企业中常用的web服务,用来提供http://(超文本传输协议)
2.apache的安装
yum install httpd -y
yum install httpd-manual
systemctl enable httpd
systemctl stop firewalld
systemctl disable firewalld
#测试: http://172.25.254.xx
http://172.25.254.xx/manual
3.apache的基础信息
主配置目录:/etc/httpd/conf主配置文件:/etc/httpd/conf/httpd.conf
子配置目录:/etc/httpd/conf.d
子配置文件:/etc/httpd/conf.d/*.conf
默认发布目录:/var/www/html
默认发布文件:index.html
默认端口:80
默认安全上下文:httpd_sys_content_t
程序开启默认用户:apache
apache日志:/etc/httpd/logs/*
默认发布端口:
vim /etc/httpd/conf/httpd.conf
43 Listen 8080 ##修改默认端口为8080
systemctl restart httpd
访问:
http://172.25.254.xx:8080
修改默认发布文件:
默认发布文件就是访问apache时没有指定文件名称时默认访问的文件,这个文件可以指定多个,有顺序访问
vim /etc/httpd/conf/httpd.conf
164 DirectoryIndex index.html test.html ##当index.html不存在时,访问test.html
systemctl restart httpd
修改默认发布目录:
vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/html"
121 <Directory "/www">
122 Require all granted ##所有人都可以访问此站点
123 </Directory>
systemctl restart httpd
mkdir -p /www/html ##建立站点
vim /www/html/index.html ###写被访问内容
semanage fcontext -a -t httpd_sys_content_t '/www(/.*)?' ##安全上下文
restorecon -RvvF /www/
被访问内容为:
访问:
修改站点及访问目录:
服务端:
mkdir /var/www/virtual/linux.westos.com/html -p
mkdir /var/www/virtual/c.westos.com/html -p
vim /var/www/virtual/linux.westos.com/html/index.html
linux.westos.com
vim /var/www/virtual/c.westos.com/html/index.html
c.westos.com
[root@localhost conf.d]# vim default.conf ##切换到/etc/httpd/conf.d/目录(cd /etc/httpd/conf.d/)
<VirtualHost _default_:80>
DocumentRoot "/var/www/html"
CustomLog "logs/www.westos.com.log" combined
</VirtualHost>
[root@localhost conf.d]# vim linux.conf
<VirtualHost *:80>
ServerName linux.westos.com ##制定站点名称
DocumentRoot "/var/www/virtual/linux.westos.com/html/" ##站点默认发布目录
CustomLog "logs/linux.westos.com.logs" combiend ##站点日志combiend表示四种日志的集合
</VirtualHost>
<Directory "/var/www/virtual/linux.westos.com/html/">
Require all granted
</Directory>
[root@localhost conf.d]# vim c.conf
<VirtualHost *:80>
ServerName c.westos.com
DocumentRoot "/var/www/virtual/c.westos.com/html/"
CustomLog "logs/c.westos.com.logs" combiend
</VirtualHost>
<Directory "/var/www/virtual/c.westos.com/html/">
Require all granted
</Directory>
配置简介写法 :%s/linux/c/g ##将文中的linux全换成c
[root@localhost conf.d]# systemctl restart httpd.service
访问端测试:
[root@foundation13 ~]# vim /etc/hosts
172.25.254.213 c.westos.com linux.westos.com www.westos.conf
访问:
由于字母开头c,d,l中,c在前面,所以默认访问到的是c.conf中的内容
5.apache内部的访问控制
1)针对与主机的访问控制
mkdir /var/www/html/text
vim adefault.conf
<Directory "/var/www/html/text">
Order deny,allow
Allow from 172.25.254.88 ##只应许88号机访问
Deny from all
</Directory>
systemctl restart httpd.service
2)用户方式的访问控制
htpasswd -cm /etc/httpd/userpass admin
htpasswd -m /etc/httpd/userpass admin1 ##创建访问用户
mkdir /var/www/html/admin
vim adefault.conf
<Directory "/var/www/html/admin">
AuthUserFile /etc/httpd/userpass
AuthName "Please input yuor name and password"
AuthType basic
#Require user admin ##允许admin访问
Require valid-user ##允许所有人访问
</Directory>
vim /var/www/html/admin/index.html
admin
systemctl restart httpd.service
adefault.conf中的内容:
/admin/index.html中的内容:
访问:
用户admin:
用户admin1:
6.apache支持的语言
1)html (前章已介绍过)
2)php
vim /var/www/html/index.php
<?php
phpinfo();
?>
yum install php -y
systemctl restart httpd
测试:
172.25.254.xx/index.php
3)cgi
vim adefault.conf .cgi
<Directory "/var/www/html/cgi">
Options +ExecCGI
AddHandler cgi-script .cgi
</Directory>
mkdir -p /var/www/html/cgi
semanage fcontext -a -t httpd_sys_script_exec_t '/var/www/html/cgi(/.*)?' ##安全上下文的设定
restorecon -RvvF /var/www/html/cgi/
vim /var/www/html/cgi/index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`; ##访问时间
[root@localhost conf.d]# chmod +x /var/www/html/cgi/index.cgi
[root@localhost conf.d]# /var/www/html/cgi/index.cgi ##执行脚本确保脚本正常运行
systemctl restart httpd
访问:
7.https
保护客户端密码不被破解
yum install mod_ssl -y
yum install crypto-utils -y ##提供443端口
rpm -qa | grep crypt
rpm -qa crypto-utils-2.4.1-42.e17.x86_64 ##下载软件
genkey www.westos.com
(需要在实验机上敲击键盘,进度条才会走动,这是要设定加密的原因)
vim /etc/httpd/conf.d/ssl.conf
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
systemctl restart httpd
访问:
8.设定http主机和认证
mkdir -p /var/www/html/virtual/login.westos.com/html
vim login.conf ###在/etc/httpd/conf.d/目录下
<VirtualHost *:443>
ServerName login.westos.com
DocumentRoot /var/www/html/virtual/login.westos.com/html
CustomLog "logs/login.logs" combined
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
</VirtualHost>
<Directory "/var/www/html/virtual/login.westos.com/html">
Require all granted
</Directory>
获取证书:
<virtualHost *:80>
ServerName login.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301] ##自动转换到https
</VirtualHost>
^(/.*)$ ##客户在游览器地址栏中输入的所有字符
https:// 强制客户加密访问
%{HTTP_HOST} ##客户请求主机
$1 ##表示^(/.*)$的值
[redirect=301] ##临时重写,302永久挂载