Shulou(Shulou.com)06/02 Report--

Lab requirements: install Apache and DNS services

Add two network cards to the virtual machine

[root@localhost ~] # yum install bind httpd-y

Add network card

Build a virtual host-based domain name access 1. Provide domain name resolution for virtual hosts

[root@localhost ~] # vim / etc/named.conf / / configure DNS main configuration file

[root@localhost ~] # vim / etc/named.rfc1912.zones / / configure DNS zone configuration file

[root@localhost ~] # cd / var/named/

[root@ named] # cp-p named.localhost kgc.com.zone

[root@localhost named] # vim kgc.com.zone / / configure DNS zone data configuration file

[root@localhost named] # cp-p kgc.com.zone accp.com.zone

/ / the DNS zone data configuration file here does not need to be modified

[root@localhost named] # systemctl start named / / start the DNS service

[root@localhost named] # systemctl stop firewalld.service / / turn off the firewall

[root@localhost named] # setenforce 0

2. Prepare web documents for the virtual host

[root@localhost httpd] # cd / var/www/html

[root@localhost html] # ls

[root@localhost html] # mkdir accp kgc

[root@localhost html] # ls

Accp kgc

[root@localhost html] # cd accp/

[root@localhost accp] # vim index.html

This is accp web / / enter web content

[root@localhost accp] # cd.. / kgc/

[root@localhost kgc] # vim index.htm

This is kgc web / / enter web content

[root@localhost ~] # cd / etc/httpd/

[root@localhost httpd] # cd conf

[root@localhost conf] # vim httpd.conf

Find the listening port comment ipv6 port, open the ipv4 port, and change the listening address to the local address.

Include conf/extra/vhost.conf / / press the capital letter G to the last line, and press o to insert this content on the following line

3. Add virtual host configuration

[root@localhost named] # cd / etc/httpd/

[root@localhost httpd] # cd conf

[root@localhost conf] # mkdir extra

[root@localhost conf] # ls

Extra httpd.conf magic

[root@localhost conf] # cd extra/

[root@localhost extra] # vim vhost.conf

DocumentRoot "/ var/www/html/kgc/" / / site directory

ServerName www.kgc.com / / domain name

ErrorLog "logs/www.kgc.com.error_log" / / error log

CustomLog "logs/www.kgc.com.access_log" common / / access log

Require all granted / / access permission is to allow all

DocumentRoot "/ var/www/html/accp/"

ServerName www.accp.com

ErrorLog "logs/www.accp.com.error_log"

CustomLog "logs/www.accp.com.access_log" common

Require all granted

[root@localhost conf] # systemctl start httpd / / start the service

4. Access the virtual Web host on the client

Enter the URL: www.kgc.com www.accp.com on the test machine win10

Build virtual host-based port access 1, add virtual host configuration

[root@localhost extra] # vim vhost.conf

/ / add the following to the virtual host configuration file

DocumentRoot "/ var/www/html/kgc02/"

ServerName www.kgc.com

ErrorLog "logs/www.kgc02.com.error_log"

CustomLog "logs/www.kgc02.com.access_log" common

Require all granted

2. Prepare web documents for the virtual host

[root@localhost extra] # cd / var/www/html/

[root@localhost html] # ls

Accp kgc

[root@localhost html] # mkdir kgc02

[root@localhost html] # ls

Accp kgc kgc02

[root@localhost html] # cd kgc02/

[root@localhost kgc02] # vim index.html

This is kgc02 web / / enter web content

3. Enter the Apache configuration file to add a port.

Vim / etc/httpd/conf/httpd.conf

Enter / Listen to find the listening port location in the configuration file

Enter:

Listen 192.168.131.129:80

Listen 192.168.131.129:8080

[root@localhost extra] # systemctl restart httpd / / restart the service

4. Access the virtual Web host on the client

Enter www.kgc.com:8080 in the test machine win10 to test

If you enter www.kgc.com on the test machine win10, the default port number is 80

