一、apache
企业中常用的web服务,用来提供http://(超文本传输协议)
二、apache的安装部署
yum install httpd -y
yum install httpd-manual
systemctl start httpd
systemctl enable httpd
图示:安装httpd
650) this.width=650;" src="https://s3.51cto.com/oss/201711/21/390a7dbdcc3004a10dc45b04d35ec516.png-wh_500x0-wm_3-wmp_4-s_2911428301.png" title="Screenshot from 2017-11-19 21-58-43.png" alt="390a7dbdcc3004a10dc45b04d35ec516.png-wh_" />
图示:安装httpd-manual
650) this.width=650;" src="https://s1.51cto.com/oss/201711/21/c1645cf7b8f40efb6062679febd9386d.png-wh_500x0-wm_3-wmp_4-s_3450849954.png" title="Screenshot from 2017-11-19 21-59-22.png" alt="c1645cf7b8f40efb6062679febd9386d.png-wh_" />
图示:开启加载httpd
650) this.width=650;" src="https://s4.51cto.com/oss/201711/21/988307baaef1ea04282d74a42b955ef3.png-wh_500x0-wm_3-wmp_4-s_1757750438.png" title="Screenshot from 2017-11-19 22-03-20.png" alt="988307baaef1ea04282d74a42b955ef3.png-wh_" />
测试 http://172.25.254.121
http://172.25.254.121/manual
图示:访问测试
650) this.width=650;" src="https://s3.51cto.com/oss/201711/21/9ffe152e407551d57b1f78261170147c.png-wh_500x0-wm_3-wmp_4-s_2888741024.png" title="Screenshot from 2017-11-19 22-28-29.png" alt="9ffe152e407551d57b1f78261170147c.png-wh_" />
图示:访问测试man
三、apache 的基础信息
主配置目录: /etc/httpd/conf
主配置文件: /etc/httpd/conf/httpd.conf
子配置目录: /etc/httpd/conf.d
子配置文件: /etc/httpd/conf.d/*.conf
默认发布目录: /var/www/html
默认发布文件: /index.html
默认端口: 80
默认安全上下文:httpd_sys_content_t
程序开启默认用户: apache
apache日志: /etc/httpd/logs/*
查看端口
ss -anutlpe | grep httpd
图示:端口80
650) this.width=650;" src="https://s2.51cto.com/oss/201711/21/96b7702c277773eb5e400e114101571a.png-wh_500x0-wm_3-wmp_4-s_2734458378.png" title="Screenshot from 2017-11-19 22-38-26.png" alt="96b7702c277773eb5e400e114101571a.png-wh_" />
修改默认端口
vim /etc/httpd/conf/httpd.conf
43 Linsten 8080 修改默认端口为8080
图示:修改配置文件
650) this.width=650;" src="https://s4.51cto.com/oss/201711/21/c9c23cdb913bb4a662a4189c3ff169ad.png-wh_500x0-wm_3-wmp_4-s_2553650759.png" title="Screenshot from 2017-11-19 22-43-41.png" alt="c9c23cdb913bb4a662a4189c3ff169ad.png-wh_" />
修改默认分布文件:
默认发布文件就是访问apache时没有指定文件名称时默认访问的文件
这个文件可以指定多个,有访问先后顺序
vim /etc/httpd/conf/httpd.conf
164 DirectoryIndex index.html test.html 当index.html不存在时访问 test.html
图示:修改配置文件
650) this.width=650;" src="https://s4.51cto.com/oss/201711/21/b7e1af9190b09ae7701a234cbc2c9e5d.png-wh_500x0-wm_3-wmp_4-s_1794687150.png" title="Screenshot from 2017-11-19 22-45-38.png" alt="b7e1af9190b09ae7701a234cbc2c9e5d.png-wh_" />
修改默认发布目录
vim /etc/httpd/conf/httpd.conf
121 <Directory "/www">
122 Require all granted
123 <Directory>
图示:修改配置文件
650) this.width=650;" src="https://s3.51cto.com/oss/201711/21/324b6ced572aaefd993c6bf00ce2043f.png-wh_500x0-wm_3-wmp_4-s_3809680934.png" title="Screenshot from 2017-11-19 22-50-28.png" alt="324b6ced572aaefd993c6bf00ce2043f.png-wh_" />
[root@domain ~]# > /var/log/messages
[root@domain ~]# ls -Zd /www/
drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 /www/
[root@domain ~]# storecon -RvvF /www/
四、apache的虚拟主机
vim /etc/httpd/conf.d/adefault.conf
<VirtualHost _default_:80>
DocumentRoot"/var/www/html"
CustomLog "logs/www.westos.com.log"combined
</VirtualHost>
vim /etc/httpd/conf.d/linux.conf
<VirtualHost *:80>
ServerName linux.westos.com ##指定站点名称
DocumentRoot"/var/www/virtual/linux.westos.com/html" ##站点默认发布目录
