企业中常用来用的web服务,用来提供http://(超文本传输协议)
支持最新的HTTP通信协议
支持通用网关接口
支持基于ip和基于域名的虚拟主机
支持安全Socket层(SSL)
2.Apache的安装
yum install httpd #安装主程序包
systemctl start httpd #开启服务
yum install httpd-manual #安装参考手册
cd /var/www/html
vim /index.html #编辑文件在浏览器中测试是否安装成功
3.有关Apache的基础信息
主配置目录 /etc/httpd/conf
主配置文件 /etc/htppd/conf/httpd.conf
子配置目录 /etc/httpd/conf.d
子配置文件 /etc/httpd/conf.d/*.conf
默认发布目录 /var/www/html
默认发布文件 /var/www/html/index.html
默认端口 80
默认上下安全文 httpd_sys_content_t
程序开启默认用户 apache
日志 /etc/htppd/logs/*
4.服务器配置--主配置文件
vim /etc/httpd/conf/httpd.conf #修改默认端口
42 Listen 8080
systemctl restart httpd
172.25.254.133:8080
vim /etc/httpd/conf/httpd.conf #修改默认发布目录
119 #DocumentRoot "/var/www/html"
120 DocumentRoot "/westos/html"
121 <Directory "/westos">
122 require all granted
123 </Directory>
systemctl restart httpd
vim /etc/httpd/conf/httpd.conf #修改默认发布文件
119 #DocumentRoot "/var/www/html"
120 DocumentRoot "/westos/html"
121 <Directory "/westos/html/linux">
122 DirectoryIndex test.html
123 </Directory>
124
125 <Directory "/westos">
126 require all granted
127 DirectoryIndex test.html
128 </Directory>
systemctl restart httpd
修改默认端口
修改默认发布目录
修改默认发布文件
5.apache内部的访问控制
1)针对主机的访问控制
访问黑名单
vim /etc/httpd/conf/httpd.conf
<Directory "/var/www/html/westos">
Order Allow,Deny #列表读取顺序,后读的会覆盖前重复的内容
Allow from ALL
Deny from 172.25.254.65
</Directory> #不允许ip为172.25.254.65的用户访问
systemctl restart httpd
访问白名单
vim /etc/httpd/conf/httpd.conf
<Directory "/var/www/html/westos">
Order Deny,Allow
Allow from 172.25.254.65
Deny from All
</Directory> #只允许ip为172.25.254.65的用户访问
systemctl restart httpd
2)针对用户的访问控制
cd /etc/httpd/
htpasswd -cm apacheuser tom
htpasswd -cm apacheuser admin #建立访问用户,首次创建需加参数c
vim /etc/httpd/conf/httpd.conf
<Directory "/var/www/html/westos">
AuthUserFile /etc/httpd/apacheuser
AuthName "Please input user and password!!"
AuthType basic
Require user admin
</Directory> #只有admin用户可以登陆
systemctl restart httpd
针对主机的访问黑名单
针对用户的访问控制
只有admin用户才可登陆
6.Apache的虚拟主机配置
mkdir /var/www/virtual/westos.com/music -p
mkdir /var/www/virtual/westos.com/news -p
vim /var/www/virtual/westos.com/news/index.html
vim /var/www/virtual/westos.com/music/index.html
cd /etc/httpd/conf.d/
vim default.conf
<VirtualHost _default_:80>
DocumentRoot /var/www/html
CustomLog "logs/default.log" combined
</VirtualHost>
vim news.conf
<VirtualHost *:80>
ServerName news.westos.com
DocumentRoot "/var/www/virtual/westos.com/news/"
CustomLog "logs/news.log" combined
</VirtualHost>
<Directory "/var/www/virtual/westos.com/news/">
Require all granted
</Directory>
vim music.conf
<VirtualHost *:80>
ServerName music.westos.com
DocumentRoot "/var/www/virtual/westos.com/music/"
CustomLog "logs/music.log" combined
</VirtualHost>
<Directory "/var/www/virtual/westos.com/music/">
Require all granted
</Directory>
systemctl restart httpd
7.https
yum install mod_ssl -y
yum install crypto-utils -y
genkey www.westos.com
vim /etc/httpd/conf.d/ssl.conf
101 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
102
103 # Server Private Key:
104 # If the key is not combined with the certificate, use this
105 # directive to point at the key file. Keep in mind that if
106 # you've both a RSA and a DSA private key you can configure
107 # both in parallel (to also allow the use of DSA ciphers, etc.)
108 #SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
109 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
需下载证书后方可浏览
8.网页重写
mkdir /var/www/virtual/westos.com/login/ -p
vim /var/www/virtual/westos.com/login/index.html
cd /etc/httpd/conf.d/
vim login.conf
<VirtualHost *:443>
ServerName login.westos.com
DocumentRoot "/var/www/virtual/westos.com/login/"
CustomLog "logs/login.log" combined
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
SSLCertificateKeyFile /etc/pki/tls/private//www.westos.com.key
</VirtualHost>
<Directory "/var/www/virtual/westos.com/login/">
Require all granted
</Directory>
<VirtualHost *:80>
ServerName login.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</VirtualHost>
systemctl restart httpd
网页重写成功后即使访问的是login.westos.com 也会自动跳转至https页面
9.Apache支持的语言
1)php
yum install php -y
cd /var/www/html
vim index.php
<?php
phpinfo();
?>
vim /etc/httpd/conf/httpd.conf
185 <IfModule dir_module>
186 DirectoryIndex index.php index.html
187 </IfModule>
systemctl restart httpd
在浏览器测试
2)cgi
10.搭建论坛
systemctl start httpd
systemctl start mariadb
unzip Discuz_X3.2_SC_UTF8.zip
chmod +777 upload/ -R
11.squid
yum install squid
vim /etc/squid/squid.conf
56 http_access allow all
57
58 # Squid normally listens to port 3128
59 http_port 3128
60
61 # Uncomment and adjust the following to add a disk cache directory.
62 cache_dir ufs /var/spool/squid 100 16 256
systemctl restart squid
z在浏览器中做如下设置,即可通过ip为172.25.254.65的主机的缓存上网
12.CND加速
233:
卸载httpd
yum install squid
vim /etc/squid/squid.conf
56 http_access allow all
57
58 # Squid normally listens to port 3128
59 http_port 80 vhost vprot
60 cache_peer 172.25.254.113 parent 80 0 proxy-only
61 # Uncomment and adjust the following to add a disk cache directory.
62 cache_dir ufs /var/spool/squid 100 16 256
systemctl restart squid
在172.25.254.65中测试:
在浏览器中输入172.25.254.233 查看是否能访问