文章目录
1.hpptd简介
httpd是Apache超文本传输协议(HTTP)服务器的主程序。被设计为一个独立运行的后台进程,它会建立一个处理请求的子进程或线程的池。
通常,httpd不应该被直接调用,而应该在类Unix系统中由apachectl调用,在Windows中作为服务运行。
2.httpd
|
3.httpd基础
3.1httpd自带的工具程序
| 工具 | 功能 |
|---|---|
| htpasswd | basic认证基于文件实现时,用到的帐号密码生成工具 |
| apachectl | httpd自带的服务控制脚本,支持start,stop,restart |
| apxs | 由httpd-devel包提供的,扩展httpd使用第三方模块的工具 |
| royatelogs | 日志滚动工具 |
| suexec | 访问某些有特殊权限配置的资源时,临时切换至指定用户运行的工具 |
| ab | apache benchmark,httpd的压力测试工具 |
3.2rpm包安装的httpd程序环境
| 文件/目录 | 访问日志 |
|---|---|
| /var/log/httpd/access.log | 访问日志 |
| /var/log/httpd/error_log | 错误日志 |
| /var/www/html | 站点文档目录 |
| /usr/lib64/httpd/modules/ | 模块文件路径 |
| /etc/httpd/conf/httpd.conf | 主配置文件 |
| /etc/httpd/conf.modules.d/*.conf | 模块配置文件 |
| /etc/httpd/conf.d/*.conf | 辅助配置文件 |
mpm:以DSO机制提供,配置文件为/etc/httpd/conf.modules.d/00-mpm.conf
3.3 web相关的命令
3.3.1 curl命令
curl是基于URL语法在命令行方式下工作的文件传输工具,它支持FTP,FTPS,HTTP,HTTPS,GOPHER,TELNET,DICT,FILE及LDAP等协议。
curl支持以下功能:
- https认证
- http的POST/PUT等方法
- ftp上传
- kerberos认证
- http上传
- 代理服务器
- cookies
- 用户名/密码认证
- 下载文件断电续传
- socks5代理服务器
- 通过http代理服务器上传文件到ftp服务器
语法:curl [options] [URL …]
常用的options:
- -A/–user-agent 设置用户代理发送给服务器
- -basic 使用Http基本认证
- –tcp-nodelay 使用TCP_NODELAY选项
- -e/–referer 来源网址
- –cacert CA证书(SSL)
- –compressed 要求返回时压缩的格式
- -H/–header
自定义请求首部信息传递给服务器 - -I/–head 只显示响应报文首部信息
- –limit-rate 设置传输速度
- -u/–user <user[:password]> 设置服务器的用户和密码
- -0/–http1 使用http 1.0版本,默认使用1.1版本。这个选项是数字0而不是字母o
- -o/–output 把输出写到文件中
- -#/–progress-bar 进度条显示当前的传送状态
通过curl下载文件
3.3.2 httpd命令
语法: httpd [options]
常用的options:
-
-l 查看静态编译的模块,列出核心中编译了哪些模块,它不会列出使用LoadModule指令动态加载的模块
[root@lihuaixin ~]# httpd -l
Compiled in modules:
core.c
mod_so.c
http_core.c -
-M 输出一个已经启用的模块列表,包括静态编译在服务
//器中的模块和作为DSO动态加载的模块[root@lihuaixin ~]# httpd -M
AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/httpd/conf/httpd.conf:355
AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using fe80::f460:57fd:1855:8db7. Set the ‘ServerName’ directive globally to suppress this message
Loaded Modules:
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
… -
-v 显示httpd的版本,然后退出
[root@lihuaixin ~]# httpd -v
Server version: Apache/2.4.6 (Red Hat Enterprise Linux)
Server built: May 9 2017 11:21:32
[root@lihuaixin ~]# -
-V 显示httpd和apr/apr-util的版本和编译参数,然后退出
-
-X 以调试模式运行httpd。仅启动一个工作进程,并且
服务器不与控制台脱离 -
-t 检查配置文件是否有语法错误
4.编译安装httpd-2.4
把需要的三个安装包放入/usr/src/目录下,然后解压
1.安装开发环境
[root@lihuaixin~]# yum groupinstall "Development Tools"
[root@lihuaixin bin]# yum -y install openssl-devel pcre-devel expat-devel libtool
2.编译三步
编译安装apr-1.6.3
[root@lihuaixin ~]# cd /usr/src/
[root@lihuaixin src]# ls
apr-1.6.3 apr-util-1.6.1 debug httpd-2.4.34 kernels
[root@lihuaixin src]# cd apr-1.6.3/
[root@lihuaixin apr-1.6.3]# vim configure
