linux——apache

Apache

Apache是世界上使用排名第一的Web服务器软件,它可以运行在所有广泛使用的计算机平台上,由于其跨平台和安全性被广泛使用,是最流行的Web服务器端软件之一。

一、Apache的前期准备

[root@localhost ~]# yum install httpd -y
[root@localhost ~]# systemctl start httpd
[root@localhost ~]# netstat -antlupe | grep 80
tcp6       0      0 :::80                   :::*                    LISTEN      0          36254      2133/httpd          
[root@localhost ~]# netstat -antlupe | grep httpd
tcp6       0      0 :::80                   :::*                    LISTEN      0          36254      2133/httpd          
[root@localhost ~]# cd /var/www/html/     ##目录/var/www/html是默认访问目录
[root@localhost html]# systemctl stop firewalld
[root@localhost html]# vim index.html     ##index.html文件是默认访问文件
[root@localhost html]# cat index.html 
<h1>/var/www/html/index's page<h1>        ##<h1>内容<h1> 这是html的写法,表示的格式是标题一
[root@localhost html]# vim tutu.html      ##tutu.html不是默认访问文件,所以在访问时,需访问http://ip/tutu.html
[root@localhost html]# cat tutu.html 
<h1>/var/www/html/tutu's page<h1>
[root@localhost html]#
  • 浏览器查看——http://172.25.254.127/


  • 浏览器查看——http://172.25.254.127/tutu.html

二、Apache的基本配置

1、协议端口的修改
[root@localhost html]# vim /etc/httpd/conf/httpd.conf     ##httpd的配置文件
Listen 80 ——> Listen 8080     ##修改第42行
[root@localhost html]# systemctl restart httpd
[root@localhost html]# netstat -antlupe | grep httpd
tcp6       0      0 :::8080                 :::*                    LISTEN      0          110156     9396/httpd          
  • 浏览器访问——http://172.25.254.127
访问失败
[root@localhost html]# vim /etc/httpd/conf/httpd.conf 
Listen 8080 ——> Listen 80    ##修改第42行
[root@localhost html]# systemctl restart httpd
[root@localhost html]# netstat -antlupe | grep httpd
tcp6       0      0 :::80                   :::*                    LISTEN      0          111224     9449/httpd          
  • 浏览器访问——http://172.25.254.127

2、默认访问目录、文件的设置
[root@localhost html]# pwd
/var/www/html
[root@localhost html]# mkdir /westos/html -p
[root@localhost html]# cd /westos/html/
[root@localhost html]# pwd
/westos/html
[root@localhost html]# vim index.html
[root@localhost html]# cat index.html
<h1>/westos/html/index's page</h1>
  • 浏览器访问——http://172.25.254.127

[root@localhost html]# vim /etc/httpd/conf/httpd.conf      ##注释掉第119行,添加120——123行内容如下
119 #DocumentRoot "/var/www/html"          
120 DocumentRoot "/westos/html"
121 <Directory "/westos">
122         require all granted
123 </Directory>
[root@localhost html]# systemctl restart httpd
  • 浏览器访问——http://172.25.254.127(默认目录)

[root@localhost html]# ls
index.html
[root@localhost html]# vim test.html
[root@localhost html]# cat test.html
<h1>/westos/html/test's page</h1>
[root@localhost html]# vim /etc/httpd/conf/httpd.conf    ##添加第123行,设置默认访问文件为test.html
120 DocumentRoot "/westos/html"
121 <Directory "/westos">
122         require all granted
123         DirectoryIndex test.html
124 </Directory>
[root@localhost html]# systemctl restart httpd
  • 浏览器访问——http://172.25.254.127(默认文件)
[root@localhost html]# pwd
/westos/html
[root@localhost html]# ls
index.html  test.html
[root@localhost html]# mkdir linux
[root@localhost html]# cd linux/
[root@localhost linux]# vim index.html
[root@localhost linux]# cat index.html 
<h1>/westos/html/linux/index's page<h1>
[root@localhost linux]# vim test.html
[root@localhost linux]# cat test.html 
<h1>/westos/html/linux/test's page<h1>
  • 浏览器访问——http://172.25.254.127/linux

[root@localhost linux]# vim /etc/httpd/conf/httpd.conf    ##添加121——123行,使得访问linux目录时,默认文件是index.html
120 DocumentRoot "/westos/html"
121 <Directory "/westos/html/linux">
122         DirectoryIndex index.html
123 </Directory>
124 <Directory "/westos">
125         require all granted
126         DirectoryIndex test.html
127 </Directory>
[root@localhost linux]# systemctl restart httpd

