linux学习之apache
#######apache######
1.apache的安装
[[email protected] ~]# yum install httpd -y ##安装httpd
[[email protected] ~]# systemctl start httpd ##开启服务
[[email protected] ~]# systemctl stop firewalld ##关闭防火墙
[[email protected] ~]# systemctl enable httpd
ln -s '/usr/lib/systemd/system/httpd.service' '/etc/systemd/system/multi-user.target.wants/httpd.service'
[[email protected] ~]# systemctl disable firewalld
2.apache的基本配置
默认发布文件————————index.html
[[email protected] ~]# cd /var/www/html/
[[email protected] html]# vim index.html ##写入测试时要显示的内容,<h1> </h1>表示设置字体
<h1>index.html</h1>
测试——————在浏览器搜索172.25.254.234
默认配置文件————————/etc/httpd/conf/httpd.conf
/etc/httpd/conf.d/*.conf
默认发布目录————————/var/www/html/
默认端口————————————80
3.修改
[[email protected] ~]# getenforce ##selinux是关闭模式
Disabled
[[email protected] ~]# vim /westos/www/test/westos.html ##写入要显示的内容
<h1>/westos/www/test/westos.html's page</h1>
[[email protected] html]# vim /etc/httpd/conf/httpd.conf##将默认发布文件改为先读取westos.html,index.html备用
163 <IfModule dir_module>
164 DirectoryIndex westos.html index.html ##写在前面的先读
165 </IfModule>
2)修改默认发布目录
[[email protected] ~]# vim /etc/httpd/conf/httpd.conf ##将默认发布目录改为/westos/www/test,给授权允许任何人访问
119 #DocumentRoot "/var/www/html"
120 DocumentRoot "/westos/www/test"
121 <Directory "/westos/www/test">
122 Require all granted
[[email protected] ~]# vim /etc/httpd/conf/httpd.conf ##设置/var/www/html为默认
119 DocumentRoot "/var/www/html"
120 #DocumentRoot "/westos/www/test"
[[email protected] ~]# vim /etc/httpd/conf/httpd.conf
[[email protected]riadb ~]# cd /var/www/html/
[[email protected] html]# ls
index.html mysqladmin
[[email protected] html]# mkdir admin
[[email protected] html]# cd admin/
[[email protected] admin]# vim index.html
<h1>admin's page</h1>
3)apache的访问控制
[[email protected] ~]# vim /etc/httpd/conf/httpd.conf
119 DocumentRoot "/var/www/html"
124 <Directory "/var/www/html/admin"> ##只允许66主机访问admin目录
125 Order Deny,Allow
126 Allow from 172.25.254.66
127 Deny from All
[[email protected] ~]# vim /etc/httpd/conf/httpd.conf ##允许所有人访问admin但拒绝66主机
119 DocumentRoot "/var/www/html"
124 <Directory "/var/www/html/admin">
125 Order Allow,Deny ##allow,deny 哪个在前先读哪个
126 Allow from All
127 Deny from 172.25.254.66
4)设定用户的访问
[[email protected] httpd]# htpasswd -cm /etc/httpd/accessuser admin ##设置用户密码
[[email protected] httpd]# htpasswd -m /etc/httpd/accessuser tom
[[email protected] httpd]# cat /etc/httpd/accessuser ##查看生成的密码,加密性
[[email protected] httpd]# vim /etc/httpd/conf/httpd.conf
124 <Directory "/var/www/html/admin">
125 AuthUserfile /etc/httpd/accessuser ##用户认证文件
126 AuthName "Please input your name and password !!" ##用户认证提示信息
127 AuthType basic ##认证类型
128 Require valid-user ##认证用户,valid-user表示认证文件中的所有用户都可以通过,user admin 表示只允许认证文件中的admin用户通过认证访问
129 </Directory>
1)html语言默认支持
2)php语言
[[email protected] html]# yum install php -y
