Linux Service chapter (ix) Apache services

Source: Internet
Author: User
Tags benchmark install openssl php language php and mysql ssl certificate what is lamp

HTTP Overview

The purpose of WWW is to make information easier to access, no matter where they are located. When hypertext was used as a standard format for WWW documents, the Protocol-http protocol, the Hypertext Transfer Protocol, was developed to obtain these hypertext documents quickly.

HTTP is an application-level protocol that is used primarily for distributed, collaborative information systems. The HTTP protocol is generic, stateless, and its system is built and transmitted independently of the data. HTTP is also an object-oriented protocol that can be used for a variety of tasks, including name services, distributed object Management, extension of request methods, commands, and so on.

On the Internet, HTTP traffic often occurs on a TCP/IP connection, with a default port of 80 or a different port.


Web Services

Implementation of Web services using the client/server model

The client runs the WWW client-browser, which provides a good, unified user interface. The purpose of the browser is to interpret and display Web pages, respond to user input requests, and pass user requests through the HTTP protocol to the Web server.

The Web server runs the server program, and its most basic function is to listen for and respond to the client's HTTP request and send the request processing result information to the client.

Web services can often be divided into two types: static Web services and Dynamic Web services.


How Web Services work

Web browsers use HTTP commands to make Web page requests to a specific server.

If the server receives a Web page request at a specific port (typically TCP 80 port), sends an answer and establishes a connection between the client and the server

The server Web locates the document required by the client, and if the Web server finds the requested document, the requested document is routed to the Web browser. If the document does not exist, the server sends a corresponding error-prompt document to the client. After the Web browser receives the document, it is displayed.

When the client is done browsing, the connection to the server is disconnected.





Lamp Platform Overview

What is lamp

One of the most mature Enterprise website application Mode, can provide dynamic Web site application and development environment

constituent components

Linux, Apache, MySQL, Php/perl/python

The advantages of lamp

Low cost

Customizable and easy to develop

Easy to use, safe and stable


About Apache

Apache origin

According to NCSA's server development

Originated from A patchy Server, the famous open source Web services software

1995, Release version 1.0 of the Apache service program

The Apache Software Foundation (ASF) is responsible for maintaining

The latest name is "Apache HTTP Server"

Market share of about 60%

Official site: http://httpd.apache.org/

Key Features

Develop source code, cross-platform applications

Supports multiple Web programming languages

Modular design, stable operation and good safety


Lamp Environment Installation Software

HTTPD (Apache main program available)

MySQL (MySQL client program)

Mysql-server (MySQL server program)

PHP (PHP main program included with Apache module)

Php-devel (PHP development tool, which is related to PHP plug-in acceleration software)

Php-mysql (module provided to PHP program to read MySQL database)


Apache Main files:

/var/www/cgi-bin/

Default to some executable CGI (Web program) program Placement directory, when you enter http://localhost/cgi-bin/the data displayed.

/var/log/httpd/where the log is placed

/usr/sbin/apachectl

This is Apache's main execution script, it can proactively detect some of the system above the set values, so that you start Apache easier.

/USR/SBIN/HTTPD is the primary Apache binary execution file

/USR/BIN/HTPASSWD a command to do user authentication to generate a validation file

/var/www/cgi-bin/

Default to some executable CGI (Web program) program Placement directory, when you enter http://localhost/cgi-bin/the data displayed.

/var/log/httpd/where the log is placed

/usr/sbin/apachectl

This is Apache's main execution script, it can proactively detect some of the system above the set values, so that you start Apache easier.

/USR/SBIN/HTTPD is the primary Apache binary execution file

/USR/BIN/HTPASSWD a command to do user authentication to generate a validation file


MySQL main file

/etc/my.cnf

This is the MySQL configuration file, including the MySQL database you want to optimize, or for MySQL to do some additional parameter designation, can be achieved in this file

/var/lib/mysql/

This directory is where the MySQL database files are placed, and you can back up the database by backing up this directory



PHP main files

/etc/httpd/conf.d/php.conf automatically generated after installation

/etc/php.ini

PHP main configuration files, including your PHP can not allow users to upload files? Can you allow some low-security flags and so on, all in this configuration file set!

/usr/lib64/httpd/modules/libphp5.so

PHP This software is provided to Apache to use the module, must exist!

/etc/php.d/mysql.ini,/usr/lib64/php/modules/mysql.so

can PHP support MySQL interface? is provided by Php-mysql software.

/usr/bin/phpize,/usr/include/php/

If you want to install a PHP-like accelerator to make browsing faster, then this file and directory must exist, or the accelerator software will not compile successfully, these two data is provided by the Php-devel software.



httpd.conf configuration file

The httpd.conf configuration file consists of 3 parts, the global environment, the primary server configuration, and the virtual host. Each section has a corresponding configuration statement, and the syntax for all configuration statements is the form of the configuration parameter name parameter value.

Each row in the httpd.conf contains a statement that uses a backslash "\" at the end of the line to wrap, but the backslash cannot have any other characters (including whitespace) in the middle of the next line.

