httpd虚拟主机服务简单学习

本文介绍了Apache HTTPd中虚拟主机的基本概念与配置方法,包括基于IP、端口和主机名的虚拟主机设置,以及如何实现访问日志分离、设置黑白名单等功能。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

httpd虚拟主机

为什么要使用虚拟主机?

虚拟主机指的是在单一的物理主机上运行多个"网站".虚拟主机主要有三种构建方式,通过虚拟主机可以让不同的站点运行在同一个服务器上而不会被用户明显的感知到.

Apache是第一个支持基于IP的虚拟主机服务

虚拟主机三种方式:

  1. 基于IP地址

  2. 基于端口号

  3. 基于主机名

很重要的一点:如果开启虚拟主机!中心主机应该关闭!具体方法:屏蔽主配置文件中DocumentRoot项

如果要添加虚拟主机,可以编写配置文件:

[root@localhost conf.d]# pwd
/etc/httpd/conf.d
[root@localhost conf.d]# ls virtual.conf 
virtual.conf
//名字不重要

基于IP地址的虚拟主机

IP-Based virtural网站连接

主要格式是VirtureHost是IP:PORT。并且,以IP为区分,及port可以一样,但是由于IP不同导致访问的结果不同。

具体格式:

<VirtualHost 172.25.254.11:80>
        ServerName fsx1.com             ##本虚拟主机的hostname
        DocumentRoot "/var/www/fsx1"    ##本虚拟主机默认发布目录,需要手动创建
</VirtualHost>
​
<VirtualHost 172.25.11.11:80>
        ServerName fsx2.com
        DocumentRoot "/var/www/fsx2"
</VirtualHost>

编写完成后可以使用httpd -t命令查看是否有语法错误。注意:上面两个虚拟主机域,端口相同,ip不同。当然,两个ip都的是本机上存在的ip地址

两个虚拟主机默认发布目录下的内容:

[root@localhost fsx2]# pwd
/var/www/fsx2
[root@localhost fsx2]# cat index.html 
<h1>fsx2.com</h1>
[root@localhost fsx1]# pwd
/var/www/fsx1
[root@localhost fsx1]# cat index.html
<h1>fsx1.com</h1>

 

测试:

[root@localhost fsx1]# curl 172.25.254.11
<h1>fsx1.com</h1>
[root@localhost fsx1]# curl 172.25.11.11
<h1>fsx2.com</h1>

cgi是什么?,common gateway interface通用网关接口

基于port的虚拟主机

基于端口的虚拟主机,即IP相同,port不同,根据此也可以实现不同站点的单服务器虚拟化。

具体格式:

[root@localhost conf.d]# cat virtual.conf
<VirtualHost 172.25.254.11:80>
    ServerName fsx1.com
    DocumentRoot "/var/www/fsx1"
</VirtualHost>
​
<VirtualHost 172.25.254.11:8080>
    ServerName fsx3.com
    DocumentRoot "/var/www/fsx3"
</VirtualHost>

可以看到,两个虚拟主机域,IP相同,但是port不同。同样fsx3.com的虚拟主机也要手动创建默认发布目录。

目录内容:

[root@localhost fsx3]# cat index.html 
<h1>fsx3.com</h1>
[root@localhost fsx3]# pwd
/var/www/fsx3

测试:

[root@localhost fsx3]# curl 172.25.254.11
<h1>fsx1.com</h1>
[root@localhost fsx3]# curl 172.25.254.11:8080
<h1>fsx3.com</h1>

基于主机名的虚拟主机

既然IP相同,port相同,那么同一个请求还会不会访问到不同数据呢?会的。因为完整的http请求,除了网络层(IP)和传输层(port)之外,还是用了http协议,这就可以实现基于hostname的虚拟主机。

具体方法:

[root@localhost conf.d]# cat virtual.conf
NameVirtualHost 172.25.254.11:80
​
<VirtualHost 172.25.254.11:80>
    ServerName fsx1.com
    DocumentRoot "/var/www/fsx1"
</VirtualHost>
​
<VirtualHost 172.25.254.11:80>
    ServerName fsx4.com
    DocumentRoot "/var/www/fsx4"
</VirtualHost>

可以看到,两个虚拟主机,IP端口完全一致,仅仅是ServerName不同,这也就是基于主机名的虚拟主机服务的关键点。同样,需要手动创建fsx4目录。

目录内容:

[root@localhost fsx4]# pwd
/var/www/fsx4
[root@localhost fsx4]# cat index.html 
<h1>fsx4.com</h1>

测试:

[root@localhost fsx4]# curl fsx1.com
<h1>fsx1.com</h1>
[root@localhost fsx4]# curl fsx4.com
<h1>fsx4.com</h1>

当然,此时需要作域名解析,一般是NS服务器做,但是也可以通过修改/etc/hosts文件来实现

关于虚拟主机其他一些配置

access日志分离

主要使用了CustomLog关键字;实现不同虚拟主机的访问日志分离的功能。如:

[root@localhost conf.d]# cat virtual.conf
NameVirtualHost 172.25.254.11:80
​
<VirtualHost 172.25.254.11:80>
    ServerName fsx1.com
    DocumentRoot "/var/www/fsx1"
    CustomLog "/var/www/fsx1/logs/access_log" combined
</VirtualHost>
​
<VirtualHost 172.25.254.11:80>
    ServerName fsx4.com
    DocumentRoot "/var/www/fsx4"
    CustomLog "/var/www/fsx4/logs/access_log" combined
</VirtualHost>

