Configure Apache 2.2

1. Http status code:

1xx: Information Status Code 2XX: Success status code 200ok 201created3xx: 301 permanent redirection 302 temporary redirection, Location: new location 4xx: client error 403 request rejected 404 page does not exist 405 method used not allowed 5xx: Server Error 500: Server Error 502: SERVER network management error 503: service temporarily unavailable

2. Three Modes of http mpm:

There is no thread in prefork. It is a multi-process model. A process processes a connection. It is stable and responds quickly. The disadvantage is that memory consumption is very high when the number of connections is large. A worker is a multi-process and multi-threaded model. A process has multiple threads and each thread processes a connection. Compared with prefork, worker mode saves more system memory resources. However, you must note the compatibility between APACHE and PHP program modules in worker mode. Event is a variant of the worker mode. It separates the service process from the connection. When keepalive is enabled, it can withstand higher concurrent loads than the worker mode. The Event Mode does not support HTTPS access (HTTP Authentication problems)

3. httpd basic configuration file:

# Grep "section"/etc/httpd/CONF/httpd. conf global configuration section ### Section 1: configuration section of the global environment master server ### Section 2: 'main' server configuration virtual host configuration section, it is usually not used with the master server ### Section 3: Virtual Hosts persistent connection keepaliveoff: use persistent connection {on | off} maxkeepaliverequest100: Use the maximum number of persistent connections keepalivetimeout15: use the timeout value of the persistent connection MPM module <ifmodule prefork. c> startservers 8 # Start eight idle processes minspareservers 5 # At least five idle processes maxspareservers 20 # A maximum of 20 idle processes, not smaller than the idle process serverlim It 256 # servermaxclients 256 for maxclient maximum startup # How many client requests can be processed simultaneously 256 maxrequestsperchild 4000 # each sub-process can process a maximum of 4000 requests </ifmodule> <ifmodule worker. c> startservers 4 # How many processes are enabled maxclients 300 # the maximum number of concurrent requests minsparethreads 25 # the minimum number of idle processes 25 maxsparethreads 75 # the maximum number of idle processes 75 threadsperchild 25 # Each process can have up to 25 thread maxrequestsperchild 0 # The number of requests processed by each thread is not limited </ifmodule> the listening port listen80 specifies the module to be loaded: dsoloadmoduleauth_basic_module modules/mod_auth_basic.so ...... # Httpd-D dump_modules: check which modules are loaded. 2 .) configuration section ### Section 2: 'main' server configuration serveradmin [email protected]: Host Name servernamewww.explm.com: 80. The access control optionsindexes followsymlinks in the root directory of the website DocumentRoot "/var/www/html" can be implemented in the directory. If the directory does not have a home page, all files in the directory are listed in the List, you can also download the-indexes trace symbolic connection-followsymlinks to create a trail on each page. the htacces user can compare the Resource Access Control Function allowoverridenone log function in this directory: errorlog "/path/to/error_log" loglevel {debug | info | notice | warn | error | crit | alert | emerg} logformatcustomlog "/path/to/access_log" combined/access_log combined % H: client address % L: Remote Login Name, usually-% u: Enter the user name during authentication,-% t when no authentication is available: the time when the server receives the user request % R: request registration start line %> S: response status code % B: Response Message length, unit: byte % {header_name} I: record the value corresponding to the specified Header

4. cgi script:

The CGI script path alias. By default, how does one work on/var/www/cgi-bin/cgi: enables the server to provide a dynamic page, and users' requests first reach the system kernel workspace, the kernel is used to locally listen to service programs on the web service. The Web Server Service understands that user requests are requests with special scripts, and the Web Server service does not directly respond to customers. Instead, the resource requested by the user is returned to the CGI protocol and sent to the CGI program interpreter. The Interpreter uploads the requested script to the disk and runs it locally. And return the result directly to the web server. ScriptAlias/cgi-bin/"/var/www/cgi-bin /": the notification web server/var/www/cgi-bin/directory can store CGI scripts var/www/cgi-bin #! /Bin/bashcat <eofcontent-type: text/html <PRE> <meta http-equiv = "refresh" content = "3 "; url = "172.16.32.10/cgi-bin/test. sh "/> # refresh the page dynamically, and refresh the page once every 3 seconds 
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/45/DC/wKiom1Pspeqj3kCjAAGq6auwctY499.jpg "Title =" cgi.jpg "alt =" wkiom1pspeqj3kcjaagq6auwcty499.jpg "/>
5. Access Control Based on users:
If you want to implement access control for the VM, you only need to write the path to be controlled. User Authentication: Basic Authentication, basic digest authentication in plaintext, and digest sent after encryption use virtual users, it is not the account used by the user to log on to the system. Only the user can access a service or obtain the authentication location for a resource: Text File (the password is MD5 ). httppasswd, database, (DBM text file-based database engine, faster than text delivery, and output through API), LDAP, lightweight access protocol authenticationprovider: storage mechanism of accounts and passwords, authnauthorizationprovider: user access path httpd In short: Authn file-based Access Control: <directory "/var/www/cgi-bin"> optionsnone # No options during user access AllowOverride authconfig # Authentication-related configuration authtypebasic # specify authentication type authna Me "system DMZ! "# Prompt message # authbasicprovider file authuserfile"/etc/httpd/CONF /. htpasswd "# specify the location where the authentication file is stored # requireadmin requirevalid-user # which users are allowed to log on to valid-user: all valid accounts </directory> to create the htpasswd authentication file htpasswd command: option: -C: if it does not exist in advance, you can only use-M: to store the password in MD5 mode when the first file is stored this month # htpasswd-C-M/etc/httpd/CONF /. htpasswd adminnew password: Re-type new password: Adding password for user admin # Cat/etc/httpd/CONF /. htpasswd admin: $ apr1 $ bdpiyogu $ rklszxdedz3jvfkpawj8g1

Test:
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/45/DC/wKiom1PspnyT18GeAAEygoMzBmo789.jpg "Title =" pass.jpg "alt =" wkiom1pspnyt18geaaeygomzbmo789.jpg "/>
After entering the correct password, you can log on.


6. VM:
#DocumentRoot "/var/www/html"<VirtualHost 172.16.32.10:80>   ServerName www.zhang.com   DocumentRoot "/var/www/web1"</VirtualHost>


7. The httpd embedded processor handler outputs the status information:
Hendler: Server-status used to enable handler using the sethandler command handler: the internal representation of Apache when the file is called, generally, all file types are implicit processors # Vim/etc/httpd/CONF/httpd. conf <location/Server-status> sethandler server-status # orderdeny, allow orderallow, deny # denyfrom all # allowfrom .example.com allowfrom 172.16.0.0/16 </location> # httpd-tsyntax OK # service httpd reloadreloading httpd:
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/45/DC/wKiom1Psp1Gxgl9lAAPTQca5mp0619.jpg "Title =" status.jpg "alt =" wkiom1psp1gxgl9laaptqca5mp0619.jpg "/>


This article from "you smile to anyone" blog, please be sure to keep this source http://54276311.blog.51cto.com/9130197/1540138