综合练习:请给openlab搭建web网站
网站需求:
1.基于域名www.openlab.com可以访问网站内容为 welcome to openlab!!!
2.给该公司创建三个子界面分别显示学生信息,教学资料和缴费网站,基于
www.openlab.com/student 网站访问学生信息,www.openlab.com/data网站访问教学资料
www.openlab.com/money网站访问缴费网站。
3.要求
(1)学生信息网站只有song和tian两人可以访问,其他用户不能访问。
(2)访问缴费网站实现数据加密基于https访问
1.基于域名www.openlab.com可以访问网站内容为 welcome to openlab!!!
[root@server ~]# systemctl start httpd
[root@server ~]# systemctl enable httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@server ~]# mkdir -p /www/openlab
[root@server ~]# echo "welcome to openlab" > /www/openlab/index.html
[root@server ~]# vim /etc/hosts
192.168.92.128 www.openlab.com
[root@server ~]# vim /etc/httpd/conf/httpd.conf
<virtualhost 192.168.92.128>
documentroot /www/openlab
servername www.openlab.com
<directory /www/openlabre>
allowoverride none
require all granted
</directory>
</virtualhost>
[root@server ~]# systemctl restart httpd
2.给该公司创建三个子界面分别显示学生信息,教学资料和缴费网站
[root@server ~]# mkdir -p /www/openlab/student
[root@server ~]# mkdir -p /www/openlab/data
[root@server ~]# mkdir -p /www/openlab/mon
[root@server ~]# echo "学生信息" > /www/openlab/student/index.html
[root@server ~]# echo "教学资料" > /www/openlab/data/index.html
[root@server ~]# echo "缴费网站" > /www/openlab/money/index.html
[root@server ~]# vim /etc/httpd/conf/httpd.conf
<virtualhost 192.168.92.128>
documentroot /www/openlab
servername www.openlab.com
<directory /www/openlab>
allowoverride none
require all granted
</directory>
</virtualhost>
<virtualhost 192.168.92.128>
documentroot /www/openlab/student
servername www.openlab.com
<directory /www/openlab>
allowoverride none
require all granted
</directory>
</virtualhost>
<virtualhost 192.168.92.128>
documentroot /www/openlab/data
servername www.openlab.com
<directory /www/openlab>
allowoverride none
require all granted
</directory>
</virtualhost>
<virtualhost 192.168.92.128>
documentroot /www/openlab/money
servername www.openlab.com
<directory /www/openlab>
allowoverride none
require all granted
</directory>
</virtualhost>
[root@server ~]# systemctl restart httpd
3.学生信息网站只有song和tian两人可以访问,其他用户不能访问
[root@server ~]# useradd song
[root@server ~]# passwd song
更改用户 song 的密码 。
新的密码:
无效的密码: 密码少于 8 个字符
重新输入新的密码:
passwd:所有的身份验证令牌已经成功更新。
[root@server ~]# useradd tian
[root@server ~]# passwd tian
更改用户 tian 的密码 。
新的密码:
无效的密码: 密码少于 8 个字符
重新输入新的密码:
passwd:所有的身份验证令牌已经成功更新。
[root@server ~]# htpasswd -c /etc/httpd/passwd song
New password:
Re-type new password:
Adding password for user song
[root@server ~]# htpasswd /etc/httpd/passwd tian
New password:
Re-type new password:
Adding password for user tian
[root@server ~]# cat /etc/httpd/passwd
song:$apr1$7w9C71h/$5B24EyAbpuxCMJOEAHson0
tian:$apr1$0gtjNE0G$m/38f1.r1NO5tBuC7DJTK/
DocumentRoot "/www/openlab/student"
160
161 #
162 # Relax access to content within /var/www.
163 #
164 <Directory "/www/openlab/student">
165 AllowOverride None
166 # Allow open access:
167 Require all granted
168 </Directory>
169
170 <Directory /www/openlab/student>
171 authuserfile /etc/httpd/passwd
172 authname "My privately website"
173 authtype basic
174 require user song tian
175 </Directory>
[root@server ~]# vim /etc/httpd/conf/httpd.conf
[root@server ~]# systemctl restart httpd
4.访问缴费网站实现数据加密基于https访问
[root@server ~]# yum install httpd mod_ssl -y
[root@server ~]# openssl genrsa -aes128 2048 > /etc/pki/tls/private/money.key
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
[root@server ~]# openssl req -utf8 -new -key /etc/pki/tls/private/money.key -x509 -days 365 -out /etc/pki/tls/certs/money.crt
Enter pass phrase for /etc/pki/tls/private/money.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:86
State or Province Name (full name) []:shanxi
Locality Name (eg, city) [Default City]:xian
Organization Name (eg, company) [Default Company Ltd]:openlab Organizational Unit Name (eg, section) []:rhce
Common Name (eg, your name or your server's hostname) []:server
Email Address []:z@qq.com
[root@server ~]# vim /etc/httpd/conf.d/ssl.conf
<virtualhost 192.168.92.128>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/www/openlab/money.crt
SSLCertificateKeyFile /etc/pki/tls/private/www/openlab/money.key
documentroot /www/openlab/money
<directory /www/openlab/money>
allowoverride none
require all granted
</directory>
</virtualhost>
[root@server ~]# systemctl restart httpd
🔐 Enter TLS private key passphrase for www.openlab.com:443 (RSA) : ******