三.apache 網頁重寫 squid

來源:互聯網
上載者:User

標籤:start   網頁   定向   

#######網頁重寫########
把所有80連接埠的請求全部重新導向由https來處理
systemctl start httpd firewalld
cd /var/www/html/
[[email protected] html]# firewall-cmd --permanent --add-service=http
success
[[email protected] html]# firewall-cmd --permanent --add-service=https
success
[[email protected] html]# firewall-cmd --reload
yum install mod_ssl
安裝https
genkey www.westos.com

[[email protected] conf.d]# vim news.conf
---------------------------------------
<Virtualhost *:80>
        ServerName news.westos.com
        DocumentRoot /var/www/virtual/news/html
        Customlog logs/news.log         combined
</Virtualhost>
<Directory "/var/www/virtual/news/html">
        Require all granted
</Directory>
------------------------------------------

[[email protected] conf.d]# cp news.conf ent.conf

[[email protected] conf.d]# vim ent.conf
------------------------------------------
<Virtualhost *:80>
        ServerName ent.westos.com
        DocumentRoot /var/www/virtual/ent/html
        Customlog logs/ent.log          combined
</Virtualhost>
<Directory "/var/www/virtual/ent/html">
        Require all granted
</Directory>
-------------------------------------------

mkdir -p /var/www/virtual/ent/html
mkdir -p /var/www/virtual/news/html
echo news.westos.com > /var/www/virtual/news/html/index.html
echo ent.westos.com > /var/www/virtual/ent/html/index.html
systemctl restart httpd

vim /etc/httpd/conf.d/news.conf  ##網頁重寫關鍵一步
-----------------------------------------------------------
<Virtualhost *:80>
        ServerName news.westos.com
        RewriteEngine on
        RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
<Directory "/var/www/virtual/news/html">
        Require all granted
</Directory>
<Virtualhost *:443>
        ServerName news.westos.com
        DocumentRoot /var/www/virtual/news/html
        Customlog log/news-443.log      combined
        SSLEngine on
        SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
        SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
</Virtualhost>
--------------------------------------------------------------
##在vim中 :sp /etc/httpd/conf.d/ssl.conf 可以在vim中在開啟另一個vim
##將兩個檔案分屏顯示,使用"ctrl+w 上|下"來切換

用firefox測試



#####CGI#####
CGI
通用閘道介面(CGI)是網站上放置動態內容的最簡單的方法。CGI指令碼可用於許多目
的,但是謹慎控制使用哪個CGI指令碼以及允許誰添加和運行這些指令碼十分重要。編寫品質差的CGI
指令碼可能為外部攻擊者提供了破壞網站及其Alibaba Content Security Service性的途徑。因此,在Web伺服器層級和
SELinux策略層級,都存在用於限制CGI指令碼使用的設定。

cd /var/www/html/
vim index.php
<?php
phpinfo ();
?>

vim /etc/httpd/conf/httpd.conf
-----------------------------------------------
164     DirectoryIndex index.php index.html
:wq
-----------------------------------------------
 systemctl reload httpd.service

測試:http://172.25.254.100(需清空緩衝:ctrl+shift+delete)
無任何顯示

mkdir cgi
cd cgi/
vim index.cgi
---------------------------------
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;
---------------------------------
yum install httpd-manual -y
172.25.254.100/manual/

[[email protected] cgi]# perl index.cgi
Content-type: text/html

2016年 12月 15日 星期四 06:05:17 EST

vim /etc/httpd/conf.d/default.conf
---------------------------------------------
<Virtualhost _default_:80>
         Documentroot /var/www/html
         Customlog logs/default.log   combined
</Virtualhost>
<Directory "/var/www/html/cgi">
         Options +ExecCGI
        AddHandler cgi-script .cgi
</Directory>
----------------------------------------------

