Linux under httpd Service noun explanation and HTTP and HTTPS server Setup
1.http:hypertext Transfer Protocol: Hypertext Transfer Protocol
2.uri:uniform Resource Indentifier, unified Resource labeling global scope, unified path format
3.url:uniform Resource Locator: Unified resource Positioning
4.web Resources: Multiple resources are likely to be consolidated into an HTML document
5.mime:multipurpose Internet Mail Extension, multi-purpose Internet Message extension
The non-textual data is re-encoded (BASE64) in text format before transmission, and the receiver is able to re-encode it in the opposite way
Revert to the original format and be able to call the appropriate program to open the file
6. Dynamic Web page: contains static content and dynamic content
Server-side stored document non-HTML format, but programming language development script, after the script accepts the parameters
Run the server once, after the completion of the operation will generate HTML-formatted documents, the generated documents sent to the client;
7.HTTP message: Divided into request message and response message
7.1. Request Message Syntax:
<method> <request-URL> <version>
<entity-body>
For example: Request message:
get/http/1.1
Host:www.willow.com
Connection:keep-alive
7.2. Response message Syntax:
<version> <status> <reason-phrase>
<entity-body>
Example: Response message
http/1.1 201 OK
x-powered-by:php/5.2.17
Vary:accept-encoding,cookie,user-agent
Cache-control:max-age=3, Must-revalidate
Content-encoding:bzip2
content-length:6931
Message format interpretation: The first line is often referred to as the message "Start line", and the contents of the following label format are called
Header field, each header field consists of a name and value (value) separated by commas.
In addition, the response message usually has a body of information called body, which responds to the content of the client.
8. Status Code:
1XX: Pure Information
2XX: Information on "Success" Class (200, 201, 202)
3XX: Redirect class information (301, 302, 304)
4XX: Client error class information (404)
5XX: Server-side Error class information
The main operation of the 9.WEB server
9.1. Establish a connection-accept or reject client connection requests;
9.2. Receive requests-read HTTP request messages over the network;
9.3. Process the request--parse the request message and make the corresponding action;
9.4. Access to resources-access to the relevant resources in the request message;
9.5. Build response-Generate HTTP response messages using the correct header;
9.6. Send response-sends the generated response message to the client;
9.7. Logging-When the completed HTTP transaction is logged into the log file;
How the 10.WEB server handles the schema of concurrent connection requests
10.1. Single Thread Web server (single-threaded Web servers)
In this way, the Web server processes one request at a time, and then reads and processes the next request at the end. During a request processing, all other requests are ignored, so serious concurrency problems can occur in scenarios where there are more concurrent requests.
10.2. Multi-process/multi-threaded Web server
In this architectural approach, the Web server generates multiple processes or threads that process multiple user requests in parallel, and processes or threads can be generated on demand or in advance. There are Web server applications that generate a single process or thread for each user request, but when the number of concurrent requests reaches tens of thousands, multiple concurrently running processes or threads consume a large amount of system resources.
10.3.I/O Multiplexing Web server
In order to be able to support more concurrent user requests, more and more Web servers are using multiple reuse architectures-synchronous monitoring of the active state of all connection requests, a series of specific actions for a connection when the state of a link changes (such as the data is ready or an error occurs), and after the operation is complete, This connection will be reset back to the transient stable state and returned to the list of open connections until the next status change. Because of its multiplexing nature, processes or threads are not occupied by idle connections, and thus provide an efficient mode of operation.
10.4. multiplexed multi-threaded Web server
A Web server architecture that combines multi-process and multiplexed functionality to avoid having a process serve too many user requests and take advantage of the computing power provided by multi-CPU hosts.
The Web Proxy server works between the Web client and the Web server, and it is responsible for receiving HTTP requests from the client and forwarding them to the corresponding service, and then receiving the response from the service side and echoing the response message back to the client.
11.HTTPD Service: Follow-up to httpd maintenance, that is, a patch, called a patchy Server, called Apache
So httpd belongs to Apache a service, but now people say Apache is considered httpd service
Apache Official website: www.apache.org
HTTPD website: http://httpd.apache.org
12.HTTPD Features: Create a process in advance
Maintenance of appropriate processes on demand
Module block design, the core is relatively small, various functions are added module (including PHP)
Support Run configuration, support individual compile module
Support multiple ways of virtual host configuration
13. Virtual Hosting:
IP-based virtual host; Format: ip1:80 ip2:80, IP is different, but the port is the same
Port-based virtual host; Format: ip:80 ip:8080, IP same, but Port not the same
Domain-based virtual host; format: *:80, IP same, but servername different
Support for HTTPS protocol (MOD_SSL)
Support user authentication
Support for IP-or host-name-based ACLs
Support for per-Directory access control
Support for URL rewriting
14.HTTPD Related file path:
/USR/SBIN/HTTPD (Mpm:prefork)
Httpd:root, root (main process belongs to the main group)
Httpd:apche, Apache (working process belongs to the main group)
/ETC/RC.D/INIT.D/HTTPD script File
/ETC/HTTPD: Working root directory, equivalent to program installation directory
/ETC/HTTPD/CONF: Configuration file directory
/etc/httpd/httpd.conf: Master configuration file
/etc/httpd/conf.d/*.conf such files will be httd.conf included and called
/etc/httpd/modules: Module Catalog
/etc/httpd/logs-/var/log/httpd: Log directory
There are two types of log files: Access log access_log, error log: Err_log
/var/www/html Client Access Server Page storage path
/var/www/cgi-bin Dynamic Web page path
Cgi:common Gateway Interface Universal Gateways Portal
FastCGI
Port: (80/tcp), (SSL:443/TCP)
15.httpd.conf configuration file explanation :
Format: directive value #指令 values
instruction does not distinguish between character case
Value is case-sensitive
15.1.mpm:multi Path Modules, called multi-processing module
MPM_WINNT: Windows-based
Prefork (a request with a process response, large concurrency environment consumes more resources)
Worker (one request responds with one thread, starts multiple processes, each process generates multiple threads))
Event (a process that processes multiple requests, based on events)
The URL path is relative to DocumentRoot.
