Shulou(Shulou.com)06/02 Report--

Complete introduction to httpd-2.2/2.4 configuration usage

This article introduces the following four parts, and see below.

I. brief introduction

The Apache HTTP Server is a powerful, efficient, and extensible web server.

From http://httpd.apache.org/

Httpd is the Apache HyperText Transfer Protocol (HTTP) server program. It is designed to be run as a standalone daemon process. When used like this it will create a pool of child processes or threads to handle requests. Form https://httpd.apache.org/docs/2.4/programs/httpd.html

The above introduction comes from the official website of apache, which I simply understand. First of all, the httpd service is a service program based on http hypertext transfer protocol. It is a very powerful, efficient and highly scalable web service. It runs as an independent daemon and supports multiple processes and multiple threads to handle multiple requests. Not only that, httpd also has many features, such as modularity is one of its most powerful features, the following describes the features of httpd.

II. Characteristics of httpd

I personally understand that httpd has two major features (which should be incomplete): one is highly modular, and the other is DSO, which can load modules dynamically.

2.1 highly modular

You might ask, what's the use of being highly modular? A high degree of modularization can be very useful! Imagine such a situation, if our mobile phones can be modular, then we can customize our favorite mobile phones according to our own preferences, and we can modify our mobile phones at any time and anywhere according to our own mood. Think about it. It's the same with httpd. We can also customize a favorite httpd service according to modularization. To make a long story short, a high degree of modularization is functional modularization, and the corresponding modules can be added according to the functions you need.

There is a MPM module in modularization that is very important, I have to say.

MPM translates as a multiprocessing module, and you can also understand it as a multiprocess processing module, because this module is related to the process. The introduction and differences of the three modules are shown in the following figure.

As you can see, the MPM module is mainly related to processes, threads and response requests, that is, our web concurrent access. Therefore, you can evaluate the relevant situation of web access to select the appropriate module.

CentOS7 system wants to view or modify MPM in this configuration file: / etc/httpd/conf.modules.d/00-mpm.conf

CentOS6 system wants to view or modify MPM in this configuration file: / etc/sysconfig/httpd

It should also be noted that event (event-driven mechanism) in CentOS6 is not mature, so it is rarely used, while event (event-driven mechanism) in CentOS7 is mature and can be used in production environment.

In addition, httpd also supports many modules, such as mpm_winnt, which is a multi-threaded MPM module that supports windowNT; for example, mod_ssl, which supports secure encryption, which is needed if we want to do a secure web access based on https.

There are many modules, as detailed in the official document: https://httpd.apache.org/docs/2.4/mod/

2.2 DSO (dynamic shared objects)

DSO (dynamic shared object), which shares objects dynamically, can load the module dynamically. There are many modules alone, but also have to achieve the way of module loading, DSO is such an implementation, can dynamically load modules.

For more information, see the official link: http://httpd.apache.org/docs/current/dso.html

III. Functional characteristics of httpd

The features of httpd are shown in the figure, and because they will be described in detail in later common configurations, try to make a long story short here.

1.CGI

Universal Gateway Interface

Implement dynamic pages

Poor performance

Reference link: http://docs.huihoo.com/apache/httpd/2.0-cn/howto/cgi.html

two。 Support the function of virtual host

To put it simply, a virtual host is running multiple websites on a single machine. It can be implemented in the following three ways:

That is to say, virtual host is realized based on IP address and virtual host based on port port, that is, virtual host is realized based on FQDN. FQDN is composed of host name and domain name. Their characteristics are shown in the figure, please also look at the picture. Instructions are required to implement a virtual host, which will be described in detail in common configurations. Common instructions are as follows:

ServerName ServerAlias DocumentRoot CustomLog ErrorLog

Reference link:

Https://httpd.apache.org/docs/2.4/vhosts/

Http://httpd.apache.org/docs/2.2/vhosts/

3. Support for reverse proxy

Simply understand, it is the agent of the server. The back-end server (such as the Web server) responds to the user's request, then returns the response message to the proxy server, and then sends the response message to the client via the proxy server.