Build virtual host-add virtual host configuration based on IP1

[root@localhost kgc02] # cd / etc/httpd/conf/extra/

[root@localhost extra] # ls

Vhost.conf

[root@localhost extra] # vim vhost.conf / / enter the virtual host configuration and add the following

VirtualHost 192.168.56.131 80 > / / based on ip access, so it needs to be changed to a local address

DocumentRoot "/ var/www/html/accp/"

ErrorLog "logs/www.accp.com.error_log"

CustomLog "logs/www.accp.com.access_log" common

Require all granted

/ / change this line to the IP address of the second network card

DocumentRoot "/ var/www/html/accp02/"

ErrorLog "logs/www.accp02.com.error_log"

CustomLog "logs/www.accp02.com.access_log" common

Require all granted

2. Prepare web documents for the virtual host

[root@localhost extra] # cd / var/www/html/

[root@localhost html] # mkdir accp02

[root@localhost html] # cd accp02/

[root@localhost accp02] # vim index.html

This is accp02 web / / enter web content

[root@localhost extra] # systemctl restart httpd / / restart the service

3. Access the virtual Web host on the client

Enter: 192.168.131.129 / 192.168.131.130 on the test machine win10 to test

But in practice, we usually use domain names to visit websites, so we also need to provide domain name resolution services for new IP addresses.

Modify DNS zone configuration file

Vim / etc/named.rfc1912.zones / / add new content to the DNS area configuration file

Modify DNS data configuration file

[root@localhost extra] # cd / var/named/

[root@localhost named] # cp-p accp.com.zone naccp.com.zone / / copy zone data profile template

[root@localhost named] # vim naccp.com.zone / / enter the zone data configuration file to modify

[root@localhost extra] # systemctl restart httpd / / restart the service

Enter: www.kgc.com / www.naccp.com on the test machine win10 to test

Building a virtual host-based on permissions

Add a blacklist and whitelist to the virtual host configuration

[root@localhost named] # cd / etc/httpd/conf/extra

[root@localhost extra] # ls

Vhost.conf

[root@localhost extra] # vim vhost.conf

DocumentRoot "/ var/www/html/accp/"

ServerName www.accp.com

ErrorLog "logs/www.accp.com.error_log"

CustomLog "logs/www.accp.com.access_log" common

Require not ip 192.168.131.128 / add the IP address of the test machine to disallow access to accp.com

Require all granted

[root@localhost extra] # systemctl restart httpd / / restart the service

Verify the blacklist and whitelist

Use the test machine win10 to visit: www.kgc.com / www.naccp.com

Naccp.com can be accessed normally, but kgc.com cannot. Jump directly to the Apache default web page.

Password authentication access to Apache web pages

[root@localhost conf] # cd / etc/httpd/conf

[root@localhost conf] # htpasswd-c / etc/httpd/conf/pwd tese01 / / create an access user

New password: / / set the access password

Re-type new password: / / re-enter password

Adding password for user tese01

[root@localhost conf] # ls

Extra httpd.conf magic pwd

[root@localhost conf] # cat pwd

Tese01:$apr1 $. HU1/Ltw$Isp7l.Qhe9Zlh81OU8e7M1 / / password ciphertext

[root@localhost conf] # cd extra/

[root@localhost extra] # ls

Vhost.conf

[root@localhost extra] # vim vhost.conf / / enter the virtual host configuration file to configure the following

DocumentRoot "/ var/www/html/accp02/"

ServerName www.naccp.com

ErrorLog "logs/www.accp02.com.error_log"

CustomLog "logs/www.accp02.com.access_log" common

AuthName "DocumentRoot"

AuthType Basic

AuthUserFile / etc/httpd/conf/pwd

Require valid-user

[root@localhost extra] # systemctl restart httpd / / restart the service

Use the test machine win10 input: www.naccp.com to test

At this point, if we want to access naccp.com again, we need to enter a password to verify it.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.