Centos7系统下httpd各种方式实现与配置

Centos 7上若yum安装httpd程序，默认的是2.4的版本，因此无法用yum 直接安装，我这里采取源码安装httpd-2.2
安装前准备

[root@xiaochen ~]# systemctl stop firewalld.service[root@xiaochen ~]# vi /etc/sysconfig/selinux[root@xiaochen ~]# setenforce 0[root@xiaochen ~]# getenforce Permissive

安装相应组件包

[root@xiaochen ~]# yum groupinstall "Development Tools" "Serverplatform Development" -y[root@xiaochen ~]# wget http://archive.apache.org/dist/httpd/httpd-2.2.32.tar.gz

编译安装

[root@xiaochen ~]# tar -zxf httpd-2.2.32.tar.gz[root@xiaochen ~]# cd httpd-2.2.32[root@xiaochen httpd-2.2.32]# ./configure --prefix=/usr/local/apache2/ --sysconfdir=/etc/httpd2 --with-mpm=worker[root@xiaochen httpd-2.2.32]# make && make install

设定环境变量与systemd

[root@xiaochen httpd-2.2.32]# cat /etc/profile.d/httpd.shexport PATH=$PATH:/usr/local/apache2/bin[root@localhost httpd-2.2.32]# ln -sv /usr/local/apache2/include /usr/include//httpd‘/usr/include//httpd’ -> ‘/usr/local/apache2/include’[root@xiaochen httpd-2.2.32]# cat /etc/man_config MANPATH /usr/local/apache2/man[root@xiaochen httpd-2.2.32]# cat /lib/systemd/system/httpd.service [Unit] ?????????Description=The httpd service ???????After=network.target ???????[Service] ???????Type=forking ???????ExecStart=/usr/local/apache2/bin/apachectl start ???????ExecReload=/bin/kill -s HUP $MAINPID ???????ExecStop=/usr/local/apache2/bin/apachectl stop ???????Restart=/usr/local/apache2/bin/apachectl restart ???????[Install] ???????WantedBy=multi-user.target

启动服务与验证

[root@localhost httpd-2.2.32]# systemctl daemon-reload[root@localhost httpd-2.2.32]# systemctl start httpd.service[root@localhost httpd-2.2.32]# ss -tanState ??????Recv-Q Send-Q ??????????????Local Address:Port ?????????????????????????????Peer Address:Port ?????????????LISTEN ?????0 ?????128 ?????????????????????????????*:22 ??????????????????????????????????????????*:* ?????????????????LISTEN ?????0 ?????100 ?????????????????????127.0.0.1:25 ??????????????????????????????????????????*:* ?????????????????ESTAB ??????0 ?????0 ???????????????????192.168.10.10:22 ???????????????????????????????192.168.10.1:57790 ?????????????LISTEN ?????0 ?????128 ????????????????????????????:::80 ?????????????????????????????????????????:::* ?????????????????LISTEN ?????0 ?????128 ????????????????????????????:::22 ?????????????????????????????????????????:::* ?????????????????LISTEN ?????0 ?????100 ???????????????????????????::1:25 ?????????????????????????????????????????:::* ?????????????????[root@localhost httpd-2.2.32]# httpd -lCompiled in modules: ?core.c ?mod_authn_file.c ?mod_authn_default.c ?mod_authz_host.c ?mod_authz_groupfile.c ?mod_authz_user.c ?mod_authz_default.c ?mod_auth_basic.c ?mod_include.c ?mod_filter.c ?mod_log_config.c ?mod_env.c ?mod_setenvif.c ?mod_version.c ?worker.c ?http_core.c ?mod_mime.c ?mod_status.c ?mod_autoindex.c ?mod_asis.c ?mod_cgid.c ?mod_negotiation.c ?mod_dir.c ?mod_actions.c ?mod_userdir.c ?mod_alias.c ?mod_so.c

按照以上方式即可实现prefork和event两种方式（默认为prefork方式）

./configure --prefix=/usr/local/apache2/ --sysconfdir=/etc/httpd --with-mpm=prefork./configure --prefix=/usr/local/apache2/ --sysconfdir=/etc/httpd --with-mpm=event

prefork: 预先创建进程，两级进程模型，父进程负责创建子进程，每个子进程响应一个用户请求
worker:父进程管理子进程，子进程通过线程响应用户请求，每线程处理一个用户请求
event:两级模型，父进程管理子进程，子进程通过event-driver机制直接响应n个请求

