hellopasswd
配置httpd支持php
- httpd主配置文件/usr/local/apache2.4/conf/httpd/conf
- vi /usr/local/apache2.4/conf/httpd.conf #修改以下4个地方 ServerName Require all denied AddType application/x-httpd-php .php DirectoryIndex index.html index.php
- /usr/local/apache2.4/bin/apachectl -t #测试语法
- /usr/local/apache2.4/bin/apacchectl start #启动服务
- netstat -lntp
- curl localhost
- vi /usr/local/apache2.4/htodcs/test.php #增加如下内容
<?php echo helloworld; ?>
- curl localhost/test.php
[root@localhost ~]# vi /usr/local/apache2.4/conf/httpd.conf
1 #
2 # This is the main Apache HTTP server configuration file. It contains the
3 # configuration directives that give the server its instructions.
4 # See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.
5 # In particular, see
6 # <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
7 # for a discussion of each configuration directive.
8 #
9 # Do NOT simply read the instructions in here without understanding
10 # what they do. They're here only as hints or reminders. If you are unsure
11 # consult the online docs. You have been warned.
12 #
13 # Configuration and logfile names: If the filenames you specify for many
14 # of the server's control files begin with "/" (or "drive:/" for Win32), the
15 # server will use that explicit path. If the filenames do *not* begin
16 # with "/", the value of ServerRoot is prepended -- so "logs/access_log"
"/usr/local/apache2.4/conf/httpd.conf" 505L, 18427C
[root@localhost ~]# vi /usr/local/apache2.4/conf/httpd.conf
[1]+ Stopped vi /usr/local/apache2.4/conf/httpd.conf
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl start
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
httpd (pid 24752) already running
这个语句不是出现,而是警告,若不想要提示这条信息,则需要改动配置文件
[root@localhost ~]# fg
/ServerName
182 # ServerAdmin: Your address, where problems with the server should be
183 # e-mailed. This address appears on some server-generated pages, such
184 # as error documents. e.g. admin@your-domain.com
185 #
186 ServerAdmin you@example.com
187
188 #
189 # ServerName gives the name and port that the server uses to identify itself.
190 # This can often be determined automatically, but we recommend you specify
191 # it explicitly to prevent problems during startup.
192 #
193 # If your host doesn't have a registered DNS name, enter its IP address here.
194 #
195 #ServerName www.example.com:80
196
197 #
将195行取消掉注销符号,为ServerName www.example.com:80
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl restart
若出现错误为/usr/local/apache2.4/bin/apachectl line 79:42928 段错误 ¥HTTPD -k ¥ARGV 这是因为同时加载了两个php软件产生冲突,需要将其中一个注释
[root@localhost ~]# vi!
/php7.so
LoadModule dir_module modules/mod_dir.so
#LoadModule actions_module modules/mod_actions.so
#LoadModule speling_module modules/mod_speling.so
#LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
#LoadModule rewrite_module modules/mod_rewrite.so
LoadModule php5_module modules/libphp5.so
#LoadModule php7_module modules/libphp7.so
<IfModule unixd_module>
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
[root@localhost ~]# ps aux | grep httpd
root 24752 0.0 0.6 253528 12408 ? Ss 06:25 0:00 /usr/local/apache2.4/bin/httpd -k restart
daemon 24845 0.0 0.5 540356 9520 ? Sl 06:31 0:00 /usr/local/apache2.4/bin/httpd -k restart
daemon 24846 0.0 0.5 540356 9512 ? Sl 06:31 0:00 /usr/local/apache2.4/bin/httpd -k restart
daemon 24847 0.0 0.5 540356 9520 ? Sl 06:31 0:00 /usr/local/apache2.4/bin/httpd -k restart
root 24936 0.0 0.0 112664 976 pts/0 S+ 06:42 0:00 grep --color=auto httpd
浏览器访问192.168.9.134,若访问不了则尝试排查问题 Windows
C:\Users\Administrator>ping 192.168.9.134
正在 Ping 192.168.9.134 具有 32 字节的数据:
来自 192.168.9.134 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.9.134 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.9.134 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.9.134 的回复: 字节=32 时间<1ms TTL=64
192.168.9.134 的 Ping 统计信息:
数据包: 已发送 = 4,已接收 = 4,丢失 = 0 (0% 丢失),
往返行程的估计时间(以毫秒为单位):
最短 = 0ms,最长 = 0ms,平均 = 0ms
可以查看80端口是否打开
C:\Users\Administrator>telnet 192.168.9.134 80
正在连接192.168.9.134...无法打开到主机的连接。 在端口 80: 连接失败
若没有telnet则需要到控制面板->启动\打开或关闭Windows功能->Telnet 客户端 以上则显示Linux主机没有开放80端口,也可以使用iptables查看是否开放80端口
Linux主机
[root@localhost ~]# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
6282 16M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
1 84 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
409 58897 INPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
409 58897 INPUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
409 58897 INPUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
1 60 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
405 58681 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_direct all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_IN_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_IN_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_OUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_OUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT 559 packets, 82124 bytes)
pkts bytes target prot opt in out source destination
