WEB website service-Apache

Source: Internet
Author: User
Tags nameserver nslookup

Chapter 6 web website service 2)

HTTP Introduction

The full name of HTTP is Hyper Text Transfer Protocol (Hypertext Transfer Protocol)

Apache is usually used to implement web services in linux. Apache has always been the most popular web server on the Internet.


About the attributes of the HTTP service

HTTP-related software packages

Httpd

HTTP daemon

/Usr/sbin/httpd

HTTP script

/Etc/init. d/httpd

HTTP port

80 (http) 443 (https)

HTTP configuration file

/Etc/http/*/var/www /*



IP address of the current server: 192.168.200.102

I. build and test the dns server

[Root @ crushlinux2 ~] # Yum-y install bind-chroot caching-nameserver

[Root @ crushlinux2 ~] # Cd/var/named/chroot/etc

[Root @ crushlinux2 etc] # cp-p named. caching-nameserver.conf named. conf

[Root @ crushlinux2 etc] # vim named. conf

Options {

Listen-on port 53 {any ;};

Listen-on-v6 port 53 {: 1 ;};

Directory "/var/named ";

Dump-file "/var/named/data/cache_dump.db ";

Statistics-file "/var/named/data/named_stats.txt ";

Memstatistics-file "/var/named/data/named_mem_stats.txt ";


// Those options shocould be used carefully because they disable port

// Randomization

// Query-source port 53;

// Query-source-v6 port 53;


Allow-query {192.168.200.0/24 ;};

Allow-query-cache {any ;};

};

Logging {

Channel default_debug {

File "data/named. run ";

Severity dynamic;

};

};

View localhost_resolver {

Match-clients {192.168.200.0/24 ;};

Match-destinations {any ;};

Recursion yes;

Include "/etc/named. rfc1912.zones ";

};


[Root @ crushlinux2 etc] # vim named. rfc1912.zones

Zone "0. in-addr.arpa" IN {

Type master;

File "named. zero ";

Allow-update {none ;};

Zone "." IN {

Type hint;

File "named. ca ";

};


Zone "baidu.com" IN {

Type master;

File "baidu. zone ";

Allow-update {none ;};

};


Zone "200.168.192.in-addr. arpa" IN {

Type master;

File "named. baidu ";

Allow-update {none ;};

};


[Root @ crushlinux2 etc] # cd/var/named/chroot/var/named/

[Root @ crushlinux2 named] # cp-p localhost. zone baidu. zone

[Root @ crushlinux2 named] # cp-p named. local named. baidu

[Root @ crushlinux2 named] # vim baidu. zone

In aaaa: 1

$ TTL 86400

@ In soa www1.baidu.com root.baidu.com (

42; serial (d. adams)

3 H; refresh

15 M; retry

1 W; expiry

1D); minimum


@ In ns www1.baidu.com

Www1 in a 192.168.200.102

Www2 in a 192.168.200.102

Www3 in a 192.168.200.102


[Root @ crushlinux2 named] # vim named. baidu

$ TTL 86400

@ In soa www1.baidu.com. root.baidu.com .(

1997022700; Serial

28800; Refresh

14400; Retry

3600000; Expire

86400); Minimum

@ In ns www1.baidu.com.

102 in ptr www1.baidu.com.

102 in ptr www2.baidu.com.

102 in ptr www3.baidu.com.


[Root @ crushlinux2 named] # service named restart

[Root @ crushlinux2 named] # vim/etc/resolv. conf

Search com

Nameserver 192.168.200.102


[Root @ crushlinux2 named] # nslookup www1.baidu.com

Server: 192.168.200.102

Address: 192.168.200.102 #53


Name: www1.baidu.com

Address: 192.168.200.102


[Root @ crushlinux2 named] # nslookup www2.baidu.com

Server: 192.168.200.102

Address: 192.168.200.102 #53


Name: www2.baidu.com

Address: 192.168.200.102


[Root @ crushlinux2 named] # nslookup www3.baidu.com

Server: 192.168.200.102

Address: 192.168.200.102 #53


Name: www3.baidu.com

Address: 192.168.200.102


[Root @ crushlinux2 named] # nslookup 192.168.200.102

Server: 192.168.200.102

Address: 192.168.200.102 #53


102.200.168.192.in-addr. arpa name = www1.baidu.com.

