httpd
文章目录
1. httpd简介
httpd是Apache超文本传输协议(HTTP)服务器的主程序。被设计为一个独立运行的后台进程,它会建立一个处理请求的子进程或线程的池。
通常,httpd不应该被直接调用,而应该在类Unix系统中由apachectl调用,在Windows中作为服务运行。
2. httpd版本
本文主要介绍httpd的两大版本,httpd-2.2和httpd-2.4。
- CentOS6系列的版本默认提供的是httpd-2.2版本的rpm包
- CentOS7系列的版本默认提供的是httpd-2.4版本的rpm包
2.1 httpd的特性
httpd有很多特性,下面就分别来说说httpd-2.2版本和httpd-2.4版本各自的特性。
版本 | 特性 |
---|---|
2.2 | 事先创建进程 按需维持适当的进程 模块化设计,核心比较小,各种功能通过模块添加(包括PHP),支持运行时配置,支持单独编译模块 支持多种方式的虚拟主机配置,如基于ip的虚拟主机,基于端口的虚拟主机,基于域名的虚拟主机等 支持https协议(通过mod_ssl模块实现) 支持用户认证 支持基于IP或域名的ACL访问控制机制 支持每目录的访问控制(用户访问默认主页时不需要提供用户名和密码,但是用户访问某特定目录时需要提供用户名和密码) 支持URL重写 支持MPM(Multi Path Modules,多处理模块)。用于定义httpd的工作模型(单进程、单进程多线程、多进程、多进程单线程、多进程多线程) |
2.4 | httpd-2.4的新特性: MPM支持运行DSO机制(Dynamic Share Object,模块的动态装/卸载机制),以模块形式按需加载 支持event MPM,eventMPM模块生产环境可用 支持异步读写 支持每个模块及每个目录分别使用各自的日志级别 每个请求相关的专业配置,使用来配置 增强版的表达式分析器 支持毫秒级的keepalive timeout 基于FQDN的虚拟主机不再需要NameVirtualHost指令 支持用户自定义变量 支持新的指令(AllowOverrideList) 降低对内存的消耗 |
工作模型 | 工作方式 |
---|---|
prefork | 多进程模型,预先生成进程,一个请求用一个进程响应 一个主进程负责生成n个子进程,子进程也称为工作进程 每个子进程处理一个用户请求,即使没有用户请求,也会预先生成多个空闲进程,随时等待请求到达,最大不会超过1024个 |
worker | 基于线程工作,一个请求用一个线程响应(启动多个进程,每个进程生成多个线程) |
event | 基于事件的驱动,一个进程处理多个请求 |
2.2 httpd-2.4新增的模块
httpd-2.4在之前的版本基础上新增了几大模块,下面就几个常用的来介绍一下。
模块 | 功能 |
---|---|
mod_proxy_fcgi | 反向代理时支持apache服务器后端协议的模块 |
mod_ratelimit | 提供速率限制功能的模块 |
mod_remoteip | 基于ip的访问控制机制被改变,不再支持使用Order,Deny,Allow来做基于IP的访问控制 |
3.httpd基础
3.1 httpd自带的工具程序
工具 | 功能 |
---|---|
htpasswd | basic认证基于文件实现时,用到的帐号密码生成工具 |
apachectl | httpd自带的服务控制脚本,支持start,stop,restart |
apxs | 由httpd-devel包提供的,扩展httpd使用第三方模块的工具 |
rotatelogs | 日志滚动工具 |
suexec | 访问某些有特殊权限配置的资源时,临时切换至指定用户运行的工具 |
ab | apache benchmark,httpd的压力测试工具 |
3.2 rpm包安装的httpd程序环境
文件/目录 | 对应的功能 |
---|---|
/var/log/httpd/access.log | 访问日志 |
/var/log/httpd/error_log | 错误日志 |
/var/www/html/ | 站点文档目录 |
/usr/lib64/httpd/modules/ | 模块文件路径 |
/etc/httpd/conf/httpd.conf | 主配置文件 |
/etc/httpd/conf.modules.d/*.conf | 模块配置文件 |
/etc/httpd/conf.d/*.conf | 辅助配置文件 |
mpm:以DSO机制提供,配置文件为/etc/httpd/conf.modules.d/00-mpm.conf
3 .3web相关的命令
curl命令
curl是基于URL语法在命令行方式下工作的文件传输工具,它支持FTP,FTPS,HTTP,HTTPS,GOPHER,TELNET,DICT,FILE及LDAP等协议。
curl支持以下功能:
- https认证
- http的POST/PUT等方法
- ftp上传
- kerberos认证
- http上传
- 代理服务器
- cookies
- 用户名/密码认证
- 下载文件断点续传
- socks5代理服务器
- 通过http代理服务器上传文件到ftp服务器
//语法:curl [options] [URL ...]