6040 1331K OUTPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD_IN_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_work all -- eno16777736 * 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDI_work all -- ens37 * 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDI_work all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_IN_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain FORWARD_OUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_work all -- * eno16777736 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDO_work all -- * ens37 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDO_work all -- * + 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_OUT_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain FORWARD_direct (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_work (3 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_work_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_work_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_work_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDI_work_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_work_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_work_log (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_work (3 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_work_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_work_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_work_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDO_work_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_work_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_work_log (1 references)
pkts bytes target prot opt in out source destination
Chain INPUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
77 7852 IN_work all -- eno16777736 * 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 IN_work all -- ens37 * 0.0.0.0/0 0.0.0.0/0 [goto]
8 2764 IN_work all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain INPUT_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain INPUT_direct (1 references)
pkts bytes target prot opt in out source destination
Chain IN_work (3 references)
pkts bytes target prot opt in out source destination
409 58897 IN_work_log all -- * * 0.0.0.0/0 0.0.0.0/0
409 58897 IN_work_deny all -- * * 0.0.0.0/0 0.0.0.0/0
409 58897 IN_work_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain IN_work_allow (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:631 ctstate NEW
3 156 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1121 ctstate NEW
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139 ctstate NEW
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445 ctstate NEW
Chain IN_work_deny (1 references)
pkts bytes target prot opt in out source destination
Chain IN_work_log (1 references)
pkts bytes target prot opt in out source destination
Chain OUTPUT_direct (1 references)
pkts bytes target prot opt in out source destination
没有80端口,则需要添加
[root@localhost ~]# iptables -I INPUT -p tcp --dport 80 -j ACCEPT
再尝试使用telnet是否正确开放
C:\Users\Administrator>telnet 192.168.9.134 80
欢迎使用 Microsoft Telnet Client
Escape 字符为 'CTRL+]'
Microsoft Telnet> quit
然后到浏览器访问192.168.9.134则会显示It works!的字眼则表示成功
若显示403 Forbidden,表示没有权限
[root@localhost ~]# !vi
/Require all denied
197 #
198 # Deny access to the entirety of your server's filesystem. You must
199 # explicitly permit access to web content directories in other
200 # <Directory> blocks below.
201 #
202 <Directory />
203 AllowOverride none
204 Require all granted
205 </Directory>
206
207 #
208 # Note that from this point forward you must specifically allow
209 # particular features to be enabled - so if something's not working as
210 # you might expect, make sure that you have specifically enabled it
211 # below.
212 #
将Require all denied改为Require all granted
而能访问到192.168.9.134是因为DocumentRoot "/usr/local/apache2.4/htdocs"指定了Directory中的Require all granted
212 #
213
214 #
215 # DocumentRoot: The directory out of which you will serve your
216 # documents. By default, all requests are taken from this directory, but
217 # symbolic links and aliases may be used to point to other locations.
218 #
219 DocumentRoot "/usr/local/apache2.4/htdocs"
220 <Directory "/usr/local/apache2.4/htdocs">
221 #
222 # Possible values for the Options directive are "None", "All",
223 # or any combination of:
224 # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
225 #
226 # Note that "MultiViews" must be named *explicitly* --- "Options All"
227 # doesn't give it to you.
[root@localhost ~]# !vi
/Require all granted
# AllowOverride FileInfo AuthConfig Limit
#
AllowOverride None
#
# Controls who can get stuff from this server.
#
Require all denied
</Directory>
#
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
<IfModule dir_module>
DirectoryIndex index.html
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl graceful
-t表示检查语法是否正确,而graceful是重新加载配置文件
现在浏览器再访问192.168.9.134则显示没有权限
将上面恢复为原状
为了支持php,则需要再增加一条语句
[root@localhost ~]# !vi
/AddType
382 #
383 #AddEncoding x-compress .Z
384 #AddEncoding x-gzip .gz .tgz
385 #
386 # If the AddEncoding directives above are commented-out, then you
387 # probably should define those extensions to indicate media types:
388 #
389 AddType application/x-compress .Z
390 AddType application/x-gzip .gz .tgz
391
392 #
393 # AddHandler allows you to map certain file extensions to "handlers":
394 # actions unrelated to filetype. These can be either built into the server
395 # or added with the Action directive (see below)
396 #
397 # To use CGI scripts outside of ScriptAliased directories:
在AddType application/x-gzip .gz .tgz下 添加一行AddType application/x-httpd-php .php 则可以解析php
注意:这里我出现一个错误,application/x-httpd-php .php的.php需要前面空一格空字符
索引页 当访问一个网站时,不需要直接访问index则可以直接访问
[root@localhost ~]# !vi
/Index
245 Require all granted
246 </Directory>
247
248 #
249 # DirectoryIndex: sets the file that Apache will serve if a directory
250 # is requested.
