Common ways to use Apache httpd (1)

HTTP is a network transport protocol, the Hypertext Transfer Protocol

It is called hypertext because the protocol can transmit ordinary text information and transmit non-textual information such as picture, audio, video, etc.

A connection is established using the TCP protocol's 80 port, which is a reliable stateless connection;

Generally use HTML, CSS, JS and other languages to write code;

Version Change 0.9---1.0---1.1---2.0,1.1 is currently the mainstream

URI Uniform Resource Identifier

URL Uniform Resource Locator

Traffic statistics

IP Independent IP

PV page access, which is the amount of page refreshes

UV Independent visitors, counting the number of guest terminals via cookies

The working mechanism of HTTP

HTTP request

HTTP response

Web resource A Web page is not a single resource but a set of resources

Fast access to static resources and low resource consumption

File suffixes:. jpg,. html,. txt,. js,. css,. mp3,. avi

Dynamic resource access is slow, resource consumption is much, so often combined with caching to solve

File suffix:. asp,. PHP,. jsp

Here's a complete HTTP request processing process

1. Establish a connection: The client makes an HTTP request to establish a TCP connection with the server, or succeeds or fails

2. Receive a request: The server receives a request for a resource in the client request method

3, processing requests: The server to the request message parsing, according to the request method, resources, first and other information processing

Common HTTP Request methods: GET, POST, HEAD, PUT, PUSH, OPTIONS, DELETE, TRACE

4. Access resources: Servers request static resources from the Web resource server or resources generated after the dynamic program runs

5. Build the response message: The Web resource server responds to the request, executes the response action, and returns the corresponding message. The response message contains the status code and the response body;

6, send the response message: Also on the basis of the TCP connection, the server will tell the client data is what format, with Content-type to express

Common Content-type values Text/xml, Image/jpeg, Audio/mp3

7. Record Log

HTTP described in this article is a HTTPD server program provided by Apache

Features of httpd

Highly modular: Core + modules

DSO: Supports dynamic loading/unloading

MPM: Multi-Path Processing module

MPM mainly defines the working mode of the HTTPD program runtime process.

Prefork

A main process generates n work sub-processes, each of which processes a request, and the concurrent response is N, fairly stable

Worker

A master process generates m child processes, each of which generates n threads, each processing a request, and the concurrent response is M*n

Event

Like the worker, but separate some threads to manage the thread that handles the request, passing the request to the service thread, processing the end and allowing the release.

http-2.2 This version is in beta, http-2.4 This version is a stable version

The following descriptions are common configurations on the http-2.2 version of CentOS6.9

Edit HTTPd's Master profile/etc/httpd/conf/httpd.conf

Recommended to modify the configuration file before the backup, easy to fall back, develop this habit

1. Service Version Information

Servertokens Prod Hide Apache version

Servertokens OS default settings, show Apache version, recommended to hide for security reasons

Httpd-t syntax checking for httpd configuration files

After we have modified the httpd configuration file, you can use this command to check the syntax for problems

2, modify the listening IP and port

Listen 80 default settings, listen to the 80 port of all IP in this machine, can modify according to your own needs

Can be modified to non-standard ports only when used internally, and can listen to multiple ports at the same time

3. Persistent connection

Each request is not disconnected after the resource has been fetched, but waits for the next request to complete. The default is to turn off the persistent Connect feature

KeepAlive off the default is to turn off persistent connections

KeepAliveTimeout time-out for the next request of the same client in 151 connections, in seconds

Maxkeepaliverequests the maximum number of requests that a 1001-time persistent connection can accept

Decide whether to enable persistent connections based on business requirements, and recommend that the game business turn on persistent connections

4. MIME Multi-purpose Internet Mail extension

The server scans each resource content in response to the client and determines the type of the response resource file based on its magic number and known pattern match

For example, the server response resource a.jpg is a picture, if the picture file A.jpg modified to a, then according to the MIME scan resource content to figure out the magic number can still determine the resource type is a picture

So mime is about determining file types based on resource content rather than suffixes.

