1.安装apache
httpd.x86_64 2.2.15-5.el6 --服务端
httpd-tools.x86_64 2.2.15-5.el6 --工具包
httpd-devel.x86_64 2.2.15-5.el6 --开发包
httpd-manual.noarch 2.2.15-5.el6 --手册()
# yum -y install httpd* httpd-manual
+++++++++++++++++++++++++++++
/etc/httpd --apache的根目录
/etc/httpd/conf --配置文件的目录
/etc/httpd/conf.d --扩展配置文件
/etc/httpd/conf.d/proxy_ajp.conf --代理JSP的配置文件
/etc/httpd/conf.d/welcome.conf --找不到主页时显示欢迎页面
/etc/httpd/conf/httpd.conf --主配置文件
/etc/httpd/conf/magic
/etc/httpd/logs --日志的目录(access.log/error.log)
/etc/httpd/modules --模块的目录
/etc/httpd/run --存放着运时产生的文件,pid文件
/etc/logrotate.d/httpd --日志滚动配置文件
/etc/rc.d/init.d/httpd --启动脚本
/etc/sysconfig/httpd --额外的配置文件
/usr/bin/ab --压力测试工具
/usr/bin/htdigest --摘要认证密码生成工具
/usr/bin/htpasswd --基本认证密码管理工具
/usr/lib64/httpd/modules --apache真正模块目录
/usr/sbin/apachectl --启动脚本
/usr/sbin/httpd --后台命令
/var/www/html --默认网页的目录
/var/www/cgi-bin --cgi网页的默认目录
url http://192.168.0.254/pub/gls/dvd.repo
/var/www/html/pub/gls/dvd.repo
+++++++++++++++++++++++=
启动apache
# service httpd start
# netstat -tnlp|grep :80
tcp 0 0 :::80 :::* LISTEN 7107/httpd
# echo uplooking.com > /var/www/html/index.html
# firefox http://192.168.0.16
httpd的配置文件 :
/etc/httpd/conf/httpd.conf --主配置文件
/etc/httpd/conf.d/*.conf --扩展配置文件
# cat /etc/httpd/conf/httpd.conf |grep -v '#'|grep -v ^$
ServerTokens OS -- 配置服务器HTTP回应头,http协议的头部会包含这样的信息:Server: Apache/2.0.41 (Unix) # curl -I 192.168.0.252
ServerRoot "/etc/httpd" --httpd根目录
PidFile run/httpd.pid --httpd主进程ID
Timeout 120 --用于设置Web服务器与浏览器之间网络连接的超时秒数,默认设置为300秒
KeepAlive On --WEB服务器与客户开启保持TCP连接(减少TCP建立断开)
MaxKeepAliveRequests 100 --每次连接最多请求的文件数,与KeepAlive On联动
KeepAliveTimeout 15 --保持连接超时的时间,这需要跟客户端的浏览器联动
<IfModule prefork.c> --以进程方式运行apache,默认情况下apache使用进程的方式来启动
StartServers 8
MinSpareServers 5
MaxSpareServers 20
ServerLimit 256
MaxClients 256
MaxRequestsPerChild 4000
</IfModule>
<IfModule worker.c> --以线程的方式运行apache(如果要启用线程方式可以修改/etc/sysconfig/httpd)
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
Listen 80 --监听ip:端口
LoadModule auth_basic_module modules/mod_auth_basic.so --加载模块
LoadModule auth_digest_module modules/mod_auth_digest.so
........
Include conf.d/*.conf --加载扩展配置
User apache --启动httpd子进程的用户身份
Group apache --启动httpd子进程的组身份
ServerAdmin root@localhost --管理员的邮箱地址
UseCanonicalName Off
DocumentRoot "/var/www/html" --网页的默认根目录
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<IfModule mod_userdir.c>
UserDir disable --个人主页
</IfModule>
DirectoryIndex index.html index.html.var --首页的索引顺序(从左往右)
AccessFileName .htaccess
<Files ~ "^\.ht"> --密码文件定义
Order allow,deny
Deny from all
</Files>
TypesConfig /etc/mime.types
DefaultType text/plain
<IfModule mod_mime_magic.c>
MIMEMagicFile conf/magic
</IfModule>
HostnameLookups Off --是否开启DNS解析(主机名正向解析)
ErrorLog logs/error_log --错误日志
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
CustomLog logs/access_log combined --访问日志
ServerSignature On
Alias /icons/ "/var/www/icons/" --别名,虚拟目录,可以发布任意路径下的页面
<Directory "/var/www/icons">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<IfModule mod_dav_fs.c>
DAVLockDB /var/lib/dav/lockdb
</IfModule>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" --脚本别名,脚本虚拟目录(包含的是脚本页面:shell/perl/python)
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
Indexes --找不到首页时,则列出网站对应的目录
FollowSymLinks --软连接起作用
Order allow,deny --先allow,再deny
检查主配置文件的语法:
[root@station16 httpd]# httpd -t
Syntax OK
[root@station16 httpd]# apachectl -t
Syntax OK
------------------------------------
网页索引(按顺序):
DirectoryIndex index.html index.html.var test2.html test.html
DocumentRoot "/var/www/html"
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
实例一
对目录的授权,改变apache默认家目录
DocumentRoot "/var/www/html" 改成---> DocumentRoot "/www"
<Directory "/www">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from 192.168.0.0/24 ///Allow from all
</Directory>
实例二
-----------------------------------
alias 别名/虚拟目录
# vim /etc/httpd/conf/httpd.conf
Alias /xxxx /var --使用别名的方式,把位于非默认网页根目录文件发布出去
<Directory /var>
Options Indexes
AllowOverride None
Order allow,deny
Allow from 192.168.0.0/24
</Directory>
---------------------------------
实例三
---------------------
基于用户名和密码的验证:
# mkdir /www/auth
# touch /www/auth/kkk.txt
# vim /etc/httpd/conf/httpd.conf
DocumentRoot "/www/auth"
<Directory /www/auth>
Options Indexes
AllowOverride None
Order allow,deny
Allow from 192.168.0.0/24
AuthName "please input your username & key" --提示信息
AuthType basic --使用基本认证
AuthUserFile "/etc/httpd/conf/.htpasswd" --验证文件
Require valid-user --必须是允许的用户
</Directory>
# htpasswd -c /etc/httpd/conf/.htpasswd user01 -c创建文件
# htpasswd -b /etc/httpd/conf/.htpasswd user02 456 -b非交互模式
# service httpd restart
-------------------------------
实例四
虚拟主机:
1.基于IP的虚拟主机
2.基于端口的虚拟主机
3.基于域名的虚拟主机
1.基于IP的虚拟主机
# ifconfig eth0 192.168.0.16
# ifconfig eth0:0 192.168.0.160
# vim /etc/httpd/conf/httpd.conf
Listen 192.168.0.16
Listen 192.168.0.160
<VirtualHost 192.168.0.16>
ServerAdmin test1@baidu.com --管理员邮箱地址
DocumentRoot /www2/192.168.0.16 --网页目录
ErrorLog logs/192.168.0.16.error --错误日志
CustomLog logs/192.168.0.16.access common --访问日志
</VirtualHost>
<VirtualHost 192.168.0.160>
ServerAdmin test2@baidu.com
DocumentRoot /www2/192.168.0.160
ErrorLog logs/192.168.0.160.error
CustomLog logs/192.168.0.160.access common
</VirtualHost>
# mkdir /www2/192.168.0.16 -p
# mkdir /www2/192.168.0.160 -p
# echo "this is 192.168.0.16 page" > /www2/192.168.0.16/index.html
# echo "this is 192.168.0.160 page" > /www2/192.168.0.160/index.html
# service httpd restart
---------------------------