# $RM "$cfgfile" //将此行加上注释,或者删除此行
第一步:
[root@lihuaixin apr-1.6.3]# ./configure --prefix=/usr/local/apr
配置过程省略…
第二步和第三步
[root@lihuaixin apr-1.6.3]# make && make install
配置过程省略…
编译安装apr-util-1.6.1
[root@lihuaixin apr-1.6.3]# cd /usr/src/
[root@lihuaixin src]# ls
apr-1.6.3 apr-util-1.6.1 debug httpd-2.4.34 kernels
[root@lihuaixin src]# cd apr-util-1.6.1/
[root@lihuaixin apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr //第一步,编译过程省略
[root@lihuaixin apr-util-1.6.1]# make && make install //第二和第三步,编译过程省略
编译安装httpd
[root@lihuaixin apr-util-1.6.1]# cd /usr/src/httpd-2.4.34/
[root@lihuaixin httpd-2.4.34]# ./configure --prefix=/usr/local/apache --sysconfdir=/etc/httpd24 --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util //第一步
[root@lihuaixin httpd-2.4.34]# make && make install //第二步和第三步
启动服务
[root@lihuaixin ~]# cd /usr/local/apache/bin/
[root@lihuaixin bin]# ls
ab apxs dbmmanage envvars-std htcacheclean htdigest httpd logresolve
apachectl checkgid envvars fcgistarter htdbm htpasswd httxt2dbm rotatelogs
[root@lihuaixin bin]# ./apachectl start
启动的目录/usr/local/apache/bin/apachectl
放网页配置目录 /usr/local/apache/htdocs/index.html
5.httpd常用配置
切换使用MPM(编辑/etc/httpd/conf.modules.d/00-mpm.conf文件):
访问控制法则:
| 法则 | 功能 |
|---|---|
| Require all granted | 允许所有主机访问 |
| Require all deny | 拒绝所有主机访问 |
| Require ip IPADDR | 授权指定来源地址的主机访问 |
| Require not ip IPADDR | 拒绝指定来源地址的主机访问 |
| Require host HOSTNAME | 授权指定来源主机名的主机访问 |
| Require not host HOSTNAME | 拒绝指定来源主机名的主机访问 |
| IPADDR的类型 | HOSTNAME的类型 |
| – | – |
| IP:192.168.1.1 Network/mask:192.168.1.0/255.255.255.0 Network/Length:192.168.1.0/24 Net:192.168 | FQDN:特定主机的全名 DOMAIN:指定域内的所有主机 |
注意:httpd-2.4版本默认是拒绝所有主机访问的,所以安装以后必须做显示授权访问
日志的存放位置
yum安装默认日志存放位置(cd /var/log/httpd/)
[root@lihuaixin ~]# cd /var/log/httpd/
[root@lihuaixin httpd]# ls
access_log access_log-20190704 error_log-20190628
access_log-20190628 error_log error_log-20190701
源码安装默认日志存放位置(/usr/local/apache/logs/)
[root@lihuaixin httpd]# cd
[root@lihuaixin ~]# cd /usr/local/apache/logs/
[root@lihuaixin logs]# ls
access_log error_log httpd.pid
设置全局都可以访问:
[root@lihuaixin ~]# vim /etc/httpd24/httpd.conf
<Directory /usr/local/apache/htdocs> //源码安装的目录
<RequireAll>
Require all granted
</RequireAll>
</Directory>
重启
[root@lihuaixin ~]# cd /usr/local/apache/bin/
[root@lihuaixin bin]# ./apachectl restart
在服务机(192.168.199.128)访问
[root@lihuaixin ~]# curl http://192.168.199.128
<html>
<head>qiaobenhaunnai</head>
<body>
<img src='qaq.jpg' />
</body>
</html>
[root@lihuaixin ~]# curl http://192.168.199.128/lhx/index.html
qiaobenhuannai
在客户端(192.168.199.132)访问
[root@qiaobenhuannai ~]# curl http://192.168.199.128
<html>
<head>qiaobenhaunnai</head>
<body>
<img src='qaq.jpg' />
</body>
</html>
[root@qiaobenhuannai ~]# curl http://192.168.199.132
