一、网站需求
1、基于域名 www.openlab.com 可以访问网站内容为 welcome to openlab!!!
2.给该公司创建三个子界面分别显示学生信息,教学资料和缴费网站
(a)基于 www.openlab.com/student 网站访问学生信息
(b)基于 www.openlab.com/data 网站访问教学资料
(c)基于 www.openlab.com/money 网站访问缴费网站
3.要求
(a)学生信息网站只有 song 和 tian 两个用户可以访问,其他用户不能访问
(b)访问缴费网站实现数据加密基于https访问
二、实验步骤:
1.仓库搭建及挂载
[root@localhost ~]# cd /etc/yum.repos.d
[root@localhost yum.repos.d]# vim base.repo
仓库代码如下:
[BaseOS]
name=BaseOS
baseurl=/mnt/BaseOS
enabled=1
gpgcheck=0
[Appstream]
name=AppStream
baseurl=/mnt/AppStream
enabled=1
gpgcheck=0
[root@localhost ~]# mount /dev/sr0 /mnt
mount: /mnt: WARNING: source write-protected, mounted read-only.
2.安装HTTPD服务
[root@localhost ~]# yum install httpd -y
3. 配置文件
[root@localhost ~]# cd /etc/httpd/conf.d
[root@localhost conf.d]# vim vhost.conf
vhost.conf代码如下:
<directory /openlab/>
allowoverride none
require all granted
</directory>
<virtualhost *:80>
documentroot /openlab
servername www.openlab.com
</virtualhost>
//基于用户认证
<directory /openlab/student>
authtype basic
authname "Please login: "
authuserfile /etc/httpd/zhanghao
require user tian song
</directory>
<virtualhost *:80>
documentroot /openlab
alias /openlab/student /openlab/student
servername www.openlab.com
</virtualhost>
//基于https加密
<virtualhost *:443>
documentroot /openlab/money
servername www.openlab.com
alias /money /openlab/money
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/jiami.crt
SSLCertificateKeyFile /etc/pki/tls/private/jiami.key
</virtualhost>
4. 创建openlab目录,关闭防火墙及selinux,开启httpd服务
[root@localhost ~]# mkdir /openlab
[root@localhost ~]# echo welcome to openlab > /openlab/index.html
[root@localhost ~]#
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl restart httpd
5. 创建三个子页面(student、data、money)
[root@localhost ~]# cd /openlab
[root@localhost openlab]# ll
总用量 4
-rw-r--r--. 1 root root 19 12月 09 14:46 index.html
[root@localhost openlab]# mkdir student
[root@localhost openlab]# mkdir data
[root@localhost openlab]# mkdir money
[root@localhost openlab]# echo welcome to student > student/index.html
[root@localhost openlab]# echo welcome to data > data/index.html
[root@localhost openlab]# echo welcome to money > money/index.html
[root@localhost openlab]#
[root@localhost openlab]# systemctl restart httpd
6. 学生信息网站(student)只有 song 和 tian 两个用户可以访问,其他用户不能访问
[root@localhost ~]# htpasswd -c /etc/httpd/zhanghao song
New password:
Re-type new password:
Adding password for user song
[root@localhost ~]# htpasswd /etc/httpd/zhanghao tian
New password:
Re-type new password:
Adding password for user tian
7.安装mod_ssl
[root@localhost ~]# dnf install mod_ssl -y
8.加密命令
[root@localhost ~]# cd /etc/pki/tls/certs
[root@localhost certs]# openssl genrsa > jiami.key
[root@localhost certs]# openssl req -utf8 -new -key jiami.key -x509 -days 100 -out jiami.crt
//将jiami.key文件移动到private目录下
[root@localhost certs]# mv jiami.key ../private/
[root@localhost certs]#
[root@localhost certs]# systemctl restart httpd