1.Apache的作用
在web被访问时通常使用http://的方式
http:// ##超文本传输协议
http:// 超文本传输协议提供软件:
Apache ##百度
nginx ##网易,火狐,爱奇艺,360
stgw ##腾讯
jfe ##京东
Tengine ##阿里,新浪,字节跳动
curl -I baidu.com:显示网页的头信息
2.Apache的安装
dnf install httpd.x86_64 -y
3.Apache的启用
systemctl enable --now httpd ##开启服务并设定服务位开机启动
firewall-cmd --list-all ##查看火墙信息
firewall-cmd --permanent --add-service=http ##在火墙中永久开启http访问
firewall-cmd --permanent --add-service=https ##在火墙中永久开启https访问
firewall-cmd --reload ##刷新火墙使设定生效
![](https://i-blog.csdnimg.cn/blog_migrate/10684d123276e70801a7aa673e3abc97.png)
4.Apache的基本信息
服务名称:httpd
配置文件: /etc/httpd/conf/httpd.conf ##主配置文件
/etc/httpd/conf.d/*.conf ##子配置文件
默认发布目录: /var/www/html
默认发布文件: index.html
默认端口: 80 #http
443 #https
用户: apache
日志: /etc/httpd/logs
5.Apache的基本配置
(1)Apache端口修改
vim /etc/httpd/conf/httpd.conf
Listen 8080
firewall-cmd --permanent --add-port=8080/tcp
firewall-cmd --reload
systemctl restart httpd
http://172.25.254.100:8080
![](https://i-blog.csdnimg.cn/blog_migrate/e048678d5f2082cc7e38ed822b6b3367.png)
![](https://i-blog.csdnimg.cn/blog_migrate/fc1207bb07c2dcf4c54e0708b25dcbb7.png)
![](https://i-blog.csdnimg.cn/blog_migrate/59b991cf6e2822407ae87d52ef5793a3.png)
(2.)默认发布文件
vim /etc/httpd/conf/httpd.conf
DirectoryIndex westos.html index.html
systemctl restart httpd
默认的发布文件是index.html
![](https://i-blog.csdnimg.cn/blog_migrate/251b17a97378ba9499300f1cce8b8ece.png)
将默认发布文件修改为westos.html
![](https://i-blog.csdnimg.cn/blog_migrate/364ff492f0dbf2062a16902310fd7a2a.png)
![](https://i-blog.csdnimg.cn/blog_migrate/595a274d5777df32aded2797d0a22d0b.png)
![](https://i-blog.csdnimg.cn/blog_migrate/700a4198920da6a5b59b5f9b72eb10bb.png)
(3).默认发布目录
mkdir /var/www/westos
mv /var/www/westos /var
vim /etc/httpd/conf/httpd.conf
DocumentRoot "/var/westos"
<Directory "/var/westos">
Require all granted
</Directory>
systemctl restart httpd
firefox http://192.168.2.100:8080
![](https://i-blog.csdnimg.cn/blog_migrate/332721a132b3febe2fb664f9f6d241af.png)
6.Apache的访问控制
实验素材
mkdir /var/www/html/westos
vim /var/www/html/westos/index.html
<h1>westosdir's page</h1>
firefox http://192.168.2.100/westos
![](https://i-blog.csdnimg.cn/blog_migrate/c99a65c8b88ef67ca80c3d601dda3b78.png)
(1.)基于客户端ip的访问控制
ip白名单
<Directory "/var/www/html/westos">
Order Deny,allow
Allow from 192.168.2.100
Deny from All
</Directory>
将192.168.2.100主机放进白名单
![](https://i-blog.csdnimg.cn/blog_migrate/e3ac567c6ea2da9da9b944a8b0abca2a.png)
192.168.2.100主机可以访问
ip黑名单
<Directory "/var/www/html/westos">
Order Allow,Deny
Allow from all
Deny from 192.168.0.10
</Directory>
将192.168.2.100主机放进黑名单
![](https://i-blog.csdnimg.cn/blog_migrate/0be8936ea120ec3e8a550274123fb296.png)
192.168.2.100主机不可访问
(2).基于用户认证
htpasswd -cm /etc/httpd/htpasswdfile admin ##生成认证文件
注意: 当/etc/httpd/htpasswdfile存在那么在添加用户时不要加-c参数否则会覆盖源文件内容
vim /etc/httpd/conf/httpd.conf
<Directory "/var/www/html/westos">
AuthUserfile /etc/httpd/htpasswdfile ##指定认证文件
