Erecting httpd servers

Install httpd server--rpm Install • Get packages from the Rhel system CD

[Email protected]-]# Is/media/cdrom/server | Grep httpdhttpd-2.2.3-6.el5.i386.rpmhttpd-devel-2.2.3-6.el5.i386.rpmhttpd-manual-2.2.3-6.el5.i386.rpmsystem-config-httpd-1.3.3 .1-1.el5.noarch.rpm

Main directories and files

• Service catalog:/etc/httpd/Master profile:/etc/httpd/conf/httpd.conf Web directory:/var/www/html/service script:/etc/init.d/httpd Execute Program:/usr/sbin/ httpd Access log:/var/log/httpd/access_log error log:/var/log/httpd/error_log

httpd.conf configuration file

[Email protected] ~]# vi/etc/httpd/conf/httpd.conf# This is the main Apache server configuration file ... ServerRoot "/etc/httpd" ServerName www.openlab.com          \ \ Global configuration file <directory/> </directory>         \ \ zone Configuration <location/server-status> </Location>              \ \ zone configuration

httpd.conf configuration Files • Common global configuration parameters

serverroot: Service directory serveradmin: Administrator mailbox User: Identity of the user running the service Group: Group identity of the running service ServerName: domain name of the Web server documentroot: root of the Web document · Listen: Listening IP address, port number Pidfile: Save httpd process PID number of the file directorylndex: Default index page file errorlog: Error log file location custom log: Access log file location · LogLevel: Logging level, default is warn timeout: Network connection time-out, default is 300 seconds keepalive: whether to remain connected, optional on or off maxkeepaliverequests: number of Maximum request files per connection · KeepAliveTimeout: Timeout time to remain connected include: Additional configuration files that need to be included

Logs for HTTPD services • Two types of log files

• Access logs:/var/log/httpd/access_log error:/var/log/httpd/error_log

Setting the log in the httpd.conf

[Email protected]-]# vi/etc/httpd/conf/httpd.conf Errorlog logs/errorjogcustomlog logs/accessjog Common                     Common Log Format

Typical applications of Web sites • Test httpd server Performance AB command Apache Benchmark, Apache benchmark tool • Format: AB [-Q]-c Number of requests-n total requests [http:/] domain name [port]/Path

• Build virtual Web hosts • Virtual web hosts • Applications that run multiple Web sites on the same server, each of which does not occupy a real computer httpd supported virtual host types • Domain-based virtual hosts

[Email protected] htdocs]# vi/etc/httpd/conf/httpd.confnamevirtualhost 173.17.17.11<virtualhost 173.17.17.11 >documentroot/var/www/html/openlabservername Www.openlab.com</VirtualHost><VirtualHost 173.17.17.11 >documentroot/var/www/html/testservername www.test.com</virtualhost>

• Virtual host based on IP address • Application example 2: build 2 virtual Web sites: www.benet.com, IP address 173.17.17.11 www.accp.com, IP address 192.168.4.1 access to these two IPs in a browser, Don't show a different content

[Email protected] htdocs]# Vi/etc/httpd/conf/httpd.conf<virtualhost 173.17.17.11>documentroot/var/www/html/ Openlabservername www.openlab.com

</virtualhost><virtualhost 192.168.4.11

Documentroot/var/www/html/test ServerName www.test.com

</VirtualHost>

• Port-based virtual host • Application Example 3: • Build 2 virtual Web sites: www.benet.com,ip address, Port 173.17.17.11:80 www.accp.com, IP address, port 173.17.17.11:8080 When accessing both ports in a browser, separate content is displayed

[Email protected] htdocs]# Vi/etc/httpd/conf/httpd.conflisten 173.17.17.11:80listen 173.17.17.11:8080< VirtualHost 173.17.17.11:80>documentroot/var/www/html/openlabservername www.openlab.com</virtualhost> <virtualhost 173.17.17.11:8080>documentroot/var/www/html/testservername www.test.com</VirtualHost>

• Create a personal homepage for system users • 1. Modify httpd.conf, enable profile Userdir public a HTRQL confirm directory area read I 2. Set up a Personal Home page test page?/public one html/index.html add permission: C Hmod o+x/home/jerry/3. Restart the httpd service/usr/local/apache2/bin/apachectl restart 4. Access Test Http://www.benet.com/~user

[[email protected]?] # vi/etc/httpd/conf/httpd.conf #UserDir Disable Userdir public_html<directory "/home/*/publtb_html" >allowoverride noneoptions noneOrder Allow,denyAllow from All</directory>

Access control for httpd services • User-based access control • Add authentication Authorization settings

[[email protected]?] # vi/etc/httpd/conf/httpd.conf<directory "/var/www/html/openlab" > AuthName "OpenLab" authtype basicauthuserfile/var/www/html/openlab/.htpasswd require valid-user</directory

• Create files that store authenticated user accounts and passwords • Use the HTPASSWD tool

[[email protected] ~]# htpasswd-c >/usr/local/awstats/wwwroo^/.htpasswd awuser    Add an authorized user

Client address-based access control order configuration items, defining control order • Deny after first, deny all by default: Order Allow,deny First deny allowed, all by default: Order Deny,allow allow, deny configuration item, Set allow or deny Dip address deny from Addressl address2 ... allow from Addressl address2 ...

<Directory/var/www/html> Order Allow,denyallow from 192.168.0.0/24deny from 192.168.0.100</directory>

Erecting httpd servers