###### #网页重写 ########
All 80 port requests are redirected by HTTPS
Systemctl start httpd Firewalld
cd/var/www/html/
[Email protected] html]# firewall-cmd--permanent--add-service=http
Success
[Email protected] html]# firewall-cmd--permanent--add-service=https
Success
[Email protected] html]# Firewall-cmd--reload
Yum Install Mod_ssl
Install HTTPS
Genkey www.westos.com
[Email protected] conf.d]# vim news.conf
---------------------------------------
<virtualhost *:80>
ServerName news.westos.com
Documentroot/var/www/virtual/news/html
Customlog Logs/news.log combined
</Virtualhost>
<directory "/var/www/virtual/news/html" >
Require all granted
</Directory>
------------------------------------------
[email protected] conf.d]# CP news.conf ent.conf
[Email protected] conf.d]# vim ent.conf
------------------------------------------
<virtualhost *:80>
ServerName ent.westos.com
Documentroot/var/www/virtual/ent/html
Customlog Logs/ent.log combined
</Virtualhost>
<directory "/var/www/virtual/ent/html" >
Require all granted
</Directory>
-------------------------------------------
Mkdir-p/var/www/virtual/ent/html
Mkdir-p/var/www/virtual/news/html
echo news.westos.com >/var/www/virtual/news/html/index.html
echo ent.westos.com >/var/www/virtual/ent/html/index.html
Systemctl Restart httpd
vim/etc/httpd/conf.d/news.conf # #网页重写关键一步
-----------------------------------------------------------
<virtualhost *:80>
ServerName news.westos.com
Rewriteengine on
Rewriterule ^ (/.*) $ https://%{http_host}$1 [redirect=301]
</Virtualhost>
<directory "/var/www/virtual/news/html" >
Require all granted
</Directory>
<virtualhost *:443>
ServerName news.westos.com
Documentroot/var/www/virtual/news/html
Customlog Log/news-443.log combined
Sslengine on
Sslcertificatefile/etc/pki/tls/certs/www.westos.com.crt
Sslcertificatekeyfile/etc/pki/tls/private/www.westos.com.key
</Virtualhost>
--------------------------------------------------------------
# #在vim中: sp/etc/httpd/conf.d/ssl.conf can open another vim in vim
# #将两个文件分屏显示, use "ctrl+w | down" to toggle
Test with Firefox
# # # # #CGI #####
Cgi
The Common Gateway Interface (CGI) is the simplest way to place dynamic content on a Web site. CGI scripts can be used for many purposes
, but it is important to be cautious about which CGI script to use and who is allowed to add and run those scripts. Write poor-quality CGI
Scripts can provide an external attacker with a way to compromise the security of the Web site and its content. Therefore, at the Web server level and
SELinux policy level, there are settings to limit the use of CGI scripts.
cd/var/www/html/
Vim index.php
<?php
Phpinfo ();
?>
Vim/etc/httpd/conf/httpd.conf
-----------------------------------------------
164 DirectoryIndex index.php index.html
: Wq
-----------------------------------------------
Systemctl Reload Httpd.service
Test: http://172.25.254.100 (need to empty cache: Ctrl+shift+delete)
Without any display
mkdir CGI
CD cgi/
Vim index.cgi
---------------------------------
#!/usr/bin/perl
print "content-type:text/html\n\n";
print ' Date ';
---------------------------------
Yum Install Httpd-manual-y
172.25.254.100/manual/
[Email protected] cgi]# Perl index.cgi
Content-type:text/html
Thursday, December 15, 2016 06:05:17 EST
Vim/etc/httpd/conf.d/default.conf
---------------------------------------------
<virtualhost _default_:80>
Documentroot/var/www/html
Customlog Logs/default.log combined
</Virtualhost>
<directory "/var/www/html/cgi" >
Options +execcgi
AddHandler Cgi-script. CGI
</Directory>
----------------------------------------------
Setting the security context
[Email protected] www]# Ls-zd cgi-bin/
Drwxr-xr-x. Root root System_u:object_r:httpd_sys_script_exec_t:s0 cgi-bin/
[Email protected] www]# semanage fcontext-a-T httpd_sys_script_exec_t '/var/www/html/cgi (/.*)? '
[Email protected] www]# restorecon-rvvf/var/www/html/cgi/
Restorecon reset/var/www/html/cgi Context Unconfined_u:object_r:httpd_sys_content_t:s0->system_u:object_r: Httpd_sys_script_exec_t:s0
Restorecon reset/var/www/html/cgi/index.cgi Context Unconfined_u:object_r:httpd_sys_content_t:s0->system_u:o Bject_r:httpd_sys_script_exec_t:s0
chmod +x/var/www/html/cgi/index.cgi # #加执行权限
Inspection
172.25.254.100/cgi/index.cgi
Thu Dec 06:20:37 EST 2016
####### #论坛搭建 ########
[email protected] conf.d]# Yum install mariadb-server-y
......
[Email protected] conf.d]# VIM/ETC/MY.CNF
-----------------------------------------------
Ten Skip-networking=1
: Wq
-----------------------------------------------
[Email protected] conf.d]# systemctl start mariadb
[Email protected] conf.d]# mysql_secure_installation
......
>set root Password "Westos"
[Email protected] conf.d]# cd/var/www/html/
[[email protected] html]# ls
CGI index.html index.php
[Email protected] pub]# pwd
/root/documents/rhce/lftp/pub
[R[email protected] pub]# SCP discuz_x3.2_sc_utf8.zip [email protected]:/var/www/html/
[email protected] ' s password:
Discuz_x3.2_sc_utf8.zip 100% 12MB 11.9mb/s 00:01
[[email protected] html]# ls
CGI discuz_x3.2_sc_utf8.zip index.html index.php
[Email protected] html]# Unzip Discuz_x3.2_sc_utf8.zip
......