設定安全上下文
[[email protected] www]# ls -Zd cgi-bin/
drwxr-xr-x. root root system_u:object_r:httpd_sys_script_exec_t:s0 cgi-bin/
[[email protected] www]# semanage fcontext -a -t httpd_sys_script_exec_t ‘/var/www/html/cgi(/.*)?‘
[[email protected] www]# restorecon -RvvF /var/www/html/cgi/
restorecon reset /var/www/html/cgi context unconfined_u:object_r:httpd_sys_content_t:s0->system_u:object_r:httpd_sys_script_exec_t:s0
restorecon reset /var/www/html/cgi/index.cgi context unconfined_u:object_r:httpd_sys_content_t:s0->system_u:object_r:httpd_sys_script_exec_t:s0

chmod +x /var/www/html/cgi/index.cgi   ##加執行許可權

檢驗
172.25.254.100/cgi/index.cgi
 Thu Dec 15 06:20:37 EST 2016


########論壇搭建########
[[email protected] conf.d]# yum install mariadb-server -y
......
[[email protected] conf.d]# vim /etc/my.cnf
-----------------------------------------------
 10 skip-networking=1
:wq
-----------------------------------------------
[[email protected] conf.d]# systemctl start mariadb

[[email protected] conf.d]# mysql_secure_installation
......
>Set root password "westos"
[[email protected] conf.d]# cd /var/www/html/
[[email protected] html]# ls
cgi  index.html  index.php

[[email protected] pub]# pwd
/root/Documents/RHCE/LFTP/pub
[r[email protected] pub]# scp Discuz_X3.2_SC_UTF8.zip [email protected]:/var/www/html/
[email protected]‘s password:
Discuz_X3.2_SC_UTF8.zip                       100%   12MB  11.9MB/s   00:01    

[[email protected] html]# ls
cgi  Discuz_X3.2_SC_UTF8.zip  index.html  index.php
[[email protected] html]# unzip Discuz_X3.2_SC_UTF8.zip
......
[[email protected] html]# ls
cgi  Discuz_X3.2_SC_UTF8.zip  index.html  index.php  readme  upload  utility
[[email protected] html]# less readme/readme.txt
-----------------------------------------------
截取重要內容:

+----------------------------------+
 Discuz! X 社區軟體的安裝
+----------------------------------+
1. 上傳 upload 目錄中的檔案到伺服器
2. 設定目錄屬性(windows 伺服器可忽略這一步)
        以下這些目錄需要可讀寫權限
        ./config
        ./data 含子目錄
3. 執行安裝指令碼 /install/
   請在瀏覽器中運行 install 程式,即訪問 http://您的網域名稱/論壇目錄/install/
4. 參照頁面提示,進行安裝,直至安裝完畢

-----------------------------------------------
[[email protected] html]# chmod 777 upload/data/ upload/config/

>測試:http://172.25.50.100/upload/
-->我同意
>所有檔案不可寫,mysql不支援

[[email protected] html]# setenforce 0

>重新整理網頁
>只有前4個檔案顯示可寫,mysql不支援

[[email protected] html]# chmod 777 upload/ -R

>重新整理網頁
>所有檔案可寫,mysql不支援

[[email protected] html]# yum install php-mysql -y
......
[[email protected] html]# systemctl reload httpd

測試
>重新整理網頁
>所有檔案可寫,mysql支援
-->下一步-->下一步
-->資料庫密碼:westos-->管理員密碼:(自行設定)-->下一步
>等待安裝完成,重新輸入網址:http://172.25.50.100/upload/
>安裝成功!!!

--安裝完成,以下為體驗--
-->輸入管理員密碼-->登陸-->輸入驗證碼-->登陸
-->使用者組:管理員
-->模組管理
-->管理中心


########squid正向 Proxy#######
[[email protected] ~]# ls /etc/httpd/conf.d/
autoindex.conf  README  userdir.conf  welcome.conf
[[email protected] ~]# yum install squid -y
......
[[email protected] ~]# ls /etc/httpd/conf.d/
autoindex.conf  README  squid.conf  userdir.conf  welcome.conf
[[email protected] ~]# vim /etc/squid/squid.conf
-----------------------------------------------
 56 http_access allow all