//常用的options:
-A/--user-agent <string> //设置用户代理发送给服务器
-basic //使用Http基本认证
--tcp-nodelay //使用TCP_NODELAY选项
-e/--referer <URL> //来源网址
--cacert <file> //CA证书(SSL)
--compressed //要求返回时压缩的格式
-H/--header <line> //自定义请求首部信息传递给服务器
-I/--head //只显示响应报文首部信息
--limit-rate <rate> //设置传输速度
-u/--user <user[:password]> //设置服务器的用户和密码
-0/--http1 //使用http 1.0版本,默认使用1.1版本。这个选项是数字0而不是字母o
-o/--output //把输出写到文件中
-#/--progress-bar //进度条显示当前的传送状态
//通过curl下载文件
[root@localhost ~]# ls
[root@localhost ~]# curl -o myblog.html http://blog.51cto.com/itchentao
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 67025 0 67025 0 0 87248 0 --:--:-- --:--:-- --:--:-- 87385
[root@localhost ~]# ls
myblog.html
4.源码安装https
[https://httpd.apache.org/download.cgi]
在apache官网上下载好源码包,或者wget 下载 并解压
[root@192 ~]# wget https://dlcdn.apache.org/httpd/httpd-2.4.54.tar.gz
--2022-07-21 21:18:39-- https://dlcdn.apache.org/httpd/httpd-2.4.54.tar.gz
Resolving dlcdn.apache.org (dlcdn.apache.org)... 151.101.2.132, 2a04:4e42::644
Connecting to dlcdn.apache.org (dlcdn.apache.org)|151.101.2.132|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 9743277 (9.3M) [application/x-gzip]
Saving to: 'httpd-2.4.54.tar.gz'
httpd-2.4.54.tar.gz 100%[=================================================================================================>] 9.29M 12.2KB/s in 16m 26s
2022-07-21 21:35:09 (9.65 KB/s) - 'httpd-2.4.54.tar.gz' saved [9743277/9743277]
[root@192 ~]# ls
anaconda-ks.cfg httpd-2.4.54.tar.gz
[root@192 ~]# tar xf httpd-2.4.54.tar.gz
[root@192 ~]# mv httpd-2.4.54 /usr/src/
[root@192 ~]# cd /usr/src/
[root@192 src]# ls
debug httpd-2.4.54 kernels
[root@192 src]# groupadd -r apache
安装开发者工具
[root@192 src]# yum groups mark install "Development Tools"
Failed to set locale, defaulting to C.UTF-8
Last metadata expiration check: 0:02:40 ago on Thu Jul 21 21:35:38 2022.
Dependencies resolved.
========================================================================================================================================================================================
Package Architecture Version Repository Size
========================================================================================================================================================================================
Installing Groups:
Development Tools
Transaction Summary
========================================================================================================================================================================================
Is this ok [y/N]: y
Complete!
安装apache所需依赖包
[root@192 src]# yum -y install openssl-devel pcre-devel expat-devel libtool
Failed to set locale, defaulting to C.UTF-8
Last metadata expiration check: 0:03:55 ago on Thu Jul 21 21:35:38 2022.
Dependencies resolved.
========================================================================================================================================================================================
Package Architecture Version Repository Size
========================================================================================================================================================================================
Installing:
expat-devel x86_64 2.2.5-4.el8 base 55 k
libtool x86_64 2.4.6-25.el8 AppStream 709 k
.....
perl-constant-1.33-396.el8.noarch perl-interpreter-4:5.26.3-420.el8.x86_64 perl-libnet-3.11-3.el8.noarch
perl-libs-4:5.26.3-420.el8.x86_64 perl-macros-4:5.26.3-420.el8.x86_64 perl-parent-1:0.237-1.el8.noarch
perl-podlators-4.11-1.el8.noarch perl-threads-1:2.21-2.el8.x86_64 perl-threads-shared-1.58-2.el8.x86_64
zlib-devel-1.2.11-17.el8.x86_64
Complete!