102.200.168.192.in-addr. arpa name = www2.baidu.com.

102.200.168.192.in-addr. arpa name = www3.baidu.com.


A vm can run multiple sites on a server without affecting each other. This greatly reduces costs. The VM technology can be implemented in three ways:

Virtual Host Based on domain name, IP, and port.


Ii. Install the apache Software Package and configure the virtual host

[Root @ crushlinux2 ~] # Yum-y install httpd

1. Domain Name-based VM:

[Root @ crushlinux2 ~] # Vim/etc/httpd/conf/httpd. conf

NameVirtualHost 192.168.200.102: 80

<VirtualHost 192.168.200.102: 80>

DocumentRoot/var/www/Example 1

ServerName www1.baidu.com

ServerAlias www3.baidu.com

</VirtualHost>


<VirtualHost 192.168.200.102: 80>

DocumentRoot/var/www/Example 2

ServerName www2.baidu.com

</VirtualHost>


Create a root directory in a domain name-based Virtual Site:

[Root @ crushlinux2 ~] # Cd/var/www/

[Root @ crushlinux2 www] # mkdir limit 1

[Root @ crushlinux2 www] # mkdir limit 2

A test page is created:

[Root @ crushlinux2 www] # echo "Hello I am www1">./Rewrite 1/index.html

[Root @ crushlinux2 www] # echo "Hello I am www2">./Rewrite 2/index.html

[Root @ crushlinux2 www] # service httpd restart

Test:

[Root @ crushlinux2 www] # elinks -- dump http://www1.baidu.com

Hello I am www1

[Root @ crushlinux2 www] # elinks -- dump http://www2.baidu.com

Hello I am www2

[Root @ crushlinux2 www] # elinks -- dump http://www3.baidu.com

Hello I am www1


2. IP-based VM:

Configure multiple IP addresses for this Nic

[Root @ crushlinux2 www] # ifconfig eth0 192.168.200.102

[Root @ crushlinux2 www] # ifconfig eth0: 1 192.168.200.103

[Root @ crushlinux2 ~] # Vim/etc/httpd/conf/httpd. conf

NameVirtualHost 192.168.200.102: 80

<VirtualHost 192.168.200.102: 80>

DocumentRoot/var/www/Example 1

ServerName www.baidu.com

</VirtualHost>


<VirtualHost 192.168.200.103: 80>

DocumentRoot/var/www/Example 2

ServerName www.baidu.com

</VirtualHost>

[Root @ crushlinux2 www] # service httpd restart

Test:

[Root @ crushlinux2 www] # elinks -- dump http: // 192.168.200.102

Hello I am www1

[Root @ crushlinux2 www] # elinks -- dump http: // 192.168.200.103

Hello I am www2


3. Port-based VM:

Allow apache to listen on multiple ports

134 Listen 192.168.200.102: 8001

135 Listen 192.168.200.102: 8002


NameVirtualHost 192.168.200.102: 8001

<VirtualHost 192.168.200.102: 8001>

DocumentRoot/var/www/Example 1

ServerName www1.baidu.com

</VirtualHost>


NameVirtualHost 192.168.200.102: 8002

<VirtualHost 192.168.200.102: 8002>

DocumentRoot/var/www/Example 2

ServerName www2.baidu.com

</VirtualHost>

[Root @ crushlinux2 www] # service httpd restart

Test:

[Root @ crushlinux2 www] # elinks -- dump http: // 192.168.200.102: 8001

Hello I am www1

[Root @ crushlinux2 www] # elinks -- dump http: // 192.168.200.102: 8002

Hello I am www2


Iii. httpd service access control

1. restrict network segments or IP addresses

[Root @ crushlinux2 ~] # Vim/etc/httpd/conf/httpd. conf

NameVirtualHost 192.168.200.102: 8001

<VirtualHost 192.168.200.102: 8001>

DocumentRoot/var/www/Example 1

ServerName www1.baidu.com

<Directory "/var/www/Example 1">

Options-Indexes-Followsymlinks

Order allow, deny

Allow from all

Deny from 192.168.200.102

</Directory>

</VirtualHost>


NameVirtualHost 192.168.200.102: 8002

<VirtualHost 192.168.200.102: 8002>

DocumentRoot/var/www/Example 2

ServerName www2.baidu.com

<Directory "/var/www/Example 2">

Options-Indexes-Followsymlinks

Order deny, allow

Deny from all

Allow from 192.168.200.102

</Directory>

</VirtualHost>

[Root @ crushlinux2 www] # service httpd restart

[Root @ crushlinux2 www] # elinks -- dump http: // 192.168.200.102: 8001

[Root @ crushlinux2 www] # elinks -- dump http: // 192.168.200.102: 8002


2. restrict users

Now we have created two users, bob and jack. These two users do not need to exist locally, but are only used to log on to the http service.

