http，squid

#####################

yum install php php-mysql -y

yum install crypto-utils -y 

yum install httpd-manual -y 

systemctl start squid                  ##开启服务

vim /etc/httpd/conf.d/ssl.conf

SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key

vim /etc/httpd/conf.d/news-443.conf

<Virtualhost *:80>
	ServerName news.westos.com
	RewriteEngin on
	RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
<Directory "/var/www/virtual/news/html">
	Require all granted
</Directory>
<Virtualhost *:443>
	ServerName news.westos.com
	DocumentRoot /var/www/virtual/news/html
	Customlog logs/news-443.log combined
	SSLEngine on
	SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
	SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
</Virtualhost>

vim /etc/httpd/conf.d/default.conf

<Virtualhost _default_:80>
	DocumentRoot /var/www/html
	Customlog log/default.log combined
</Virtualhost>
<Directory "/var/www/html/cgi">
	Options +ExecCGI
	SetHandler cgi-script .cgi
</Directory>

mkdir /var/www/html/cgi -p                     ##建立目录

semanage fcontext -a -t httpd_sys_script_exec_t '/var/www/html/cgi(/.*)?'##更改标签 

restorecon -RvvF /var/www/html           ##更新标签

vim /var/www/html/index.php                 ##编辑文件，内容如下

<?php
phpinfo ();
?>

vim /var/www/html/cgi/index.php           ##编辑文件，内容如下

#!/usr/bin/perl
print""
print "date"

vim /etc/my.cnf                                     ##提高安全性

skip-networking=1 

#####################

代理服务squid：

#####################

必备条件：

在代理服务端

yum install squid -y

cd /var/www/html/

Discuz_x3.2_SC_UTF8.zip

unzip Discuz_x3.2_SC_UTF8.zip           ##解压，得到一个upload目录

chmod 777 upload/ -R                            ##赋予权限

[root@westos network-scripts]# cat ifcfg-eth0   ##配置网络，网卡1

DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
TYPE=Ethernet
USERCTL=yes
IPV6INIT=no
PERSISTENT_DHCLIENT=1
IPADDR0=172.25.254.205
PREFIX0=24
GATEWAY0=172.25.254.254
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME="System eth0"
UUID=5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03

[root@westos network-scripts]# cat ifcfg-eth1    ##配置网络，网卡2

DEVICE=eth1
BOOTPROTO=none
ONBOOT=yes
TYPE=Ethernet
IPADDR0=172.25.205.10
PREFIX0=24

vim /etc/squid/squid.conf              ##编辑squid的主配置文件

56 http_access allow all         ##允许所有
59 http_port 3128                ##端口

65 cache_dir ufs /var/spool/squid 100 16 256   

systemctl restart squid

在测试端：

网络所在网段应为172.25.205.xxx,打开浏览器,选择Advanced，Network，ConnectionSettings，

选择Manual proxy configuration,选中Use this proxy server for all protocols.

填写 172.25.205.10 3128，点击OK

####################

反向代理：

首先，将测试端恢复到之前

在代理服务端配置：

 59 #http_port 3128
 60 http_port 80 vhost vport
 61 cache_peer 172.25.254.4 parent 80 0 no-query originserver round-robin name=w    eb1
 62 cache_peer 172.25.254.3 parent 80 0 no-query originserver round-robin name=w    eb2
 63 cache_peer_domain web1 web2 www.taobao.com
 64 # Uncomment and adjust the following to add a disk cache directory.
 65 cache_dir ufs /var/spool/squid 100 16 256
 66 # Leave coredumps in the first cache dir
 67 coredump_dir /var/spool/squid

#####################