Linux notes 3-9 Apache (HTTP,HTTPS)

Source: Internet
Author: User

************************9.apache*********************
Internet Mainstream architecture
lamp = Linux Apache mysql php
lnmp = Linux nginx mysql php
to use HTML CGI jsp ASP and other closed source Web page editing software
need to use translation software tomcat JBoss
# #1. Apache Basic Configuration # #
Installing the Apache package: httpd httpd-manual (manual plugin)
Viewing listening ports : Netstat-antlpe | grep httpd

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/8B/3E/wKioL1hIDDzBN6taAAA-cx0f-8I822.png "title=" Picture 1.png "alt=" Wkiol1hiddzbn6taaaa-cx0f-8i822.png "/>


# #2. Apache Simple Configuration # #
master configuration file:/etc/httpd/conf/httpd.conf
1. Default home page name DirectoryIndex

In the default publishing directory , in the/var/www/html directory, write custom content in the test file

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/8B/42/wKiom1hIDE6iUibJAAAUsQmsC3g911.png "title=" Picture 2.png "alt=" Wkiom1hide6iuibjaaausqmsc3g911.png "/>

The order of the files represents the order in which the service is accessed, from front to back until access to the existing file

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/8B/3E/wKioL1hIDFvy0OvzAAA0zcb8CtI440.png "title=" Picture 3.png "alt=" Wkiol1hidfvy0ovzaaa0zcb8cti440.png "/>

Web Testing

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/8B/42/wKiom1hIDGvSHBf-AAAS5Lfyn80236.png "title=" Picture 4.png "alt=" Wkiom1hidgvshbf-aaas5lfyn80236.png "/>
2. Default Port Listen

Modifying a configuration file

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/8B/3E/wKioL1hIDHnDdVNoAAAKXdd-wkg143.png "title=" Picture 5.png "alt=" Wkiol1hidhnddvnoaaakxdd-wkg143.png "/>

Web test, modify default port, direct access IP Access does not reach the Web page

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/8B/3E/wKioL1hIDQ6gvfeGAABKGi7vb98633.png "title=" capture. PNG "alt=" Wkiol1hidq6gvfegaabkgi7vb98633.png "/>

must be in IP followed by the modified port to access the

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/8B/3E/wKioL1hIDR-BPZ5LAAAWkZ1e0xA656.png "title=" Picture 7.png "alt=" Wkiol1hidr-bpz5laaawkz1e0xa656.png "/>
3. Default Publishing Directory DocumentRoot

Create a directory /www/myweb, write the home page content in the directory for testing

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/8B/3E/wKioL1hIDUXjwhNhAAAqsv63RDc408.png "title=" Picture 8.png "alt=" Wkiol1hiduxjwhnhaaaqsv63rdc408.png "/>650) this.width=650; src=" http://s4.51cto.com/wyfs02/M02/ 8b/42/wkiom1hidtoqwwt4aaakmvgzvqy886.png "title=" image 9.png "alt=" Wkiom1hidtoqwwt4aaakmvgzvqy886.png "/>

Modifying a configuration file

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/8B/42/wKiom1hIDWPDTGpYAABSfkVGV1s386.png "title=" Picture 10.png "alt=" Wkiom1hidwpdtgpyaabsfkvgv1s386.png "/>

Web Testing

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/8B/42/wKiom1hIDYqRYtPGAAAUbz8UqSA285.png "title=" Picture 11.png "alt=" Wkiom1hidyqrytpgaaaubz8uqsa285.png "/>
Note: If you enable SELinux, you need to change the directory security context
Use semanage fcontext-a-T httpd_sys_content_t "/directory (/.*)?" Change the security context
reloading the security context using restorecon-rvvf/directory
4. Change the default publishing directory permissions
1) IP-based

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/8B/3E/wKioL1hIDZ7QcQJiAABaWUWydTQ845.png "title=" Picture 12.png "alt=" Wkiol1hidz7qcqjiaabawuwydtq845.png "/>

with the host IP for 172.25.254.8 web page test, only see Apache test page, see the default publishing directory content

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/8B/42/wKiom1hIDfjRzZ43AABTBS6Fpa8630.png "title=" Picture 13.png "alt=" Wkiom1hidfjrzz43aabtbs6fpa8630.png "/>
2) User-based

Add a user and make a password

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/8B/3E/wKioL1hIDg6D34YsAAB3C2hDbp0219.png "title=" Picture 14.png "alt=" Wkiol1hidg6d34ysaab3c2hdbp0219.png "/>
Restrict users

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/8B/3E/wKioL1hIDh2SgKw1AAB0DM5oBgo936.png "title=" Picture 15.png "alt=" Wkiol1hidh2sgkw1aab0dm5obgo936.png "/>
B. No restrictions on users

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/8B/3E/wKioL1hIDjDTohNdAAB06GBtRiw569.png "title=" Picture 16.png "alt=" Wkiol1hidjdtohndaab06gbtriw569.png "/>

Only users who have the correct matching username and password and are not restricted can access the Web page

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/8B/42/wKiom1hIDkCgIAhcAABMciFonnU479.png "title=" Picture 17.png "alt=" Wkiom1hidkcgiahcaabmcifonnu479.png "/>

# #2. Virtual Host # #
virtual host allows you to the HTTPD server serves multiple Web sites simultaneously a name-based virtual host is where multiple host names point to the same IP address, but the Web server provides different sites with different content depending on the host name used to reach the site.