[[email protected] html]# vim index.php
<?php
phpinfo();
?>
[[email protected] html]# systemctl restart httpd
4)cgi语言
[[email protected] html]# yum install httpd-manual.noarch -y
[[email protected] html]# systemctl restart httpd.service
[[email protected] ~]# mkdir /var/www/html/cgi
[[email protected] html]# cd /var/www/html/cgi
[[email protected] cgi]# ls
[[email protected] cgi]# vim index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
Content-type: text/html
Mon May 15 20:59:18 EDT 2017
[[email protected] cgi]# vim /etc/httpd/conf/httpd.conf
130 <Directory "/var/www/html/cgi">
131 Options +ExecCGI
132 AddHandler cgi-script .cgi
#####apache的虚拟主机########
1.定义
可以让我们的一台apache服务器在被访问不同域名的时候显示不同的主页
2.建立测试页
[[email protected] www]# mkdir virtual
[[email protected] www]# ls
cgi-bin html virtual
[[email protected] www]# mkdir virtual/news.westos.com -p ##建立两个不同的测试页
[[email protected] www]# mkdir virtual/money.westos.com -p
[[email protected] www]# mkdir virtual/news.westos.com/html -p
[[email protected] www]# mkdir virtual/money.westos.com/html -p
[[email protected] www]# echo "<h1>money.westos.com's page</h1>" >virtual/money.westos.com/html/index.html ##默认发布文件中写入页面显示内容
[[email protected] conf.d]# vim default.conf
<Virtualhost _default_:80> ##虚拟主机开启的端口,默认端口为80
DocumentRoot "/var/www/html" ##虚拟主机的默认发布目录
CustomLog "logs/default.log" combined ##虚拟主机日志
</Virtualhost>
[[email protected]adb conf.d]# vim news.conf ##指定域名news.westos.com的访问到指定默认发布目录中
<Virtualhost *:80>
ServerName "news.westos.com"
DocumentRoot "/var/www/virtual/news.westos.com/html"
CustomLog "logs/news.log" combined
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html"> ##默认发布目录的访问授权
Require all granted
[[email protected] conf.d]# vim money.conf
<Virtualhost *:80>
ServerName "money.westos.com"
DocumentRoot "/var/www/virtual/money.westos.com/html"
CustomLog "logs/money.log" combined
</Virtualhost>
<Directory "/var/www/virtual/money.westos.com/html">
Require all granted
[[email protected] conf.d]# systemctl restart httpd
4.测试
在浏览器主机中
vim /etc/hosts
####https####
1.https定义
当http运行在安全接层(SSL)之上,http被称为https,https可以提供保密性,客户和服务器鉴别以及数据完整性
2.配置
[[email protected] ~]# yum install mod_ssl.x86_64 crypto-utils.x86_64 -y
[[email protected] ~]# genkey www.westos.com ##加密,获取保密密码
/usr/bin/keyutil -c makecert -g 1024 -s "CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN" -v 1 -a -z /etc/pki/tls/.rand.6410 -o /etc/pki/tls/certs/www.westos.com.crt -k /etc/pki/tls/private/www.westos.com.key
cmdstr: makecert
cmd_CreateNewCert
command: makecert
keysize = 1024 bits
subject = CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN
valid for 1 months
random seed from /etc/pki/tls/.rand.6410
output will be written to /etc/pki/tls/certs/www.westos.com.crt
output key written to /etc/pki/tls/private/www.westos.com.key
Generating key. This may take a few moments...
Made a key
Opened tmprequest for writing
/usr/bin/keyutil Copying the cert pointer
Created a certificate
Wrote 882 bytes of encoded data to /etc/pki/tls/private/www.westos.com.key
Wrote the key to:
[[email protected] ~]# cd /etc/httpd/conf.d/
[[email protected] conf.d]# ls
autoindex.conf manual.conf news.conf README userdir.conf
default.conf money.conf php.conf ssl.conf welcome.conf
[[email protected] conf.d]# cp money.conf login.conf
[[email protected] conf.d]# vim login.conf
<Virtualhost *:443>
ServerName "login.westos.com" ##指定域名
DocumentRoot "/var/www/virtual/login.westos.com/html" ##指向默认配置文件
CustomLog "logs/login.log" combined ##日志存放位置
SSLEngine on ##开启https功能
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##证书
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key ##**
</virtualhost>
<Directory "/var/www/virtual/login.westos.com/html"> ##授权
Require all granted
</Directory>
<Virtualhost *:80> ##网页重写实现自动访问https
ServerName login.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
##^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
#^(/.*)$ 客户主机在地址栏写入的所有字符,不包括换行符
#https:// 定义生成的访问协议
#%{HTTP_HOST} 客户请求主机
#$1 $1的值就表示^(/.*)$的值
[[email protected] conf.d]# mkdir /var/www/virtual/login.westos.com/html -p ##生成目录
[[email protected] conf.d]# vim /var/www/virtual/login.westos.com/html/index.html ##写入浏览器要显示的内容
<h1>login.westos.com's page</h1>
[[email protected] conf.d]# systemctl restart httpd.service
测试
1.在浏览器主机解析
vim /etc/hosts
172.25.254.234 www.westos.com news.westos.com money.westos.com login.westos.com
1.apache的安装
[[email protected] ~]# yum install httpd -y ##安装httpd
[[email protected] ~]# systemctl start httpd ##开启服务
[[email protected] ~]# systemctl stop firewalld ##关闭防火墙
[[email protected] ~]# systemctl enable httpd
ln -s '/usr/lib/systemd/system/httpd.service' '/etc/systemd/system/multi-user.target.wants/httpd.service'
[[email protected] ~]# systemctl disable firewalld
2.apache的基本配置
默认发布文件————————index.html
[[email protected] ~]# cd /var/www/html/
[[email protected] html]# vim index.html ##写入测试时要显示的内容,<h1> </h1>表示设置字体
<h1>index.html</h1>
测试——————在浏览器搜索172.25.254.234
默认配置文件————————/etc/httpd/conf/httpd.conf
/etc/httpd/conf.d/*.conf
默认发布目录————————/var/www/html/
默认端口————————————80
3.修改
[[email protected] ~]# getenforce ##selinux是关闭模式
Disabled
1)修改默认发布文件
[[email protected] ~]# vim /westos/www/test/westos.html ##写入要显示的内容
<h1>/westos/www/test/westos.html's page</h1>
[[email protected] html]# vim /etc/httpd/conf/httpd.conf##将默认发布文件改为先读取westos.html,index.html备用
163 <IfModule dir_module>
164 DirectoryIndex westos.html index.html ##写在前面的先读
165 </IfModule>
2)修改默认发布目录
[[email protected] ~]# vim /etc/httpd/conf/httpd.conf ##将默认发布目录改为/westos/www/test,给授权允许任何人访问
119 #DocumentRoot "/var/www/html"
120 DocumentRoot "/westos/www/test"
121 <Directory "/westos/www/test">
122 Require all granted
123 </Directory>
测试————在浏览器搜索172.25.254.234/westos.html
[[email protected] ~]# vim /etc/httpd/conf/httpd.conf ##设置/var/www/html为默认
119 DocumentRoot "/var/www/html"
120 #DocumentRoot "/westos/www/test"
[[email protected] ~]# vim /etc/httpd/conf/httpd.conf
[[email protected] ~]# systemctl restart httpd
测试————在浏览器搜索172.25.254.234
[[email protected]riadb ~]# cd /var/www/html/
[[email protected] html]# ls
index.html mysqladmin
[[email protected] html]# mkdir admin
[[email protected] html]# cd admin/
[[email protected] admin]# vim index.html
<h1>admin's page</h1>
测试————在浏览器搜索172.25.254.234/admin
3)apache的访问控制
[[email protected] ~]# vim /etc/httpd/conf/httpd.conf
119 DocumentRoot "/var/www/html"
124 <Directory "/var/www/html/admin"> ##只允许66主机访问admin目录
125 Order Deny,Allow
126 Allow from 172.25.254.66
127 Deny from All
128 </Directory>
测试————在66主机浏览器搜索172.25.254.234/admin
测试————在234主机浏览器搜索172.25.254.234/admin
[[email protected] ~]# vim /etc/httpd/conf/httpd.conf ##允许所有人访问admin但拒绝66主机
119 DocumentRoot "/var/www/html"
124 <Directory "/var/www/html/admin">
125 Order Allow,Deny ##allow,deny 哪个在前先读哪个
126 Allow from All
127 Deny from 172.25.254.66
128 </Directory>
测试————在66主机浏览器搜索172.25.254.234/admin
测试————在234主机浏览器搜索172.25.254.234/admin
4)设定用户的访问
[[email protected] httpd]# htpasswd -cm /etc/httpd/accessuser admin ##设置用户密码
[[email protected] httpd]# htpasswd -m /etc/httpd/accessuser tom
[[email protected] httpd]# cat /etc/httpd/accessuser ##查看生成的密码,加密性
[[email protected] httpd]# vim /etc/httpd/conf/httpd.conf
124 <Directory "/var/www/html/admin">
125 AuthUserfile /etc/httpd/accessuser ##用户认证文件
126 AuthName "Please input your name and password !!" ##用户认证提示信息
127 AuthType basic ##认证类型
128 Require valid-user ##认证用户,valid-user表示认证文件中的所有用户都可以通过,user admin 表示只允许认证文件中的admin用户通过认证访问
129 </Directory>
[[email protected] httpd]# systemctl restart httpd.service
测试————在66主机浏览器搜索172.25.254.234/admin
4.apache的语言支持——————php html cgi
1)html语言默认支持
2)php语言
[[email protected] html]# yum install php -y
[[email protected] html]# vim index.php
<?php
phpinfo();
?>
[[email protected] html]# systemctl restart httpd
测试————在66主机浏览器搜索172.25.254.234/index.php
4)cgi语言
[[email protected] html]# yum install httpd-manual.noarch -y
[[email protected] html]# systemctl restart httpd.service
浏览器查看 http://172.25.254.234/manual/
点击进入 .htaccess files
点击进入http://172.25.254.234/manual/howto/cgi.html
[[email protected] ~]# mkdir /var/www/html/cgi
[[email protected] html]# cd /var/www/html/cgi
[[email protected] cgi]# ls
[[email protected] cgi]# vim index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;
Content-type: text/html
Mon May 15 20:59:18 EDT 2017
[[email protected] cgi]# vim /etc/httpd/conf/httpd.conf
130 <Directory "/var/www/html/cgi">
131 Options +ExecCGI
132 AddHandler cgi-script .cgi
133 </Directory>
测试浏览器输入172.25.254.234/cgi/index.cgi(查看是否调用date函数)
#####apache的虚拟主机########
1.定义
可以让我们的一台apache服务器在被访问不同域名的时候显示不同的主页
2.建立测试页
[[email protected] www]# mkdir virtual
[[email protected] www]# ls
cgi-bin html virtual
[[email protected] www]# mkdir virtual/news.westos.com -p ##建立两个不同的测试页
[[email protected] www]# mkdir virtual/money.westos.com -p
[[email protected] www]# mkdir virtual/news.westos.com/html -p
[[email protected] www]# mkdir virtual/money.westos.com/html -p
[[email protected] www]# echo "<h1>money.westos.com's page</h1>" >virtual/money.westos.com/html/index.html ##默认发布文件中写入页面显示内容
[[email protected] www]# echo "<h1>news.westos.com's page</h1>" >virtual/news.westos.com/html/index.html
[[email protected] conf.d]# vim default.conf
<Virtualhost _default_:80> ##虚拟主机开启的端口,默认端口为80
DocumentRoot "/var/www/html" ##虚拟主机的默认发布目录
CustomLog "logs/default.log" combined ##虚拟主机日志
</Virtualhost>
[[email protected]adb conf.d]# vim news.conf ##指定域名news.westos.com的访问到指定默认发布目录中
<Virtualhost *:80>
ServerName "news.westos.com"
DocumentRoot "/var/www/virtual/news.westos.com/html"
CustomLog "logs/news.log" combined
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html"> ##默认发布目录的访问授权
Require all granted
</Directory>
[[email protected] conf.d]# vim money.conf
<Virtualhost *:80>
ServerName "money.westos.com"
DocumentRoot "/var/www/virtual/money.westos.com/html"
CustomLog "logs/money.log" combined
</Virtualhost>
<Directory "/var/www/virtual/money.westos.com/html">
Require all granted
</Directory>
[[email protected] conf.d]# systemctl restart httpd
4.测试
在浏览器主机中
vim /etc/hosts
172.25.254.234 www.westos.com news.westos.com money.westos.com
浏览器输入www.westos.com news.westos.com money.westos.com 进行测试显示不同的网页
####https####
1.https定义
当http运行在安全接层(SSL)之上,http被称为https,https可以提供保密性,客户和服务器鉴别以及数据完整性
2.配置
[[email protected] ~]# yum install mod_ssl.x86_64 crypto-utils.x86_64 -y
[[email protected] ~]# genkey www.westos.com ##加密,获取保密密码
/usr/bin/keyutil -c makecert -g 1024 -s "CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN" -v 1 -a -z /etc/pki/tls/.rand.6410 -o /etc/pki/tls/certs/www.westos.com.crt -k /etc/pki/tls/private/www.westos.com.key
cmdstr: makecert
cmd_CreateNewCert
command: makecert
keysize = 1024 bits
subject = CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN
valid for 1 months
random seed from /etc/pki/tls/.rand.6410
output will be written to /etc/pki/tls/certs/www.westos.com.crt
output key written to /etc/pki/tls/private/www.westos.com.key
Generating key. This may take a few moments...
Made a key
Opened tmprequest for writing
/usr/bin/keyutil Copying the cert pointer
Created a certificate
Wrote 882 bytes of encoded data to /etc/pki/tls/private/www.westos.com.key
Wrote the key to:
/etc/pki/tls/private/www.westos.com.key ##密码位置
[[email protected] ~]# cd /etc/httpd/conf.d/
[[email protected] conf.d]# ls
autoindex.conf manual.conf news.conf README userdir.conf
default.conf money.conf php.conf ssl.conf welcome.conf
[[email protected] conf.d]# cp money.conf login.conf
[[email protected] conf.d]# vim login.conf
<Virtualhost *:443>
ServerName "login.westos.com" ##指定域名
DocumentRoot "/var/www/virtual/login.westos.com/html" ##指向默认配置文件
CustomLog "logs/login.log" combined ##日志存放位置
SSLEngine on ##开启https功能
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##证书
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key ##**
</virtualhost>
<Directory "/var/www/virtual/login.westos.com/html"> ##授权
Require all granted
</Directory>
<Virtualhost *:80> ##网页重写实现自动访问https
ServerName login.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</virtualhost>
##^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
#^(/.*)$ 客户主机在地址栏写入的所有字符,不包括换行符
#https:// 定义生成的访问协议
#%{HTTP_HOST} 客户请求主机
#$1 $1的值就表示^(/.*)$的值
[[email protected] conf.d]# mkdir /var/www/virtual/login.westos.com/html -p ##生成目录
[[email protected] conf.d]# vim /var/www/virtual/login.westos.com/html/index.html ##写入浏览器要显示的内容
<h1>login.westos.com's page</h1>
[[email protected] conf.d]# systemctl restart httpd.service
测试
1.在浏览器主机解析
vim /etc/hosts
172.25.254.234 www.westos.com news.westos.com money.westos.com login.westos.com
2.访问http://login.westos.com ,根据提示下载证书
完成后会自动挑转到 https://login.westos.com 实现网页数据加密传输