Apache

Apache

1.Apache的安装启用

dnf install httpd.x86_64 -y
systemctl enable --now httpd
firewall-cmd --list-all #查看火墙信息
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --reload

vim /etc/httpd/conf/httpd.conf #主配置文件
/etc/httpd/conf.d/*.conf #子配置文件

2.Apache基本设置

修改端口

vim /etc/httpd/conf/httpd.conf
listen 8080

firewall-cmd --permanent --add-port=8080/tcp
firewall-cmd --reload

systemctl restart httpd

访问:172.25.254.117:8080

修改默认发布文件index.html

vim /etc/httpd/conf/httpd.conf #167行

DirectoryIndex haha.html  index.html

vim /var/www/html/index.html
hhhhhhhhhhhhhhh

vim /var/www/html/haha.html
aaaaaaaaaaaaaaa

systemctl restart httpd

访问:172.25.254.117

修改默认发布目录/var/www/html

mkdir /westos_web
vim /westos_web/index.html
bbbbbbbbbbbbbbbbbb

vim /etc/httpd/conf/httpd.conf #123行

#DocumentRoot "/var/www/html"
DocumentRoot "/westos_web"
<Directory "/westos_web>
      Require all granted
</Directory> 

systemctl restart httpd

访问:172.25.254.117

3. 黑白名单

vim /etc/httpd/conf/httpd.conf #122行

DocumentRoot "/var/www/html"
<Directory "/var/www/html/westos">
      Order Allow,Deny	#先读Allow,后读Deny
      Allow from all
      Deny from 172.25.254.17
</Directory>

systemctl restart httpd

其他人都可以,172.25.254.17不能访问

测试:http://172.25.254.117/westos
Forbidden

4.虚拟机

mkdir -p /var/www/virutal/node1.org/{linux,lee}
vim /var/www/virutal/node1.org/linux/index.html
hello linux

vim /var/www/virutal/node1.org/lee/index.html
hello lee

vim /etc/httpd/conf.d/vhosts.conf

<VirtualHost _default_:80 >
        DocumentRoot /var/www/html
        Customlog logs/default.log combined
</VirtualHost>

<VirtualHost *:80>
        ServerName lee.node1.org
        DocumentRoot /var/www/virutal/node1.org/lee
        CustomLog logs/lee.log combined
</VirtualHost>

<VirtualHost *:80>
        ServerName linux.node1.org
        DocumentRoot /var/www/virutal/node1.org/linux
        CustomLog logs/linux.log combined
</VirtualHost>

systemctl restart httpd

在访问浏览器的主机设置解析网址
vim /etc/hosts

172.25.254.117  node1.org   linux.node1.org   lee.node1.org 

测试:
访问linux.node1.org
hello linux

访问lee.node1.org
hello lee

5.基于用户认证

cd /etc/httpd/
htpasswd -cm .htpasswd admin #生成认证文件 -c创建文件 -m加密
cat .htpasswd #查看密码

htpasswd -m .htpasswd admin2 #添加用户,加c会清空原来的内容

vim /etc/httpd/conf/httpd.conf

DocumentRoot "/var/www/html"
<Directory "/var/www/html/westos">
         AuthUserfile /etc/httpd/.htpasswd
         AuthName "Please input username and password !!"
         AuthType basic	#认证类型
         Require valid-user	#允许所有用户通过
	    #Require user admin  允许通过的认证用户
</Directory>

systemctl restart httpd

6.Apache下支持的语言

html

php

dnf install php -y
vim /var/www/html/index.php

<?php
        phpinfo();
?>

perl

cd /var/www/html
mkdir cgi-scripts
vim index.cgi

#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;

chmod +x index.cgi

vim /etc/httpd/conf.d/vhosts.conf

<Directory /var/www/html/cgi-scripts>
        Options +ExecCGI
        AddHandler cgi-script .cgi
</Directory>

systemctl restart httpd

python

dnf install python3-mod_wsgi.x86_64 -y
cd /var/www/html
mkdir wsgi-scripts
vim index.wsgi

def application(env, westos):
        westos( '200 ok', [('Content-Type', 'text/html')])
        return [b"`cal`"]

chmod +x index.wsgi
vim /etc/httpd/conf.d/vhosts.conf

<VirtualHost *:80>
        ServerName wsgi.node1.org
        WSGIScriptAlias /  /var/www/html/wsgi-scripts/index.wsgi
</VirtualHost>

systemctl restart httpd

vim /etc/hosts

wsgi.node1.org

测试:
访问wsgi.node1.org

7.加密访问

加密证书

dnf install mod_ssl -y
firewall-cmd --permanent --add-service=https
firewall-cmd --reload

openssl genrsa -out /mnt/www.westos.org.key 2048

openssl req -new -key /mnt/www.westos.org.key -out /mnt/www.westos.org.csr

CN
Shannxi
westos
www.westos.org
admin@westos.org
A challenge password []:
An optional company name []:

openssl x509 -req -days 365 -in /mnt/www.westos.org.csr
-signkey /mnt/www.westos.org.key
-out /mnt/www.westos.org.crt

cp /mnt/www.westos.org.* /etc/httpd/

vim /etc/httpd/conf.d/ssl.conf #85行

SSLCertificateFile /etc/httpd/www.westos.org.crt
SSLCertificateKeyFile /etc/httpd/www.westos.org.key

systemctl restart httpd

访问控制

vim /etc/httpd/conf.d/vhosts.conf

<VirtualHost *:80>
        ServerName login.node1.org
        RewriteEngine on
        RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1
</VirtualHost>

<VirtualHost *:443>
        ServerName login.node1.org
        DocumentRoot "/var/www/virutal/node1.org/login"
        CustomLog logs/linux.log comnined
        SSLEngine on
        SSLCertificateFile /etc/httpd/www.westos.org.crt
        SSLCertificateKeyFile /etc/httpd/www.westos.org.key
</VirtualHost>

systemctl restart httpd

vim /etc/hosts
login.node1.org

测试:
访问login.node1.org

squid和Apache

squid正向代理

在可以上网的主机里

dnf install squid -y
firewall-cmd --permanent --add-port=3128/tcp
firewall-cmd --reload

vim /etc/squid/squid.conf #59和65行

http_access allow all
cache_dir ufs /var/spool/squid 100 16 256

systemctl restart squid
cd /var/spool/squid/
ls
测试:
在不能上网的主机里设置浏览器访问www.baidu.com

squid反向代理

在有squid的主机(172.25.254.117)卸载Apache
dnf remove http

vim /etc/squid/squid.conf #63和64行

http_port 80 vhost vport
cache_peer 172.25.254.17 parent 80 0 proxy-only

systemctl restart squid

测试:
在其他主机访问172.25.254.117,可以访问到

curl -I 172.25.254.117

Server: Apache/2.4.37 (Red Hat Enterprise Linux)

已标记关键词 清除标记
©️2020 CSDN 皮肤主题: 1024 设计师:上身试试 返回首页