标签:apache
##apache##
将实验机的hostname改为web1.web1.com
1.安装httpd服务,并启动httpd
[root@web1 ~]# yum install httpd -y
[root@web1 ~]# systemctl start httpd
cd到/var/www/html
[root@web1 ~]# cd /var/www/html/
编辑一个文件index.html(该文件由自己命名)
[root@web1 html]# vim index.html
[root@web1 html]# cat index.html
www.拉闸.com
关闭火墙
[root@web1 html]# firewall-cmd --permanent --add-service=http
success
[root@web1 html]# firewall-cmd --reload
success
测试
在真机上访问index.html所在的ip
2.cd到/etc/httpd/conf.d
[root@web1 html]# cd /etc/httpd/conf.d
[root@web1 conf.d]# ls
autoindex.conf php.conf README userdir.conf welcome.conf
安装mod_ssl ,crypto-utils
[root@web1 conf.d]# yum install mod_ssl -y
Loaded plugins: langpacks
rhel_dvd | 4.1 kB 00:00
[root@web1 conf.d]# yum install crypto-utils -y
Loaded plugins: langpacks
[root@web1 conf.d]# genkey www.拉闸.com
在此期间频繁动鼠标键盘,可加快速度
......
subject = CN=www.拉闸.com, OU=linux, O=westos, L=xi‘an, ST=shannxi, C=CN
valid for 1 months
random seed from /etc/pki/tls/.rand.3458
output will be written to /etc/pki/tls/certs/www.拉闸.com.crt
output key written to /etc/pki/tls/private/www.拉闸.com.key
.......
编辑ssl.conf
加入证书文件和证书钥匙文件
SSLCertificateFile /etc/pki/tls/certs/www.拉闸.com.crt
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you‘ve both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/pki/tls/private/www.拉闸.com.key
[root@web1 conf.d]# systemctl restart httpd.service
新建一个文件default.conf(自己命名)
[root@web1 conf.d]# vim default.conf
<Virtualhost _default_:80>
DocumentRoot /var/www/html
Customlog logs/default.logcombined
</Virtualhost>
[root@web1 conf.d]# mkdir -p /var/www/virtual/news/html
[root@web1 conf.d]# mkdir -p /var/www/virtual/ent/html
新建一个文件news.conf(自己命名)
[root@web1 conf.d]# vim news.conf
<Virtualhost *:80>
ServerName news.lazha.com
DocumentRoot /var/www/virtual/news/html
Customlog logs/news.log combined
</Virtualhost>
<Directory "/var/www/virtual/news/html">
Require all granted
</Directory>
[root@web1 conf.d]# cp news.conf ent.conf
[root@web1 conf.d]# vim ent.conf
<Virtualhost *:80>
ServerName ent.lazha.com
DocumentRoot /var/www/virtual/ent/html
Customlog logs/ent.log combined
</Virtualhost>
<Directory "/var/www/virtual/ent/html">
Require all granted
</Directory>
[root@web1 conf.d]# echo news.lazha.com > /var/www/virtual/news/html/index.html
[root@web1 conf.d]# echo ent.lazha.com > /var/www/virtual/ent/html/index.html
[root@web1 conf.d]# systemctl restart httpd.service
在浏览器所在主机编辑/etc/hosts
[root@foundation20 ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.25.254.220 www.westos.com westos.com music.westos.com news.westos.com
172.25.254.120 www.拉闸.com news.lazha.com ent.lazha.com##添加
3.网页重写
[root@web1 conf.d]# vim news.conf
<Virtualhost *:80>
ServerName news.lazha.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
<Directory "/var/www/virtual/news/html">
Require all granted
</Directory>
<Virtualhost *:443>##
ServerName news.lazha.com ##
DocumentRoot /var/www/virtual/news/html ##
Customlog logs/news-443.log combined ##
SSLEngine on ##子网页的https登陆
SSLCertificateFile /etc/pki/tls/certs/www.拉闸.com.crt##
SSLCertificateKeyFile /etc/pki/tls/private/www.拉闸.com.key ##
</Virtualhost> ##
[root@web1 conf.d]# systemctl restart httpd.service
测试:
在真机浏览器输入:http://news.lazha.com
此时上述输入的域名会自动变为:https://news.lazha.com
4.php网页和cgi网页
cd到/var/www/html
新建并编辑文件index.php
[root@web1 conf.d]# cd /var/www/html/
[root@web1 html]# ls
index.html saozhu
[root@web1 html]# vim index.php
<?php
phpinfo ();
?>
~
~
[root@web1 html]# vim /etc/httpd/conf/httpd.conf
164 DirectoryIndex index.php index.html
[root@web1 html]# systemctl restart httpd.service
[root@web1 html]# yum install php -y
Loaded plugins: langpacks
[root@web1 cgi]# yum install php-mysql.x86_64 -y
Loaded plugins: langpacks
测试:此时在网页输入172.25.254.2显示页面为
[root@web1 cgi]# yum install httpd-manual -y
Loaded plugins: langpacks
Resolving Dependencies
--> Running transaction check
......