CustomLog"logs/linux.westos.com.logs" combined ##站点日 志combined表示四种日志的集合
</VirtualHost>
<Directory "/var/www/virtual/linux.westos.com/html">
Require all granted
</Directory>
vim /etc/httpd/conf.d/c.conf
<VirtualHost *:80>
DocumentRoot "/var/www/html"
CustomLog "logs/www.westos.com.log"combined
</VirtualHost>
<Directory "/var/www/html/test">
Order deny,allow
Allow from 172.25.254.60
Deny from all
</Directory>
测试:
测试主机中做好本地解析
vim /etc/hosts
172.25.254.100 c.westos.com
图示:测试
650) this.width=650;" src="https://s3.51cto.com/oss/201711/21/363d5d3171bcc35e3deec0fdea551949.png-wh_500x0-wm_3-wmp_4-s_669871886.png" title="Screenshot from 2017-11-19 23-40-19.png" alt="363d5d3171bcc35e3deec0fdea551949.png-wh_" />
五、apache内部的访问控制
1.针对与主机的访问设置
touch /var/www/html/test
vim /etc/httpd/conf.d/adefault.conf
<Directory"/var/www/html/test">
Order deny,allow ##列表读取顺序,后读取的列表会覆盖限度去内容的重复部分
Allow from 172.25.254.60
Deny from all
</Directory>
2.用户方式的访问控制
cd /etc/httpd/conf.d/
mkdir /var/www/html/admin
vim /var/www/html/admin/index.html
htpasswd -cm /etc/httpd/userpass admin
htpasswd -m /etc/httpd/userpass admin1
图示:新建加密用户,建立第一个用户需要加“-c”
650) this.width=650;" src="https://s2.51cto.com/oss/201711/21/81baf86a9f1e6b2eb01201a91313ae23.png-wh_500x0-wm_3-wmp_4-s_831534997.png" title="Screenshot from 2017-11-20 15-28-43.png" alt="81baf86a9f1e6b2eb01201a91313ae23.png-wh_" />
vim /etc/httpd/conf.d/adefault.conf
<Directory "/var/www/html/admin">
AuthUserFile/etc/httpd/userpass
AuthName "Please input your nameand password"
AuthType basic
#Require user admin ##只允许admin用户登陆
Require valid-user ##允许所有用户登陆
</Directory>
systemctl restart httpd.service
图示:adefault.conf内容
650) this.width=650;" src="https://s3.51cto.com/oss/201711/21/96f3d1ee1bb05b0e7f0f9a87713c3674.png-wh_500x0-wm_3-wmp_4-s_38211613.png" title="Screenshot from 2017-11-20 15-36-18.png" alt="96f3d1ee1bb05b0e7f0f9a87713c3674.png-wh_" />
六、apeche 支持的语言
1.html ##系统默认支持
2.php
vim /var/www/html/index.php
<?php
phpinfo();
?>
yum install php -y
systemctl restart httpd
图示:安装 php
650) this.width=650;" src="https://s4.51cto.com/oss/201711/21/244fd6a1c5f953ed67ba6639754fac60.png-wh_500x0-wm_3-wmp_4-s_1160848066.png" title="Screenshot from 2017-11-20 15-51-21.png" alt="244fd6a1c5f953ed67ba6639754fac60.png-wh_" />
测试:(确保100主机防火墙关闭)
http://172.25.254.100/index.php
图示:测试结果
650) this.width=650;" src="https://s4.51cto.com/oss/201711/21/bc85c0ddbf1b19fb66e4a27336e877a2.png-wh_500x0-wm_3-wmp_4-s_2303380010.png" title="Screenshot from 2017-11-20 15-56-36.png" alt="bc85c0ddbf1b19fb66e4a27336e877a2.png-wh_" />
3.cgi
mkdir /var/www/html/cgi -p
semanage fcontext -a -t httpd_sys_script_exec_t ‘/var/www/html/cgi(/.*)?‘
restorecon -RvvF/var/www/html/cgi/
vim /var/www/html/cgi/index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;
chmod +x /var/www/html/cgi/index.cgi ##添加可执行权限
/var/www/html/cgi/index.cgi ##执行脚本确定正确
图示:脚本运行正确
650) this.width=650;" src="https://s2.51cto.com/oss/201711/21/221f21d04079afcdda08e58b4fe4726d.png-wh_500x0-wm_3-wmp_4-s_4153838258.png" title="Screenshot from 2017-11-20 16-07-05.png" alt="221f21d04079afcdda08e58b4fe4726d.png-wh_" />
vim /etc/httpd/conf.d/adefault.conf
<Directory "/var/www/html/cgi">
Options +ExecCGI
AddHandler cgi-script .cgi
</Directory>
图示:脚本内容
