##########
##apache##
##########
#1.apache
企业中常用的web服务,用来提供http://超文本传输协议
#2.apache的安装部署
yum intall httpd -y
yum install httpd-manual -y 安装使用手册
systemctl start httpd
systemctl enable httpd 开机自启动
systemctl stop firewalld
systemctl disable firewalld 开机不启动
测试 http://172.25.254.244
http://172.25.254.244/manual
ctrl+shift+delete 清空浏览器缓存
#3.apache的基础信息
主配置目录:/etc/httpd/conf
主配置文件:/etc/httpd/conf/http.conf
子配置目录:/etc/httpd/conf.d/
子配置文件:/etc/httpd/conf.d/*.conf
默认发布目录:/var/www/html
默认发布文件:/var/www/html/index.html
默认安全上下文:httpd_sys_content_t
程序开启默认用户:apache
apache日志:/etc/httpd/logs/*
修改默认端口:
vim /etc/httpd/conf/httpd.conf
43 listen 8080 修改默认端口为8080
修改默认发布文件:
默认发布文件就是访问apache时没有指定文件名称时默认访问的文件
这个文件可以指定多个,顺序访问
vim /etc/httpd/conf/httpd.conf
164 DirectoryIndex index.html test.html
修改默认发布目录
120 DocumentRoot “/www/html”
121 <Directory "/www">
122 Require all granted
123</Directory>
semanage fcontext -a -t httpd_sys_content_t'/www(/.*)?'
storecon -RvvF /www/
#apache的虚拟主机
# vim /var/www/html/index.html 查看到的默认站点内容
<h1>默认发布目录</h1>
mkdir /var/www/virtual/linux.westos.com/html -p 创建每个站点能分别看到目录
mkdir /var/www/virtual/c.westos.com/html -p
# vim /var/www/virtual/linux.westos.com/html/index.html 查看到的各自站点的各自内容
<h1>linux.westos.com</h1>
# vim /var/www/virtual/c.westos.com/html/index.html 查看到的各自站点的各自内容
<h1>c.westos.com</h1>
cd /etc/httpd/conf.d 切换到子配置目录
vim /etc/httpd/conf.d/default.conf
<VirtualHost _default_:80>
DocumentRoot "/var/www/html"
CustomLog "logs/www.westos.com.log" combined
</VirtualHost>
vim /etc/httpd/conf.d/linux.conf
<VirtualHost *:80>
ServerName linux.westos.com
DocumentRoot "/var/www/virtual/linux.westos.com/html/"
CustomLog "logs/linux.westos.com.logs" combined
</VirtualHost>
<Directory "/var/www/virtual/linux.westos.com/html/">
Require all granted
</Directory>
vim /etc/httpd/conf.d/c.conf
<VirtualHost *:80>
ServerName c.westos.com
DocumentRoot "/var/www/virtual/c.westos.com/html/"
CustomLog "logs/c.westos.com.logs" combined
</VirtualHost>
<Directory "/var/www/virtual/c.westos.com/html/">
Require all granted
</Directory>
测试:
在测试主机中做好本地解析
vim /etc/hosts
172.25.254.244 zzf.westos.com linux.westos.com www.westos.com
#内部的访问控制
1.针对于主机的访问控制
vim /etc/httpd/conf.d/default
添加内容到配置文件
<Directory "/var/www/html/test">
Order deny,allow 顺序读取,后读取的内容覆盖前读取的内容
Allow from all
Deny from 172.25.254.136
</Directory>
如果拒绝网段Deny from 172.25.254.0/24
[root@localhost conf.d]# mkdir /var/www/html/test
[root@localhost conf.d]# cd /var/www/html/
[root@localhost html]# ls
index.html test
[root@localhost html]# cd test/
[root@localhost test]# vim index.html
/var/www/html/test/
[root@localhost test]# systemctl restart httpd.service
在浏览器中访问可以看到
列表读取过程中后读取的东西要覆盖先读取的重复部分
2.用户的方式访问控制
vim /etc/httpd/conf.d/default
添加内容到配置文件
<Directory "/var/www/html/admin">
AuthUserFile /etc/httpd/userpass 用户文件
AuthName "Please input your name and passwd" 你在输入密码前能看到的内容
AuthType basic 一般类型
Require user admin 允许admin这一个用户
</Directory>
所有有效用户 Require valid-user
[root@localhost test]# htpasswd -cm /etc/httpd/userpass admin
New password:
Re-type new password:
Adding password for user admin
[root@localhost test]# htpasswd -m /etc/httpd/userpass admin1 第二次创建用户不能加c否则将覆盖前一个用户
New password:
Re-type new password:
Adding password for user admin1
[root@localhost test]# mkdir /var/www/html/admin
[root@localhost test]# vim /var/www/html/admin/index.html
默认发布目录
[root@localhost test]# systemctl restart httpd.service
在浏览器中访问要求输入密码才能看到
##apache支持的语言
1.html
2.php
vim /var/www/html/index.php
<?php
phpinfo();
?>
yum install php -y
systemctl restart httpd
测试
172.25.254.244/index.php
如果想要默认访问此目录修改配置文件顺序
3.cgi
mkdir -p /var/www/html/cgi 建立目录
semanage fcontext -a -t httpd_sys_script_exec_t '/var/www/html/cgi(/.*)?'
restorecon -RvvF /var/www/html/cgi/
vim /var/www/html/cgi/index.cgi cgi脚本
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;
chmod +x /var/www/html/cgi/index.cgi
/var/www/html/cgi/index.cgi 执行脚本看是否正确
vim /etc/httpd/conf.d/defatul.conf 修改配置文件
<Directory "/var/www/html/cgi">
Options +ExecCGI
AddHandler cgi-script .cgi
</Directory>
##7.https
#为了保护客户在使用网站时信息不被破解
ss -antlupe | grep 443
yum install mod_ssl -y
yum install crypto-utils -y
genkey www.westos.com
next
选1024
next
no
next
修改信息
next
vim ssl.conf
101 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
109 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
systemctl restart httpd
在浏览器中访问https://172.25.254.244
继续
接受
查看
##8设定https网页的跳转
vim /var/www/virtual/login.westos.com/html/index.html
<h1>login.westos.com</h1>
登陆浏览器可以看到的内容
vim /etc/httpd/conf.d/login.conf
写入脚本
<VirtualHost *:443>
ServerName login.westos.com 在地址栏输入的内容
DocumentRoot /var/www/virtual/login.westos.com/html 可以看到的默认路径
Customlog "logs/login.logs" combined 日志产生的位置
SSLEngine on
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
</VirtualHost>
#只写前部分脚本在浏览器地址栏只能输入https://`````才能看到内容
<VirtualHost *:80>
ServerName login.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</VirtualHost>
#写上后半部分可以自动跳转到https
重启服务
^(/.*)$ 浏览器地址栏输入的所有内容
%{HTTP_HOST}$1 http://后面跟的东西
[redirect=301] 暂时生效 302永久生效