APACHE
apache
企业常用的web服务,用于提供http://(超文本传输协议)
2 apache的安装部署
yum install httpd -y
yum install httpd-manual(注释)
systemctl start httpd
systemctl enable httpd
systemctl stop firewalld
systemctl disable firewalld
3 apache的基础信息
主配置目录 : /etc/httpd/conf
主配置文件: /etc/httpd/conf/httpd.conf
子配置目录: /etc/httpd/conf。d
子配置文件: /etc/httpd/cong。d/*.conf
默认发布目录: /var/www/html
默认发布文件: index.html
默认端口: 80
默认安全上下文: httpd_sys_content_t
程序开启默认用户: apache
apache日志 : /etc/httpd/logs/*
修改默认端口
vim /etc/httpd/conf/httpd.conf
43 Linsten 8080 修改默认端口为8080
测试:
IP加上8080后:
修改默认发布文件
默认发布文件就是访问apache时没有指定文件名称时默认访问的文件
这个文件可以指定多个,有访问顺序
vim /etc/httpd/conf/httpd.conf
164 DirectoryIndex index.html text.html 当index.html不存在时访问text.html
测试:
修改默认发布目录
120 DocumentRoot "/www/html"
121 <Directory "/www">
Require all granted
123 </Directory>
semanage fcontext -a -t httpd_sys_content '/www(/.*)?' 添加安全上下文
restorecon -RvvF /www/ 刷新安全上下文
apache的虚拟主机
vim /etc/httpd/conf.d/adefault.conf 默认访问目录
<VirtualHost _abc_:80>
DocumentRoot "/var/www/html"
CustomLog "logs/www.westos.com.log" combined
</VirtualHost>:wq
建立虚拟主机发布目录:
vim /etc/httpd/conf.d/bobo.westos.com
<VirtualHost *:80>
ServerName bobo.westos.com #指定站点名称
DocumentRoot "/var/www/virtual/bobo.westos.com/html/" #站点默认发布目录
CustomLog "logs/bobo.westos.com.logs" combined #站点日志combined标示四种日志类别
</VirtualHost>
<Directory "/var/www/virtnal/bobo.westos.com/html">
require all granted
</Directory>
测试
在测试主机中修改本机解析文件
vim /etc/hosts
172.25.254.141 bobo.westos.com
网页测试:
5 apache内部的访问控制
<Diretory “/var/www/html/test”>
order allow deny #列表读取顺序,后读取的覆盖先读取的内容
Allow frow 172.25.254.50
Deny frow all
</Diretory>
<Diretory “/var/www/html/test”>
order deny,allow
Allow frow 172.25.254.50
Deny frow all
</Diretory>
测试:
2 用户方式的访问控制
htpasswd -cm /etc/httpd/userpass admin
htpasswd -m /etc/httpd/userpass admin1 添加新的认证用户(后面不用加c)
vim adefault.conf
<Directory "/var/www/html/admin">
AuthUserFile /etc/httpd/userpass
AuthName "Please input your name and password"
AuthType basic
Require user admin 针对用户admin
Require vaild-user 针对有效用户
针对有效用户,此时只有admin可以访问,admin1不能访问
针对所有用户
测试:
6 apache支持的语言
1 html
2 php
vim /var/www/html/index.php
<?php
phpinfo();
?>
yum install php -y
systemctl restart httpd
测试
172.25.254.150/index.php
3 cgi
mkdir -p /var/www/html/cgi
semanager fcontent -a -t httpd_sys_script_exec_t '/var/www/html/cgi(/.*)?' #关闭selinux对cgi对该目录的限制
restorecon -RvvF /var/www/html/cgi/
vim /var/www/html/cgi/index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`; #注意:data上的符号为反引号(Tab键上面那个键)不是但引号,表示对结果的调用
/var/www/html/cgi/index.cgi #执行下脚本确保脚本正常运行
vim /etc/httpd/conf.d/ adefaul.conf
16 </Directory>
17 <Directory "/var/www/html/cgi">
18 Options +ExecCGI
19 AddHandler cgi-script .cgi
20 </Directory>
vim /etc/httpd/conf/httpd.conf #在主配置文件中默认发布文件行添加index.cgi
systemctl restart httpd.service #重启服务后即可在浏览器中测试
#7.https
yum install mod_ssl -y #下载加密工具
yum install crypto-utils.x86_64 #加密工具
genkey www.bobo.com #制作证书
加密中:此阶段必须不停敲击键盘或晃动鼠标,否则加密进度将停止不进
制作完成:
vim /etc/httpd/conf.d/ssl.com #修该生成的钥匙和密码
100 SSLCertificateFile /etc/pki/tls/certs/www.bobo.com.crt
107 SSLCertificateKeyFile /etc/pki/tls/private/www.bobo.com.key
systemctl restart httpd.service #修改完后重启httpd服务
测试主机中查看证书
#8设定https虚拟主机并设定网页重写
mkdir -p /var/www/html/virtual/login.bobo.com/html #创建目录
vim /var/www/html/virtual/login.bobo.com/index.html #编辑发布文件
vim /etc/httpd/conf.d/login.conf
<VirtualHost *:443>
ServerName login.bobo.com
DocumentRoot /var/www/html/virtual/login.bobo.com/html
CustomLog "logs/login.logs" combined
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/www.bobo.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/www.bobo.com.key
</VirtualHost>
<Directory "/var/www/html/virtual/login.bobo.com/html">
Require all granted
</Directory>
<VirtualHost *:80>
ServerName login.bobo.westos.com
RewriteEngine On
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
systemctl restart httpd.service #重启httpd服务
^(/.*)$ #客户在浏览器地址中输入的所有内容
https:// #强制客户加密访问
vim /etc/hosts
172.25.254.150 login.bobo.com
测试: