#####################
yum install php php-mysql -y
yum install crypto-utils -y
yum install httpd-manual -y
systemctl start squid ##开启服务
vim /etc/httpd/conf.d/ssl.conf
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
vim /etc/httpd/conf.d/news-443.conf
<Virtualhost *:80>
ServerName news.westos.com
RewriteEngin on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
<Directory "/var/www/virtual/news/html">
Require all granted
</Directory>
<Virtualhost *:443>
ServerName news.westos.com
DocumentRoot /var/www/virtual/news/html
Customlog logs/news-443.log combined
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
</Virtualhost>
vim /etc/httpd/conf.d/default.conf
<Virtualhost _default_:80>
DocumentRoot /var/www/html
Customlog log/default.log combined
</Virtualhost>
<Directory "/var/www/html/cgi">
Options +ExecCGI
SetHandler cgi-script .cgi
</Directory>
mkdir /var/www/html/cgi -p ##建立目录
semanage fcontext -a -t httpd_sys_script_exec_t '/var/www/html/cgi(/.*)?'##更改标签
restorecon -RvvF /var/www/html ##更新标签
vim /var/www/html/index.php ##编辑文件,内容如下
<?php
phpinfo ();
?>
vim /var/www/html/cgi/index.php ##编辑文件,内容如下
#!/usr/bin/perl
print""
print "date"
vim /etc/my.cnf ##提高安全性
skip-networking=1
#####################
代理服务squid:
#####################
必备条件:
在代理服务端
yum install squid -y
cd /var/www/html/
Discuz_x3.2_SC_UTF8.zip
unzip Discuz_x3.2_SC_UTF8.zip ##解压,得到一个upload目录
chmod 777 upload/ -R ##赋予权限
[root@westos network-scripts]# cat ifcfg-eth0 ##配置网络,网卡1
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
TYPE=Ethernet
USERCTL=yes
IPV6INIT=no
PERSISTENT_DHCLIENT=1
IPADDR0=172.25.254.205
PREFIX0=24
GATEWAY0=172.25.254.254
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME="System eth0"
UUID=5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03
[root@westos network-scripts]# cat ifcfg-eth1 ##配置网络,网卡2
DEVICE=eth1
BOOTPROTO=none
ONBOOT=yes
TYPE=Ethernet
IPADDR0=172.25.205.10
PREFIX0=24
vim /etc/squid/squid.conf ##编辑squid的主配置文件
56 http_access allow all ##允许所有
59 http_port 3128 ##端口
65 cache_dir ufs /var/spool/squid 100 16 256
systemctl restart squid
在测试端:
网络所在网段应为172.25.205.xxx,打开浏览器,选择Advanced,Network,ConnectionSettings,
选择Manual proxy configuration,选中Use this proxy server for all protocols.
填写 172.25.205.10 3128,点击OK
####################
反向代理:
首先,将测试端恢复到之前
在代理服务端配置:
59 #http_port 3128
60 http_port 80 vhost vport
61 cache_peer 172.25.254.4 parent 80 0 no-query originserver round-robin name=w eb1
62 cache_peer 172.25.254.3 parent 80 0 no-query originserver round-robin name=w eb2
63 cache_peer_domain web1 web2 www.taobao.com
64 # Uncomment and adjust the following to add a disk cache directory.
65 cache_dir ufs /var/spool/squid 100 16 256
66 # Leave coredumps in the first cache dir
67 coredump_dir /var/spool/squid
#####################