3、基于ip的身份认证
[root@localhost html]# vim /etc/httpd/conf/httpd.conf    ##恢复原配置,即删除120——127行或者注释掉,这里是删除了
[root@localhost html]# systemctl restart httpd
[root@localhost html]# pwd
/westos/html
[root@localhost html]# cd /var/www/html/
[root@localhost html]# ls
index.html  tutu.html
[root@localhost html]# mkdir westos
[root@localhost html]# ls
index.html  tutu.html  westos
[root@localhost html]# cd westos/
[root@localhost westos]# ls
[root@localhost westos]# vim index.html
[root@localhost westos]# cat index.html
<h1>/var/www/html/westos/index's page</h1>

[root@localhost westos]# vim /etc/httpd/conf/httpd.conf    
##添加第120——124行,相当于黑名单
##效果:除了ip为172.25.254.50的不能访问外,其他ip都可以访问
119 DocumentRoot "/var/www/html"
120 <Directory "/var/www/html/westos">
121         Order Allow,Deny           ##先读Allow,再读Deny
122         Allow from All             ##允许所有ip访问
123         Deny from 172.25.254.50    ##禁止172.25.254.50访问
124 </Directory>
[root@localhost westos]# systemctl restart httpd
  • ip为172.25.254.127的主机进行访问

  • ip为172.25.254.50的主机进行访问


[root@localhost ~]# vim /etc/httpd/conf/httpd.conf
##修改第120——125行,相当于白名单
##效果:除了ip为172.25.254.50的不能访问外,其他ip都可以访问
119 DocumentRoot "/var/www/html"
120 #DocumentRoot "/westos/html"
121 <Directory "/var/www/html/westos">
122         Order Deny,Allow            ##先读Deny,再读Allow
123         Allow from 172.25.254.27    ##允许172.25.254.50访问
124         Deny from All               ##禁止所有ip访问
125 </Directory>
[root@localhost ~]# systemctl restart httpd
  • ip为172.25.254.127的主机进行访问


  • ip为172.25.254.50的主机进行访问

  • 4、基于用户的身份认证
[root@localhost westos]# cd /etc/httpd/
[root@localhost httpd]# ls
conf  conf.d  conf.modules.d  logs  modules  run
[root@localhost httpd]# htpasswd -cm apacheuser admin
##htpasswd [-cimBdpsDv] [-C cost] passwordfile username
##-c  Create a new file.
##-m  Force MD5 encryption of the password (default).
##添加第二个用户时,不要加上“-cNew password: 
Re-type new password: 
Adding password for user admin
[root@localhost httpd]# cat apacheuser 
admin:$apr1$.g7wvziV$0TpPETAiCBx5Gzfh5n50G/
[root@localhost httpd]# htpasswd -cm apacheuser tom
New password: 
Re-type new password: 
Adding password for user tom
[root@localhost httpd]# cat apacheuser 
tom:$apr1$2faTciFK$iHsm6EAb1.SHdkHFL5ur6.
[root@localhost httpd]# htpasswd -m apacheuser admin
New password: 
Re-type new password: 
Adding password for user admin
[root@localhost httpd]# cat apacheuser 
tom:$apr1$2faTciFK$iHsm6EAb1.SHdkHFL5ur6.
admin:$apr1$AbU8gYqU$KluSOrkvCLjvSj3QwfRIq/
[root@localhost httpd]# vim /etc/httpd/conf/httpd.conf 
##效果:允许/etc/httpd/apacheuser中的用户admin输入密码访问,不允许/etc/httpd/apacheuser中的其他用户访问
119 DocumentRoot "/var/www/html"
120 <Directory "/var/www/html/westos">
121         AuthUserFile /etc/httpd/apacheuser
122         AuthName "Please input user and password !!"
123         AuthType basic
124         Require user admin    
125 </Directory>
[root@localhost httpd]# systemctl restart httpd 

  • 登陆成功后

  • 因为只允许用户admin登陆,所以用户tom登陆时,不能成功,会再次回到登陆页面

[root@localhost httpd]# vim /etc/httpd/conf/httpd.conf 
##效果:允许/etc/httpd/apacheuser中的所有用户输入密码访问(此处就不再进行浏览器访问测试了,这就留给你吧,^_^)
119 DocumentRoot "/var/www/html"
120 <Directory "/var/www/html/westos">
121         AuthUserFile /etc/httpd/apacheuser
122         AuthName "Please input user and password !!"
123         AuthType basic
124 #       Require user admin      ##注释掉
125         Require valid-user
126 </Directory>
[root@localhost httpd]# systemctl restart httpd

