WEB website service-Apache

Last Update:2013-12-28 Source: Internet

Author: User

Tags nameserver nslookup

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Chapter 6 web website service 2)

HTTP Introduction

The full name of HTTP is Hyper Text Transfer Protocol (Hypertext Transfer Protocol)

Apache is usually used to implement web services in linux. Apache has always been the most popular web server on the Internet.

About the attributes of the HTTP service

HTTP-related software packages

Httpd

HTTP daemon

/Usr/sbin/httpd

HTTP script

/Etc/init. d/httpd

HTTP port

80 (http) 443 (https)

HTTP configuration file

/Etc/http/*/var/www /*

IP address of the current server: 192.168.200.102

I. build and test the dns server

[Root @ crushlinux2 ~] # Yum-y install bind-chroot caching-nameserver

[Root @ crushlinux2 ~] # Cd/var/named/chroot/etc

[Root @ crushlinux2 etc] # cp-p named. caching-nameserver.conf named. conf

[Root @ crushlinux2 etc] # vim named. conf

Options {

Listen-on port 53 {any ;};

Listen-on-v6 port 53 {: 1 ;};

Directory "/var/named ";

Dump-file "/var/named/data/cache_dump.db ";

Statistics-file "/var/named/data/named_stats.txt ";

Memstatistics-file "/var/named/data/named_mem_stats.txt ";

// Those options shocould be used carefully because they disable port

// Randomization

// Query-source port 53;

// Query-source-v6 port 53;

Allow-query {192.168.200.0/24 ;};

Allow-query-cache {any ;};

};

Logging {

Channel default_debug {

File "data/named. run ";

Severity dynamic;

};

View localhost_resolver {

Match-clients {192.168.200.0/24 ;};

Match-destinations {any ;};

Recursion yes;

Include "/etc/named. rfc1912.zones ";

};

[Root @ crushlinux2 etc] # vim named. rfc1912.zones

Zone "0. in-addr.arpa" IN {

Type master;

File "named. zero ";

Allow-update {none ;};

Zone "." IN {

Type hint;

File "named. ca ";

};

Zone "baidu.com" IN {

Type master;

File "baidu. zone ";

Allow-update {none ;};

};

Zone "200.168.192.in-addr. arpa" IN {

Type master;

File "named. baidu ";

Allow-update {none ;};

};

[Root @ crushlinux2 etc] # cd/var/named/chroot/var/named/

[Root @ crushlinux2 named] # cp-p localhost. zone baidu. zone

[Root @ crushlinux2 named] # cp-p named. local named. baidu

[Root @ crushlinux2 named] # vim baidu. zone

In aaaa: 1

$ TTL 86400

@ In soa www1.baidu.com root.baidu.com (

42; serial (d. adams)

3 H; refresh

15 M; retry

1 W; expiry

1D); minimum

@ In ns www1.baidu.com

Www1 in a 192.168.200.102

Www2 in a 192.168.200.102

Www3 in a 192.168.200.102

[Root @ crushlinux2 named] # vim named. baidu

$ TTL 86400

@ In soa www1.baidu.com. root.baidu.com .(

1997022700; Serial

28800; Refresh

14400; Retry

3600000; Expire

86400); Minimum

@ In ns www1.baidu.com.

102 in ptr www1.baidu.com.

102 in ptr www2.baidu.com.

102 in ptr www3.baidu.com.

[Root @ crushlinux2 named] # service named restart

[Root @ crushlinux2 named] # vim/etc/resolv. conf

Search com

Nameserver 192.168.200.102

[Root @ crushlinux2 named] # nslookup www1.baidu.com

Server: 192.168.200.102

Address: 192.168.200.102 #53

Name: www1.baidu.com

Address: 192.168.200.102

[Root @ crushlinux2 named] # nslookup www2.baidu.com

Server: 192.168.200.102

Address: 192.168.200.102 #53

Name: www2.baidu.com

Address: 192.168.200.102

[Root @ crushlinux2 named] # nslookup www3.baidu.com

Server: 192.168.200.102

Address: 192.168.200.102 #53

Name: www3.baidu.com

Address: 192.168.200.102

[Root @ crushlinux2 named] # nslookup 192.168.200.102

Server: 192.168.200.102

Address: 192.168.200.102 #53

102.200.168.192.in-addr. arpa name = www1.baidu.com.

