httpd三之源码编译http2.4.9、虚拟主机、基于用户认证

最新推荐文章于 2021-05-09 22:14:33 发布

weixin_34090643

最新推荐文章于 2021-05-09 22:14:33 发布

阅读量67

点赞数

原文链接：http://blog.51cto.com/wangfeng7399/1379373

版权

本文主要讲解源码编译http2.4.9，并能实现基于虚拟主机、用户认证等实现网页访问。

http2.4.9会依赖于更高版本的apr和apr-util，所有需要先对apr和apr-util进行编译

http2.4系列相对于http2.2系列新增的功能有

1) MPM支持在运行时装载

2）支持event

3）异步读写

4）在每模块及每目录上指定日志级别

5）每请求配置

6）增强版的表达式分析器

7）毫秒级的keepalive timeout

8）支持主机名的虚拟主机不在需要NameVirtualHost指令

9）支持使用自定义变量

新增的模块由mod_proxy_fcgi,mod_ratelimit,mod_request,mod_remoteip

对应IP的访问做了修改，不在使用order，allow deny这些机制，而是统一使用require进行

一、环境准备

安装好开发包组和pcre-devel工具，下载最新版的httpd、apr和apr-util，本文下载的都为最新的源码包

[root@wangfeng7399 ~]# yum install -y pcre-devel
[root@wangfeng7399 ~]# wget http://apache.fayea.com/apache-mirror//httpd/httpd-2.4.9.tar.bz2
[root@wangfeng7399 ~]# wget http://mirrors.hust.edu.cn/apache//apr/apr-1.5.0.tar.gz
[root@wangfeng7399 ~]# wget http://mirrors.hust.edu.cn/apache//apr/apr-util-1.5.3.tar.gz

二、安装apr

[root@wangfeng7399 ~]# tar xf apr-1.5.0.tar.gz
[root@wangfeng7399 ~]# cd apr-1.5.0
[root@wangfeng7399 apr-1.5.0]# ./configure --prefix=/usr/local/apr
[root@wangfeng7399 apr-1.5.0]# make && make install

三、安装apr-util

[root@wangfeng7399 ~]# tar xf apr-util-1.5.3.tar.gz
[root@wangfeng7399 ~]# cd apr-util-1.5.3
[root@wangfeng7399 apr-util-1.5.3]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
[root@wangfeng7399 apr-util-1.5.3]# make &&　make install

四、编译httpd

[root@wangfeng7399 ~]# tar xf httpd-2.4.9.tar.bz2
[root@wangfeng7399 ~]# cd httpd-2.4.9
[root@wangfeng7399 httpd-2.4.9]# ./configure --prefix=/usr/local/httpd --sysconfdir=/etc/httpd --enable-so --enable--ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util --enable-modeles=most --enable-mpms-shared=all --with-mpm=event
[root@wangfeng7399 httpd-2.4.9]# make && make install

enable-so enable--ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre 启动so、ssl、cgi、rewrite、zlib、pcre等功能

--with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util 指定apr和apr-util的地址

--enable-modeles=most 编译常用的模块

--enable-mpms-shared=all --with-mpm=event 编译所有的mpms，并以event作为默认

1、导出头文件

root@wangfeng7399 ~]# ln -sv /usr/local/httpd/include/ /usr/include/httpd

2、导出帮助文件

在/etc/man.conf中添加

MANPATH /usr/local/httpd/man

3.导出二进制文档

[root@wangfeng7399 httpd]# vi /etc/profile.d/http.sh
export PATH=/usr/local/httpd/bin:$PATH

