Linux服务器搭建web网站

最新推荐文章于 2024-07-05 20:49:48 发布

Fcze

最新推荐文章于 2024-07-05 20:49:48 发布

阅读量928

点赞数 4

分类专栏： Redhat Linux

本文链接：https://blog.csdn.net/weixin_43403578/article/details/98438871

版权

Redhat Linux 专栏收录该内容

16 篇文章 0 订阅

订阅专栏

目标：
1、域名为www.haha.com,可访问的网站内容为 welcome to haha！！
2、给该公司创建三个虚拟网站目录、/data（数据）、/student（学生）、/money（缴费）
3、基于www.haha.com/student 网站访问学生网站、基于www.haha.com/data访问数据网站、基于www.haha.com/money 访问缴费网站
4、学生和缴费网站都可以访问，数据网站只有zhangsan、lisi可以访问
5、缴费网站实现数据加密基于 HTTPS 访问

1、配置yum源，挂载、安装httpd、mod_ssl包

[root@localhost ~]# cat /etc/redhat-release 
Red Hat Enterprise Linux Server release 7.5 (Maipo)

[base]
name=base
baseurl=file:///mnt
gpgcheck=0
enable=1

[root@localhost ~]# mount /dev/sr0 /mnt/

[root@localhost ~]# yum install httpd -y							#http安装包
[root@localhost ~]# yum install mod_ssl.x86_64 -y					#ssl安装包

2、关闭seLinux和防火墙

[root@localhost ~]# systemctl stop firewalld.service 
[root@localhost ~]# setenforce 0

3、创建认证

[root@localhost certs]# pwd
/etc/pki/tls/certs

[root@localhost certs]# make haha.crt
umask 77 ; \
/usr/bin/openssl genrsa -aes128 2048 > haha.key
Generating RSA private key, 2048 bit long modulus
............................................+++
...........................................................................................+++
e is 65537 (0x10001)
Enter pass phrase:
Verifying - Enter pass phrase:
umask 77 ; \
/usr/bin/openssl req -utf8 -new -key haha.key -x509 -days 365 -out haha.crt 
Enter pass phrase for haha.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:cn
Locality Name (eg, city) [Default City]:x'a
Organization Name (eg, company) [Default Company Ltd]:haha
Organizational Unit Name (eg, section) []:haha
Common Name (eg, your name or your server's hostname) []:haha
Email Address []:localhost@root.com

认证信息填写完成后：
[root@localhost certs]# ll
创建的ca认证（基于本地）
-rw-------. 1 root root 1367 8月   4 17:01 haha.crt
-rw-------. 1 root root 1766 8月   4 17:00 haha.key

4、配置虚拟主机文件

[root@localhost ~]# vim /etc/httpd/conf.d/vhost.conf 					#虚拟文件/（自己命名）

<directory /haha>
        allowoverride none
        require all granted
</directory>

<virtualhost 192.168.218.100:80>
        servername www.haha.com
        documentroot /haha
        documentroot /haha/student
</virtualhost>

<directory /haha/data>
        authtype basic
        authname "please login!!!"
        authuserfile /etc/httpd/mysecret
        require user zhangsan lisi
</directory>


<virtualhost 192.168.218.100:443>
        servername www.haha.com/money
        documentroot /haha/money
        SSLEngine on
        SSLProtocol all -SSLv2
        SSLcipherSuite HIFH:MEDIUM:!aNILL:!MD5:!SEED:!IDEA
        SSlCertificateFile /etc/pki/tls/certs/haha.crt
        SSLcertificateKeyFile /etc/pki/tls/certs/haha.key
</virtualhost>

5、目录信息

[root@localhost ~]# mkdir /haha
[root@localhost ~]# cd /haha/
[root@localhost haha]# mkdir data
[root@localhost haha]# mkdir student
[root@localhost haha]# mkdir money

[root@localhost haha]# vim /haha/index.html 
welcome to haha!!

[root@localhost ~]# htpasswd -c /etc/httpd/mysecret zhangsan
New password: 
Re-type new password: 
Adding password for user zhangsan

[root@localhost ~]# htpasswd  /etc/httpd/mysecret lisi
New password: 
Re-type new password: 
Adding password for user lisi

6、重启服务

[root@localhost ~]# systemctl restart httpd.service 
Enter SSL pass phrase for www.haha.com/money:443 (RSA) : ******

配置本地域名解析文件：
[root@localhost ~]# vim /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.218.100  www.haha.com