1. 构建虚拟主机
实质:编写多个发布目录
##1.还原配置
##删除配置主文件
[root@apache-server ~]# rm -rf /etc/httpd/conf/httpd.conf
##重新安装apache
[root@apache-server ~]# yum reinstall -y httpd
##重启apache
[root@apache-server ~]# systemctl restart httpd
##查看默认发布文件的内容
[root@apache-server ~]# cat /var/www/html/index.html
<h1> hello word! </h1>
网页测试:
##2.建立发布目录
[root@apache-server ~]# mkdir -p /var/www/westos.com/news/html
[root@apache-server ~]# mkdir -p /var/www/westos.com/music/html
##3.建立并编写发布文件1;必须是默认发布文件index.html,否则还需要添加到主配置文件中指定发布文件
[root@apache-server ~]# vim /var/www/westos.com/news/html/index.html
#######################
<h1> new's page </h1>
##建立并编写发布文件2;
[root@apache-server ~]# vim /var/www/westos.com/music/html/index.html
#######################
<h1> music's page</h1>
## /etc/httpd/conf.d/*.conf均为apache的子配置文件
[root@apache-server ~]# cd /etc/httpd/conf.d/
[root@apache-server conf.d]# ls
autoindex.conf manual.conf README userdir.conf welcome.conf
##3.编写子配置文件(默认)
[root@apache-server conf.d]# vim a_default.conf
############################
<VirtualHost _default_:80> ##默认
DocumentRoot /var/www/html ##指定目录
CustomLog logs/default.log combined ##指定日志;combined表示混合型日志
</VirtualHost>
##重启apache
[root@apache-server conf.d]# systemctl restart httpd
##4.本地解析
[root@foundation34 Desktop]# vim /etc/hosts
############################
172.25.254.134 www.westos.com
网页测试:
##5.编写子配置文件(发布目录1)
[root@apache-server conf.d]# pwd
/etc/httpd/conf.d
[root@apache-server conf.d]# vim news.conf
############################
<VirtualHost *:80>
ServerName news.westos.com ##指定访问的域名
DocumentRoot /var/www/westos.com/news/html ##指定目录
CustomLog logs/news.log combined ##指定日志
</VirtualHost>
<Directory "/var/www/westos.com/news/html"> ##授权目录
Require all granted
</Directory>
##6.重启服务
[root@apache-server conf.d]# systemctl restart httpd
##7.本地解析
[root@foundation34 Desktop]# vim /etc/hosts
############################
172.25.254.134 www.westos.com news.westos.com
网页测试:
##8.拷贝文件,便于更改发布目录
[root@apache-server conf.d]# pwd
/etc/httpd/conf.d
[root@apache-server conf.d]# cp news.conf music.conf
##9.编写子配置文件(发布目录2)
[root@apache-server conf.d]# vim music.conf
############################
输入 :%s/news/music/g ##全文替换
##10.重启服务
[root@apache-server conf.d]# systemctl restart httpd.service
##11.本地解析
[root@foundation34 Desktop]# vim /etc/hosts
############################
172.25.254.134 www.westos.com news.westos.com music.westos.com
网页测试:
2. apache的访问控制
(1).基于ip(主机)的访问控制
设定白名单:
[root@apache-server conf.d]# pwd
/etc/httpd/conf.d
[root@apache-server conf.d]# vim a_default.conf
############################
6 <Directory "/var/www/html">
7 Order Deny,Allow ##读取顺序
8 Allow from 172.25.254.34 ##允许
9 Deny from all ##拒绝
10 </Directory>
##重启apache
[root@apache-server conf.d]# systemctl restart httpd
测试:
[root@foundation34 ~]# ifconfig br0
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.34 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::56ee:75ff:fec5:823 prefixlen 64 scopeid 0x20<link>
ether 54:ee:75:c5:08:23 txqueuelen 1000 (Ethernet)
RX packets 42785 bytes 21350056 (20.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 44923 bytes 11979024 (11.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@foundation34 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.25.254.134 www.westos.com news.westos.com music.westos.com
[root@foundation34 ~]# firefox &
