Configuration and management of apache servers in Linux (CentOS)

I. WEB server and Apache
1. web servers and URLs
2. Apache history
3. Supplement
Http://www.netcraft.com/market share of apacheserver
At the same time, it must be noted that ngnix is in a period of strong growth, and it is a great feeling of competing with apache in the world. It is really awesome ~~~
Ii. Apache server management commands
1. Command start: service httpd start/stop/restart/reload/condrestart/status/configtest/graceful/help
2. start the Script:/etc/init. d/httpd start/stop /.....
3. Set To Enable Automatic startup: ntsysv + Space key
Iii. Apache server directories and files
1. WEB Site Directory
/Var/www Apache site file directory
/Var/www/html store WEB files of the WEB site
/Var/www/cgi-bin CGI program file
/Var/www/html/manual Apache WEB Server manual

2. Configuration File
. Htaccess is a directory-based configuration file. The. htaccess file contains access control commands for files in its directory.
/Etc/httpd/conf/httpd. conf directory of the Apache WEB Server Configuration File

3. Start the script
/Etc/rc. d/init. d/httpd WEB server daemon Startup Script
/Etc/rc. d/rc3.d/S85httpd connect the Run-level directory (/etc/rc3.d) to the startup script in the/etc/rc. d/init. d directory.

4. Application Files
/Usr/sbin: location where Apache WEB server program files and applications are stored
/Usr/doc/put Apache WEB server document
/Var/log/http: location where Apache log files are stored
4. More commands
1. View Apache installation information: apachectl-C
2. Check the Apache Configuration File Syntax: apachectl-t
3. view the Apache compilation configuration parameters: apachectl-V
4. view the Apache compilation module: apachectl-l
5. httpd. conf configuration file
(1) Basic Configuration
The httpd. conf file contains the following three parts:
1. Global Environment Settings: the part that controls the behavior of the entire Apache server (that is, the global environment variable)
2. master server configuration: defines commands for the main or default service parameters, and provides default setting parameters for all virtual hosts.
3. VM settings: VM setting parameters
If a row cannot be written, "" indicates a line break. Except for the parameter values of the options, all option commands are case-insensitive, and "#" indicates a comment.
Now, let's learn the specific settings in httpd. conf:
1. Set the path relative to the root directory
The relative root directory is usually the place where Apache stores configuration files and log files. Normally, the relative root directory is "/etc/httpd", which generally contains the conf and logs subdirectories, in this case, you can use the "ServerRoot"/etc/httpd "format.
2. Set the IP address and port number of the Apache listener
By default, Apache listens to client requests on TCP port 80 of all available IP addresses on the local machine. You can use the Listen statement to Listen to requests at a specified address and port. For example, if you set the server to only Listen to port 80 of 192.168.0.94, you can set Listen 192.168.0.94: 80 in httpd. conf. If you want to change the port number to 8080, you can also use settings such as "Listen 192.168.0.94: 8080". However, when accessing a website through a Web browser, you must add the corresponding port number after the domain name address, for example, enter "http: // 192.168.0.94: 8080" for access. Note: the IP address of my virtual machine Linux is 192.168.0.94, And the IP address of windows is 192.168.0.225.
3. Set the network administrator's email address
When an error occurs when the client computer accesses the server, the server usually returns an error prompt page to the client computer. To facilitate the resolution of the error, the webpage usually contains an administrator email address, in this case, you can use the ServerAdmin statement to set the Administrator's email address, such as "ServerAdmin xinyuan365@sohu.com ".
4. Set the server host name
To help Apache identify the server information, you can use the ServerName statement to set the server host name. In the ServerName statement, if the server has a domain name, enter the Domain Name of the server; if there is no domain name, enter the IP address of the server. For example, "ServerName 192.168.0.94: 80 ".
5. Set the path of the Home Directory
The default path of the Apache server home directory is "/var/www/html". You can place the webpage to be published in this directory, you can also change the path of the home directory to another directory for user management and use. For example, if you want to set the Apache server's main directory path to "/home/lk/www", you can modify it in the httpd. conf file: DocumentRoot "/home/www ".
6. Set the default document
The default document is the Web page displayed by entering the IP address or domain name of the Web site in the Web browser, that is, the home page. The default document of apacheis index.html. The default document is defined by the DirectoryIndex statement. For example, in httpd. conf, you can use "DirectoryIndex index.html. var" to change the default document name of the DirectoryIndex statement to another file.
If multiple file names exist, each file name must be separated by a space. Apache searches for the specified file name in the DirectoryIndex statement in sequence based on the file name. If 1st are found, 1st are called. Otherwise, 2nd are searched and called, and so on. For example, if the "indexes index.htm" and "index. php" files are used as the default documents, you can change the httpd. conf file to "DirectoryIndex index.html index.htm index. php index.html. var ".
