Shulou(Shulou.com)06/01 Report--

1. Please describe a complete http request processing process

2. What are the processing models supported by httpd and which environments are used respectively.

3, the source code compiles and installs the LAMP environment (based on the wordpress program), and writes out the detailed installation, configuration and testing process.

4. Set up a httpd server (based on compilation), which requires:

Provide two name-based virtual hosts:

(a) www1.stuX.com, page file directory is / web/vhosts/www1; error log is / var/log/httpd/www1.err, access log is / var/log/httpd/www1.access

(B) www2.stuX.com, page file directory is / web/vhosts/www2; error log is / var/log/httpd/www2.err, access log is / var/log/httpd/www2.access

(C) create a respective home page file index.html for the two virtual hosts, each with their corresponding hostnames

(d) output httpd working status information via www1.stuX.com/server-status, and access only if account password is provided (status:status)

5. Provide https service for the second virtual host in question 4, so that users can securely access the web site through https

(1) Certificate authentication is required, and countries (CN), states (HA), cities (ZZ) and organizations (MageEdu) required to be used in the certificate

(2) set the department to Ops, the host name to www2.stuX.com, and the email to admin@stuX.com

6. In the LAMP architecture, please support httpd by compiling php to httpd module and php using fpm as an independent daemon, and list the detailed process.

1. A complete http request processing process:

(1) establish or process a connection: receive or reject a request

(2) receive request: the process of receiving a request for a specific resource from a host request message on the network

(3) processing the request: parsing the request message to obtain the resources and methods requested by the client and other related information

(4) access resources: obtain the requested resources in the request message

(5) build a response message:

(6) send a response message:

(7) logging:

What are the processing models supported by 2.httpd and the environments in which they are used?

Prefork: a multi-process model in which each process responds to a request

A main process: responsible for generating and recycling child processes; responsible for creating sockets; responsible for receiving requests and dispatching them to a child process for processing

N child processes: each child processes a request

Working model: there are several idle processes waiting at any time to respond to user requests; maximum and minimum idle

Worker: a multi-process, multi-threaded model that handles one user request per thread

A main process: responsible for generating child processes; responsible for creating sockets; responsible for receiving requests and dispatching them to a child process for processing

Multiple child processes: each child process is responsible for generating multiple threads

Each thread: responsible for responding to user requests

Number of concurrent responses: mendn

M: number of child processes

N: the maximum number of threads each child process can create

Event: event-driven model, multi-process model, each process responds to multiple requests

A main process: responsible for generating child processes; responsible for creating sockets; responsible for receiving requests and dispatching them to a child process for processing

Child processes: respond directly to multiple requests based on event-driven mechanisms

3. The source code compiles and installs the LAMP environment (based on the wordpress program), and writes out the detailed installation, configuration and testing process.

Install httpd2.4.9,php5.4.26 and universal binary mariadb5.5.36 in centos6.5 environment as follows:

(1)。 Compile and install httpd2.4.9

Install httpd-2.4, depending on apr-1.4+,apr-util-1.4+, [apr-iconv], apr: apacheportable runtime

First install the development environment package group: DevelopmentTools, Server Platform Development development package: pcre-devel

[root@localhost~] # yum groupinstall server platform development tools

[root@localhostdylan] # tar-xjvf apr-1.5.0.tar.bz2

[root@localhostdylan] # cd apr-1.5.0

[root@localhostapr-1.5.0] #. / configure-prefix=/usr/local/apr

[root@localhostapr-1.5.0] # make & & make install # install apr-1.5.0

[root@localhostdylan] # tar-xjvf apr-util-1.5.3.tar.bz2

[root@localhostdylan] # cd apr-util-1.5.3

[root@localhostapr-util-1.5.3] # / configure-- prefix=/usr/local/apr-util-- with-apr=/usr/local/apr

[root@localhostapr-util-1.5.3] # make & & make install # install apr-util-1.5.3

# decompress httpd

[root@localhostdylan] # tar-xjvf httpd-2.4.9.tar.bz2

[root@localhostdylan] # cd httpd-2.4.9

# install prerequisites

[root@localhosthttpd-2.4.9] # yum install openssl openssl-devle pcre pcre-devel-y