[root@apache-server ~]# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.134 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::5054:ff:fe13:9b prefixlen 64 scopeid 0x20<link>
ether 52:54:00:13:00:9b txqueuelen 1000 (Ethernet)
RX packets 34072 bytes 6363355 (6.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 32190 bytes 16075373 (15.3 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@apache-server ~]# vim /etc/hosts
[root@apache-server ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.25.254.134 www.westos.com
[root@apache-server ~]# firefox &
[root@localhost ~]# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.234 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::5054:ff:fe5b:e52 prefixlen 64 scopeid 0x20<link>
ether 52:54:00:5b:0e:52 txqueuelen 1000 (Ethernet)
RX packets 250 bytes 34238 (33.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 207 bytes 26247 (25.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost ~]# vim /etc/hosts
[root@localhost ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.25.254.134 www.westos.com
[root@localhost ~]# firefox &
设定黑名单:
[root@apache-server conf.d]# pwd
/etc/httpd/conf.d
[root@apache-server conf.d]# vim a_default.conf
############################
6 <Directory "/var/www/html">
7 Order Allow,Deny ##访问顺序
8 Allow from all ##允许所有主机
9 Deny from 172.25.254.34 ##拒绝34主机
10 </Directory>
[root@apache-server conf.d]# systemctl restart httpd
测试:
[root@foundation34 ~]# ifconfig br0
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.34 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::56ee:75ff:fec5:823 prefixlen 64 scopeid 0x20<link>
ether 54:ee:75:c5:08:23 txqueuelen 1000 (Ethernet)
RX packets 52096 bytes 25593760 (24.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 54583 bytes 13436604 (12.8 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@foundation34 ~]# firefox &
[root@localhost ~]# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.234 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::5054:ff:fe5b:e52 prefixlen 64 scopeid 0x20<link>
ether 52:54:00:5b:0e:52 txqueuelen 1000 (Ethernet)
RX packets 1413 bytes 275899 (269.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1247 bytes 154803 (151.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost ~]# firefox &
[root@apache-server conf.d]# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.134 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::5054:ff:fe13:9b prefixlen 64 scopeid 0x20<link>
ether 52:54:00:13:00:9b txqueuelen 1000 (Ethernet)
RX packets 52183 bytes 9445449 (9.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 49657 bytes 26025048 (24.8 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@apache-server conf.d]# firefox &
(2).基于用户的访问控制
[root@apache-server conf.d]# pwd
/etc/httpd/conf.d
[root@apache-server conf.d]# ls
a_default.conf manual.conf news.conf userdir.conf
autoindex.conf music.conf README welcome.conf
##1.创建用户并设定密码;c表示create;将生成的用户和密码放入http_userlist文件中
[root@apache-server conf.d]# htpasswd -cm http_userlist root
New password:
Re-type new password:
Adding password for user root
##此时便会生成http_userlist文件
[root@apache-server conf.d]# ls
a_default.conf http_userlist music.conf README welcome.conf
autoindex.conf manual.conf news.conf userdir.conf
[root@apache-server conf.d]# cat http_userlist
root:$apr1$bCxp/T4x$vkIlaXZEuZdcOFAHkwUyF.
