************************9.apache*********************
Internet Mainstream architecture
lamp = Linux Apache mysql php
lnmp = Linux nginx mysql php
to use HTML CGI jsp ASP and other closed source Web page editing software
need to use translation software tomcat JBoss
# #1. Apache Basic Configuration # #
Installing the Apache package: httpd httpd-manual (manual plugin)
Viewing listening ports : Netstat-antlpe | grep httpd
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/8B/3E/wKioL1hIDDzBN6taAAA-cx0f-8I822.png "title=" Picture 1.png "alt=" Wkiol1hiddzbn6taaaa-cx0f-8i822.png "/>
# #2. Apache Simple Configuration # #
master configuration file:/etc/httpd/conf/httpd.conf
1. Default home page name DirectoryIndex
In the default publishing directory , in the/var/www/html directory, write custom content in the test file
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/8B/42/wKiom1hIDE6iUibJAAAUsQmsC3g911.png "title=" Picture 2.png "alt=" Wkiom1hide6iuibjaaausqmsc3g911.png "/>
The order of the files represents the order in which the service is accessed, from front to back until access to the existing file
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/8B/3E/wKioL1hIDFvy0OvzAAA0zcb8CtI440.png "title=" Picture 3.png "alt=" Wkiol1hidfvy0ovzaaa0zcb8cti440.png "/>
Web Testing
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/8B/42/wKiom1hIDGvSHBf-AAAS5Lfyn80236.png "title=" Picture 4.png "alt=" Wkiom1hidgvshbf-aaas5lfyn80236.png "/>
2. Default Port Listen
Modifying a configuration file
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/8B/3E/wKioL1hIDHnDdVNoAAAKXdd-wkg143.png "title=" Picture 5.png "alt=" Wkiol1hidhnddvnoaaakxdd-wkg143.png "/>
Web test, modify default port, direct access IP Access does not reach the Web page
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/8B/3E/wKioL1hIDQ6gvfeGAABKGi7vb98633.png "title=" capture. PNG "alt=" Wkiol1hidq6gvfegaabkgi7vb98633.png "/>
must be in IP followed by the modified port to access the
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/8B/3E/wKioL1hIDR-BPZ5LAAAWkZ1e0xA656.png "title=" Picture 7.png "alt=" Wkiol1hidr-bpz5laaawkz1e0xa656.png "/>
3. Default Publishing Directory DocumentRoot
Create a directory /www/myweb, write the home page content in the directory for testing
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/8B/3E/wKioL1hIDUXjwhNhAAAqsv63RDc408.png "title=" Picture 8.png "alt=" Wkiol1hiduxjwhnhaaaqsv63rdc408.png "/>650) this.width=650; src=" http://s4.51cto.com/wyfs02/M02/ 8b/42/wkiom1hidtoqwwt4aaakmvgzvqy886.png "title=" image 9.png "alt=" Wkiom1hidtoqwwt4aaakmvgzvqy886.png "/>
Modifying a configuration file
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/8B/42/wKiom1hIDWPDTGpYAABSfkVGV1s386.png "title=" Picture 10.png "alt=" Wkiom1hidwpdtgpyaabsfkvgv1s386.png "/>
Web Testing
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/8B/42/wKiom1hIDYqRYtPGAAAUbz8UqSA285.png "title=" Picture 11.png "alt=" Wkiom1hidyqrytpgaaaubz8uqsa285.png "/>
Note: If you enable SELinux, you need to change the directory security context
Use semanage fcontext-a-T httpd_sys_content_t "/directory (/.*)?" Change the security context
reloading the security context using restorecon-rvvf/directory
4. Change the default publishing directory permissions
1) IP-based
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/8B/3E/wKioL1hIDZ7QcQJiAABaWUWydTQ845.png "title=" Picture 12.png "alt=" Wkiol1hidz7qcqjiaabawuwydtq845.png "/>
with the host IP for 172.25.254.8 web page test, only see Apache test page, see the default publishing directory content
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/8B/42/wKiom1hIDfjRzZ43AABTBS6Fpa8630.png "title=" Picture 13.png "alt=" Wkiom1hidfjrzz43aabtbs6fpa8630.png "/>
2) User-based
Add a user and make a password
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/8B/3E/wKioL1hIDg6D34YsAAB3C2hDbp0219.png "title=" Picture 14.png "alt=" Wkiol1hidg6d34ysaab3c2hdbp0219.png "/>
Restrict users
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/8B/3E/wKioL1hIDh2SgKw1AAB0DM5oBgo936.png "title=" Picture 15.png "alt=" Wkiol1hidh2sgkw1aab0dm5obgo936.png "/>
B. No restrictions on users
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/8B/3E/wKioL1hIDjDTohNdAAB06GBtRiw569.png "title=" Picture 16.png "alt=" Wkiol1hidjdtohndaab06gbtriw569.png "/>
Only users who have the correct matching username and password and are not restricted can access the Web page
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/8B/42/wKiom1hIDkCgIAhcAABMciFonnU479.png "title=" Picture 17.png "alt=" Wkiom1hidkcgiahcaabmcifonnu479.png "/>
# #2. Virtual Host # #
virtual host allows you to the HTTPD server serves multiple Web sites simultaneously a name-based virtual host is where multiple host names point to the same IP address, but the Web server provides different sites with different content depending on the host name used to reach the site.