2.基于相同IP不同端口的虚拟主机
# mkdir /www2/192.168.0.16 -p
# mkdir /www2/192.168.0.160 -p
# echo "this is 192.168.0.16 page" > /www2/192.168.0.16/index.html
# echo "this is 192.168.0.160 page" > /www2/192.168.0.160/index.html
# vim /etc/httpd/conf/httpd.conf
Listen 80
Listen 8080
<VirtualHost *:80>
DocumentRoot /www2/192.168.0.16
</VirtualHost>
<VirtualHost *:8080>
DocumentRoot /www2/192.168.0.160
</VirtualHost>
---------------------------
3.基于域名的虚拟主机
# host www.baidu.com
www.baidu.com has address 192.168.0.16
# host www.google.com
www.google.com has address 192.168.0.16
# vim /etc/httpd/conf/httpd.conf
Listen 80
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin test1@baidu.com
DocumentRoot /www2/192.168.0.16
ServerName www.baidu.com
ErrorLog logs/www.baidu.com-error_log
CustomLog logs/www.baidu.com.example.com-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin test1@google.com
DocumentRoot /www2/192.168.0.160
ServerName www.google.com
ErrorLog logs/www.google.com-error_log
CustomLog logs/www.google.com.example.com-access_log common
</VirtualHost>
---------------------------------------------------------------
httpd ssl(openssl)
证书的颁发机构 CA
/ \
私钥 证书(公钥)
# cd /etc/pki/tls/certs/
# make server.key --生成私钥
# openssl rsa -in server.key -out server.key --去除私钥的加密密码
# make server.csr --生成证书颁发机构(CA)
# openssl x509 -in server.csr -req -signkey server.key -days 365 -out server.crt --生成证书
# yum -y install mod_ssl
# vim /etc/httpd/conf.d/ssl.conf
:105
SSLCertificateFile /etc/pki/tls/certs/server.crt --证书/公钥
SSLCertificateKeyFile /etc/pki/tls/certs/server.key --私钥
# service httpd restart
# firefox https://192.168.0.16
-----------------------------------------------------------------------
cgi脚本的测试:
# vim /etc/httpd/conf/httpd.conf --确认有无cgi脚本的相关配置
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
565
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
# vim /var/www/cgi-bin/test.cgi --创建cgi脚本
#!/bin/bash
echo Content-Type: text-html
echo
echo "<h1>Hello world</h1>"
/usr/bin/whoami
echo ""
/usr/bin/uptime
# chmod +x /var/www/cgi-bin/test.cg --赋予执行权限
# firefox http://yourip/cgi-bin/test.cgi --测试
Hello world
apache 12:04:57 up 2:32, 3 users, load average: 0.01, 0.03, 0.00
httpd.x86_64 2.2.15-5.el6 --服务端
httpd-tools.x86_64 2.2.15-5.el6 --工具包
httpd-devel.x86_64 2.2.15-5.el6 --开发包
httpd-manual.noarch 2.2.15-5.el6 --手册()
# yum -y install httpd* httpd-manual
+++++++++++++++++++++++++++++
/etc/httpd --apache的根目录
/etc/httpd/conf --配置文件的目录
/etc/httpd/conf.d --扩展配置文件
/etc/httpd/conf.d/proxy_ajp.conf --代理JSP的配置文件
/etc/httpd/conf.d/welcome.conf --找不到主页时显示欢迎页面
/etc/httpd/conf/httpd.conf --主配置文件
/etc/httpd/conf/magic
/etc/httpd/logs --日志的目录(access.log/error.log)
/etc/httpd/modules --模块的目录
/etc/httpd/run --存放着运时产生的文件,pid文件
/etc/logrotate.d/httpd --日志滚动配置文件
/etc/rc.d/init.d/httpd --启动脚本
/etc/sysconfig/httpd --额外的配置文件
/usr/bin/ab --压力测试工具
/usr/bin/htdigest --摘要认证密码生成工具
/usr/bin/htpasswd --基本认证密码管理工具
/usr/lib64/httpd/modules --apache真正模块目录
/usr/sbin/apachectl --启动脚本
/usr/sbin/httpd --后台命令
/var/www/html --默认网页的目录
/var/www/cgi-bin --cgi网页的默认目录
url http://192.168.0.254/pub/gls/dvd.repo
/var/www/html/pub/gls/dvd.repo
+++++++++++++++++++++++=
启动apache
# service httpd start
# netstat -tnlp|grep :80
tcp 0 0 :::80 :::* LISTEN 7107/httpd
