curl -I www.baidu.com
##显示http response的头信息
1.apache的安装
yum install httpd -y
systemctl start httpd
systemctl stop firewalld
systemctl enable httpd
systemctl disabled firewalld
2.apache信息
默认发布文件 index.html
配置文件 /etc/httpd/conf/httpd.conf
/etc/httpd/conf.d/*.conf
默认发布目录 /var/www/html
默认端口 80
3.apache的基本配置
修改默认发布文件
vim /etc/httpd/conf/httpd.conf
164 DirectoryIndex westos.html或DirectoryIndex westos.html index.html(当westos.html不存在时,自动匹配index.html)
systemctl restart httpd
修改默认发布目录
##当selinux是disable或者1状态
vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/westos/www/test"
<Directory "/westos/www/test">
Require all granted
</Directory>
systemctl restart httpd
##当selinux时enforcing状态
vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/westos/www/test"
<Directory "/westos/www/test">
Require all granted
</Directory>
sysyemctl restart httpd
##清除网页缓存
semanage fcontext -a -t httpd_sys_content_t '/westos(/.*)?'
restorecon -RvvF /westos
1 getenforce
2 setenforce 0
3 getenforce
4 cd
5 vim /var/www/html/index.html
6 cat /var/www/html/index.html
7 systemctl restart httpd
8 vim /var/www/html/westos.html
9 cat /var/www/html/westos.html
10 vim /etc/httpd/conf/httpd.conf
11 systemctl restart httpd
12 vim /etc/httpd/conf/httpd.conf
13 rm -fr /var/www/html/westos.html
14 systemctl restart httpd
15 #访问本机ip
16 mkdir /westos/www/test -p
17 vim /westos/www/test/westos.html
18 vim /etc/httpd/conf/httpd.conf
19 vim /westos/www/test/westos.html
20 cat /westos/www/test/westos.html
21 vim /etc/httpd/conf/httpd.conf
22 119 #DocumentRoot "/var/www/html"
23 120 DocumentRoot "/westos/www/test"
24 systemctl restart httpd
25 访问本机ip,此时不可以,原因是没有授权
26 vim /etc/httpd/conf/httpd.conf
27 DocumentRoot "/westos/www/test"
28 <Directory "/westos/www/test">
29 Require all granted
30 systemctl restart httpd
31 vim /etc/httpd/conf/httpd.conf
32 systemctl restart httpd
33 vim /etc/httpd/conf/httpd.conf
34 systemctl restart httpd
---------------------------------------------------------------------------------------
[root@test mysqladmin]# getenforce
Enforcing
[root@test mysqladmin]# setenforce 0
[root@test mysqladmin]# getenforce
Permissive
[root@test mysqladmin]# cd
[root@test ~]# vim /var/www/html/index.html
[root@test ~]# cat /var/www/html/index.html
<h1>hello westos</h1>
[root@test ~]# systemctl restart httpd
# 访问本机ip
[root@test ~]# vim /var/www/html/westos.html
[root@test ~]# cat /var/www/html/westos.html
<h1>westos hahaha</h1>
[root@test ~]# vim /etc/httpd/conf/httpd.conf
# 164 DirectoryIndex westos.html^C
[root@test ~]# systemctl restart httpd
# 访问本机ip
[root@test ~]# vim /etc/httpd/conf/httpd.conf
# 164 DirectoryIndex westos.html index.html
# 此时先访问westos.html,如果它不存在,才访问index.html
[root@test ~]# rm -fr /var/www/html/westos.html
# 访问本机ip
[root@test ~]# systemctl restart httpd
# 访问本机ip
[root@test ~]#
[root@test ~]#
[root@test ~]# mkdir /westos/www/test -p
[root@test ~]# vim /westos/www/test/westos.html
[root@test ~]# vim /etc/httpd/conf/httpd.conf
[root@test ~]# vim /westos/www/test/westos.html
[root@test ~]# cat /westos/www/test/westos.html
fwvwaliugfaubvgliosgtbvkgiwl!!!