[root@localhosthttpd-2.4.9] # / configure-- prefix=/usr/local/apache24--sysconfdir=/etc/httpd24-- enable-so--enable-ssl-- enable-cgi-- enable-rewrite-- with-zlib-- with-pcre--with-apr=/usr/local/apr-- with-apr-util=/usr/local/apr-util--enable-modules=most-- enable-mpms-shared=all-- with-mpm=prefork

[root@localhosthttpd-2.4.9] # make & & make install # install httpd-2.4.9

# add apachectl command path to PATH after compilation and installation

[root@localhost/] # vim / etc/profile.d/httpd.sh

ExportPATH=/usr/local/apache24/bin:$PATH # add environment variables

(2)。 Install mariadb-5.5.36-linux-x86_64.tar.gz in universal binary format

First prepare the data catalog:

[root@localhost/] # mkdir-pv / mydata/data

[root@localhost/] # groupadd-r-g 306 mysql # add mysql group

[root@localhost/] # useradd-r-g 306-u 306 mysql # add mysql users

[root@localhost/] # chown-R mysql.mysql / mydata/data/

Installation configuration

[root@localhost/] # tar xf mariadb-5.5.36-linux-x86_64.tar.gz-C / usr/local/ # extract to / usr/local directory

[root@localhost/] # cd / usr/local/

[root@localhostlocal] # ln-sv mariadb-5.5.36-linux-x86_64/ mysql # Link to the mysql directory

[root@localhostlocal] # cd / usr/local/mysql/

[root@localhostmysql] # chown-R root:mysql. / * # change the master group

[root@localhostmysql] # scripts/mysql_install_db-- user=mysql-- datadir=/mydata/data # create data

[root@localhostmysql] # cp support-files/my-large.cnf / etc/mysql/my.cnf # copy configuration file

[root@localhostmysql] # vim / etc/mysql/my.cnf # add to the mysqld configuration section

Datadir= / mydata/data

Skip_name_resolve= ON

Innodb_file_per_table= ON

[root@localhostmysql] # cp support-files/mysql.server / etc/init.d/mysqld # replication service startup configuration file

[root@localhostmysql] # chkconfig-- add mysqld # add mysqld service

[root@localhostmysql] # chkconfig mysqld on # Service self-startup,

# output mysql header file to system header file path / usr/include

[root@localhostmysql] # ln-sv / usr/local/mysql/include / usr/include/mysqld

"/ usr/include/mysqld"-> "/ usr/local/mysql/include"

# output mysql library files to the system library to find the path

[root@localhostmysql] # echo'/ usr/local/mysql/lib' > / etc/ld.so.conf.d/mysql.conf

[root@localhostmysql] # ldconfig # system reloads the system library

[root@localhost~] # ldconfig-p | grep mysql # View mysql library file read

Libmysqld.so.18 (libc6,x86-64) = > / usr/local/mysql/lib/libmysqld.so.18

Libmysqld.so (libc6,x86-64) = > / usr/local/mysql/lib/libmysqld.so

Libmysqlclient_r.so.16 (libc6,x86-64) = > / usr/lib64/mysql/libmysqlclient_r.so.16

Libmysqlclient.so.18 (libc6,x86-64) = > / usr/local/mysql/lib/libmysqlclient.so.18

Libmysqlclient.so.16 (libc6,x86-64) = > / usr/lib64/mysql/libmysqlclient.so.16

Libmysqlclient.so (libc6,x86-64) = > / usr/local/mysql/lib/libmysqlclient.so

# modify PATH environment variables

[root@localhostmysql] # vim / etc/profile.d/mysql.sh

ExportPATH=/usr/local/mysql/bin:$PATH

[root@localhostmysql] #. / etc/profile.d/mysql.sh # reread the configuration file

[root@localhostbin] # mysql_secure_installation # mysql Security reinforcement # run this command to set up

