linux-apache

Posted 2020-10-15

1.   ######## apache#######

企业中常用的web服务，用来提供http://(超文本传输协议)

2.apache的安装部署######

[[email protected] yum.repos.d]# yum install httpd-y  安装httpd

[[email protected] yum.repos.d]# rpm -qc httpd       查看httpd服务的配置

[[email protected] ~]# yum install httpd-manual-y  安装http手册

 

[[email protected] yum.repos.d]# systemctl starthttpd  开启httpd服务

[[email protected] yum.repos.d]# systemctl enablehttpd 设定http开机开启

[[email protected] yum.repos.d]# systemctl stopfirewalld     关闭防火墙

[[email protected] yum.repos.d]# systemctl disablefirewalld  设定开机关闭火墙

测试

            http://172.25.12.12

可在浏览器输入：http://172.25.12.12/manual    查看手册

[[email protected] ~]# cd /etc/httpd/conf.d

[[email protected] conf.d]# ls

autoindex.conf  manual.conf README  userdir.conf  welcome.conf

3.apche基础信息

主配置目录：             /etc/httpd/conf

[[email protected] conf.d]# vim/etc/httpd/conf/httpd.conf   编辑主配置文件

 

39 # prevent Apache from glomming onto allbound IP addresses.

 40 #

 41#Listen 12.34.56.78:80

 42Listen 80     默认端口为80  可在此处修改端口

 

[[email protected] conf.d]# systemctl restarthttpd   重启服务

主配置文件：             /etc/httpd/conf/httpd.conf

子配置目录：             /etc/httpd/conf.d/

子配置文件:              /etc/httpd/conf.d/*.conf

默认发布目录：            /var/www/html

默认发布文件：            index.html

默认端口：                80

默认安全上下文：           http_sys_content_t

程序开启默认用户：         apache

apache日志：             /etc/httpd/logs/*

 

报错时可查看日志

            > /var/log/messsages

            cat /var/log/messages

            cat /etc/httpd/logs/error_log

[[email protected] conf.d]# cd /var/www/html

[[email protected] html]# ls

[[email protected] html]#

[[email protected] html]# vim index.html  

 

1 <h1>你好！！！</h1>

 

163 <IfModule dir_module>

164    DirectoryIndex index.html   默认发布顺序  不存在时访问下一个

165 </IfModule>

 

[[email protected] html]# vim test.html

 

1 <h1>我很好！！！</h1>

 

[[email protected] html]# ls

index.html test.html

 

163 <IfModule dir_module>

164    DirectoryIndex test.html index.html

165 </IfModule>

 

修改默认发布目录

[[email protected] html]# pwd

/var/www/html

 

[[email protected] html]# mkdir -p /www/html     新创建目录

[[email protected] html]# vim /www/html/index.html 编辑文件

1 <h1> /www/html‘s page </h1>

 

118 #

119 DocumentRoot"/var/www/html"   默认发布目录

120

119 #DocumentRoot"/var/www/html"  修改默认发布目录

120 DocumentRoot "/www/html"

121 <Directory "/www">

122      Require all granted   授权

123 </Directory>

 

[[email protected] html]# ls -l /www/html

total 4

-rw-r--r--. 1 root root 28 Nov 18 21:30index.html

 

[[email protected] html]# getenforce   查看selinux状态

Enforcing

 

[[email protected] conf.d]# ls -Z /var/www/

drwxr-xr-x. root root system_u:object_r:httpd_sys_script_exec_t:s0 cgi-bin

drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 html

[[email protected] html]# semanage fcontext -a -t httpd_sys_content_t ‘/www(/.*)?‘ 更改安全上下文

[[email protected] html]# restorecon -RvvF /www/

[[email protected] html]# ls -Z /www/    查看安全上下文

drwxr-xr-x. root rootsystem_u:object_r:httpd_sys_content_t:s0 html

为了接下来实验方便  把修改的东西改回来！！！

4####### apache 的虚拟主机

 

[[email protected] html]# mkdir/var/www/virtual/linux.westos.com/html -p

[[email protected] html]# mkdir/var/www/virtual/c.westos.com/html -p

[[email protected] html]#  vim/var/www/virtual/linux.westos.com/html/index.html

 

1 <h1>www.westos.com</h1>

 

[[email protected] html]# vim /var/www/virtual/c.westos.com/html/index.html

 

1 <h1>c.westos.com</h1>

 

 

[[email protected] html]# pwd

/var/www/html

 

[[email protected] html]# cd /etc/httpd/conf.d/   切换到子配置目录

[[email protected] conf.d]# ls

autoindex.conf  manual.conf README  userdir.conf  welcome.conf

 

[[email protected] conf.d]# vim default.conf

 

1 <VirtualHost _default_:80>

 2           DocumentRoot"/var/www/html"

 3           CustomLog"logs/www.westos.com.logs" combined

  4</VirtualHost>

 

[[email protected] conf.d]# vim linux.conf

 

 <VirtualHost *:80>

 2           ServerNamelinux.westos.com   指定站点名称

 3           DocumentRoot"/var/www/virtual/linux.westos.com/html" 站点默认发布目录

 4           CustomLog"logs/linux.westos.com.logs" combined   站点日志combiend标志四种日至的集合

  5</VirtualHost>

  6<Directory "/var/www/virtual/linux.westos.com/html">

 7           Require all granted

  8</Directory>

 

[[email protected] conf.d]# vim c.conf

 