4. Support load balancing

The simple understanding is to distribute the load reasonably in order to optimize the use of resources, maximize the throughput, minimize the response time and avoid overload.

5. Support path aliases

The path alias is associated with the path of a directory or file, which is related to the mapping of url and file system paths, and is detailed in common configurations.

Reference link: http://www.178linux.com/12685

6. Support user authentication mechanism

Simple understanding, that is, to authenticate the legitimacy of the user, such as authentication account, password, identity and so on. User authentication mechanism supports a variety of authentication methods, the common ones are basic (basic Cognitive style) and digest (Abstract Authentication), algorithm-based authentication.

7. Support for third-party modules

If you are strong enough, you can make your own module to embed in the httpd service, which is quite user-friendly and has the spirit of open source.

IV. The program version of httpd

There are four versions of httpd so far. 1.3 official maintenance has been stopped and will no longer be introduced.

2. 0 is also rarely used and is no longer introduced. For more information, see the link: http://httpd.apache.org/docs/2.0/ mainly details 2.2 and 2.4.

4.1 httpd2.2

Httpd2.2 introduces two parts: the program environment and common configurations.

4.1.1 httpd2.2 program environment

The program environment of httpd2.2 is as follows. Here I mainly introduce the program environment of CentOS6.8. For specific information, please see the mind map, and the text is only partially supplemented.

The profile adds:

Configuration file: / etc/httpd/conf/httpd.conf is mainly divided into three parts, namely, global environment configuration, main service configuration and virtual host configuration. The site information we define can be configured in / etc/httpd/conf/httpd.conf, or you can customize a configuration file ending in .conf in / etc/httpd/conf.d/ where you can configure the site information.

Section 1: Global Environment

Section 2: 'Main' server configuration

Section 3: Virtual Hosts

The main program file adds:

/ usr/sbin/httpd.worker

/ usr/sbin/httpd.event (2.2 testing phase)

The two MPM modules have been described above, if you don't remember, you can go back and take a look. Worker mode is enabled by default

Log file supplement:

Log files are divided into access logs and error logs, and we can also customize the storage path of the logs, which will be described in common configurations.

4.1.2 httpd2.2 common configuration

19 common configurations are summarized, some of which are tools that are independent of configuration but are used in httpd work or testing, so they are also included in common configurations.

These common configurations are mainly in the following two path configurations, but some of them are no longer in this path, which I will specify in the corresponding paragraph.

/ etc/httpd/conf/httpd.conf

/ etc/httpd/conf.d/*.conf # recommends this method, modularization idea

All configurations support the following format

Directive value

Directive: instruction, case-insensitive

Value: whether characters are case-sensitive when the value is a path, depending on the file system

1. Modify the listening IP and PORT

Format

Listen [IP-address:] portnumber [protocol]

Note

(1) omit IP as 0.0.0.0

(2) the Listen instruction can be repeated multiple times.

(3) modify the listening socket and restart the service process to take effect.

(4) when it is restricted that it must communicate through ssl, protocol needs to be defined as https

2. Persistent connection (PersistentConnection)

Define

Also known as persistent connection, after the continuous establishment of tcp, each resource acquisition is not completely disconnected, but continues to wait for other resource requests.

How to disconnect

Quantity limit

Time limit

Side effect

For servers with large concurrent visits, the persistent connection mechanism will prevent some subsequent requests from getting a normal response.