三、关于节点设置以及HTTPS加密的设置

1、Apache——一台主机设置多个节点
  • 测试主机设置(使用浏览器进行访问的主机)
[root@foundation50 Desktop]# vim /etc/hosts
172.25.254.127 www.westos.com news.westos.com music.westos.com login.westos.com
[root@foundation50 Desktop]#
  • Apache主机设置
[root@localhost httpd]# pwd
/etc/httpd
[root@localhost httpd]# ls
apacheuser  conf  conf.d  conf.modules.d  logs  modules  run
[root@localhost httpd]# cd conf.d/
[root@localhost conf.d]# ls
autoindex.conf  README  userdir.conf  welcome.conf
[root@localhost conf.d]# vim default.conf
[root@localhost conf.d]# cat default.conf 
<VirtualHost _default_:80>
	DocumentRoot /var/www/html
	CustomLog "logs/default.log" combined
</VirtualHost>
[root@localhost conf.d]# mkdir /var/www/virtual/westos.com/news -p
[root@localhost conf.d]# mkdir /var/www/virtual/westos.com/music -p
[root@localhost conf.d]# vim /var/www/virtual/westos.com/news/index.html
[root@localhost conf.d]# cat /var/www/virtual/westos.com/news/index.html
<h1>/var/www/virtual/westos.com/news/index's page<h1>
[root@localhost conf.d]# vim /var/www/virtual/westos.com/music/index.html
[root@localhost conf.d]# cat /var/www/virtual/westos.com/music/index.html 
<h1>/var/www/virtual/westos.com/music/index's page<h1>
[root@localhost conf.d]# vim news.conf
[root@localhost conf.d]# cat news.conf
<VirtualHost *:80>
	ServerName news.westos.com
	DocumentRoot "/var/www/virtual/westos.com/news/"
	CustomLog "logs/default.log" combined
</VirtualHost>
<Directory "/var/www/virtual/westos.com/news/">
	Require all granted
</Directory>
[root@localhost conf.d]# cp news.conf music.conf
[root@localhost conf.d]# vim music.conf 
[root@localhost conf.d]# cat music.conf 
<VirtualHost *:80>
	ServerName music.westos.com
	DocumentRoot "/var/www/virtual/westos.com/music/"
	CustomLog "logs/default.log" combined
</VirtualHost>
<Directory "/var/www/virtual/westos.com/music/">
	Require all granted
</Directory>
[root@localhost conf.d]# systemctl restart httpd
  • 访问——www.westos.com

  • 访问——news.westos.com

  • 访问——music.westos.com

2、HTTPS配置
[root@localhost ~]# yum install mod_ssl -y
[root@localhost ~]# cd /etc/httpd/conf.d/
[root@localhost conf.d]# ls /etc/httpd/conf.d/
autoindex.conf  music.conf  README    userdir.conf
default.conf    news.conf   ssl.conf  welcome.conf
[root@localhost conf.d]# systemctl restart httpd
##访问https://www.westos.com,下载证书,但是证书不是自己的信息,如下图


[root@localhost conf.d]# yum install crypto-utils -y
[root@localhost conf.d]# genkey www.westos.com
##操作见下图
output will be written to /etc/pki/tls/certs/www.westos.com.crt
output key written to /etc/pki/tls/private/www.westos.com.key

##上面这张图加载时,需要在输入字符(随意输入),不然无法完成加载

[root@localhost conf.d]# vim ssl.conf 
101 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
108 SSLCertificateFile /etc/pki/tls/private/www.westos.com.key
[root@localhost conf.d]# systemctl restart httpd
##访问https://www.westos.com,下载证书,现在证书才是自己的信息
##每次访问HTTPS时,都必须访问https://域名


3、输入域名跳转,自动成为HTTPS
[root@localhost conf.d]# ls
autoindex.conf  music.conf  README    tmprequest    welcome.conf
default.conf    news.conf   ssl.conf  userdir.conf
[root@localhost conf.d]# vim login.conf
[root@localhost conf.d]# cat login.conf 
<VirtualHost *:443>
	ServerName login.westos.com
	DocumentRoot "/var/www/virtual/westos.com/login/"
	CustomLog "logs/login.log" combined
	SSLEngine on
	SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
	SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
</VirtualHost>
<Directory "/var/www/virtual/westos.com/login/">
	Require all granted
</Directory>
<VirtualHost *:80>
	ServerName login.westos.com
	RewriteEngine on
	RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</VirtualHost>
[root@localhost conf.d]# mkdir -p /var/www/virtual/westos.com/login/
[root@localhost conf.d]# vim /var/www/virtual/westos.com/login/index.html
[root@localhost conf.d]# cat /var/www/virtual/westos.com/login/index.html 
<h1>/var/www/virtual/westos.com/login/index's page<h1>
[root@localhost conf.d]# systemctl restart httpd
##输入配置过的域名时,会自动跳转成为HTTPS,这里是配置的是www.westos.com,此处就不附测试的图了,第一次访问,需要下载证书

