httpd配置虚拟主机
访问控制法则
法则 | 功能 |
---|---|
Require all granted | 允许所有主机访问 |
Require all deny | 拒绝所有主机访问 |
Require ip IPADDR | 授权指定来源地址的主机访问 |
Require not ip IPADDR | 拒绝指定来源地址的主机访问 |
Require host HOSTNAME | 授权指定来源主机名的主机访问 |
Require not host HOSTNAME | 拒绝指定来源主机名的主机访问 |
IPADDR的类型 | HOSTNAME的类型 |
---|---|
IP:192.168.1.1 Network/mask:192.168.1.0/255.255.255.0 Network/Length:192.168.1.0/24 Net:192.168 | FQDN:特定主机的全名 DOMAIN:指定域内的所有主机 |
注意:httpd-2.4版本默认是拒绝所有主机访问的,所以安装以后必须做显示授权访问
相同IP不同端口
[root@localhost ~]# yum -y install httpd //下载httpd服务
Failed to set locale, defaulting to C.UTF-8
Last metadata expiration check: 2:22:06 ago on Thu Jul 21 20:59:20 2022.
Dependencies resolved.
========================================================================
Package Arch Version Repo Size
========================================================================
Installing:
httpd x86_64 2.4.37-43.module_el8.5.0+1022+b541f3b1 AppStream 1.4 M
Installing dependencies:
centos-logos-httpd
noarch 85.8-2.el8 AppStream 75 k
httpd-filesystem
noarch 2.4.37-43.module_el8.5.0+1022+b541f3b1 AppStream 39 k
httpd-tools
[root@localhost ~]# cd /etc/httpd/conf.modules.d/ //进入httpd服务模块的目录查看
[root@localhost conf.modules.d]# ls
00-base.conf 00-mpm.conf 00-systemd.conf 10-proxy_h2.conf
00-dav.conf 00-optional.conf 01-cgi.conf README
00-lua.conf 00-proxy.conf 10-h2.conf
[root@localhost ~]# find / -name *vhosts.conf //用find命令查看出httpd服务的辅助文件方便接下来的配置。
/usr/share/doc/httpd/httpd-vhosts.conf
[root@localhost ~]# cd /etc/httpd/ //进入httpd的主配置目录下
[root@localhost httpd]# ls
conf conf.d conf.modules.d logs modules run state
[root@localhost httpd]# cd conf.d
[root@localhost conf.d]# ls
README autoindex.conf userdir.conf welcome.conf
[root@localhost conf.d]# cp /usr/share/doc/httpd/httpd-vhosts.conf . //把刚刚查看到的辅助配置文件复制到主配置文件下面
[root@localhost conf.d]# ls
README autoindex.conf httpd-vhosts.conf userdir.conf welcome.conf
[root@localhost conf.d]#
//开始配置相同ip不同端口的网址配置,进入配置文件。
[root@localhost conf.d]# vi httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/var/www/html/zhuawawa"
ServerName www.zhuawawa.com
ErrorLog "/var/log/httpd/www.zhuwawa.com-error_log"
CustomLog "/var/log/httpd/www.zhuawawa.com-access_log" common
</VirtualHost>
Listen 81
<VirtualHost *:81>
DocumentRoot "/var/www/tanke"
ServerName www.tanke.com
ErrorLog "/var/log/httpd/www.tanke.com-error_log"
CustomLog "/var/log/httpd/www.tanke.com-access_log" common
</VirtualHost>
//修改好配置文件过后进入/var/www/html这个目录下
创建在配置的文件。
[root@localhost conf.d]# cd /var/www/html/
[root@localhost html]# ls
[root@localhost html]#
[root@localhost html]#
[root@localhost html]# mkdir zhuawawa tanke
[root@localhost html]# ls
tanke zhuawawa
[root@localhost html]# cd tanke/
[root@localhost tanke]# ls
Battle_City
[root@localhost tanke]# mv Battle_City/* .
[root@localhost tanke]# ls
Battle_City audio css images index.html js
[root@localhost html]# cd zhuawawa
[root@localhost zhuawawa]# ls
jQuery#U6293#U5a03#U5a03#U673a#U6e38#U620f#U4ee3#U7801
[root@localhost zhuawawa]# mv jQuery#U6293#U5a03#U5a03#U673a#U6e38#U620f#U4ee3#U7801/* .