# echo uplooking.com > /var/www/html/index.html
# firefox http://192.168.0.16
httpd的配置文件 :
/etc/httpd/conf/httpd.conf --主配置文件
/etc/httpd/conf.d/*.conf --扩展配置文件
# cat /etc/httpd/conf/httpd.conf |grep -v '#'|grep -v ^$
ServerTokens OS -- 配置服务器HTTP回应头,http协议的头部会包含这样的信息:Server: Apache/2.0.41 (Unix) # curl -I 192.168.0.252
ServerRoot "/etc/httpd" --httpd根目录
PidFile run/httpd.pid --httpd主进程ID
Timeout 120 --用于设置Web服务器与浏览器之间网络连接的超时秒数,默认设置为300秒
KeepAlive On --WEB服务器与客户开启保持TCP连接(减少TCP建立断开)
MaxKeepAliveRequests 100 --每次连接最多请求的文件数,与KeepAlive On联动
KeepAliveTimeout 15 --保持连接超时的时间,这需要跟客户端的浏览器联动
<IfModule prefork.c> --以进程方式运行apache,默认情况下apache使用进程的方式来启动
StartServers 8
MinSpareServers 5
MaxSpareServers 20
ServerLimit 256
MaxClients 256
MaxRequestsPerChild 4000
</IfModule>
<IfModule worker.c> --以线程的方式运行apache(如果要启用线程方式可以修改/etc/sysconfig/httpd)
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
Listen 80 --监听ip:端口
LoadModule auth_basic_module modules/mod_auth_basic.so --加载模块
LoadModule auth_digest_module modules/mod_auth_digest.so
........
Include conf.d/*.conf --加载扩展配置
User apache --启动httpd子进程的用户身份
Group apache --启动httpd子进程的组身份
ServerAdmin root@localhost --管理员的邮箱地址
UseCanonicalName Off
DocumentRoot "/var/www/html" --网页的默认根目录
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<IfModule mod_userdir.c>
UserDir disable --个人主页
</IfModule>
DirectoryIndex index.html index.html.var --首页的索引顺序(从左往右)
AccessFileName .htaccess
<Files ~ "^\.ht"> --密码文件定义
Order allow,deny
Deny from all
</Files>
TypesConfig /etc/mime.types
DefaultType text/plain
<IfModule mod_mime_magic.c>
MIMEMagicFile conf/magic
</IfModule>
HostnameLookups Off --是否开启DNS解析(主机名正向解析)
ErrorLog logs/error_log --错误日志
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
CustomLog logs/access_log combined --访问日志
ServerSignature On
Alias /icons/ "/var/www/icons/" --别名,虚拟目录,可以发布任意路径下的页面
<Directory "/var/www/icons">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<IfModule mod_dav_fs.c>
DAVLockDB /var/lib/dav/lockdb
</IfModule>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" --脚本别名,脚本虚拟目录(包含的是脚本页面:shell/perl/python)
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
Indexes --找不到首页时,则列出网站对应的目录
FollowSymLinks --软连接起作用
Order allow,deny --先allow,再deny
检查主配置文件的语法:
[root@station16 httpd]# httpd -t
Syntax OK
[root@station16 httpd]# apachectl -t
Syntax OK
------------------------------------
网页索引(按顺序):
DirectoryIndex index.html index.html.var test2.html test.html
DocumentRoot "/var/www/html"
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
实例一
对目录的授权,改变apache默认家目录
DocumentRoot "/var/www/html" 改成---> DocumentRoot "/www"
<Directory "/www">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from 192.168.0.0/24 ///Allow from all
</Directory>
实例二
-----------------------------------
alias 别名/虚拟目录
# vim /etc/httpd/conf/httpd.conf
Alias /xxxx /var --使用别名的方式,把位于非默认网页根目录文件发布出去
<Directory /var>
Options Indexes
AllowOverride None
Order allow,deny
Allow from 192.168.0.0/24
</Directory>
---------------------------------
实例三
---------------------
基于用户名和密码的验证:
# mkdir /www/auth
# touch /www/auth/kkk.txt
# vim /etc/httpd/conf/httpd.conf
DocumentRoot "/www/auth"
<Directory /www/auth>
Options Indexes
AllowOverride None
Order allow,deny
Allow from 192.168.0.0/24
AuthName "please input your username & key" --提示信息