(3)。 Compile and install php-5.4.26.tar.bz2

[root@localhostdylan] # yum install libxml2-devel libmcrypt-devel bzip2-devel-y

[root@localhostdylan] # tar xf php-5.4.26.tar.bz2

[root@localhostdylan] # cd php-5.4.26

[root@localhostphp-5.4.26] # / configure-- prefix=/usr/local/php-- with-mysql=/usr/local/mysql--with-openssl-- with-mysqli=/usr/local/mysql/bin/mysql_config--enable-mbstring-- with-png-dir-- with-jpeg-dir-- with-freetype-dir--with-zlib-- with-libxml-dir=/usr-- enable-xml-- enable-sockets--with-apxs2=/usr/local/apache24/ Bin/apxs-with-mcrypt--with-config-file-path=/etc-with-config-file-scan-dir=/etc/php.d-with-bz2

[root@localhostphp-5.4.26] # make & & make install

[root@localhostphp-5.4.26] # cp php.ini-production / etc/php.ini # copy php configuration file

[root@localhostphp-5.4.26] # cd / etc/httpd24

[root@localhosthttpd24] # cp httpd.conf {, .backup}

# to enable httpd to identify php dynamic resources and submit them to httpd's php module (engine), it is necessary to edit the configuration file of httpd

[root@localhosthttpd24] # vim httpd.conf

AddTypeapplication/x-compress .Z

AddTypeapplication/x-gzip .gz .tgz

AddTypeapplication/x-httpd-php .php # add this item to identify files ending in php

DirectoryIndex index.php index.html # DirectoryIndex add index.php to identify this type as the home page

(4) install wordpress-4.7.4-zh_CN.tar.gz

[root@localhostdylan] # tar-xf wordpress-4.7.4-zh_CN.tar.gz-C / usr/local/apache24/htdocs/

[root@localhosthtdocs] # cd / usr/local/apache24/htdocs/wordpress/

[root@localhostwordpress] # cp wp-config-sample.php wp-config.php # copy configuration file

[root@localhostwordpress] # mysql-uroot-p123456

MariaDB [(none)] > create database wpdb; # create wpdb database

QueryOK, 1 row affected (0.06 sec)

MariaDB [(none)] > grant all on wpdb.* to "wp" @ "192.168%.%" identified by "wordpress"; # authorized user

QueryOK, 0 rows affected (0.04 sec)

Define ('DB_NAME','wpdb')

[root@localhostwordpress] # vim wp-config.php # Edit configuration information

/ * * name of WordPress database * /

Define ('DB_NAME','wpdb')

/ * * MySQL database user name * /

Define ('DB_USER','wp')

/ * * MySQL database password * /

Define ('DB_PASSWORD','wordpress')

/ * * MySQL host * /

Define ('DB_HOST','192.168.0.113')

[root@localhostwordpress] # apachectl restart

Open the page display

Display after filling in the information

At this point, the installation is complete.

4. Set up a httpd server (based on compilation). It is required to provide two name-based virtual hosts:

(a) www1.stuX.com, page file directory is / web/vhosts/www1; error log is / var/log/httpd/www1.err, access log is / var/log/httpd/www1.access

(B) www2.stuX.com, page file directory is / web/vhosts/www2; error log is / var/log/httpd/www2.err, access log is / var/log/httpd/www2.access

(C) create a respective home page file index.html for the two virtual hosts, each with their corresponding hostnames

(d) output httpd working status information via www1.stuX.com/server-status, and access only if account password is provided (status:status)

[root@localhost ~] # mkdir-pv/web/vhosts/ {www1,www2} # create a file directory

[root@localhost ~] # mkdir-pv/var/log/httpd

[root@localhost ~] # echo "www1.stuX.com" > / web/vhosts/www1/index.html # contents of the home page file

[root@localhost ~] # echo "www2.stuX.com" > / web/vhosts/www2/index.html

[root@localhost ~] # vim/etc/httpd24/httpd.conf

# DocumentRoot "/ usr/local/apache24/htdocs" # Annotation Center Host

Include / etc/httpd24/extra/vhost.conf # add profile

[root@localhost ~] # vim/etc/httpd24/extra/vhost.conf # configure virtual host

ServerNamewww1.stux.com

DocumentRoot "/ web/vhosts/www1"

