Centos7系统下httpd各种方式实现与配置
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Centos7系统下httpd各种方式实现与配置相关的知识,希望对你有一定的参考价值。
-
1、 Centos7系统下实现httpd-2.2的安装,并分别实现prefork、worker、event等几种工作方式
Centos 7上若yum安装httpd程序,默认的是2.4的版本,因此无法用yum 直接安装,我这里采取源码安装httpd-2.2
安装前准备
[[email protected] ~]# systemctl stop firewalld.service
[[email protected] ~]# vi /etc/sysconfig/selinux
[[email protected] ~]# setenforce 0
[[email protected] ~]# getenforce
Permissive安装相应组件包
[[email protected] ~]# yum groupinstall "Development Tools" "Serverplatform Development" -y
[[email protected] ~]# wget http://archive.apache.org/dist/httpd/httpd-2.2.32.tar.gz编译安装
[[email protected] ~]# tar -zxf httpd-2.2.32.tar.gz
[[email protected] ~]# cd httpd-2.2.32
[[email protected] httpd-2.2.32]# ./configure --prefix=/usr/local/apache2/ --sysconfdir=/etc/httpd2 --with-mpm=worker
[[email protected] httpd-2.2.32]# make && make install设定环境变量与systemd
[[email protected] httpd-2.2.32]# cat /etc/profile.d/httpd.sh
export PATH=$PATH:/usr/local/apache2/bin
[[email protected] httpd-2.2.32]# ln -sv /usr/local/apache2/include /usr/include//httpd
‘/usr/include//httpd’ -> ‘/usr/local/apache2/include’
[[email protected] httpd-2.2.32]# cat /etc/man_config
MANPATH /usr/local/apache2/man
[[email protected] httpd-2.2.32]# cat /lib/systemd/system/httpd.service
[Unit]
Description=The httpd service
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/apache2/bin/apachectl start
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/usr/local/apache2/bin/apachectl stop
Restart=/usr/local/apache2/bin/apachectl restart
[Install]
WantedBy=multi-user.target启动服务与验证
[[email protected] httpd-2.2.32]# systemctl daemon-reload
[[email protected] httpd-2.2.32]# systemctl start httpd.service
[[email protected] httpd-2.2.32]# ss -tan
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
ESTAB 0 0 192.168.10.10:22 192.168.10.1:57790
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
[[email protected] httpd-2.2.32]# httpd -l
Compiled in modules:
core.c
mod_authn_file.c
mod_authn_default.c
mod_authz_host.c
mod_authz_groupfile.c
mod_authz_user.c
mod_authz_default.c
mod_auth_basic.c
mod_include.c
mod_filter.c
mod_log_config.c
mod_env.c
mod_setenvif.c
mod_version.c
worker.c
http_core.c
mod_mime.c
mod_status.c
mod_autoindex.c
mod_asis.c
mod_cgid.c
mod_negotiation.c
mod_dir.c
mod_actions.c
mod_userdir.c
mod_alias.c
mod_so.c按照以上方式即可实现prefork和event两种方式(默认为prefork方式)
./configure --prefix=/usr/local/apache2/ --sysconfdir=/etc/httpd --with-mpm=prefork
./configure --prefix=/usr/local/apache2/ --sysconfdir=/etc/httpd --with-mpm=eventprefork: 预先创建进程,两级进程模型,父进程负责创建子进程,每个子进程响应一个用户请求
worker:父进程管理子进程,子进程通过线程响应用户请求,每线程处理一个用户请求
event:两级模型,父进程管理子进程,子进程通过event-driver机制直接响应n个请求
-
2、 简述request报文请求方法和状态响应码
-
请求方法(method):
GET:从服务器获取一个资源;
HEAD:只从服务器获取文档的响应首部;
POST:向服务器发送要处理的数据;
PUT:将请求的主体部分存储在服务器上;
DELETE:请求删除服务器上指定的文档;
TRACE:追踪请求到达服务器中间经过的代理服务器;
OPTIONS:请求服务器返回对指定资源支持使用的请求方法; -
Status(状态码):
1xx: 100-101,信息提示;
2xx: 200-206,成功
3xx: 300-305,重定向
4xx: 400-415,错误类信息,客户端错误
5xx: 500-505,服务器端错误 -
常用的状态码:
200: 成功,请求的所有数据通过响应报文的entity-body部分发送;OK
301: 请求的URL指向的资源的已经被删除;但在响应报文中通过首部Location指明了资源现在所处的新位置;Moved Permanently
302: 与301相似,但在响应报文中通过Location指明资源现在所处临时新位置;Found
304: 客户端发出了条件式请求,但服务器上的资源未曾发生改变,则通过响应此响应状态码通知客户端;Not Modified
401: 需要输入账号和密码认证方能访问资源;Unauthorzed
403: 请求被禁止;Forbidden
404: 服务器无法找到客户端请求的资源;Not Found
500: 服务器内部错误;Internal Server Error
502: 代理服务器从后端服务器收到了一条伪响应; Bad Gateway -
3、详细描述httpd虚拟主机、站点访问控制、基于用户的访问控制、持久链接等应用配置实例
虚拟主机的实现方案:
基于IP地址
基于端口号(port)
基于主机域名(FQDN)
注意点:
- 一般虚拟主机不要与中心主机混用,要使用虚拟主机,得先禁用“main”主机,禁用方法:注释中心主机的DocumentRoot指令即可
- 配置VirtualHost,在httpd2.2中,NameVirtualHost这一项需启用2.2以上版本不需要
-
基于IP地址
[[email protected] ~]# yum -y install httpd [[email protected] ~]# ip addr add 192.168.10.30/24 dev ens32 [[email protected] ~]# ip addr add 192.168.10.31/24 dev ens32 [[email protected] ~]# mkdir -p /var/www/html/30 [[email protected] ~]# mkdir -p /var/www/html/31 [[email protected] ~]# echo "hello,ip address is "192.168.10.30"" > /var/www/html/30/index.html [[email protected] ~]# echo "hello,ip address is "192.168.10.31"" > /var/www/html/31/index.html [[email protected] ~]# vi /etc/httpd/conf.d/virtualhost.conf <VirtualHost 192.168.10.30:80> DocumentRoot "/var/www/html/30" ServerName www.magedu30.com <Directory "/var/www/html/30"> AllowOverride None Require all granted </Directory> </VirtualHost> <VirtualHost 192.168.10.31:80> DocumentRoot "/var/www/html/31" ServerName www.magedu31.com <Directory "/var/www/html/31"> AllowOverride None Require all granted </Directory> </VirtualHost> [[email protected] ~]# httpd -t Syntax OK [[email protected] ~]# systemctl restart httpd.service #最后测试结果 [email protected] ~]# curl 192.168.10.30 hello,ip address is 192.168.10.30 [[email protected] ~]# curl 192.168.10.31 hello,ip address is 192.168.10.31 - 基于端口号:
[[email protected] ~]# mkdir -p /var/www/html/80 [[email protected] ~]# mkdir -p /var/www/html/10080 [[email protected] ~]# echo "hi,the ip port is ‘80‘" >/var/www/html/80/index.html [[email protected] ~]# echo "hi,the ip port is ‘10080‘" >/var/www/html/10080/index.html [[email protected] ~]# vi /etc/httpd/conf.d/test1.conf <VirtualHost 192.168.10.10:80> ServerName www.magedu10.com DocumentRoot "/var/www/html/80" <Directory "/var/www/html/80"> Options None AllowOverride None Require all granted </Directory> CustomLog "logs/test1_access_log" combined </VirtualHost> [[email protected] ~]# vi /etc/httpd/conf.d/test2.conf Listen 10080 <VirtualHost 192.168.10.10:10080> ServerName www.test2.com DocumentRoot "/var/www/html/10080" <Directory "/var/www/html/10080"> Options None AllowOverride None Require all granted </Directory> CustomLog "Logs/test2_access_log" combined </VirtualHost> [email protected] ~]# httpd -t Syntax OK [[email protected] ~]# systemctl restart httpd #最后验证结果: [[email protected] ~]# curl 192.168.10.10:80 hi,the ip port is ‘80‘ [[email protected] ~]# curl 192.168.10.10:8080 hi,the ip port is ‘10080‘ - 基于主机域名