[root@test ~]# vim /etc/httpd/conf/httpd.conf
# 119 #DocumentRoot "/var/www/html".
# 120 DocumentRoot "/westos/www/test"
[root@test ~]# systemctl restart httpd
# 访问本机ip,此时不可以,原因是没有授权
[root@test ~]# vim /etc/httpd/conf/httpd.conf
# DocumentRoot "/westos/www/test"
# <Directory "/westos/www/test">
# Require all granted
# </Directory>
[root@test ~]# systemctl restart httpd
# 访问本机ip,就可以了
--------------------------------------------------------------------------------------
4.apache的访问控制
设定ip的访问
vim /etc/httpd/conf/httpd.conf
设定用户的访问
htpasswd -cm /etc/httpd/accessuser.admin(有这个目录就不能再加c了,否则覆盖)
vim /etc/httpd/conf/httpd.conf
[root@test ~]# vim /etc/httpd/conf/httpd.conf
[root@test ~]# systemctl restart httpd
[root@test ~]# cd /var/www/html/
[root@test html]# ls
index.html mysqladmin
[root@test html]# vim admin
[root@test html]# cat admin
hahahahahahah
[root@test html]# cd /var/www/html/
[root@test html]# systemctl restart httpd
[root@test html]#
[root@test html]#
[root@test html]# 和限制用户的访问
[root@test html]# htpasswd -cm /etc/httpd/accessuser admin
New password:
Re-type new password:
Adding password for user admin
[root@test html]# cat /etc/httpd/accessuser
admin:$apr1$QdMX4pWI$Qzy3jjFQG.328BQb9gsxz/
[root@test html]# htpasswd -m /etc/httpd/accessuser yy
New password:
Re-type new password:
Adding password for user yy
[root@test html]# cat /etc/httpd/accessuser
admin:$apr1$QdMX4pWI$Qzy3jjFQG.328BQb9gsxz/
yy:$apr1$K.lw83Pl$5/Rv.vVBhg50KY0Nh2bON.
[root@test html]# vim /etc/httpd/conf/httpd.conf
[root@test html]# systemctl restart httpd
[root@test html]# vim /etc/httpd/conf/httpd.conf
[root@test html]# systemctl restart httpd
5.apache的语言支持
php html cgi
php:
----------------------------------------
[root@test ~]# cd /var/www/html
[root@test html]# ls
admin index.html mysqladmin
[root@test html]# vim index.php
[root@test html]# cat index.php
<?php
phpinfo();
?>
[root@test html]# systemctl restart httpd
[root@test html]#
-----------------------------------------
vim index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;
vim /etc/httpd/conf/httpd.conf
<Directory "/var/www/html/cgi">
Options +ExecCGI
AddHandler cgi-script .cgi
</Directory>
[root@test html]# yum install httpd-manual -y
Loaded plugins: langpacks
rhel_dvd | 4.1 kB 00:00
Resolving Dependencies
--> Running transaction check
---> Package httpd-manual.noarch 0:2.4.6-17.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
httpd-manual noarch 2.4.6-17.el7 rhel_dvd 1.3 M
Transaction Summary
================================================================================
Install 1 Package
Total download size: 1.3 M
Installed size: 5.5 M
Downloading packages:
httpd-manual-2.4.6-17.el7.noarch.rpm | 1.3 MB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : httpd-manual-2.4.6-17.el7.noarch 1/1
Verifying : httpd-manual-2.4.6-17.el7.noarch 1/1
Installed:
httpd-manual.noarch 0:2.4.6-17.el7
Complete!
[root@test html]# cd /var/www/html/
[root@test html]# ls
admin index.html index.php mysqladmin
[root@test html]# systemctl restart httpd
[root@test html]# ls
admin index.html index.php mysqladmin
[root@test html]# 访问http://172.25.254.105/manual/howto/cgi.html^C
[root@test html]# vim index.cgi
[root@test html]# cat index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;
[root@test html]# perl index.cgi
Content-type: text/html
Sat May 13 21:02:43 EDT 2017
[root@test html]# chmod +x index.cgi
[root@test html]# ./index.cgi
Content-type: text/html
Sat May 13 21:03:35 EDT 2017
[root@test html]# systemctl restart httpd
[root@test html]#
-------------------------------------------------------
6.apache的虚拟主机
1>.定义:
可以让我们的一台apache服务器在被访问不同域名时显示不同的主页
2>.建立测试页
mkdir virtual/money.westos.com/html -p
mkdir virtual/news.westos.com/html -p
echo "money.westos.com's page" >virtual/money.westos.com/html/index.html
echo "news.westos.com's page" >virtual/news.westos.com/html/index.html
3>.配置
vim /etc/httpd/conf.d/default.conf ##未指定域名的访问都访问default
<Virtualhost _default_:80> ##虚拟主机开启的端口
DocumentRoot "/var/www/html" ##虚拟主机的默认发布目录
CustomLog "logs/default.log" combined ##虚拟主机日志
</Virtualhost>
vim /etc/httpd/conf.d/news.conf ##指定域名news.westos.com的访问到指定默认发布目录中
<Virtualhost *:80>
