Web service httpd-2.2 based on domain name virtual host

Source: Internet
Author: User

Web website Service:

Apache the famous open source Web Service software, maintenance operations by the ASF Free Software Fund

Official site: http://httpd.apache.org/

http://www.netcraft.com/ for various Web detailed statistics on the market share of the software


Lab Requirements:

1, the establishment of HTTPD services, requirements:
(1) Provide two name-based virtual host WWW1, WWW2; there are separate error logs and access logs
(2) Provide status information via WWW1 's/server-status and only allow Tom users to access
(3) WWW2 does not allow access to any host in the 192.168.0.0/24 network
2. Provide HTTPS service for the 2nd virtual host above


Lab Environment:

Web Server:centos 6.7x86_64 ip:172.16.251.164

Httpd-2.2.15-45.el6.centos.x86_64

Client: CentOS 7.2x86_64 ip:172.16.251.138


Experiment Preparation:

[[email protected] ~]# iptables–f//Turn off firewall

[[email protected] ~]# Setenforce 0//Turn off SELinux


Install httpd:

[Email protected] ~]# yum-y install httpd

[[email protected] ~]# RPM-QC httpd//View installation httpd generated configuration file

/etc/httpd/conf.d/welcome.conf

/etc/httpd/conf/httpd.conf

/etc/httpd/conf/magic

/etc/logrotate.d/httpd

/etc/sysconfig/htcacheclean

/etc/sysconfig/httpd

[[Email protected] ~]# service httpd start

[Email protected] ~]# SS–TNL

LISTEN 0 128::: 80


Master configuration file:

[Email protected] conf]# cp-p Httpd.confhttpd.conf.bak

[Email protected] httpd]# vim/etc/httpd/conf/httpd.conf

Namevirtualhost 172.16.251.164:80//Enable virtual host


To create a virtual host WWW1 configuration file:

[Email protected] ~]# vim/etc/httpd/conf.d/v1.conf

<virtualhost 172.16.251.164:80>

Documentroot/var/www/virt1

Servernamewww1.a.com

Errorlog Logs/www1-error_log
Customlog Logs/www1-access_log combined

<Location/server-status>

SetHandler Server-status

AuthType Basic

AuthName "Fortom"

AuthUserFile "/ETC/HTTPD/CONF/.HTPASSWD"

Require User Tom

</Location>

</VirtualHost>


To create a virtual host WWW2 configuration file:

[Email protected] ~]# vim/etc/httpd/conf.d/v2.conf

<virtualhost 172.16.251.164:80>

Documentroot/var/www/virt2

Servernamewww2.a.com

Errorlog Logs/www2-error_log
Customlog Logs/www2-access_log combined

<directory "/var/www/virt2" >

Options None

AllowOverride None

Order Deny,allow

Deny from 192.168.0.0/24

</Directory>

</VirtualHost>


To create a test site resource:

[[email protected] conf]# mkdir-pv/var/www/virt{1,2}

[Email protected] www]# echo "WWW1" >>/var/www/virt1/index.html

[Email protected] www]# echo "WWW2" >>/var/www/virt2/index.html


To create a Tom user file:

[Email protected] conf]# htpasswd-cm/etc/httpd/conf/.htpasswd Tom

[Email protected] conf]# httpd-t

Syntax OK

[Email protected] conf]# service httpd restart


Client testing:

[Email protected] ~]# cat/etc/hosts

172.16.251.164 www1.a.com www2.a.com

[Email protected] ~]# Curl http://www1.a.com

Www1

[Email protected] ~]# Curl http://www2.a.com

Www2

[Email protected] conf.d]# ll/var/log/httpd/

-rw-r--r--. 1 root root 11465 July 12:33 www1-access_log

-rw-r--r--. 1 root root 3517 July 12:33 www1-error_log

-rw-r--r--. 1 root root 2306 July 10:25 www2-access_log

-rw-r--r--. 1 root root 1142 July 10:17 Www2-error_log

[Email protected] ~]# links http://www1.a.com/server-status

650) this.width=650; "title=" spx3.jpg "style=" Float:none "src=" http://s5.51cto.com/wyfs02/M00/84/4F/ Wkiom1emklete08kaafmunfdprq831.jpg-wh_500x0-wm_3-wmp_4-s_3678655018.jpg "alt=" Wkiom1emklete08kaafmunfdprq831.jpg-wh_50 "/>

650) this.width=650; "title=" spx2.jpg "style=" Float:none "src=" http://s5.51cto.com/wyfs02/M01/84/4F/ Wkiol1emkljbyvjdaajuzwhwkrc998.jpg-wh_500x0-wm_3-wmp_4-s_1746693026.jpg "alt=" Wkiol1emkljbyvjdaajuzwhwkrc998.jpg-wh_50 "/>



Provide HTTPS services:

1. Establish a private CA

[[Email protected] ca]# (umask 077; OpenSSL genrsa-out Private/cakey.pem 2048)

[email protected] ca]# OpenSSL req-new-x509-keyprivate/cakey.pem-out Cacert.pem

Country Name (2 letter code) [XX]:CN
State or province name (full name) []:BJ
Locality Name (eg, city) [Default CITY]:BJ
Organization Name (eg, company) [Default company Ltd]:ym
Organizational Unit Name (eg, section) []:ops
Common name (eg, your name or your server ' s hostname) []:www2.a.com
Email Address []:[email protected]

[email protected] ca]# Touch index.txt

[Email protected] ca]# echo > serial

2. Certificate of application:

[Email protected] ca]# Mkdir-pv/etc/httpd/ssl

[[Email protected] ssl]# (umask 077; OpenSSL genrsa-out httpd.key 1024)

[email protected] ssl]# OpenSSL Req-new-key HTTPD.KEY-OUTHTTPD.CSR

Country Name (2 letter code) [XX]:CN
State or province name (full name) []:BJ
Locality Name (eg, city) [Default CITY]:BJ
Organization Name (eg, company) [Default company Ltd]:ym
Organizational Unit Name (eg, section) []:ops
Common name (eg, your name or your server ' s hostname) []:www2.a.com
Email Address []:[email protected]

[email protected] ssl]# CP httpd.csr/testdir/


3.CA issue the certificate and send the certificate to the requestor

[email protected] ssl]# OpenSSL CA-IN/TMP/HTTPD.CSR-OUT/ETC/PKI/CA/CERTS/HTTPD.CRT

[Email protected] ssl]# cp/etc/pki/ca/certs/httpd.crt/etc/httpd/ssl/


4. Installing the Mod_ssl module

[Email protected] conf.d]# Httpd-m | grep SSL

[Email protected] conf.d]# yum-y install Mod_ssl

[Email protected] conf.d]# RPM-QL mod_ssl

[Email protected] conf.d]# vim/etc/httpd/conf.d/ssl.conf

<virtualhost 192.168.1.200:443>

DocumentRoot "/var/www/virt2"

ServerName www2.a.com:443

Sslcertificatefile/etc/httpd/ssl/httpd.crt
Sslcertificatekeyfile/etc/httpd/ssl/httpd.key

[Email protected] conf.d]# service httpd restart

[Email protected] conf.d]# SS-TNL

LISTEN 0 128::: 443


Client Testing: HTTPS : //172.16.251.164:443

Web service httpd-2.2 based on domain name virtual host

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.