[[email protected] ~]# mkdir -p /var/www/html/ilinux [[email protected] ~]# mkdir -p /var/www/html/iunix [[email protected] ~]# echo "domain name is ‘www.ilinux.com‘" >/var/www/html/ilinux/index.html [[email protected] ~]# echo "domain name is ‘www.iunix.com‘" >/var/www/html/iunix/index.html [[email protected] ~]# vi /etc/httpd/conf.d/virtualhost.conf <VirtualHost 192.168.10.10:80> DocumentRoot "/var/www/html/ilinux" ServerName www.ilinux.com <Directory "</var/www/html/ilinux"> AllowOverride None Require all granted </Directory> </VirtualHost> <VirtualHost 192.168.10.10:80> DocumentRoot "/var/www/html/iunix" ServerName www.iunix.com <Directory "/var/www/html/iunix"> AllowOverride None Require all granted </Directory> </VirtualHost> [[email protected] ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.10.10 www.ilinux.com www.iunix.com [[email protected] ~]# httpd -t Syntax OK [[email protected] ~]# systemctl restart httpd #最后测试结果: [[email protected] ~]# curl www.ilinux.com domain name is ‘www.ilinux.com‘ [[email protected] ~]# curl www.iunix.com domain name is ‘www.iunix.com‘ - 站点访问控制
禁止192.168.10.20访问[[email protected] ~]# cat /etc/httpd/conf.d/deny.conf <VirtualHost 192.168.10.10:80> ServerName www.ilinux.com DocumentRoot "/var/www/html" <Directory "/var/www/html"> <Requireall> Require all granted Require not ip 192.168.10.20 </Requireall> </Directory> </VirtualHost> -
基于用户的访问控制
[[email protected] ~]# htpasswd -c /tmp/test.users tom New password: Re-type new password: Adding password for user tom [[email protected] ~]# htpasswd -m /tmp/test.users jerry New password: Re-type new password: Adding password for user jerry [[email protected] ~]# htpasswd -m /tmp/test.users xiaochen New password: Re-type new password: Adding password for user xiaochen [[email protected] ~]# mv /tmp/test.users /etc/httpd/conf.d/.htpasswd [[email protected] ~]# mkdir -p /var/www/html/testusers [[email protected] ~]# echo "Testusers Area" > /var/www/html/testusers/index.html [[email protected] ~]# cat /etc/httpd/conf.d/testusers.conf <Directory "/var/www/html/testusers"> Options None AllowOverride None AuthType basic AuthName "Test Area,pls enter your username and password" AuthUserFile "/etc/httpd/conf.d/.htpasswd" Require user tom jerry obama </Directory> [[email protected] ~]# cat /etc/httpd/conf.d/virtualhost.conf <VirtualHost 192.168.10.10:80> DocumentRoot "/var/www/html/testusers" ServerName www.ilinux.com <Directory "</var/www/html/testusers"> AllowOverride None Require all granted </Directory> </VirtualHost> <VirtualHost 192.168.10.10:80> DocumentRoot "/var/www/html/testusers" ServerName www.iunix.com <Directory "/var/www/html/testusers"> AllowOverride None Require all granted </Directory> </VirtualHost> [[email protected] ~]# httpd -t Syntax OK [[email protected] ~]# systemctl restart httpd最后测试:
- 持久链接
持久链接是建立链接后持续获取资源不断开,一直响应到把需要获取的资源都成功获取了以后才终止链接#创建模块化文件 [[email protected] ~]# cat /etc/httpd/conf.d/keepalive.conf KeepAlive On KeepAliveTimeout 35 MaxKeepAliveRequests 100 [[email protected] ~]# httpd -t Syntax OK [[email protected] ~]# systemctl restart httpd
以上是关于Centos7系统下httpd各种方式实现与配置的主要内容,如果未能解决你的问题,请参考以下文章
centos7下利用httpd2.4配置svn并使用Ldap用户认证