1.apache 简介
- Apache HTTP Server(简称 Apache)是 Apache 软件基金会的一个开放源码的网页服务器,可以在大多数计算机操作系统中运行,由于其多平台和安全性被广泛使用,是最流行的 Web 服务器端软件之一。它快速、可靠并且可通过简单的 API 扩展,将 Perl/Python 等解释器编译到服务器中。
主配置目录:/etc/httpd/conf
主配置文件:/etc/httpd/conf/httpd.conf
子配置目录:/etc/httpd/conf.d
子配置文件:/etc/httpd/conf.d/*.conf
默认发布目录:/var/www/html
默认发布文件:index.html
默认端口:80
默认安全上下文:httpd_sys_content_t
程序开启默认用户:apache
apache 日志:/etc/httpd/logs/yum install httpd -y ##下载httpd
yum install httpd-manual -y ##下载httpd的手册
systemctl stop firewalld ##关闭防火墙
systemctl disable firewalld ##设置开机不启动防火墙
systemctl start httpd ##启动httpd
systemctl enable httpd ##设置开机自动启动httpd2. apache 的配置文件
/etc/httpd/conf/httpd.conf ##apache 的主配置文件
/etc/httpd/conf.d/*.conf ##/etc/httpd 目录下所有以. conf 结尾的都为 apache 的子配置文件
apache 的默认发布端口为 80
[root@localhost ~]# systemctl start httpd
[root@localhost ~]# netstat -antlupe | grep 80
tcp 0 0 172.25.254.136:45860 172.25.254.36:80 TIME_WAIT 0 0 -
tcp 0 0 172.25.254.136:45861 172.25.254.36:80 TIME_WAIT 0 0 -
tcp6 0 0 :::80 :::* LISTEN 0 102623 8723/httpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 0 18880 530/chronyd
[root@localhost ~]# netstat -antlupe | grep httpd
tcp6 0 0 :::80 :::* LISTEN 0 102623 8723/httpd
[root@localhost ~]# cd /var/www/html/ ###默认发布目录
[root@localhost html]# vim index.html ###在这个文件可以写东西
hello 
[root@localhost html]# vim /etc/httpd/conf/httpd.conf 将发布端口改为8080
42 Listen 8080
[root@localhost html]# systemctl restart httpd
[root@localhost html]# netstat -antlupe | grep httpd
tcp6 0 0 :::8080 :::* LISTEN 0 106173 8962/httpd 更改端口后浏览器访问时需加端口
默认发布目录的更改
[root@localhost html]# pwd
/var/www/html
[root@localhost html]# mkdir /westos/html -p
[root@localhost html]# cd /westos/html/
[root@localhost html]# vim index.html
1 westos html
[root@localhost html]# vim /etc/httpd/conf/httpd.conf
119 #DocumentRoot "/var/www/html" 注释掉默认发布目录
120 DocumentRoot "/westos/html" 将默认发布目录更改为/westos/heml
121 <Directory "/westos">
122 require all granted
123 </Directory>
124 #
[root@localhost html]# systemctl restart httpd
此时浏览器看到的是更改过后的发布目录后面的东西 即/westos/html/index.html
[root@localhost html]# vim test.html
test html
[root@localhost html]# vim /etc/httpd/conf/httpd.conf
119 #DocumentRoot "/var/www/html"
120 DocumentRoot "/westos/html"
121 <Directory "/westos">
122 require all granted
123 DirectoryIndex test.html ##添加目录索引为test.html,即读取这个目录
124 </Directory>
125 #
[root@localhost html]# systemctl restart httpd
[root@localhost html]# pwd
/westos/html
[root@localhost html]# ls
index.html test.html
[root@localhost html]# mkdir linux
[root@localhost html]# cd linux/
[root@localhost linux]# vim index.html
Next hhh
[root@localhost linux]# vim /etc/httpd/conf/httpd.conf
118 #
119 #DocumentRoot "/var/www/html"
120 DocumentRoot "/westos/html"
121 <Directory "/westos/html/linux"> ##读取目录为/westos/html/linux下的index.html
122 DirectoryIndex index.html
123 </Directory>
124 <directory "/westos">
125 require all granted
126 DirectoryIndex test.html
127 </Directory>
128 #
[root@localhost linux]# systemctl restart httpd
访问方式的控制
ip访问方式的控制
[root@localhost conf.d]# cd /var/www/html/
[root@localhost html]# ls
index.html
[root@localhost html]# mkdir westos
[root@localhost html]# cd westos/
[root@localhost westos]# vim index.hrml
[root@localhost westos]# vim /etc/httpd/conf/httpd.conf
118 #
119 DocumentRoot "/var/www/html"
120 #DocumentRoot "/westos/html"
121 <Directory "/var/www/html/westos">
122 Order Allow,Deny ##访问顺序为先Allow后Deny
123 Allow from ALL ##允许所有主机访问
124 Deny from 172.25.254.36 ###拒绝172.25.254.36访问
125 </Directory>
126 #
效果为除36外所有主机都可访问
118 #
119 DocumentRoot "/var/www/html"
120 #DocumentRoot "/westos/html"
121 <Directory "/var/www/html/westos">
122 Order Deny,Allow ##访问顺序,Allow在后面则会覆盖Deny,只有172.25.254.136可以访问.反之亦然
123 Allow from 172.25.254.136 ##允许172.25.254.136访问
124 Deny from ALL ##拒绝所有主机访问
125 </Directory>
126 #
127 # Relax access to content within /var/www.