ServerName "news.westos.com"
DocumentRoot "/var/www/virtual/news.westos.com/html"
CustomLog "logs/news.log" combined
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html"> ##默认发布目录的访问授权
Require all granted
</Directory>
4>测试
在浏览器主机中
vim /etc/hosts
[root@test html]# vim /etc/httpd/conf.d/default.conf
[root@test html]# cat /etc/httpd/conf.d/default.conf
<Virtualhost _default_:80> ##虚拟主机开启的端口
DocumentRoot "/var/www/html"
CustomLog "logs/default.log" combined
</Virtualhost>
[root@test html]# vim /etc/httpd/conf
conf/ conf.d/ conf.modules.d/
[root@test html]# vim /etc/httpd/conf.d/news.conf
[root@test html]# cat /etc/httpd/conf.d/news.conf
<Virtualhost *:80>
ServerName "news.westos.com"
DocumentRoot "/var/www/virtual/news.westos.com/html"
CustomLog "logs/news.log" combined
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html"> ##默认发布目录的访问授权
Require all granted
</Directory>
[root@test html]# cd /var/www/
[root@test www]# mkdir virtual/money.westos.com/html -p
[root@test www]# mkdir virtual/news.westos.com/html -p
[root@test www]# echo "money.westos.com's page" >virtual/money.westos.com/html/index.html
[root@test www]# echo "news.westos.com's page" >virtual/news.westos.com/html/index.html
[root@test www]# vim /etc/httpd/conf.d/money.conf
[root@test www]# cat /etc/httpd/conf.d/money.conf
<Virtualhost *:80>
ServerName "money.westos.com"
DocumentRoot "/var/www/virtual/money.westos.com/html"
CustomLog "logs/news.log" combined
</Virtualhost>
<Directory "/var/www/virtual/money.westos.com/html">
Require all granted
</Directory>
[root@test www]# systemctl restart httpd
[root@test www]#
84 vim /etc/httpd/conf.d/default.conf ##未指定域名的访问都访问default
85 cat /etc/httpd/conf.d/default.conf
86 vim /etc/httpd/conf.d/news.conf ##指定域名news.westos.com的访问到指定默认发布目录中
87 cat /etc/httpd/conf.d/news.conf
88 cd /var/www/
89 mkdir virtual/money.westos.com/html -p
90 mkdir virtual/news.westos.com/html -p
91 echo "money.westos.com's page" >virtual/money.westos.com/html/index.html
92 echo "news.westos.com's page" >virtual/news.westos.com/html/index.html
93 vim /etc/httpd/conf.d/money.conf
94 cat /etc/httpd/conf.d/money.conf
95 systemctl restart httpd
96 history
在浏览器所在主机中
[root@foundation5 ~]# vim /etc/hosts
[root@foundation5 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.25.254.5 foundation5.ilt.example.com
172.25.254.105 www.westos.com news.westos.com money.westos.com
-----------------------------------------------------------------------
7.https
(1)https的定义
以安全为目标的HTTP通道,简单讲就是HTTP的安全版。即HTTP下加入SSL层,HTTPS的安全基础是SSL,因此加密的详细内容就需要SSL。
(2)配置
yum install mod_ssl -y
yum install crypoto-utils -y
genkey www.westos.com ##在生成随机数时比较慢,敲键盘和移动鼠标可以加速
/etc/pki/tls/private/www.westos.com.key
/etc/pki/tls/certs/www.westos.com.crt
vim /etc/httpd/conf.d/login.conf
<Virtualhost *:443>
ServerName "login.westos.com"
DocumentRoot "/var/www/virtual/login.westos.com/html"
CustomLog "logs/login.log" combined
SSLEngine on ##开始https功能
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##证书
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key##密钥
</Virtualhost>
<Directory "/var/www/virtual/login.westos.com/html">
Require all granted
</Directory>
<Virtualhost *:80> ##网页重写实现自动访问https
ServerName login.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
#^(/.*)$ https:// %{HTTP_HOST}$1 [redirect=301]
#^(/.*)$ ##客户主机在地址栏中写入所有字符,不好看换行符
#https:// ##定向成为的访问协议
#%{HTTP_HOST} ##客户请求主机
#$1 ##$1的值就表示^(/.*)$的值
#[redirect=301] ##临时重定向 302永久重定向
mkdir /var/www/virtual/login.westos.com/html -p
vim /var/www/virtual/login.westos.com/html/index.html
systemctl restart httpd
测试:
在客户主机中添加解析
172.25.254.105 login.westos.com
访问http://login.westos.com会自动调转到
https://login.westos.com实现网页数据加密传输
-------------------------------------------------------------------------
1 yum install mod_ssl crypto-utils -y
2 genkey www.westos.com
3 vim /etc/httpd/conf.d/login.conf
4 mkdir /var/www/virtual/login.westos.com/html -p
5 vim /var/www/virtual/login.westos.com/html/index.html
6 cat /var/www/virtual/login.westos.com/html/index.html
7 systemctl restart httpd
8 history
[root@test www]# yum install mod_ssl crypto-utils -y
Loaded plugins: langpacks
Dependency Installed:
perl-Newt.x86_64 0:1.08-36.el7
Complete!
