Shulou(Shulou.com)06/02 Report--

# Apache web service #

The topics covered in this module are:

* basic Apache configuration

* Virtual host configuration

* HTTPS configuration

* integrate dynamic content

# basic Apache configuration #

Apache main configuration file: / etc/httpd/conf/httpd.conf

ServerRoot "/ etc/httpd" is used to specify the running directory of Apache Listen 80 listening port User apache users and groups of Group apacheServerAdmin root@localhost administrators running apache programs mailbox DocumentRoot "/ var/www/html" web page file storage directory statement block custom directory permissions Require all grantedErrorLog "logs/error_log" error Error log storage location AddDefaultCharset UTF-8 default supported language IncludeOptional conf.d/*.conf loads other configuration files DirectoryIndex index.html default home page name

# installation of apache #

Yum install httpd-y install apache package

Systemctl start httpd starts the apache service

Systemctl stop firewalld

Systemctl enable httpd

Systemctl disable firewalld

Netstat-antlpe | grep httpd # # View the listening port

# basic configuration of apache #

Default release file for 1.apache

Index.html

Configuration file for 2.apache

/ etc/httpd/conf/httpd.conf

/ etc/httpd/conf.d/*.conf

Default release directory for 3.apache

/ var/www/html

Publish files by default

Default port for 4.apache

eighty

# modify the basic configuration of apache #

1. Modify the default publish file

Vim / etc/httpd/conf/httpd.conf

164For DirectoryIndex westos.html index.html # # default home page name

Systemctl restart httpd

two。 Modify the default publishing directory

# when selinux is in disable status

Vim / etc/httpd/conf/httpd.conf

120 DocumentRoot "/ westos/www/html" # # the storage directory of web files 121 # # statement block custom directory permission 122Require all granted123

Systemctl restart httpd

# # when selinux is Enforcing status

Semanage fcontext-a-t httpd_sys_content_t'/ westos (/. *)?'# # configure the security context

Restorecon-RvvF / westos

Test: 172.25.254.162

Access Control of 3.apache

Vim / etc/httpd/conf/httpd.conf

# # allow everyone to access the admin directory but deny 62 host Order Allow,Deny Allow from All Deny from 172.25.254.62

# # only 62 hosts are allowed to access the admin directory Order Deny,Allow Allow from 172.25.254.62 Deny from All

Systemctl restart httpd

Test: 172.25.254.162/admin/

# set user access #

# create an Apache password file with two accounts

Htpasswd-cm / etc/httpd/accessuser admin # # establish user authentication file and set password for user admin 123

Htpasswd-m / etc/httpd/accessuser cui # # create authenticated user cui with password 123

Vim / etc/httpd/conf/httpd.conf # # configure user-based authentication

AuthUserFile/etc/httpd/accessuser # # user authentication file AuthName "Please input yourname and password!" # # user authentication prompt information AuthType basic # # authentication type Require valid-user # # authenticate users, all users in the authentication file can pass or [Require user admin] # # only admin users in the authentication file are allowed to access

Systemctl restart httpd # # restart the apache service and test the access using a Web browser, and enter the above user name and password in the pop-up dialog box.

Test: 172.25.254.162/admin/

4.apache language support

Html language support

Php language support

Yum install php-y # # install the php service

Vim / var/www/html/index.php # # write php test

Systemctl restart httpd

Test: 172.25.254.162

* * cgi language support

Mkdir / var/www/html/cgi

Vim / var/www/html/cgi/index.cgi # # publish the contents of the file home page by default

#! / usr/bin/perlprint "Content-type: text/html\ n\ n"; print `date`

Vim / etc/httpd/conf/httpd.conf

# # webpage file directory Options + ExecCGI AddHandler cgi-script .cgi DirectoryIndex index.cgiindex.html # # default access home page name

Systemctl restart httpd

Chmod + x index.cgi # # add execution permissions to the file

Test:

172.25.254.136/cgi/

# Virtual host of Apache #

1. Define

We can let one of our apache servers display different home pages when different domain names are accessed.

Virtual hosting allows you to serve multiple websites at the same time from a single httpd server. In this section, we will learn about name-based virtual hosts where multiple hostnames point to the same IP address, but the Web server provides different sites with different content based on the hostname used to reach the site.

two。 Create a test page

# create a web page publishing directory #

Mkdir / var/www/virtual/money.westos.com/html-p

Mkdir / var/www/virtual/news.westos.com/html-p

Echo "news.westos.coms's page" > / var/www/virtual/news.westos.com/html/index.html

Echo "money.westos.coms's page" > / var/www/virtual/money.westos.com/html/index.html

3. Configuration # # create a virtual host profile

Vim / etc/httpd/conf.d/default.conf # # access to default for unspecified domain names

# this is the block that defines the virtual host

# # Port opened by virtual host DocumentRoot "/ var/www/html" # # Virtual host default release directory CustomLog "logs/default.log" combined # # virtual host log

Vim / etc/httpd/conf.d/news.conf # # specifies the access of the domain name news.westos.com to the specified default publishing directory

ServerName "news.westos.com" # # specify server name DocumentRoot "/ var/www/virtual/news.westos.com/html" # # access authorization for default publishing directory CustomLog "logs/news.log" combined # # virtual host log # # statement block custom directory permission Require all granted

Vim / etc/httpd/conf.d/money.conf

ServerName "money.westos.com" DocumentRoot "/ var/www/virtual/money.westos.com/html" CustomLog "logs/money.log" combined Require all granted

Systemctl start httpd # # start the apache service

4. test

In the host where the browser is located

Vim / etc/hosts

172.25.254.136 www.westos.comnews.westos.com money.westos.com

# https#

1.https definition

Encrypted via ssl

two。 Configuration

Yum install mod_ssl-y # # install the certificate and its private key

Yum install crypto-utils-y # # install the crypto-utils package

Genkey www.westos.com # # calls genkey and specifies a unique name for the generated file

# # record the location of the generated certificate (www.westos.com.crt) and associated private key (www.westos.com.key):

# # continue to use the dialog box and select the appropriate key size:

# # it is slow to generate random numbers. Tapping the keyboard and moving the mouse can speed up.

# # refuse to send a certificate request (CSR) to the certification authority (CA).

# # refusing to encrypt the private key

# # provide an appropriate identity for the server

# # get / etc/pki/tls/certs/www.westos.com.crt

/ etc/pki/tls/private/www.westos.com.key

# # Edit / etc/httpd/conf.d/ssl.conf and set the SSLCertificateFile and SSLCertificateKeyFile directives to point to the X.509 certificate and key file, respectively.

Vim / etc/httpd/conf.d/login.conf

# # access ServerName "login.westos.com" # # specify the server name DocumentRoot "/ var/www/virtual/login.westos.com/html" # # the directory where the webpage file is stored, CustomLog "logs/login.log" combined # # Log ssLEngine on # # enable https function SSLCertificateFile / etc/pki/tls/certs/www.westos.com.crt # # Certificate SSLCertificateKeyFile/etc/pki/tls/private/www.westos.com.key # # key Require all granted # # Web page rewrite redirect all requests on port 80 to https to handle ServerName "login.westos" .com "REwriteEngine on RewriteRule^ (/. *) $https://%{HTTP_HOST}$1 [redirect=301] # ^ (/. *) $https://%{HTTP_HOST}$1 [redirect=301] parses # ^ (/ .*) $all characters written by the client host in the address bar Bad newline character # https:// successful access protocol #% {HTTP_HOST} customer request host # $1 $1 value represents ^ (/. *) $value # [redirect=301] temporary redirect 302 permanent redirection

Mkdir / var/www/virtual/login.westos.com/html-p

Vim / var/www/virtual/login.westos.com/html/index.html

Haha www.westos.com

Systemctl restart httpd

Test:

Add resolution to the customer host

Vim / etc/hosts

172.25.254.136 login.westos.com

Access to http://login.westos.com will automatically jump to

Implementing encrypted Transmission of Web Page data with https://login.westos.com

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.