HTTPD.CONF configuration statements All option directives are case-insensitive except for the parameter values of the option, and you can use a "#" number to represent the comment before each line.

/usr/local/apache2/conf/httpd.conf

Global configuration

ServerRoot

Used to specify the running directory for the specified daemon httpd, httpd automatically changes the current directory of the process to this directory after startup, so if the file or directory specified in the settings file is a relative path, the real path is located below the path.

Timeout 60

The time-out interval for defining client programs and server connections, after which the server disconnects from the client after this interval (in seconds).

Pidfile run/httpd.pid The file location where the PID is stored.

Listen 80 Sets the default port for the HTTP service.

User/group sets the performer and genus of the server program.

KeepAlive on

In HTTP1.0, a connection can only be transmitted once for an HTML request, while the KEEPALTVE parameter is used to support the HTTP1.1 version of a connection, multiple transfers, so that multiple HTML requests can be passed in a single connection. Although only newer browsers support this feature, it is best to use the "on" option.

Maxkeepaliverequests 500

Maxkeepaliverequests the maximum number of requests for HTML requests that can be made for a single connection. Setting its value to 0 will support unlimited transfer requests within a single connection. In fact there is no client program that requests most of the pages in a single connection, and usually does not reach this limit to complete the connection.

KeepAliveTimeout 15

KeepAliveTimeout tests the time between multiple request transfers in a connection, and if the server has completed a request, but has not received the next request from the client, the server disconnects when the time interval exceeds the value set by this parameter.

Prefork and work related to memory management

Prefork is used by default and is determined by the/etc/sysconf/httpd file

/USR/SBIN/HTTPD: Using Prefork module;

/usr/sbin/httpd.worker: Use the worker module.

The worker module consumes less memory and is a good choice for sites with large traffic. Although the prefork occupies a large amount of memory, but the speed and the worker difference is not small, and prefork memory use design is superior, can be in many unable to provide debug platform above the self-debugging, the default for small sites.

MaxClients

The ability of the server is limited after all, it is not possible to process an unlimited number of connection requests at the same time, so the parameter maxclients is used to specify the maximum number of concurrent accesses that the server supports, and if this value is set too large, the system will have to switch over too many processes during busy time to service these customers. This will slow down the response to each customer and reduce overall efficiency. If the value is set to a smaller size, some customers ' connection requests are rejected when the system is busy. When the server performance is high, you can increase the setting of this value appropriately.

Maxrequestsperchild

The most common way of using a process-like web service is for a child process to connect to a single connection, and the problem is that each connection needs to be generated and exited from the process's system operations, which take up a large amount of processing power on the computer. Therefore, the best way is for a child process to service multiple connection requests, which will not cause system consumption caused by these builds and exits. Apache used this way, after the end of a connection, the child process does not exit, but to stay in the system to wait for the next service request, which greatly improves performance.

ServerAdmin: Admin Mailbox

ServerName: Domain name of the Web server

DocumentRoot: root directory of Web document

DirectoryIndex: Default index page file

Errorlog: Location of error log files

Customlog: Location of access log files

LogLevel: Logging level, default is warn

Include: Additional configuration files that need to be included

Adddefaultcharset UTF-8 forcing clients to display Web pages with UTF-8



Local Configuration parameters

You can use the <directory directory path > and </Directory> to set permissions on the main directory or virtual directory, which are a pair of container statements that must appear in pairs that encapsulate the specific SET directory permission statement. These statements work only on the set directory and its subdirectories.


AllowOverride (allowed override parameter function): Indicates whether additional configuration files are allowed. Some parameters of htaccess overwrite


Test performance

AB command:

Apache Benchmark,apache Benchmark Test Tool

Format: AB [-Q]-C Concurrent Requests-n total number of requests [/HTTP] Domain name [: Port]/Path



Building a virtual web host

Virtual Web Host

An app that runs multiple Web sites on the same server, where each site does not occupy a single real computer

HTTPD supported virtual host types

Domain-based virtual host

Build 2 virtual Web sites:

Www.benet.com,IP address is 173.17.17.11

Www.accp.com,IP address is 173.17.17.11

When you access these two domains in a browser, different content is displayed separately

[Email protected] htdocs]# vim/etc/httpd/conf/httpd.conf
......
Namevirtualhost 173.17.17.11
<virtualhost 173.17.17.11>
Documentroot/var/www/html/benetcom
ServerName www.benet.com
</VirtualHost>
<virtualhost 173.17.17.11>
Documentroot/var/www/html/accpcom
ServerName www.accp.com
</VirtualHost>

IP address-based virtual host


Build 2 virtual Web sites:

Www.benet.com,IP address is 173.17.17.11

Www.accp.com,IP address is 192.168.4.1

When you access these two IPs in a browser, different content is displayed separately

[Email protected] htdocs]# vi/etc/httpd/conf/httpd.conf
......
<virtualhost 173.17.17.11>
Documentroot/var/www/html/benetcom
ServerName www.benet.com
</VirtualHost>
<virtualhost 192.168.4.11>
Documentroot/var/www/html/accpcom
ServerName www.accp.com
</VirtualHost>