[root@test www]# genkey www.westos.com
/usr/bin/keyutil -c makecert -g 1024 -s "CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN" -v 1 -a -z /etc/pki/tls/.rand.3582 -o /etc/pki/tls/certs/www.westos.com.crt -k /etc/pki/tls/private/www.westos.com.key
cmdstr: makecert
cmd_CreateNewCert
command: makecert
keysize = 1024 bits
subject = CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN
valid for 1 months
random seed from /etc/pki/tls/.rand.3582
output will be written to /etc/pki/tls/certs/www.westos.com.crt
output key written to /etc/pki/tls/private/www.westos.com.key
Generating key. This may take a few moments...
Made a key
Opened tmprequest for writing
/usr/bin/keyutil Copying the cert pointer
Created a certificate
Wrote 882 bytes of encoded data to /etc/pki/tls/private/www.westos.com.key
Wrote the key to:
/etc/pki/tls/private/www.westos.com.key
[root@test www]# vim /etc/httpd/conf.d/login.conf
[root@test www]# vim /etc/httpd/conf.d/login.conf
[root@test www]# mkdir /var/www/virtual/login.westos.com/html -p
[root@test www]# vim /var/www/virtual/login.westos.com/html/index.html
[root@test www]# cat /var/www/virtual/login.westos.com/html/index.html
qrhaoscjgvoeajgrojlrg
[root@test www]# systemctl restart httpd
[root@test www]#
测试主机端:
[root@foundation5 ~]# vim /etc/hosts
[root@foundation5 ~]#
-------------------------------------------------------------------------
8.正向代理 高速缓存
先添加一块网卡
ctrl shift delete 清空缓存
主机(高速缓存)
[root@foundation5 yum.repos.d]# yum install squid -y
Loaded plugins: langpacks, product-id, search-disabled-repos,
Dependency Installed:
libecap.x86_64 0:0.2.0-8.el7
Complete!
[root@foundation5 yum.repos.d]# systemctl start squid
[root@foundation5 yum.repos.d]# netstat -antlpe |grep squid
tcp6 0 0 :::3128 :::* LISTEN 0 137486 14544/(squid-1)
[root@foundation5 yum.repos.d]# vim /etc/squid/squid.conf
62行取消注释
[root@foundation5 yum.repos.d]# cd /var/spool/squid
[root@foundation5 squid]# ls
[root@foundation5 squid]# systemctl restart squid^C
[root@foundation5 squid]# ping www.baidu.com
PING www.baidu.com (183.232.231.173) 56(84) bytes of data.
64 bytes from www.sn.10086.cn (183.232.231.173): icmp_seq=1 ttl=50 time=76.6 ms
64 bytes from www.sn.10086.cn (183.232.231.173): icmp_seq=2 ttl=50 time=117 ms
^C
--- www.baidu.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 76.669/97.203/117.738/20.536 ms
[root@foundation5 squid]# systemctl restart squid
[root@foundation5 squid]# vim /etc/squid/squid.conf
[root@foundation5 squid]# systemctl restart squid
[root@foundation5 squid]#
9.反向代理
resete虚拟机,配置网络和yum源
netstat -antlpe | grep 80 ##无搜索结果才对
systemctl stop firewalld
vim /etc/squid/squid.conf
{#And finally deny all other access to this proxy
http_access allow all
59http_port 80
62行取消注释
}
systemctl restart squid
测试访问172.25.254.105(此时出错)
vim /etc/squid/squid.conf
59 http_port 80 vhost vport
60+ cache—peer 172.25.254.205 parent 80 0 no-query originserver(有apache的那台主机)
systemctl restart squid
rpm -qa | grep httpd(无搜索结果)
网页上测试:172.25.254.205
10
平衡的轮叫
[root@localhost ~]# history
1 ifconfig
2 rpm -qa |grep httpd
3 netmask -antlpe |grep 80
4 netstat -antlpe |grep 80
5 systemctl stop firewalld.service
6 yum install squid -y
7 systemctl start squid
8 vim /etc/squid/squid.conf
9 systemctl restart squid.service
12 vim /etc/squid/squid.conf
13 systemctl restart squid.service
14 vim /etc/hosts
15 vim /etc/squid/squid.conf
16 systemctl restart squid.service
17 vim /etc/squid/squid.conf
18 systemctl restart squid.service
19 vim /etc/squid/squid.conf
20 systemctl restart squid.service
21 vim /etc/squid/squid.conf
22 systemctl restart squid.service
23 vim /etc/squid/squid.conf
24 systemctl restart squid.service
25 history
11.链路的聚合
首先两块网卡,并且删掉之前配置的网络
1.apache的安装
yum install httpd -y
systemctl start httpd
systemctl stop firewalld
systemctl enable httpd
systemctl disabled firewalld
2.apache信息
默认发布文件 index.html
配置文件 /etc/httpd/conf/httpd.conf
/etc/httpd/conf.d/*.conf
默认发布目录 /var/www/html
默认端口 80
3.apache的基本配置
修改默认发布文件
vim /etc/httpd/conf/httpd.conf
164 DirectoryIndex westos.html或DirectoryIndex westos.html index.html(当westos.html不存在时,自动匹配index.html)
systemctl restart httpd
修改默认发布目录
##当selinux是disable或者1状态
vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/westos/www/test"
<Directory "/westos/www/test">
Require all granted
</Directory>
systemctl restart httpd
##当selinux时enforcing状态
vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/westos/www/test"
<Directory "/westos/www/test">
Require all granted
</Directory>
sysyemctl restart httpd
##清除网页缓存
semanage fcontext -a -t httpd_sys_content_t '/westos(/.*)?'