1. under the /etc/httpd/conf.d directory

Edit Default Home page profile vim default.conf

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/8B/42/wKiom1hIDlGBiRaQAAB0ZOMTjHI786.png "title=" Picture 18.png "alt=" Wkiom1hidlgbiraqaab0zomtjhi786.png "/>

Edit News Home configuration file vim news.conf

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/8B/3F/wKioL1hIDmCBj0r2AAB-QVqPMNM913.png "title=" Picture 19.png "alt=" Wkiol1hidmcbj0r2aab-qvqpmnm913.png "/>

Edit Music Home configuration file vim music.conf

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/8B/42/wKiom1hIDm7RiY92AAB7S0RJY9s473.png "title=" Picture 20.png "alt=" Wkiom1hidm7riy92aab7s0rjy9s473.png "/>

2. In the default publishing directory, set up the directory for the virtual host

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/8B/42/wKiom1hIDv-QOXdgAAB3EGwDuNE988.png "title=" Picture 21.png "alt=" Wkiom1hidv-qoxdgaab3egwdune988.png "/>

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M02/8B/42/wKiom1hIDxDgKg-PAAAPTB01zjk429.png "title=" Picture 22.png "alt=" Wkiom1hidxdgkg-paaaptb01zjk429.png "/>

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/8B/3F/wKioL1hIDx7BirBmAAAMr27NH74189.png "title=" Picture 23.png "alt=" Wkiol1hidx7birbmaaamr27nh74189.png "/>

3. Web test host Add host record vim/etc/hosts

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/8B/3F/wKioL1hIDynglo7UAAATi8RkBdI915.png "title=" Picture 24.png "alt=" Wkiol1hidynglo7uaaati8rkbdi915.png "/>

Web Testing

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/8B/42/wKiom1hIDz_CSHvbAAAWZaquShg046.png "title=" Picture 25.png "alt=" Wkiom1hidz_cshvbaaawzaqushg046.png "/>

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/8B/3F/wKioL1hID07R_C4EAAAXgIHja9Q730.png "title=" Picture 26.png "alt=" Wkiol1hid07r_c4eaaaxgihja9q730.png "/>

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/8B/42/wKiom1hID1uifZZbAAAYZGDoRoE756.png "title=" Picture 27.png "alt=" Wkiom1hid1uifzzbaaayzgdoroe756.png "/>

The customer gets the public key, which is used for cryptographic authentication. server decryption, mitigating server pressure 1. Installing the software mod_ssl and for generating the signing certificate Crypto-utils package

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/8B/3F/wKioL1hID26CzJnuAAFYFieAEF4040.png "title=" Picture 28.png "alt=" Wkiol1hid26czjnuaafyfieaef4040.png "/>

The specific build steps are as follows:

Record the generated certificate and the associated private key generation location

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/8B/3F/wKioL1hID3jBLBLtAACWw8l2xR0280.png "title=" Picture 29.png "alt=" Wkiol1hid3jblbltaacww8l2xr0280.png "/>

continue to use the dialog box and select the appropriate key size

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/8B/42/wKiom1hID4SBzTsEAAAsvyWtWh0961.png "title=" Picture 30.png "alt=" Wkiom1hid4sbztseaaasvywtwh0961.png "/>

slow when generating random numbers, hitting the keyboard and moving the mouse can speed up

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/8B/42/wKiom1hID56CxmFOAAB6w2yvYic933.png "title=" Picture 31.png "alt=" Wkiom1hid56cxmfoaab6w2yvyic933.png "/>

refusal to the certification authority ( CA) to send a certificate request (CSR)

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/8B/3F/wKioL1hID6ygwoL8AABUxCflacg413.png "title=" Picture 32.png "alt=" Wkiol1hid6ygwol8aabuxcflacg413.png "/>

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/8B/3F/wKioL1hID7_g5yIgAADuKvfy00o995.png "title=" Picture 33.png "alt=" Wkiol1hid7_g5yigaadukvfy00o995.png "/>

provide the appropriate identity for the server. Common name must exactly match the host full name of the server.
(Note that any comma should use a leading backslash [\] to escape)

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/8B/42/wKiom1hID9ax-aC-AADhiJd32HA645.png "title=" Picture 34.png "alt=" Wkiom1hid9ax-ac-aadhijd32ha645.png "/>


3. Modify the configuration file/etc/httpd/conf.d/ssl.conf

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/8B/42/wKiom1hID-nBFe_8AAA28O0JimA999.png "title=" Picture 36.png "alt=" Wkiom1hid-nbfe_8aaa28o0jima999.png "/>

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/8B/3F/wKioL1hID_eiHK6XAAA7s02GAwo221.png "title=" Picture 37.png "alt=" Wkiol1hid_eihk6xaaa7s02gawo221.png "/>

Web test, you can see the content of the certificate you added

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/8B/3F/wKioL1hIEAXQVvNGAACYm-8cYpg937.png "title=" Picture 35.png "alt=" Wkiol1hieaxqvvngaacym-8cypg937.png "/>


Linux notes 3-9 Apache (HTTP,HTTPS)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.