文章目录
apache
编译安装apr
cd /opt/tools/httpd
tar -zxvf apr-1.5.2.tar.gz -C ./
cd ./apr-1.5.2
./configure --prefix=/usr/local/httpd/apr
make
make install
# ./configure --prefix 编译的时候用来指定程序存放路径
编译安装apr-util
cd /opt/tools
tar -zxvf apr-util-1.5.4.tar.gz -C ./
cd ./apr-util-1.5.4
./configure --prefix=/usr/local/httpd/apr-util --with-apr=/usr/local/httpd/apr/bin/apr-1-config
make
make install
# –with指的是安装本文件所依赖的库文件,–with-依赖包名称=依赖包目录
编译安装pcre
cd /opt/tools
tar -zxvf pcre-8.42.tar.gz -C ./
cd ./pcre-8.42
./configure --prefix=/usr/local/httpd/pcre --with-apr=/usr/local/httpd/apr/bin/apr-1-config
make
make install
编译安装httpd
cd /opt/tools
tar -zxvf httpd-2.4.34.tar.gz -C ./
cd ./httpd-2.4.34
./configure --prefix=/usr/local/httpd/apache2 --with-apr=/usr/local/httpd/apr/bin/apr-1-config --with-apr-util=/usr/local/httpd/apr-util/bin/apu-1-config --with-pcre=/usr/local/httpd/pcre/bin/pcre-config --enable-dav --enable-so
make && make install
/usr/local/apache2/bin/apxs -c -i mod_proxy.c proxy_util.c
/usr/local/apache2/bin/apxs -c -i mod_proxy_http.c proxy_util.c
# ps 必须2个c一起编译,不然会报错
修改httpd配置端口
vim /usr/local/httpd/apache2/conf/httpd.conf
#Listen 8080
#LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
#LoadModule proxy_http_module modules/mod_proxy_http.so
#Include conf/extra/*.conf
## 微信/阿里/云闪付 httpd-wechat.conf/httpd-alipay.conf/httpd-union.conf
将apachectl加入service系统服务
cp /usr/local/httpd/apache2/bin/apachectl /etc/rc.d/init.d/apache
chkconfig --add apache
启动apache服务
service apache start
验证启动
ps -ef | grep http
配置HTTP环境变量
export HTTP_HOME=/usr/local/httpd/apache2
export PATH=$PATH:$HTTP_HOME/bin
source /etc/profile
验证HTTP环境
httpd -v
nginx
创建组和用户
groupadd nginx
useradd nginx -s /bin/sh -d /home/nginx -g nginx -G root
获取nginx正向代理模块
https://codeload.github.com/chobits/ngx_http_proxy_connect_module/zip/refs/heads/master
下载nginx源码包
https://nginx.org/download/nginx-1.9.12.tar.gz
上传下载包至服务器
解压下载包文件
tar -zxvf nginx-1.22.1.tar.gz
unzip ngx_http_proxy_connect_module-master.zip
mv ngx_http_proxy_connect_module-master ngx_http_proxy_connect_module
正向代理模块导入到nginx模块
- nginx与正向代理版本匹配关系
cd /root/nginx/nginx-1.22.1
patch -p1 < /root//nginx/ngx_http_proxy_connect_module/patch/proxy_connect.patch
安装nginx
./configure --add-dynamic-module=/root/nginx/ngx_http_proxy_connect_module
make && make install
配置正向代理
cd /usr/local/nginx/conf
vim nginx.conf
{
## 位置注意
load_module /usr/local/nginx/modules/ngx_http_proxy_connect_module.so;
events {
worker_connections 1024;
}
## ----------------------------
## 文档结尾
include /usr/local/nginx/conf/ext/*.conf;
}
cd /usr/local/nginx/conf/ext
vim wechat.conf
log_format static '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/wechat.log static;
server {
#指定DNS服务器IP地址
resolver 114.114.114.114;
#监听8090端口,http默认端口80
listen 8090;
#服务器IP或域名
server_name localhost;
#正向代理转发http请求
location / {
proxy_pass http://$host$request_uri;
proxy_set_header HOST $host;
proxy_buffers 256 4k;
proxy_max_temp_file_size 0k;
proxy_connect_timeout 30;
proxy_send_timeout 60;
proxy_read_timeout 60;
proxy_next_upstream error timeout invalid_header http_502;
}
}
#正向代理转发https请求
server {
#指定DNS服务器IP地址
resolver 114.114.114.114;
#监听9443端口,https默认端口443
listen 9443;
#正向代理转发https请求
proxy_connect;
proxy_connect_allow 443 563;
proxy_connect_connect_timeout 10s;
proxy_connect_read_timeout 10s;
proxy_connect_send_timeout 10s;
location / {
proxy_pass http://$host;
proxy_set_header Host $host;
}
}
检查nginx配置并启动
cd /usr/local/nginx/sbin
nginx -t
nginx
ss -utnlp | grep nginx
增加访问限制
cd /usr/local/nginx/conf/ext-ip.conf
deny all;
allow 127.0.0.1;
allow 192.168.216.1;
allow 192.168.216.185;