Apache web服务

第九单元Apache web服务一 Apache安装1 yum install httpd -y ###安装apache软件包###2 systemctl start httpd ###开启服务###3 systemctl enable httpd.service ###开机自动开启服务###4 systemctl stop firewalld.service ###关闭防火墙###5 systemctl disable firewalld.service ###开机自动关闭###6 netstat -antlp | grep httpd ###查看监听端口###二 apache基本信息1 apache的默认发布目录index.html2 apache的配置文件/etc/httpd/conf/httpd.conf ###主配置文件###ServerRoot “/etc/httpd” ###用于指定Apache的运行目录###Listen 80 ###监听端口###User apache ###运行apache程序的用户和组###Group apacheServerAdmin root@localhost ###管理员邮箱###DocumentRoot “/var/www/html” ###网页文件的存放目录### ##语句块自定义目录权限##Require all granted ErrorLog “logs/error_log” ###错误日志存放位置###AddDefaultCharset UTF-8 ###默认支持的语言###IncludeOptional conf.d/*.conf ###加载其它配置文件###DirectoryIndex index.html ###默认主页名称###/etc/httpd/conf.d/*.conf ###子配置文件###3 apache的默认发布目录/var/www/html4 apache的默认端口80三 apache的基本配置1 ）默认文件的修改1 vim /var/www/html/index.html ###编写默认文件###内容：

hello world

2 vim /var/www/html/ westos.html ###编写默认文件###内容:

westos linux

3 vim /etc/httpd/conf/httpd.con168 169 DirectoryIndex westos.html index.html ###默认westos.html为默认文件，如果westos.html不存在，则默认文件为index.html#####170 4 systemctl restart httpd.service ###重新启动服务###测试：登入 172.25.254.112 查看显示的内容是index.html还是westos.html如果将westos.html文件删除过程如下：[root@mariadb mysqladmin]# cd /var/www/html/[root@mariadb html]# lsadmin cgi mysqladmin[root@mariadb html]# vim index.html[root@mariadb html]# vim westos.html[root@mariadb html]# vim /etc/httpd/conf/httpd.conf [root@mariadb html]# systemctl restart httpd.service [root@mariadb html]# rm -fr westos.html 2 ）默认目录的修改当selinux是disabled的时候：1 mkdir /westos/www/test -p ###建立一个目录作为默认目录###2 vim /westos/www/test/westos.html ###编写默认文件###内容：

westos’s page

3 vim /etc/httpd/conf/httpd.conf121 DocumentRoot “/westos/www/test” ###修改默认目录###122 123 ###设置默认目录访问权限####124 Require all granted ####允许所有人访问####125 4 systemctl restart httpd.service ###重启服务###测试：登入172.25.254.112查看内容：过程如下：[root@mariadb html]# mkdir /westos/www/test -p[root@mariadb html]# vim /westos/www/test/westos.html[root@mariadb html]# vim /etc/httpd/conf/httpd.conf[root@mariadb html]# systemctl restart httpd.service 当selinux是enforcing状态：在添加下面两步：1 semanage fcontext -a -t httpd_sys_content_t ‘/westos(/.*)?’###修改安全上下文###2 restorecon -RvvF/westos/ ###刷新###3 )apache的访问控制设定ip的访问：1 mkdir /var/www/html/admin/2 vim /var/www/html/admin/index.html

admin’s page

3 vim /etc/httpd/conf/httpd.conf Order Allow,Deny ###允许所有人访问admin目录但只有78主机不能访问###Allow from AllDeny from 172.25.254.78 ###只允许78访问访问admin目录####Order Deny,AllowAllow from 172.25.254.78Deny from Al开发云主机域名l3 systemctl restart httpd.service ###重启服务###过程如下：[root@mariadb ~]# mkdir /var/www/html/admin/[root@mariadb ~]# vim /var/www/html/admin/index.html[root@mariadb ~]# vim /etc/httpd/conf/httpd.conf[root@mariadb ~]# systemctl restart httpd.service特定用户的访问：1 htpasswd -cm /etc/httpd/accessuser admin ###设定用户，-c指创建，-m指定名称，改命令为创建了一个用户admin，该用户信息存放在/etc/httpd/accessuser#####2 htpasswd -m /etc/httpd/accessuser tom ###创建用户tom，第二次创建不用加-c，不然会将第一次创建的用户信息覆盖###3 vim /etc/httpd/conf/httpd.confAuthUserFile /etc/httpd/accessuser ###用户认证文件###AuthName “please input your name and password !!” ###用户认证提示信息###AuthType basic ###认证类型###Require user tom ###认证用户，只有tom可以访问，如果是Require valid-user 则认证文件中的所有用户###过程如下：[root@mariadb ~]# vim /etc/httpd/conf/httpd.conf [root@mariadb ~]# cd /etc/httpd/[root@mariadb httpd]# htpasswd -cm /etc/httpd/accessuser adminNew password: Re-type new password: Adding password for user admin[root@mariadb httpd]# cat /etc/httpd/accessuser admin:$apr1$/2PFvsol$SDJa/.mb1dmWnjHzZEPu11[root@mariadb httpd]# htpasswd -m /etc/httpd/accessuser tomNew password: Re-type new password: Adding password for user tom[root@mariadb httpd]# cat /etc/httpd/accessuser admin:$apr1$/2PFvsol$SDJa/.mb1dmWnjHzZEPu11tom:$apr1$pZ1snUMw$Sd/oscb2DOr0j6aCTvoDB1[root@mariadb httpd]# mkdir -p /var/www/html/admin[root@mariadb httpd]# systemctl restart httpd.service测试：登入172.25.254.112/admin4）apache语言支持php html cqi默认支持：htmlphp语言：1 yum install php -y2 vim /var/www/html/index.phpphpinfo();?>3 systemctl restart httpd.service过程如下：[root@mariadb html]# yum install php[root@mariadb html]# vim /var/www/html/index.html[root@mariadb html]# systemctl restart httpd.service cgi语言：1 yum install httpd-manual -y2 mkdir /var/www/html/cgi3 cd /var/www/html/cgi/4 vim index.cgi#!/usr/bin/perlprint “Content-type: text/htmlnn”;print `date`;5 chmod +x index.cgi6 vim /etc/httpd/conf/httpd.conf179 DirectoryIndex index.html index.cgi135 136 Options +ExecCGI137 AddHandler cgi-script .cgi138 [root@mariadb httpd]# yum install httpd-manual -y[root@mariadb httpd]# systemctl restart httpd.service [root@mariadb httpd]# mkdir /var/www/html/cgi[root@mariadb httpd]# touch /var/www/html/cgi/index.cgi[root@mariadb httpd]# cd /var/www/html/cgi/[root@mariadb cgi]# vim index.cgi [root@mariadb cgi]# chmod +x index.cgi [root@mariadb cgi]# vim /etc/httpd/conf/httpd.conf[root@mariadb cgi]# systemctl restart httpd.service 测试：登入172.25.254.112/cgi三 虚拟主机1 ) 定义：可以让我们的一台aoache服务器在被访问不同域名的时候显示不同的主页,虚拟主机允许您从一个httpd服务器同时为多个网站提供服务2 )建立测试页：cd /var/www/ mkdir virtualmkdir virtual/news.westos.commkdir virtual/money.westos.commkdir virtual/money.westos.com/htmlmkdir virtual/news.westos.com/htmlecho “money.westos.com’s page” > virtual/money.westos.com/html/index.htmlecho “news.westos.com’s page” > virtual/news.westos.com/html/index.html3 )配置1 cd /etc/httpd/conf.d/ ##在子配置文件里配置2 vim default.conf ###没有指定域名的访问都访问default ####虚拟主机开启的端口####DocumentRoot “/var/www/html” ###虚拟主机的默认发布目录###CustomLog “logs/default.log” combined ###虚拟主机日志###3 vim news.conf ###指定域名为news.westos.com的访问###ServerName “news.westos.com” ###指定服务器名称###DocumentRoot “/var/www/virtual/news.westos.com/html”CustomLog “logs/news.log” combined ###默认发布目录访问授权#Require all granted4 vim money.conf ###指定域名为money.westos.com的访问###ServerName “money.westos.com”DocumentRoot “/var/www/virtual/money.westos.com/html”CustomLog “logs/money.log” combinedRequire all granted5 systemctl restart httpd.service ###重启服务###6 在在浏览器的主机上要进行本地解析：[root@foundation12 Desktop]# vim /etc/hosts172.25.254.112 www.westos.com news.westos.com money.westos.com测试：分别登入www.westos.com , new.westos.com , money.westos.com过程如下：[root@server ~]# cd /var/www/ ###建立测试页###[root@server www]# mkdir virtual[root@server www]# lscgi-bin html virtual[root@server www]# mkdir virtual/news.westos.com[root@server www]# mkdir virtual/money.westos.com[root@server www]# mkdir virtual/money.westos.com/html[root@server www]# mkdir virtual/news.westos.com/html[root@server www]# echo “money.westos.com’s page” > virtual/money.westos.com/html/index.html[root@server www]# echo “news.westos.com’s page” > virtual/news.westos.com/html/index.html[root@server conf]# cd /etc/httpd/conf.d/ ##在子配置文件里配置###[root@server conf.d]# lsautoindex.conf php.conf userdir.confmanual.conf README welcome.conf[root@server conf.d]# vim default.conf
[root@server conf.d]# vim news.conf[root@server conf.d]# cp news.conf money.conf[root@server conf.d]# vim money.conf [root@server conf]# cd /etc/httpd/conf.d[root@server conf.d]# lsautoindex.conf manual.conf news.conf README welcome.confdefault.conf money.conf php.conf userdir.conf[root@server conf.d]# systemctl restart httpd.service ###重启服务###在浏览器的主机上要进行本地解析：[root@foundation12 Desktop]# vim /etc/hosts172.25.254.112 www.westos.com news.westos.com money.westos.com4 )配置httpshttp的访问是明文的访问，https的访问是加密的访问。https访问的监听端口是4431 netstat -antlpe | grep httpd ###查看与httpd有关的端口有哪些##2 yum install mod_ssl -y ###只有安装了ssl才会有443端口###3 vim /etc/httpd/conf.d/ssl.conf ###安装号ssl后就会出现ssl.conf文件,文件内容有443端口####4 yum install crypto-utils.x86_64 -y ###安装生成自签名证书的软件包###5 genkey www.westos.com ###调用genkey生成证书###––> 记录生成的证书和关联的私钥的位置––> 选择合适的密钥大小––> 在生成随机数时比较慢,敲键盘和移动鼠标可以加速––> 拒绝向认证机构(CA)发送证书请求(CSR)––> 拒绝加密私钥––> 为服务器提供合适的身份。Common Name必须与服务器的主机全名完全匹配(注意,任何逗号都应使用前导反斜线[]进行转义)––> 6 vim ssl.conf7 vim login.conf ###https的监听端口###ServerName “login.westos.com”DocumentRoot “/var/www/virtual/login.westos.com/html”CustomLog “logs/login.log” combinedSSLEngine on ###开启https的功能###SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ###证书###SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key ##秘钥###Require all granted过程如下：[root@localhost conf.d]# yum install mod_ssl.x86_64 -y[root@localhost conf.d]# yum install crypto-utils.x86_64 -y[root@localhost conf.d]# genkey www.westos.com/usr/bin/keyutil -c makecert -g 512 -s “CN=www.westos.com, OU=linux, O=westos, L=xi’an, ST=Shannxi, C=CN” -v 1 -a -z /etc/pki/tls/.rand.3946 -o /etc/pki/tls/certs/www.westos.com.crt -k /etc/pki/tls/private/www.westos.com.keycmdstr: makecertcmd_CreateNewCertcommand: makecertkeysize = 512 bitssubject = CN=www.westos.com, OU=linux, O=westos, L=xi’an, ST=Shannxi, C=CNvalid for 1 monthsrandom seed from /etc/pki/tls/.rand.3946output will be written to /etc/pki/tls/certs/www.westos.com.crtoutput key written to /etc/pki/tls/private/www.westos.com.keyGenerating key. This may take a few moments…Made a keyOpened tmprequest for writing/usr/bin/keyutil Copying the cert pointerCreated a certificateWrote 486 bytes of encoded data to /etc/pki/tls/private/www.westos.com.key Wrote the key to:/etc/pki/tls/private/www.westos.com.key[root@localhost conf.d]# lsautoindex.conf money.conf README tmprequest welcome.confdefault.conf news.conf ssl.conf userdir.conf[root@localhost conf.d]# vim ssl.conf [1]+ Stopped vim ssl.conf[root@localhost conf.d]# fgvim ssl.conf[1]+ Stopped vim ssl.conf[root@localhost conf.d]# fgvim ssl.conf[root@localhost conf.d]# systemctl restart httpd.service [root@localhost conf.d]# netstat -antlpe | grep httpdtcp6 0 0 :::443 :::* LISTEN 0 97088 4088/httpd tcp6 0 0 :::80 :::* LISTEN 0 97074 4088/httpd [root@localhost conf.d]# cp -p money.conf login.conf[root@localhost conf.d]# mkdir /var/www/virtual/login.westos.com/html -p[root@localhost conf.d]# vim /var/www/virtual/login.westos.com/html/index.html[root@localhost conf.d]# vim login.conf ###https的监听端口###ServerName “login.westos.com”DocumentRoot “/var/www/virtual/login.westos.com/html”CustomLog “logs/login.log” combinedSSLEngine on ###开启https功能###SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt##证书##SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key##密钥##Require all granted[root@localhost conf.d]# systemctl restart httpd.service 测试：登入login.westos.com5)网页重写1 vim login.confServerName “login.westos.com”DocumentRoot “/var/www/virtual/login.westos.com/html”CustomLog “logs/login.log” combinedSSLEngine onSSLCertificateFile /etc/pki/tls/certs/www.westos.com.crtSSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.keyRequire all granted ###网页重写实现自动访问https###ServerName login.westos.comRewriteEngine onRewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]^(/.*)$ ###客户主机在地址栏中写入的所有字符，除了换行符###https:// ###定向成为的访问协议###%{HTTP_HOST} ###客户请求主机###$1 ###指^(/.*)$的值###[redirect=301] ###301指临时重定向，302指永久重定向###2 systemctl restart httpd.service测试：在客户主机中添加解析172.25.254.112 login.westos.com访问http://login.westos.com 会自动跳转到 https：//login.westos.com

相关推荐: 从P595小型机B181201B故障代码识别手把手详解

背景：生产小型机发生宕机事件，现场发现液晶面板存在B181201B代码，可是查看网络，未见有权威的参考文章，通过管理口登录HMC管理界面，发现错误代码B181201B，同时提示可能是电源故障，后登录操作系统通过errpt进一步确认了BFE4C025 08151…