128 #
效果为所有主机都不可访问
用户访问方式的控制
126
127 <Directory "/var/www/html/westos">
128 AuthUserFile /etc/httpd/apacheuser ##认证的用户文件
129 AuthName "please input user and passward!" ##3显示的提示内容
130 AuthType basic ##基础认证类型
131 Require user liu ##允许用户liu访问
132 #Require valid-user ##允许所有用户访问
133 </Directory>
[root@localhost westos]# systemctl restart httpd用户密码
[root@localhost westos]# cd /etc/httpd/
[root@localhost httpd]# ls
conf conf.d conf.modules.d logs modules run
[root@localhost httpd]# htpasswd -cm apacheuser liu ##生成用户liu的密码文件,cm会覆盖原文件的内容,m会追加在原文件内容的后面。
New password:
Re-type new password:
Adding password for user liu
[root@localhost httpd]# cat apacheuser cm会覆盖原文件的内容
liu:$apr1$dC9vjrVk$TnNBpkS9D8O.y3qa/SJYW1
[root@localhost httpd]# htpasswd -cm apacheuser qiang #####生成用户qiang的密码文件,cm会覆盖原文件的内容
New password:
Re-type new password:
Adding password for user qiang
[root@localhost httpd]# cat apacheuser
qiang:$apr1$tJ130DtS$FX7j.Y5ehXOzSBKcT.H2t/ ###cm会覆盖原文件的内容
[root@localhost httpd]# htpasswd -m apacheuser liu ##生成用户liu的密码文件,,m会追加在原文件内容的后面。
New password:
Re-type new password:
Adding password for user liu
[root@localhost httpd]# cat apacheuser ###原文件未被覆盖,只是在qiang内容后面追加了liu
qiang:$apr1$tJ130DtS$FX7j.Y5ehXOzSBKcT.H2t/
liu:$apr1$D2wcvmqL$kPN5tNFoUTRo5TA36dxFv/
[root@localhost httpd]# vim /etc/httpd/conf/httpd.conf
[root@localhost httpd]# systemctl restart httpd指定域名解析
在浏览器所在主机 vim /etc/host
[root@foundation36 ~]# vim /etc/host
172.25.254.136 www.westos.com news.westos.com music.westos.com login.westos.com
阿帕奇所在的虚拟主机
[root@localhost httpd]# pwd
/etc/httpd
[root@localhost httpd]# ls
apacheuser conf conf.d conf.modules.d logs modules run
[root@localhost httpd]# cd conf.d/
[root@localhost conf.d]# ls
autoindex.conf README userdir.conf welcome.conf
[root@localhost conf.d]# mkdir /var/www/virtual/westos.com/news -p ##创建虚拟主机news的默认发布目录
[root@localhost conf.d]# mkdir /var/www/virtual/westos.com/music -p ##创建虚拟主机music的默认发布目录
[root@localhost conf.d]# vim /var/www/virtual/westos.com/news/index.html ##修改虚拟主机news的默认发布文件内容
news’s page
[root@localhost conf.d]# vim /var/www/virtual/westos.com/music/index.html ##修改虚拟主机nmusic的默认发布文件内容
music’s page
[root@localhost conf.d]# vim news.conf ##指定域名news.westos.com的访问到指定默认发布目录中
1 <VirtualHost *:80> ##虚拟主机开启的端口为80
2 ServerName news.westos.com ##指定站点名称
3 DocumentRoot "/var/www/virtual/westos.com/news/" ##站点默认发布目录,即网页文件存放位置
4 CustomLog "logs/default.log" combined ##站点日志combined表示四种日志
5 </VirtualHost>
6 <Directory "/var/www/virtual/westos.com/news/">
7 Require all granted ##允许所有主机访问
8 </Directory>
[root@localhost conf.d]# cp news.conf music.conf
[root@localhost conf.d]# vim music.conf ##指定域名music.westos.com的访问到指定默认发布目录中
%/new 1 <VirtualHost *:80> ##虚拟主机开启的端口为80
2 ServerName music.westos.com ##指定站点名称
3 DocumentRoot "/var/www/virtual/westos.com/music/" ##站点默认发布目录,即网页文件存放位置
4 CustomLog "logs/default.log" combined ##站点日志combined表示四种日志
5 </VirtualHost>
6 <Directory "/var/www/virtual/westos.com/music/">
7 Require all granted ##允许所有主机访问
8 </Directory>
[root@localhost conf.d]# systemctl restart httpd
加密访问
[root@localhost ~]# yum install mod_ssl -y ###下载ssl模块
[root@localhost ~]# ls /etc/httpd/conf.d