restorecon -RvvF /westos
1 getenforce
2 setenforce 0
3 getenforce
4 cd
5 vim /var/www/html/index.html
6 cat /var/www/html/index.html
7 systemctl restart httpd
8 vim /var/www/html/westos.html
9 cat /var/www/html/westos.html
10 vim /etc/httpd/conf/httpd.conf
11 systemctl restart httpd
12 vim /etc/httpd/conf/httpd.conf
13 rm -fr /var/www/html/westos.html
14 systemctl restart httpd
15 #访问本机ip
16 mkdir /westos/www/test -p
17 vim /westos/www/test/westos.html
18 vim /etc/httpd/conf/httpd.conf
19 vim /westos/www/test/westos.html
20 cat /westos/www/test/westos.html
21 vim /etc/httpd/conf/httpd.conf
22 119 #DocumentRoot "/var/www/html"
23 120 DocumentRoot "/westos/www/test"
24 systemctl restart httpd
25 访问本机ip,此时不可以,原因是没有授权
26 vim /etc/httpd/conf/httpd.conf
27 DocumentRoot "/westos/www/test"
28 <Directory "/westos/www/test">
29 Require all granted
30 systemctl restart httpd
31 vim /etc/httpd/conf/httpd.conf
32 systemctl restart httpd
33 vim /etc/httpd/conf/httpd.conf
34 systemctl restart httpd
---------------------------------------------------------------------------------------
[root@test mysqladmin]# getenforce
Enforcing
[root@test mysqladmin]# setenforce 0
[root@test mysqladmin]# getenforce
Permissive
[root@test mysqladmin]# cd
[root@test ~]# vim /var/www/html/index.html
[root@test ~]# cat /var/www/html/index.html
<h1>hello westos</h1>
[root@test ~]# systemctl restart httpd
# 访问本机ip
[root@test ~]# vim /var/www/html/westos.html
[root@test ~]# cat /var/www/html/westos.html
<h1>westos hahaha</h1>
[root@test ~]# vim /etc/httpd/conf/httpd.conf
# 164 DirectoryIndex westos.html^C
[root@test ~]# systemctl restart httpd
# 访问本机ip
[root@test ~]# vim /etc/httpd/conf/httpd.conf
# 164 DirectoryIndex westos.html index.html
# 此时先访问westos.html,如果它不存在,才访问index.html
[root@test ~]# rm -fr /var/www/html/westos.html
# 访问本机ip
[root@test ~]# systemctl restart httpd
# 访问本机ip
[root@test ~]#
[root@test ~]#
[root@test ~]# mkdir /westos/www/test -p
[root@test ~]# vim /westos/www/test/westos.html
[root@test ~]# vim /etc/httpd/conf/httpd.conf
[root@test ~]# vim /westos/www/test/westos.html
[root@test ~]# cat /westos/www/test/westos.html
fwvwaliugfaubvgliosgtbvkgiwl!!!
