Linux 第十二周学习笔记 阿帕奇服务
2016-12-17 15:39
302 查看
apache
[root@web-1 ~]# yum install httpd -y
[root@web-1 html]# yum install httpd-manual -y
更改默认发布文件
[root@web-1 html]# vim /etc/httpd/conf/httpd.conf
更改默认发布目录
[root@web-1 html]# mkdir /www/westos -p
[root@web-1 html]# semanage fcontext -a -t httpd_sys_content_t '/www/westos(/*)?'
[root@web-1 html]# restorecon -RvvF /www/
restorecon reset /www context unconfined_u:object_r:default_t:s0->system_u:object_r:default_t:s0
restorecon reset /www/westos context unconfined_u:object_r:default_t:s0->system_u:object_r:httpd_sys_content_t:s0
[root@web-1 html]# cd /www/westos/
[root@web-1 westos]# vim index.html
[root@web-1 westos]# ls -Z
-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 index.html
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 Require all granted
123 </Directory>
[root@web-1 westos]# systemctl restart http
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 Require all granted
123 Order Allow,Deny
124 Allow from All
125 Deny from 172.25.254.209
126 </Directory>
[root@web-1 westos]# systemctl restart http
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 Require all granted
123 Order Deny,Allow
124 Allow from ALL
125 Deny from 172.25.254.209
[root@web-1 westos]# systemctl restart http
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 Require all granted
123 Order Deny,Allow
124 Allow from 172.25.254.9
125 Deny from ALL
用户认证
[root@web-1 httpd]# htpasswd -cm htpasswdfile admin
New password:
Re-type new password:
Adding password for user admin
[root@web-1 httpd]# htpasswd -m htpasswdfile westos
New password:
Re-type new password:
Adding password for user westos
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 # Require all granted
123 AllowOverride All
124 Authuserfile /etc/httpd/htpasswdfile
125 Authname "Please input username and passwd"
126 Authtype basic
127 Require user admin
128 </Directory>
[root@web-1 httpd]# systemctl restart httpd
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 # Require all granted
123 AllowOverride All
124 Authuserfile /etc/httpd/htpasswdfile
125 Authname "Please input username and passwd"
126 Authtype basic
127 Require valid-user
128 </Directory>
[root@web-1 httpd]# systemctl restart httpd
[root@web-1 ~]# cd /var/www/html/
[root@web-1 ~]# vim index.html
www.westos.com
[root@web-1 ~]# mkdir /var/www/virtual/news.westos.com/html -p
[root@web-1 ~]# cd /var/www/virtual/news.westos.com/html
[root@web-1 html]# vim index.html
[root@web-1 html]# mkdir /var/www/virtual/music.westos.com/html -p
[root@web-1 html]# cd /var/www/virtual/music.westos.com/html
[root@web-1 html]# vim index.html
[root@web-1 html]# cd /etc/httpd/conf.d/
[root@web-1 conf.d]# vim default.conf
<Virtualhost _default_:80>
Documentroot /var/www/html
Customlog "logs/default.log" combined
</Virtualhost>
<Directory "/var/www/html">
Require all granted
</Directory>
[root@web-1 conf.d]# vim news.conf
<Virtualhost *:80>
Servername news.westos.com
Documentroot /var/www/virtual/news.westos.com/html
Customlog "logs/default.log" combined
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html">
Require all granted
</Directory>
[root@web-1 conf.d]# vim music.conf
<Virtualhost *:80>
Servername music.westos.com
Documentroot /var/www/virtual/music.westos.com/html
Customlog "logs/default.log" combined
</Virtualhost>
<Directory "/var/www/virtual/music.westos.com/html">
Require all granted
</Directory>
[root@web-1 conf.d]# systemctl restart httpd.service
测试机上的更改
vim /etc/hosts
172.25.254.109 www.westos.com westos.com news.westos.com music.westos.com
https
[root@web-1 conf.d]# yum install mod_ssl -y
[root@web-1 conf.d]# yum install crypto-utils -y
[root@web-1 conf.d]# genkey www.westos.com
/usr/bin/keyutil -c makecert -g 1024 -s "CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN" -v 1 -a -z /etc/pki/tls/.rand.9611 -o /etc/pki/tls/certs/www.westos.com.crt -k /etc/pki/tls/private/www.westos.com.key
cmdstr: makecert
cmd_CreateNewCert
command: makecert
keysize = 1024 bits
subject = CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN
valid for 1 months
random seed from /etc/pki/tls/.rand.9611
output will be written to /etc/pki/tls/certs/www.westos.com.crt
output key written to /etc/pki/tls/private/www.westos.com.key
Generating key. This may take a few moments...
