apache超文本传输协议
############################
####apache超文本传输协议####
############################
一.Apache的安装
yum install httpd -y
systemctl start httpd
systemctl stop firewalld
systemctl enable httpd
systemctl disable firewalld
二.Apache基本配置
1.apache的默认发布文件
Index.html
2.apache的配置文件
/etc/httpd/conf/httpd.conf
/etc/httpd/conf.d/*.conf
3.apache的默认发布目录
/var/www/html
4.apache的默认端口
80
三.Apache的基本配置
1.修改默认发布文件
mkdir /westos/www/test -p
vim /westos/www/test/westos.html
westos’s page
Vim /etc/httpd/conf/httpd.conf
164 DirectoryIndex westos.html
systemctl restart httpd
2.修改默认发布目录
##当selinux是disable状态
vim /etc/httpd/conf/httpd.conf
120 DocumentRoot “/westos/www/test”
Require all granted
systemctl restart httpd
##当selinux是enforcing状态
Vim /etc/httpd/conf/httpd.conf
120 DocumentRoot “/westos/www/test”
Require all granted
systemctl restart httpd
semanage fcontext -a -t httpa_sys_content_t ‘/westos(/.*)?’ ##修改安全上下文
restorecon -RvvF /westos
3.apache的访问控制
cd /var/www/html
mkdir admin
cd admin
vim index.html
cat index.html
admin’s page
vim /etc/httpd/conf/httpd.conf
Order Allow,Deny
Alloe from All
Deny from 172.25.254.200
Order Deny,Allow ##谁在前先读谁,一般allow在前
Alloe from 172.25.254.200
Deny from All
##设定用户的访问
[root@mariadb ~]# cd /etc/httpd
[root@mariadb httpd]# htpasswd -cm /etc/httpd/accessuer admin ##建立用户
New password:
Re-type new password:
Adding password for user admin
[root@mariadb httpd]# cat /etc/httpd/accessuer
admin:$apr1$q0dFzYxd$CzGP2oOjCFYivTCoOoXat.
[root@mariadb httpd]# htpasswd -m /etc/httpd/accessuer tom ##二次建立用-m,否则会覆盖第一次用户信息
New password:
Re-type new password:
Adding password for user tom
[root@mariadb httpd]# cat /etc/httpd/accessuer ##用户及密码
admin:$apr1$q0dFzYxd$CzGP2oOjCFYivTCoOoXat.
tom:$apr1$A9Bp2KxM$xijFhQUQPFXWZOGZPAUUe.
vim /etc/httpd/conf/httpd.conf
AuthUserFile /etc/httpd/accessuser ##用户认证文件
AuthName "Please input yourname and passwd!!" ##用户认证提示信息
AuthType basic ##认证类型
Require valid-user ##认证用户,认证文件中所有用户都可以访问
[Require user admin] ##只允许认证文件中的admin用户访问
systemctl restart httpd
4.apache语言支持
Php html cgi
Html为默认支持语言
Php语言
[root@mariadb ~]# cd /var/www/html
[root@mariadb html]# vim index.php
[root@mariadb html]# cat index.php
phpinfo();
?>
Yum install php -y
Vim /etc/httpd/conf/httpd.conf
177 DirectoryIndex index.php file index.html
Systemctl reatart httpd
测试:浏览器输入172.25.254.100/index.php可看到php测试页
Cgi
通用网关接口(CGI)是网站上放置动态内容的最简单的方法。CGI脚本可用于许多目的,但是谨慎控制使用哪个CGI脚本以及允许谁添加和运行这些脚本十分重要。编写质量差的CGI脚本可能为外部攻击者提供了破坏网站及其内容安全性的途径。因此,在Web服务器级别和SELinux策略级别,都存在用于限制CGI脚本使用的设置。
[root@mariadb html]# ls
admin cgi index.php myadmin
[root@mariadb html]# vim index.cgi
[root@mariadb html]# vim /etc/httpd/conf/httpd.conf
[root@mariadb html]# getenforce
Disabled
[root@mariadb html]# chmod +x index.cgi
[root@mariadb html]# systemctl restart httpd
测试:浏览器输入172.25.254.100/cgi/index.cgi
显示 Wed May 17 08:17:06 EDT 2017
四.Apache的虚拟主机
1.定义
可以让我们的一台apache服务器在被访问不同域名的时候显示不同的主页。
2.建立测试页
[root@mariadb ~]# cd /var/www/
[root@mariadb www]# mkdir virtual
[root@mariadb www]# ls
cgi-bin html virtual
[root@mariadb www]# mkdir virtual/news.westos.com -p
[root@mariadb www]# mkdir virtual/money.westos.com -p
[root@mariadb www]# mkdir -p virtual/money.westos.com/html
[root@mariadb www]# mkdir -p virtual/news.westos.com/html
[root@mariadb www]# echo "money.westos.com's page" >virtual/money.westos.com/html/index.html
[root@mariadb www]# echo "news.westos.com's page" >virtual/news.westos.com/html/index.html
3.配置
[root@mariadb www]# cd /etc/httpd/conf.d
[root@mariadb conf.d]# vim default.conf ##指定域名的访问都访问defaults
DocumentRoot "/var/www/html" ##虚拟主机的默认发布目录
CustomLog "logs/default.log" combined ##虚拟主机的日志
[root@mariadb conf.d]# vim news.conf ##指定域名news.westos.com的访问到指定默认发布目录中
ServerName "news.westos.com"
DocumentRoot "/var/www/virtual/news.westos.com/html"
CustomLog "logs/news.log" combined
Require all granted
[root@mariadb conf.d]# cp news.conf money.conf
[root@mariadb conf.d]# vim money.conf
[root@mariadb conf.d]# systemctl restart httpd
4.测试
在浏览器所在主机
vim /etc/hosts
172.25.254.100 www.westos.com news.westos.com money.westos.com
输入http://news.westos.com/ 显示news.Westos.com’s page
输入http://money.westos.com/ 显示money.Westos.com’s page
五.ssl加密的超文本传输协议https
1.https定义
Hyper text transfer protocol over Secure socker layer,通过ssl
2.配置
yum install mod_ssl -y
yum install crypto-utils -y
[root@mariadb conf.d]# genkey www.westos.com ##对该域名进行加密
/etc/pki/tls/private/www.westos.com.key
/etc/pki/tls/certs/www.westos.com.crt
[root@mariadb conf.d]# vim ssl.conf ##加密文件
Vim /etc/httpd/conf.d/login.conf
ServerName "login.westos.com"
DocumentRoot "/var/www/virtual/login.westos.com/html"
CustomLog "logs/login.log" combined
SSLEngine on ##开始https功能
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
Require all granted
ServerName "login.westos.com"
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
#^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
#^(/.*)$ 客户主机在地址栏写入的所有字符
#https:// 定向成为的访问协议
#%{HTTP_HOST} 客户请求主机
#$1 $1的值就表示 ^(/.*)$的值
#[redirect=301] 临时重定向 302永久重定向
[root@mariadb conf.d]# mkdir /var/www/virtual/login.westos.com/html -p
[root@mariadb conf.d]# vim /var/www/virtual/login.westos.com/html/index.html
login.westos.com's page
Systemctl restart httpd
3.测试:
在客户端主机添加解析
Vim /etc/hosts
172.25.254.100 login.westos.com
浏览器访问login.westos.com会自动调转到
https://login.westos.com 实现网页数据加密传输
- 文章
- 推荐
- 热门新闻