码迷,mamicode.com
首页 > Web开发 > 详细

虚拟主机加密与网页重写 squit服务

时间:2016-12-16 01:52:07      阅读:306      评论:0      收藏:0      [点我收藏+]

标签:虚拟主机   加密   网页   认证   

{**虚拟主机加密和网页重写apache**}

做好https认证以后

hostnamectl set-hostname web1.example.com

logout

vim /etc/httpd/conf.d/ssl.conf

cd /etc/httpd/conf.d/

vim news.conf

<Virtualhost *:80>

        Servername news.westos.com

        Documentroot /var/www/virtual/news.westos.com/html

        Customlog logs/news.log       combined

</Virtualhost>

<Directory "/var/www/virtual/news.westos.com/html">

        Require all granted

</Directory>

<Virtualhost *:443>                    **可以访问443端口(https端口)

        Servername news.westos.com      **主机名

        Documentroot /var/www/virtual/news.westos.com/html

        Customlog logs/news-443.log       combined    

        SSLEngine on

        SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt    **证书

            SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key    **钥匙

</Virtualhost>

 

systemctl restart httpd.service   重启服务

在浏览器中访问http://news.westos.com

 

 

访问http://news.westos.com自动转到https://news.westos.com

vim news.conf   修改如下:

<Virtualhost *:80>

        Servername news.westos.com

        RewriteEngine on

        RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301] **当访问http时带他访问https

</Virtualhost>

<Directory "/var/www/virtual/news.westos.com/html">

        Require all granted

</Directory>

<Virtualhost *:443>

        Servername news.westos.com

        Documentroot /var/www/virtual/news.westos.com/html

        Customlog logs/news-443.log       combined

        SSLEngine on

        SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt

        SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key

</Virtualhost>

 

systemctl restart httpd.service   重启服务

此时在浏览器中访问http://news.westos.com还是https://news.westos.com都自动转到https://news.westos.com

 

 

[**php和cgi**]

cd /var/www/html/

ls

vim index.html

vim index.php

     1  <?php

     2 phpinfo ();

     3  ?>

vim /etc/httpd/conf/httpd.conf

    163 <IfModule dir_module>

    164     DirectoryIndex index.php index.html    优先读取php 确认发布目录是/var/www/html/

systemctl restart httpd.service

 

yum install php -y      安装

cd /etc/httpd/conf.d/

systemctl restart httpd.service  重启服务

cd /var/www/html/

mkdir cgi        [先建立一个cgi目录]

cd cgi/

yum install httpd-manual   安装manual(查找cgi需要的命令)

vim index.cgi

     1 #!/usr/bin/perl

     2 print "Content-type: text/html\n\n";

     3 print `date`;

perl index.cgi        **测试cgi是否可用

chmod +x index.cgi    **[给一个执行权限,可以用 prel index.cgi]

cd /etc/httpd/conf.d/

vim default.conf

<Virtualhost _default_:80>

        Documentroot /var/www/html

        Customlog "logs/default.log" combined

</Virtualhost>

<Directory "/var/www/html/cgi">            读取的文件

        Options +ExecCGI            有执行权限

        AddHandler cgi-script .cgi

</Directory>

systemctl restart httpd.service

ls -Zd cgi-bin/

semanage fcontext -a -t httpd_sys_script_exec_t ‘/var/www/html/cgi(/.*)?‘  修改安全上下文

restorecon -FvvR /var/www/html/cgi/     

测试:http://172.25.254.149/cgi/index.cgi

 

yum install mariadb-server -y             **安装服务

systemctl start mariadb                   **重启服务

vim /etc/my.cnf                    **数据库配置文件

        skip-networking=1            **关闭远程连接

 

systemctl restart mariadb

mysql_secure_installation

cd /var/www/html/

ls

lftp 172.25.254.250             **下载Discuz_X3.2_SC_UTF8.zip软件包

unzip Discuz_X3.2_SC_UTF8.zip   ** 解析

less readme/readme.txt

setenforce 0                    

chmod 777 upload/ -R

yum install php-mysql.x86_64   下载两者关联的服务

systemctl restart httpd.service

在浏览器中访问http://172.25.254.149/upload/install     **进行设置 

 

[**squit**] 

squit正向解析:(效果:通过172.25.49.11浏览器可以访问172.25.254.250)

yum install squid -y                安装服务

vim /etc/squid/squid.conf

         56 http_access allow all            允许所有访问

         62 cache dir ufs /var/spool/squid 100 16 256    

systemctl start squid                开启服务

测试172.25.49.11

    打开 firefox  把Advanced——Network中的Settings,Manual ~ 中 写入你所访问的缓冲机(有两块网卡的那个)。

然后访问172.25.254.250,就会成功。虽然 ping 不同 172.25.254.250,但是能访问。

 

[2.缓存网站信息,并且轮询显示]

 

yum install squid。

vim /etc/squid/squid.conf

        56 http access_allow_all      **允许所有人访问

        59 http_port 80 vhost vport   **使用80端口    

        60 cache_peer 172.25.254.60 parent 80 0no-query originserver round-robin name=   web1

      61 cache_peer 172.25.254.4 parent 80 0no-query originserver round-robin name=   web2

        62 cache_peer_domain web1web2 www.test.com

      63 cache_dir ufs /var/spool/squid 100 16 256   cache_peer_domain web1 web2www.test.com    **设置网站访问域名

 

 

systemctl restart squid

并且在/etc/hosts 中添加 172.25.254.149 www.test.com

本文出自 “12106768” 博客,请务必保留此出处http://12116768.blog.51cto.com/12106768/1883198

虚拟主机加密与网页重写 squit服务

标签:虚拟主机   加密   网页   认证   

原文地址:http://12116768.blog.51cto.com/12106768/1883198

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!