Made a key
Opened tmprequest for writing
/usr/bin/keyutil Copying the cert pointer
Created a certificate
Wrote 882 bytes of encoded data to /etc/pki/tls/private/www.westos.com.key
Wrote the key to:
/etc/pki/tls/private/www.westos.com.key
[root@web-1 conf]# cd /etc/httpd/conf.d
[root@web-1 conf.d]# vim ssl.conf
100 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
107 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
[root@web-1 conf.d]# systemctl restart httpd.service
测试机
网页重写与虚拟主机的https
[root@web-1 html]# cd /etc/httpd/conf.d/
[root@web-1 conf.d]# firewall-cmd --permanent --add-service=http
success
[root@web-1 conf.d]# firewall-cmd --permanent --add-service=https
success
[root@web-1 conf.d]# firewall-cmd --reload
success
[root@web-1 conf.d]# vim music.conf
<Virtualhost *:80>
Servername music.westos.com
RewriteEngine on 允许网页重写
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301] ##重写为https
</Virtualhost>
<Directory "/var/www/virtual/music.westos.com/html">
Require all granted ##授权
</Directory>
<Virtualhost *:443> ##443端口
Servername music.westos.com
Documentroot /var/www/virtual/music.westos.com/html
Customlog "logs/default-443.log" combined ##产生的日志放在logs/default-443.log 下
SSLEngine on ##开启认证
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##证书
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key ##钥匙
</Virtualhost>
[root@web-1 conf.d]# vim news.conf
<Virtualhost *:80>
Servername news.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html">
Require all granted
</Directory>
<Virtualhost *:443>
Servername news.westos.com
Documentroot /var/www/virtual/news.westos.com/html
Customlog "logs/news-443.log" combined
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
</Virtualhost>
[root@web-1 conf.d]# systemctl restart httpd
测试机操作
[root@maillinux ~]# vim /etc/hosts
172.25.254.109 www.westos.com westos.com news.westos.com music.westos.com
打开firefox输入http://music.westos.com 会自动跳转为https://music.westos.com.
php
[root@web-1 html]# vim index.php
<?php
phpinfo ();
?>
[root@web-1 html]# vim /etc/httpd/conf/httpd.conf
163 DirectoryIndex index.php index.html
[root@web-1 html]# chmod +x /var/www/html
[root@web-1 html]# systemctl restart httpd.service
cgi
[root@web-1 html]# mkdir cgi
[root@web-1 html]# yum install http-manual -y
[root@web-1 html]# cd cgi/
vim index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;
[root@web-1 html]# cd /etc/httpd/conf.d/
[root@web-1 conf.d]# vim default.conf
<Virtualhost _default_:80>
DocumentRoot /var/www/html
Customlog "logs/default.log" combined
</Virtualhost>
<Directory "/var/www/html">
Options +ExecCGI
AddHandler cgi-script .cgi
</Directory>
[root@web-1 conf.d]# chmod +x /var/www/html/cgi/*
[root@web-1 conf.d]# semanage fcontext -a -t httpd_sys_script_exec_t '/var/www/html/cgi/(/.*)?'
[root@web-1 conf.d]# restorecon -RvvF /var/www/html/cgi/
[root@web-1 conf.d]# systemctl restart httpd.service
论坛
[root@web-1 html]# yum install mariadb -y 安装数据库
若没有安装数据库,安装后要进行安全设置。因为一般情况下我们不会把数据库的端口裸露在外,所以要隐藏端口。
[root@web-1 html]# vim /etc/my.cnf
10 skip-networking=1
[root@web-1 html]# netstat -antlpe | grep mariadb
[root@web-1 html]# setenforce 0
[root@web-1 html]# systemctl start mariadb
下载论坛安装包
Discuz_X3.2_SC_UTF8.zip
[root@web-1 html]# unzip Discuz_X3.2_SC_UTF8.zip
[root@web-1 html]# chmod 777 upload/ -R
[root@web-1 ~]# yum install httpd -y
[root@web-1 html]# yum install httpd-manual -y
更改默认发布文件
[root@web-1 html]# vim /etc/httpd/conf/httpd.conf
更改默认发布目录
[root@web-1 html]# mkdir /www/westos -p
[root@web-1 html]# semanage fcontext -a -t httpd_sys_content_t '/www/westos(/*)?'
