综合练习:请给openlab搭建web网站
网站需求:
一.基于域名www.openlab.com可以访问网站内容为 welcome to openlab!!!
前置配置
systemctl stop firewalld
setenforce 0
1.编辑vhosts文件
[root@localhost ~]# vim /etc/httpd/conf.d/vhosts.conf
<VirtualHost 192.168.43.100:80>
DocumentRoot /www/luntan
ServerName 192.168.43.100
</VirtualHost>
<VirtualHost 192.168.43.200:80>
DocumentRoot /www/200
ServerName 192.168.43.200
</VirtualHost>
<Directory /www>
AllowOverride none
Require all granted
</Directory>
2.创建openlab访问界面目录
mkdir /www/200
3.输入openlab访问界面信息
[root@localhost ~]# echo welcome to openlab!!! > /www/200/index.html
4.编辑hosts文件,添加如下配置
192.168.43.200 www.openlab.com
5.实现访问
[root@localhost ~]# curl 192.168.43.200
welcome to openlab!!!
[root@localhost ~]# curl www.openlab.com
welcome to openlab!!!
二.给该公司创建三个子界面分别显示学生信息,教学资料和缴费网站,基于www.openlab.com/student 网站访问学生信息,www.openlab.com/data网站访问教学资料
www.openlab.com/money网站访问缴费网站。
1.编辑vhosts文件
<VirtualHost 192.168.43.200:80>
DocumentRoot /www/200
ServerName www.openlab.com
alias /student /www/200/student.html
alias /data /www/200/data.html
alias /money /www/200/money.html
</VirtualHost>
2.输入访问内容
[root@localhost ~]# vim /www/200/student.html
[root@localhost ~]# vim /www/200/data.html
[root@localhost ~]# vim /www/200/money.html
3.实现访问
[root@localhost ~]# curl www.openlab.com/money
this is money
[root@localhost ~]# curl www.openlab.com/data
this is data
[root@localhost ~]# curl www.openlab.com/student
this is student
三.要求
(1)学生信息网站只有song和tian两人可以访问,其他用户不能访问。
前置需求
yum install mod_ssl -y
1.编辑vhosts
<Directory /www/200>
AuthType Basic
AuthName "Login....."
AuthUserfile /etc/httpd/users
Require user song tian
</Directory>
2.设置用户song,tian
[root@localhost ~]# htpasswd -c /etc/httpd/users song
New password:
Re-type new password:
Adding password for user song
[root@localhost ~]# htpasswd /etc/httpd/users tian
New password:
Re-type new password:
Adding password for user tian
[root@localhost ~]# systemctl restart httpd
3.实现访问
[root@localhost ~]# curl www.openlab.com/student -u song:root
this is student
[root@localhost ~]# curl www.openlab.com/student -u tian:root
this is student
(2)访问缴费网站实现数据加密基于https访问。
1.编辑vhosts
<Virtualhost 192.168.43.200:443>
DocumentRoot /www/certs
Servername www.openlab.com
SSLEngine on
SSLCertificateFile /certs/haha.crt
SSLCertificateKeyFile /private/haha.key
</Virtualhost>
2.具体过程
[root@localhost ~]# vim /etc/httpd/conf.d/vhosts.conf
[root@localhost ~]# mkdir /www/certs
[root@localhost ~]# mkdir /www/certs/money
[root@localhost ~]# echo this is money > /www/certs/money/index.html
[root@localhost ~]# mkdir /certs
[root@localhost ~]# mkdir /private
[root@localhost ~]# openssl genrsa 2048 > /private/haha.key
Generating RSA private key, 2048 bit long modulus (2 primes)
......................+++++
.............................................................................................+++++
e is 65537 (0x010001)
[root@localhost ~]# openssl req -new -key /private/haha.key -x509 -days 365 -out /certs/haha.crt
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:86
State or Province Name (full name) []:shaanxi
Locality Name (eg, city) [Default City]:xian
Organization Name (eg, company) [Default Company Ltd]:ce
Organizational Unit Name (eg, section) []:11
Common Name (eg, your name or your server's hostname) []:hostname
Email Address []:admin@admin.com
3.进行https加密访问
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# curl -k https://www.openlab.com/money/
this is money
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