102.200.168.192.in-addr. arpa name = www2.baidu.com.

102.200.168.192.in-addr. arpa name = www3.baidu.com.

A vm can run multiple sites on a server without affecting each other. This greatly reduces costs. The VM technology can be implemented in three ways:

Virtual Host Based on domain name, IP, and port.

Ii. Install the apache Software Package and configure the virtual host

[Root @ crushlinux2 ~] # Yum-y install httpd

1. Domain Name-based VM:

[Root @ crushlinux2 ~] # Vim/etc/httpd/conf/httpd. conf

NameVirtualHost 192.168.200.102: 80

DocumentRoot/var/www/Example 1

ServerName www1.baidu.com

ServerAlias www3.baidu.com

</VirtualHost>

DocumentRoot/var/www/Example 2

ServerName www2.baidu.com

</VirtualHost>

Create a root directory in a domain name-based Virtual Site:

[Root @ crushlinux2 ~] # Cd/var/www/

[Root @ crushlinux2 www] # mkdir limit 1

[Root @ crushlinux2 www] # mkdir limit 2

A test page is created:

[Root @ crushlinux2 www] # echo "Hello I am www1">./Rewrite 1/index.html

[Root @ crushlinux2 www] # echo "Hello I am www2">./Rewrite 2/index.html

[Root @ crushlinux2 www] # service httpd restart

Test:

[Root @ crushlinux2 www] # elinks -- dump http://www1.baidu.com

Hello I am www1

[Root @ crushlinux2 www] # elinks -- dump http://www2.baidu.com

Hello I am www2

[Root @ crushlinux2 www] # elinks -- dump http://www3.baidu.com

Hello I am www1

2. IP-based VM:

Configure multiple IP addresses for this Nic

[Root @ crushlinux2 www] # ifconfig eth0 192.168.200.102

[Root @ crushlinux2 www] # ifconfig eth0: 1 192.168.200.103

[Root @ crushlinux2 ~] # Vim/etc/httpd/conf/httpd. conf

NameVirtualHost 192.168.200.102: 80

DocumentRoot/var/www/Example 1

ServerName www.baidu.com

</VirtualHost>

DocumentRoot/var/www/Example 2

ServerName www.baidu.com

</VirtualHost>

[Root @ crushlinux2 www] # service httpd restart

Test:

[Root @ crushlinux2 www] # elinks -- dump http: // 192.168.200.102

Hello I am www1

[Root @ crushlinux2 www] # elinks -- dump http: // 192.168.200.103

Hello I am www2

3. Port-based VM:

Allow apache to listen on multiple ports

134 Listen 192.168.200.102: 8001

135 Listen 192.168.200.102: 8002

NameVirtualHost 192.168.200.102: 8001

DocumentRoot/var/www/Example 1

ServerName www1.baidu.com

</VirtualHost>

NameVirtualHost 192.168.200.102: 8002

DocumentRoot/var/www/Example 2

ServerName www2.baidu.com

</VirtualHost>

[Root @ crushlinux2 www] # service httpd restart

Test:

[Root @ crushlinux2 www] # elinks -- dump http: // 192.168.200.102: 8001

Hello I am www1

[Root @ crushlinux2 www] # elinks -- dump http: // 192.168.200.102: 8002

Hello I am www2

Iii. httpd service access control

1. restrict network segments or IP addresses

[Root @ crushlinux2 ~] # Vim/etc/httpd/conf/httpd. conf

NameVirtualHost 192.168.200.102: 8001

DocumentRoot/var/www/Example 1

ServerName www1.baidu.com

Options-Indexes-Followsymlinks

Order allow, deny

Allow from all

Deny from 192.168.200.102

</Directory>

</VirtualHost>

NameVirtualHost 192.168.200.102: 8002

DocumentRoot/var/www/Example 2

ServerName www2.baidu.com

Options-Indexes-Followsymlinks

Order deny, allow

Deny from all

Allow from 192.168.200.102

</Directory>

</VirtualHost>

[Root @ crushlinux2 www] # service httpd restart

[Root @ crushlinux2 www] # elinks -- dump http: // 192.168.200.102: 8001

[Root @ crushlinux2 www] # elinks -- dump http: // 192.168.200.102: 8002

2. restrict users

Now we have created two users, bob and jack. These two users do not need to exist locally, but are only used to log on to the http service.