ErrorLog "/ var/log/httpd/www1.err"

CustomLog "/ var/log/httpd/www1.access" combined

OptionsNone

AllowOverrideNone

Requireall granted

SetHandlerserver-status

AuthTypeBasic

AuthName "Enter username and password"

AuthUserFile "/ etc/httpd24/.htpasswd"

Requireuser status

ServerNamewww2.stux.com

DocumentRoot "/ web/vhosts/www2"

ErrorLog "/ var/log/httpd/www2.err"

CustomLog "/ var/log/httpd/www2.access" combined

OptionsNone

AllowOverrideNone

Requireall granted

[root@localhost ~] # htpasswd-c-m/etc/httpd24/.htpasswd status # # generate authentication file and add-c for the first time

New password:

Re-type new password:

Adding password for user status

[root@localhost ~] # httpd-t # Test configuration file

Syntax OK

[root@localhost ~] # apachectl restart # restart the service

Test:

Need to configure hosts file to add 192.168.0.113 www1.stux.com

192.168.0.113 www2.stux.com

Test status

Summary: 2.4 virtual host configuration files compiled and installed are different from 2.2

The IP-based access control has been modified. It no longer supports the use of order, allow and deny mechanisms, but uniformly uses require.

Virtual hosts based on hostnames no longer require NameVirtualHost instructions

Note: pages in any directory can only be accessed by explicit authorization

5. Provide https service for the second virtual host in question 4, so that users can securely access the web site through https

(1) Certificate authentication is required, and countries (CN), states (HA), cities (ZZ) and organizations (MageEdu) required to be used in the certificate

(2) set the department to Ops, the host name to www2.stuX.com, and the email to admin@stuX.com

# for testing purposes, CA and httpd are located on the same host

# first, create a private CA, create a certificate signing request and a CA visa on the server

[root@localhost] # rpm-Q openssl

Openssl-1.0.1e-57.el6.x86_64

[root@localhost ~] # (umask 077opensslgenrsa-out / etc/pki/CA/private/cakey.pem 4096) # create a private key

Generating RSA private key, 4096 bit longmodulus

.

. +. +

E is 65537 (0x10001)

[root@localhost ~] # openssl req-new-x509-key / etc/pki/CA/private/cakey.pem-out / etc/pk # generate self-signed certificate

I/CA/cacert.pem-days 3650You are about tobe asked to enter information that will be incorporated

Into your certificate request.

What you are about to enter is what iscalled a Distinguished Name or a DN.

There are quite a few fields but you canleave some blank

For some fields there will be a defaultvalue

If you enter'., the field will be leftblank.

-

Country Name (2 letter code) [XX]: CN

State or Province Name (full name) []: HA

Locality Name (eg, city) [Default City]: ZZ

Organization Name (eg, company) [DefaultCompany Ltd]: MageEdu

Organizational Unit Name (eg, section) []: Ops

Common Name (eg, your name or your server'shostname) []: ca.stuX.com

Email Address []: admin@stuX.com

[root@localhost ~] # touch/etc/pki/CA/index.txt # provide auxiliary files for CA

[root@localhost ~] # echo 01 > / etc/pki/CA/serial

[root@localhost ~] # mkdir / etc/httpd24/ssl

[root@localhost ~] # cd / etc/httpd24/ssl/

[root@localhost ssl] # (umask 077 / opensslgenrsa-out / etc/httpd24/ssl/httpd.key 2048) # httpd hosts generate private keys

Generating RSA private key, 2048 bit longmodulus

. +

. +

E is 65537 (0x10001)

# httpd generates a certificate signing request

[root@localhost ssl] # openssl req-new-key/etc/httpd24/ssl/httpd.key-out / etc/httpd24/ssl/httpd.csr-days 365

You are about to be asked to enterinformation that will be incorporated

Into your certificate request.

What you are about to enter is what iscalled a Distinguished Name or a DN.

There are quite a few fields but you canleave some blank

For some fields there will be a defaultvalue

If you enter'., the field will be leftblank.