##2.添加用户;m表示name;直接在http_userlist文件中添加用户和密码信息
[root@apache-server conf.d]# htpasswd -m http_userlist admin
New password:
Re-type new password:
Adding password for user admin
[root@apache-server conf.d]# cat http_userlist
root:$apr1$bCxp/T4x$vkIlaXZEuZdcOFAHkwUyF.
admin:$apr1$QA9xL1oj$rB6wPWO8t9xfNZkEjSDuA1
##3.指定用户认证信息
[root@apache-server conf.d]# pwd
/etc/httpd/conf.d
[root@apache-server conf.d]# vim a_default.conf
############################
12 <Directory "/var/www/html">
13 AuthUserFile /etc/httpd/conf.d/http_userlist ##指定认证用户文件
14 AuthName "Please input usrname and password !" ##客户端访问时能看到的标题(说明)
15 AuthType basic ##基本认证(核对密码和用户是否匹配)
16 # Require user admin ##允许单个用户通过认证
17 Require valid-user ##允许所有用户通过认证
18 </Directory>
##4.重启服务
[root@apache-server conf.d]# systemctl restart httpd
网页测试:
Ctrl+Shift+d 清除缓存
3. apache支持的语言
apache的默认语言是html
(1)php语言
[root@apache-server ~]# cd /var/www/html/
[root@apache-server html]# ls
index.html westos.html
##1.用php语言编写发布文件
[root@apache-server html]# vim index.php
##########################
<?php
phpinfo();
?>
[root@apache-server html]# systemctl restart httpd
网页测试:
##2.安装php
[root@apache-server html]# yum install -y php
##测试php能否使用
[root@apache-server html]# php -a
Interactive shell
php > quit
##发现安装php后生成了php主配置文件
[root@apache-server html]# ll /etc/httpd/conf.d/php.conf
-rw-r--r--. 1 root root 691 Jun 10 2015 /etc/httpd/conf.d/php.conf
##3.重启服务
[root@apache-server conf.d]# systemctl restart httpd
网页测试:
(2)自定义cgi接口语言
CGI (Common Gateway Interface) 通用网关接口
@1 在/var/www/cgi-bin目录下编写发布文件(脚本)
[root@apache-server conf.d]# cd /var/www/
[root@apache-server www]# ls
cgi-bin html westos.com
[root@apache-server www]# cd cgi-bin/
[root@apache-server cgi-bin]# pwd
/var/www/cgi-bin
##查看安全上下文为httpd_sys_script_exec_t
[root@apache-server cgi-bin]# ls -Zd /var/www/cgi-bin
drwxr-xr-x. root root system_u:object_r:httpd_sys_script_exec_t:s0 /var/www/cgi-bin
查看apache帮助手册:
##1.用cgi语言编写发布文件;可在apache帮助手册查到语法格式
[root@apache-server cgi-bin]# vim index.cgi
#############################
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print "Hello, World.";
##2.给脚本一个可执行权限
[root@apache-server cgi-bin]# chmod +x index.cgi
##3.执行脚本
[root@apache-server cgi-bin]# ./index.cgi
Content-type: text/html
Hello, World.[root@apache-server cgi-bin]# vim index.cgi
##4.更改脚本内容
[root@apache-server cgi-bin]# vim index.cgi
#############################
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`; ##执行date命令
##5.执行脚本
[root@apache-server cgi-bin]# ./index.cgi
[root@apache-server cgi-bin]# ./index.cgi
网页测试:
@2在/var/www/html/cgi目录中编写发布文件(脚本)
[root@apache-server cgi-bin]# cd /var/www/html
##1.创建目录
[root@apache-server html]# mkdir cgi
[root@apache-server html]# ls
cgi index.html index.php westos.html
[root@apache-server html]# cd cgi/
[root@apache-server cgi]# pwd
/var/www/html/cgi
##2.拷贝文件
[root@apache-server cgi]# cp /var/www/cgi-bin/index.cgi .
