Linux Miscellaneous (20): apache service configuration

1apache introduction ?? We often need to browse web pages to provide such services as apache. The software that provides the apache service is the httpd service .? 1. apache overview
?
? We often need to browse web pages to provide such services as apache. The software that provides the apache service is the httpd service.
?
? Apache support? Multiple features, most of which are implemented through compiled modules .? Some features? NAO? Jack said that a zombie Z said that he supported his identity ?? Solution. Some common language interfaces support Perl, Python, Tcl, and PHP. Popular authentication modules include mod_access, mod_auth, and mod_digest. Other examples include SSL and TLS support (mod_ssl), proxy module, very useful URL rewriting (implemented by mod_rewrite), custom log file (mod_log_config ), and supports filtering (mod_include and mod_ext_filter ). Apache logs can be analyzed using a free script AWStats or Visitors in a web browser.
?
? Apache service configuration is very exquisite. we will first provide services, including Perl, Python, and PHP. At last, security should be realized based on the provision of services.
?

?
? Is a basic architecture of our apache server.
?
? 2. configure the apache service

? 1) first, we need to install the apache service. The installation file is httpd:
?
?
?
? Fortunately, our httpd has been installed. Start the httpd service and find that our host name needs to be modified:
?
?

? Modify the/etc/hosts file and add a comparison between the local IP address and the domain name:
?
?
?
?
?
? After the restart, we found that the previous prompt was missing:


?
? The service is finally started. the default release directory of apache is/var/www/HTML. the local file is index.html in the directory.
?
? You can simply write an index.html file (created under the default release directory ):
?
?
?
?
?
? We can see that this file is readable to anyone:
?
?
?
? Next we will access this server:
?
?
?
? Haha, but you cannot see the published content. Think about the situation that we just saw that the permissions are readable. the problem should be that the firewall is working. We disable firewall learning first:
?
?
?
?
?
? Restart the httpd service and access the server again:
?
?
?
? Access again:
?
?
?
? This time we can see it.
?
? 2. set your own default release Directory
??
? Sometimes we do not want to set the default release directory to/var/www/html. to set other directories as the default release Directory, we need to modify the httpd configuration file:
?
?
?
? We modify the default release directory of httpd to/www/html:
?
?
? 1. First, we need to create this directory, and then create the following example file index.html:
?
?
?

?
? Restart the httpd service and view the default published content (our firewall has been disabled ):
?
?
?
?
?
? You can see this interface, remember, once this problem occurs. That is, selinux has insufficient permissions. we must set the security context of the default release Directory:
?
? First, install a software that can modify the security context:
?
?
?
? Modify the security context of/www/html:
?
?
?
? Check the security context of/www/html. the security context is indeed accessible:
?
?
?
? After checking again, we can see the default published content:
?
?
?
? In the above content, we have set the default release directory of the httpd service and implemented html content publishing. However, permissions and security considerations are insufficient. we can set the identity of the user to avoid unauthorized access.
?
? 1) Suppose we only allow access from the local machine.
?
? 1. modify the configuration file:
?
?
? In this Directory, we only allow access from the local IP address.
?
? After restarting the service, use another host to access the service:
?
?
?
? Then the local access result is as follows:
?
?

? 2) if we only allow access from users in this segment.
?
? You still need to modify the configuration file:
?
?
?
Then restart the service. users in the CIDR block 192.168.0.0/24 can access this apache.
?
? Summary:
?
? This section describes the basic configuration of the apache service. we will explain how to set encryption and intranet and internet access rules in future posts.