When creating a user for the first time, you must add the-c parameter to create an ID-authenticated database.

However, do not use the-c parameter when creating a user for the second time. Otherwise, it will overwrite the previous user's.

[Root @ crushlinux2 www] # htpasswd-cm/etc/httpd/. htpasswd bob

New password:

Re-type new password:

Adding password for user bob

[Root @ crushlinux2 www] # htpasswd-m/etc/httpd/. htpasswd jack

New password:

Re-type new password:

Adding password for user jack

[Root @ crushlinux2 www] # cat/etc/httpd/. htpasswd

Bob: $ apr1 $ GZGVy... $ qHSci8W7z5nrASwE3z1ie0

Jack: $ apr1 $ nO7oG/.. $ hsciam69242543izmr5cr51

Method 1:

[Root @ crushlinux2 www] # vim/etc/httpd/conf/httpd. conf

NameVirtualHost 192.168.200.102: 8001

DocumentRoot/var/www/Example 1

ServerName www1.baidu.com

AuthName "Crushlinux"

AuthType Basic

AuthUserFile/etc/httpd/. htpasswd

Require valid-user

</Directory>

</VirtualHost>

[Root @ crushlinux2 www] # service httpd restart

Browser test: http: // 192.168.200.102: 8001

Method 2:

[Root @ crushlinux2 www] # vi/var/www/users 1/. htaccess

AuthName "berg"

AuthType basic

AuthUserFile/etc/httpd/. htpasswd

Require user bob jack

Require vaid-user

[Root @ crushlinux2 www] # vim/etc/httpd/conf/httpd. conf

NameVirtualHost 192.168.200.102: 8001

DocumentRoot/var/www/Example 1

ServerName www1.baidu.com

Allowoverride Authconfig

</Directory>

</VirtualHost>

[Root @ crushlinux2 www] # service httpd restart

Browser test: http: // 192.168.200.102: 8001

Bytes -----------------------------------------------------------------------------------

Explanation of http service syntax parameters:

NameVirtualHost 192.168.0.254: 80

Advertise the virtual host on the server and the port,

Site of the first Vm,

DocumentRoot/var/www/Example 1

Root directory of the VM site,

ServerName station1.example.com

Defines the domain name of a VM site,

ServerAlias server1.example.com

Defines the alias of a VM domain name,

Defines access control for a VM site,

Options-Indexes-Followsymlinks

Remove the Indexes and Followsymlinks functions,

Order allow, deny

Allow from all

Deny from 192.168.0.10

Allow all and deny specific hosts. (This is ordered)

Order deny, allow

Deny from all

Allow from 192.168.0.10

Deny all and allow specific hosts. (This is ordered)

</Directory>

This is the syntax, which corresponds to <Directory/var/www/scripts 1> and indicates the end.

</VirtualHost>

This is the syntax, which corresponds to <VirtualHost 192.168.0.254: 80>, indicating the end.

Http service authentication

1. generate an Identity Authentication database

# Htpasswd-cm/etc/httpd/. htpasswd bob

-C create-m md5 Encryption

# Htpasswd-m/etc/httpd/. htpasswd alice

AuthName "website"

Name used for authentication

AuthType basic

The authentication type is basic.

AuthUserFile/etc/httpd/. htpasswd

Call the Authentication database file just defined

Require user bob alice

Bob and Alice are allowed to access the http service and must be authenticated.

Require valid-user

All users in the authenticated database access the http service.

This article is from the "Crushlinux Studio" blog, please be sure to keep this http://crushlinux.blog.51cto.com/2663646/1305562

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More