[root@web-1 html]# restorecon -RvvF /www/
restorecon reset /www context unconfined_u:object_r:default_t:s0->system_u:object_r:default_t:s0
restorecon reset /www/westos context unconfined_u:object_r:default_t:s0->system_u:object_r:httpd_sys_content_t:s0
[root@web-1 html]# cd /www/westos/
[root@web-1 westos]# vim index.html
[root@web-1 westos]# ls -Z
-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 index.html
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 Require all granted
123 </Directory>
[root@web-1 westos]# systemctl restart http
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 Require all granted
123 Order Allow,Deny
124 Allow from All
125 Deny from 172.25.254.209
126 </Directory>
[root@web-1 westos]# systemctl restart http
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 Require all granted
123 Order Deny,Allow
124 Allow from ALL
125 Deny from 172.25.254.209
[root@web-1 westos]# systemctl restart http
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 Require all granted
123 Order Deny,Allow
124 Allow from 172.25.254.9
125 Deny from ALL
用户认证
[root@web-1 httpd]# htpasswd -cm htpasswdfile admin
New password:
Re-type new password:
Adding password for user admin
[root@web-1 httpd]# htpasswd -m htpasswdfile westos
New password:
Re-type new password:
Adding password for user westos
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 # Require all granted
123 AllowOverride All
124 Authuserfile /etc/httpd/htpasswdfile
125 Authname "Please input username and passwd"
126 Authtype basic
127 Require user admin
128 </Directory>
[root@web-1 httpd]# systemctl restart httpd
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 # Require all granted
123 AllowOverride All
124 Authuserfile /etc/httpd/htpasswdfile
125 Authname "Please input username and passwd"
126 Authtype basic
127 Require valid-user
128 </Directory>
[root@web-1 httpd]# systemctl restart httpd
[root@web-1 ~]# cd /var/www/html/
[root@web-1 ~]# vim index.html
www.westos.com
[root@web-1 ~]# mkdir /var/www/virtual/news.westos.com/html -p
[root@web-1 ~]# cd /var/www/virtual/news.westos.com/html
[root@web-1 html]# vim index.html
[root@web-1 html]# mkdir /var/www/virtual/music.westos.com/html -p
[root@web-1 html]# cd /var/www/virtual/music.westos.com/html
[root@web-1 html]# vim index.html
[root@web-1 html]# cd /etc/httpd/conf.d/
[root@web-1 conf.d]# vim default.conf
<Virtualhost _default_:80>
Documentroot /var/www/html
Customlog "logs/default.log" combined
</Virtualhost>
<Directory "/var/www/html">
Require all granted
</Directory>
[root@web-1 conf.d]# vim news.conf
<Virtualhost *:80>
Servername news.westos.com
Documentroot /var/www/virtual/news.westos.com/html
Customlog "logs/default.log" combined
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html">
Require all granted
</Directory>
[root@web-1 conf.d]# vim music.conf
<Virtualhost *:80>
Servername music.westos.com
Documentroot /var/www/virtual/music.westos.com/html
Customlog "logs/default.log" combined
</Virtualhost>
<Directory "/var/www/virtual/music.westos.com/html">
Require all granted
</Directory>
[root@web-1 conf.d]# systemctl restart httpd.service
测试机上的更改
vim /etc/hosts
172.25.254.109 www.westos.com westos.com news.westos.com music.westos.com
https
[root@web-1 conf.d]# yum install mod_ssl -y
[root@web-1 conf.d]# yum install crypto-utils -y
[root@web-1 conf.d]# genkey www.westos.com
/usr/bin/keyutil -c makecert -g 1024 -s "CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN" -v 1 -a -z /etc/pki/tls/.rand.9611 -o /etc/pki/tls/certs/www.westos.com.crt -k /etc/pki/tls/private/www.westos.com.key
cmdstr: makecert
cmd_CreateNewCert
command: makecert
keysize = 1024 bits
subject = CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN
valid for 1 months
random seed from /etc/pki/tls/.rand.9611
output will be written to /etc/pki/tls/certs/www.westos.com.crt
output key written to /etc/pki/tls/private/www.westos.com.key
Generating key. This may take a few moments...