-

Country Name (2 letter code) [XX]: CN

State or Province Name (full name) []: HA

Locality Name (eg, city) [Default City]: ZZ

Organization Name (eg, company) [DefaultCompany Ltd]: MageEdu

Organizational Unit Name (eg, section) []: Ops

Common Name (eg, your name or your server'shostname) []: www2.stuX.com

Email Address []: admin@stuX.com

Please enter the following 'extra'attributes

To be sent with your certificate request

A challenge password []:

An optional company name []:

# sign the certificate directly because it belongs to the same host for testing

[root@localhost ssl] # openssl ca-in/etc/httpd24/ssl/httpd.csr-out / etc/pki/CA/certs/httpd.crt-days 365Usingconfiguration from / etc/pki/tls/openssl.cnf

Check that the request matches thesignature

Signature ok

Certificate Details:

Serial Number: 1 (0x1)

Validity

Not Before: Jun 26 08:04:53 2017 GMT

Not After: Jun 26 08:04:53 2018 GMT

Subject:

CountryName = CN

StateOrProvinceName = HA

OrganizationName = MageEdu

OrganizationalUnitName = Ops

CommonName = www2.stuX.com

EmailAddress = admin@stuX.com

X509v3 extensions:

X509v3 Basic Constraints:

CA:FALSE

Netscape Comment:

OpenSSL Generated Certificate

X509v3 Subject Key Identifier:

9B:20:A6:09:86:E1:F2:05:94:D7:ED:33:57:D2:A1:FE:95:C9:3F:47

X509v3 Authority Key Identifier:

Keyid:85:26:25:F4:82:7C:86:25:B1:73:B0:C5:57:24:41:86:81:2A:24:FA

Certificate is to be certified until Jun 2608 days 04 days 53 2018 GMT

Sign the certificate? [y/n]: y

1 out of 1 certificate requests certified,commit? [y/n] y

Write out database with 1 new entries

Data Base Updated

[root@localhost ssl] # cp/etc/pki/CA/certs/httpd.crt / etc/httpd24/ssl/ # send the certificate to httpd

# configure httpd to support the use of ssl and certificates used

[root@localhost ssl] # vim/etc/httpd24/httpd.conf # Edit httpd configuration file

Include / etc/httpd24/extra/httpd-ssl.conf # # enable ssl configuration file, remove #

LoadModule ssl_module modules/mod_ssl.so # # enable ssl mode fast, remove #

[root@localhost ssl] # vim/etc/httpd24/extra/httpd-ssl.conf # Edit ssl configuration file

DocumentRoot "/ web/vhosts/www2"

ServerName www2.stuX.com

ServerAdmin you@example.com

ErrorLog "/ var/log/httpd/www2.ssl.err"

SSLEngine on

SSLCertificateFile "/ etc/httpd24/ssl/httpd.crt" # Certificate path

SSLCertificateKeyFile "/ etc/httpd24/ssl/httpd.key" # Private key path

OPtions None

AllowOverride None

Require all granted

TransferLog "/ var/log/httpd/www2.ssl.access"

[root@localhost ssl] # httpd-t # error occurred in the test

AH00526: Syntax error on line 73 of/etc/httpd24/extra/httpd-ssl.conf:

SSLSessionCache: 'shmcb' session cache notsupported (known names:). Maybe you need to lo

Ad the appropriate socache module (mod_socache_shmcb?)

[root@localhost ssl] # vim/etc/httpd24/httpd.conf

LoadModule socache_shmcb_modulemodules/mod_socache_shmcb.so # # enable this module, remove #

[root@localhost ssl] # httpd-t

Syntax OK

[root@localhost ssl] # apachectl restart

test

[root@localhost ~] # vim / etc/host # Edit hosts file to add httpd host Ip

192.168.0.113 www2.stuX.com

[root@localhost ~] # openssl s_client-connect www2.stuX.com:443

6. In the LAMP architecture, please support httpd by compiling php to httpd module and php using fpm as an independent daemon, and list the detailed process. (detailed description of the next blog)

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.