Linux 第十二週學習筆記阿帕奇服務

時間 2019-11-22

標籤 linux 第十二學習筆記服務欄目 Linux 简体版

原文原文鏈接

apachephp

[root@web-1 ~]# yum install httpd -yhtml

[root@web-1 html]# yum install httpd-manual -ylinux

更改默認發佈文件web

[root@web-1 html]# vim /etc/httpd/conf/httpd.conf 數據庫

更改默認發佈目錄apache

[root@web-1 html]# mkdir /www/westos -pvim

[root@web-1 html]# semanage fcontext -a -t httpd_sys_content_t '/www/westos(/*)?'安全

[root@web-1 html]# restorecon -RvvF /www/dom

restorecon reset /www context unconfined_u:object_r:default_t:s0->system_u:object_r:default_t:s0ide

restorecon reset /www/westos context unconfined_u:object_r:default_t:s0->system_u:object_r:httpd_sys_content_t:s0

[root@web-1 html]# cd /www/westos/

[root@web-1 westos]# vim index.html

[root@web-1 westos]# ls -Z

-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 index.html

[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf

120 DocumentRoot "/www/westos"

121 <Directory "/www/westos">

122 Require all granted

123 </Directory>

[root@web-1 westos]# systemctl restart http

[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf

120 DocumentRoot "/www/westos"

121 <Directory "/www/westos">

122 Require all granted

123 Order Allow,Deny

124 Allow from All

125 Deny from 172.25.254.209

126 </Directory>

[root@web-1 westos]# systemctl restart http

[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf

120 DocumentRoot "/www/westos"

121 <Directory "/www/westos">

122 Require all granted

123 Order Deny,Allow

124 Allow from ALL

125 Deny from 172.25.254.209

[root@web-1 westos]# systemctl restart http

[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf

120 DocumentRoot "/www/westos"

121 <Directory "/www/westos">

122 Require all granted

123 Order Deny,Allow

124 Allow from 172.25.254.9

125 Deny from ALL

用戶認證

[root@web-1 httpd]# htpasswd -cm htpasswdfile admin

New password:

Re-type new password:

Adding password for user admin

[root@web-1 httpd]# htpasswd -m htpasswdfile westos

New password:

Re-type new password:

Adding password for user westos

[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf

120 DocumentRoot "/www/westos"

121 <Directory "/www/westos">

122 # Require all granted

123 AllowOverride All

124 Authuserfile /etc/httpd/htpasswdfile

125 Authname "Please input username and passwd"

126 Authtype basic

127 Require user admin

128 </Directory>

[root@web-1 httpd]# systemctl restart httpd

[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf

120 DocumentRoot "/www/westos"

121 <Directory "/www/westos">

122 # Require all granted

123 AllowOverride All

124 Authuserfile /etc/httpd/htpasswdfile

125 Authname "Please input username and passwd"

126 Authtype basic

127 Require valid-user

128 </Directory>

[root@web-1 httpd]# systemctl restart httpd

[root@web-1 ~]# cd /var/www/html/

[root@web-1 ~]# vim index.html

www.westos.com

[root@web-1 ~]# mkdir /var/www/virtual/news.westos.com/html -p

[root@web-1 ~]# cd /var/www/virtual/news.westos.com/html

[root@web-1 html]# vim index.html

[root@web-1 html]# mkdir /var/www/virtual/music.westos.com/html -p

[root@web-1 html]# cd /var/www/virtual/music.westos.com/html

[root@web-1 html]# vim index.html

[root@web-1 html]# cd /etc/httpd/conf.d/

[root@web-1 conf.d]# vim default.conf

Documentroot /var/www/html

Customlog "logs/default.log" combined

</Virtualhost>

Require all granted

</Directory>

[root@web-1 conf.d]# vim news.conf

Servername news.westos.com

Documentroot /var/www/virtual/news.westos.com/html

Customlog "logs/default.log" combined

</Virtualhost>

Require all granted

</Directory>

[root@web-1 conf.d]# vim music.conf

Servername music.westos.com

Documentroot /var/www/virtual/music.westos.com/html

Customlog "logs/default.log" combined

</Virtualhost>

Require all granted

</Directory>

[root@web-1 conf.d]# systemctl restart httpd.service

測試機上的更改

vim /etc/hosts

172.25.254.109 www.westos.com westos.com news.westos.com music.westos.com

https

[root@web-1 conf.d]# yum install mod_ssl -y

[root@web-1 conf.d]# yum install crypto-utils -y

[root@web-1 conf.d]# genkey www.westos.com

/usr/bin/keyutil -c makecert -g 1024 -s "CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN" -v 1 -a -z /etc/pki/tls/.rand.9611 -o /etc/pki/tls/certs/www.westos.com.crt -k /etc/pki/tls/private/www.westos.com.key

cmdstr: makecert

cmd_CreateNewCert

command: makecert

keysize = 1024 bits

subject = CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN

valid for 1 months

random seed from /etc/pki/tls/.rand.9611

output will be written to /etc/pki/tls/certs/www.westos.com.crt

output key written to /etc/pki/tls/private/www.westos.com.key

Generating key. This may take a few moments...