[root@test ~]# vim /etc/httpd/conf/httpd.conf
# 119 #DocumentRoot "/var/www/html".
# 120 DocumentRoot "/westos/www/test"
[root@test ~]# systemctl restart httpd
# 访问本机ip,此时不可以,原因是没有授权
[root@test ~]# vim /etc/httpd/conf/httpd.conf
# DocumentRoot "/westos/www/test"
# <Directory "/westos/www/test">
# Require all granted
# </Directory>
[root@test ~]# systemctl restart httpd
# 访问本机ip,就可以了
--------------------------------------------------------------------------------------
4.apache的访问控制
设定ip的访问
vim /etc/httpd/conf/httpd.conf
如:
设定用户的访问
htpasswd -cm /etc/httpd/accessuser.admin(有这个目录就不能再加c了,否则覆盖)
vim /etc/httpd/conf/httpd.conf
[root@test ~]# vim /etc/httpd/conf/httpd.conf
[root@test ~]# systemctl restart httpd
[root@test ~]# cd /var/www/html/
[root@test html]# ls
index.html mysqladmin
[root@test html]# vim admin
[root@test html]# cat admin
hahahahahahah
[root@test html]# cd /var/www/html/
[root@test html]# systemctl restart httpd
[root@test html]#
[root@test html]#
[root@test html]# 和限制用户的访问
[root@test html]# htpasswd -cm /etc/httpd/accessuser admin
New password:
Re-type new password:
Adding password for user admin
[root@test html]# cat /etc/httpd/accessuser
admin:$apr1$QdMX4pWI$Qzy3jjFQG.328BQb9gsxz/
[root@test html]# htpasswd -m /etc/httpd/accessuser yy
New password:
Re-type new password:
Adding password for user yy
[root@test html]# cat /etc/httpd/accessuser
admin:$apr1$QdMX4pWI$Qzy3jjFQG.328BQb9gsxz/
yy:$apr1$K.lw83Pl$5/Rv.vVBhg50KY0Nh2bON.
[root@test html]# vim /etc/httpd/conf/httpd.conf
[root@test html]# systemctl restart httpd
[root@test html]# vim /etc/httpd/conf/httpd.conf
[root@test html]# systemctl restart httpd
测试:
5.apache的语言支持
php html cgi
php:
----------------------------------------
[root@test ~]# cd /var/www/html
[root@test html]# ls
admin index.html mysqladmin
[root@test html]# vim index.php
[root@test html]# cat index.php
<?php
phpinfo();
?>
[root@test html]# systemctl restart httpd
[root@test html]#
-----------------------------------------
cgi:
yum install httpd-manual -y
vim index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;
vim /etc/httpd/conf/httpd.conf
<Directory "/var/www/html/cgi">
Options +ExecCGI
AddHandler cgi-script .cgi
</Directory>
systemctl restart httpd
[root@test html]# yum install httpd-manual -y
Loaded plugins: langpacks
rhel_dvd | 4.1 kB 00:00
Resolving Dependencies
--> Running transaction check
---> Package httpd-manual.noarch 0:2.4.6-17.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
httpd-manual noarch 2.4.6-17.el7 rhel_dvd 1.3 M
Transaction Summary
================================================================================
Install 1 Package
Total download size: 1.3 M
Installed size: 5.5 M
Downloading packages:
httpd-manual-2.4.6-17.el7.noarch.rpm | 1.3 MB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : httpd-manual-2.4.6-17.el7.noarch 1/1
Verifying : httpd-manual-2.4.6-17.el7.noarch 1/1
Installed:
httpd-manual.noarch 0:2.4.6-17.el7
Complete!
[root@test html]# cd /var/www/html/
[root@test html]# ls
admin index.html index.php mysqladmin
[root@test html]# systemctl restart httpd
[root@test html]# ls
admin index.html index.php mysqladmin
[root@test html]# 访问http://172.25.254.105/manual/howto/cgi.html^C
[root@test html]# vim index.cgi
[root@test html]# cat index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;
[root@test html]# perl index.cgi
Content-type: text/html
Sat May 13 21:02:43 EDT 2017
[root@test html]# chmod +x index.cgi
[root@test html]# ./index.cgi
Content-type: text/html
Sat May 13 21:03:35 EDT 2017
[root@test html]# systemctl restart httpd
[root@test html]#
-------------------------------------------------------
6.apache的虚拟主机
1>.定义:
可以让我们的一台apache服务器在被访问不同域名时显示不同的主页
2>.建立测试页
mkdir virtual/money.westos.com/html -p
mkdir virtual/news.westos.com/html -p
echo "money.westos.com's page" >virtual/money.westos.com/html/index.html
echo "news.westos.com's page" >virtual/news.westos.com/html/index.html
3>.配置
vim /etc/httpd/conf.d/default.conf ##未指定域名的访问都访问default
<Virtualhost _default_:80> ##虚拟主机开启的端口
DocumentRoot "/var/www/html" ##虚拟主机的默认发布目录
CustomLog "logs/default.log" combined ##虚拟主机日志
</Virtualhost>
vim /etc/httpd/conf.d/news.conf ##指定域名news.westos.com的访问到指定默认发布目录中
<Virtualhost *:80>
