Centos7系統下httpd各類方式實現與配置

時間 2019-11-24

標籤 centos7 centos 系統 httpd 各類方式實現配置欄目 Tomcat 简体版

原文原文鏈接

一、 Centos7系統下實現httpd-2.2的安裝，並分別實現prefork、worker、event等幾種工做方式

Centos 7上若yum安裝httpd程序，默認的是2.4的版本，所以沒法用yum 直接安裝，我這裏採起源碼安裝httpd-2.2
安裝前準備html

[root@xiaochen ~]# systemctl stop firewalld.service
[root@xiaochen ~]# vi /etc/sysconfig/selinux
[root@xiaochen ~]# setenforce 0
[root@xiaochen ~]# getenforce 
Permissive

安裝相應組件包linux

[root@xiaochen ~]# yum groupinstall "Development Tools" "Serverplatform Development" -y
[root@xiaochen ~]# wget http://archive.apache.org/dist/httpd/httpd-2.2.32.tar.gz

編譯安裝apache

[root@xiaochen ~]# tar -zxf httpd-2.2.32.tar.gz
[root@xiaochen ~]# cd httpd-2.2.32
[root@xiaochen httpd-2.2.32]# ./configure --prefix=/usr/local/apache2/ --sysconfdir=/etc/httpd2 --with-mpm=worker
[root@xiaochen httpd-2.2.32]# make && make install

設定環境變量與systemd後端

[root@xiaochen httpd-2.2.32]# cat /etc/profile.d/httpd.sh
export PATH=$PATH:/usr/local/apache2/bin
[root@localhost httpd-2.2.32]# ln -sv /usr/local/apache2/include /usr/include//httpd
‘/usr/include//httpd’ -> ‘/usr/local/apache2/include’
[root@xiaochen httpd-2.2.32]# cat /etc/man_config 
MANPATH /usr/local/apache2/man
[root@xiaochen httpd-2.2.32]# cat /lib/systemd/system/httpd.service 
[Unit]  
        Description=The httpd service
        After=network.target
        [Service]
        Type=forking
        ExecStart=/usr/local/apache2/bin/apachectl start
        ExecReload=/bin/kill -s HUP $MAINPID
        ExecStop=/usr/local/apache2/bin/apachectl stop
        Restart=/usr/local/apache2/bin/apachectl restart
        [Install]
        WantedBy=multi-user.target

啓動服務與驗證服務器

[root@localhost httpd-2.2.32]# systemctl daemon-reload
[root@localhost httpd-2.2.32]# systemctl start httpd.service
[root@localhost httpd-2.2.32]# ss -tan
State       Recv-Q Send-Q               Local Address:Port                              Peer Address:Port              
LISTEN      0      128                              *:22                                           *:*                  
LISTEN      0      100                      127.0.0.1:25                                           *:*                  
ESTAB       0      0                    192.168.10.10:22                                192.168.10.1:57790              
LISTEN      0      128                             :::80                                          :::*                  
LISTEN      0      128                             :::22                                          :::*                  
LISTEN      0      100                            ::1:25                                          :::*                  
[root@localhost httpd-2.2.32]# httpd -l
Compiled in modules:
  core.c
  mod_authn_file.c
  mod_authn_default.c
  mod_authz_host.c
  mod_authz_groupfile.c
  mod_authz_user.c
  mod_authz_default.c
  mod_auth_basic.c
  mod_include.c
  mod_filter.c
  mod_log_config.c
  mod_env.c
  mod_setenvif.c
  mod_version.c
  worker.c
  http_core.c
  mod_mime.c
  mod_status.c
  mod_autoindex.c
  mod_asis.c
  mod_cgid.c
  mod_negotiation.c
  mod_dir.c
  mod_actions.c
  mod_userdir.c
  mod_alias.c
  mod_so.c

按照以上方式便可實現prefork和event兩種方式（默認爲prefork方式）dom

./configure --prefix=/usr/local/apache2/ --sysconfdir=/etc/httpd --with-mpm=prefork
./configure --prefix=/usr/local/apache2/ --sysconfdir=/etc/httpd --with-mpm=event

prefork: 預先建立進程，兩級進程模型，父進程負責建立子進程，每一個子進程響應一個用戶請求
worker:父進程管理子進程，子進程經過線程響應用戶請求，每線程處理一個用戶請求
event:兩級模型，父進程管理子進程，子進程經過event-driver機制直接響應n個請求 curl

二、簡述request報文請求方法和狀態響應碼
請求方法（method）:
GET:從服務器獲取一個資源；
HEAD：只從服務器獲取文檔的響應首部；
POST:向服務器發送要處理的數據；
PUT：將請求的主體部分存儲在服務器上；
DELETE：請求刪除服務器上指定的文檔；
TRACE：追蹤請求到達服務器中間通過的代理服務器；
OPTIONS:請求服務器返回對指定資源支持使用的請求方法；ide
Status（狀態碼）：
1xx: 100-101，信息提示；
2xx: 200-206，成功
3xx: 300-305，重定向
4xx: 400-415，錯誤類信息，客戶端錯誤
5xx: 500-505，服務器端錯誤模塊化
經常使用的狀態碼：
200：成功，請求的全部數據經過響應報文的entity-body部分發送；OK
301：請求的URL指向的資源的已經被刪除；但在響應報文中經過首部Location指明瞭資源如今所處的新位置；Moved Permanently
302: 與301類似，但在響應報文中經過Location指明資源如今所處臨時新位置；Found
304: 客戶端發出了條件式請求，但服務器上的資源不曾發生改變，則經過響應此響應狀態碼通知客戶端；Not Modified
401: 須要輸入帳號和密碼認證方能訪問資源；Unauthorzed
403: 請求被禁止；Forbidden
404: 服務器沒法找到客戶端請求的資源；Not Found
500: 服務器內部錯誤；Internal Server Error
502: 代理服務器從後端服務器收到了一條僞響應； Bad Gateway測試
三、詳細描述httpd虛擬主機、站點訪問控制、基於用戶的訪問控制、持久連接等應用配置實例