15.2.Options:
None: No options are supported
Indexes: Allow index directory
Followsynlinks: Allow access to the original file that the symbolic link points to
Includes: Allow service-side inclusion (SSI) to be performed
EXECCGI: Allow CGI scripts to run
All: Support all options
15.3.Order: Used to define host-based access capabilities (IP or network address or host-defined access control mechanism)
Order Allow,deny
Allow from all
Example: Deny 172.16.1.0/24 subnet segment access to Apache server
Order Deny,allow
Deny from 172.16.0.0/24
15.4.AllowOverride authconfig: Access Apache server based on user or group authentication
Example: User-based authentication
AuthType Basic
AuthName "hint string can be arbitrary"
AUTHUSERFILE/ETC/HTTPD/CONF/HTPASSWD #自定义用户名密码文件路径及名字
Require User Username #仅允许指定用户名访问服务器
#Require valid-user #允许/etc/httpd/conf/htpasswd all user access servers
Example: Group-based authentication
AuthType Basic
AuthName "hint string can be arbitrary"
AUTHUSERFILE/ETC/HTTPD/CONF/HTPASSWD #自定义用户名密码文件路径及名字
Authgroupfile/etc/httpd/conf/group #自定义用户组路径及名字
Require Group name #允许指定组内所有用户访问服务器
15.5.htpasswd Command : Create a httpd user authentication command
-C: Create a file that holds the user's password
-M: Password MD5 one-way encryption
-D: Delete the specified user
For example: Create a password file for the first time and add Willow users:
Htpasswd-c-m/etc/httpd/conf/htpasswd Willow
For example: Once the password file has been created, add the user:
Htpasswd-m/etc/httpd/conf/htpasswd User1
For example: Delete user1 User:
htpasswd-d/etc/httpd/conf/htpasswd User1
15.6.Alias: Path alias:
Alias/url "Local_path"
15.7. Virtual Host: httpd.conf configuration file is divided into central host and virtual host configuration,
Neither of these hosts can be used at the same time, which means that only one of them
To cancel the central host method: Note The documentroot of the center host, add the # number to the front
Open the virtual host method: The default is to shut down the virtual host,Namevirtualhost *:80, the front # can be deleted
Example: Provide two domain-based virtual hosts:
a.www1.willow.com, page file directory is/VAR/WWW/HTML/WWW1;
Only allow authenticated users such as Willow and Tom to access the server
The error log is/var/log/httpd/www1.err,
Access log is/var/log/httpd/www1.access;
b.www2.willow.com, page file directory is/var/www/html/www2;
Deny 1.1.1.144 this host to access this server
The error log is/var/log/httpd/www2.err,
Access log is/var/log/httpd/www2.access;
C. Two virtual hosts set up their own homepage file index.html, respectively, their corresponding hostname;
The configuration is as follows:
Namevirtualhost *:80
<virtualhost *:80>
DocumentRoot "/VAR/WWW/HTML/WWW1"
ServerName www1.willow.com
Errorlog/var/log/httpd/www1.err
Customlog/var/log/httpd/www1.access combined
<directory "/VAR/WWW/HTML/WWW1" >
Options None
AllowOverride authconfig
AuthType Basic
AuthName "Willow1.com"
AuthUserFile "/ETC/HTTPD/CONF/HTPASSWD"
Require Valid-user
</Directory>
</VirtualHost>
<virtualhost *:80>
DocumentRoot "/VAR/WWW/HTML/WWW2"
ServerName www2.willow.com
Errorlog/var/log/httpd/www2.err
Customlog/var/log/httpd/www2.access combined
<directory "/VAR/WWW/HTML/WWW2" >
Options None
allowoverride None
Order Deny,allow
Deny from 1.1.1.144
</Directory>
</VirtualHost>
Note: 1. If you start the virtual host function, you must comment out the central host DocumentRoot
2. The WWW1 and WWW2 directories under the corresponding directory are to be created manually, index.html are also created manually
3.HTPASSWD command to create authenticated users and files, if you do not understand please look up this command in detail
16.HTTPS Service Configuration
HTTPS based on 443-port encrypted access
Yum Install-y mod_ssl
Vim/etc/httpd/conf.d/ssl.conf, mainly modifies the following items:
<virtualhost _default_:443> #可修成指定IP的443端口
DocumentRoot "/var/www/html/www"
ServerName www.willow.com
SSLCERTIFICATEFILE/ETC/HTTPD/SSL/HTTP.CRT #证书路径
Sslcertificatekeyfile/etc/httpd/ssl/http.key #私钥路径
</VirtualHost>
Note: If you do not understand the production and application of the certificate, please check my previous blog
This article is from the "Xavier Willow" blog, please be sure to keep this source http://willow.blog.51cto.com/6574604/1775718
Linux under httpd Service noun explanation and HTTP and HTTPS server Setup