ServerName "news.westos.com"
DocumentRoot "/var/www/virtual/news.westos.com/html"
CustomLog "logs/news.log" combined
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html"> ##默认发布目录的访问授权
Require all granted
</Directory>
4>测试
在浏览器主机中
vim /etc/hosts
172.25.254.105 www.westos.com news.westos.com
[root@test html]# vim /etc/httpd/conf.d/default.conf
[root@test html]# cat /etc/httpd/conf.d/default.conf
<Virtualhost _default_:80> ##虚拟主机开启的端口
DocumentRoot "/var/www/html"
CustomLog "logs/default.log" combined
</Virtualhost>
[root@test html]# vim /etc/httpd/conf
conf/ conf.d/ conf.modules.d/
[root@test html]# vim /etc/httpd/conf.d/news.conf
[root@test html]# cat /etc/httpd/conf.d/news.conf
<Virtualhost *:80>
ServerName "news.westos.com"
DocumentRoot "/var/www/virtual/news.westos.com/html"
CustomLog "logs/news.log" combined
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html"> ##默认发布目录的访问授权
Require all granted
</Directory>
[root@test html]# cd /var/www/
[root@test www]# mkdir virtual/money.westos.com/html -p
[root@test www]# mkdir virtual/news.westos.com/html -p
[root@test www]# echo "money.westos.com's page" >virtual/money.westos.com/html/index.html
[root@test www]# echo "news.westos.com's page" >virtual/news.westos.com/html/index.html
[root@test www]# vim /etc/httpd/conf.d/money.conf
[root@test www]# cat /etc/httpd/conf.d/money.conf
<Virtualhost *:80>
ServerName "money.westos.com"
DocumentRoot "/var/www/virtual/money.westos.com/html"
CustomLog "logs/news.log" combined
</Virtualhost>
<Directory "/var/www/virtual/money.westos.com/html">
Require all granted
</Directory>
[root@test www]# systemctl restart httpd
[root@test www]#
84 vim /etc/httpd/conf.d/default.conf ##未指定域名的访问都访问default
85 cat /etc/httpd/conf.d/default.conf
86 vim /etc/httpd/conf.d/news.conf ##指定域名news.westos.com的访问到指定默认发布目录中
87 cat /etc/httpd/conf.d/news.conf
88 cd /var/www/
89 mkdir virtual/money.westos.com/html -p
90 mkdir virtual/news.westos.com/html -p
91 echo "money.westos.com's page" >virtual/money.westos.com/html/index.html
92 echo "news.westos.com's page" >virtual/news.westos.com/html/index.html
93 vim /etc/httpd/conf.d/money.conf
94 cat /etc/httpd/conf.d/money.conf
95 systemctl restart httpd
96 history
在浏览器所在主机中
[root@foundation5 ~]# vim /etc/hosts
[root@foundation5 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.25.254.5 foundation5.ilt.example.com
172.25.254.105 www.westos.com news.westos.com money.westos.com
-----------------------------------------------------------------------
7.https
(1)https的定义
以安全为目标的HTTP通道,简单讲就是HTTP的安全版。即HTTP下加入SSL层,HTTPS的安全基础是SSL,因此加密的详细内容就需要SSL。
(2)配置
yum install mod_ssl -y
yum install crypoto-utils -y
genkey www.westos.com ##在生成随机数时比较慢,敲键盘和移动鼠标可以加速
/etc/pki/tls/private/www.westos.com.key
/etc/pki/tls/certs/www.westos.com.crt
vim /etc/httpd/conf.d/login.conf
<Virtualhost *:443>
ServerName "login.westos.com"
DocumentRoot "/var/www/virtual/login.westos.com/html"
CustomLog "logs/login.log" combined
SSLEngine on ##开始https功能
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##证书
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key##密钥
</Virtualhost>
<Directory "/var/www/virtual/login.westos.com/html">
Require all granted
</Directory>
<Virtualhost *:80> ##网页重写实现自动访问https
ServerName login.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
#^(/.*)$ https:// %{HTTP_HOST}$1 [redirect=301]
#^(/.*)$ ##客户主机在地址栏中写入所有字符,不好看换行符
#https:// ##定向成为的访问协议
#%{HTTP_HOST} ##客户请求主机
#$1 ##$1的值就表示^(/.*)$的值
#[redirect=301] ##临时重定向 302永久重定向
mkdir /var/www/virtual/login.westos.com/html -p
vim /var/www/virtual/login.westos.com/html/index.html
systemctl restart httpd
测试:
在客户主机中添加解析
172.25.254.105 login.westos.com
访问http://login.westos.com会自动调转到
https://login.westos.com实现网页数据加密传输
-------------------------------------------------------------------------
1 yum install mod_ssl crypto-utils -y
2 genkey www.westos.com
3 vim /etc/httpd/conf.d/login.conf
4 mkdir /var/www/virtual/login.westos.com/html -p
5 vim /var/www/virtual/login.westos.com/html/index.html
6 cat /var/www/virtual/login.westos.com/html/index.html
7 systemctl restart httpd
8 history
[root@test www]# yum install mod_ssl crypto-utils -y
Loaded plugins: langpacks
Dependency Installed:
perl-Newt.x86_64 0:1.08-36.el7
Complete!