[root@localhost zhuawawa]# ls
images index.html js
img jQuery#U6293#U5a03#U5a03#U673a#U6e38#U620f#U4ee3#U7801
[root@localhost html]# cd zhuawawa
[root@localhost zhuawawa]# ls
images img index.html js
[root@localhost zhuawawa]#
//用httpd -t查看一下配置文件是否出错
[root@localhost html]# httpd -t
AH00112: Warning: DocumentRoot [/var/www/tanke] does not exist
AH00112: Warning: DocumentRoot [/var/www/dummy-host2.example.com] does not exist
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
Syntax OK //有ok就说明配置文件里面没有输入错误
[root@localhost html]# systemctl restart httpd
//然后再查看端口,看80:81端口有没有起来。
[root@localhost html]# ss -atnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:81 *:*
LISTEN 0 128 [::]:22 [::]:*
[root@localhost html]#
在浏览器上输入ip查看效果,这就是相同ip不同端口的效果。
同一端口不同ip
在进入配置文件里面把IP输入进去,没有那个ip我们就出来创建一个ip
[root@localhost conf.d]# vi httpd-vhosts.conf
<VirtualHost 192.168.171.130:80>
DocumentRoot "/var/www/html/zhuawawa"
ServerName www.zhuawawa.com
ErrorLog "/var/log/httpd/www.zhuwawa.com-error_log"
CustomLog "/var/log/httpd/www.zhuawawa.com-access_log" common
</VirtualHost>
#Listen 81
<VirtualHost 192.168.171.131:80>
DocumentRoot "/var/www/html/tanke"
ServerName www.tanke.com
ErrorLog "/var/log/httpd/www.tanke.com-error_log"
CustomLog "/var/log/httpd/www.tanke.com-access_log" common
</VirtualHost>
[root@localhost conf.d]# ip addr add 192.168.171.131/24 dev ens33 //这一步是创建一个临时的ip
[root@localhost conf.d]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:85:68:44 brd ff:ff:ff:ff:ff:ff
inet 192.168.171.130/24 brd 192.168.171.255 scope global dynamic noprefixroute ens33
valid_lft 958sec preferred_lft 958sec
inet 192.168.171.131/24 scope global secondary ens33
valid_lft forever preferred_lft forever
[root@localhost conf.d]# httpd -t
AH00112: Warning: DocumentRoot [/var/www/dummy-host2.example.com] does not exist
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
Syntax OK
[root@localhost conf.d]#
//在重启一下服务
[root@localhost conf.d]# systemctl restart httpd
[root@localhost conf.d]# ls
然后再进入浏览器查看效果
相同ip相同端口不同域名
//在进入配置文件,然后把刚刚修改的IP给删掉就是相同ip端口不同域名了。
[root@localhost conf.d]# vi httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/var/www/html/zhuawawa"
ServerName www.zhuawawa.com
ErrorLog "/var/log/httpd/www.zhuwawa.com-error_log"
CustomLog "/var/log/httpd/www.zhuawawa.com-access_log" common
</VirtualHost>
#Listen 81
<VirtualHost *:80>
DocumentRoot "/var/www/html/tanke"
ServerName www.tanke.com
ErrorLog "/var/log/httpd/www.tanke.com-error_log"
CustomLog "/var/log/httpd/www.tanke.com-access_log" common
</VirtualHost>
[root@localhost conf.d]# httpd -t
AH00112: Warning: DocumentRoot [/var/www/dummy-host2.example.com] does not exist
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
Syntax OK //这个ok说明成了
[root@localhost conf.d]#
[root@localhost conf.d]# systemctl restart httpd
重启一下这个服务
这一步因为现在配置的域名是无效域名,需要做一下简单的域名映射。
域名映射
需要用物理机上的hosts文件,打开后把虚拟机的虚名添加进去
打开方式选择记事本
在用浏览器用域名进行访问。
防止以后apache自己想用httpd服务没有权限,现在给他加上权限
[root@localhost html]# chown -R apache.apache tanke zhuawawa
[root@localhost html]# ll
total 0
drwxr-xr-x. 6 apache apache 72 Jul 22 01:55 tanke
drwxr-xr-x. 5 apache apache 59 Jul 22 01:54 zhuawawa
[root@localhost html]#
ssl
[root@localhost html]# yum -y install mod_ssl
Failed to set locale, defaulting to C.UTF-8
Last metadata expiration check: 1:10:28 ago on Fri Jul 22 01:47:52 2022.
Dependencies resolved.
========================================================================
Package
Arch Version Repo Size
========================================================================
Installing:
mod_ssl
x86_64 1:2.4.37-43.module_el8.5.0+1022+b541f3b1 AppStream 136 k
Installing dependencies:
sscg x86_64 2.3.3-14.el8 AppStream 49 k
[root@localhost html]# systemctl restart httpd
[root@localhost html]# httpd -t
AH00112: Warning: DocumentRoot [/var/www/dummy-host2.example.com] does not exist
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
Syntax OK
[root@localhost html]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 *:443 *:*
[root@localhost html]#
[root@localhost html]# ps aux |grep 443
root 222934 0.0 0.0 9212 1160 pts/0 S+ 03:02 0:00 grep --color=auto 443
[root@localhost html]#
[root@localhost html]# cd /etc/httpd/conf.modules.d/
[root@localhost conf.modules.d]# ls
00-base.conf 00-mpm.conf 00-ssl.conf 10-h2.conf
00-dav.conf 00-optional.conf 00-systemd.conf 10-proxy_h2.conf
00-lua.conf 00-proxy.conf 01-cgi.conf README
[root@localhost conf.modules.d]# vi 00-ssl.conf
[root@localhost conf.modules.d]#
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-KUX2125U-1658479258497)(C:\Users\kang\AppData\Roaming\Typora\typora-user-images\image-20220722150617286.png)]
onf 10-h2.conf
00-dav.conf 00-optional.conf 00-systemd.conf 10-proxy_h2.conf
00-lua.conf 00-proxy.conf 01-cgi.conf README
[root@localhost conf.modules.d]# vi 00-ssl.conf
[root@localhost conf.modules.d]#