Apache Advanced Configuration

This article mainly introduces about the Apache Advanced Configuration, has a certain reference value, now share to everyone, the need for friends can refer to

First, installation

• Yum Install Httpd-y # #安装

• Firewall-cmd--permanent--add-service=http # #防火墙配置

• Systemctl Restart Firewalld # #重启防火墙

Second, the configuration file/etc/httpd/conf/httpd.conf

During the experiment, we should pay attention to the consistency of the security context

DocumentRoot "/var/www/html" # #默认发布目录

DirectoryIndex index.html # #默认发布文件

Open by default

Change the default publishing directory to/var/www/

Change the default publish file to text

Edit file text write on content

The default open file changes to the text we set

Third, the virtual host

• Usually a parent domain is made up of many subdomains, each subdomain is different, so when you access each subdomain, you should access the files of the subdomain, so the virtual host allows you to service multiple sites from one httpd server at a time. In this section, we'll look at the name-based virtual host where multiple host names point to the same IP address, but the Web server provides different sites with different content based on the host name used to reach the site

After you restore the changes in the previous step.

Create directories, and publish directories for different subdomains.

Configure/etc/hosts

Editing an HTTP configuration file

Default.conf

Music.conf

News.conf

Restarting the service, accessing different domain names, will access different files.

-------------------------------------------------

-------------------------------------------------

--------------------------------------------

------------------------------------------------

Iv. Identity Verification

Setting 172.25.254.11 does not allow access

Read Allow, Deny,deny will overwrite some allow permissions

Effect

---------------------------------------------------

2. Virtual User Access Control

1, create the user in the/etc/httpd/directory, generate user files.

You can see that there are two users of the file.

2. Configure HTTPD configuration file, associate user files,

Require user Lee only allows Lee users to log in.

Test

User lee can log in normally, and the haha user is not logged on.

-----------------------------------------------

Five, Https

• Automatic encryption of data on HTTPS access for secure network data transmission

• For HTTPS access, you need to install Mod_ssl
  

Yum Install Mod_ssl

• The configuration directory automatically generates the SSL.CONF configuration file at this time
  

• The website certificate is not trustworthy when visiting.

• Generate the certificate.

• First install the software crypto-utils.x86_64

• Yum Install crypto-utils.x86_64

• Certificate making

Tell us the path generated

And then it's secret history how many bits, choose the fast 1024 bit

Then there is the process of generation, which may take a while.

It's the next step when it's finished. Whether to send to CA authentication, select No.

Whether to encrypt the private key, next.

Fill in the information, Next, OK

• Two files generated

/etc/pki/tls/certs/www.westos.com.crt
/etc/pki/tls/private/www.westos.com.key

Configure ssl.conf

Add a certificate to the website, point to add execption

Point get certificate, then point confirm security exception

OK, the website certificate is what we just generated.

VI. HTTPS address Translation

1. Configuring the HTTP configuration file for/etc/httpd/conf.d/login.conf

Establish/var/www/html/login to establish a default publishing file /var/www/html/login/index.html

Modify/etc/hosts

Then restart the service, give the webpage login.westos.com just the certificate,

Then login http://login.westos.com will automatically jump to the https://login.westos.com page.

--------------------------------------------------

Seven, proxy server Squid

• Forward Proxy

• Yum Install Squid

• Vim/etc/squid/squid.conf

Then the other host can set up the agent for Squid server ip:3128 port, to go through the Squid server online, generally used to turn over the wall.

• Reverse proxy, (equivalent to proxy Apache server)

• Configure/etc/squid/squid.conf

• Note To configure the firewall to pass the HTTP service

The 172.25.254.111 browser then accesses the Squid server address and gets the content posted on Apache's 172.25.254.11.

----------------------------------------------------------------------

Viii. Building a forum

• Install PHP, mod_ssl, HTTP, Php-mysql, Mariadb-server

• Put the forum packet in the httpd default send directory, unzip. Discuz_x3.2_sc_utf8.zip (This is my download good)
  

• chmod 777 upload/-R #添加权限
  

• Systemctl Restart Httpd.service

• Visit http://172.25.254.108/upload for Web page installation
  

Generate Upload folder after decompression

Landing Page 172.25.254.11/upload

Then detect various software situations, when all by clicking Next,

Click Next

Configure MySQL information.

is installing

It can be accessed after installation.

The above is the whole content of this article, thank you for reading. Read more about topic.alibabacloud.com!