CloudFlare类似一个CDN,可以加速网站的访问速度。
通过安装Railgun listener,在CloudFlare有一个Sender,两者之间通过Railgun 协议通信,
Railgun improves page load time by:
- Compressing content by tracking differences between page versions (down to the byte), only sending the parts that have actually changed.
- Maintaining a single persistent connection for multiple simultaneous requests, eliminating network connection latency.
- Caching dynamic content that changes frequently or is personalized.
首先搭建一个服务器,确定拥有ipv6地址,有些服务器只有ipv4地址,将域名服务器绑定到CLoudFlare上,为了只能通过IPv6访问,搭建Apache服务器,监听ipv6端口
在搭建Apache服务器时,使用./configure --disable-v4-mapped 禁止ipv4到ipv6的映射,否则监听端口Listen [::]:80是输入ipv4的地址仍然可以访问我们的服务器。
使用安装Railgun:官方文档:https://www.cloudflare.com/docs/railgun/installation.html
安装apache 并开启https,只能通过IPv6访问
安装OpenSSL
下载openssl-1.0.2g.tar.gz
./config --openssldir=/usr/local/ssl
make depend
make && make install
./config shared --openssldir=/usr/local/ssl
make clean
make && make install
ssl将默认安装到/usr/local/ssl,openssldir 是配置文件目录
--openssldir=/usr/local/ssl
安装Apache
./configure --enable-rewrite --enable-so --enable-ssl --enable-mods-shared=all --enable-modules=all --enable-mods-shared=all --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util/ --with-ssl=/usr/local/ssl --disable-v4-mapped
make && make install
配置apache的ssl
httpd.conf中配置
- #启用ssl模块
- sed -i 's:#LoadModule ssl_module modules/mod_ssl.so:LoadModule ssl_module modules/mod_ssl.so:' /usr/local/httpd/conf/httpd.conf
- sed -i 's:#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so:LoadModule socache_shmcb_module modules/mod_socache_shmcb.so:' /usr/local/httpd/conf/httpd.conf
- sed -i 's:#Include conf/extra/httpd-ssl.conf:Include conf/extra/httpd-ssl.conf:' /usr/local/httpd/conf/httpd.conf
httpd-ssl.conf配置
- sed -i 's:#SSLCertificateChainFile "/usr/local/httpd/conf/server-ca.crt":SSLCertificateChainFile "/usr/local/httpd/conf/server-ca.crt":' /usr/local/httpd/conf/extra/httpd-ssl.conf
拷贝server.crt 、server-ca.crt、server.key到/usr/local/httpd/conf目录下