AuthType basic --使用基本认证
AuthUserFile "/etc/httpd/conf/.htpasswd" --验证文件
Require valid-user --必须是允许的用户
</Directory>
# htpasswd -c /etc/httpd/conf/.htpasswd user01 -c创建文件
# htpasswd -b /etc/httpd/conf/.htpasswd user02 456 -b非交互模式
# service httpd restart
-------------------------------
实例四
虚拟主机:
1.基于IP的虚拟主机
2.基于端口的虚拟主机
3.基于域名的虚拟主机
1.基于IP的虚拟主机
# ifconfig eth0 192.168.0.16
# ifconfig eth0:0 192.168.0.160
# vim /etc/httpd/conf/httpd.conf
Listen 192.168.0.16
Listen 192.168.0.160
<VirtualHost 192.168.0.16>
ServerAdmin test1@baidu.com --管理员邮箱地址
DocumentRoot /www2/192.168.0.16 --网页目录
ErrorLog logs/192.168.0.16.error --错误日志
CustomLog logs/192.168.0.16.access common --访问日志
</VirtualHost>
<VirtualHost 192.168.0.160>
ServerAdmin test2@baidu.com
DocumentRoot /www2/192.168.0.160
ErrorLog logs/192.168.0.160.error
CustomLog logs/192.168.0.160.access common
</VirtualHost>
# mkdir /www2/192.168.0.16 -p
# mkdir /www2/192.168.0.160 -p
# echo "this is 192.168.0.16 page" > /www2/192.168.0.16/index.html
# echo "this is 192.168.0.160 page" > /www2/192.168.0.160/index.html
# service httpd restart
---------------------------
2.基于相同IP不同端口的虚拟主机
# mkdir /www2/192.168.0.16 -p
# mkdir /www2/192.168.0.160 -p
# echo "this is 192.168.0.16 page" > /www2/192.168.0.16/index.html
# echo "this is 192.168.0.160 page" > /www2/192.168.0.160/index.html
# vim /etc/httpd/conf/httpd.conf
Listen 80
Listen 8080
<VirtualHost *:80>
DocumentRoot /www2/192.168.0.16
</VirtualHost>
<VirtualHost *:8080>
DocumentRoot /www2/192.168.0.160
</VirtualHost>
---------------------------
3.基于域名的虚拟主机
# host www.baidu.com
www.baidu.com has address 192.168.0.16
# host www.google.com
www.google.com has address 192.168.0.16
# vim /etc/httpd/conf/httpd.conf
Listen 80
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin test1@baidu.com
DocumentRoot /www2/192.168.0.16
ServerName www.baidu.com
ErrorLog logs/www.baidu.com-error_log
CustomLog logs/www.baidu.com.example.com-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin test1@google.com
DocumentRoot /www2/192.168.0.160
ServerName www.google.com
ErrorLog logs/www.google.com-error_log
CustomLog logs/www.google.com.example.com-access_log common
</VirtualHost>
---------------------------------------------------------------
httpd ssl(openssl)
证书的颁发机构 CA
/ \
私钥 证书(公钥)
# cd /etc/pki/tls/certs/
# make server.key --生成私钥
# openssl rsa -in server.key -out server.key --去除私钥的加密密码
# make server.csr --生成证书颁发机构(CA)
# openssl x509 -in server.csr -req -signkey server.key -days 365 -out server.crt --生成证书
# yum -y install mod_ssl
# vim /etc/httpd/conf.d/ssl.conf
:105
SSLCertificateFile /etc/pki/tls/certs/server.crt --证书/公钥
SSLCertificateKeyFile /etc/pki/tls/certs/server.key --私钥
# service httpd restart
# firefox https://192.168.0.16
-----------------------------------------------------------------------
cgi脚本的测试:
# vim /etc/httpd/conf/httpd.conf --确认有无cgi脚本的相关配置
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
565
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
# vim /var/www/cgi-bin/test.cgi --创建cgi脚本
#!/bin/bash
echo Content-Type: text-html
echo
echo "<h1>Hello world</h1>"
/usr/bin/whoami
echo ""
/usr/bin/uptime
# chmod +x /var/www/cgi-bin/test.cg --赋予执行权限
# firefox http://yourip/cgi-bin/test.cgi --测试
Hello world
apache 12:04:57 up 2:32, 3 users, load average: 0.01, 0.03, 0.00