<html><body><h1>It works!</h1></body></html>
[root@qiaobenhuannai ~]#
修改配置文件
[root@lihuaixin bin]# vim /etc/httpd24/httpd.conf
<Directory /usr/local/apache/htdocs>
<RequireAll>
Require ip 192.168.199.128 //只允许该ip 访问
Require all granted
</RequireAll>
</Directory>
使用192.168.199.128访问
[
root@lihuaixin bin]# curl http://192.168.199.128/
<html>
<head>qiaobenhaunnai</head>
<body>
<img src='qaq.jpg' />
</body>
</html>
使用192.168.199.132访问
[root@qiaobenhuannai ~]# curl http://192.168.199.128/
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /
on this server.<br />
</p>
</body></html>
虚拟主机
虚拟主机有三类:
- 相同IP不同端口
- 不同IP相同端口
- 相同IP相同端口不同域名
相同ip不同端口的配置:
[root@lihuaixin ~]# vim /etc/httpd/conf/httpd.conf
ServerName www.example.com:80 //取消此行前面的#号
//在配置文件的最后加上如下内容:
#NameVirtualHost //如果是httpd2.2版本就要加上这一行如果是2.4版本就不要加
<VirtualHost *:80>
DocumentRoot "/usr/local/apache/htdocs/runtime"
ServerName runtime.example.com
ErrorLog "logs/runtime.example.com-error_log"
CustomLog "logs/rutime.example.com-access_log" common
</VirtualHost>
<VirtualHost *:81>
DocumentRoot "/usr/local/apache/htdocs/wheel"
ServerName wheel.example.com
ErrorLog "logs/wheel.example.com-error_log"
CustomLog "logs/wheel.example.com-access_log" common
</VirtualHost>
然后在配置文件中修改监听的端口号,添加一个81端口
[root@lihuaixin ~]# vim /etc/httpd/conf/httpd.conf
#Listen 12.34.56.78:80
Listen 80
Listen 81 // 新添加一个81端口
新键上面添加的目录并且写入内容到index文件中
[root@lihuaixin ~]# mkdir /usr/local/apache/htdocs/runtime
[root@lihuaixin ~]# mkdir /usr/local/apache/htdocs/wheel
[root@lihuaixin ~]# echo "runtime" >/usr/local/apache/htdocs/runtime/index.html
[root@lihuaixin ~]# echo "wheel" >/usr/local/apache/htdocs/wheel/index.html
[root@lihuaixin ~]# cd /usr/local/apache/bin/
[root@lihuaixin bin]# ./apachectl restart //重启服务
[root@lihuaixin htdocs]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 50 *:139 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 50 *:445 *:*
LISTEN 0 50 :::139 :::*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::81 :::*
LISTEN 0 128 :::22 :::*
浏览器验证
192.168.199.128 这是默认的80端口
使用81端口访问
192.168.199.128:81/
不同IP相同端口配置
[root@lihuaixin ~]# vim /etc/httpd/conf/httpd.conf
ServerName www.example.com:80 //取消此行前面的#号
在配置文件的最后加入如下内容:
#NameVirtualHost //如果是httpd2.2版本就要加上这一行如果是2.4版本就不要加
<VirtualHost 192.168.199.128:80>
DocumentRoot "/usr/local/apache/htdocs/runtime"
ServerName runtime.example.com
ErrorLog "logs/runtime.example.com-error_log"
CustomLog "logs/rutime.example.com-access_log" common
</VirtualHost>
<VirtualHost 192.168.199.129:80>
DocumentRoot "/usr/local/apache/htdocs/wheel"
ServerName wheel.example.com
ErrorLog "logs/wheel.example.com-error_log"
CustomLog "logs/wheel.example.com-access_log" common
</VirtualHost>
