Apache HTTP SERVER
An open source web server software for the Apache Software Foundation
Curl-i viewing the Web server type of a Web site
before the lab test, note adding the domain name resolution to the host that originated the access request /etc/host
First, install the httpd
Yum Install httpd
Systemctl Start httpd
Systemctl Enable httpd #开机启动
Firewall-cmd--permanent--add-service=http #将http服务添加至防火墙列表中
Firewall-cmd--reload
Firewall-cmd--permanent--add-service=https #将https服务添加至防火墙列表中
Firewall-cmd--reload
Modify the main configuration file for HTTP to modify the default settings
/etc/httpd/conf/httpd.conf
Listen #修改http服务的默认网络端口
119 DocumentRoot "/www/html" #修改http服务的默认发布目录
<directory "/www/html" >
121 Require All granted
122 </Directory>
167 <ifmodule Dir_module>
168 DirectoryIndex webtest index.html #默认发布文件, first read the former, the former cannot read the latter.
169 </IfModule>
Firewall-cmd--add-port=8080/tcp
Systemctl Restart httpd
Mkdir/www/html/webtest
SELinux label consistent with default publishing directory
Ls-z/var/www/
Semanage fcontext-a-T httpd_sys_content_t "/www (/.*)?"
Restorecon-vvfr/www
Second,
Virtual Host
One host to serve multiple websites
Vim/etc/httpd/conf.d/default.conf
<virtualhost _default_:80>
Documentroot/www/html
Customlog "Logs/default.log" combined #指定日志
</Virtualhost>
Vim/etc/httpd/conf.d/news.conf
<virtualhost *:80>
Servername news.laosiji.com
Serveralias News #设置别称
Documentroot/www/laosiji.com/news
Customlog "Logs/news.log" combined
</Virtualhost>
<directory "/www/laosiji.com/news" >
Require all granted
</Directory>
Vim/etc/httpd/conf.d/xxx.conf
Mkdir-p/www/laosiji.com/news
vim/www/laosiji.com/news/webtest #与前面设置的文件名称一致
Third,
authorizing specified user access
Create a new publish directory as the test directory first
Mkdir-p/www/laosiji.com/admin/webtest
HTPASSWD-CM/ETC/HTTPD/HTPASSWD admin #再次添加用户时注意, option is-M, otherwise the previous information will be overwritten
New Password:
Re-type New Password:
An encrypted password file is generated /etc/httpd/htpasswd
<directory "/www/laosiji.com/film/admin" >
AuthUserFile "/ETC/HTTPD/HTPASSWD"
AuthType Basic
AuthName "Please input username and password"
Require User admin #或者设置为valid-user All authorized users can log in
</Directory>
Four,
customizing Self-signed certificates
Yum Install Crypto-utils Mod_ssl
Genkey laosiji.com #主机名, generating certificates
650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M02/86/7C/wKioL1fAWHaRPuz7AAD_Ja-i5D4721.png-wh_500x0-wm_3 -wmp_4-s_575619680.png "title=" screenshot from 2016-08-24 14_25_39.png "alt=" Wkiol1fawharpuz7aad_ja-i5d4721.png-wh_ "/>
Select Next
650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M01/86/7D/wKiom1fAWHizgyxJAAEgcliR_5c624.png-wh_500x0-wm_3 -wmp_4-s_3529785051.png "title=" screenshot from 2016-08-24 14_26_27.png "alt=" Wkiom1fawhizgyxjaaegclir_5c624.png-wh _50 "/>
There are several key specifications to choose from
650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M00/86/7C/wKioL1fAWHmgQkpnAACbz3eRUaw103.png-wh_500x0-wm_3 -wmp_4-s_630460244.png "title=" screenshot from 2016-08-24 14_29_02.png "alt=" Wkiol1fawhmgqkpnaacbz3eruaw103.png-wh_ "/>
#生成缓慢时可以敲击键盘或移动鼠标 in the generated key
650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M02/86/7D/wKiom1fAWHryMGCgAABGn6kS0EI317.png-wh_500x0-wm_3 -wmp_4-s_1178237941.png "title=" screenshot from 2016-08-24 14_30_25.png "alt=" Wkiom1fawhrymgcgaabgn6ks0ei317.png-wh _50 "/>
Select No to send a validation request to the CA
650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M01/86/7C/wKioL1fAWHyzy_u5AAEB5zwxHug843.png-wh_500x0-wm_3 -wmp_4-s_3057278482.png "title=" screenshot from 2016-08-24 14_30_44.png "alt=" Wkiol1fawhyzy_u5aaeb5zwxhug843.png-wh _50 "/>
Select Next
650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M00/86/7C/wKioL1fAWH_R6wVyAAEOvI1VISQ743.png-wh_500x0-wm_3 -wmp_4-s_39752700.png "title=" screenshot from 2016-08-24 14_31_30.png "alt=" Wkiol1fawh_r6wvyaaeovi1visq743.png-wh_ "/>
Fill in some information (note that the hostname is not written incorrectly)
vim/etc/httpd/conf.d/login.conf #新建login用于测试
Mkdir/www/laosiji.com/login
<virtualhost *:443>
Servername login.laosiji.com
Serveralias Login
Documentroot/www/laosiji.com/login
Customlog "Logs/login.log" combined
Sslengine on
Sslcertificatefile/etc/pki/tls/certs/laosiji.com.crt
Sslcertificatekeyfile/etc/pki/tls/private/laosiji.com.key
</Virtualhost>
<directory "/www/laosiji.com/login" >
Require all granted
</Directory>
<virtualhost *:80> #网页重定向
ServerName login.laosiji.com
Rewriteengine on
Rewriterule ^ (/.*) $ https://%{http_host}$1 [redirect=301]
</VirtualHost>
Systemctl Restart httpd
vim/www/laosiji.com/login/webtest# write a copy of the test text
Welcome Log In
Open Browser Write login.laosiji.com
650) this.width=650; "Src=" Http://s3.51cto.com/wyfs02/M00/86/7D/wKiom1fAWf2TxpaLAADBQLxx7-o882.png-wh_500x0-wm_3 -wmp_4-s_12222181.png "title=" screenshot from 2016-08-24 14_34_00.png "alt=" Wkiom1fawf2txpalaadbqlxx7-o882.png-wh_ "/>
650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M01/86/7D/wKiom1fAWiWwQvXuAABJufXugRc662.png-wh_500x0-wm_3 -wmp_4-s_584773479.png "title=" screenshot from 2016-08-24 14_34_22.png "alt=" Wkiom1fawiwwqvxuaabjufxugrc662.png-wh_ "/>
Select ADD excetion
650) this.width=650; "Src=" Http://s5.51cto.com/wyfs02/M02/86/7C/wKioL1fAWd3Brj1zAACSeljb2_M959.png-wh_500x0-wm_3 -wmp_4-s_1293023035.png "title=" screenshot from 2016-08-24 14_34_34.png "alt=" Wkiol1fawd3brj1zaacseljb2_m959.png-wh _50 "/>
Select Confirm Security Exception
Get the certificate page to display normally
This article from "gluttonous fish do not eat bug" blog, reprint please contact the author!
OPS Learning notes Apache Service