[root@apache-server cgi]# ll
total 4
-rwxr-xr-x. 1 root root 67 Dec 3 23:25 index.cgi
查看apache帮助手册:
##3.编写子配置文件
[root@apache-server cgi]# cd /etc/httpd/conf.d/
[root@apache-server conf.d]# ls
a_default.conf http_userlist music.conf php.conf userdir.conf
autoindex.conf manual.conf news.conf README welcome.conf
[root@apache-server conf.d]# vim a_default.conf
############################
6 <Directory "/var/www/html/cgi">
7 Options ExecCGI
8 AddHandler cgi-script .cgi
9 </Directory>
##4.重启服务
[root@apache-server conf.d]# systemctl restart httpd
网页测试:
##查看安全上下文
[root@apache-server cgi]# ls -Zd /var/www/html/cgi/
drwxr-xr-x. root root unconfined_u:object_r:httpd_sys_content_t:s0 /var/www/html/cgi/
[root@apache-server cgi]# ls -Zd /var/www/cgi-bin/
drwxr-xr-x. root root system_u:object_r:httpd_sys_script_exec_t:s0 /var/www/cgi-bin/
##5.修改安全上下文
[root@apache-server cgi]# semanage fcontext -a -t httpd_sys_script_exec_t '/var/www/html/cgi(/.*)?'
##6.刷新
[root@apache-server cgi]# restorecon -RvvF /var/www/html/cgi/
##查看安全上下文
[root@apache-server cgi]# ls -Zd /var/www/html/cgi/
drwxr-xr-x. root root system_u:object_r:httpd_sys_script_exec_t:s0 /var/www/html/cgi/
网页测试:
(3)wsgi 接口语言
WSGI,全称 Web Server Gateway Interface( 或者 Python Web Server Gateway Interface )
是为 Python 语言定义的 Web 服务器和 Web 应用程序或框架之间的一种简单而通用的接口
@直接在/var/www/cgi-bin/目录下写编写发布文件(脚本)
##1.删除index.cgi脚本
[root@apache-server ~]# cd /var/www/cgi-bin/
[root@apache-server cgi-bin]# ls
index.cgi
[root@apache-server cgi-bin]# rm -rf index.cgi
##2.下载脚本
[root@apache-server cgi-bin]# ls
webapp.wsgi westos
##查看脚本;此脚本是用python写的
[root@apache-server cgi-bin]# vim webapp.wsgi
#############################
#!/usr/bin/env python
import time
def application (environ, start_response):
response_body = 'UNIX EPOCH time is now: %s\n' % time.time()
status = '200 OK'
response_headers = [('Content-Type', 'text/plain'),
('Content-Length', '1'),
('Content-Length', str(len(response_body)))]
start_response(status, response_headers)
return [response_body]
##3.给脚本一个可执行权限
[root@apache-server cgi-bin]# chmod +x webapp.wsgi
[root@apache-server cgi-bin]# ll webapp.wsgi
-rwxr-xr-x. 1 root root 397 Dec 4 00:22 webapp.wsgi
##无法调用;因为apache默认不支持python语言;
[root@apache-server cgi-bin]# python webapp.wsgi
##搜索wsgi软件; wsgi支持python语言
[root@apache-server cgi-bin]# yum search wsgi
##4.安装wsgi插件
[root@apache-server cgi-bin]# yum install -y mod_wsgi.x86_64
[root@apache-server cgi-bin]# cd /etc/httpd/conf.d/
[root@apache-server conf.d]# ls
a_default.conf http_userlist manual.conf news.conf README userdir.conf
autoindex.conf login.conf music.conf php.conf ssl.conf welcome.conf
##5.编写子配置文件
[root@apache-server conf.d]# vim webapp.conf
############################
<VirtualHost *:80>
ServerName webapp.westos.com ##指定访问域名
DocumentRoot /var/www/cgi-bin ##指定发布目录
CustomLog logs/webapp.log combined ##指定日志
WSGIScriptAlias / /var/www/cgi-bin/webapp.wsgi #指定脚本
</VirtualHost>
##当访问webapp.westos.com/网址时,会自动执行/var/www/cgi-bin/webapp.wsgi脚本
##6.重启apache
[root@apache-server conf.d]# systemctl restart httpd
##7.本地解析
[root@foundation34 ~]# vim /etc/hosts
######################
172.25.254.134 webapp.westos.com
网页测试: