linux exercise 20
apache install
yum install httpd -y
systemctl stop firewalld
systemctl disable firewalld
systemctl start httpd
systemctl enable httpd
apache的默认发布文件
index.html
apache的配置文件
/etc/httpd/conf/httpd.conf
/etc/httpd/conf.d/*.conf
apache的默认发布目录
/var/www/html/
apache的默认端口
80
2.修改默认发布文件
[[email protected] ~]# vim /etc/httpd/conf/httpd.conf ####apache 主配置文件
168 <IfModule dir_module>
169 DirectoryIndex westos.html index.html ####先看westos.html 再看 index.html
170 </IfModule>
[[email protected] ~]# vim /var/www/html/westos.html
[[email protected] ~]# systemctl restart httpd
[[email protected] ~]# cd /var/www/html/
[[email protected] html]# ls
mysqladmin westos.html
[[email protected] html]# vim index.html
[[email protected] html]# rm -fr westos.html
l
3.修改默认发布目录
----在selinux状态不为enforcing----
[[email protected] html]# getenforce
Enforcing
[[email protected] html]# setenforce 0
[[email protected] html]# getenforce
Permissive
[[email protected] html]# vim /etc/httpd/conf/httpd.conf
119 #DocumentRoot "/var/www/html"
120 DocumentRoot "/westos/www/test"
121 <Directory "/westos/www/test">
122 # Allow open access:
123 Require all granted ####允许所有权限
124 </Directory>
[[email protected] html]# mkdir /westos/www/test -p ####第归建立目录
[[email protected] html]# vim /westos/www/test/westos.html
[[email protected] html]# systemctl restart httpd
-4.------设定用户的访问-----------
[[email protected] html]# mkdir /var/www/html/admin
[[email protected] html]# cd /etc/httpd/
[[email protected] httpd]# htpasswd -cm /etc/httpd/allowuser admin ####建立认证文件并添加用户,c表示create,m表示名称
New password:
Re-type new password:
Adding password for user admin
[[email protected] httpd]# htpasswd -m /etc/httpd/allowuser user1
New password:
Re-type new password:
Adding password for user user1
[[email protected] httpd]# cat /etc/httpd/allowuser
admin:$apr1$j5Uc9V8S$Jv26ojBOWCMUuWR7C0QZq/
user1:$apr1$7dhnyHJS$iroBB/8CT42YpCNduHI/x1
[[email protected] httpd]# vim /etc/httpd/conf/httpd.conf
rectory "/var/www/html/admin"> ####对admin目录的具体修改
AuthUserFile /etc/httpd/allowuser ####用户认证文件
AuthName "Please input your name and your password !!!" ####认证提示
AuthType basic ####认证类型
Require valid-user ####认证用户,valid-user表示文件中的所有用户都可以认证,user admin 表示只有用户认证文件中的admin用户可以认证
</Directory>
[[email protected] httpd]# setenforce 1
[[email protected] httpd]# systemctl restart httpd
[[email protected] httpd]# cd /var/www/html/
[[email protected] html]# cd admin/
[[email protected] admin]# vim index.html ##配置默认发布文件
<h1>hello hello</h1>
[[email protected] admin]# systemctl restart httpd ##重启服务
--------apache支持的编程语言-------
1.html
默认都是html
2.php
yum install php -y
mkdir /var/www/html/php -p
vim /var/www/html/php/index.php ##编辑php默认发布文件
<?php
phpinfo();
?>
systemctl restart httpd
2.cgi
[[email protected] ~]# vim /var/www/html/cgi/index.cgi ##编辑cgi的默认发布文件
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;
[[email protected] ~]# vim /etc/httpd/conf/httpd.conf ##
127 <Directory "/var/www/html/cgi">
128 options +ExecCGI
129 AddHandler cgi-script .cgi
130 </Directory>
[[email protected] ~]# systemctl restart httpd
---------apache 虚拟主机------
1.定义
使一台服务器可以在访问不同域名的时候显示不同的页面
2.建立测试页
[[email protected] www]# mkdir virtual/money.westos.com/html -p ##建立money.westos.com的默认发布家目录
[[email protected] www]# mkdir virtual/news.westos.com/html -p ##建立news.westos.com的默认发布目录
[[email protected] www]# echo "<h1>money.westos.com's page</h1>" >virtual/money.westos.com/html/index.html ##建立money的默认发布文件
[[email protected] www]# echo "<h1>news.westos.com's page</h1>" >virtual/news.westos.com/html/index.html ##建立news的默认发布文件
3.配置
[[email protected] www]# vim /etc/httpd/conf.d/default.conf ##位指定域名的访问都访问default
<Virtualhost _default_:80> ##虚拟主机开启的端口