AuthName "Please input your name and password" ##认证提示语
AuthType basic ##认证类型
Require user admin ##允许通过的认证用户 2选1
Require valid-user ##允许所有用户通过认证 2选1
</Directory>
![](https://i-blog.csdnimg.cn/blog_migrate/73fd68dec660099e70f8b370d459a365.png)
只允许admin用户通过
允许所有用户通过
7.Apache的虚拟主机
mkdir /var/www/virtual/westos.org/{news,bbs}/html -p
echo bbs.westos.org > /var/www/virtual/westos.org/bbs/html/index.html
echo news.westos.org > /var/www/virtual/westos.org/news/html/index.html
echo default's page > /var/www/html/index.html
![](https://i-blog.csdnimg.cn/blog_migrate/5d6d859b49a262bf2c5c87ee3686906e.png)
vim /etc/httpd/conf.d/Vhost.conf
<VirtualHost _default_:80>
DocumentRoot /var/www/html
CustomLog logs/default.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName news.westos.org
DocumentRoot /var/www/virtual/westos.org/news/html
CustomLog logs/news.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName bbs.westos.org
DocumentRoot /var/www/virtual/westos.org/bbs/html
CustomLog logs/bbs.log combined
</VirtualHost>
![](https://i-blog.csdnimg.cn/blog_migrate/c07662b3be24f04493c772e53a8744a2.png)
测试
:
在浏览器所在主机中
vim /etc/hosts
192.168.2.100 www.westos.com wenku.westos.ocm news.westos.com
![](https://i-blog.csdnimg.cn/blog_migrate/7f0aa00dcf6718d5747b01924c637be3.png)
firefox http://www.westos.org
firefox http://bbs.westos.org
firefox http://news.westos.org
![](https://i-blog.csdnimg.cn/blog_migrate/c54d4d2e8c2480356f285b023df5934e.png)
8.Apache的语言支持
vim /var/www/html/index.php
(1)#php#
<?php
phpinfo();
?>
![](https://i-blog.csdnimg.cn/blog_migrate/3e2fc64412812cafb0069d5bb0dfa2f4.png)
![](https://i-blog.csdnimg.cn/blog_migrate/c0f29d644b48f163dca0eaaf3de2a296.png)
dnf install php -y
systemctl restart httpd
firefox http://192.168.0.11/index.php
![](https://i-blog.csdnimg.cn/blog_migrate/3f82cda86dcd1eb72e7bcf3958b8ba73.png)
![](https://i-blog.csdnimg.cn/blog_migrate/859394f2c6b281a5d138af2ddef2c764.png)
Apache的说明
dnf install httpd-manual -y
systemctl restart httpd
![](https://i-blog.csdnimg.cn/blog_migrate/a47fc15970c6a2d2e05bb956e8292bbd.png)
(2) #cgi#
mkdir /var/www/html/cgidir
vim /var/www/html/cgidir/index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;
![](https://i-blog.csdnimg.cn/blog_migrate/2ad7ff6acc557187a242060296654339.png)
![](https://i-blog.csdnimg.cn/blog_migrate/18b36444319b4b5758434c4b2053a1ff.png)
![](https://i-blog.csdnimg.cn/blog_migrate/704063633eb2579fbb3025f3cb51cdfd.png)
vim /etc/httpd/conf.d/vhost.conf
<Directory "/var/www/html/cgidir">
Options +ExecCGI
AddHandler cgi-script .cgi
DirectoryIndex index.cgi
</Directory>
systemctl restart httpd
chmod +x /var/www/html/cgi/index.cgi
![](https://i-blog.csdnimg.cn/blog_migrate/21a1a2d8f01e97ac9be2befabcf8beda.png)
firefox http://192.168.2.100/cgi/index.cgi
(3) #wsgi#
书写wsgi的测试文件
vim /var/www/html/wsgi/index.wsgi
def application(env, westos):
westos('200 ok',[('Content-Type', 'text/html')])
return [b'hello westos ahhahahahah!']