CustomLog指定了访问日志文件。

测试:

[root@localhost www]# curl fsx1.com
<h1>fsx1.com</h1>
[root@localhost www]# curl fsx4.com
<h1>fsx4.com</h1>
[root@localhost www]# cat fsx1/logs/access_log 
​
172.25.254.11 - - [14/Aug/2018:12:56:16 +0800] "GET / HTTP/1.1" 200 18 "-" "curl/7.29.0"
[root@localhost www]# cat fsx4/logs/access_log 
​
172.25.254.11 - - [14/Aug/2018:12:56:19 +0800] "GET / HTTP/1.1" 200 18 "-" "curl/7.29.0"

黑名单、白名单

使用deny和allow可以定义黑白名单。

<VirtualHost 172.25.254.11:80>
        ServerName fsx4.com
        DocumentRoot "/var/www/fsx4"
        CustomLog "/var/www/fsx4/logs/access_log" combined
        <Directory /var/www/fsx4>
                Options none
                AllowOverride none
                Order deny,allow
                deny from 172.25.254.11
        </Directory>
</VirtualHost>

可以看到172.25.254.11(真机IP地址)被禁止访问fsx4的虚拟主机服务,此时可以找到资源,但是服务器拒绝提供响应服务(403状态码)

测试:

[root@localhost conf.d]# curl fsx4.com
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /
on this server.</p>
</body></html>

简单认证

使用auth_basci模块可以进行简单的网页访问认证,基于用户名和密码;

[root@localhost conf.d]# cat virtual.conf
NameVirtualHost 172.25.254.11:80
​
<VirtualHost 172.25.254.11:80>
    ServerName fsx1.com
    DocumentRoot "/var/www/fsx1"
    CustomLog "/var/www/fsx1/logs/access_log" combined
    <Directory /var/www/fsx1>
        Options none
        AllowOverride authconfig
        AuthType Basic
        AuthName "fsx config"
        AuthUserFile "/etc/httpd/conf.d/.user"
        Require valid-user
    </Directory>
</VirtualHost>

用户名和密码被存放在/etc/httpd/conf.d/.user文件中,生成方法使用htpasswd命令。

[root@localhost conf.d]# htpasswd -m .user coco
New password: 
Re-type new password: 
Adding password for user coco
//如果.user文件不存在,要使用-c选项

重启服务器后,进行测试:

[root@localhost conf.d]# curl fsx1.com
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested.  Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
</body></html>
//使用curl命令,可以看到401状态码(认证提示)

location模块

location模块中可以使用SetHandler检测服务器状态。

NameVirtualHost 172.25.254.11:80
​
<VirtualHost 172.25.254.11:80>
        ServerName fsx1.com
        DocumentRoot "/var/www/fsx1"
        CustomLog "/var/www/fsx1/logs/access_log" combined
        <Directory /var/www/fsx1>
                Options none
                AllowOverride authconfig
                AuthType Basic
                AuthName "fsx config"
                AuthUserFile "/etc/httpd/conf.d/.user"
                Require valid-user
        </Directory>
        <Location /server-status>
                SetHandler server-status
                Order Allow,Deny
                Allow from all
        </Location>
</VirtualHost>

配置成功后,可以在浏览器访问:fsx1.com/server-status监控查看服务器信息。也可以作压力测试(ab或者http_load)

[root@localhost conf.d]# ab -n 100000 -c 100 http://fsx2.com/idex.html
This is ApacheBench, Version 2.3 <$Revision: 1430300 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/
​
Benchmarking fsx2.com (be patient)
Completed 10000 requests
Completed 20000 requests
Completed 30000 requests
Completed 40000 requests
Completed 50000 requests
Completed 60000 requests
Completed 70000 requests
Completed 80000 requests
Completed 90000 requests
Completed 100000 requests
Finished 100000 requests
​
​
Server Software:        Apache/2.4.6
Server Hostname:        fsx2.com
Server Port:            80
​
Document Path:          /idex.html
Document Length:        207 bytes
​
Concurrency Level:      100
Time taken for tests:   25.517 seconds
Complete requests:      100000
Failed requests:        0
Write errors:           0
Non-2xx responses:      100000
Total transferred:      41500000 bytes
HTML transferred:       20700000 bytes
Requests per second:    3919.00 [#/sec] (mean)
Time per request:       25.517 [ms] (mean)
Time per request:       0.255 [ms] (mean, across all concurrent requests)
Transfer rate:          1588.27 [Kbytes/sec] received
​
Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:        0    1   1.2      1      14
Processing:     3   24  11.4     20     160
Waiting:        0   23  11.1     20     155
Total:          3   25  11.0     22     164
​
Percentage of the requests served within a certain time (ms)
  50%     22
  66%     27
  75%     31
  80%     33
  90%     39
  95%     44
  98%     50
  99%     54
 100%    164 (longest request)

manual工具

[root@localhost conf.d]# yum list all | grep httpd-manual
http://localhost/fsx7.5/repodata/repomd.xml: [Errno 14] HTTP Error 403 - Forbidden
Trying other mirror.
To address this issue please refer to the below knowledge base article
​
https://access.redhat.com/solutions/69319
​
If above article doesn't help to resolve this issue please open a ticket with Red Hat Support.
​
httpd-manual.noarch                     2.4.6-80.el7               @fsx   

下载安装后,可以直接访问:fsx2.com/manual则可以获取所有的httpd帮助。

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值