测试

可以通过 apachectl start启动

准备系统启动脚本

[root@wangfeng7399 init.d]# cat httpd
#!/bin/bash
#
# httpd        Startup script for the Apache HTTP Server
#
# chkconfig: - 85 15
# description: The Apache HTTP Server is an efficient and extensible  \
#          server implementing the current HTTP standards.
# processname: httpd
# config: /etc/httpd/httpd.conf
# config: /etc/sysconfig/httpd
# pidfile: /var/run/httpd/httpd.pid
#
### BEGIN INIT INFO
# Provides: httpd
# Required-Start: $local_fs $remote_fs $network $named
# Required-Stop: $local_fs $remote_fs $network
# Should-Start: distcache
# Short-Description: start and stop Apache HTTP Server
# Description: The Apache HTTP Server is an extensible server
#  implementing the current HTTP standards.
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
if [ -f /etc/sysconfig/httpd ]; then
        . /etc/sysconfig/httpd
fi
# Start httpd in the C locale by default.
HTTPD_LANG=${HTTPD_LANG-"C"}
# This will prevent initlog from swallowing up a pass-phrase prompt if
# mod_ssl needs a pass-phrase from the user.
INITLOG_ARGS=""
# Set HTTPD=/usr/sbin/httpd.worker in /etc/sysconfig/httpd to use a server
# with the thread-based "worker" MPM; BE WARNED that some modules may not
# work correctly with a thread-based MPM; notably PHP will refuse to start.
# Path to the apachectl script, server binary, and short-form for messages.
apachectl=/usr/local/httpd/bin/apachectl
httpd=/usr/local/httpd/bin/httpd
prog=httpd
pidfile=${PIDFILE-/var/run/httpd/httpd.pid}
lockfile=${LOCKFILE-/var/lock/subsys/httpd}
RETVAL=0
STOP_TIMEOUT=${STOP_TIMEOUT-10}
# The semantics of these two functions differ from the way apachectl does
# things -- attempting to start while running is a failure, and shutdown
# when not running is also a failure.  So we just do it the way init scripts
# are expected to behave here.
start() {
        echo -n $"Starting $prog: "
        LANG=$HTTPD_LANG daemon --pidfile=${pidfile} $httpd $OPTIONS
        RETVAL=$?
        echo
        [ $RETVAL = 0 ] && touch ${lockfile}
        return $RETVAL
}
# When stopping httpd, a delay (of default 10 second) is required
# before SIGKILLing the httpd parent; this gives enough time for the
# httpd parent to SIGKILL any errant children.
stop() {
    echo -n $"Stopping $prog: "
    killproc httpd
    RETVAL=$?
    echo
    [ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile}
}
reload() {
    echo -n $"Reloading $prog: "
    if ! LANG=$HTTPD_LANG $httpd $OPTIONS -t >&/dev/null; then
        RETVAL=6
        echo $"not reloading due to configuration syntax error"
        failure $"not reloading $httpd due to configuration syntax error"
    else
        # Force LSB behaviour from killproc
        LSB=1 killproc -p ${pidfile} $httpd -HUP
        RETVAL=$?
        if [ $RETVAL -eq 7 ]; then
            failure $"httpd shutdown"
        fi
    fi
    echo
}
# See how we were called.
case "$1" in
  start)
    start
    ;;
  stop)
    stop
    ;;
  status)
        status -p ${pidfile} $httpd
    RETVAL=$?
    ;;
  restart)
    stop
    start
    ;;
  condrestart|try-restart)
    if status -p ${pidfile} $httpd >&/dev/null; then
        stop
        start
    fi
    ;;
  force-reload|reload)
        reload
    ;;
  graceful|help|configtest|fullstatus)
    $apachectl $@
    RETVAL=$?
    ;;
  *)
    echo $"Usage: $prog {start|stop|restart|condrestart|try-restart|force-reload|reload|status|fullstatus|graceful|help|configtest}"
    RETVAL=2
esac
exit $RETVAL

搭建基于主机名的虚拟主机

编辑配置文件

[root@wangfeng7399 extra]# vi httpd-vhosts.conf
<VirtualHost *:80>
    ServerAdmin www.wangfeng7399.com
    DocumentRoot "/www/html/wangfeng7399"
</VirtualHost>
<VirtualHost *:80>
    ServerAdmin www.wangfeng17399.com
    DocumentRoot "/www/html/wangfeng17399"

修改主配置文件将主记录注释掉，将辅助http-vhosts启动起来

#DocumentRoot "/usr/local/httpd/htdocs"
# Virtual hosts
Include /etc/httpd/extra/httpd-vhosts.conf

分别在/www/html/wangfeng7399和/www/html/wangfeng17399中提供网页文件，并修改其权限

在window的hosts文件中添加对两个域名的解析

测试

基于用户验证

我们假设在www.wangfeng17399.com中有一个2.html中的数据为敏感数据，我们要对其做基于用户的验证才能登陆。

<VirtualHost *:80>
    DocumentRoot "/www/html/wangfeng17399"
    ServerName www.wangfeng17399.com
    <Directory "/www/html/wangfeng17399/2.html">
      Options None
      AllowOverride AuthConfig    //文件需要认证
      AuthType Basic              //认证类型为基本认证
      AuthName "Private Area"     //显示的标题
      AuthBasicProvider file      //认证的提供者
      AuthUserFile /usr/local/apache/.userpasswd //认证的文件
      Require valid-user   //可以读取认证文件的用户，vaild-user 表示所有合法用户，也可以 user admin wangfeng7399来制定单个用户
    </Directory>
</VirtualHost>

生成认证文件

[root@wangfeng7399 extra]# htpasswd -c /usr/local/apache/.userpasswd wangfeng7399
New password:
Re-type new password:
Adding password for user wangfeng7399

验证

要求用户输入用户名和密码

输入用户名和密码后可以看到2.html的内容

转载于:https://blog.51cto.com/wangfeng7399/1379373

weixin_34090643

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
httpd三之源码编译http2.4.9、虚拟主机、基于用户认证

本文主要讲解源码编译http2.4.9，并能实现基于虚拟主机、用户认证等实现网页访问。 http2.4.9会依赖于更高版本的apr和apr-util，所有需要先对apr和apr-util进行编译http2.4系列相对于http2.2系列新增的功能有 1) MPM支持在运行时装载 2）支持event 3）异步读写 4）在每模块及每目录上指定日志级别 ...
复制链接

扫一扫