[root@localhost ~]# yum install crypto-utils -y ##安装加密软件
[root@localhost ~]# genkey www.westos.com ###对网页www.westos.com进行加密
第二次出现进度条时需敲键盘
/usr/bin/keyutil -c makecert -g 1024 -s "CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=Shannxi, C=CN" -v 1 -a -z /etc/pki/tls/.rand.3868 -o /etc/pki/tls/certs/www.westos.com.crt -k /etc/pki/tls/private/www.westos.com.key
cmdstr: makecert
cmd_CreateNewCert
command: makecert
keysize = 1024 bits
subject = CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=Shannxi, C=CN
valid for 1 months
random seed from /etc/pki/tls/.rand.3868
output will be written to /etc/pki/tls/certs/www.westos.com.crt 证书所在位置
output key written to /etc/pki/tls/private/www.westos.com.key 证书密码所在位置
Generating key. This may take a few moments...
Made a key
Opened tmprequest for writing
/usr/bin/keyutil Copying the cert pointer
Created a certificate
Wrote 882 bytes of encoded data to /etc/pki/tls/private/www.westos.com.key
Wrote the key to:
/etc/pki/tls/private/www.westos.com.key
[root@localhost ~]# vim ssl.conf
[root@localhost ~]# cd /etc/httpd/conf.d/
[root@localhost conf.d]# vim ssl.conf
100 #SSLCertificateFile /etc/pki/tls/certs/localhost.crt
101 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt 添加证书
102 # Server Private Key:
103 # If the key is not combined with the certificate, use this
104 # directive to point at the key file. Keep in mind that if
105 # you've both a RSA and a DSA private key you can configure
106 # both in parallel (to also allow the use of DSA ciphers, etc.)
107 #SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
108 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key 添加密证书码
109
[root@localhost conf.d]# systemctl restart httpd[root@localhost conf.d]# mkdir /var/www/virtual/westos.com/login -p ##创建虚拟主机的默认发布目录
[root@localhost conf.d]# vim /var/www/virtual/westos.com/login/index.html#####修改虚拟主机的默认发布文件
Login’s page
[root@localhost conf.d]# vim login.conf
1 <VirtualHost *:443>
2 ServerName login.westos.com ##指定站点名称
3 DocumentRoot "/var/www/virtual/westos.com/login/" ##站点默认发布目录,即网页文件存放位置
4 CustomLog "logs/login.log" combined ##站点日志
5 SSLEngine on ###打开加密
6 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##加密文件
7 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key ##加密文件钥匙
8 </VirtualHost>
9 <Directory "/var/www/virtual/westos.com/login/">
10 Require all granted
11 </Directory>
因为用户习惯输入网址时不会刻意添加加密访问字符‘https://’,所以我们写以下代码强制将用户输入站点自动转入‘https://’
12 <VirtualHost *:80>
13 ServerName login.westos.com
14 RewriteEngine on
15 RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
16 </VirtualHost>
^(/.*)$ ##客户在浏览器地址栏输入的所有字符
https:// ##强制客户加密访问
%{HTTP_HOST} ##客户强求主机
$1 ##表示^(/.*)$ 的值
[redirect=301] ##临时重写,302表示永久重写
[root@localhost conf.d]# systemctl restart httpd
若出错可从下面两个文件删除重建
[root@localhost conf.d]# cd /etc/pki/tls/certs/
[root@localhost certs]# ls
ca-bundle.crt localhost.crt Makefile www.westos.com.0.csr
ca-bundle.trust.crt make-dummy-cert renew-dummy-cert
[root@localhost certs]# rm -rf www.westos.com.0.csr
[root@localhost certs]# ls
ca-bundle.crt localhost.crt Makefile
ca-bundle.trust.crt make-dummy-cert renew-dummy-cert