650) this.width=650;" src="https://s1.51cto.com/oss/201711/21/2b55c9e47df0aee3849892cddc595e24.png-wh_500x0-wm_3-wmp_4-s_2314135874.png" title="Screenshot from 2017-11-20 19-36-49.png" alt="2b55c9e47df0aee3849892cddc595e24.png-wh_" />
七、设定https虚拟主机并设定网页重写
1.安装
yum install mod_ssl
yum install crypto-utils -y
2.配置
genkey www.westos.com
图示:操作过程
650) this.width=650;" src="https://s2.51cto.com/oss/201711/21/ea538f3afd316e9d0d6472d1e0600762.png-wh_500x0-wm_3-wmp_4-s_757802928.png" style="float:none;" title="Screenshot from 2017-11-20 23-32-47.png" alt="ea538f3afd316e9d0d6472d1e0600762.png-wh_" />
650) this.width=650;" src="https://s2.51cto.com/oss/201711/21/9730414b493b1c7d7c91cb210f9bbc63.png-wh_500x0-wm_3-wmp_4-s_1308879805.png" style="float:none;" title="Screenshot from 2017-11-20 23-33-06.png" alt="9730414b493b1c7d7c91cb210f9bbc63.png-wh_" />
650) this.width=650;" src="https://s2.51cto.com/oss/201711/21/bffe6c74db1b491ae4309e0851da4722.png-wh_500x0-wm_3-wmp_4-s_3644417688.png" style="float:none;" title="Screenshot from 2017-11-20 23-37-16.png" alt="bffe6c74db1b491ae4309e0851da4722.png-wh_" />
vim /etc/httpd/conf.d/ssl.conf
101 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##生成的证书
108 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key ##生成的钥匙
vim /etc/httpd/conf.d/login.conf
1 <VirtualHost *:443>
2 ServerName login.westos.com
3 DocumentRoot /var/www/html/virtual/login.westos.com/html
4 CustomLog "logs/login.logs" combined
5 SSLEngine on ##开始https功能
6 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##证书
7 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key ##钥匙
8 </VirtualHost>
9 <Directory"/var/www/html/virtual/login.westos.com/html"> ##给默认发布目录授权访问
10 Require all granted
11 </Directory>
12 <VirtualHost *:80> ##网页重写实现自动访问https
13 ServerName login.westos.com
14 RewriteEngine on
15 RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
16 </VirtualHost>
重写规则
^(/.*)$ ##客户在浏览器地质栏中输入的所有字符
https:// ##强制客户加密访问
%{HTTP_HOST} ##客户请求主机
$1 ##‘$1’表示 ^(/.*)$ 的值
[redirect=301] ##临时重写 302永久转换
图示:脚本内容
650) this.width=650;" src="https://s2.51cto.com/oss/201711/21/731d2c461f9f4daa60068ea24ae81d08.png-wh_500x0-wm_3-wmp_4-s_753229582.png" title="Screenshot from 2017-11-21 13-09-39.png" alt="731d2c461f9f4daa60068ea24ae81d08.png-wh_" />
测试:
在访问端添加解析
172.25.254.100 login.westos.com
访问http://login.westos.com会自动调转到https://login.westos.com 实现网页数据加密传输
图示:获取证书
650) this.width=650;" src="https://s5.51cto.com/oss/201711/21/42a9755a9ad30c6472a0538db0e13de4.png-wh_500x0-wm_3-wmp_4-s_112715441.png" title="20170517172432741.png" alt="42a9755a9ad30c6472a0538db0e13de4.png-wh_" />
650) this.width=650;" src="https://s3.51cto.com/oss/201711/21/b5a2504d5225c090b359c87c00bdc5da.png-wh_500x0-wm_3-wmp_4-s_793150108.png" title="20170517172437571.png" alt="b5a2504d5225c090b359c87c00bdc5da.png-wh_" />
650) this.width=650;" src="https://s1.51cto.com/oss/201711/21/1743584568a5f4218d62de86a551c250.png-wh_500x0-wm_3-wmp_4-s_399581121.png" title="20170517172442226.png" alt="1743584568a5f4218d62de86a551c250.png-wh_" />650) this.width=650;" src="https://s3.51cto.com/oss/201711/21/53097952e132669b96db25289bf5b59c.png-wh_500x0-wm_3-wmp_4-s_221277188.png" title="20170517172517572.png" alt="53097952e132669b96db25289bf5b59c.png-wh_" />
##end##
本文出自 “13342594” 博客,请务必保留此出处http://13352594.blog.51cto.com/13342594/1983913
linux--apache的基本应用
原文地址:http://13352594.blog.51cto.com/13342594/1983913