 172.25.254.90
   deny from all
</directory>

https加密

[root@music ~]# yum install -y mod_ssl.x86_64
[root@music conf.d]# systemctl reload httpd
在浏览器里直接查看有证书，不过证书内容是默认的
[root@music Desktop]# netstat -antlpe | grep httpd
tcp6       0      0 :::80                   :::*                    LISTEN      0          40305      3249/httpd
tcp6       0      0 :::443                  :::*                    LISTEN      0          45516      3249/httpd
[root@music Desktop]# yum install crypto-utils.x86_64 -y
[root@music Desktop]# genkey music.westos.com

[root@music Desktop]# vim /etc/httpd/conf.d/ssl.conf

101 SSLCertificateFile /etc/pki/tls/certs/music.westos.com.crt
109 SSLCertificateKeyFile /etc/pki/tls/private/music.westos.com.key

[root@music Desktop]# systemctl restart httpd.service

网页重写

[root@music Desktop]# mkdir /var/www/westos/login/html -p
[root@music Desktop]# vim /var/www/westos/login/html/index.html
[root@music conf.d]# vim login.conf
[root@music conf.d]# cat login.conf
<Virtualhost *:443>
   ServerName login.westos.com
   DocumentRoot /var/www/westos/login/html
   CustomLog "logs/login.log" combined
   SSLEngine on
   SSLCertificateFile /etc/pki/tls/certs/music.westos.com.crt
   SSLCertificateKeyFile /etc/pki/tls/private/music.westos.com.key
</Virtualhost>
<Directory "/var/www/westos/login/html">
   Require all granted
</Directory>
<Virtualhost *:80>
   ServerName login.westos.com
   RewriteEngine on
   RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
[root@music conf.d]# systemctl restart httpd

在真机浏览器里测试
[root@foundation34 8.14]# vim /etc/hosts
[root@foundation34 8.14]# tail -n 1 /etc/hosts
172.25.34.101   login.westos.com

在浏览器里输入 login.westos.com 会自动跳到https加密的

SZDTBFWL

关注

0
点赞
踩
1

收藏

觉得还不错? 一键收藏
0
评论
Apache

实验在redhat7.2上进行yum install -y httpdsystemc1.安装apache软件包:[root@apacheserver ~]# yum install httpd httpd-manual2.启动apache服务:[root@apacheserver ~]# systemctl start httpd[root@apacheserver
复制链接

扫一扫