目录
编译安装httpd
准备环境
[root@localhos ~]# yum -y install wget
[root@localhost ~]# yum -y install vim
[root@localhost ~]# yum -y install openssl-devel pcre-devel expat-devel libtool
[root@localhost ~]# useradd -r -M -s /sbin/nologin apache
[root@localhost ~]# id apache
uid=974(apache) gid=973(apache) 组=973(apache)
[root@localhost ~]# grep apache /etc/group
apache:x:973:
下载安装包并解压
[root@localhost ~]# wget https://downloads.apache.org/apr/apr-1.7.0.tar.gz
[root@localhost ~]# wget https://downloads.apache.org/apr/apr-util-1.6.1.tar.gz
[root@localhost ~]# wget https://downloads.apache.org/httpd/httpd-2.4.53.tar.gz
[root@localhost ~]# tar -xf apr-1.7.0.tar.gz
[root@localhost ~]# tar -xf apr-util-1.6.1.tar.gz
[root@localhost ~]# tar -xf httpd-2.4.53.tar.gz
[root@localhost ~]# ls
anaconda-ks.cfg apr-1.7.0.tar.gz apr-util-1.6.1.tar.gz httpd-2.4.53.tar.gz
apr-1.7.0 apr-util-1.6.1 httpd-2.4.53 initial-setup-ks.cfg
编译安装 apr、apr-util、httpd --顺序不可逆
apr-1.7.0
[root@localhost ~]# cd apr-1.7.0/
[root@localhost apr-1.7.0]# vi configure
[root@localhost apr-1.7.0]# vim configure
# $RM "$cfgfile" //将此行加上注释,或者删除此行
[root@localhost apr-1.7.0]# ./configure --prefix=/usr/local/apr 报错:缺少gcc编译器
configure: error: in `/root/apr-1.7.0':
configure: error: no acceptable C compiler found in $PATH
See `config.log' for more details
//安装gcc gcc-c++
[root@localhost ~]# dnf -y install gcc gcc-c++
//再次执行
[root@localhost apr-1.7.0]# ./configure --prefix=/usr/local/apr
//编译
[root@localhost ~]# dnf -y install make
[root@localhost apr-1.7.0]# make && make install
apr-util-1.6.1
[root@localhost ~]# cd apr-util-1.6.1/
[root@localhost apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
[root@localhost apr-util-1.6.1]# make && make install
httpd-2.4.53
[root@localhost ~]# cd httpd-2.4.53/
[root@localhost httpd-2.4.53]# ./configure --prefix=/usr/local/apache \
--enable-so \
--enable-ssl \
--enable-cgi \
--enable-rewrite \
--with-zlib \
--with-pcre \
--with-apr=/usr/local/apr \
--with-apr-util=/usr/local/apr-util/ \
--enable-modules=most \
--enable-mpms-shared=all \
--with-mpm=prefork
[root@localhost httpd-2.4.53]# make && make install
配置httpd
配置环境变量 头文件 man文档
[root@localhost ~]# echo 'export PATH=/usr/local/apache/bin:$PATH' > /etc/profile.d/apache.sh
[root@localhost ~]# source /etc/profile.d/apache.sh
[root@localhost ~]# which httpd
/usr/local/apache/bin/httpd
[root@localhost ~]# cd /usr/local/apache/
[root@localhost apache]# ln -s /usr/local/apache/include /usr/include/apache
[root@localhost apache]# ll /usr/include/|grep apache
lrwxrwxrwx. 1 root root 25 4月 17 17:39 apache -> /usr/local/apache/include
[root@localhost ~]# vim /etc/man_db.conf
MANDATORY_MANPATH /usr/man
MANDATORY_MANPATH /usr/share/man
MANDATORY_MANPATH /usr/local/share/man --复制一行
MANDATORY_MANPATH /usr/local/apache/man --粘贴并修改/usr/local/apache/man
启动服务并开机自启
[root@localhost ~]# systemctl disable --now firewalld.service
[root@localhost ~]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
[root@localhost ~]# setenforce 0
[root@localhost ~]# getenforce
Permissive
//设置永久生效
[root@localhost ~]# vim /etc/selinux/config
SELINUX=disabled //将enforcing 修改为 disabled
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 32 192.168.122.1:53 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 5 127.0.0.1:631 0.0.0.0:*
LISTEN 0 128 0.0.0.0:111 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 5 [::1]:631 [::]:*
LISTEN 0 128 [::]:111 [::]:*
[root@localhost ~]# apachectl start
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message --没有报错,启动或停止都会出现,如果想关闭执行一下操作
[root@localhost ~]# cd /usr/local/apache/conf/
[root@localhost ~]# cd /usr/local/apache/
[root@localhost apache]# ls
bin build cgi-bin conf error htdocs icons include logs man manual modules
[root@localhost apache]# cd conf/
[root@localhost conf]# ls --源码安装位置 ,yum安装位置在/etc/httpd/httpd.d/
extra httpd.conf magic mime.types original
[root@localhost conf]# vim httpd.conf
ServerName www.example.com:80 查找ServerName,取消注释即可
[root@localhost conf]# apachectl start
httpd (pid 390805) already running
[root@localhost conf]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 32 192.168.122.1:53 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 5 127.0.0.1:631 0.0.0.0:*
LISTEN 0 128 0.0.0.0:111 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 5 [::1]:631 [::]:*
LISTEN 0 128 [::]:111 [::]:*
LISTEN 0 128 *:80 *:*
效果
//设置开机自启 写一个server文件 可以直接复制其他的文件更改
[root@localhost ~]# cd /usr/lib/systemd/system
[root@localhost system]# ls sshd.service
sshd.service
[root@localhost system]# cp sshd.service httpd.service
[root@localhost system]# cat httpd.service
[Unit]
Description=httpd server daemon
After=network.target sshd-keygen.target
[Service]
Type=forking
ExecStart=/usr/local/apache/bin/apachectl start
ExecStop=/usr/local/apache/bin/apachectl stop
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
//服务默认关闭
[root@localhost ~]# systemctl status httpd
● httpd.service - httpd server daemon
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
Active: inactive (dead)
[root@localhost ~]# systemctl start httpd
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 32 192.168.122.1:53 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 5 127.0.0.1:631 0.0.0.0:*
LISTEN 0 128 0.0.0.0:111 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 5 [::1]:631 [::]:*
LISTEN 0 128 [::]:111 [::]:*
LISTEN 0 128 *:80 *:*
[root@localhost ~]# systemctl status httpd
● httpd.service - httpd server daemon
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
Active: active (running) since Sun 2022-04-17 18:18:20 CST; 37s ago
Process: 531342 ExecStart=/usr/local/apache/bin/apachectl start (code=exited, status=0/SUCCESS)
Main PID: 531345 (httpd)
Tasks: 6 (limit: 11070)
Memory: 5.0M
CGroup: /system.slice/httpd.service
├─531345 /usr/local/apache/bin/httpd -k start
├─531346 /usr/local/apache/bin/httpd -k start
├─531347 /usr/local/apache/bin/httpd -k start
├─531348 /usr/local/apache/bin/httpd -k start
├─531349 /usr/local/apache/bin/httpd -k start
[root@localhost ~]# systemctl enable httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@localhost ~]# systemctl status httpd
● httpd.service - httpd server daemon
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2022-04-17 18:18:20 CST; 1min 19s ago
Main PID: 531345 (httpd)
Tasks: 6 (limit: 11070)
Memory: 5.0M
CGroup: /system.slice/httpd.service
├─531345 /usr/local/apache/bin/httpd -k start
├─531346 /usr/local/apache/bin/httpd -k start
├─531347 /usr/local/apache/bin/httpd -k start
├─531348 /usr/local/apache/bin/httpd -k start
├─531349 /usr/local/apache/bin/httpd -k start
└─531350 /usr/local/apache/bin/httpd -k start
配置三种不同的虚拟主机
相同ip 不同端口号
[root@localhost ~]# cd /usr/local/apache/conf/
[root@localhost conf]# pwd
/usr/local/apache/conf
[root@localhost conf]# vim extra/httpd-vhosts.conf
//修改后
<VirtualHost *:80>
DocumentRoot "/usr/local/apache/htdocs/test.example.com"
ServerName dummy-host.example.com
ServerAlias www.dummy-host.example.com
ErrorLog "logs/dummy-host.example.com-error_log"
CustomLog "logs/dummy-host.example.com-access_log" common
</VirtualHost>
创建放网站的目录
[root@localhost ~]# cd /usr/local/apache/htdocs/
[root@localhost htdocs]# ls
index.html
[root@localhost htdocs]# mkdir test.example.com
[root@localhost htdocs]# ls
index.html test.example.com
[root@localhost conf]# vim httpd.conf
Include conf/extra/httpd-vhosts.conf //查找vhost,取消注释
//重启 此时网站目录为空,无法访问
[root@localhost htdocs]# systemctl restart httpd
[root@localhost htdocs]# systemctl status httpd
● httpd.service - httpd server daemon
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2022-04-17 18:45:22 CST; 20s ago
Process: 669015 ExecStop=/usr/local/apache/bin/apachectl stop (code=exited, status=0/SUCCESS)
Process: 669019 ExecStart=/usr/local/apache/bin/apachectl start (code=exited, status=0/SUCCESS)
Main PID: 669024 (httpd)
Tasks: 6 (limit: 11070)
Memory: 5.1M
CGroup: /system.slice/httpd.service
├─669024 /usr/local/apache/bin/httpd -k start
├─669025 /usr/local/apache/bin/httpd -k start
├─669026 /usr/local/apache/bin/httpd -k start
├─669027 /usr/local/apache/bin/httpd -k start
[root@localhost test.example.com]# pwd
/usr/local/apache/htdocs/test.example.com
[root@localhost test.example.com]# ls
[root@localhost test.example.com]#
//首页文件(index.html)为其它(如:abc.html)时,效果如下
[root@localhost test.example.com]# ls
[root@localhost test.example.com]# pwd
/usr/local/apache/htdocs/test.example.com
[root@localhost test.example.com]# echo "test page" > abc.html
[root@localhost test.example.com]# ls
abc.html
//需要点一下abc.html才能访问
//把首页文件修改为index.html时,效果如下
[root@localhost test.example.com]# mv abc.html index.html
[root@localhost test.example.com]# ls
index.html
注:首页文件必须为index.html才能直接访问
新创建一个网站,但因只配置了一个虚拟主机,所以两个网站访问都是同一个页面
[root@localhost htdocs]# cd blog.example.com/
[root@localhost blog.example.com]# echo "blog page" > index.html
[root@localhost blog.example.com]# ls
index.html
修改配置文件,设置两个网站并监听
[root@localhost conf]# pwd
/usr/local/apache/conf
[root@localhost conf]# cat extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/usr/local/apache/htdocs/test.example.com"
ServerName test.example.com
ErrorLog "logs/test.example.com-error_log"
CustomLog "logs/test.example.com-access_log" common
</VirtualHost>
Listen 81
<VirtualHost *:81>
DocumentRoot "/usr/local/apache/htdocs/blog.example.com"
ServerName blog.example.com
ErrorLog "logs/blog.example.com-error_log"
CustomLog "logs/blog.example.com-access_log" common
</VirtualHost>
[root@localhost conf]# vim extra/httpd-vhosts.conf
[root@localhost conf]# systemctl restart httpd.service
[root@localhost conf]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 32 192.168.122.1:53 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 5 127.0.0.1:631 0.0.0.0:*
LISTEN 0 128 0.0.0.0:111 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 5 [::1]:631 [::]:*
LISTEN 0 128 [::]:111 [::]:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:81
//刷新网站,默认80端口
//加上81端口,则访问blog
不同ip 相同端口号
//让网卡拥有两个ip
[root@localhost ~]# ip addr add 192.168.71.133/24 dev ens33
[root@localhost ~]# ip a s ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:e0:f6:c0 brd ff:ff:ff:ff:ff:ff
inet 192.168.71.129/24 brd 192.168.71.255 scope global dynamic noprefixroute ens33
valid_lft 1512sec preferred_lft 1512sec
inet 192.168.71.133/24 scope global secondary ens33
valid_lft forever preferred_lft forever
inet6 fe80::5968:7703:8209:3d6e/64 scope link noprefixroute
valid_lft forever preferred_lft forever
//重启服务
[root@localhost ~]# systemctl stop httpd.service
[root@localhost ~]# systemctl start httpd.service
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 32 192.168.122.1:53 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 5 127.0.0.1:631 0.0.0.0:*
LISTEN 0 128 0.0.0.0:111 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 5 [::1]:631 [::]:*
LISTEN 0 128 [::]:111 [::]:*
LISTEN 0 128 *:80
相同ip 相同端口号 不同域名
[root@localhost conf]# pwd
/usr/local/apache/conf
[root@localhost conf]# vim extra/httpd-vhosts.conf
[root@localhost conf]# cat extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/usr/local/apache/htdocs/test.example.com"
ServerName test.example.com
ErrorLog "logs/test.example.com-error_log"