下载apr和apr-util源码包(必须在1.4版本以上)
https://downloads.apache.org/apr/
[root@192 src]# wget https://downloads.apache.org/apr/apr-1.6.5.tar.gz
--2022-07-21 21:48:08-- https://downloads.apache.org/apr/apr-1.6.5.tar.gz
Resolving downloads.apache.org (downloads.apache.org)... 88.99.95.219, 135.181.214.104, 2a01:4f9:3a:2c57::2, ...
Connecting to downloads.apache.org (downloads.apache.org)|88.99.95.219|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1073556 (1.0M) [application/x-gzip]
Saving to: 'apr-1.6.5.tar.gz'
apr-1.6.5.tar.gz 100%[=================================================================================================>] 1.02M 23.1KB/s in 54s
2022-07-21 21:49:04 (19.4 KB/s) - 'apr-1.6.5.tar.gz' saved [1073556/1073556]
[root@192 src]# wget https://downloads.apache.org/apr/apr-util-1.6.1.tar.gz
--2022-07-21 21:49:16-- https://downloads.apache.org/apr/apr-util-1.6.1.tar.gz
Resolving downloads.apache.org (downloads.apache.org)... 88.99.95.219, 135.181.214.104, 2a01:4f9:3a:2c57::2, ...
Connecting to downloads.apache.org (downloads.apache.org)|88.99.95.219|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 554301 (541K) [application/x-gzip]
Saving to: 'apr-util-1.6.1.tar.gz'
apr-util-1.6.1.tar.gz 100%[=================================================================================================>] 541.31K 12.9KB/s in 45s
2022-07-21 21:50:04 (11.9 KB/s) - 'apr-util-1.6.1.tar.gz' saved [554301/554301]
[root@192 src]# tar xf apr-1.6.5.tar.gz
[root@192 src]# tar xf apr-util-1.6.1.tar.gz
[root@192 apr-1.6.5]# vim configure
cfgfile="${ofile}T"
trap "$RM \"$cfgfile\"; exit 1" 1 2 15
# $RM "$cfgfile" //将此行加上注释,或者删除此行
[root@192 apr-1.6.5]# cat configure | grep '# $RM '
# $RM "$cfgfile"
[root@192 apr-1.6.5]# ./configure --prefix=/usr/local/apr
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking target system type... x86_64-pc-linux-gnu
Configuring APR library
Platform: x86_64-pc-linux-gnu
。。。
config.status: creating include/arch/unix/apr_private.h
config.status: executing libtool commands
rm: cannot remove 'libtoolT': No such file or directory
config.status: executing default commands
[root@192 apr-1.6.5]# echo $?
0
[root@192 apr-1.6.5]# make && make install
make[1]: Entering directory '/usr/src/apr-1.6.5'
/usr/src/apr-1.6.5/build/mkdir.sh tools
/bin/sh /usr/src/apr-1.6.5/libtool --silent --mode=compile gcc -g -O2 -pthread -DHAVE_CONFIG_H -DLINUX -D_REENTRANT -D_GNU_SOURCE -I./include -I/usr/src/apr-1.6.5/include/arch/uni
[root@192 apr-util-1.6.1]# make && make install
make[1]: Entering directory '/usr/src/apr-util-1.6.1'
/bin/sh /usr/local/apr/build-1/libtool --silent --mode=compile gcc -g -O2 -pthread -DHAVE_CONFIG_H -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/usr/src/apr-util-1.6.1/include -I/usr/src/apr-util-1.6.1/include/private -I/usr/local/apr/include/apr-1 -o buckets/apr_brigade.lo -c buckets/apr_brigade.c && touch buckets/apr_brigade.lo
/usr/bin/install -c -m 644 aprutil.exp /usr/local/apr-util/lib
/usr/bin/install -c -m 755 apu-config.out /usr/local/apr-util/bin/apu-1-config
[root@192 apr-util-1.6.1]# echo $?
0
源码安装httpd
[root@192 apr-util-1.6.1]# cd /usr/src/httpd-2.4.54/
[root@192 httpd-2.4.54]# ./configure --prefix=/usr/local/apache \
> --sysconfdir=/etc/httpd24 \
> --enable-so \
> --enable-ssl \
> --enable-cgi \
> --enable-rewrite \
> --with-zlib \
> --with-pcre \
> --with-apr=/usr/local/apr \
> --with-apr-util=/usr/local/apr-util/ \
> --enable-modules=most \
> --enable-mpms-shared=all \
> --with-mpm=prefork
...
configure: summary of build options:
Server Version: 2.4.54
Install prefix: /usr/local/apache
C compiler: gcc
CFLAGS: -g -O2 -pthread
CPPFLAGS: -DLINUX -D_REENTRANT -D_GNU_SOURCE
LDFLAGS:
LIBS:
C preprocessor: gcc -E
[root@192 httpd-2.4.54]# echo $?
0
[root@192 httpd-2.4.54]# make && make install
Making all in srclib
make[1]: Entering directory '/usr/src/httpd-2.4.54/srclib'
make[1]: Leaving dir
....
mkdir /usr/local/apache/manual
make[1]: Leaving directory '/usr/src/httpd-2.4.54'
[root@192 httpd-2.4.54]# echo $?
0
结尾工作配置环境变量和文件
[root@192 ~]# echo 'export PATH=/usr/local/httpd/bin:$PATH' > /etc/profile.d/apache.sh
[root@192 ~]# source /etc/profile.d/apache.sh
[root@192 ~]# which httpd
/usr/local/apache/bin/httpd
[root@192 ~]# ln -s /usr/local/httpd/include/ /usr/include/apache
[root@192 ~]# ll /usr/include/ |grep apache
lrwxrwxrwx. 1 root root 26 Jul 21 22:37 apache -> /usr/local/apache/include/
[root@192 ~]# vi /etc/man_db.conf
# every automatically generated MANPATH includes these fields
#
#MANDATORY_MANPATH /usr/src/pvm3/man
#
MANDATORY_MANPATH /usr/local/apache/man //添加这一行
MANDATORY_MANPATH /usr/man
MANDATORY_MANPATH /usr/share/man
MANDATORY_MANPATH /usr/local/share/man
[root@192 ~]# httpd
[root@192 ~]# ss -anltup | grep 80
tcp LISTEN 0 128 *:80 *:* users:(("httpd",pid=217055,fd=4),("httpd",pid=217054,fd=4),("httpd",pid=217053,fd=4),("httpd",pid=217052,fd=4),("httpd",pid=217051,fd=4),("httpd",pid=217050,fd=4))
5.httpd常用配置
[root@192 ~]# cd /usr/local/apache/
[root@192 apache]# ls
bin build cgi-bin error htdocs icons include logs man manual modules
[root@192 apache]# cd htdocs/
[root@192 htdocs]# ls
index.html
[root@192 htdocs]# vim lx
[root@192 htdocs]# cat lx
Clouds think of clothes, flowers think of faces, spring breeze blows the sill, and dew is thick.
[root@192 htdocs]# curl http://192.168.132.135/lx
Clouds think of clothes, flowers think of faces, spring breeze blows the sill, and dew is thick.
[root@192 htdocs]# vim /etc/httpd24/httpd.conf
<Directory "/usr/local/apache/htdocs/lx">
<RequireAll>
Require not ip 192.168.132.135
Require all granted
</RequireAll>
[root@192 htdocs]# httpd -t
Syntax OK
[root@192 system]# systemctl restart httpd
[root@192 system]# curl http://192.168.132.135/lx
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access this resource.</p>
</body></html>
反之就是删了就可访问了
虚拟主机:
虚拟主机有三类:
-
相同IP不同端口
-
不同IP相同端口
-
相同IP相同端口不同域名
相同ip不同端口
找到httpd-vhosts.conf这个文件编辑 [root@192 ~]# cd /etc/httpd24/extra/ [root@192 extra]# ls httpd-autoindex.conf httpd-default.conf httpd-languages.conf httpd-mpm.conf httpd-ssl.conf httpd-vhosts.conf httpd-dav.conf httpd-info.conf httpd-manual.conf httpd-multilang-errordoc.conf httpd-userdir.conf proxy-html.conf 将这个配置文件httpd-vhosts.conf 里面的内容复制一份到httpd.conf里面 然后更改一下 [root@192 extra]# vim/etc/httpd24/httpd.conf [root@192 extra]# cat/etc/httpd24/httpd.conf <VirtualHost *:80> *代表ip DocumentRoot "/usr/local/apache/htdocs/feijidazhan ServerName www.feijidazhan.com ErrorLog "logs/www.feijidazhan.com-error_log" CustomLog "logs/www.feijidazhan.com-access_log" common </VirtualHost> Listen 81 <VirtualHost *:81> DocumentRoot "/usr/local/apache/htdocs/usr/local/apache/htdocs/tangkedazhan ServerName www.tangkedazhan.com ErrorLog "logs/www.tangkedazhan.com-access_log" CustomLog "logs/www.tangkedazhan.com-access_log" common </VirtualHost> 然后进入到/usr/local/apache/htdocs把下载好的游戏放入到里面 