1.基于域名 www.openlab.com 可以访问网站内容为 welcome to openlab!!!
2.给该公司创建三个子界面分别显示学生信息,教学资料和缴费网站,
基于 www.openlab.com/student 网站访问学生信息,
基于 www.openlab.com/data 网站访问教学资料
基于 www.openlab.com/money 网站访问缴费网站。
3.要求(1)学生信息网站只有 song 和 tian 两个用户可以访问,其他用户不能访问。
(2)访问缴费网站实现数据加密基于 https 访问。
1.安装软件
yum install httpd mod_ssl -y
2.域名映射
vim /etc/hosts
192.168.233.139 www.openlab.com
3.创建主页网站:www.openlab.com
mkdir -p /www/openlab
echo "welcome to openlab" > /www/openlab/index.html
4.编辑主配置文件
vim /etc/httpd/conf/httpd.conf
<virtualhost 192.168.233.139>
documentroot /www/openlab
servername 'www.openlab.com'
<directory /www/openlab>
allowoverride none
require all granted
</directory>
</virtualhost>
5.重启服务
systemctl restart httpd
6.打开虚拟机终端测试
在终端输入firefox
url输入:www.openlab.com
7.创建教学资料网站:www.openlab.com/data
mkdir -p /www/openlab/data
echo "data" > /www/openlab/data/index.html
vim /etc/httpd/conf/httpd.conf
<virtualhost 192.168.233.139>
documentroot /www/openlab/data
alias /data /www/openlab/data
servername 'www.openlab.com'
<directory /www/openlab/data>
allowoverride none
require all granted
</directory>
</virtualhost>
http://www.openlab.com/data
8.创建学生信息网站:www.openlab.com/student
mkdir -p /www/openlab/student
echo "student" > /www/openlab/student/index.html
vim /etc/httpd/conf/httpd.conf
<virtualhost 192.168.233.139>
documentroot /www/openlab/student
alias /student /www/openlab/student
servername 'www.openlab.com'
<directory /www/openlab/student>
allowoverride none
require all granted
</directory>
</virtualhost>
http://www.openlab.com/student
9.创建缴费网站:www.openlab.com/money
mkdir -p /www/openlab/money
echo "money" > /www/openlab/money/index.html
http://www.openlab.com/money
10.学生信息网站只有 song 和 tian 两个用户可以访问,其他用户不能访问useradd song
passwd song
useradd tian
passwd tian 增加密码访问控制
htpasswd -c /etc/httpd/passwd song
htpasswd /etc/httpd/passwd tian
vim /etc/httpd/conf/httpd.conf
<directory /www/openlab/student>
authuserfile /etc/httpd/passwd
authname 'student'
authtype basic
require user song tian
</directory>
systemctl restart httpd
11.访问缴费网站实现数据加密基于 https 访问
openssl genrsa -aes128 2048 > /etc/pki/tls/private/money.key
openssl req -utf8 -new -key /etc/pki/tls/private/money.key -x509 -days 365 -out /etc/pki/tls/certs/money.crt
Country Name (2 letter code) [XX]:86
State or Province Name (full name) []:shanxi
Locality Name (eg, city) [Default City]:xianyang
Organization Name (eg, company) [Default Company Ltd]:openlab
Organizational Unit Name (eg, section) []:RHCE
Common Name (eg, your name or your server's hostname) []:server
Email Address []:aa@qq.com
vim /etc/httpd/conf/httpd.conf
<virtualhost 192.168.233.139:443>
sslengine on
SSLCertificateFile /etc/pki/tls/certs/money.crt
SSLCertificateKeyFile /etc/pki/tls/private/money.key
documentroot /www/openlab/money
alias /money /www/openlab/money
servername 'www.openlab.com'
<directory /www/openlab/money>
allowoverride none
require all granted
</directory>
</virtualhost>
解除80端口的限制:从注释处一直删除到serverroot前
systemctl restart httpd