DocumentRoot "/var/www/html" ##虚拟主机的默认发布目录
CustomLog "logs/default.log" combined ##虚拟主机的日志记录目录
</Virtualhost>
[[email protected] www]# vim /etc/httpd/conf.d/news.conf ##指定域名news.westos.com的访问到指定默认发布目录
<Virtualhost *:80> ##*是ServerName
ServerName "news.westos.com" ##指定域名
DocumentRoot "/var/www/virtual/news.westos.com/html" ##news的指定发布目录
Customlog "logs/news.log" combined ##news的日志记录目录
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html"> ##默认发布目录的访问授权
Require all granted
</Directory>
[[email protected] www]# systemctl restart httpd
4.测试
在浏览器所在服务器
[[email protected] Desktop]# vim /etc/hosts
172.25.254.141 www.westos.com news.westos.com
[[email protected] Desktop]# systemctl restart httpd
-------------https--------------
1.定义
2.配置
[[email protected] ~]# yum install mod_ssl -y ##下载
[[email protected] ~]# yum install crypto-utils.x86_64 -y
[[email protected] ~]# cp /etc/httpd/conf.d/news.conf /etc/httpd/conf.d/login.conf
[[email protected] ~]# vim /etc/httpd/conf.d/login.conf
<Virtualhost *:443> ##用443端口
ServerName "login.westos.com"
DocumentRoot "/var/www/virtual/login.westos.com/html"
CustomLog "logs/login.log" combined
SSLEngine on ##开启https功能
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##授权证书
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key ##**
</Virtualhost>
<Directory "/var/www/virtual/login.westos.com/html"> ##默认发布目录的访问授权
Require all granted ##
</Directory>
<Virtualhost *:80> ##网页重写实现自动跳转https
ServerName login.westos.com ##需要跳转的网页域名
RewriteEngine on ##打开网页重写
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
#^(/.*)$ 表示客户主机在地址栏所输入的字符
#https:// 定向成为的访问协议https
#%{HTTP_HOST} 客户请求主机
#$1 即^(/.*)$的值
#[redirect=301] 临时重定向 302表示永久重定向
[[email protected] ~]# mkdir /var/www/virtual/login.westos.com/html -p
[[email protected] ~]# vim /var/www/virtual/login.westos.com/html/index.html ##默认发布页
<h1>hello wq</h1>
[[email protected] ~]# systemctl restart httpd ##重启服务
3.测试
在浏览器所在主机添加解析
[[email protected] Desktop]# vim /etc/hosts
172.25.254.141 www.westos.com news.westos.com login.westos.com
--------------远程访问高速缓存----------
##正向代理
1.配置
以下操作在真机中进行
[[email protected] ~]# yum install squid -y
[[email protected] ~]# systemctl start squid
[[email protected] ~]# netstat -antlpe | grep squid
tcp6 0 0 :::3128 :::* LISTEN 0 157781 15783/(squid-1)
[[email protected] ~]# vim /etc/squid/squid.conf
设定禁止被访问的网址
52 acl badurl dstdomain .baidu.com ##设定baidu的所有网站都不能被客户端访问
53 http_access deny badurl ##禁止badurl
54 http_access allow localnet ##允许本地网访问
55 http_access allow localhost ##允许本地主机访问
设定可允许通过本服务器远程访问缓存
61 http_port 3128 ##允许通过3128端口
64 cache_dir ufs /var/spool/squid 100 16 256 ##缓存的所在目录,100表示缓存所能缓存的大小是100M,16表示16个主目录,256表示256个子目录
[[email protected] ~]# systemctl restart squid ##重启服务
2.测试
以下操作在虚拟机
firefox
ping www.baidu.com
ping www.qq.com
##反向代理
[[email protected] ~]# yum install squid
[[email protected] ~]# systemctl start squid.service
[[email protected] ~]# vim /etc/squid/squid.conf
59 http_port 80 vhost vport
60 cache_peer 172.25.254.144 parent 80 0 no-query
64 cache_dir ufs /var/spool/squid 100 16 256
[[email protected] ~]# systemctl restart squid.service
[[email protected] ~]# vim /etc/squid/squid.conf
60 cache_peer 172.25.254.144 parent 80 0 no-query originserver name=web1 round-robin weight=3
61 cache_peer 172.25.254.111 parent 80 0 no-query originserver name=web2 round-robin weight=1
62 cache_peer_domain www.westos.com web1 web2
[[email protected] ~]# systemctl restart squid.service
----------binding------------
nm-connection-editor
nmcli connection add con-name bond0 ifname bond0 type bond mode active-backup ip4 172.25.254.141
nmcli connection add con-name eth0 ifname eth0 type bond-slave master bond0
watch -n 1 cat /proc/bonding/bond0