• 2、 ???简述request报文请求方法和状态响应码

• 请求方法（method）:
  GET:从服务器获取一个资源；
  HEAD：只从服务器获取文档的响应首部；
  POST:向服务器发送要处理的数据；
  PUT：将请求的主体部分存储在服务器上；
  DELETE：请求删除服务器上指定的文档；
  TRACE：追踪请求到达服务器中间经过的代理服务器；
  OPTIONS:请求服务器返回对指定资源支持使用的请求方法；

• Status（状态码）：
  1xx: 100-101，信息提示；
  2xx: 200-206，成功
  3xx: 300-305，重定向
  4xx: 400-415，错误类信息，客户端错误
  5xx: 500-505，服务器端错误

• 常用的状态码：
  200： 成功，请求的所有数据通过响应报文的entity-body部分发送；OK
  301： 请求的URL指向的资源的已经被删除；但在响应报文中通过首部Location指明了资源现在所处的新位置；Moved Permanently
  302: 与301相似，但在响应报文中通过Location指明资源现在所处临时新位置；Found
  304: 客户端发出了条件式请求，但服务器上的资源未曾发生改变，则通过响应此响应状态码通知客户端；Not Modified
  401: 需要输入账号和密码认证方能访问资源；Unauthorzed
  403: 请求被禁止；Forbidden
  404: 服务器无法找到客户端请求的资源；Not Found
  500: 服务器内部错误；Internal Server Error
  502: 代理服务器从后端服务器收到了一条伪响应； Bad Gateway

• 3、详细描述httpd虚拟主机、站点访问控制、基于用户的访问控制、持久链接等应用配置实例

虚拟主机的实现方案：
基于IP地址
基于端口号（port）
基于主机域名（FQDN）

注意点：

1. 一般虚拟主机不要与中心主机混用，要使用虚拟主机，得先禁用“main”主机，禁用方法：注释中心主机的DocumentRoot指令即可
2. 配置VirtualHost,在httpd2.2中，NameVirtualHost这一项需启用2.2以上版本不需要

• 基于IP地址

  [root@xiaochen ~]# yum -y install httpd[root@xiaochen ~]# ip addr add 192.168.10.30/24 dev ens32[root@xiaochen ~]# ip addr add 192.168.10.31/24 dev ens32[root@xiaochen ~]# mkdir -p /var/www/html/30[root@xiaochen ~]# mkdir -p /var/www/html/31[root@xiaochen ~]# echo "hello,ip address is "192.168.10.30"" > /var/www/html/30/index.html[root@xiaochen ~]# echo "hello,ip address is "192.168.10.31"" > /var/www/html/31/index.html[root@xiaochen ~]# vi /etc/httpd/conf.d/virtualhost.conf <VirtualHost 192.168.10.30:80>DocumentRoot "/var/www/html/30"ServerName www.magedu30.com<Directory "/var/www/html/30">AllowOverride NoneRequire all granted</Directory></VirtualHost><VirtualHost 192.168.10.31:80>DocumentRoot "/var/www/html/31"ServerName www.magedu31.com<Directory "/var/www/html/31">AllowOverride NoneRequire all granted</Directory></VirtualHost>[root@xiaochen ~]# httpd -tSyntax OK[root@xiaochen ~]# systemctl restart httpd.service#最后测试结果root@xiaochen ~]# curl 192.168.10.30hello,ip address is 192.168.10.30[root@xiaochen ~]# curl 192.168.10.31hello,ip address is 192.168.10.31

• 基于端口号：

  [root@xiaochen ~]# mkdir -p /var/www/html/80[root@xiaochen ~]# mkdir -p /var/www/html/10080[root@xiaochen ~]# echo "hi,the ip port is ‘80‘" >/var/www/html/80/index.html[root@xiaochen ~]# echo "hi,the ip port is ‘10080‘" >/var/www/html/10080/index.html[root@xiaochen ~]# vi /etc/httpd/conf.d/test1.conf<VirtualHost 192.168.10.10:80> ???ServerName www.magedu10.com ???DocumentRoot "/var/www/html/80" ???<Directory "/var/www/html/80"> ????????????Options None ????????????AllowOverride None ????????????Require all granted ????</Directory> ????CustomLog "logs/test1_access_log" ?combined</VirtualHost>[root@xiaochen ~]# vi /etc/httpd/conf.d/test2.conf Listen 10080<VirtualHost 192.168.10.10:10080> ???ServerName www.test2.com ???DocumentRoot "/var/www/html/10080" ???<Directory "/var/www/html/10080"> ??????????Options None ??????????AllowOverride None ??????????Require all granted ???</Directory> ???CustomLog "Logs/test2_access_log" ?combined</VirtualHost>root@xiaochen ~]# httpd -tSyntax OK[root@xiaochen ~]# systemctl restart httpd#最后验证结果：[root@xiaochen ~]# curl 192.168.10.10:80hi,the ip port is ‘80‘[root@xiaochen ~]# curl 192.168.10.10:8080hi,the ip port is ‘10080‘