Solution

Use shorter duration of persistent connections and fewer requests

Examples

Set up

KeepAlive On | whether Off # enables persistent connection

Maximum duration of KeepAliveTimeout 15 # persistent connection

MaxKeepAliveRequests 100 # maximum number of persistent connection requests

test

Telnet WEB_SERVER_IP PORT # use the telnet command to enter the IP port of the web service

GET / URL HTTP/1.1 # request method site name http protocol version

Host: WEB_SERVER_IP # host IP

3. MPM configuration

3.1View the MPM operation mode of httpd

Ps aux | grep httpd

3.2View the module list of httpd

Check out the statically compiled module: httpd-l

Check out statically compiled and dynamically compiled modules: httpd-M

3.3 replace the MPM mechanism used

Configuration file: / etc/sysconfig/http Note:

Restart the service process to take effect

3.4MPM configuration

3.4.1 configuration of prefork

StartServers 8 # start idle processes

MinSpareServers 5 # minimum idle process

MaxSpareServers 20 # maximum idle processes

ServerLimit 256 # maximum active processes

MaxClients 256 # maximum number of concurrent requests; # request connection may not be active, it should be less than or equal to serverlimit

MaxRequestsPerChild 4000 # the maximum number of requests that each child process can serve during its lifecycle

3.4.2 configuration of worker

StartServers: # number of child processes started

MaxClients: # maximum number of concurrent requests

MinSpareThreads: # minimum number of idle threads

MaxSpareThreads: # maximum idle threads

ThreadsPerChild: # number of threads that can be generated per child process

MaxRequestsPerChild: # the maximum number of requests that each child process can serve during its life cycle. 0 means unlimited.

4. DSO (dynamic shared object)

DSO, that is, dynamically load the specified module.

Format: LoadModule

Module file paths can use relative paths, relative to ServerRoot (default / etc/httpd)

5. Define the document page path of 'Main' server

ServerName

Description: Hostname and port that the server uses to identify itself (i.e. hostname).

Syntax format: ServerName [scheme://] fully-qualified-domain-name [: port]

Like this: ServerName www.google.com

DocumentRoot ""

Description: Directory that forms the main document tree visible from theweb (the root directory of the web page, where DoucmentRoot points to the start of the URL path, which is equivalent to the root path of the site URL).

Syntax: DocumentRoot directory-path

Like this: DocumentRoot / web/www/html

Note: URL PATH and FileSystem PATH are not equivalent, but there is a mapping relationship.

For example, there is the following correspondence

URL /-> FileSystem / var/www/html/

/ p_w_picpaths/logo.jpg-- > / var/www/html/p_w_picpaths/logo.jpg

6. Common mechanisms of site access control

Access to resources can be controlled based on two mechanisms, one is the file system path in the operating system, and the other is through the URL path of the site.

6.1 access control through file system path

And are used to encapsulate a set of instructions to take effect only on a directory and its subdirectories. Any instruction that can be used in the "directory" scope can be used. Directory-path can be the full path to a directory or a wildcard string that contains Unixshell matching syntax. In the wildcard string, "?" Matches any single character, and "*" matches any character sequence. You can also use "[]" to determine the character range. It is important to note, however, that none of the above wildcards match the "/" character.

Directive provides a way of access control based on file names.

The following is an excerpt from the official document, which is worth referring to:

# Encapsulation of directories

...

Order Deny,Allow

Deny from All # denies everyone access to the / directory of the operating system

# means to encapsulate any path resources under the directory public_html

#... Directives here...

# will match all three-digit directories under / www/.

# access control based on file name

...

# match and encapsulate cat.html, bat.html, hat.php and other files.

# This would apply to cat.html, bat.html, hat.php and so on.

# File-based access control through regular expressions

...

# match and encapsulate .gif, jpeg,.png and other files

Access control based on source address in 6.1.1

6.1.1.1 implemented in httpd-2.2, access control based on source address is implemented through order instruction

Order instruction

Description: controls the default access status and the order in which Allow and Deny instructions take effect

Syntax: Order ordering

Default value Order Deny,Allow

Allow from, Deny from

In the following example, all hosts in the apache.org domain are allowed access, while access to any other host is denied.