Port-based virtual host


Build 2 virtual Web sites:

Www.benet.com,IP address, Port is 173.17.17.11:80

Www.accp.com,IP address, Port is 173.17.17.11:8080

When accessing both ports in a browser, separate content is displayed

[Email protected] htdocs]# vi/etc/httpd/conf/httpd.conf
......
Listen 173.17.17.11:80
Listen 173.17.17.11:8080
<virtualhost 173.17.17.11:80>
Documentroot/var/www/html/benetcom
ServerName www.benet.com
</VirtualHost>
<virtualhost 173.17.17.11:8080>
Documentroot/var/www/html/accpcom
ServerName www.accp.com
</VirtualHost>

Create a personal homepage for system users

1. Modify the httpd.conf to enable the personal page feature

Userdir public_html

Confirm Directory Regional Settings

2. Set up your Homepage test page

~/public_html/index.html

Add Permission: chmod o+x/home/jerry/

3. Restart the HTTPD service

Service httpd Restart

4. Access Testing

Http://www.benet.com/~user


Access Control for HTTPD services

User-based access control

Add Authentication Authorization Settings

[Email protected] ~]# vi/etc/httpd/conf/httpd.conf
......
<directory "/usr/local/awstats/wwwroot" >
......
AuthName "AWSTATS"
AuthType Basic
authuserfile/usr/local/awstats/wwwroot/.htpasswd
Require Valid-user
</Directory>
......

User-based access control

Create a file that stores authenticated user accounts and passwords

Need to use the HTPASSWD tool
[Email protected] apache2]# htpasswd-c \

>/USR/LOCAL/AWSTATS/WWWROOT/.HTPASSWD Awuser

Based on the user's access control, you can also create a. htaccess file in the directory accessed by the user to control

and write Authconfig for the allowoverride of the catalog.

Also to establish user authentication files

Client address-based access control

Order configuration items, defining control order

First allow after deny, default deny all: Order Allow,deny

First deny after allow, default allow all: Order Deny,allow

Allow, deny configuration items, setting allowed or denied addresses


HTTPS Secure access


HTTPS (full name: Hypertext Transfer Protocol over secure Socket Layer) is a security-targeted HTTP channel and is simply a secure version of HTTP. That is, the SSL layer is added under HTTP, the security base of HTTPS is SSL, so the detailed content of encryption needs SSL.

HTTPS uses TCP port 443 by default

SSL work is divided into 2 phases:

Server Authentication Phase

Client authentication phase (optional)

Apache to install OpenSSL

Apache to install the Mod_ssl module

Apache's SSL configuration file and SSL corresponding module will be stored in the following directory.

/etc/httpd/conf.d/ssl.conf

/etc/httpd/modules/mod_ssl.so

HTTPS is supported after the default installation


Generate a self-signed certificate

First set up a private key to provide the SSL certificate signing requirements used;

Finally, build the SSL certificate file (test certificates).


Using a Word Signing certificate

[Email protected] certs]# vim/etc/httpd/conf.d/ssl.conf SSLCERTIFICATEFILE/ETC/PKI/TLS/CERTS/BENET.CRT Sslcertificatekeyfile/etc/pki/tls/certs/benet.key

If you want to implement HTTPS and HTTP access separately, modify the ssl.conf file directly, enable the virtual host to



Introduction to PHP

Characteristics:

1. Cross-platform: PHP programs can run under UNIX, Linux, or Windows operating systems.

2, embedded HTML: Because the PHP language can be embedded inside the HTML, so PHP is easy to learn.

3. Simple language: Unlike Java and C + +, the PHP language adheres to the base language, but it is powerful enough to support any type of Web site.

4, high efficiency: compared with other explanatory languages, PHP system consumes less system resources. When PHP is part of the Apache Web server, running the code does not require an external binary, and the server explains that the script does not have to bear any additional burden.

5. Support various databases: Users can use PHP to access databases of Oracle, Sybase, Ms-sql, MySQL, PostgreSQL, DBase, Filepro, and Informix.

6. File access: PHP has a number of support file access functions.

7. Text Processing: PHP has many functions to handle strings, including the ability to match patterns.

8. Complex variables: PHP supports variables such as scalars, arrays, associative arrays, which gives the user a solid foundation to support other advanced data structures.

9. Support Image processing: Users can create images dynamically using PHP.

Test the combination with PHP and MySQL

Installation forum for testing

Prepare the database for the forum to be installed

Download the Forum program code and unzip it to the website root directory

Visit the website for graphical interface installation

To set up a forum using central administration


Linux Service chapter (ix) Apache services

Related Article

E-Commerce Solutions

Leverage the same tools powering the Alibaba Ecosystem

Learn more >

Apsara Conference 2019

The Rise of Data Intelligence, September 25th - 27th, Hangzhou, China

Learn more >

Alibaba Cloud Free Trial

Learn and experience the power of Alibaba Cloud with a free trial worth $300-1200 USD

Learn more >

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.