1. under the /etc/httpd/conf.d directory
Edit Default Home page profile vim default.conf
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/8B/42/wKiom1hIDlGBiRaQAAB0ZOMTjHI786.png "title=" Picture 18.png "alt=" Wkiom1hidlgbiraqaab0zomtjhi786.png "/>
Edit News Home configuration file vim news.conf
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/8B/3F/wKioL1hIDmCBj0r2AAB-QVqPMNM913.png "title=" Picture 19.png "alt=" Wkiol1hidmcbj0r2aab-qvqpmnm913.png "/>
Edit Music Home configuration file vim music.conf
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/8B/42/wKiom1hIDm7RiY92AAB7S0RJY9s473.png "title=" Picture 20.png "alt=" Wkiom1hidm7riy92aab7s0rjy9s473.png "/>
2. In the default publishing directory, set up the directory for the virtual host
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/8B/42/wKiom1hIDv-QOXdgAAB3EGwDuNE988.png "title=" Picture 21.png "alt=" Wkiom1hidv-qoxdgaab3egwdune988.png "/>
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M02/8B/42/wKiom1hIDxDgKg-PAAAPTB01zjk429.png "title=" Picture 22.png "alt=" Wkiom1hidxdgkg-paaaptb01zjk429.png "/>
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/8B/3F/wKioL1hIDx7BirBmAAAMr27NH74189.png "title=" Picture 23.png "alt=" Wkiol1hidx7birbmaaamr27nh74189.png "/>
3. Web test host Add host record vim/etc/hosts
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/8B/3F/wKioL1hIDynglo7UAAATi8RkBdI915.png "title=" Picture 24.png "alt=" Wkiol1hidynglo7uaaati8rkbdi915.png "/>
Web Testing
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/8B/42/wKiom1hIDz_CSHvbAAAWZaquShg046.png "title=" Picture 25.png "alt=" Wkiom1hidz_cshvbaaawzaqushg046.png "/>
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/8B/3F/wKioL1hID07R_C4EAAAXgIHja9Q730.png "title=" Picture 26.png "alt=" Wkiol1hid07r_c4eaaaxgihja9q730.png "/>
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/8B/42/wKiom1hID1uifZZbAAAYZGDoRoE756.png "title=" Picture 27.png "alt=" Wkiom1hid1uifzzbaaayzgdoroe756.png "/>
The customer gets the public key, which is used for cryptographic authentication. server decryption, mitigating server pressure 1. Installing the software mod_ssl and for generating the signing certificate Crypto-utils package
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/8B/3F/wKioL1hID26CzJnuAAFYFieAEF4040.png "title=" Picture 28.png "alt=" Wkiol1hid26czjnuaafyfieaef4040.png "/>
The specific build steps are as follows:
Record the generated certificate and the associated private key generation location
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/8B/3F/wKioL1hID3jBLBLtAACWw8l2xR0280.png "title=" Picture 29.png "alt=" Wkiol1hid3jblbltaacww8l2xr0280.png "/>
continue to use the dialog box and select the appropriate key size
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/8B/42/wKiom1hID4SBzTsEAAAsvyWtWh0961.png "title=" Picture 30.png "alt=" Wkiom1hid4sbztseaaasvywtwh0961.png "/>
slow when generating random numbers, hitting the keyboard and moving the mouse can speed up
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/8B/42/wKiom1hID56CxmFOAAB6w2yvYic933.png "title=" Picture 31.png "alt=" Wkiom1hid56cxmfoaab6w2yvyic933.png "/>
refusal to the certification authority ( CA) to send a certificate request (CSR)
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/8B/3F/wKioL1hID6ygwoL8AABUxCflacg413.png "title=" Picture 32.png "alt=" Wkiol1hid6ygwol8aabuxcflacg413.png "/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/8B/3F/wKioL1hID7_g5yIgAADuKvfy00o995.png "title=" Picture 33.png "alt=" Wkiol1hid7_g5yigaadukvfy00o995.png "/>
provide the appropriate identity for the server. Common name must exactly match the host full name of the server.
(Note that any comma should use a leading backslash [\] to escape)
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/8B/42/wKiom1hID9ax-aC-AADhiJd32HA645.png "title=" Picture 34.png "alt=" Wkiom1hid9ax-ac-aadhijd32ha645.png "/>
3. Modify the configuration file/etc/httpd/conf.d/ssl.conf
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/8B/42/wKiom1hID-nBFe_8AAA28O0JimA999.png "title=" Picture 36.png "alt=" Wkiom1hid-nbfe_8aaa28o0jima999.png "/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/8B/3F/wKioL1hID_eiHK6XAAA7s02GAwo221.png "title=" Picture 37.png "alt=" Wkiol1hid_eihk6xaaa7s02gawo221.png "/>
Web test, you can see the content of the certificate you added
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/8B/3F/wKioL1hIEAXQVvNGAACYm-8cYpg937.png "title=" Picture 35.png "alt=" Wkiol1hieaxqvvngaacym-8cypg937.png "/>
Linux notes 3-9 Apache (HTTP,HTTPS)