Initial HTTP Site Setup

Web services based on B/s (browser/server) architecture

Web page available on the service side

Browser downloads and displays Web pages

Hyper text Markup Language, Hypertext Markup Language

Hyper text Transfer Protocol, Hypertext Transfer Protocol

Package: httpd

System Services: HTTPD

Standalone web Host

One Web site provided by the same server

Virtual Web Host

Multiple different Web sites provided by the same server

#一旦启用WEB虚拟主机, the external documentroot servername will be ignored,

The first virtual site becomes the default site, and if a client request does not belong to any known site, the default site corresponds

When a standalone Web server is upgraded to a virtual host server, you need to establish a virtual site for the original web site.

Distinguishing methods

Domain-based virtual host

Port-based virtual host

IP address-based virtual host

Step thinking

1 service installation starts as

#yum install-y httpd

#yum install-y Mod_ssl

#yum install-y Mod_wsgi

2 The configuration must be considered

1 Firewall restrictions

#firewall-cmd--get-default-zone

#firewall-cmd--set-default-zone=trusted

2 access control of the service itself

Service Directory Permissions

chmod

The service itself has access restrictions configured such as:

<directory "/webserver/private" >

Require all denied

Require IP 172.25.0.10

</Directory>

3 is SELinux Limited

#setenforce 0/1

#systemctl Restart httpd #重启服务测试

#semanage Port-l | grep http

#semanage port-a-T http_port_t-p TCP 8888 #对非常规端口的限制 This command requires enough internal

Save.

#ls-zd/var/www

#chcon-R-T Httpd_sys_content_t/web

Or

#chcon-R--reference=/var/www/web #安全上下文 restrictions on unconventional directories

Or

#semanage fconfext-a-T httpd_sys_content_t/web #新命令 the same as the previous effect

#restorecon-rv/web

3 Configuring Services

1 Client Access server-side resources

Create the appropriate service catalog and test page

Home file editing:

#vim ~/index.html #写着玩 ~

<marquee behavior= ' alternate ' ><font Color=green>

2 configuration

Master configuration file

/etc/httpd/conf/httpd.conf

From the configuration file

/etc/httpd/conf.d/*.conf

Help Documentation:

/usr/share/doc/httpd-2.4.6/httpd-vhosts.conf

When a standalone Web server is upgraded to a virtual host server, you need to establish a virtual site for the original web site

# vim/etc/httpd/conf.d/00-default.conf

<virtualhost *:80>

Documentroot/var/www/html

ServerName www.example.com

</VirtualHost>

The default configuration provided

Listen: Listening Address: port (80)

ServerName: DNS name registered on this site (vacant)

DocumentRoot: Web root directory (/var/www/html)

DirectoryIndex: Start Page/home name (index.html)

Create a profile from a configuration file such as:

Port-based

# vim/etc/httpd/conf.d/httpd-vhosts01.conf

<virtualhost *:80>

Documentroot/var/www/test

ServerName server.example.com

</VirtualHost>

#------------------------------------------------------------------------------------------

<virtualhost *:443>

Documentroot/var/www/html

ServerName www.example.com

Sslengine on

Sslcertificatefile/etc/pki/tls/certs/server0.crt

Sslcertificatekeyfile/etc/pki/tls/private/server0.key

Sslcacertificatefile/etc/pki/tls/certs/example-ca.crt

</VirtualHost>

#------------------------------------------------------------------------------------------

Listen 8888

<virtualhost *:8888>

Documentroot/webserver #非指定路径须注意权限

ServerName server.example.com

Wsgiscriptalias//webserver/webapp.wsgi

</VirtualHost>

<directory "/webserver" > #无另行配置子目录继承夫目录权限

Require all denied

Require IP 172.25.0.0/24

</Directory>

Command

#elinks-dump www.example.com #无命令则安装

#firefox www.example.com

Line up the wrong idea

1 Client Access server-side resources

2 Firewall restrictions

3 access control of the service itself

4 is SELinux Limited

This article from "45545613" blog, declined reprint!

Initial HTTP Site Setup