虚拟主机加密与网页重写 squit服务

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了虚拟主机加密与网页重写 squit服务相关的知识,希望对你有一定的参考价值。

{**虚拟主机加密和网页重写apache**}

做好https认证以后

hostnamectl set-hostname web1.example.com

logout

vim /etc/httpd/conf.d/ssl.conf

cd /etc/httpd/conf.d/

vim news.conf

<Virtualhost *:80>

        Servername news.westos.com

        Documentroot /var/www/virtual/news.westos.com/html

        Customlog logs/news.log       combined

</Virtualhost>

<Directory "/var/www/virtual/news.westos.com/html">

        Require all granted

</Directory>

<Virtualhost *:443>                    **可以访问443端口(https端口)

        Servername news.westos.com      **主机名

        Documentroot /var/www/virtual/news.westos.com/html

        Customlog logs/news-443.log       combined    

        SSLEngine on

        SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt    **证书

            SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key    **钥匙

</Virtualhost>

 

systemctl restart httpd.service   重启服务

在浏览器中访问http://news.westos.com

 

 

访问http://news.westos.com自动转到https://news.westos.com

vim news.conf   修改如下:

<Virtualhost *:80>

        Servername news.westos.com

        RewriteEngine on

        RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301] **当访问http时带他访问https

</Virtualhost>

<Directory "/var/www/virtual/news.westos.com/html">

        Require all granted

</Directory>

<Virtualhost *:443>

        Servername news.westos.com

        Documentroot /var/www/virtual/news.westos.com/html

        Customlog logs/news-443.log       combined

        SSLEngine on

        SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt

        SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key

</Virtualhost>

 

systemctl restart httpd.service   重启服务

此时在浏览器中访问http://news.westos.com还是https://news.westos.com都自动转到https://news.westos.com

 

 

[**php和cgi**]

cd /var/www/html/

ls

vim index.html

vim index.php

     1  <?php

     2 phpinfo ();

     3  ?>

vim /etc/httpd/conf/httpd.conf

    163 <IfModule dir_module>

    164     DirectoryIndex index.php index.html    优先读取php 确认发布目录是/var/www/html/

systemctl restart httpd.service

 

yum install php -y      安装

cd /etc/httpd/conf.d/

systemctl restart httpd.service  重启服务

cd /var/www/html/

mkdir cgi        [先建立一个cgi目录]

cd cgi/

yum install httpd-manual   安装manual(查找cgi需要的命令)

vim index.cgi

     1 #!/usr/bin/perl

     2 print "Content-type: text/html\n\n";

     3 print `date`;

perl index.cgi        **测试cgi是否可用

chmod +x index.cgi    **[给一个执行权限,可以用 prel index.cgi]

cd /etc/httpd/conf.d/

vim default.conf

<Virtualhost _default_:80>

        Documentroot /var/www/html

        Customlog "logs/default.log" combined

</Virtualhost>

<Directory "/var/www/html/cgi">            读取的文件

        Options +ExecCGI            有执行权限

        AddHandler cgi-script .cgi

</Directory>

systemctl restart httpd.service

ls -Zd cgi-bin/

semanage fcontext -a -t httpd_sys_script_exec_t ‘/var/www/html/cgi(/.*)?‘  修改安全上下文

restorecon -FvvR /var/www/html/cgi/     

测试:http://172.25.254.149/cgi/index.cgi

 

yum install mariadb-server -y             **安装服务

systemctl start mariadb                   **重启服务

vim /etc/my.cnf                    **数据库配置文件

        skip-networking=1            **关闭远程连接

 

systemctl restart mariadb

mysql_secure_installation

cd /var/www/html/

ls

lftp 172.25.254.250             **下载Discuz_X3.2_SC_UTF8.zip软件包

unzip Discuz_X3.2_SC_UTF8.zip   ** 解析

less readme/readme.txt

setenforce 0                    

chmod 777 upload/ -R

yum install php-mysql.x86_64   下载两者关联的服务

systemctl restart httpd.service

在浏览器中访问http://172.25.254.149/upload/install     **进行设置 

 

[**squit**] 

squit正向解析:(效果:通过172.25.49.11浏览器可以访问172.25.254.250)

yum install squid -y                安装服务

vim /etc/squid/squid.conf

         56 http_access allow all            允许所有访问

         62 cache dir ufs /var/spool/squid 100 16 256    

systemctl start squid                开启服务

测试172.25.49.11

    打开 firefox  把Advanced——Network中的Settings,Manual ~ 中 写入你所访问的缓冲机(有两块网卡的那个)。

然后访问172.25.254.250,就会成功。虽然 ping 不同 172.25.254.250,但是能访问。

 

[2.缓存网站信息,并且轮询显示]

 

yum install squid。

vim /etc/squid/squid.conf

        56 http access_allow_all      **允许所有人访问

        59 http_port 80 vhost vport   **使用80端口    

        60 cache_peer 172.25.254.60 parent 80 0no-query originserver round-robin name=   web1

      61 cache_peer 172.25.254.4 parent 80 0no-query originserver round-robin name=   web2

        62 cache_peer_domain web1web2 www.test.com

      63 cache_dir ufs /var/spool/squid 100 16 256   cache_peer_domain web1 web2www.test.com    **设置网站访问域名

 

 

systemctl restart squid

并且在/etc/hosts 中添加 172.25.254.149 www.test.com

本文出自 “12106768” 博客,请务必保留此出处http://12116768.blog.51cto.com/12106768/1883198

以上是关于虚拟主机加密与网页重写 squit服务的主要内容,如果未能解决你的问题,请参考以下文章

Linux学习笔记

k8sgress部署加密认证重写

Httpd访问控制虚拟主机网页压缩优化

Nginx安装与升级 Nginx服务器 Nginx虚拟主机 HTTPS加密网站

apache服务

apache