251 #
252 <IfModule dir_module>
253 DirectoryIndex index.html
254 </IfModule>
255
256 #
257 # The following lines prevent .htaccess and .htpasswd files from being
258 # viewed by Web clients.
259 #
260 <Files ".ht*">
261 Require all denied
在DirectoryIndex index.html后添加index.php为DirectoryIndex index.html index.php
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost ~]# vi /usr/local/apache2.4/htdocs/1.php
<?php
phpinfo();
?>
然后再浏览器访问192.168.9.134/1.php,若出现紫色页面则表示支持解析 浏览器phpinfo同样也可以查看支持的模块,与/usr/local/php5/bin/php -i是同样的
将AddType application/x-httpd-php .php注释掉,浏览器直接访问会显示php脚本源码,则表示解析失败
检查,若页面解析不了,可以通过检查apache配置文件
[root@localhost ~]# /usr/local/apache2.4/bin/apachectl -M
Loaded Modules:
core_module (static)
so_module (static)
http_module (static)
mpm_event_module (static)
authn_file_module (shared)
authn_core_module (shared)
authz_host_module (shared)
authz_groupfile_module (shared)
authz_user_module (shared)
authz_core_module (shared)
access_compat_module (shared)
auth_basic_module (shared)
reqtimeout_module (shared)
filter_module (shared)
mime_module (shared)
log_config_module (shared)
env_module (shared)
headers_module (shared)
setenvif_module (shared)
version_module (shared)
unixd_module (shared)
status_module (shared)
autoindex_module (shared)
dir_module (shared)
alias_module (shared)
php5_module (shared)
查看是否加载php5模块
若没有加载则要检查是否存在php5的模块
[root@localhost ~]# ls /usr/local/apache2.4/modules/libphp5.so
/usr/local/apache2.4/modules/libphp5.so
若存在就要检查/usr/local/apache2.4/htdocs/1.php中有没有加载php5的模块
145 #LoadModule negotiation_module modules/mod_negotiation.so
146 LoadModule dir_module modules/mod_dir.so
147 #LoadModule actions_module modules/mod_actions.so
148 #LoadModule speling_module modules/mod_speling.so
149 #LoadModule userdir_module modules/mod_userdir.so
150 LoadModule alias_module modules/mod_alias.so
151 #LoadModule rewrite_module modules/mod_rewrite.so
152 LoadModule php5_module modules/libphp5.so
153 #LoadModule php7_module modules/libphp7.so
154
155 <IfModule unixd_module>
156 #
157 # If you wish httpd to run as a different user or group, you must run
158 # httpd as root initially and it will switch.
159 #
160 # User/Group: The name (or #number) of the user/group to run httpd as.
若存在再是否有添加Application/x-httpd-php .php或者语法是否有错误
[root@localhost ~]# !vi
/AddType
382 #
383 #AddEncoding x-compress .Z
384 #AddEncoding x-gzip .gz .tgz
385 #
386 # If the AddEncoding directives above are commented-out, then you
387 # probably should define those extensions to indicate media types:
388 #
389 AddType application/x-compress .Z
390 AddType application/x-gzip .gz .tgz
391 Application/x-httpd-php .php
392 #
393 # AddHandler allows you to map certain file extensions to "handlers":
394 # actions unrelated to filetype. These can be either built into the server
395 # or added with the Action directive (see below)
396 #
397 # To use CGI scripts outside of ScriptAliased directories:
而/usr/local/apache2.4/bin/apachectl -t就可以帮助检查是否存在语法错误 通常存在的错误就是将Application/x-httpd-php .php中的空白字符忘记
而另一个问题时没有添加索引页
[root@localhost ~]# !vi
/Index
245 Require all granted
246 </Directory>
247
248 #
249 # DirectoryIndex: sets the file that Apache will serve if a directory
250 # is requested.
251 #
252 <IfModule dir_module>
253 DirectoryIndex index.html index.php
254 </IfModule>
255
256 #
257 # The following lines prevent .htaccess and .htpasswd files from being
258 # viewed by Web clients.
259 #
260 <Files ".ht*">
261 Require all denied
索引页,当访问一个网站时,如www.baidu.com或www.taobao.com,其实真正访问地址为https://www.baidu.com/index.html和https://www.taobao.com/index.php的页面 当不存在索引页,则直接访问会出现问题
相同的,切换成php7也同样生效
修改与171220