OPS Learning notes Apache Service

Apache HTTP SERVER

An open source web server software for the Apache Software Foundation

Curl-i viewing the Web server type of a Web site

before the lab test, note adding the domain name resolution to the host that originated the access request /etc/host

First, install the httpd

Yum Install httpd

Systemctl Start httpd

Systemctl Enable httpd #开机启动

Firewall-cmd--permanent--add-service=http #将http服务添加至防火墙列表中

Firewall-cmd--reload

Firewall-cmd--permanent--add-service=https #将https服务添加至防火墙列表中

Firewall-cmd--reload

Modify the main configuration file for HTTP to modify the default settings

/etc/httpd/conf/httpd.conf

Listen #修改http服务的默认网络端口

119 DocumentRoot "/www/html" #修改http服务的默认发布目录

<directory "/www/html" >

121 Require All granted

122 </Directory>

167 <ifmodule Dir_module>

168 DirectoryIndex webtest index.html #默认发布文件, first read the former, the former cannot read the latter.

169 </IfModule>

Firewall-cmd--add-port=8080/tcp

Systemctl Restart httpd

Mkdir/www/html/webtest

SELinux label consistent with default publishing directory

Ls-z/var/www/

Semanage fcontext-a-T httpd_sys_content_t "/www (/.*)?"

Restorecon-vvfr/www

Second, Virtual Host

One host to serve multiple websites

Vim/etc/httpd/conf.d/default.conf

<virtualhost _default_:80>

Documentroot/www/html

Customlog "Logs/default.log" combined #指定日志

</Virtualhost>

Vim/etc/httpd/conf.d/news.conf

<virtualhost *:80>

Servername news.laosiji.com

Serveralias News #设置别称

Documentroot/www/laosiji.com/news

Customlog "Logs/news.log" combined

</Virtualhost>

<directory "/www/laosiji.com/news" >

Require all granted

</Directory>

Vim/etc/httpd/conf.d/xxx.conf

Mkdir-p/www/laosiji.com/news

vim/www/laosiji.com/news/webtest #与前面设置的文件名称一致

Third, authorizing specified user access

Create a new publish directory as the test directory first

Mkdir-p/www/laosiji.com/admin/webtest

HTPASSWD-CM/ETC/HTTPD/HTPASSWD admin #再次添加用户时注意, option is-M, otherwise the previous information will be overwritten

New Password:

Re-type New Password:

An encrypted password file is generated /etc/httpd/htpasswd

<directory "/www/laosiji.com/film/admin" >

AuthUserFile "/ETC/HTTPD/HTPASSWD"

AuthType Basic

AuthName "Please input username and password"

Require User admin #或者设置为valid-user All authorized users can log in

</Directory>

Four, customizing Self-signed certificates

Yum Install Crypto-utils Mod_ssl

Genkey laosiji.com #主机名, generating certificates

650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M02/86/7C/wKioL1fAWHaRPuz7AAD_Ja-i5D4721.png-wh_500x0-wm_3 -wmp_4-s_575619680.png "title=" screenshot from 2016-08-24 14_25_39.png "alt=" Wkiol1fawharpuz7aad_ja-i5d4721.png-wh_ "/>

Select Next

650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M01/86/7D/wKiom1fAWHizgyxJAAEgcliR_5c624.png-wh_500x0-wm_3 -wmp_4-s_3529785051.png "title=" screenshot from 2016-08-24 14_26_27.png "alt=" Wkiom1fawhizgyxjaaegclir_5c624.png-wh _50 "/>

There are several key specifications to choose from

650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M00/86/7C/wKioL1fAWHmgQkpnAACbz3eRUaw103.png-wh_500x0-wm_3 -wmp_4-s_630460244.png "title=" screenshot from 2016-08-24 14_29_02.png "alt=" Wkiol1fawhmgqkpnaacbz3eruaw103.png-wh_ "/>

#生成缓慢时可以敲击键盘或移动鼠标 in the generated key

650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M02/86/7D/wKiom1fAWHryMGCgAABGn6kS0EI317.png-wh_500x0-wm_3 -wmp_4-s_1178237941.png "title=" screenshot from 2016-08-24 14_30_25.png "alt=" Wkiom1fawhrymgcgaabgn6ks0ei317.png-wh _50 "/>

Select No to send a validation request to the CA

650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M01/86/7C/wKioL1fAWHyzy_u5AAEB5zwxHug843.png-wh_500x0-wm_3 -wmp_4-s_3057278482.png "title=" screenshot from 2016-08-24 14_30_44.png "alt=" Wkiol1fawhyzy_u5aaeb5zwxhug843.png-wh _50 "/>

Select Next

650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M00/86/7C/wKioL1fAWH_R6wVyAAEOvI1VISQ743.png-wh_500x0-wm_3 -wmp_4-s_39752700.png "title=" screenshot from 2016-08-24 14_31_30.png "alt=" Wkiol1fawh_r6wvyaaeovi1visq743.png-wh_ "/>

Fill in some information (note that the hostname is not written incorrectly)

vim/etc/httpd/conf.d/login.conf #新建login用于测试

Mkdir/www/laosiji.com/login

<virtualhost *:443>

Servername login.laosiji.com

Serveralias Login

Documentroot/www/laosiji.com/login

Customlog "Logs/login.log" combined

Sslengine on

Sslcertificatefile/etc/pki/tls/certs/laosiji.com.crt

Sslcertificatekeyfile/etc/pki/tls/private/laosiji.com.key

</Virtualhost>

<directory "/www/laosiji.com/login" >

Require all granted

</Directory>

<virtualhost *:80> #网页重定向

ServerName login.laosiji.com

Rewriteengine on

Rewriterule ^ (/.*) $ https://%{http_host}$1 [redirect=301]

</VirtualHost>

Systemctl Restart httpd

vim/www/laosiji.com/login/webtest# write a copy of the test text

Welcome Log In

Open Browser Write login.laosiji.com

650) this.width=650; "Src=" Http://s3.51cto.com/wyfs02/M00/86/7D/wKiom1fAWf2TxpaLAADBQLxx7-o882.png-wh_500x0-wm_3 -wmp_4-s_12222181.png "title=" screenshot from 2016-08-24 14_34_00.png "alt=" Wkiom1fawf2txpalaadbqlxx7-o882.png-wh_ "/>

650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M01/86/7D/wKiom1fAWiWwQvXuAABJufXugRc662.png-wh_500x0-wm_3 -wmp_4-s_584773479.png "title=" screenshot from 2016-08-24 14_34_22.png "alt=" Wkiom1fawiwwqvxuaabjufxugrc662.png-wh_ "/>

Select ADD excetion

650) this.width=650; "Src=" Http://s5.51cto.com/wyfs02/M02/86/7C/wKioL1fAWd3Brj1zAACSeljb2_M959.png-wh_500x0-wm_3 -wmp_4-s_1293023035.png "title=" screenshot from 2016-08-24 14_34_34.png "alt=" Wkiol1fawd3brj1zaacseljb2_m959.png-wh _50 "/>

Select Confirm Security Exception

Get the certificate page to display normally

This article from "gluttonous fish do not eat bug" blog, reprint please contact the author!

OPS Learning notes Apache Service