Order Deny,Allow Deny from all Allow from apache.org

The following table illustrates the rules of allow,deny

6.1.1.2 implementation in httpd-2.4

Based on IP control:

Require ip IP address or network address

Require not ip IP address or network address

Based on hostname control:

Require host hostname or domain name

Require not host hostname or domain name

Here are a few examples of access control implemented by httpd-2.2 and httpd-2.4

Control page resources allow hosts from all sources to access httpd-2.2 Order allow,deny Allow from all httpd-2.4 Require all granted control page resources deny access to httpd-2.2 Order allow by hosts from all sources Deny Deny from all httpd-2.4 Require all denied

6.2 access control through URL path

Description: act the encapsulated instruction on the matching URL

Grammar:.

URL-based access control is provided.

Since the user of foo.com, you can use: SetHandler server-status Order Deny,Allow Deny from all Allow from .foo.com # Note: URL that applies encapsulated instructions to regular expression matching will match URL that contains the substring "/ extra/data" or "/ special/data".

6.3 Options instruction description

Description: configure options in a specific directory that specify which features to use

Syntax: Options [+ | -] option [[+ | -] option]...

Default value: Options All

Option can be None, in which case no additional features will be enabled.

All

All features except MultiViews take effect. This is the default setting.

ExecCGI

Allows CGI scripts to be executed using mod_cgi.

FollowSymLinks

The server allows symbolic connection features to be used in this directory.

Indexes

If a URL mapped to a directory is requested and there is no DirectoryIndex in that directory (for example: index.html), the server returns a formatted directory list generated by mod_autoindex.

Options Indexes FollowSymLinks

7. Define the main page of the site

DirectoryIndex index.html index.txt / cgi-bin/index.pl

8. Define path aliases

Description: map URL to a specific area of the file system

Syntax: Alias URL-path file-path | directory-path

Scope: server config, virtual host

The Alias directive enables documents to be stored in a local file system other than DocumentRoot.

Example:

Alias / p_w_picpath / ftp/pub/p_w_picpath

For the request for "http://myserver/p_w_picpath/foo.gif"", the server will return the "/ ftp/pub/p_w_picpath/foo.gif" file.

9. Set the default character set

AddDefaultCharset UTF-8

Chinese character set: GBK, GB2312, GB18030

10. Log settings

10.1 access Log

CustomLog instruction

Description: set the file name and format of the log

Syntax: CustomLog file | pipe format | nickname [env= [!] environment-variable]

Scope: server config, virtual host

The CustomLog directive is used to log requests from the server. The first parameter specifies the location of the log record, and the second parameter specifies what is written to the log file.

# explicitly use format strings

CustomLog logs/access_log "h% l% u% t\"% r\ "% > s% b"

# simple setting method

The log file name of CustomLog logs/access_log combined # relative to ServerRoot.

LogFormat format strings:

For more information, please refer to http://httpd.apache.org/docs/2.2/mod/mod_log_config.html#formats

% h: client IP address

% l:Remote User, usually a minus sign ("-")

% u:Remote user (from auth; may be bogus if return status (% s) is 401); it is a minus sign when not for login access

% t: time when the server received the request

% r:First line of request, which represents the first line of the request message; records the "method", "URL" and protocol version of the request

% > s: response status code

% b: the size of the response message in bytes, excluding the http header of the response message

% {Referer} I: the value of the first "referer" in the request message; that is, from which page the hyperlink jumps to the current page's

% {User-Agent} I: the value of the first "User-Agent" in the request message; that is, the application that made the request

LogFormat "% h% l% u% t\"% r\ "% > s% b\"% {Referer} I\ "\"% {User-Agent} I\ "" combined

10.2 error Log

ErrorLog instruction

Description: the location of the error log

Syntax: ErrorLog file-path | syslog [: facility]

Default value: ErrorLog logs/error_log (Unix) ErrorLog logs/error.log (Windows and OS/2)

Scope: server config, virtual host

The ErrorLog directive specifies the file that records the error log. If file-path is not an absolute path that begins with a slash (/), it is considered a relative path relative to ServerRoot.

