First, Apache
Commonly used Web services in the enterprise to provide HTTP//(Hypertext Transfer Protocol)
II. installation and deployment of Apache
Yum Install Httpd-y
Yum Install Httpd-manual
Systemctl Start httpd
Systemctl Enable httpd
diagram: Installing httpd
650) this.width=650; "Src=" Https://s3.51cto.com/oss/201711/21/390a7dbdcc3004a10dc45b04d35ec516.png-wh_500x0-wm_3 -wmp_4-s_2911428301.png "title=" screenshot from 2017-11-19 21-58-43.png "alt=" 390a7dbdcc3004a10dc45b04d35ec516.png-wh_ "/>
diagram: Installing Httpd-manual
650) this.width=650; "Src=" Https://s1.51cto.com/oss/201711/21/c1645cf7b8f40efb6062679febd9386d.png-wh_500x0-wm_3 -wmp_4-s_3450849954.png "title=" screenshot from 2017-11-19 21-59-22.png "alt=" C1645cf7b8f40efb6062679febd9386d.png-wh_ "/>
diagram: Turn on load httpd
650) this.width=650; "Src=" Https://s4.51cto.com/oss/201711/21/988307baaef1ea04282d74a42b955ef3.png-wh_500x0-wm_3 -wmp_4-s_1757750438.png "title=" screenshot from 2017-11-19 22-03-20.png "alt=" 988307baaef1ea04282d74a42b955ef3.png-wh_ "/>
Test http://172.25.254.121
Http://172.25.254.121/manual
diagram: Access Test
650) this.width=650; "Src=" Https://s3.51cto.com/oss/201711/21/9ffe152e407551d57b1f78261170147c.png-wh_500x0-wm_3 -wmp_4-s_2888741024.png "title=" screenshot from 2017-11-19 22-28-29.png "alt=" 9ffe152e407551d57b1f78261170147c.png-wh_ "/>
diagram: Access Test man
Iii. Basic information of Apache
Master Configuration Directory:/etc/httpd/conf
Master configuration file:/etc/httpd/conf/httpd.conf
sub-configuration directory:/ETC/HTTPD/CONF.D
Child configuration file:/etc/httpd/conf.d/*.conf
Default Publishing Directory:/var/www/html
Default Publish File:/index.html
Default Port: 80
Default security Context: httpd_sys_content_t
program opens Default User: Apache
Apache Log:/etc/httpd/logs/*
View Ports
Ss-anutlpe | grep httpd
diagram: Port
650) this.width=650; "Src=" Https://s2.51cto.com/oss/201711/21/96b7702c277773eb5e400e114101571a.png-wh_500x0-wm_3 -wmp_4-s_2734458378.png "title=" screenshot from 2017-11-19 22-38-26.png "alt=" 96b7702c277773eb5e400e114101571a.png-wh_ "/>
Modify the default port
Vim/etc/httpd/conf/httpd.conf
Linsten 8080 Modify the default port to 8080
diagram: Modifying a configuration file
650) this.width=650; "Src=" Https://s4.51cto.com/oss/201711/21/c9c23cdb913bb4a662a4189c3ff169ad.png-wh_500x0-wm_3 -wmp_4-s_2553650759.png "title=" screenshot from 2017-11-19 22-43-41.png "alt=" C9c23cdb913bb4a662a4189c3ff169ad.png-wh_ "/>
To modify the default distribution file:
The default publish file is the file that is accessed by default when you visit Apache without specifying a file name
This file can be specified in multiple, accessible order
Vim/etc/httpd/conf/httpd.conf
164 DirectoryIndex index.html test.html access index.html when test.html is not present
diagram: Modifying a configuration file
