1.基于域名[www.openlab.com](http://www.openlab.com)可以访问网站内容为welcome to openlab!!
安装httpd 和https
yum install httpd -y
yum install mod_ssl -y
关闭防火墙,关闭selinux
systemctl stop firewalld
setenforce 0
开启http服务
systemctl start httpd
[root@localhost ~]# vim /etc/httpd/conf.d/vhosts.conf
#利用本机的/etc/hosts文件做域名解析
[root@localhost ~]# vim /etc/hosts
2.给该公司创建的三个子页面分别显示学生信息,教学资料和缴费网站,基于www.openlab.com/stdent网站访问学生信息,www.openlab.com/data网站访问教学资料,www.openlab.com/money网站访问缴费网站。要求:学生信息网站只有tian和song两人可以访问,其他用户不能访问;访问缴费网站实现数据加密基于https访问。
加密
#挂载光盘到/mnt
[root@localhost ~]# mount /dev/sr0 /mnt
mount: /mnt: WARNING: device write-protected, mounted read-only.
[root@localhost ~]# openssl req -newkey rsa:4096 -nodes -sha256 -keyout /etc/pki/tls/private/openlab.key -x509 -days 365 -out /etc/pki/tls/certs/openlab.crt
[root@localhost ~]# vim /etc/httpd/conf.d/vshots.conf
<VirtualHost 192.168.101.200:443>
DocumentRoot /www/openlab
Alias /money /www/openlab/money
ServerName www.openlab.com
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/openlab.crt
SSLCertificateKeyFile /etc/pki/tls/private/openlab.key
</VirtualHost>
[root@localhost ~]# mkdir /www/openlab/money
[root@localhost ~]# echo 'this is openlab money' > /www/openlab/money/index.html
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# curl --insecure https://www.openlab.com/money/
money子页面
#更改配置文件
[root@server ~]# vim /etc/httpd/conf.d/vshots.conf
<VirtualHost 192.168.101.200:80>
DocumentRoot /www/openlab
Alias /student /www/openlab/student
ServerName www.openlab.com
</VirtualHost>
<Directory /www/openlab/student>
AuthType Basic
AuthName "Please login:..."
AuthuserFile /etc/httpd/usrfile
Require user song tian
</Directory>
#创建用户 指定用户名及密码
[root@localhost ~]# htpasswd -c /etc/httpd/userfile song
New password:
Re-type new password:
Adding password for user song
[root@server ~]# htpasswd /etc/httpd/userfile tian
New password:
Re-type new password:
Adding password for user tian
#创建网页文件根目录
[root@server ~]# mkdir /www/openlab/student
[root@server ~]# systemctl restart httpd
访问/student 子页面
架设一台NFS服务器,并按照以下要求配置1、开放/nfs/shared目录,供所有用户查询资料2、开放/nfs/upload目录,为192.168.xxx.0/24网段主机可以上传目录,并将所有用户及所属的组映射为nfs-upload,其UID和GID均为2103、将/home/tom目录仅共享给192.168.xxx.xxx这品机,并只有用户tom可以完全访问该目录
[root@localhost nfs]# yum install nfs-utils -y
[root@localhost tom]# vim /etc/exports