7. Set log files
Log files are very important for users to find system faults or analyze the running status of Web servers. At this time, there are two important settings.
(1) Error Log. The error log records errors that occur during Apache startup and runtime. When an Apache error occurs, check the log file first. Generally, the file name of the error log is error_log. You can set the location and file name of the error log file through the ErrorLog parameter. For example, "ErrorLog logs/erroe_log ". If the log file storage path does not start with "/", it indicates that the path is relative to the ServerRoot directory.
(2) access logs. The access log records all the access information of the client computer. By analyzing the access log, you can know when the client accesses the files on the website. Generally, the access log file name is access_log. You can set the location and file name of the access log file through the CustomLog parameter, for example, "CustomLog logs/access_log combined ".
In this access log settings, combined indicates the log format. You can use common or combined in this location. Among them, common refers to the common standard format widely used by Web servers, which can be recognized by many log analysis programs; combined refers to the combination of record formats, compared with common, the format of combined is basically the same, but only the reference page and browser recognition information are added.
8. Set the default Character Set
The adddefacharcharset option sets the default character set that the server returns to the client computer. Because the default Character Set of the Apache server is Western Europe (UTF-8), garbled characters occur when the client accesses the Chinese web page of the server. The solution is to change the statement "AddDefaultCharset UTF-8" to "adddefadefacharset GB2312", and then restart the Apache server, the Chinese web page can be displayed normally.
(2) Configure Directory Permissions
1. Define directory features
For each directory accessed by Apache, related services and features can be set to allow or (and) Not. (Also affect its subdirectories)
First, set the "default" address to only have the most basic permissions:
<Directory/>
Options FollowSymLinks
AllowOverride None
</Directory>
Note that special permissions must be enabled from now on, so that no unexpected results will be generated. Please confirm carefully.
For example:
<Directory "D:/www_root">
#
# This value is "None", "All", or a combination of the following: "Indexes ",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews ".
# Note that "MultiViews" must explicitly specify that --- "Options All" does not include this feature.
#
Options Indexes FollowSymLinks MultiViews
#
# This option controls which. htaccess files in the directory can be overwritten.
# Allowed values: "All" or a combination of the following items: "Options", "FileInfo ",
# "AuthConfig", "Limit"
#
AllowOverride None
#
# Control which users can obtain information from this server.
#
Order allow, deny
Allow from all
</Directory>
Note:
Allow and deny can be used in apache conf Files or. htaccess Files (with Directory, Location, Files, etc.) to control access authorization for directories and Files.
Therefore, the most common ones are:
Order Deny, Allow from All note that there is only one comma in the middle of "Deny, Allow", and there can only be one comma. Errors will occur if there are spaces. Words are case-insensitive. The meaning of the above setting is to first set "Check prohibition settings first, not all permitted", and the second sentence does not contain Deny, that is, no access prohibition settings, allow all access. This is mainly used to ensure or overwrite the settings of the upper-level directory and open access to all content.
According to the above explanation, the following settings prohibit access unconditionally:
Order Allow, Deny from All:
Order Deny, Allow Deny from ip1 ip2 or
Order Allow, Deny Allow from all Deny from ip1 ip2apache determines which rule will be used according to order. For example, in the second method above, although allow permits access, however, since allow in order is not the final rule, you still need to check whether there is any deny rule. Therefore, in the third sentence, access that complies with ip1 and ip2 is forbidden. Note that the "last" rule determined by order is very important. The following are two examples of errors and the correct method:
Order Deny, Allow from all Deny from domain.org error: If you want to disable access from domain.org, but deny is not the final rule, apache has successfully matched the second sentence when processing allow, I won't go to the third sentence at all. Solution: Order Allow, Deny. You can leave the last two sentences unchanged.
Order Allow, Deny Allow from ip1 Deny from all error: to only allow access from ip1, however, although the Allow rule is set in the second sentence, because the deny in order is after, therefore, the third deny clause prevails, and the third clause obviously contains ip1 (all include ip1). Therefore, all accesses are forbidden. Solution 1: remove the third sentence directly. Solution 2:
Order Deny, Allow Deny from all Allow from ip1 conclusion: the rule is order deny. allow indicates that the priority of deny is low while that of allow is high. order allow and deny indicate that the priority of allow is high while that of deny is high. (3) create a virtual directory. If our website is created in another directory, such as/opt/www/lk, is it not accessible in the home directory/var/www/html? Of course not.