apache的安装
单元 九
Apache web服务
简介
本单元涵盖的主题:
1.Apache基本配置
2. 虚拟主机配置
3.HTTPS配置
4. 集成动态内容
yum install httpd -y
[root@mariadb ~]# systemctl start httpd
[root@mariadb ~]# systemctl enable httpd
[root@mariadb ~]# systemctl stop firewalld
[root@mariadb ~]# systemctl disable firewalld
1.apache的默认发布文件
index.html
2.apache的配置文件
/etc/httpd/conf/httpd.conf
/etc/httpd/conf,d/*.conf
3.apache的默认发布目录
/var/www/html
4.apache的默认端口
80
5.修改默认发布文件
vim /etc/httpd/conf/httpd.conf
6.修改默认发布目录
vim /etc/httpd/conf/httpd.conf
当selinux是disable状态
DocumentRoot "/westos/www/test
<Directory "/westos/www/test">
Require all granted
</Directory>
当selinux是enforcing状态
DocumentRoot "/westos/www/test
<Directory "/westos/www/test">
Require all granted
</Directory>
[root@mariadb ~]# semanage fcontext -a -t httpd_sys_content_t '/westos(/.*)?'
[root@mariadb ~]# restorecon -RvvF /westos
7.apache的访问控制
##设定ip的访问
<Directory "/var/www/html/admin"> ##只允许157主机访问admin目录
125 order Deny,Allow
126 Allow from 172.25.254.157
127 Deny from all
128 </Directory>
<Directory "/var/www/html/admin">
125 order Deny,Allow
126 Allow from all
127 Deny from 172.25.254.157 ##允许所有人访问admin目录 但拒绝157主机
128 </Directory>
##设定用户的访问
[root@mariadb ~]# cd /etc/httpd/
[root@mariadb httpd]# ls
conf conf.d conf.modules.d logs modules run
[root@mariadb httpd]# htpasswd -cm /etc/httpd/accessuser admin
[root@mariadb httpd]# cat /etc/httpd/accessuser
admin:$apr1$AT1yy2gs$SA9ofbmB/1ATN8NrP0H.W1
vim /etc/httpd/conf/httpd.conf
DocumentRoot "/var/www/html"
#DocumentRoot "/westos/www/test"
<Directory "/var/www/html/admin">
AuthUserFile /etc/httpd/accessuser ##用户认证文件
AuthName "Please input your name and password !!" ##用户认证提示信息
AuthType basic ##认证类型
Require valid-user ##只允许认证文件中admin用户访问,二写一
[Require user admin]
</Directory>
8.apache语言支持
php html cgi
html 语言默认支持
php语言
yum install php -y
systemctl restart httpd
cgi语言
vim index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print "Hello, World."
print `date`;
vim /etc/httpd/conf/httpd.conf
<Directory "/var/www/html/cgi">
Options +ExecCGI
AddHandler cgi-scrits .cgi
</Directory>
systemctl restart httpd
9.apache的虚拟主机
*1)
定义:可以让我们的一台apache服务器在被访问不同域名的时候显示不同的主页
*2)
建立测试页
[root@mariadb ~]# cd /var/www/html
[root@mariadb html]# ls
admin cgi index.html index,php mysqladmin westos.html
[root@mariadb html]# cd ..
[root@mariadb www]# mkdir virtual
[root@mariadb www]# ls
cgi-bin html virtual
[root@mariadb www]# mkdir virtual/money.westos.com/html =p
mkdir: cannot create directory ‘virtual/money.westos.com/html’: No such file or directory
[root@mariadb www]# mkdir virtual/money.westos.com/html -p
[root@mariadb www]# mkdir virtual/news.westos.com/html -p
[root@mariadb www]# echo "money.westos.com's page" >virtual/money.westos.com/html/index.html
[root@mariadb www]# echo "news.westos.com's page" >virtual/news.westos.com/html/index.html
*3)
配置
vim /etc/httpd/conf.d/default.conf
<Virtualhost _default_:80> ##虚拟主机开启的默认端口
DocumentRoot "/var/www/html" ##虚拟主机的默认发布目录
CustomLog "logs/default.log" combined ##虚拟主机日志
</Virtualhost>
vim /etc/httpd/conf.d/news.conf
<Virtualhost *:80>
ServerName "news.westos.com"
DocumentRoot "/var/www/virtual/news.westos.com/html"
CustomLog "logs/default.log" combined
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html">
Require all granted
</Directory>
systemctl restart httpd
vim news.westos.com/html/index.html
*4)
测试
在浏览器所在主机中
vim /etc/hosts
172.25.254.157 www.westos.com news.westos.com
10.https定义
yum install mod_ssl -y
yum install crypto-utils -y
genkey www.westos.com
/etc/pki/tls/private/www.westos.com.key
/etc/pki/tls/certs/www/westos.com.crt
vim /etc/httpd/conf.d/login.conf
<Virtualhost *:443>
ServerName "login.westos.com"
DocumentRoot "/var/www/virtual/login.westos.com/html"
CustomLog ‘"logs/login.log" combined
SSLEngine on ##开启https功能
SSLCertificateFile /etc/pki/tls/certs/www/westos.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
</Virtualhost>
<Directory> "/var/www/virtual/login.westos.com/html">
Require all granted
</Directory>
<Virtualhost *:80> ##网页重写实现自动访问https
ServerName "login.westos.com"
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
^(/.*)$ 客户主机在地址栏中写入的所有字符,不好看换字符
%{HTTP_HOST} 客户请求主机
https:// 定向成为的访问协议
$1 $1的值代表……(/.*)$的值
[redirect=301] 临时重定向 永久重定向为302
[root@mariadb ~]# mkdir /var/www/virtual/login.westos.com/html -p
[root@mariadb ~]# vim /var/www/virtual/login.westos.com/html/index.html
测试:
在客户主机中添加解析
172.25.254.157 login.westos.com
访问http:login.westos.com 会自动调转到https://login.westos.com实现网页数据加密传