1.Apache作用
在web被访问时通常使用http://的方式http:// 超文本传输协议http:// 超文本传输协议提供软件:ApachenginxstgwjfeTengine
2. Apache的安装与启用
dnf install httpd.x86_64 -ysystemctl enable --now httpd 开启服务并设定服务位开机启动firewall-cmd --list-all 查看火墙信息firewall-cmd --permanent --add-service=http 在火墙中永久开启http访问firewall-cmd --permanent --add-service=https 在火墙中永久开启https访问firewall-cmd --reload 刷新火墙使设定生效
3.Apache的基本信息
服务名称:httpd配置文件:/etc/httpd/conf/httpd.conf 主配置文件/etc/httpd/conf.d/*.conf 子配置文件默认发布目录: /var/www/html默认发布文件: index.html默认端口:80 http443 https用户: apache日志: /etc/httpd/logs
4.Apache的基本配置
Apache端口修改vim /etc/httpd/conf/httpd.confListen 8080firewall-cmd --permanent --add-port=8080/tcpfirewall-cmd --reloadsystemctl restart httpdhttp://172.25.254.100:8080默认发布文件vim /etc/httpd/conf/httpd.confDirectoryIndex westos.html index.htmlsystemctl restart httpd默认发布目录mkdir /westos/htmlvim /etc/httpd/conf/httpd.confDocumentRoot "/westos/html"<Directory "/westos/html">Require all granted</Directory>systemctl restart httpdfirefox http://192.168.0.101
5.Apache的访问控制
实验素材mkdir /var/www/html/westosvim /var/www/html/westos/index.html<h1>westosdir's page</h1>firefox http://192.168.0.11/westos基于客户端ip的访问控制ip白名单<Directory "/var/www/html/westos">Order Deny,AllowAllow from 192.168.0.10Deny from All</Directory>ip黑名单<Directory "/var/www/html/westos">Order Allow,DenyAllow from AllDeny from 192.168.0.10</Directory基于用户认证vim /etc/httpd/conf/httpd.conf<Directory "/var/www/html/westos">AuthUserfile /etc/httpd/htpasswdfile 指定认证文件AuthName "Please input your name and password" 认证提示语AuthType basic 认证类型Require user admin 允许通过的认证用户 2选1Require valid-user 允许所有用户通过认证 2选1</Directory>htpasswd -cm /etc/httpd/htpasswdfile admin 生成认证文件
6.Apache的虚拟主机
mkdir -p /var/www/westos.com/{news,wenku}echo "wenku's page" >/var/www/westos.com/wenku/index.htmlecho "news's page" > /var/www/westos.com/news/index.htmlecho "default's page" > /var/www/html/index.htmlvim /etc/httpd/Vhost.conf<VirtualHost _default_:80>DocumentRoot "/var/www/html"CustomLog logs/default.log combined</VirtualHost><VirtualHost *:80>ServerName wenku.westos.comDocumentRoot "/var/www/westos.com/wenku"CustomLog logs/wenku.log combined</VirtualHost>
7.Apache的语言支持
phpvim /var/www/html/index.php<?phpphpinfo();?>dnf install php -ysystemctl restart httpdfirefox http://192.168.0.11/index.phpcgimkdir /var/www/html/cgivim /var/www/html/cgidir/index.cgi#!/usr/bin/perlprint "Content-type: text/html\n\n";print `date`;vim /etc/httpd/conf.d/vhost.conf
<Directory "/var/www/html/cgidir">Options +ExecCGIAddHandler cgi-script .cgi</Directory>firefox http://192.168.0.11/cgidir/index.cgi
wsgi书写wsgi的测试文件vim /var/www/html/wsgi/index.wsgidef application(env, westos):westos('200 ok',[('Content-Type', 'text/html')])return [b'hello westos ahhahahahah!']dnf install python3-mod_wsgisystemctl restart httpd
vim /etc/httpd/conf.d/vhost<VirtualHost *:80>ServerName wsgi.westos.orgWSGIScriptAlias / /var/www/html/wsgi/index.wsgi</VirtualHost>
8.Apache的加密访问
安装加密插件dnf install mod_ssl -y生成证书生成证书
mkdir /etc/httpd/certs
openssl req --newkey rsa:2048 -nodes -sha256 -keyout /etc/httpd/certs/westos.org.key-x509 -days 365 -out /etc/httpd/westos.org.crt修改文件 vim /etc/httpd/conf.d/ssl.conf
修改后重启httpd服务
systemctl restart httpd
mkdir
修改 vim /etc/httpd/conf.d/vhost.conf
<VirtualHost *:80>ServerName login.westos.comRewriteEngine onRewriteRule ^(/.*)$ https://%{HTTP_HOST}$1</VirtualHost><VirtualHost *:443>ServerName login.westos.comDocumentRoot "/www/westos.com/login"CustomLog logs/login.log combinedSSLEngine onSSLCertificateFile /etc/pki/tls/certs/www.westos.com.crtSSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key</VirtualHost>systemctl restart httpd
9.Squid+Apache
在双网卡主机中dnf install squid -yvim /etc/squid/squid.confhttp_access allow allcache_dir ufs /var/spool/squid 100 16 256systemctl restart squidfirewall-cmd --permanent --add-port=3128/tcpfirewall-cmd --reload
测试:firefox http:/172.25.254.30访问看到的时172.25.254.20上的数据