CustomLog "logs/test.example.com-access_log" common
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "/usr/local/apache/htdocs/blog.example.com"
ServerName blog.example.com
ErrorLog "logs/blog.example.com-error_log"
CustomLog "logs/blog.example.com-access_log" common
</VirtualHost>
[root@localhost ~]# systemctl stop httpd.service
[root@localhost ~]# systemctl start httpd.service
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 32 192.168.122.1:53 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 5 127.0.0.1:631 0.0.0.0:*
LISTEN 0 128 0.0.0.0:111 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 5 [::1]:631 [::]:*
LISTEN 0 128 [::]:111 [::]:*
LISTEN 0 128 *:80 *:*
[root@localhost ~]#
访问控制配置
访问控制配置
访问控制法则:
法则 | 功能 |
---|---|
Require all granted | 允许所有主机访问 |
Require all deny | 拒绝所有主机访问 |
Require ip IPADDR | 只有此ip可访问 |
Require not ip IPADDR | 只有此ip不可访问 |
Require host HOSTNAME | 只有此主机名可访问 |
Require not host HOSTNAME | 只有此主机名不可访问 |
IPADDR的类型 | HOSTNAME的类型 |
---|---|
IP:192.168.1.1 | FQDN:完全限定域名 |
Network/mask:192.168.1.0/255.255.255.0 | DOMAIN:指定域内的所有主机 |
Network/Length:192.168.1.0/24 | |
Net:192.168 |
- 注意:httpd-2.4版本默认是拒绝所有主机访问的,所以安装以后必须做显示授权访问
//限制当前ip访问test.example.com
[root@localhost ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf
[root@localhost conf]# cat extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/usr/local/apache/htdocs/test.example.com"
ServerName test.example.com
ErrorLog "logs/test.example.com-error_log"
CustomLog "logs/test.example.com-access_log" common
<Directory "/usr/local/apache/htdocs/test.example.com">
<RequireAll>
Require not ip 192.168.71.1
Require all granted
</RequireAll>
</Directory>
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "/usr/local/apache/htdocs/blog.example.com"
ServerName blog.example.com
ErrorLog "logs/blog.example.com-error_log"
CustomLog "logs/blog.example.com-access_log" common
</VirtualHost>
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 32 192.168.122.1:53 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 5 127.0.0.1:631 0.0.0.0:*
LISTEN 0 128 0.0.0.0:111 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 5 [::1]:631 [::]:*
LISTEN 0 128 [::]:111 [::]:*
LISTEN 0 128 *:80 *:*
//虚拟机可以访问
[root@localhost ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.71.129 test.example.com blog.example.com
[root@localhost ~]# curl test.example.com
test page
[root@localhost ~]# curl blog.example.com
blog page
https配置
//前置准备:更改主配置文件,启用ssl模块
[root@localhost ~]# cd /usr/local/apache/conf/
[root@localhost conf]# vim httpd.conf
LoadModule unixd_module modules/mod_unixd.so //取消开头注释
生成证书 //一般都是购买
CA生成一对密钥
[root@localhost conf]# cd /etc/pki
[root@localhost pki]# mkdir CA
[root@localhost pki]# cd CA
[root@localhost CA]# mkdir private
[root@localhost CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048)
Generating RSA private key, 2048 bit long modulus (2 primes)
.....................................................+++++
..........................................+++++
e is 65537 (0x010001)
[root@localhost CA]# ls private/
cakey.pem
CA生成自签署证书,有效期365天 客户端生成密钥
[root@localhost CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 365
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:HB
Locality Name (eg, city) [Default City]:WH
Organization Name (eg, company) [Default Company Ltd]:runtime
Organizational Unit Name (eg, section) []:runtime
Common Name (eg, your name or your server's hostname) []:test.example.com
Email Address []:1@2.com
[root@localhost CA]# ls
cacert.pem private
[root@localhost CA]# mkdir certs newcerts crl
[root@localhost CA]# touch index.txt && echo 01 > serial
客户端生成证书签署请求
[root@localhost ~]# cd /usr/local/apache/conf/
[root@localhost conf]# mkdir ssl
[root@localhost conf]# cd ssl