650) this.width=650; "Src=" Https://s4.51cto.com/oss/201711/21/b7e1af9190b09ae7701a234cbc2c9e5d.png-wh_500x0-wm_3 -wmp_4-s_1794687150.png "title=" screenshot from 2017-11-19 22-45-38.png "alt=" B7e1af9190b09ae7701a234cbc2c9e5d.png-wh_ "/>
Modify the default publishing directory
Vim/etc/httpd/conf/httpd.conf
121 <directory "/www" >
122 Require All granted
123 <Directory>
diagram: Modifying a configuration file
650) this.width=650; "Src=" Https://s3.51cto.com/oss/201711/21/324b6ced572aaefd993c6bf00ce2043f.png-wh_500x0-wm_3 -wmp_4-s_3809680934.png "title=" screenshot from 2017-11-19 22-50-28.png "alt=" 324b6ced572aaefd993c6bf00ce2043f.png-wh_ "/>
[Email protected] ~]# >/var/log/messages
[Email protected] ~]# ls-zd/www/
Drwxr-xr-x. Root root unconfined_u:object_r:default_t:s0/www/
[Email protected] ~]# storecon-rvvf/www/
Four, Apache virtual host
Vim/etc/httpd/conf.d/adefault.conf
<virtualhost _default_:80>
DocumentRoot "/var/www/html"
Customlog "Logs/www.westos.com.log" combined
</VirtualHost>
Vim/etc/httpd/conf.d/linux.conf
<virtualhost *:80>
ServerName linux.westos.com# #指定站点名称
DocumentRoot "/var/www/virtual/linux.westos.com/html"# #站点默认发布目录
Customlog "Logs/linux.westos.com.logs" combined# #站点日 Log combined represents a collection of four types of logs
</VirtualHost>
<directory "/var/www/virtual/linux.westos.com/html" >
Require all granted
</Directory>
Vim/etc/httpd/conf.d/c.conf
<virtualhost *:80>
DocumentRoot "/var/www/html"
Customlog "Logs/www.westos.com.log" combined
</VirtualHost>
<directory "/var/www/html/test" >
Order Deny,allow
Allow from 172.25.254.60
Deny from all
</Directory>
Test:
Do local parsing in test host
Vim/etc/hosts
172.25.254.100 c.westos.com
diagram: Test
650) this.width=650; "Src=" Https://s3.51cto.com/oss/201711/21/363d5d3171bcc35e3deec0fdea551949.png-wh_500x0-wm_3 -wmp_4-s_669871886.png "title=" screenshot from 2017-11-19 23-40-19.png "alt=" 363d5d3171bcc35e3deec0fdea551949.png-wh_ "/>
Five, Apache internal access control
1. Settings for access to the host
Touch/var/www/html/test
Vim/etc/httpd/conf.d/adefault.conf
<directory "/var/www/html/test" >
Order Deny,allow# #列表读取顺序, after reading the list will overwrite the repeating part of the content
Allow from 172.25.254.60
Deny from all
</Directory>
2. User-mode access control
cd/etc/httpd/conf.d/
Mkdir/var/www/html/admin
Vim/var/www/html/admin/index.html
Htpasswd-cm/etc/httpd/userpass Admin
Htpasswd-m/etc/httpd/userpass Admin1
diagram: Create a new encrypted user, the first user needs to add "-C"
650) this.width=650; "Src=" Https://s2.51cto.com/oss/201711/21/81baf86a9f1e6b2eb01201a91313ae23.png-wh_500x0-wm_3 -wmp_4-s_831534997.png "title=" screenshot from 2017-11-20 15-28-43.png "alt=" 81baf86a9f1e6b2eb01201a91313ae23.png-wh_ "/>
Vim/etc/httpd/conf.d/adefault.conf
<directory "/var/www/html/admin" >