[root@localhost certs]# cd ../private/
[root@localhost private]# ls
localhost.key www.westos.com.key
[root@localhost private]# rm -rf localhost.key www.westos.com.key apache 支持的语言
默认支持 html
php 语言
[root@localhost ~]# cd /var/www/html/
[root@localhost html]# ls
index.html westos
[root@localhost html]# vim index.php ##新建默认发布文件index.php并添加内容
[root@localhost html]# cat index.php
<?php
phpinfo();
?>
[root@localhost html]# vim /etc/httpd/conf/httpd.conf ##在主配置文件中添加新建的默认发布文件index.php
176 <IfModule dir_module>
177 DirectoryIndex index.php index.html
178 </IfModule>
[root@localhost html]# yum install php -y ###安装php服务
[root@localhost html]# ls
index.html index.php westos
[root@localhost html]# mkdir cgi
[root@localhost html]# vim cgi/index.cgi # #编写脚本
[root@localhost html]# cat cgi/index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n"; ##输出Content-type: text/html并执行两次换行
print `date`; ##优先执行反单引号内的内容,并将执行结果作为外部的输入信息
[root@localhost html]# chmod +x cgi/index.cgi ##给脚本添加可执行权限
[root@localhost html]# ./cgi/index.cgi 执行脚本
Content-type: text/html
Sun May 27 02:04:19 EDT 2018
[root@localhost html]# cd /etc/httpd/conf.d/
[root@localhost conf.d]# ls
autoindex.conf login.conf news.conf README userdir.conf
default.conf music.conf php.conf ssl.conf welcome.conf
[root@localhost conf.d]# vim default.conf
[root@localhost conf.d]# cat default.conf
<VirtualHost _default_:80>
DocumentRoot /var/www/html
CustomLog "logs/default.log" combine
</VirtualHost>
<Directory "/var/www/html/cgi"> ##执行默认发布文件内的脚本内容
Options +ExecCGI
AddHandler cgi-script .cgi
DirectoryIndex index.cgi
</Directory>
[root@localhost conf.d]# systemctl restart httpd
论坛的搭建
[root@localhost ~]# systemctl start httpd
[root@localhost ~]# systemctl start mariadb
[root@localhost ~]# cd /var/www/html/
[root@localhost html]# ls
cgi index.html index.php westos
[root@localhost html]# ls
cgi Discuz_X3.2_SC_UTF8.zip index.html index.php westos
[root@localhost html]# unzip Discuz_X3.2_SC_UTF8.zip 解压论坛模块至/var/www/html/
[root@localhost html]# ls
cgi index.html readme utility
Discuz_X3.2_SC_UTF8.zip index.php upload westos
[root@localhost html]# chmod 777 /var/www/html/upload/ -R 给文件777权限
[root@localhost html]# yum install php-mysql.x86_64 -y 安装php-mysql
[root@localhost html]# systemctl restart httpd
[root@linux ~]# yum install squid -y
[root@linux ~]# vim /etc/squid/squid.conf
56 http_access allow all
57
58 # Squid normally listens to port 3128
59 http_port 80 vhost vport
60 cache_peer 172.25.254.136 parent 80 0 proxy-only
61
62 # Uncomment and adjust the following to add a disk cache directory.
63 cache_dir ufs /var/spool/squid 100 16 256
[root@linux ~]# systemctl start squid
[root@linux ~]# systemctl stop firewalld236 显示的也是 136 的页面
[root@localhost squid-3.3.8]# cd /var/www/html/
[root@localhost html]# ls
cgi index.html readme utility
Discuz_X3.2_SC_UTF8.zip index.php upload westos
[root@localhost html]# vim index.html
[root@localhost html]# cat index.html
172.25.254.136
[root@localhost html]# vim /etc/httpd/conf/httpd.conf 更改为html显示
改为
176 <IfModule dir_module>
177 DirectoryIndex index.html
178 </IfModule>
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
