anpache的安装

 

######unit3.9######

###anpache的安装######

 

yum install httpd -y

 

systemctl start httpd
systemctl stop firewalld
systemctl enable httpd

 

systemctl disable firewalld

###apache的信息#####

1.apache的默认发布文件

 

index.html

2.apache的配置文件
/etc/httpd/conf/httpd.conf
/etc/httpd/conf.d/*.conf

3.apache的默认发布目录

 

 

/var/www/html

 

 

4.apache的默认端口
80

apache的基本配置

1.修改默认发布文件

 

vim /var/www/html/westos.html      ##编辑配置文件

 

vim /etc/httpd/conf/httpd.conf

 

164     DirectoryIndex westos.html index.html

systemctl restart httpd

 

测试：

 

浏览器方位：172.25.254.124

 

2.修改默认发布目录      ##当selinux是disable状态

 

 

mkdir  /westos/www/test -p  

 

vim /westos/www/test/westos.html

 

vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/westos/www/test"
121 <Directory "westos/www/test">
122          Require all granted

 

123 </Directory>

 

systemctl restart httpd
测试：

 

浏览器访问：172.25.254.124

3.apache的访问控制
##设定ip的访问
mkdir /var/www/html/admin

 

vim /var/www/html/admin/admin.html

 

 

vim /etc/httpd/conf/httpd.conf   (把前一个实验的数据改回来)
124 <Directory "/var/www/html/admin">         ##允许所有人访问admin目录但是拒绝124主机
125        Order Allow,Deny
126        Allow from All
127        Deny from 172.25.254.124

 

128 </Directory>

测试：

 

<Directory "/var/www/html/admin">             ##只允许124主机访问admin目录
       Order Deny,Allow
       Allow from 172.25.254.124
       Deny from All

 

</Directory>

 

##设定用户的访问

 

htpasswd -cm /etc/httpd/accessuser admin          ##创建用户，如果要添加用户就直接用-m

 

vim /etc/httpd/conf/httpd.conf                    
<Directory "/var/www/html/admin">
         AuthUserFile /etc/httpd/accessuser                    ##用户认证文件
         AuthName "Please input your name and passwd !!"       ##用户认证提示信息
         AuthType basic                                        ##认证类型
         Require valid-user                             ##认证用户，认证文件中所有用户都可以访问
         [Require user admin]                           ##只允许认证文件中的admin用户访问，二选一

 

</Directory>

测试：

 

4.apache语言支持
php html cgi
html语言默认支持
php语言

 

yum install php -y

 

vim /var/www/html/index.php         ##编写php测试文件
<?php
    phpinfo()

 

?>

systemctl restart httpd

测试：

 

cgi语言
mkdir /var/www/html/cgi             ##建立cgi默认发布目录
vim /var/www/html/cgi/index.cgi     ##编写默认发布文件
#!/usr/bin/perl
print "content-type: text/html\n\n";

 

print `date`;

 

chmod +x index.cgi                  ##给文件可执行权限
vim /etc/httpd/conf/httpd.conf
<Directory "/var/www/html/cgi">
          Options +ExecCGI
          AddHandler cgi-script .cgi

 

</Directory>

systemctl restart httpd

测试：

5.apache的虚拟主机
1）定义
可以让我们的一台apache服务器在被访问不同域名的时候显示不同的主页
2）建立测试页
cd /var/www
mkdir virtual/news.westos.com/html -p
mkdir virtual/money.westos.com/html -p
echo "money.westos.com's page" >virtual/money.westos.com/html/index.html

 

echo "news.westos.com's page" >virtual/news.westos.com/html/index.html

 

 

3）配置
vim /etc/httpd/conf.d/default.conf                    ##未指定域名的访问都访问default
<Virtualhost  _default_:80>                           ##虚拟主机开启的端口
               DocumentRoot "/var/www/html"           ##虚拟主机的默认发布目录
               CustomLog "logs/default.log" combined  ##虚拟主机日志

 

</Virtualhost>

vim /etc/httpd/conf.d/news.conf            ##指定域名news.westos.com的访问到指定目录默认发布目录中
<Virtualhost *:80>
           ServerName "news.westos.com"
           DocumentRoot "/var/www/virtual/news.westos.com/html"
           Customlog "logs/news.log" combined
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html">            ##默认发布目录的访问授权
           Require all granted

 

</Directory>

 

 

cp -p /etc/httpd/conf.d/news.conf /etc/httpd/conf.d/momey.conf
vim /etc/httpd/conf.d/money.conf

 

%s/news/money/g

 

4）测试
在浏览器所在主机中
vim /etc/hosts

 

172.25.254.124 www.westos.com news.westos.com

 

 

6.https

 

1)https的定义
2)配置

 

yum install mod_ssl.x86_64 crypto-utils.x86_64  -y

genkey www.westos.com                  ##生成密钥和密匙

1.生成证书位置

2.选择密钥大小

3.生成随即数

4.拒绝向CA机构发送CAR证书

5.拒绝加密私钥

6.配置服务器身份信息

 

/etc/pki/tls/certs/www.westos.com.crt          
/etc/pki/tls/private/www.westos.com.key
vim /etc/httpd/conf.d/login.conf
<Virtualhost *:443>
           ServerName "login.westos.com"
           DocumentRoot "/var/www/virtual/login.westos.com/html"
           Customlog "logs/login.log" combined
           SSLEngine on                    ##开始https功能
           SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt       ##证书
           SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key  ##密钥
</Virtualhost>
<Directory "/var/www/virtual/login.westos.com/html">
           Require all granted
</Directory>
<Virtualhost *:80>                         ##网页重写实现自动访问https
          ServerName "login.westos.com"
          RewriteEngine on
          RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]

 

</virtualhost>

 

^(/.*)$        ##客户主机在地址栏写入的所有字符，不看换行符
https：//      ##定向成为的访问协议
%{HTTP_HOST}   ##客户请求主机
$1             ##$1的值就表示^(/.*)$的值
[redirect=301] ##临时重定向，302永久重定向

mkdir /var/www/virtual/login.westos.com/html -p
vim /var/www/virtual/login.westos.com/html/index.html

 

systemctl restart httpd

测试：
在客户主机中添加解析
vim /etc/hosts

 

172.25.254.124  login.westos.com

 

访问http://login.westos.com会自动跳转到https://login.westos.com实现网页数据加密传输