When creating a user for the first time, you must add the-c parameter to create an ID-authenticated database.

However, do not use the-c parameter when creating a user for the second time. Otherwise, it will overwrite the previous user's.


[Root @ crushlinux2 www] # htpasswd-cm/etc/httpd/. htpasswd bob

New password:

Re-type new password:

Adding password for user bob

[Root @ crushlinux2 www] # htpasswd-m/etc/httpd/. htpasswd jack

New password:

Re-type new password:

Adding password for user jack

[Root @ crushlinux2 www] # cat/etc/httpd/. htpasswd

Bob: $ apr1 $ GZGVy... $ qHSci8W7z5nrASwE3z1ie0

Jack: $ apr1 $ nO7oG/.. $ hsciam69242543izmr5cr51

Method 1:

[Root @ crushlinux2 www] # vim/etc/httpd/conf/httpd. conf

NameVirtualHost 192.168.200.102: 8001

<VirtualHost 192.168.200.102: 8001>

DocumentRoot/var/www/Example 1

ServerName www1.baidu.com

<Directory "/var/www/Example 1">

AuthName "Crushlinux"

AuthType Basic

AuthUserFile/etc/httpd/. htpasswd

Require valid-user

</Directory>

</VirtualHost>

[Root @ crushlinux2 www] # service httpd restart

Browser test: http: // 192.168.200.102: 8001


Method 2:

[Root @ crushlinux2 www] # vi/var/www/users 1/. htaccess

AuthName "berg"

AuthType basic

AuthUserFile/etc/httpd/. htpasswd

Require user bob jack

Require vaid-user

[Root @ crushlinux2 www] # vim/etc/httpd/conf/httpd. conf

NameVirtualHost 192.168.200.102: 8001

<VirtualHost 192.168.200.102: 8001>

DocumentRoot/var/www/Example 1

ServerName www1.baidu.com

<Directory "/var/www/Example 1">

Allowoverride Authconfig

</Directory>

</VirtualHost>

[Root @ crushlinux2 www] # service httpd restart

Browser test: http: // 192.168.200.102: 8001


Bytes -----------------------------------------------------------------------------------

Explanation of http service syntax parameters:

NameVirtualHost 192.168.0.254: 80

Advertise the virtual host on the server and the port,

<VirtualHost 192.168.0.254: 80>

Site of the first Vm,

DocumentRoot/var/www/Example 1

Root directory of the VM site,

ServerName station1.example.com

Defines the domain name of a VM site,

ServerAlias server1.example.com

Defines the alias of a VM domain name,

<Directory/var/www/Example 1>

Defines access control for a VM site,

Options-Indexes-Followsymlinks

Remove the Indexes and Followsymlinks functions,

Order allow, deny

Allow from all

Deny from 192.168.0.10

Allow all and deny specific hosts. (This is ordered)

Order deny, allow

Deny from all

Allow from 192.168.0.10

Deny all and allow specific hosts. (This is ordered)

</Directory>

This is the syntax, which corresponds to <Directory/var/www/scripts 1> and indicates the end.

</VirtualHost>

This is the syntax, which corresponds to <VirtualHost 192.168.0.254: 80>, indicating the end.


Http service authentication

1. generate an Identity Authentication database

# Htpasswd-cm/etc/httpd/. htpasswd bob

-C create-m md5 Encryption

# Htpasswd-m/etc/httpd/. htpasswd alice

AuthName "website"

Name used for authentication

AuthType basic

The authentication type is basic.

AuthUserFile/etc/httpd/. htpasswd

Call the Authentication database file just defined

Require user bob alice

Bob and Alice are allowed to access the http service and must be authenticated.

Require valid-user

All users in the authenticated database access the http service.


This article is from the "Crushlinux Studio" blog, please be sure to keep this http://crushlinux.blog.51cto.com/2663646/1305562

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.