下载完manual可以在172.25.254.2/manual里的CGL:Dyanmic Content里查看下面所编辑的文件的内容
[root@web1 cgi]# vim index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;
[root@web1 cgi]# chmod +x index.cgi
[root@web1 cgi]# perl index.cgi
Content-type: text/html
Sat Dec 10 00:00:54 EST 2016
[root@web1 conf.d]# vim default.conf
<Virtualhost _default_:80>
DocumentRoot /var/www/html
Customlog "logs/default.log" combined
</Virtualhost>
<Directory "/var/www/html/cgi">
Options +ExecCGI
AddHandler cgi-script .cgi
</Directory>
[root@web1 conf.d]# systemctl restart httpd.service
测试:
在浏览器输入172.25.254.2/cgi
刷新页面会看到时间的变化
*****
在此项实验如果未关闭selinux的情况下可做如下操作
[root@web1 conf.d]# cd /var/www
[root@web1 www]# ls
cgi-bin html virtual
[root@web1 www]# ls -Zd cgi-bin/
drwxr-xr-x. root root system_u:object_r:httpd_sys_script_exec_t:s0 cgi-bin/
[root@web1 www]# semanage fcontext -a -t httpd_sys_script_exec_t
[root@web1 www]# semanage fcontext -a -t httpd_sys_script_exec_t ‘/var/www/html/cgi(/.*)?‘
[root@web1 www]# restorecon -FvvR /var/www/html/cgi/##刷新标签(将之前的标签改为改过后的标签)
restorecon reset /var/www/html/cgi context unconfined_u:object_r:httpd_sys_content_t:s0->system_u:object_r:httpd_sys_script_exec_t:s0
restorecon reset /var/www/html/cgi/index.cgi context unconfined_u:object_r:httpd_sys_content_t:s0->system_u:object_r:httpd_sys_script_exec_t:s0
[root@web1 www]# getenforce
Enforcing
*****
5.搭建论坛
[root@web1 www]# yum install mariadb-server -y
Loaded plugins: langpacks
[root@web1 www]# systemctl start mariadb
[root@web1 ~]# netstat -antple | grep mysql
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 27 94425 6820/mysqld
[root@web1 ~]# vim /etc/my.cnf
# instructions in http://fedoraproject.org/wiki/Systemd
skip-networking=1##隐藏mysql的端口,不让它在互联网里暴露,确保数据库网络环境安全这行是加入的
[root@web1 ~]# systemctl restart mariadb
[root@web1 ~]# netstat -antple | grep mysql
没有显示
[root@web1 html]# unzip Discuz_X3.2_SC_UTF8.zip
[root@web1 html]# ls
cgi index.html readme upload
Discuz_X3.2_SC_UTF8.zip index.php saozhu utility
[root@web1 html]# chmod 777 upload/data/ upload/config/ -R
[root@web1 html]# setenforce 0
[root@web1 html]# systemctl restart httpd.service
squid正向代理
[root@web1 html]# yum install squid -y
Loaded plugins: langpacks
Resolving Dependencies
[root@web1 squid]# vim /etc/squid/squid.conf
56 http_access allow all
57
58 # Squid normally listens to port 3128
59 http_port 3128
60
61 # Uncomment and adjust the following to add a disk cache directory.
62 cache_dir ufs /var/spool/squid 100 16 256
[root@web1 squid]# systemctl restart squid.service
squid反向代理
在要做实验的主机上卸载httpd服务并删除残留文件
[root@web1 ~]# yum remove httpd -y
Loaded plugins: langpacks
Resolving Dependencies
..
warning: /etc/httpd/conf/httpd.conf saved as /etc/httpd/conf/httpd.conf.rpmsave
Verifying : php-5.4.16-21.el7.x86_64 1/4
Verifying : 1:mod_ssl-2.4.6-17.el7.x86_64 2/4
Verifying : httpd-manual-2.4.6-17.el7.noarch 3/4
Verifying : httpd-2.4.6-17.el7.x86_64 4/4
Removed:
httpd.x86_64 0:2.4.6-17.el7
Dependency Removed:
httpd-manual.noarch 0:2.4.6-17.el7 mod_ssl.x86_64 1:2.4.6-17.el7
php.x86_64 0:5.4.16-21.el7
Complete!
[root@web1 ~]#rm -fr /etc/httpd
此时在其他主机上访问不到本主机的ip (访问出错)
安装squid服务
[root@web1 ~]# yum install squid -y
[root@web1 ~]# systemctl start squid
[root@web1 etc]# vim /etc/squid/squid.conf
56 http_access allow all
57
58 # Squid normally listens to port 3128
59 http_port 80 vhost vport
60 cache_peer 172.25.254.3 parent 80 0 no-query
|||| || || ||
61 # Uncomment and adjust the following to add a disk cache directory.
62 cache_dir ufs /var/spool/squid 100 16 256
[root@web1 etc]# systemctl restart squid.service
测试
在真机上用浏览器访问172.25.254.120显示的结果是172.25.254.3的默认发布目录里的东西
默认发布目录在/var/www/html下边
vim /etc/httpd/conf/httpd.conf
[root@web1 etc]# vim /etc/squid/squid.conf
56 http_access allow all
57
58 # Squid normally listens to port 3128
59 http_port 80 vhost vport
60 cache_peer 172.25.254.3 parent 80 0 no-query originserver round-robin name=web1
61 cache_peer 172.25.254.4 parent 80 0 no-query originserver round-robin name=web2
62 cache_peer_domain web1 web2 www.taobao.com
63 # Uncomment and adjust the following to add a disk cache directory.
64 cache_dir ufs /var/spool/squid 100 16 256
[root@web1 etc]# systemctl restart squid.service
[root@web1 etc]# systemctl stop firewalld.service
测试
[root@foundation20 ~]# vim /etc/hosts
172.25.254.120 www.westos.com news.westos.com ent.westos.com www.taobao.com
~
在真机上通过浏览器访问www.taobao.com 刷新就会看见ip为172.25.254.3和172.25.254.4的默认发布目录里的内容
本文出自 “12288655” 博客,谢绝转载!
标签:apache
原文地址:http://12298655.blog.51cto.com/12288655/1882920