环境信息
10.0.0.72
安装配置
yum install httpd -y
多域名
#www.a1.com
<VirtualHost *:80>
DocumentRoot /var/www/html/a1com
ServerName www.a1.com
ErrorLog "/var/log/httpd/a1com-error_log"
CustomLog "/var/log/httpd/a1com-access_log" common
</VirtualHost>
#www.a12.com
[root@web-72 conf.d]# cat a12com.conf
<VirtualHost *:80>
DocumentRoot /var/www/html/a12com
ServerName www.a12.com
ErrorLog "/var/log/httpd/a12com-error_log"
CustomLog "/var/log/httpd/a12com-access_log" common
</VirtualHost>
多端口
1. httpd.conf配置
Listen 80
Listen 82 #新增监听82端口
2. [root@web-72 conf.d]# cat a2com.conf
<VirtualHost *:82>
DocumentRoot /var/www/html/a2com
ServerName www.a2.com
ErrorLog "/var/log/httpd/a2com-error_log"
CustomLog "/var/log/httpd/a2com-access_log" common
</VirtualHost>
https配置
#1 安装
yum install mod_ssl openssl -y
#2
openssl genrsa -out server.key 2048
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt
创建证书后,将文件复制到对应的目录。
# cp server.crt /etc/pki/tls/certs/
# cp server.key /etc/pki/tls/private/
# cp server.csr /etc/pki/tls/private/
[root@web-72 ~]# openssl req -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:
State or Province Name (full name) []:
Locality Name (eg, city) [Default City]:
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:www.a1.com
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@web-72 ~]#
<VirtualHost _default_:443>
DocumentRoot "/var/www/html/a1com"
ServerName www.a1.com:443
SSLCertificateFile /etc/pki/tls/certs/server.crt
SSLCertificateKeyFile /etc/pki/tls/private/server.key
</VirtualHost>
基于IP访问控制
<VirtualHost *:80>
DocumentRoot /var/www/html/a1com
ServerName www.a1.com
ErrorLog "/var/log/httpd/a1com-error_log"
CustomLog "/var/log/httpd/a1com-access_log" common
<Directory "/var/www/html/a1com">
Order Deny,Allow
Deny from all
Allow from ip 10.0.0.1
</Directory>
</VirtualHost>
~
基于用户访问控制
[root@web-72 conf.d]# cat a2com.conf
<VirtualHost *:82>
DocumentRoot /var/www/html/a2com
ServerName www.a2.com
ErrorLog "/var/log/httpd/a2com-error_log"
CustomLog "/var/log/httpd/a2com-access_log" common
<Directory "/var/www/html/a2com">
AuthType Basic
AuthName "please input"
AuthUserFile "/etc/httpd/conf.d/.basic.user"
Require valid-user
</Directory>
</VirtualHost>
常用维护命令
#1 检查配置文件
apachectl configtest
或者 httpd -t