新键上面添加的目录并且写入内容到index文件中
[root@lihuaixin ~]# mkdir /usr/local/apache/htdocs/runtime
[root@lihuaixin ~]# mkdir /usr/local/apache/htdocs/wheel
[root@lihuaixin ~]# echo "runtime" >/usr/local/apache/htdocs/runtime/index.html
[root@lihuaixin ~]# echo "wheel" >/usr/local/apache/htdocs/wheel/index.html
[root@lihuaixin ~]# cd /usr/local/apache/bin/
[root@lihuaixin bin]# ./apachectl restart //重启服务
[root@lihuaixin bin]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 50 *:139 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 50 *:445 *:*
LISTEN 0 50 :::139 :::*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::81 :::*
给主机服务器再添加一个ip192.168.199.129
[root@lihuaixin ~]# ip addr add 192.168.199.129 dev ens33
[root@lihuaixin ~]# ip addr show ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:00:11:02 brd ff:ff:ff:ff:ff:ff
inet 192.168.199.128/24 brd 192.168.199.255 scope global dynamic ens33
valid_lft 1398sec preferred_lft 1398sec
inet 192.168.199.129/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::f460:57fd:1855:8db7/64 scope link
valid_lft forever preferred_lft forever
浏览器验证
192.168.199.128
192.168.199.129
相同IP相同端口不同域名配置
[root@lihuaixin ~]# vim /etc/httpd/conf/httpd.conf
ServerName www.example.com:80 //取消此行前面的#号
在配置文件的最后加入如下内容:
#NameVirtualHost //如果是httpd2.2版本就要加上这一行如果是2.4版本就不要加
<VirtualHost *:80>
DocumentRoot "/usr/local/apache/htdocs/runtime"
ServerName runtime.example.com
ErrorLog "logs/runtime.example.com-error_log"
CustomLog "logs/rutime.example.com-access_log" common
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "/usr/local/apache/htdocs/wheel"
ServerName wheel.example.com
ErrorLog "logs/wheel.example.com-error_log"
CustomLog "logs/wheel.example.com-access_log" common
</VirtualHost>
新键上面添加的目录并且写入内容到index文件中
[root@lihuaixin ~]# mkdir /usr/local/apache/htdocs/runtime
[root@lihuaixin ~]# mkdir /usr/local/apache/htdocs/wheel
[root@lihuaixin ~]# echo "runtime" >/usr/local/apache/htdocs/runtime/index.html
[root@lihuaixin ~]# echo "wheel" >/usr/local/apache/htdocs/wheel/index.html
[root@lihuaixin ~]# cd /usr/local/apache/bin/
[root@lihuaixin bin]# ./apachectl restart //重启服务
[root@lihuaixin bin]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 50 *:139 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 50 *:445 *:*
LISTEN 0 50 :::139 :::*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::81 :::*
修改客户端的/etc/hosts文件
[root@qiaobenhuannai ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.199.128 runtime.example.com //添加服务端的ip和域名
192.168.199.128 wheel.example.com //添加客户的另一个ip和域名
验证
[root@qiaobenhuannai ~]# curl http://wheel.example.com
wheel
[root@qiaobenhuannai ~]# curl http://runtime.example.com
runtime
扫一扫
566
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