[[email protected] html]# ls
CGI discuz_x3.2_sc_utf8.zip index.html index.php Readme Upload Utility
[email protected] html]# less readme/readme.txt
-----------------------------------------------
Capture important content:
+----------------------------------+
discuz! Installation of the X community software
+----------------------------------+
1. Upload files from the upload directory to the server
2. Set directory properties (Windows Server can ignore this step)
The following directories require read and write permissions
./config
./data with sub-directories
3. Execute the installation script/install/
Please run the install program in your browser to access http://your domain/forum directory/install/
4. Follow the instructions on the page to install it until the installation is complete.
-----------------------------------------------
[Email protected] html]# chmod 777 upload/data/upload/config/
> Test: http://172.25.50.100/upload/
--I agree.
> All files are not writable, MySQL does not support
[Email protected] html]# Setenforce 0
> Refresh Page
> Only the first 4 files show writable, MySQL does not support
[Email protected] html]# chmod 777 upload/-R
> Refresh Page
> All files can be written, MySQL does not support
[email protected] html]# Yum install php-mysql-y
......
[Email protected] html]# Systemctl Reload httpd
Test
> Refresh Page
> All files can be written, MySQL support
--Next--Next
-Database Password:westos--> Administrator password: (self-setting)-Next
> Wait for the installation to complete, re-enter the URL: http://172.25.50.100/upload/
> Installation success!!!
--Installation complete, the following is the experience--
--Enter the administrator password---Log in and enter the verification code--Login
-User group: administrator
--Module Management
--Management Center
####### #squid正向代理 #######
[Email protected] ~]# ls/etc/httpd/conf.d/
autoindex.conf README userdir.conf welcome.conf
[email protected] ~]# Yum install squid-y
......
[Email protected] ~]# ls/etc/httpd/conf.d/
autoindex.conf README squid.conf userdir.conf welcome.conf
[Email protected] ~]# vim/etc/squid/squid.conf
-----------------------------------------------
Http_access Allow all
Cache_dir UFS/VAR/SPOOL/SQUID 100 16 256
: Wq
-----------------------------------------------
[Email protected] ~]# Ls/var/spool/squid/
# #什么都没有
[Email protected] ~]# systemctl start squid
[Email protected] ~]# Systemctl enable Squid.service
Created symlink From/etc/systemd/system/multi-user.target.wants/squid.service to/usr/lib/systemd/system/ Squid.service.
[Email protected] ~]# Netstat-antlpe |grep Squid
TCP6 0 0::: 3128:::* LISTEN 0 531476 7398/(squid-1)
[email protected] conf.d]# Firefox &
> Test: www.baidu.com
> Tip: Always "Connecting ..." status
-->edit-->preferences-->advanced-->network-->settings ...
-->manual Proxy Configuration-->http proxy:172.25.50.250-->port:3128
-->ok-->close
> Re-test: www.baidu.com
> Open Baidu Success!!!
--Cancel the agent--
-->edit-->preferences-->advanced-->network-->settings ...
-->manual Proxy Configuration-->no Proxy
-->ok-->close
--Delete Squid service--
[[email protected] ~]# Systemctl stop squid
[email protected] ~]# Yum Remove squid-y
......
[Email protected] ~]# Rm-fr/etc/squid/
A Linux server is rented on Amazon, squid is installed, and then a local agent is assigned to visit a foreign website.
######## #squid反向代理 #########
CDN Acceleration
Cross Storage
[email protected] ~]# Yum Remove httpd-y
......
[Email protected] ~]# Netstat-antlpe |grep:80
[email protected] ~]# Yum install squid-y
......
[Email protected] ~]# vim/etc/squid/squid.conf
-----------------------------------------------
Http_access Allow all
Http_port Vhost Vport
Cache_peer 172.25.50.165 Parent 0 no-query
Cache_dir UFS/VAR/SPOOL/SQUID 100 16 256
: Wq
-----------------------------------------------
[Email protected] ~]# systemctl start squid
[Email protected] ~]# Netstat-antlpe |grep:80
TCP6 0 0::: +:::* LISTEN 0 41808 2069/(squid-1)
> Set up HTTP Services for virtual machine 172.25.50.165 and virtual machine 172.25.50.171, and then test with a real machine.
[email protected] desktop]# Firefox &
> Test: 172.25.50.165
> Display: 172.25.50.165
> Test: 172.25.50.171
> Display: 172.25.50.171
Note: Open three virtual opportunities at the same time a bit card, you can use "Init 3" to turn off graphics. Use init 5 to open the drawing when needed
> Test: 172.25.50.100
> Display: 172.25.50.165
[Email protected] ~]# vim/etc/squid/squid.conf
-----------------------------------------------
/Modify
Cache_peer 172.25.50.165 Parent 0 no-query originserver Round-robin name=web1
/insert
Cache_peer 172.25.50.171 Parent 0 no-query originserver Round-robin name=web2
Cache_peer_domain Web1 web2 www.taobao.com
: Wq
-----------------------------------------------
[Email protected] ~]# systemctl restart Squid
[Email protected] desktop]# vim/etc/hosts
-----------------------------------------------
4 172.25.50.100 www.taobao.com
: Wq
-----------------------------------------------
> Real Machine Disconnects the extranet
[email protected] desktop]# Firefox &
---Ctrl+shift+delete The last two items--clear now (empty cache)
> Test: 172.25.50.100
> Display: 172.25.50.165
> Refresh
> Display: 172.25.50.171
> Refresh
> Display: 172.25.50.165
> Refresh
> Display: 172.25.50.171
Poll Test Successful
This article from "12100661" blog, declined reprint!
Three. Apache Web page rewrite squid