Apache服务器

最新推荐文章于 2022-12-07 10:37:37 发布

Wang_Yuhan-

最新推荐文章于 2022-12-07 10:37:37 发布

阅读量177

点赞数 1

本文链接：https://blog.csdn.net/qq_40303205/article/details/80515992

版权

1.Apache概述
企业中常用来用的web服务，用来提供http://(超文本传输协议)
支持最新的HTTP通信协议
支持通用网关接口
支持基于ip和基于域名的虚拟主机

支持安全Socket层（SSL）

2.Apache的安装

yum install httpd        #安装主程序包
systemctl start httpd    #开启服务
yum install httpd-manual #安装参考手册
cd /var/www/html
vim /index.html          #编辑文件在浏览器中测试是否安装成功

3.有关Apache的基础信息
主配置目录             /etc/httpd/conf
主配置文件             /etc/htppd/conf/httpd.conf
子配置目录             /etc/httpd/conf.d
子配置文件             /etc/httpd/conf.d/*.conf
默认发布目录         /var/www/html
默认发布文件          /var/www/html/index.html
默认端口                 80
默认上下安全文     httpd_sys_content_t
程序开启默认用户 apache
日志                         /etc/htppd/logs/*

4.服务器配置--主配置文件

vim /etc/httpd/conf/httpd.conf		#修改默认端口
 42 Listen 8080 
systemctl restart httpd
172.25.254.133:8080

vim /etc/httpd/conf/httpd.conf		#修改默认发布目录
 119 #DocumentRoot "/var/www/html"
 120 DocumentRoot "/westos/html"
 121 <Directory "/westos">
 122         require all granted
 123 </Directory>
systemctl restart httpd

vim /etc/httpd/conf/httpd.conf          #修改默认发布文件
 119 #DocumentRoot "/var/www/html"
 120 DocumentRoot "/westos/html"
 121 <Directory "/westos/html/linux">
 122         DirectoryIndex test.html
 123 </Directory>
 124 
 125 <Directory "/westos">
 126         require all granted
 127         DirectoryIndex test.html
 128 </Directory>
systemctl restart httpd

修改默认端口

修改默认发布目录

修改默认发布文件

5.apache内部的访问控制

1）针对主机的访问控制

访问黑名单
vim /etc/httpd/conf/httpd.conf
  <Directory "/var/www/html/westos">
          Order Allow,Deny		#列表读取顺序，后读的会覆盖前重复的内容
          Allow from ALL
          Deny from 172.25.254.65
  </Directory>				#不允许ip为172.25.254.65的用户访问
systemctl restart httpd

访问白名单
vim /etc/httpd/conf/httpd.conf
  <Directory "/var/www/html/westos">
          Order Deny,Allow
          Allow from 172.25.254.65
          Deny from All
  </Directory>				#只允许ip为172.25.254.65的用户访问
systemctl restart httpd

2）针对用户的访问控制

cd /etc/httpd/
htpasswd -cm apacheuser tom
htpasswd -cm apacheuser admin	#建立访问用户，首次创建需加参数c
vim /etc/httpd/conf/httpd.conf
  <Directory "/var/www/html/westos">
          AuthUserFile /etc/httpd/apacheuser
          AuthName "Please input user and password!!"
          AuthType basic
          Require user admin
  </Directory>			#只有admin用户可以登陆
systemctl restart httpd

针对主机的访问黑名单

针对用户的访问控制

只有admin用户才可登陆

6.Apache的虚拟主机配置

mkdir /var/www/virtual/westos.com/music -p
mkdir /var/www/virtual/westos.com/news -p
vim /var/www/virtual/westos.com/news/index.html
vim /var/www/virtual/westos.com/music/index.html
cd /etc/httpd/conf.d/
vim default.conf
  <VirtualHost _default_:80>
          DocumentRoot /var/www/html
          CustomLog "logs/default.log" combined
  </VirtualHost>

vim news.conf
  <VirtualHost *:80>
          ServerName news.westos.com
          DocumentRoot "/var/www/virtual/westos.com/news/"
          CustomLog "logs/news.log" combined
  </VirtualHost>
  <Directory "/var/www/virtual/westos.com/news/">
          Require all granted
  </Directory>

vim music.conf
  <VirtualHost *:80>
          ServerName music.westos.com
          DocumentRoot "/var/www/virtual/westos.com/music/"
          CustomLog "logs/music.log" combined
  </VirtualHost>
  <Directory "/var/www/virtual/westos.com/music/">
          Require all granted
  </Directory>
systemctl restart httpd

7.https

yum install mod_ssl -y
yum install crypto-utils -y
genkey www.westos.com
vim /etc/httpd/conf.d/ssl.conf
 101 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
 102 
 103 #   Server Private Key:
 104 #   If the key is not combined with the certificate, use this
 105 #   directive to point at the key file.  Keep in mind that if
 106 #   you've both a RSA and a DSA private key you can configure
 107 #   both in parallel (to also allow the use of DSA ciphers, etc.)
 108 #SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
 109 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key

需下载证书后方可浏览

8.网页重写

mkdir /var/www/virtual/westos.com/login/ -p
vim /var/www/virtual/westos.com/login/index.html
cd /etc/httpd/conf.d/
vim login.conf
  <VirtualHost *:443>
          ServerName login.westos.com
          DocumentRoot "/var/www/virtual/westos.com/login/"
          CustomLog "logs/login.log" combined
          SSLEngine on
          SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
          SSLCertificateKeyFile /etc/pki/tls/private//www.westos.com.key
  </VirtualHost>
  <Directory "/var/www/virtual/westos.com/login/">
          Require all granted
  </Directory>
  <VirtualHost *:80>
          ServerName login.westos.com
          RewriteEngine on
          RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
  </VirtualHost>
systemctl restart httpd

网页重写成功后即使访问的是login.westos.com 也会自动跳转至https页面

9.Apache支持的语言

1）php

yum install php -y
cd /var/www/html
vim index.php
  <?php
          phpinfo();
  ?>
vim /etc/httpd/conf/httpd.conf
  185 <IfModule dir_module>
  186     DirectoryIndex index.php index.html
  187 </IfModule>
systemctl restart httpd
在浏览器测试

2）cgi

10.搭建论坛

systemctl start httpd
systemctl start mariadb
unzip Discuz_X3.2_SC_UTF8.zip 
chmod +777 upload/ -R

11.squid

yum install squid
vim /etc/squid/squid.conf
 56 http_access allow all
 57 
 58 # Squid normally listens to port 3128
 59 http_port 3128
 60 
 61 # Uncomment and adjust the following to add a disk cache directory.
 62 cache_dir ufs /var/spool/squid 100 16 256

systemctl restart squid

z在浏览器中做如下设置，即可通过ip为172.25.254.65的主机的缓存上网

12.CND加速

233:
卸载httpd
yum install squid
vim /etc/squid/squid.conf
 56 http_access allow all
 57 
 58 # Squid normally listens to port 3128
 59 http_port 80 vhost vprot
 60 cache_peer 172.25.254.113 parent 80 0 proxy-only
 61 # Uncomment and adjust the following to add a disk cache directory.
 62 cache_dir ufs /var/spool/squid 100 16 256

systemctl restart squid
 
在172.25.254.65中测试：
在浏览器中输入172.25.254.233 查看是否能访问