Made a key

Opened tmprequest for writing

/usr/bin/keyutil Copying the cert pointer

Created a certificate

Wrote 882 bytes of encoded data to /etc/pki/tls/private/www.westos.com.key

Wrote the key to:

/etc/pki/tls/private/www.westos.com.key

[root@web-1 conf]# cd /etc/httpd/conf.d

[root@web-1 conf.d]# vim ssl.conf

100 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt

107 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key

[root@web-1 conf.d]# systemctl restart httpd.service

測試機

網頁重寫與虛擬主機的https

[root@web-1 html]# cd /etc/httpd/conf.d/

[root@web-1 conf.d]# firewall-cmd --permanent --add-service=http

success

[root@web-1 conf.d]# firewall-cmd --permanent --add-service=https

success

[root@web-1 conf.d]# firewall-cmd --reload

success

[root@web-1 conf.d]# vim music.conf

Servername music.westos.com

RewriteEngine on 容許網頁重寫

RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301] ##重寫爲https

</Virtualhost>

Require all granted ##受權

</Directory>

<Virtualhost *:443> ##443端口

Servername music.westos.com

Documentroot /var/www/virtual/music.westos.com/html

Customlog "logs/default-443.log" combined ##產生的日誌放在logs/default-443.log 下

SSLEngine on ##開啓認證

SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##證書

SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key ##鑰匙

</Virtualhost>

[root@web-1 conf.d]# vim news.conf

Servername news.westos.com

RewriteEngine on

RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]

</Virtualhost>

Require all granted

</Directory>

Servername news.westos.com

Documentroot /var/www/virtual/news.westos.com/html

Customlog "logs/news-443.log" combined

SSLEngine on

SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt

SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key

</Virtualhost>

[root@web-1 conf.d]# systemctl restart httpd

測試機操做

[root@maillinux ~]# vim /etc/hosts

172.25.254.109 www.westos.com westos.com news.westos.com music.westos.com

打開firefox輸入http://music.westos.com 會自動跳轉爲https://music.westos.com.

php

[root@web-1 html]# vim index.php

<?php

phpinfo ();

[root@web-1 html]# vim /etc/httpd/conf/httpd.conf

163 DirectoryIndex index.php index.html

[root@web-1 html]# chmod +x /var/www/html

[root@web-1 html]# systemctl restart httpd.service

cgi

[root@web-1 html]# mkdir cgi

[root@web-1 html]# yum install http-manual -y

[root@web-1 html]# cd cgi/

vim index.cgi

#!/usr/bin/perl

print "Content-type: text/html\n\n";

print `date`;

[root@web-1 html]# cd /etc/httpd/conf.d/

[root@web-1 conf.d]# vim default.conf

DocumentRoot /var/www/html

Customlog "logs/default.log" combined

</Virtualhost>

Options +ExecCGI

AddHandler cgi-script .cgi

</Directory>

[root@web-1 conf.d]# chmod +x /var/www/html/cgi/*

[root@web-1 conf.d]# semanage fcontext -a -t httpd_sys_script_exec_t '/var/www/html/cgi/(/.*)?'

[root@web-1 conf.d]# restorecon -RvvF /var/www/html/cgi/

[root@web-1 conf.d]# systemctl restart httpd.service

論壇

[root@web-1 html]# yum install mariadb -y 安裝數據庫

若沒有安裝數據庫，安裝後要進行安全設置。由於通常狀況下咱們不會把數據庫的端口裸露在外，因此要隱藏端口。

[root@web-1 html]# vim /etc/my.cnf

10 skip-networking=1

[root@web-1 html]# netstat -antlpe | grep mariadb

[root@web-1 html]# setenforce 0

[root@web-1 html]# systemctl start mariadb

下載論壇安裝包

Discuz_X3.2_SC_UTF8.zip

[root@web-1 html]# unzip Discuz_X3.2_SC_UTF8.zip

[root@web-1 html]# chmod 777 upload/ -R

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。

Linux 第十二週學習筆記 阿帕奇服務

Linux 第十二週學習筆記阿帕奇服務