用远程连接软件传入 [root@192 extra]# cd /usr/local/apache/htdocs/ [root@192 htdocs]# ls index.html lx [root@192 htdocs]# ls feijiedazhan.zip index.html lx ''$'\345\235\246\345\205\213''.zip' [root@192 htdocs]# unzip feijiedazhan.zip [root@192 htdocs]# unzip ''$'\345\235\246\345\205\213''.zip' [root@192 htdocs]# ls Battle_City HTML5#U5168#U6c11#U98de#U673a#U5927#U6218#U5c0f#U6e38#U620f feijiedazhan.zip index.html lx ''$'\345\235\246\345\205\213''.zip' [root@192 htdocs]# rm -rf feijiedazhan.zip [root@192 htdocs]# rm -rf ''$'\345\235\246\345\205\213''.zip' [root@192 htdocs]# ls Battle_City HTML5#U5168#U6c11#U98de#U673a#U5927#U6218#U5c0f#U6e38#U620f index.html lx [root@192 htdocs]# ll total 8 drwxr-xr-x 6 root root 72 Sep 24 2015 Battle_City drwxr-xr-x 5 root root 56 Apr 17 2020 HTML5#U5168#U6c11#U98de#U673a#U5927#U6218#U5c0f#U6e38#U620f -rw-r--r--. 1 504 games 45 Jun 12 2007 index.html -rw-r--r--. 1 root root 97 Jul 21 22:53 lx [root@192 htdocs]# mv Battle_City tangkedazhan [root@192 htdocs]# ls HTML5#U5168#U6c11#U98de#U673a#U5927#U6218#U5c0f#U6e38#U620f index.html lx tangkedazhan [root@192 htdocs]# mv HTML5#U5168#U6c11#U98de#U673a#U5927#U6218#U5c0f#U6e38#U620f feijidazhan [root@192 htdocs]# ls feijidazhan index.html lx tangkedazhan 然后检查一下语法重启httpd服务 [root@192 htdocs]# httpd -t Syntax OK [root@192 htdocs]# systemctl restart httpd.service
不同IP相同端口
先临时添加一个IP
[root@192 htdocs]# ip addr add 192.168.132.136/24 dev ens33
[root@192 htdocs]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:b2:a6:f2 brd ff:ff:ff:ff:ff:ff
inet 192.168.132.135/24 brd 192.168.132.255 scope global dynamic noprefixroute ens33
valid_lft 1297sec preferred_lft 1297sec
inet 192.168.132.136/24 scope global secondary ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:feb2:a6f2/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@192 htdocs]# vim /etc/httpd24/httpd.conf
[root@192 htdocs]# cat /etc/httpd24/httpd.conf
<VirtualHost 192.168.132.135:80>
DocumentRoot "/usr/local/apache/htdocs/feijidazhan
ServerName www.feijidazhan.com
ErrorLog "logs/www.feijidazhan.com-error_log"
CustomLog "logs/www.feijidazhan.com-access_log" common
</VirtualHost>
<VirtualHost 192.168.132.136:80>
DocumentRoot "/usr/local/apache/htdocs/tangkedazhan
ServerName www.tangkedazhan.com
ErrorLog "logs/www.tangkedazhan.com-access_log"
CustomLog "logs/www.tangkedazhan.com-access_log" common
</VirtualHost>
[root@192 htdocs]# httpd -t
Syntax OK
[root@192 htdocs]# systemctl restart httpd.service
相同IP相同端口不同域名
将你的配置文件里面的域名写到你本机的host文件里面
然后在更改配置文件
[root@192 htdocs]# vim /etc/httpd24/httpd.conf
<VirtualHost 192.168.132.135:80>
DocumentRoot "/usr/local/apache/htdocs/feijidazhan
ServerName www.feijidazhan.com
ErrorLog "logs/www.feijidazhan.com-error_log"
CustomLog "logs/www.feijidazhan.com-access_log" common
</VirtualHost>
<VirtualHost 192.168.132.135:80>
DocumentRoot "/usr/local/apache/htdocs/tangkedazhan
ServerName www.tangkedazhan.com
ErrorLog "logs/www.tangkedazhan.com-access_log"
CustomLog "logs/www.tangkedazhan.com-access_log" common
</VirtualHost>
[root@192 htdocs]# httpd -t
Syntax OK
[root@192 htdocs]# systemctl restart httpd.service