综合练习:请给openlab搭建web网站
网站需求:
1.基于域名[www.openlab.com](http://www.openlab.com)可以访问网站内容为 welcome to openlab!!!
2.给该公司创建三个子界面分别显示学生信息,教学资料和缴费网站,基于[www.openlab.com/student](http://www.openlab.com/student) 网站访问学生信息,[www.openlab.com/data](http://www.openlab.com/data)网站访问教学资料[www.openlab.com/money网站访问缴费网站](http://www.openlab.com/money网站访问缴费网站)。
3.要求
(1)学生信息网站只有song和tian两人可以访问,其他用户不能访问。
(2)访问缴费网站实现数据加密基于https访问。
实现:
需求一:
//关闭防火墙
[root@localhost ~]# systemctl disable --now firewalld
//设置selinux
[root@localhost ~]# setenforce 0
[root@localhost ~]# getenforce
Permissive
创建openlab目录和写入index文件
[root@localhost ~]# mkdir /www/openlab
[root@localhost ~]# vim /www/openlab/index.html
[root@localhost ~]# cat /www/openlab/index.html
welcome to openlab!!!
//编辑配置文件
[root@localhost conf.d]# cat openlab.conf
<VirtualHost 192.168.174.136:80>
ServerName www.openlab.com
DocumentRoot /www/openlab
ErrorLog "/var/log/httpd/openlab-error_log"
CustomLog "/var/log/httpd/openlab-access_log" common
</VirtualHost>
<VirtualHost 192.168.174.136:443>
ServerName www.openlab.com
DocumentRoot /www/openlab
ErrorLog "/var/log/httpd/openlab-error_log"
CustomLog "/var/log/httpd/openlab-access_log" common
</VirtualHost>
<directory /openlab>
allowoverride none
require all granted
</directory>
//编辑hosts文件
[root@localhost conf.d]# vim /etc/hosts
192.168.174.136 www.openlab.com
//重启
[root@localhost ~]# systemctl restart httpd
[root@localhost conf.d]# curl www.openlab.com
welcome to openlab!!!
需求二:
[root@localhost ~]# mkdir -pv /www/openlab/{student,data,money}
mkdir: created directory '/www/openlab/student'
mkdir: created directory '/www/openlab/data'
mkdir: created directory '/www/openlab/money'
[root@localhost conf.d]# vim openlab.conf
[root@localhost conf.d]# cat openlab.conf
<VirtualHost 192.168.174.136:80>
ServerName www.openlab.com
DocumentRoot /www/openlab
alias /student /www/openlab/student
alias /data /www/openlab/data
alias /money /www/openlab/money
ErrorLog "/var/log/httpd/openlab-error_log"
CustomLog "/var/log/httpd/openlab-access_log" common
</VirtualHost>
<VirtualHost 192.168.174.136:443>
ServerName www.openlab.com
DocumentRoot /www/openlab
alias /student /www/openlab/student
alias /data /www/openlab/data
alias /money /www/openlab/money
ErrorLog "/var/log/httpd/openlab-error_log"
CustomLog "/var/log/httpd/openlab-access_log" common
</VirtualHost>
<directory /www/openlab>
allowoverride none
require all granted
</directory>
[root@localhost ~]# cd /www/openlab
[root@localhost openlab]# echo student > student/index.html
[root@localhost openlab]# echo data > data/index.html
[root@localhost openlab]# echo money > money/index.html
[root@localhost conf.d]# systemctl restart httpd
[root@localhost openlab]# curl www.openlab.com/student -L
student
[root@localhost openlab]# curl www.openlab.com/data -L
data
[root@localhost openlab]# curl www.openlab.com/money -L
money
需求三:
[root@localhost conf.d]# cat openlab.conf
<VirtualHost 192.168.174.136:80>
ServerName www.openlab.com
DocumentRoot /www/openlab
alias /student /www/openlab/student
alias /data /www/openlab/data
alias /money /www/openlab/money
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/openlab.crt
SSLCertificateKeyFile /etc/pki/tls/certs/openlab.key
ErrorLog "/var/log/httpd/131-error_log"
CustomLog "/var/log/httpd/131-access_log" common
</VirtualHost>
<VirtualHost 192.168.174.136:443>
ServerName www.openlab.com
DocumentRoot /www/openlab
alias /student /www/openlab/student
alias /data /www/openlab/data
alias /money /www/openlab/money
ErrorLog "/var/log/httpd/131-error_log"
CustomLog "/var/log/httpd/131-access_log" common
</VirtualHost>
<directory /www/openlab>
allowoverride none
require all granted
</directory>
<directory /www/openlab/student>
authtype basic
authname "please login:"
authuserfile /etc/httpd/password
require user song tian
</directory>
[root@localhost conf.d]# htpasswd -cb /etc/httpd/password song 123
Adding password for user song
[root@localhost conf.d]# htpasswd -b /etc/httpd/password tian 123
Adding password for user tian
[root@localhost conf.d]# cat /etc/httpd/password
song:$apr1$JD1mZtdN$G4KrnK.Rer9VlBoSuEVwn.
tian:$apr1$WGJoyyMp$X8xv/VEX7a/6yIn6MHmD..
[root@localhost conf.d]# systemctl restart httpd
[root@localhost conf.d]# curl song:123@www.openlab.com/student/
student
[root@localhost conf.d]# curl tian:123@www.openlab.com/student/
student
//生产秘钥
[root@localhost conf.d]# openssl genrsa > openlab.key
//生成证书
[root@localhost conf.d]# openssl req -x509 -key openlab.key -days 100 -out openlab.crt
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:+86
String too long, must be at most 2 bytes long
Country Name (2 letter code) [XX]:86
State or Province Name (full name) []:cd
Locality Name (eg, city) [Default City]:chengdu
Organization Name (eg, company) [Default Company Ltd]:www.openlab.com
Organizational Unit Name (eg, section) []:rhce
Common Name (eg, your name or your server's hostname) []:www.openlab.com
Email Address []:admin@openlab.com
[root@localhost conf.d]# ll
total 40
-rw-r--r--. 1 root root 597 Mar 18 16:55 100-200.conf
-rw-r--r--. 1 root root 2916 Jul 22 2022 autoindex.conf
-rw-r--r--. 1 root root 1028 Mar 24 09:46 openlab.conf
-rw-r--r--. 1 root root 1456 Mar 24 10:06 openlab.crt
-rw-r--r--. 1 root root 1704 Mar 24 10:02 openlab.key
-rw-r--r--. 1 root root 1577 Aug 1 2022 php.conf
-rw-r--r--. 1 root root 590 Mar 18 16:05 port.conf
-rw-r--r--. 1 root root 400 Jul 22 2022 README
-rw-r--r--. 1 root root 1252 Jul 22 2022 userdir.conf
-rw-r--r--. 1 root root 653 Jul 22 2022 welcome.conf
[root@localhost conf.d]# systemctl restart httpd
[root@localhost conf.d]# cat openlab.conf
<VirtualHost 192.168.174.136:80>
ServerName www.openlab.com
DocumentRoot /www/openlab
alias /student /www/openlab/student
alias /data /www/openlab/data
alias /money /www/openlab/money
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/openlab.crt
SSLCertificateKeyFile /etc/pki/tls/certs/openlab.key
ErrorLog "/var/log/httpd/openlab-error_log"
CustomLog "/var/log/httpd/openlab-access_log" common
</VirtualHost>
<VirtualHost 192.168.174.136:443>
ServerName www.openlab.com
DocumentRoot /www/openlab
alias /student /www/openlab/student
alias /data /www/openlab/data
alias /money /www/openlab/money
ErrorLog "/var/log/httpd/https-openlab-error_log"
CustomLog "/var/log/httpd/https-openlab-access_log" common
</VirtualHost>
<directory /www/openlab>
allowoverride none
require all granted
</directory>
<directory /www/openlab/student>
authtype basic
authname "please login:"
authuserfile /etc/httpd/password
require user song tian
</directory>