[root@localhost ssl]# (umask 077;openssl genrsa -out httpd.key 2048)
Generating RSA private key, 2048 bit long modulus (2 primes)
.....................................................................................................+++++
................................+++++
e is 65537 (0x010001)
[root@localhost ~]# cd /usr/local/apache/conf/
[root@localhost conf]# mkdir ssl
[root@localhost conf]# cd ssl
[root@localhost ssl]# (umask 077;openssl genrsa -out httpd.key 2048)
Generating RSA private key, 2048 bit long modulus (2 primes)
.....................................................................................................+++++
................................+++++
e is 65537 (0x010001)
[root@localhost ssl]# openssl req -new -key httpd.key -days 365 -out httpd.csr
Ignoring -days; not generating a certificate
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:HB
Locality Name (eg, city) [Default City]:WH
Organization Name (eg, company) [Default Company Ltd]:runtime
Organizational Unit Name (eg, section) []:runtime
Common Name (eg, your name or your server's hostname) []:test.example.com
Email Address []:1@2.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@localhost ssl]# ls
httpd.csr httpd.key
CA签署客户端提交上来的证书
[root@localhost ssl]# openssl ca -in httpd.csr -out httpd.crt -days 365
Using configuration from /etc/pki/tls/openssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number: 1 (0x1)
Validity
Not Before: Apr 17 13:54:06 2022 GMT
Not After : Apr 17 13:54:06 2023 GMT
Subject:
countryName = CN
stateOrProvinceName = HB
organizationName = runtime
organizationalUnitName = runtime
commonName = test.example.com
emailAddress = 1@2.com
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
EF:1E:88:2D:01:AA:59:55:90:B6:1F:83:4A:41:9C:B8:0D:70:09:0D
X509v3 Authority Key Identifier:
keyid:DF:80:11:71:B3:01:C5:33:E2:EC:82:93:B3:81:B7:7A:77:57:B8:5A
Certificate is to be certified until Apr 17 13:54:06 2023 GMT (365 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
[root@localhost ssl]# rm -f httpd.csr
[root@localhost ssl]# ls
httpd.crt httpd.key
[root@localhost ssl]# ls
httpd.crt httpd.key
配置https
//改配置文件 打开ssl模块
[root@localhost ~]# vim /usr/local/apache/conf/httpd.conf
Include conf/extra/httpd-ssl.conf
[root@localhost ~]# cd /usr/local/apache/
[root@localhost apache]# ls
bin build cgi-bin conf error htdocs icons include logs man manual modules
[root@localhost apache]# cd conf/
[root@localhost conf]# vim extra/httpd-ssl.conf
//检查语法是否有问题
[root@localhost ~]# httpd -t
AH00526: Syntax error on line 92 of /usr/local/apache/conf/extra/httpd-ssl.conf:
SSLSessionCache: 'shmcb' session cache not supported (known names: ). Maybe you need to load the appropriate socache module (mod_socache_shmcb?). //修改
[root@localhost ~]# vim /usr/local/apache/conf/httpd.conf
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so //查找mod_socache,取消改行注释
[root@localhost ~]# httpd -t
Syntax OK
重启服务 设置hosts以便域名访问
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 32 192.168.122.1:53 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 5 127.0.0.1:631 0.0.0.0:*
LISTEN 0 128 0.0.0.0:111 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 5 [::1]:631 [::]:*
LISTEN 0 128 *:443 *:*
LISTEN 0 128 [::]:111 [::]:*
LISTEN 0 128 *:80 *:*
[root@localhost ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf
Require not ip 192.168.71.1 //删除这一行
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 32 192.168.122.1:53 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 5 127.0.0.1:631 0.0.0.0:*
LISTEN 0 128 0.0.0.0:111 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 5 [::1]:631 [::]:*
LISTEN 0 128 *:443 *:*
LISTEN 0 128 [::]:111 [::]:*
LISTEN 0 128 *:80 *:*