[root@test www]# genkey www.westos.com
/usr/bin/keyutil -c makecert -g 1024 -s "CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN" -v 1 -a -z /etc/pki/tls/.rand.3582 -o /etc/pki/tls/certs/www.westos.com.crt -k /etc/pki/tls/private/www.westos.com.key
cmdstr: makecert
cmd_CreateNewCert
command: makecert
keysize = 1024 bits
subject = CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN
valid for 1 months
random seed from /etc/pki/tls/.rand.3582
output will be written to /etc/pki/tls/certs/www.westos.com.crt
output key written to /etc/pki/tls/private/www.westos.com.key
Generating key. This may take a few moments...
Made a key
Opened tmprequest for writing
/usr/bin/keyutil Copying the cert pointer
Created a certificate
Wrote 882 bytes of encoded data to /etc/pki/tls/private/www.westos.com.key
Wrote the key to:
/etc/pki/tls/private/www.westos.com.key
[root@test www]# vim /etc/httpd/conf.d/login.conf
[root@test www]# vim /etc/httpd/conf.d/login.conf
[root@test www]# mkdir /var/www/virtual/login.westos.com/html -p
[root@test www]# vim /var/www/virtual/login.westos.com/html/index.html
[root@test www]# cat /var/www/virtual/login.westos.com/html/index.html
qrhaoscjgvoeajgrojlrg
[root@test www]# systemctl restart httpd
[root@test www]#
测试主机端:
[root@foundation5 ~]# vim /etc/hosts
[root@foundation5 ~]#
-------------------------------------------------------------------------
8.正向代理 高速缓存
先添加一块网卡
ctrl shift delete 清空缓存
主机(高速缓存)
[root@foundation5 yum.repos.d]# yum install squid -y
Loaded plugins: langpacks, product-id, search-disabled-repos,
Dependency Installed:
libecap.x86_64 0:0.2.0-8.el7
Complete!
[root@foundation5 yum.repos.d]# systemctl start squid
[root@foundation5 yum.repos.d]# netstat -antlpe |grep squid
tcp6 0 0 :::3128 :::* LISTEN 0 137486 14544/(squid-1)
[root@foundation5 yum.repos.d]# vim /etc/squid/squid.conf
62行取消注释
[root@foundation5 yum.repos.d]# cd /var/spool/squid
[root@foundation5 squid]# ls
[root@foundation5 squid]# systemctl restart squid^C
[root@foundation5 squid]# ping www.baidu.com
PING www.baidu.com (183.232.231.173) 56(84) bytes of data.
64 bytes from www.sn.10086.cn (183.232.231.173): icmp_seq=1 ttl=50 time=76.6 ms
64 bytes from www.sn.10086.cn (183.232.231.173): icmp_seq=2 ttl=50 time=117 ms
^C
--- www.baidu.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 76.669/97.203/117.738/20.536 ms
[root@foundation5 squid]# systemctl restart squid
[root@foundation5 squid]# vim /etc/squid/squid.conf
[root@foundation5 squid]# systemctl restart squid
[root@foundation5 squid]#
网页上:Edit--Perferences--Advanced--Network--Settings--图
9.反向代理
resete虚拟机,配置网络和yum源
添加一块网卡,使其有两块网卡。并且准备另一个装有apache的虚拟机
添加网卡:
netstat -antlpe | grep 80 ##无搜索结果才对
systemctl stop firewalld
vim /etc/squid/squid.conf
{#And finally deny all other access to this proxy
http_access allow all
59http_port 80
62行取消注释
}
systemctl restart squid
测试访问172.25.254.105(此时出错)
vim /etc/squid/squid.conf
59 http_port 80 vhost vport
60+ cache—peer 172.25.254.205 parent 80 0 no-query originserver(有apache的那台主机)
systemctl restart squid
rpm -qa | grep httpd(无搜索结果)
网页上测试:172.25.254.205
10
平衡的轮叫
[root@localhost ~]# history
1 ifconfig
2 rpm -qa |grep httpd
3 netmask -antlpe |grep 80
4 netstat -antlpe |grep 80
5 systemctl stop firewalld.service
6 yum install squid -y
7 systemctl start squid
8 vim /etc/squid/squid.conf
9 systemctl restart squid.service
10 vim /etc/squid/squid.conf
12 vim /etc/squid/squid.conf
13 systemctl restart squid.service
14 vim /etc/hosts
15 vim /etc/squid/squid.conf
16 systemctl restart squid.service
17 vim /etc/squid/squid.conf
18 systemctl restart squid.service
19 vim /etc/squid/squid.conf
20 systemctl restart squid.service
21 vim /etc/squid/squid.conf
22 systemctl restart squid.service
23 vim /etc/squid/squid.conf
24 systemctl restart squid.service
25 history
11.链路的聚合
首先两块网卡,并且删掉之前配置的网络