四、集成PHP 和 CGI

[root@localhost conf.d]# yum install httpd-manual -y    ##安装此软件,可以访问ip/manual——php等的说明
[root@localhost conf.d]# systemctl restart httpd

  • PHP
[root@localhost conf.d]# cd /var/www/html/
[root@localhost html]# ls
index.html  tutu.html  westos
[root@localhost html]# vim index.php
[root@localhost html]# cat index.php 
<?php
	phpinfo();
?>
[root@localhost html]# yum install php -y
[root@localhost html]# vim /etc/httpd/conf/httpd.conf
169 <IfModule dir_module>
170     DirectoryIndex index.php index.html
171 </IfModule>
[root@localhost html]# systemctl restart httpd
##浏览器访问172.25.254.127

  • CGI
[root@localhost html]# pwd
/var/www/html
[root@localhost html]# mkdir cgi
[root@localhost html]# ls
cgi  index.html  index.php  tutu.html  westos
[root@localhost html]# vim cgi/index.cgi
[root@localhost html]# cat cgi/index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;
[root@localhost html]# chmod +x cgi/index.cgi
[root@localhost html]# ./cgi/index.cgi
Content-type: text/html

Wed May 30 08:14:48 EDT 2018
[root@localhost html]# ./cgi/index.cgi
Content-type: text/html

Wed May 30 08:14:57 EDT 2018
##浏览器访问效果,看见/var/www/html/cgi/index.cgi中的文本内容如下:
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;

[root@localhost html]# ls
cgi  index.html  index.php  tutu.html  westos
[root@localhost html]# cd /etc/httpd/conf.d/
[root@localhost conf.d]# ls
autoindex.conf  login.conf   music.conf  php.conf  ssl.conf    userdir.conf
default.conf    manual.conf  news.conf   README    tmprequest  welcome.conf
[root@localhost conf.d]# vim default.conf 
[root@localhost conf.d]# cat default.conf | tail -n 5
<Directory "/var/www/html/cgi">
	Options +ExecCGI
	AddHandler cgi-script .cgi
	DirectoryIndex index.cgi
</Directory>
[root@localhost conf.d]# systemctl restart httpd
##浏览器访问效果,效果如下:
Wed May 30 08:19:21 EDT 2018

五、论坛的搭建

[root@localhost ~]# systemctl start httpd
[root@localhost ~]# systemctl start mariadb
[root@localhost ~]# cd /var/www/html/
[root@localhost html]# ls
cgi  Discuz_X3.2_SC_UTF8.zip  index.html  index.php  tutu.html  westos
##Discuz_X3.2_SC_UTF8.zip——从网上下载,或者从其他处获取
[root@localhost html]# unzip Discuz_X3.2_SC_UTF8.zip
[root@localhost html]# ls
cgi                      index.html  readme     upload   westos
Discuz_X3.2_SC_UTF8.zip  index.php   tutu.html  utility
[root@localhost html]# chmod 777 /var/www/html/upload/ -R
[root@localhost html]# php -m
##参数: -m               Show compiled in modules
【root@localhost html]# yum install php-mysql.x86_64 -y
[root@localhost html]# systemctl restart httpd







六、代理上网(翻墙)

  • 可以上网的主机设置
[root@localhost ~]# yum install squid -y
[root@localhost ~]# vim /etc/squid/squid.conf
56 http_access allow all
62 cache_dir ufs /var/spool/squid 100 16 256
[root@localhost ~]# systemctl start squid
  • 不能上网的主机设置代理



七、squid+apache实现缓存加速

  • IP为172.25.254.50的设置——Apache(距离较远)
[root@shenzhen squid]# yum install squid -y
[root@shenzhen squid]# systemctl start squid
[root@shenzhen squid]# cd /usr/share/doc/squid-3.3.8/
[root@shenzhen squid-3.3.8]# ls
ChangeLog  COPYRIGHT   README    rredir.pl              url-normalizer.pl
COPYING    QUICKSTART  rredir.c  squid.conf.documented  user-agents.pl
[root@shenzhen squid]# systemctl stop firewalld
[root@shenzhen squid]# cd /var/www/html/
[root@shenzhen html]# vim index.html
[root@shenzhen html]# cat index.html 
<h1>172.25.254.50<h1>
[root@shenzhen squid-3.3.8]# systemctl start httpd

  • IP为172.25.254.227的设置——Squid(距离较近)
[root@xian ~]# yum install squid -y
[root@xian ~]# vim /etc/squid/squid.conf
 56 http_access allow all
 59 http_port 80 vhost vport
 60 cache_peer 172.25.254.50 parent 80 0 proxy-only
 62 cache_dir ufs /var/spool/squid 100 16 256
[root@xian ~]# systemctl start squid
[root@xian ~]# systemctl stop firewalld

  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值