 62 cache_dir ufs /var/spool/squid 100 16 256
:wq
-----------------------------------------------
[[email protected] ~]# ls /var/spool/squid/
##什麼都沒有
[[email protected] ~]# systemctl start squid
[[email protected] ~]# systemctl enable squid.service
Created symlink from /etc/systemd/system/multi-user.target.wants/squid.service to /usr/lib/systemd/system/squid.service.
[[email protected] ~]# netstat -antlpe |grep squid
tcp6       0      0 :::3128                 :::*                    LISTEN      0          531476     7398/(squid-1)

[[email protected] conf.d]# firefox &
>測試:www.baidu.com
>提示:一直是"Connecting..."狀態
-->Edit-->Preferences-->Advanced-->Network-->Settings...
-->Manual proxy configuration-->HTTP Proxy:172.25.50.250-->Port:3128
-->OK-->Close
>再次測試:www.baidu.com
>開啟百度成功!!!

--取消代理--
-->Edit-->Preferences-->Advanced-->Network-->Settings...
-->Manual proxy configuration-->No proxy
-->OK-->Close

--刪除squid服務--
[[email protected] ~]# systemctl stop squid
[[email protected] ~]# yum remove squid -y
......
[[email protected] ~]# rm -fr /etc/squid/

在亞馬遜租一台Linux伺服器,裝上squid,然後在本機指定代理後,就能訪問國外的網站

#########squid反向 Proxy#########
CDN加速

交叉儲存

[[email protected] ~]# yum remove httpd -y
......
[[email protected] ~]# netstat -antlpe |grep :80
[[email protected] ~]# yum install squid -y
......
[[email protected] ~]# vim /etc/squid/squid.conf
-----------------------------------------------
 56 http_access allow all

 59 http_port 80 vhost vport
 60 cache_peer 172.25.50.165 parent 80 0 no-query

 62 cache_dir ufs /var/spool/squid 100 16 256
:wq
-----------------------------------------------
[[email protected] ~]# systemctl start squid
[[email protected] ~]# netstat -antlpe |grep :80
tcp6       0      0 :::80                   :::*                    LISTEN      0          41808      2069/(squid-1)

>分別為虛擬機器172.25.50.165和虛擬機器172.25.50.171搭建好http服務,然後使用真機進行測試
[[email protected] Desktop]# firefox &
>測試:172.25.50.165
>顯示:172.25.50.165
>測試:172.25.50.171
>顯示:172.25.50.171

注意:同時開啟三台虛擬機器會有點卡,可以使用"init 3"關閉圖形。需要時,再使用"init 5"開啟圖形

>測試:172.25.50.100
>顯示:172.25.50.165

[[email protected] ~]# vim /etc/squid/squid.conf
-----------------------------------------------
/修改
 60 cache_peer 172.25.50.165 parent 80 0 no-query originserver round-robin name=web1
/插入
 61 cache_peer 172.25.50.171 parent 80 0 no-query originserver round-robin name=web2
 62 cache_peer_domain web1 web2 www.taobao.com
:wq
-----------------------------------------------
[[email protected] ~]# systemctl restart squid

[[email protected] Desktop]# vim /etc/hosts
-----------------------------------------------
  4 172.25.50.100   www.taobao.com
:wq
-----------------------------------------------

>真機斷開外網
[[email protected] Desktop]# firefox &
--> Ctrl+Shift+Delete --> 把最後兩項打鉤 --> Clear Now(清空緩衝)
>測試:172.25.50.100
>顯示:172.25.50.165
>重新整理
>顯示:172.25.50.171
>重新整理
>顯示:172.25.50.165
>重新整理
>顯示:172.25.50.171

輪詢測試成功

本文出自 “12100661” 部落格,謝絕轉載!

三.apache 網頁重寫 squid

聯繫我們

該頁面正文內容均來源於網絡整理,並不代表阿里雲官方的觀點,該頁面所提到的產品和服務也與阿里云無關,如果該頁面內容對您造成了困擾,歡迎寫郵件給我們,收到郵件我們將在5個工作日內處理。

如果您發現本社區中有涉嫌抄襲的內容,歡迎發送郵件至: info-contact@alibabacloud.com 進行舉報並提供相關證據,工作人員會在 5 個工作天內聯絡您,一經查實,本站將立刻刪除涉嫌侵權內容。

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.