环境配置:
配置DNS以便域名解析
- 安装Bind软件包。
yum install -y bind
2. 修改Bind配置文件。
vim /etc/named.conf
listen-on port 53 { 192.168.200.101; };
allow-query { any; };
vim /etc/named.rfc1912.zones
zone "a.com" IN {
type master;
file "a.com.localhost";
allow-update { none; };
};
3. 修改Bind区域文件。
cd /var/named/
cp -p named.localhost a.com.loaclhost
vim a.com.loaclhost
$TTL 1D
@ IN SOA a.com. rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.a.com.
dns A 192.168.200.101
www A 192.168.200.102
m A 192.168.200.102
4. Bind服务器语法检查,启动Bind服务。
named-checkconf /etc/named.conf
named-checkconf /etc/named.rfc1912.zones
named-checkzone a.com /var/named/a.com.localhost
systemctl start named
systemctl enable named
WEB服务器安装apache软件包。
yum install -y httpd httpd-devel
虚拟目录
- 虚拟目录配置。
vim /etc/httpd/conf/httpd.conf
95 ServerName www.a.com:80
vim /etc/httpd/conf.d/vhost.conf
alias /vshare "/var/www/share"
<directory "/var/www/share">
allowoverride none
options includesnoexec
order allow,deny
allow from all
</directory>
2. 创建站点目录,配置默认文档
mkdir /var/www/share/
echo "share" > /var/www/share/index.html
chown apache:apache /var/www/share/
3. apache语法检测,启动apache服务
httpd -t
systemctl start httpd
4. 客户端dns设置为192.168.200.101,然后访问www.a.com/vshare
用户认证
- 虚拟目录配置。
vim /etc/httpd/conf.d/vhost.conf
alias /vhome "/var/www/home"
<directory "/var/www/home">
authtype basic
authname "enter user and password"
authuserfile /etc/httpd/users-password
require valid-user
options Includesnoexec
allowOverride none
order allow,deny
allow from all
</directory>
2. 创建站点目录,配置默认文档
mkdir /var/www/home/
echo "home" >/var/www/home/index.html
chown apache:apache /var/www/home
3. 创建用户认证
htpasswd -c /etc/httpd/users-password user123
htpasswd /etc/httpd/users-password user456 #第二次创建不加-c
4. apache语法检测,启动apache服务
httpd -t
systemctl restart httpd
5. 客户端dns设置为192.168.200.101,然后访问www.a.com/vhome
基于端口的虚拟主机
- 虚拟目录配置。
vim /etc/httpd/conf/httpd.conf
97 ServerName www.a.com:80
42 listen 80
listen 8888
listen 9999
vim /etc/httpd/conf.d/vhost.conf
<virtualhost www.a.com:8888>
servername www.a.com:8888
serveradmin [email protected]
documentroot /var/www/port8888
errorlog logs/port8888/error.log
customlog logs/port8888/access.log combined
</virtualhost>
<virtualhost www.a.com:9999>
servername www.a.com:9999
serveradmin [email protected]
documentroot /var/www/port9999
errorlog logs/port9999/error.log
customlog logs/port9999/access.log combined
</virtualhost>
mkdir /var/www/port8888
mkdir /var/www/port9999
mkdir /etc/httpd/logs/port8888
mkdir /etc/httpd/logs/port9999
chown -R apache:apache /var/www/port*
chown -R apache:apache /etc/httpd/logs/port*
echo "port8888" > /var/www/port8888/index.html
echo "port9999" > /var/www/port9999/index.html
3. apache语法检测,启动apache服务
httpd -t
systemctl restart httpd
基于IP的虚拟主机
多配置一个IP地址用于测试
ifconfig ens32:0 192.168.200.202/24
ip addr
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
inet 192.168.200.102/24 brd 192.168.200.255 scope global ens32
inet 192.168.200.202/24 brd 192.168.200.255 scope global secondary ens32:0
vim /etc/httpd/conf.d/vhost.conf
<virtualhost 192.168.200.102:80>
servername 192.168.200.102:80
serveradmin [email protected]
documentroot /var/www/102
errorlog logs/102/error.log
customlog logs/102/access.log combined
</virtualhost>
<virtualhost 192.168.200.202:80>
servername 192.168.200.202:80
serveradmin [email protected]
documentroot /var/www/202
errorlog logs/202/error.log
customlog logs/202/access.log combined
</virtualhost>
mkdir /var/www/102
mkdir /var/www/202
mkdir /etc/httpd/logs/102
mkdir /etc/httpd/logs/202
chown -R apache:apache /var/www/*02
chown -R apache:apache /etc/httpd/logs/*02
echo "102" > /var/www/102/index.html
echo "202" > /var/www/202/index.html
apache语法检测,启动apache服务
httpd -t
systemctl restart httpd
基于域名的虚拟主机
- 虚拟目录配置。
vim /etc/httpd/conf/httpd.conf
97 ServerName a.com:80
vim /etc/httpd/conf.d/vhost.conf
<virtualhost www.a.com:80>
servername www.a.com:80
serveradmin [email protected]
documentroot /var/www/www
errorlog logs/www/error.log
customlog logs/www/access.log combined
</virtualhost>
<virtualhost m.a.com:80>
servername m.a.com:80
serveradmin [email protected]
documentroot /var/www/m
errorlog logs/m/error.log
customlog logs/m/access.log combined
</virtualhost>
mkdir /var/www/www
mkdir /var/www/m
mkdir /etc/httpd/logs/www
mkdir /etc/httpd/logs/m
chown -R apache:apache /var/www/www
chown -R apache:apache /var/www/m
chown -R apache:apache /etc/httpd/logs/www
chown -R apache:apache /etc/httpd/logs/m
echo "www" > /var/www/www/index.html
echo "m" > /var/www/m/index.html
apache语法检测,启动apache服务
httpd -t
systemctl restart httpd
基于SSL的web站点配置。
yum install -y mod_ssl openssl openssl-devel
cd /etc/pki/tls/private
openssl genrsa 1024 > www.a.com.key
cd ../certs/
openssl req -new -x509 -days 365 -key ../private/www.a.com.key -out www.a.com.crt
Country Name (2 letter code) [GB]: 输入国家地区代码,如中国的 CN
State or Province Name (full name) [Berkshire]: 地区省份
Locality Name (eg, city) [Newbury]: 城市名称
Organization Name (eg, company) [My Company Ltd]: 公司名称
Organizational Unit Name (eg, section) []: 部门名称
Common Name (eg, your name or your server’s hostname) []: 申请证书域名
Email Address []: 电子邮箱
vim /etc/httpd/conf.d/ssl.conf
59 DocumentRoot "/var/www/ssl"
60 ServerName www.a.com:443
100 SSLCertificateFile /etc/pki/tls/certs/www.a.com.crt
107 SSLCertificateKeyFile /etc/pki/tls/private/www.a.com.key
mkdir /var/www/ssl
chown -R apache:apache /var/www/ssl/
echo "1 2 3 4 5" > /var/www/ssl/index.html
apache语法检测,启动apache服务
httpd -t
systemctl restart httpd