New features of the httpd-2.4 of CENTOS7

Source: Internet
Author: User
Tags openssl rsa

a new characteristic of common httpd-2.4

1) MPM support is loaded at runtime;

Add this at compile time, support Mpm:--enable-mpms-shared=all--with-mpm=event

2) Support Event

3) asynchronous read and write

4) Specify the log level on each module and per directory

5) per request configuration

6) Enhanced version of Expression Analyzer

7) KeepAlive timeout at millisecond level

8) FQDN-based virtual host no longer requires namevirtualhost instructions

9) support for using custom variables

10) added some modules: mod_proxy_fcgi, Mod_ratelimit, Mod_request, Mod_remoteip

11) For IP-based access control has been modified to no longer support the use of order, allow, deny these mechanisms, but unified use of require


Second, installation httpd-2-4

NOTE: The default APR version on centos6.x is apr-1.3.9, and httpd-2.4 needs to apr1.4 above.

Experiment Preparation:

① Platform: centos6.8

② software: apr1.5.0.tar.gz apr-utils-1.5.2.tar.gz httpd-2.4.10.tar.gz

③ Installation Development environment: development Tools,server Platform Development

The steps are as follows:

1) Install the development Package group and its pcre-devel, Openssl-devel package

Yum-y Groupinstall "Development Tools" "Server Platform Development"

Yum-y Install Pcre-devel Openssl-devel


2) Compile and install apr-1.5.0.tar.gz and its apr-utils-1.5.2.tar.gz

Tar XF apr-1.50.tar.gz

CD apr-1.5.0

./configure--PREFIX=/USR/LOCAL/APR

Make && make install

Compile and install Apr-utils similarly:./configure--prefix=/usr/local/apr-util--with-apr=/usr/local/apr make && make install


3) Compiling httpd-2.4.10

Tar XF httpd-2.4.10.tar.gz

CD httpd-2.4.10

./configure--prefix=/usr/local/httpd24--sysconfigdir=/etc/httpd24--enable-so--enable-cgi--enable-rewrite-- With-zlib--with-pcre--with-apr=/usr/local/apr--with-apr-util--enable-modules=most--enable-mpms-shared=all-- With-mpm=prefork

Make && make install

If you compile an error or want to recompile to perform, delete the installation directory: make clean all


4) Export Header file

Ln-sv/usr/local/httpd24/include/usr/include/httpd


5) Export the library file

echo "/usr/local/httpd24/lib" >/etc/ld.so.conf.d/httpd.conf


6) Import Man Handbook

Vi/etc/man.config Join Manpath/usr/local/httpd/man


7) Import Environment variables

echo "path=/usr/local/httpd/bin/: $PATH" >/etc/init.d/httpd.sh


8) Configuring the startup script

vi/etc/init.d/httpd24.sh


Code Demo:


# config: /etc/sysconfig/httpd# pidfile: /var/run/httpd/httpd.pid#### begin init  INFO# Provides: httpd# Required-Start:  $local _fs  $remote _fs  $network   $named # required-stop:  $local _fs  $remote _fs  $network # should-start: distcache#  short-description: start and stop apache http server# description:  The Apache HTTP Server is an extensible server#   Implementing the current http standards.### end init info# source  function library.  /etc/rc.d/init.d/functions#if [ -f /etc/sysconfig/httpd ]; then#         . /etc/sysconfig/httpd#fi# start httpd in the  c locale by default. httpd_lang=${httpd_lang-"C"}# THIS WILL PREVENT INITLOG&NBsp;from swallowing up a pass-phrase prompt if# mod_ssl needs a  pass-phrase from the user. Initlog_args= "" # set httpd=/usr/sbin/httpd.worker in /etc/sysconfig/httpd to use  a server# with the thread-based  "Worker"  MPM; BE WARNED  That some modules may not# work correctly with a thread-based  MPM; notably PHP will refuse to start.# Path to the  Apachectl script, server binary, and short-form for messages.apachectl=/usr /local/httpd24/bin/apachectlhttpd=${httpd-/usr/local/httpd24/bin/httpd}prog=httpdpidfile=${pidfile-/usr/local/ httpd24/logs/httpd.pid}lockfile=${lockfile-/var/lock/subsys/httppd24}retval=0stop_timeout=${stop_timeout-10}#  The semantics of these two functions differ from the way apachectl does# things -- attempting to start  while running is a failure, and shutdown# when not running  Is also a failure.  so we just do it the way init  scripts# are expected to behave here.start ()  {         echo -n $ "starting  $prog: "          lang= $HTTPD _lang daemon --pidfile=${pidfile}  $httpd   $OPTIONS          RETVAL=$?        echo         [  $RETVAL  = 0 ] && touch ${lockfile}         return  $RETVAL}# when stopping httpd,  a delay  (OF default 10 second)  is required# before sigkilling the httpd  parent; this gives enough time for the# httpd parent to  sigkill any errant children.stop ()  {         status -p ${pidfile}  $httpd  > /dev/null         if [[ $? = 0 ]]; then                 echo -n $ "stopping  $prog: "                  killproc -p ${ pidfile} -d ${stop_timeout}  $httpd         else                 echo -n $ " stopping  $prog:  "                success         fi        RETVAL=$?         echo        [  $RETVAL  =  0 ] && rm -f ${lockfile} ${pidfile}}reload ()  {     echo -n $ "reloading  $prog: "     if ! lang= $HTTPD _lang  $httpd   $OPTIONS  -t >&/dev/null; then         retval=6        echo $ "Not reloading due  to configuration syntax error "        failure  $ "not reloading  $httpd  due to configuration syntax error"      else        # force lsb behaviour from killproc         LSB=1 killproc -p ${pidfile}  $httpd  -hup         retval=$?        if  [  $RETVAL  -eq 7 ]; then             failure $ "Httpd shutdown"         fi     fi# See how we were called.case  "$"  in  start)         start        ;;   stop)         stop         ;;   status)         status -p ${pidfile}  $httpd         retval=$?        ;;   restart)         stop         start        ;;   condrestart|try-restart)         if status -p  ${pidfile}  $httpd  >&/dev/null; then                 stop                 start        fi         ;;   force-reload|reload)         reload         ;;   graceful|help|configtest|fullstatus)          $apachectl  [email protected]        retval=$?        ;;   *)         echo $ "usage:  $prog  {start|stop| Restart|condrestart|try-restart|force-reload|reload|status|fullstatus|graceful|help|configtest} "         RETVAL=2esacexit  $RETVAL


9) Add to boot, test page

Chkconfig--add httpd24

Chkconfig httpd on


10) Testing

echo "10.1.1.1 www.blog.com" >>/etc/hosts

Curl-i www.blog.com


Iii. Configuring virtual hosts and providing SSL encryption to text sites

1. Open httpd-vhosts, and Comment site Center directory

Include/etc/httpd24/extra/httpd-vhosts.conf


2, Configuration/etc/httpd24/extra/httpd-vhots.conf

<virtualhost *:80>

ServerAdmin [email protected]

DocumentRoot "/website/"

ServerName www.chen.com

Serveralias chen.com

Errorlog "Logs/www.chen.com-error_log"

Customlog "Logs/www.chen.com-access_log" common

</VirtualHost>

3, the following steps of SSL encryption:

Generate Key pair: # (umask 077; OpenSSL genrsa-out Private/cakey.pem 2048) If you want to see the public key: # OpenSSL rsa-in Private/cakey.pem-pubout-text -noout generated self-visa: # OpenSSL Req-new-x509-key private/cakey.pem-out cacert.pem-days 3655 Create required files: # Touch Index.txt serial CR Lnumber use OpenSSL to implement a certificate request: Generate a key on the host and save it to the profile directory of the service where the certificate is applied, for example: # mkdir/etc/httpd/ssl# cd/etc/httpd/ssl# (umask 077; OpenSSL Genrsa-out httpd.key 1024) Generate certificate signing request: # OpenSSL Req-new-key httpd.key-out HTTPD.CSR send request file to CA;CA sign Certificate: # OpenSSL ca-in /path/to/somefile.csr-out/path/to/somefile.crt-days days


This article is from the "Small Ears" blog, please be sure to keep this source http://purify.blog.51cto.com/10572011/1857711

New features of the httpd-2.4 of Centos7

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.