Authuserfile/etc/httpd/userpass
AuthName "Please input your Nameand password"
AuthType Basic
#Require User admin# #只允许admin用户登陆
Require Valid-user# #允许所有用户登陆
</Directory>
Systemctl Restart Httpd.service
diagram: adefault.conf content
650) this.width=650; "Src=" Https://s3.51cto.com/oss/201711/21/96f3d1ee1bb05b0e7f0f9a87713c3674.png-wh_500x0-wm_3 -wmp_4-s_38211613.png "title=" screenshot from 2017-11-20 15-36-18.png "alt=" 96f3d1ee1bb05b0e7f0f9a87713c3674.png-wh _ "/>
Vi. languages supported by Apeche
1.html # #系统默认支持
2.php
vim/var/www/html/index.php
<?php
Phpinfo ();
?>
Yum Install Php-y
Systemctl Restart httpd
diagram: Install PHP
650) this.width=650; "Src=" Https://s4.51cto.com/oss/201711/21/244fd6a1c5f953ed67ba6639754fac60.png-wh_500x0-wm_3 -wmp_4-s_1160848066.png "title=" screenshot from 2017-11-20 15-51-21.png "alt=" 244fd6a1c5f953ed67ba6639754fac60.png-wh_ "/>
test: (Make sure 100 host firewall is off)
http://172.25.254.100/index.php
diagram: Test results
650) this.width=650; "Src=" Https://s4.51cto.com/oss/201711/21/bc85c0ddbf1b19fb66e4a27336e877a2.png-wh_500x0-wm_3 -wmp_4-s_2303380010.png "title=" screenshot from 2017-11-20 15-56-36.png "alt=" Bc85c0ddbf1b19fb66e4a27336e877a2.png-wh_ "/>
3.cgi
Mkdir/var/www/html/cgi-p
Semanage fcontext-a-T httpd_sys_script_exec_t '/var/www/html/cgi (/.*)? '
restorecon-rvvf/var/www/html/cgi/
vim/var/www/html/cgi/index.cgi
#!/usr/bin/perl
print "content-type:text/html\n\n";
print ' Date ';
chmod +x/var/www/html/cgi/index.cgi# #添加可执行权限
/var/www/html/cgi/index.cgi# #执行脚本确定正确
diagram: script is running correctly
650) this.width=650; "Src=" Https://s2.51cto.com/oss/201711/21/221f21d04079afcdda08e58b4fe4726d.png-wh_500x0-wm_3 -wmp_4-s_4153838258.png "title=" screenshot from 2017-11-20 16-07-05.png "alt=" 221f21d04079afcdda08e58b4fe4726d.png-wh_ "/>
Vim/etc/httpd/conf.d/adefault.conf
<directory "/var/www/html/cgi" >
Options +execcgi
AddHandler Cgi-script. CGI
</Directory>
diagram: script content
650) this.width=650; "Src=" Https://s1.51cto.com/oss/201711/21/2b55c9e47df0aee3849892cddc595e24.png-wh_500x0-wm_3 -wmp_4-s_2314135874.png "title=" screenshot from 2017-11-20 19-36-49.png "alt=" 2b55c9e47df0aee3849892cddc595e24.png-wh_ "/>
vii. setting up an HTTPS virtual host and setting up a Web page rewrite
1. Installation
Yum Install Mod_ssl
Yum Install Crypto-utils-y
2. Configuration
Genkey www.westos.com
diagram: Operation process
650) this.width=650; "Src=" Https://s2.51cto.com/oss/201711/21/ea538f3afd316e9d0d6472d1e0600762.png-wh_500x0-wm_3 -wmp_4-s_757802928.png "style=" Float:none; "title=" screenshot from 2017-11-20 23-32-47.png "alt=" Ea538f3afd316e9d0d6472d1e0600762.png-wh_ "/>
650) this.width=650; "Src=" Https://s2.51cto.com/oss/201711/21/9730414b493b1c7d7c91cb210f9bbc63.png-wh_500x0-wm_3 -wmp_4-s_1308879805.png "style=" Float:none; "title=" screenshot from 2017-11-20 23-33-06.png "alt=" 9730414b493b1c7d7c91cb210f9bbc63.png-wh_ "/>
650) this.width=650; "Src=" Https://s2.51cto.com/oss/201711/21/bffe6c74db1b491ae4309e0851da4722.png-wh_500x0-wm_3 -wmp_4-s_3644417688.png "style=" Float:none; "title=" screenshot from 2017-11-20 23-37-16.png "alt=" Bffe6c74db1b491ae4309e0851da4722.png-wh_ "/>
Vim/etc/httpd/conf.d/ssl.conf
101 SSLCERTIFICATEFILE/ETC/PKI/TLS/CERTS/WWW.WESTOS.COM.CRT# #生成的证书
108 Sslcertificatekeyfile/etc/pki/tls/private/www.westos.com.key# #生成的钥匙
Vim/etc/httpd/conf.d/login.conf
1 <virtualhost *:443>
2 ServerName login.westos.com
3 documentroot/var/www/html/virtual/login.westos.com/html
4 Customlog "Logs/login.logs" combined
5 Sslengine on# #开始https功能
6 SSLCERTIFICATEFILE/ETC/PKI/TLS/CERTS/WWW.WESTOS.COM.CRT# #证书
7 Sslcertificatekeyfile/etc/pki/tls/private/www.westos.com.key# #钥匙
8 </VirtualHost>
9 <directory "/var/www/html/virtual/login.westos.com/html" ># #给默认发布目录授权访问
Ten Require all granted
</Directory>
<virtualhost *:80># #网页重写实现自动访问https
ServerName login.westos.com
Rewriteengine on
Rewriterule ^ (/.*) $ https://%{http_host}$1 [redirect=301]
</VirtualHost>
Rewrite rules
^(/.*)$# #客户在浏览器地质栏中输入的所有字符
https://# #强制客户加密访问
%{http_host}# #客户请求主机
$# # ' $ ' represents the value of ^ (/.*) $
[redirect=301]# #临时重写 302 Permanent Conversions
diagram: script content
650) this.width=650; "Src=" Https://s2.51cto.com/oss/201711/21/731d2c461f9f4daa60068ea24ae81d08.png-wh_500x0-wm_3 -wmp_4-s_753229582.png "title=" screenshot from 2017-11-21 13-09-39.png "alt=" 731d2c461f9f4daa60068ea24ae81d08.png-wh_ "/>
Test:
Add parsing on the access side
172.25.254.100 login.westos.com
Access http://login.westos.com will automatically switch to https://login.westos.com for encrypted transmission of web data
Illustration: Obtaining a certificate
650) this.width=650; "Src=" Https://s5.51cto.com/oss/201711/21/42a9755a9ad30c6472a0538db0e13de4.png-wh_500x0-wm_3 -wmp_4-s_112715441.png "title=" 20170517172432741.png "alt=" 42a9755a9ad30c6472a0538db0e13de4.png-wh_ "/>
650) this.width=650; "Src=" Https://s3.51cto.com/oss/201711/21/b5a2504d5225c090b359c87c00bdc5da.png-wh_500x0-wm_3 -wmp_4-s_793150108.png "title=" 20170517172437571.png "alt=" B5a2504d5225c090b359c87c00bdc5da.png-wh_ "/>
650) this.width=650; "Src=" Https://s1.51cto.com/oss/201711/21/1743584568a5f4218d62de86a551c250.png-wh_500x0-wm_3 -wmp_4-s_399581121.png "title=" 20170517172442226.png "alt=" 1743584568a5f4218d62de86a551c250.png-wh_ "/>650) this.width=650; "Src=" https://s3.51cto.com/oss/201711/21/53097952e132669b96db25289bf5b59c.png-wh_500x0-wm_3-wmp _4-s_221277188.png "title=" 20170517172517572.png "alt=" 53097952e132669b96db25289bf5b59c.png-wh_ "/>
# #end # #
This article is from the "13342594" blog, please be sure to keep this source http://13352594.blog.51cto.com/13342594/1983913
Basic application of Linux--apache