• 基于主机域名

  [root@xiaochen ~]# mkdir -p /var/www/html/ilinux[root@xiaochen ~]# mkdir -p /var/www/html/iunix[root@xiaochen ~]# echo "domain name is ‘www.ilinux.com‘" >/var/www/html/ilinux/index.html[root@xiaochen ~]# echo "domain name is ‘www.iunix.com‘" >/var/www/html/iunix/index.html[root@xiaochen ~]# vi /etc/httpd/conf.d/virtualhost.conf <VirtualHost 192.168.10.10:80>DocumentRoot "/var/www/html/ilinux"ServerName www.ilinux.com<Directory "</var/www/html/ilinux">AllowOverride NoneRequire all granted</Directory></VirtualHost><VirtualHost 192.168.10.10:80>DocumentRoot "/var/www/html/iunix"ServerName www.iunix.com<Directory "/var/www/html/iunix">AllowOverride NoneRequire all granted</Directory></VirtualHost>[root@xiaochen ~]# cat /etc/hosts127.0.0.1 ??localhost localhost.localdomain localhost4 localhost4.localdomain4::1 ????????localhost localhost.localdomain localhost6 localhost6.localdomain6192.168.10.10 www.ilinux.com www.iunix.com[root@xiaochen ~]# httpd -tSyntax OK[root@xiaochen ~]# systemctl restart httpd#最后测试结果：[root@xiaochen ~]# curl www.ilinux.comdomain name is ‘www.ilinux.com‘[root@xiaochen ~]# curl www.iunix.comdomain name is ‘www.iunix.com‘

• 站点访问控制
  禁止192.168.10.20访问

  [root@xiaochen ~]# cat /etc/httpd/conf.d/deny.conf <VirtualHost 192.168.10.10:80> ???ServerName www.ilinux.com ???DocumentRoot "/var/www/html" ???<Directory "/var/www/html"> ??????????<Requireall> ??????????????????Require all granted ??????????????????Require not ip 192.168.10.20 ??????????</Requireall> ????</Directory></VirtualHost>

• 基于用户的访问控制

  [root@xiaochen ~]# htpasswd -c /tmp/test.users tomNew password: Re-type new password: Adding password for user tom[root@xiaochen ~]# htpasswd -m /tmp/test.users jerryNew password: Re-type new password: Adding password for user jerry[root@xiaochen ~]# htpasswd -m /tmp/test.users xiaochenNew password: Re-type new password: Adding password for user xiaochen[root@xiaochen ~]# mv /tmp/test.users /etc/httpd/conf.d/.htpasswd[root@xiaochen ~]# mkdir -p /var/www/html/testusers[root@xiaochen ~]# echo "Testusers Area" > /var/www/html/testusers/index.html[root@xiaochen ~]# cat /etc/httpd/conf.d/testusers.conf <Directory "/var/www/html/testusers"> ???Options None ???AllowOverride None ???AuthType basic ???AuthName "Test Area,pls enter your username and password" ???AuthUserFile "/etc/httpd/conf.d/.htpasswd" ???Require user tom jerry obama</Directory>[root@xiaochen ~]# cat /etc/httpd/conf.d/virtualhost.conf <VirtualHost 192.168.10.10:80>DocumentRoot "/var/www/html/testusers"ServerName www.ilinux.com<Directory "</var/www/html/testusers">AllowOverride NoneRequire all granted</Directory></VirtualHost><VirtualHost 192.168.10.10:80>DocumentRoot "/var/www/html/testusers"ServerName www.iunix.com<Directory "/var/www/html/testusers">AllowOverride NoneRequire all granted</Directory></VirtualHost>[root@xiaochen ~]# httpd -tSyntax OK [root@xiaochen ~]# systemctl restart httpd

  最后测试：
  

• 持久链接
  持久链接是建立链接后持续获取资源不断开，一直响应到把需要获取的资源都成功获取了以后才终止链接

  #创建模块化文件[root@xiaochen ~]# cat /etc/httpd/conf.d/keepalive.conf KeepAlive OnKeepAliveTimeout 35MaxKeepAliveRequests 100[root@xiaochen ~]# httpd -tSyntax OK[root@xiaochen ~]# systemctl restart httpd

Centos7系统下httpd各种方式实现与配置

原文地址：http://blog.51cto.com/13929964/2318367