Example

ErrorLog / var/log/httpd/error_log

The level of recording error log is generally LogLevel warn. Here is a description of the error log.

11. User-based access control

Note: Authorization means that the user fills in the account and password and sends a request message to the server again; when the authentication is passed, the server sends the response resource.

11.1 Authentication based on basic (plaintext)

11.1.1 user-based authentication

Train of thought:

(1) define a security domain

Options None

AllowOverride None

AuthType Basic

AuthName "String"

AuthUserFile "/ PATH_FILE"

Require user username1 username2...

(2) provide account number and password storage (text file)

Use special commands to complete file creation and user management

Htpasswd [options] / PATH_PASSWD_FILE username

-c: automatically creates the file specified here, so it should be used only if this file does not exist

-m:md5 format encryption

-s: sha format encryption

-D: delete the specified user

-b: add users in batch mode

Htpasswd-b [options] PATH_PASSWD_FILE username password # specify username and password in bulk

11.1.2 Authentication based on group account

Train of thought:

(1) define a security domain

Options None

AllowOverride None

AuthType Basic

AuthName "String"

AuthUserFile "PATH_PASSWD_FILE"

AuthGroupFile "PATH_GROUP_FILE"

Require group grpname1 grpname2...

(2) create user account and group account files

Group file: each line defines a group GRP_NAME: username1 username2.

12. Virtual host

Description: the virtual host function is very important. To put it simply, the function of a virtual host is to virtualize the effect of multiple hosts on one server, and the configuration of multiple sites can be realized. The implementation scheme of virtual host is as follows

Virtual hosts can be implemented in three ways, namely, ip-based, port-based, and FQDN-based (composed of host name and domain name, which usually refers to a site roll call). It is important to note that in httpd2.2, if you need to use virtual hosts, you need to disable # DocumentRoot in mian host first, while httpd2.4 does not. The characteristics of the three implementation methods are as follows:

The configuration method of virtual host:

ServerName FQDN DocumentRoot ""

The following are examples of three configurations.

Example of an IP-based virtual host: ServerName www.a.com DocumentRoot "/ www/a.com/htdocs" ServerName www.b.net DocumentRoot "/ www/b.net/htdocs" ServerName www.c.org DocumentRoot "/ www/c.org/htdocs" Port-based virtual host ServerName www.a.com DocumentRoot "/ www/ A.com/htdocs "ServerName www.b.net DocumentRoot" / www/b.net/htdocs "ServerName www.c.org DocumentRoot" / www/c.org/htdocs "FQDN-based virtual host ServerName www.a.com DocumentRoot" / www/a.com/htdocs "ServerName www.b.net DocumentRoot" / www/b .net / htdocs "ServerName www.c.org DocumentRoot" / www/c.org/htdocs "Note: if it is httpd-2.2 When using a FQDN-based virtual host, you need to use the following instructions in advance: NameVirtualHost IP:PORT

13. Status page

Status information for explicit pages

LoadModule status_module modules/mod_status.so # load web page status module

Example

SetHandler server-status Order allow,deny Allow from 172.16 httpd-2.4 SetHandler server-status Require ip 172.16

14. Curl command

For the use of the curl command, see the following figure.