![](https://i-blog.csdnimg.cn/blog_migrate/a279579592375cf65dbc0835ddc0facf.png)
![](https://i-blog.csdnimg.cn/blog_migrate/2c32324f830d6c7949f86c7c70d1626b.png)
dnf install python3-mod_wsgi
systemctl restart httpd
![](https://i-blog.csdnimg.cn/blog_migrate/4f306c58d4e133df8ef65c4ee39bfa03.png)
vim /etc/httpd/conf.d/vhost
<VirtualHost *:80>
ServerName wsgi.westos.org
WSGIScriptAlias / /var/www/html/wsgi/index.wsgi
</VirtualHost>
![](https://i-blog.csdnimg.cn/blog_migrate/4bc356e84b6a516b3b822faff15ed4f6.png)
测试:
在浏览器所在主机中
vim /etc/hosts
192.168.2.100 wsgi.westos.org
9.Apache的加密访问
安装加密插件
dnf install mod_ssl -y
![](https://i-blog.csdnimg.cn/blog_migrate/13d01ab2e3411ec88bc18a3c11dc188e.png)
生成证书
##command 1
openssl genrsa -out /etc/pki/tls/private/www.westos.com.key 2048 ## 生成私钥
openssl req -new -key /etc/pki/tls/private/www.westos.com.key \
-out /etc/pki/tls/certs/www.westos.com.csr ##生成证书签名文件
openssl x509 -req -days 365 -in \
/etc/pki/tls/certs/www.westos.com.csr \
-signkey /etc/pki/tls/private/www.westos.com.key \
-out /etc/pki/tls/certs/www.westos.com.crt #生成证书
x509 证书格式
-req 请求
-in 加载签证名称
-signkey /etc/pki/tls/private/www.westos.com.key
##command 2
openssl req --newkey rsa:2048 -nodes -sha256 -keyout /etc/httpd/certs/westos.org.key
-x509 -days 365 -out /etc/httpd/certs/westos.org.crt
![](https://i-blog.csdnimg.cn/blog_migrate/2d79b6b160a129cca3050b8cbb0b2a77.png)
vim /etc/httpd/conf.d/ssl.conf
10.http转https
mkdir /var/www/virtual/westos.org/login
echo login.westos.org > /var/www/virtual/westos.org/login/index.html
vim /etc/httpd/conf.d/vhost.conf
<VirtualHost *:443>
ServerName login.westos.org
DocumentRoot /var/www/virtual/westos.org./login
SSLEngine on
SSLCertificateFile /etc/httpd/certs/westos.org.crt
SSLCertificateKeyFile /etc/httpd/certs/westos.org.key
</VirtualHost>
<VirtualHost *:80>
ServerName login.westos.org
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1
</VirtualHost>
systemctl restart httpd
^(/.*)$ ##客户地址栏中输入的地址
%{HTTP_HOST} ##客户主机
$1 ##RewriteRule后面跟的第一串字符的值
测试:
在浏览器所在主机中
vim /etc/hosts
11.cdn代理加速
在一台没有Apache的主机中下载squid使其可以缓存想要获取的数据,修改squid配置文件,以达到没有Apache但是可以访问到资源的目的
![](https://i-blog.csdnimg.cn/blog_migrate/9a631941eddf30f7a8cbc4b23f9d9a27.png)
![](https://i-blog.csdnimg.cn/blog_migrate/2779c0e1aaa94f7994d6ab351602e484.png)
在有
Apache的主机共享目录中,编写一个文件
![](https://i-blog.csdnimg.cn/blog_migrate/4ec138ad454cafd62952c2e8eb041b7a.png)
在没有
Apache的主机中可以访问到
![](https://i-blog.csdnimg.cn/blog_migrate/a433c6a8bf31c2e6794ce31d34235664.png)