1 <VirtualHost *:80>

 2           ServerNamec.westos.com

 3           DocumentRoot"/var/www/virtual/c.westos.com/html"

 4           CustomLog"logs/c.westos.com.logs" combiend

  5</VirtualHost>

  6<Directory "/var/www/virtual/c.westos.com/html">

 7           Require all granted

  8</Directory>

 

[[email protected] conf.d]# systemctl restarthttpd  重启

 

[[email protected] conf.d]# ls

autoindex.conf  default.conf manual.conf  userdir.conf

c.conf          linux.conf    README      welcome.conf

[[email protected] conf.d]# mv default.confadefault.conf   重命名

 

 

本地做好解析

[[email protected] conf.d]# vim /etc/hosts

 

 

 

5.##### apche 内部的访问控####

针对与主机的访问控制

[[email protected] conf.d]# mkdir /var/www/html/test

[[email protected] conf.d]# vim/var/www/html/test/index.html

 

1 <h1>都会成为回忆！！！</h1>

~                                      

 

[[email protected] conf.d]# vim adefault.conf

 6           Order allow,deny  列表读取顺序，后读取的列表会覆盖先读取内容的重复部分

 

[[email protected] conf.d]# systemctl restart httpd

12主机访问被拒绝

 

6. ####用户方式的访问控制####

[[email protected] conf.d]# htpasswd -cm/etc/httpd/userpass admin  创建用户admin

 

 

[[email protected] conf.d]# vim adefault.conf

 

 

[[email protected] conf.d]# mkdir/var/www/html/admin

[[email protected] conf.d]# vim /var/www/html/admin/index.html

 1<h1>admin‘s page</h1>

 

[[email protected] conf.d]# systemctl restart httpd

 

 

[[email protected] conf.d]# htpasswd -m/etc/httpd/userpass admin1   不能 -cm 不然前面的会覆盖

 

[[email protected] conf.d]# vim adefault.conf

 

 

 

 

[[email protected] conf.d]# cd /var/www/html

[[email protected] html]# ls

admin index.html  test  test.html

[[email protected] html]# vim index.php

 

[[email protected] html]# yum install php -y       安装php

[[email protected] html]# cd /etc/httpd/conf.d/

[[email protected] conf.d]# ls

adefault.conf   c.conf     manual.conf  README        welcome.conf

autoindex.conf  linux.conf php.conf     userdir.conf

[[email protected] conf.d]# systemctl restart httpd

[[email protected] conf.d]# vim/etc/httpd/conf/httpd.conf

[[email protected] conf.d]# systemctl restart httpd

 

 

[[email protected] conf.d]# cd /var/www/html/

[[email protected] html]# ls

admin index.html  index.php  test test.html

[[email protected] html]# mkdir cgi      新建目录cgi

[[email protected] html]# cd cgi/

[[email protected] cgi]# vim index.cgi

1 #!/usr/bin/perl

 

[[email protected] cgi]# chmod +x index.cgi    给权限

 

[[email protected] cgi]# ./index.cgi             执行下脚本确保无误

Content-type: text/html

 

Sat Nov 18 23:18:53 CST 2017

 

[[email protected] cgi]# cd /var/www/html

[[email protected] html]# ls

admin cgi  index.html  index.php test  test.html

 

[[email protected] html]# cd /etc/httpd/conf.d/

 

[[email protected] conf.d]# vim adefault.conf

 

 

[[email protected] conf.d]# systemctl restart httpd

 

[[email protected] conf.d]# getenforce

Enforcing

[[email protected] conf.d]# setenforce 0   调整selinux为警告态

 

[[email protected] conf.d]# semanage fcontext -a -thttpd_sys_script_exec_t ‘/var/www/html/cgi(/.*)?‘                                 更改上下文

[[email protected] conf.d]# restorecon -RvvF/var/www/html/cgi

 

[[email protected] conf.d]# ss -antluep | grep 443

[[email protected] conf.d]# yum install mod_ssl -y     安装

[[email protected] conf.d]# systemctl restart httpd

[[email protected] conf.d]# yum install crypto-utils-y

[[email protected] conf.d]# genkey www.westos.com

 

[[email protected] html]# cd /etc/httpd/conf.d/

[[email protected] conf.d]# ls

adefault.conf   c.conf     manual.conf  README    userdir.conf

autoindex.conf  linux.conf php.conf     ssl.conf  welcome.conf

 

[[email protected] conf.d]# vim ssl.conf

 

 

[[email protected] conf.d]# systemctl restart httpd

 

[[email protected] ~]# mkdir -p/var/www/html/virtual/login.westos.com/html

[[email protected] ~]# vim/var/www/html/virtual/login.westos.com/html/index.html

 <h1>login.westos.com‘s page</h1>

[[email protected] ~]# vim/etc/httpd/conf.d/login.conf

 <VirtualHost *:443>

 2        ServerNamelogin.westos.com

 3        DocumentRoot/var/www/html/virtual/login.westos.com/html

 4        CustomLog"logs/login.logs" combined

 5        SSLEngine On

 6        SSLCertificateFile/etc/pki/tls/certs/www.westos.com.crt

 7        SSLCertificateKeyFile/etc/pki/tls/private/www.westos.com.key

  8</VirtualHost>

  9<Directory "/var/www/html/virtual/login.westos.com/html">

 10       Require all granted

 11</Directory>

 12<VirtualHost *:80>

 13       ServerName login.westos.com

 14       RewriteEngine On

 15       RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]

 16</VirtualHost>

 

[[email protected] ~]# systemctl restart httpd

 

[[email protected] html]# vim /etc/hosts

 

3 172.25.12.12 linux.westos.comc.westos.com westos.com www.westos.com login.westos.com