15 、 user/group

Specify as which user to run the httpd service process

User apache

Group apache

16. Mod_deflate module

Compression is enabled when the bandwidth pressure is high, and enabling compression can not only optimize the transmission speed but also save bandwidth. The features of this module are as follows

Here is an example

Root@localhost html] # vim / etc/httpd/conf/httpd.conf SetOutputFilter DEFLATE # enable deflate [root@localhost conf.d] # vim deflate.conf # Restrict compression to these MIME types define the file type AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE application/xhtml+xml AddOutputFilterByType DEFLATE text/xml AddOutputFilterByType DEFLATE application/xml AddOutputFilterByType DEFLATE application/x-javascript AddOutputFilterByType DEFLATE text/javascript AddOutputFilterByType DEFLATE text/css # Level of compression (Highest) to be compressed 9-Lowest 1) DeflateCompressionLevel 9 # compression ratio The default is 6 # Netscape 4.x has some problems. BrowserMatch ^ Mozilla/4 gzip-only-text/html # Netscape 4.06-4.08 have some more problems BrowserMatch ^ Mozilla/4\ .0 [678] no-gzip # MSIE masquerades as Netscape, but it is fine BrowserMatch\ bMSI [E]! no-gzip! gzip-only-text/html

17 、 https,http over ssl

Https means that http is based on the ssl protocol, which makes users visit the site more securely.

The idea of configuring https in httpd is as follows:

(1) apply for a digital certificate for the server

For specific steps, please refer to my other blog, http://powermichael.blog.51cto.com/12450987/1933580.

(2) configure httpd to support the use of ssl and the certificates used

1. Install the ssl module yum-y install mod_ssl

two。 Modify the configuration file: / etc/httpd/conf.d/ssl.conf

File system path of DocumentRoot # URL map

ServerName # Hostname

SSLCertificateFile # sign the certificate file path

SSLCertificateKeyFile # path for storing private key files

(3) testing access to the corresponding host based on https

Openssl s_client [- connect host:port] [- cert filename] [- CApath directory] [- CAfile filename]

18. Httpd's own tool program

19. Httpd's stress testing tool

4.2 httpd2.4

The introduction of httpd2.4 is divided into four parts. Since the common configuration of httpd2.4 is similar to that of httpd2.2, I won't introduce you too much here. The differences have also been explained in the configuration of httpd2.2, so here we only introduce the httpd2.4 program environment, new features and new modules.

4.2.1 httpd2.4 program environment

Add: modify the file path of MPM module: / etc/httpd/conf.modules.d/00-mpm.conf

4.2.2 httpd2.4 common configuration (omitted, please refer to httpd2.2 common configuration)

4.2.3 what's new in httpd2.4

The new features of httpd2.4 are shown in the figure.

4.2.4 New httpd2.4 module

Mod_proxy_fcgi supports dynamic languages such as PHP

Mod_proxy_scgi SCGI Protocol with support for Python

Mod_remoteip acquires remote real access IP

To learn more about the new module features, please see the official website: http://httpd.apache.org/docs/2.4/new_features_2_4.html

5.httpd2.2 configuration Lab (supplementary)

5.1httpd2.2 configuration security scheme

1. Turn off some unused modules and functions

You can add # before LoadModule to comment out some unused modules

two。 Hide banner information

ServerTokens OS is modified to: ServerTokens Prod (the name of the server operating system is not displayed when an error page appears)

ServerSignature On is modified to: ServerSignature Off (apache version information is not echoed)

3. Configure httpd.conf to disable directory browsing

Change Options Indexes FollowSymLinks to Options-Indexes FollowSymLinks

4. Reasonably configure the running account of apache

Set up a separate running account and account group for apache, and configure it in httpd.conf

User apache

Group apache

5. Reasonably control the write and execute permissions of apache running account to disk.

Cancel the write permission of the apache running account to the website directory, except for the uploaded directory, and try not to give permission to other non-website directories.

6. Configure httpd.conf to cancel php execution permissions on the upload directory

Deny from all

7. Configure httpd.conf to restrict access to folders, such as background directories

Deny from all

8. Configure httpd.conf to restrict specific ip access to some special directories, such as internal interfaces, etc.

Order Deny,Allow

Deny from all

Allow from 192.168.1.111

9. Configure httpd.conf to restrict access to some file types, such as txt logs

Order allow,deny

Deny from all

10. Configure httpd.conf to modify the listening port to prevent some internal systems from being scanned

This can prevent some people from directly scanning port 80.