5. MPM Multi-Path processing module

Httpd-l View the module currently in use, default is Prefork mode

/ETC/SYSCONFIG/HTTPD This file can modify the working mode of MPM, http-2.2 version remains the default

The following is a description of the prefork mode in the master configuration file

<ifmodule prefork.c>

Startservers 8 Number of service processes started when HTTP service is turned on

Minspareservers 5 Minimum number of processes present in idle state

Maxspareservers 20 Maximum number of processes present in idle state

Serverlimit 256 maximum number of processes

MaxClients 256 Maximum concurrent number

Maxrequestsperchild 4000 The maximum number of requests per child process that can be processed, which exceeds this value the child process is terminated by the parent process and frees the memory space

</IfModule>

Ab-c 100-n http://192,168.100.5/index.html httpd self-bringing pressure test tool

6. DSO Dynamic Sharing Module

Complete specific functions by loading specific modules, as follows

LoadModule auth_basic_module modules/mod_auth_basic.so Load authentication module, that is, HTTP can be based on this module to achieve authentication

7. Document Page Path

DocumentRoot "/var/www/html" The default site home page path, which is the root directory

When accessing http://www.a.com/test/index.html, the path to the server is/var/www/html/test/index.html

8. Define Site Main Page

DirectoryIndex index.html index.html.var Default Home page, if you can't find this file, you will get an error

9. Site access Control common mechanism

Access control can be implemented based on two mechanisms, client source address and account

Access control can be implemented based on directory, file, wildcard mode, or URL, followed by

10. Source address-based access control in <directory>

(1) Options can then be used with more than one list option

Indexes A resource list is returned when a file resource does not exist under the specified URL path, it is not recommended to use

FollowSymLinks allows access to the source file that the soft connection points to, which is enabled by default

None means deny all

All means allow all

Examples such as the following

<directory/var/www/html/aaa>

Options-indexes-followsymlinks

</directory>

+ = Enable List option

-Indicates the Disable list option

(2) allowoverride

Which directives can be placed in the. htaccess file, overwriting the previous configuration directives, as in the following example

Cat/var/www/html/aaa/.htaccess

Options indexes

#在指定目录下生成 the. htaccess file and set the options option

Cat/etc/httpd/conf.d/test.conf

<directory/var/www/html/aaa>

AllowOverride all allows the. htaccess file to overwrite all instructions here, equivalent to the options indexes

</directory>

Attention

AllowOverride none the. htaccess file is not valid

allowoverride indexes only covers indexes directives, other directives are not overwritten, i.e. the indexes here will be replaced by directives defined in the. htaccess file

(3) Order and allow, deny

order specifies the priority of allow and deny, followed by a high priority, that is, the order Allow,deny the higher the deny priority, and the order Deny,allow the Allow priority high

order specifies the order of precedence and then uses either allow or deny from to match the specific address, and if allow is coincident with deny, the priority trade-offs defined by order

Cat test.conf

<directory/var/www/html/aaa>

<files "A.html" >

Order Allow,deny deny priority higher than allow

Deny from 192.168.100.100

Allow the address defined by the 192.168 allow is coincident with the address defined by the Deny, in order of precedence defined by order

</files>

</directory>

11. Log Settings

Errorlog logs/error_log error Log

Customlog Logs/access_log Combined access log, combined define log format

Two types of log storage locations use relative paths, that is, relative serverroot "/ETC/HTTPD"

The log format is defined as follows

Logformat "%h%l%u%t \"%r\ "%>s%b \"%{referer}i\ "\"%{user-agent}i\ "" combined

%h remote host,%l remote user,%u authentication remote user,%t server receives request time,%r request message first line, contains request method,%>s status response code

%B Response message size,%{referer}i the value of the request packet header Referer, user-agent value in the request message

Common ways to use Apache httpd (1)