1、Centos7系统下实现httpd-2.2的安装,并分别实现prefork、worker、event等几种工作方式
程序安装
- httpd
- httpd-manual
- httpd-tools
[root@web1 ~]# yum -y install httpd
[root@web1 ~]# systemctl start httpd.service
[root@web1 ~]# systemctl enable httpd.service
MPM
- httpd -M 查看模块
- 默认是prefork
- 在/etc/httpd/conf.module.d/00-mpm.conf修改MPM的LoadModule
[root@web1 conf.d]# cat prefork.conf
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
ServerLimit 256
MaxClients 256
MaxRequestsPerChild 4000
</IfModule>
2、简述request报文请求方法和状态响应码
request报文
<method> <request URL> <version>
<HEADERS>
<entity-body>
- method: GET HEAD POST (PUT DELETE)不安全 TRACE OPTIONS(查看支持什么方法)
例如:
GET /index.html HTTP/1.1
Host: www.xlc.com
response报文
<version> <status> <reason-phrase>
<HEADERS>
<entity-body>
- status状态码
- 200 成功 OK
- 301 永久重定向 Moved Permanently
- 302 临时重定向
- 304 客户端缓存 Not Modified
- 401 未认证 Unauthorized
- 403 禁止 Forbiddened
- 404 未找到 Not Found
- 501 内部错误 Internel Server Error
502 代理错误 Bad Gateway
请求首部
- Host:请求域名,http1.1必须有
- User-agent:客户端
- Accept:接收的MIME类型
- Accept-Charset:接受的编码
- Accept-Encoding:接收的压缩格式
- Accept-Languages:接收的语言
- 条件请求
- 安全首部:Authorization
Cookie
响应首部
- Date:日期
- Age:代理缓存时间
- Server:服务器类型
- Referer:跳转自页面
- Via:代理
- Cache-control:缓存控制
- Connection:close keepalive是否支持长连接
- 协商:Accept-Ranges:是否支持范围请求
- Vary:Cache相关
- 安全:Set-Cookie
- Www-Authorization
- 内容
- Allow
- Location
- Content-length 文件大小
- Centent-Type 文件类型
3、详细描述httpd虚拟主机、站点访问控制、基于用户的访问控制、持久链接等应用配置实例
KeepAlive
- 保持连接,长连接,可以省去三次握手,四次断开的过程
- 缺点是影响并发
- 默认是短连接
- httpd -t 检查配置文件
[root@web1 conf.d]# cat keepalive.conf
KeepAlive On
KeepAliveTimeout 30
MaxKeepAliveRequests 100
[root@web1 conf.d]# httpd -t
Main Server
- ServerName 域名或ip:port
- DocumentRoot "文件路径"
ServerName www.xlc.com
DocumentRoot "/var/www/html"
访问控制
- Directory 目录控制
- File 通配文件控制
- File Match 正则文件控制
- URl 的Location LocationMatch控制
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
- Require all granted 开放所有ip访问
- ip控制和host控制需要加入到Directory里的
- ip或not ip,host或not host
# Require all granted
<RequireAll>
Require ip 192.168.1.11
</RequireAll>
- Options里Indexes如果不是提供下载需要关掉,FollowSymLinks如果没有软链接可以关掉
<Directory "/var/www/html">
Options None
AllowOverride None
Require all granted
</Directory>
主页
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
别名
Alias /images "/usr/share/images"
默认字符集
AddDefaultCharset UTF-8
日志设定
- 错误日志ErrorLog
访问日志CustomLog
ErrorLog "logs/error_log"
CustomLog "logs/access_log" combined
基于用户的访问控制
- 认证质询:www_authenticate 返回401
- Authorization:发送账号密码,认证通过
- basic明文认证和digest消息摘要认证
- 创建密码文件
- htpasswd -c /etc/httpd/conf.d/.htpasswd USERNAME
- -b 后面可以加PASSWORD
- AuthUserFile 或AuthGroupFile
#Require all granted
AuthType basic
AuthName "pls input your username"
AuthUserFile "/etc/httpd/conf.d/.htpasswd"
Require user tom
</Directory>
虚拟主机
- 基于ip
- 基于端口
- 基于域名
[root@web1 conf.d]# cat 192.168.1.11.conf
<VirtualHost *:80>
ServerName 192.168.1.11
DocumentRoot "/var/www/html"
DirectoryIndex index.html
<Directory "/var/www/html">
Options None
AllowOverride None
Require all denied
</Directory>
</VirtualHost>
[root@web1 conf.d]# cat www.xlc.com.conf
<VirtualHost *:80>
ServerName www.xlc.com
DocumentRoot "/home/www"
DirectoryIndex index.html
<Directory "/home/www">
Options None
AllowOverride None
Require all granted
</Directory>
CustomLog "logs/www.xlc.com.access_log" combined
</VirtualHost>
[root@web1 conf.d]# cat bbs.xlc.com.conf
<VirtualHost *:80>
ServerName bbs.xlc.com
DocumentRoot "/home/web/bbs"
DirectoryIndex index.html
<Directory "/home/web/bbs">
Options None
AllowOverride None
Require all granted
</Directory>
CustomLog "logs/bbs.xlc.com.access_log" combined
</VirtualHost>
status页面
- LoadModule status_module
- 加入location
<location /server-status>
SetHandler server-status
<RequireAll>
Require ip 192.168.1.3
</RequireAll>
</location>
- 最终虚拟主机配置
[root@web1 conf.d]# cat www.xlc.com.conf
<VirtualHost *:80>
ServerName www.xlc.com
DocumentRoot "/home/www"
DirectoryIndex index.html
<Directory "/home/www">
Options None
AllowOverride None
Require all granted
</Directory>
CustomLog "logs/www.xlc.com.access_log" combined
<location /server-status>
SetHandler server-status
<RequireAll>
Require ip 192.168.1.3
</RequireAll>
</location>
</VirtualHost>