######unit3.9######
###anpache的安装######
yum install httpd -y
systemctl start httpd
systemctl stop firewalld
systemctl enable httpd
systemctl disable firewalld
###apache的信息#####
1.apache的默认发布文件
index.html
2.apache的配置文件
/etc/httpd/conf/httpd.conf
/etc/httpd/conf.d/*.conf
3.apache的默认发布目录
/var/www/html
4.apache的默认端口
80
apache的基本配置
1.修改默认发布文件
vim /var/www/html/westos.html ##编辑配置文件
vim /etc/httpd/conf/httpd.conf
164 DirectoryIndex westos.html index.html
systemctl restart httpd
测试:
浏览器方位:172.25.254.124
2.修改默认发布目录 ##当selinux是disable状态
mkdir /westos/www/test -p
vim /westos/www/test/westos.html
vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/westos/www/test"
121 <Directory "westos/www/test">
122 Require all granted
123 </Directory>
systemctl restart httpd
测试:
浏览器访问:172.25.254.124
3.apache的访问控制
##设定ip的访问
mkdir /var/www/html/admin
vim /var/www/html/admin/admin.html
vim /etc/httpd/conf/httpd.conf (把前一个实验的数据改回来)
124 <Directory "/var/www/html/admin"> ##允许所有人访问admin目录但是拒绝124主机
125 Order Allow,Deny
126 Allow from All
127 Deny from 172.25.254.124
128 </Directory>
测试:
<Directory "/var/www/html/admin"> ##只允许124主机访问admin目录
Order Deny,Allow
Allow from 172.25.254.124
Deny from All
</Directory>
##设定用户的访问
htpasswd -cm /etc/httpd/accessuser admin ##创建用户,如果要添加用户就直接用-m
vim /etc/httpd/conf/httpd.conf
<Directory "/var/www/html/admin">
AuthUserFile /etc/httpd/accessuser ##用户认证文件
AuthName "Please input your name and passwd !!" ##用户认证提示信息
AuthType basic ##认证类型
Require valid-user ##认证用户,认证文件中所有用户都可以访问
[Require user admin] ##只允许认证文件中的admin用户访问,二选一
</Directory>
测试:
4.apache语言支持
php html cgi
html语言默认支持
php语言
yum install php -y
vim /var/www/html/index.php ##编写php测试文件
<?php
phpinfo()
?>
systemctl restart httpd
测试:
cgi语言
mkdir /var/www/html/cgi ##建立cgi默认发布目录
vim /var/www/html/cgi/index.cgi ##编写默认发布文件
#!/usr/bin/perl
print "content-type: text/html\n\n";
print `date`;
chmod +x index.cgi ##给文件可执行权限
vim /etc/httpd/conf/httpd.conf
<Directory "/var/www/html/cgi">
Options +ExecCGI
AddHandler cgi-script .cgi
</Directory>
systemctl restart httpd
测试:
5.apache的虚拟主机
1)定义
可以让我们的一台apache服务器在被访问不同域名的时候显示不同的主页
2)建立测试页
cd /var/www
mkdir virtual/news.westos.com/html -p
mkdir virtual/money.westos.com/html -p
echo "money.westos.com's page" >virtual/money.westos.com/html/index.html
echo "news.westos.com's page" >virtual/news.westos.com/html/index.html
3)配置
vim /etc/httpd/conf.d/default.conf ##未指定域名的访问都访问default
<Virtualhost _default_:80> ##虚拟主机开启的端口
DocumentRoot "/var/www/html" ##虚拟主机的默认发布目录
CustomLog "logs/default.log" combined ##虚拟主机日志
</Virtualhost>
vim /etc/httpd/conf.d/news.conf ##指定域名news.westos.com的访问到指定目录默认发布目录中
<Virtualhost *:80>
ServerName "news.westos.com"
DocumentRoot "/var/www/virtual/news.westos.com/html"
Customlog "logs/news.log" combined
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html"> ##默认发布目录的访问授权
Require all granted
</Directory>
cp -p /etc/httpd/conf.d/news.conf /etc/httpd/conf.d/momey.conf
vim /etc/httpd/conf.d/money.conf
%s/news/money/g
4)测试
在浏览器所在主机中
vim /etc/hosts
172.25.254.124 www.westos.com news.westos.com
6.https
1)https的定义
2)配置
yum install mod_ssl.x86_64 crypto-utils.x86_64 -y
genkey www.westos.com ##生成密钥和密匙
1.生成证书位置
2.选择密钥大小
3.生成随即数
4.拒绝向CA机构发送CAR证书
5.拒绝加密私钥
6.配置服务器身份信息
/etc/pki/tls/certs/www.westos.com.crt
/etc/pki/tls/private/www.westos.com.key
vim /etc/httpd/conf.d/login.conf
<Virtualhost *:443>
ServerName "login.westos.com"
DocumentRoot "/var/www/virtual/login.westos.com/html"
Customlog "logs/login.log" combined
SSLEngine on ##开始https功能
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##证书
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key ##密钥
</Virtualhost>
<Directory "/var/www/virtual/login.westos.com/html">
Require all granted
</Directory>
<Virtualhost *:80> ##网页重写实现自动访问https
ServerName "login.westos.com"
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</virtualhost>
^(/.*)$ ##客户主机在地址栏写入的所有字符,不看换行符
https:// ##定向成为的访问协议
%{HTTP_HOST} ##客户请求主机
$1 ##$1的值就表示^(/.*)$的值
[redirect=301] ##临时重定向,302永久重定向
mkdir /var/www/virtual/login.westos.com/html -p
vim /var/www/virtual/login.westos.com/html/index.html
systemctl restart httpd
测试:
在客户主机中添加解析
vim /etc/hosts
172.25.254.124 login.westos.com
访问http://login.westos.com会自动跳转到https://login.westos.com实现网页数据加密传输