Made a key
Opened tmprequest for writing
/usr/bin/keyutil Copying the cert pointer
Created a certificate
Wrote 882 bytes of encoded data to /etc/pki/tls/private/www.westos.com.key
Wrote the key to:
/etc/pki/tls/private/www.westos.com.key
[root@web-1 conf]# cd /etc/httpd/conf.d
[root@web-1 conf.d]# vim ssl.conf
100 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
107 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
[root@web-1 conf.d]# systemctl restart httpd.service
测试机
网页重写与虚拟主机的https
[root@web-1 html]# cd /etc/httpd/conf.d/
[root@web-1 conf.d]# firewall-cmd --permanent --add-service=http
success
[root@web-1 conf.d]# firewall-cmd --permanent --add-service=https
success
[root@web-1 conf.d]# firewall-cmd --reload
success
[root@web-1 conf.d]# vim music.conf
<Virtualhost *:80>
Servername music.westos.com
RewriteEngine on 允许网页重写
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301] ##重写为https
</Virtualhost>
<Directory "/var/www/virtual/music.westos.com/html">
Require all granted ##授权
</Directory>
<Virtualhost *:443> ##443端口
Servername music.westos.com
Documentroot /var/www/virtual/music.westos.com/html
Customlog "logs/default-443.log" combined ##产生的日志放在logs/default-443.log 下
SSLEngine on ##开启认证
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##证书
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key ##钥匙
</Virtualhost>
[root@web-1 conf.d]# vim news.conf
<Virtualhost *:80>
Servername news.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html">
Require all granted
</Directory>
<Virtualhost *:443>
Servername news.westos.com
Documentroot /var/www/virtual/news.westos.com/html
Customlog "logs/news-443.log" combined
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
</Virtualhost>
[root@web-1 conf.d]# systemctl restart httpd
测试机操作
[root@maillinux ~]# vim /etc/hosts
172.25.254.109 www.westos.com westos.com news.westos.com music.westos.com
打开firefox输入http://music.westos.com 会自动跳转为https://music.westos.com.
php
[root@web-1 html]# vim index.php
<?php
phpinfo ();
?>
[root@web-1 html]# vim /etc/httpd/conf/httpd.conf
163 DirectoryIndex index.php index.html
[root@web-1 html]# chmod +x /var/www/html
[root@web-1 html]# systemctl restart httpd.service
cgi
[root@web-1 html]# mkdir cgi
[root@web-1 html]# yum install http-manual -y
[root@web-1 html]# cd cgi/
vim index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;
[root@web-1 html]# cd /etc/httpd/conf.d/
[root@web-1 conf.d]# vim default.conf
<Virtualhost _default_:80>
DocumentRoot /var/www/html
Customlog "logs/default.log" combined
</Virtualhost>
<Directory "/var/www/html">
Options +ExecCGI
AddHandler cgi-script .cgi
</Directory>
[root@web-1 conf.d]# chmod +x /var/www/html/cgi/*
[root@web-1 conf.d]# semanage fcontext -a -t httpd_sys_script_exec_t '/var/www/html/cgi/(/.*)?'
[root@web-1 conf.d]# restorecon -RvvF /var/www/html/cgi/
[root@web-1 conf.d]# systemctl restart httpd.service
论坛
[root@web-1 html]# yum install mariadb -y 安装数据库
若没有安装数据库,安装后要进行安全设置。因为一般情况下我们不会把数据库的端口裸露在外,所以要隐藏端口。
[root@web-1 html]# vim /etc/my.cnf
10 skip-networking=1
[root@web-1 html]# netstat -antlpe | grep mariadb
[root@web-1 html]# setenforce 0
[root@web-1 html]# systemctl start mariadb
下载论坛安装包
Discuz_X3.2_SC_UTF8.zip
[root@web-1 html]# unzip Discuz_X3.2_SC_UTF8.zip
[root@web-1 html]# chmod 777 upload/ -R
相关文章推荐
- Linux学习笔记----Mail服务
- Linux学习笔记:REHL AS4的上网配置,Http服务安装及配置,ftp服务的安装及配置
- Linux 学习笔记_12_Windows与Linux文件共享服务_1.1_--Samba(下)Samba经典应用案例
- Linux 学习笔记_12_Windows与Linux文件共享服务_1.1_--Samba(上)
- Linux 学习笔记_12_文件共享服务_2_FTP应用--vsftpd
- Linux学习笔记 文件服务Vsftp详细介绍
- Linux学习笔记——DHCP服务
- Linux 学习笔记_12_Windows与Linux文件共享服务_1.1_--Samba(下)Samba经典应用案例
- Linux 学习笔记_12_Windows与Linux文件共享服务_1.1_--Samba(上)
- rh9 linux服务配置学习笔记---------Apache
- rh9 linux服务配置学习笔记--------dns
- Linux 学习笔记之 6 Linux系统启动和服务
- IBM大型机技术学习笔记(二) —— IBM 企业级Linux 服务
- Linux 学习笔记_12_文件共享服务_2_FTP应用--vsftpd
- Linux学习笔记——文件服务之NFS
- Linux学习笔记——DHCP服务
- linux学习笔记: 系统服务介绍
- 【Linux学习笔记二十三】进程和服务的管理
- rh9 linux服务配置学习笔记--------dns
- Linux 学习笔记_12_文件共享服务_2_FTP应用--vsftpd