Listen 8080

11. Turn off support for .htaccess

AllowOverride All

Change to

AllowOverride None

twelve。 Configure httpd.conf to record access logs

5.2httpd2.2 virtual host configuration experiment based on FQDN

What you need to pay attention to.

1. Comment # DocumentRoot in the / etc/httpd/conf/httpd.conf file

two。 Write a configuration file for a virtual host in / etc/httpd/conf.d/*.conf (example below)

[root@god conf.d] # cat / etc/httpd/conf.d/www.conf NameVirtualHost 10.0.0.68 ServerName www1.stux.com DocumentRoot "/ web/vhosts/www1" CustomLog / web/vhosts/www1/access_log combined ErrorLog / web/vhosts/www1/error_log Options-Indexes-FollowSymLinks AllowOverride None Order allow Deny Allow from all Deny from 192.168.1.0 deny Allow from all Deny from 24 SetHandler server-status AuthType Basic AuthName "michael" AuthUserFile "/ etc/httpd/passwd.conf" Require user michael ServerName www2.stux.com DocumentRoot "/ web/vhosts/www2" CustomLog / web/vhosts/www2/access_log combined ErrorLog / web/vhosts/www2/error_log Options-Indexes-FollowSymLinks AllowOverride None Order allow Deny Allow from all SetHandler server-status AuthType Basic AuthName "michael" AuthUserFile "/ etc/httpd/passwd.conf" Require user michael

3. Use httpd-t to detect profile syntax

4. Restart the service: service httpd restart

5. Create the appropriate file (list only the main site directories and files mapped to URL)

[root@god www2] # cat / web/vhosts/www1/index.html IP:10.0.0.68webSite: www1.stuX.com [root@god www2] # cat / web/vhosts/www2/index.html WebSite: www2.stux.com

6. Add domain name resolution to the configuration file of the host

Hosts in windos:C:\ Windows\ System32\ drivers\ etc

Linux:/etc/hosts

[root@big ~] # cat / etc/hosts127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 big:: 1 localhost localhost.localdomain localhost6 localhost6.localdomain610.0.0.67 www.ilinux.io www.iunix.io10.0.0.68 www1.stux.com 10.0.0.68 www2.stux.com#10.0.0.110 www.huwho.cn

7. Testing (windows and linux hosts can be used)

6.httpd2.4 experiment

6.1httpd2.4 virtual host configuration experiment based on FQDN

1. Write a configuration file for a virtual host in / etc/httpd/conf.d/*.conf (example below)

[root@localhost ~] # cat / etc/httpd/conf.d/huwho.conf DocumentRoot "/ web/www/html/vhost1" ServerName "www.huwho.cn" Options FollowSymLinks AllowOverride None Require all granted DocumentRoot "/ web/www/html/vhost2" ServerName "web.huwho.com" Options FollowSymLinks AllowOverride None Require all granted

two。 Create a web site home directory

Mkdir / web/www/html/vhost {1.. 2}-pv

3. Write to index.html file

Echo www.huwho.cn > vhost1/index.html

Echo web.huwho.com > vhost2/index.html

4. Another test host writes domain name resolution (10.0.0.73)

[root@big ~] # cat / etc/hosts127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 big:: 1 localhost localhost.localdomain localhost6 localhost6.localdomain610.0.0.67 www.ilinux.io www.iunix.io10.0.0.68 www1.stux.com 10.0.0.68 www2.stux.com10.0.0.110 www.huwho.cn 10.0.0.110 web.huwho.com

5. Detection syntax

Httpd-t

6. Restart the server

Systemctl restart httpd

7.10.0.0.73 Host Test

[root@big ~] # curl www.huwho.cn www.huwho.cn [root@big ~] # curl web.huwho.com web.huwho.com

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.