虛擬主機的實現方案：
基於IP地址
基於端口號（port）
基於主機域名（FQDN）

注意點：

通常虛擬主機不要與中心主機混用，要使用虛擬主機，得先禁用「main」主機，禁用方法：註釋中心主機的DocumentRoot指令便可
配置VirtualHost,在httpd2.2中，NameVirtualHost這一項需啓用2.2以上版本不須要

基於IP地址

[root@xiaochen ~]# yum -y install httpd
[root@xiaochen ~]# ip addr add 192.168.10.30/24 dev ens32
[root@xiaochen ~]# ip addr add 192.168.10.31/24 dev ens32
[root@xiaochen ~]# mkdir -p /var/www/html/30
[root@xiaochen ~]# mkdir -p /var/www/html/31
[root@xiaochen ~]# echo "hello,ip address is "192.168.10.30"" > /var/www/html/30/index.html
[root@xiaochen ~]# echo "hello,ip address is "192.168.10.31"" > /var/www/html/31/index.html
[root@xiaochen ~]# vi /etc/httpd/conf.d/virtualhost.conf 
<VirtualHost 192.168.10.30:80>
DocumentRoot "/var/www/html/30"
ServerName www.magedu30.com
<Directory "/var/www/html/30">
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
<VirtualHost 192.168.10.31:80>
DocumentRoot "/var/www/html/31"
ServerName www.magedu31.com
<Directory "/var/www/html/31">
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
[root@xiaochen ~]# httpd -t
Syntax OK
[root@xiaochen ~]# systemctl restart httpd.service
#最後測試結果
root@xiaochen ~]# curl 192.168.10.30
hello,ip address is 192.168.10.30
[root@xiaochen ~]# curl 192.168.10.31
hello,ip address is 192.168.10.31

基於端口號：

[root@xiaochen ~]# mkdir -p /var/www/html/80
[root@xiaochen ~]# mkdir -p /var/www/html/10080
[root@xiaochen ~]# echo "hi,the ip port is '80'" >/var/www/html/80/index.html
[root@xiaochen ~]# echo "hi,the ip port is '10080'" >/var/www/html/10080/index.html
[root@xiaochen ~]# vi /etc/httpd/conf.d/test1.conf
<VirtualHost 192.168.10.10:80>
    ServerName www.magedu10.com
    DocumentRoot "/var/www/html/80"
    <Directory "/var/www/html/80">
             Options None
             AllowOverride None
             Require all granted
     </Directory>
     CustomLog "logs/test1_access_log"  combined
</VirtualHost>
[root@xiaochen ~]# vi /etc/httpd/conf.d/test2.conf 
Listen 10080
<VirtualHost 192.168.10.10:10080>
    ServerName www.test2.com
    DocumentRoot "/var/www/html/10080"
    <Directory "/var/www/html/10080">
           Options None
           AllowOverride None
           Require all granted
    </Directory>
    CustomLog "Logs/test2_access_log"  combined
</VirtualHost>
root@xiaochen ~]# httpd -t
Syntax OK
[root@xiaochen ~]# systemctl restart httpd
#最後驗證結果：
[root@xiaochen ~]# curl 192.168.10.10:80
hi,the ip port is '80'
[root@xiaochen ~]# curl 192.168.10.10:8080
hi,the ip port is '10080'

基於主機域名

[root@xiaochen ~]# mkdir -p /var/www/html/ilinux
[root@xiaochen ~]# mkdir -p /var/www/html/iunix
[root@xiaochen ~]# echo "domain name is 'www.ilinux.com'" >/var/www/html/ilinux/index.html
[root@xiaochen ~]# echo "domain name is 'www.iunix.com'" >/var/www/html/iunix/index.html
[root@xiaochen ~]# vi /etc/httpd/conf.d/virtualhost.conf 
<VirtualHost 192.168.10.10:80>
DocumentRoot "/var/www/html/ilinux"
ServerName www.ilinux.com
<Directory "</var/www/html/ilinux">
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
<VirtualHost 192.168.10.10:80>
DocumentRoot "/var/www/html/iunix"
ServerName www.iunix.com
<Directory "/var/www/html/iunix">
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
[root@xiaochen ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.10.10 www.ilinux.com www.iunix.com
[root@xiaochen ~]# httpd -t
Syntax OK
[root@xiaochen ~]# systemctl restart httpd
#最後測試結果：
[root@xiaochen ~]# curl www.ilinux.com
domain name is 'www.ilinux.com'
[root@xiaochen ~]# curl www.iunix.com
domain name is 'www.iunix.com'

站點訪問控制
禁止192.168.10.20訪問

[root@xiaochen ~]# cat /etc/httpd/conf.d/deny.conf 
<VirtualHost 192.168.10.10:80>
    ServerName www.ilinux.com
    DocumentRoot "/var/www/html"
    <Directory "/var/www/html">
           <Requireall>
                   Require all granted
                   Require not ip 192.168.10.20
           </Requireall>
     </Directory>
</VirtualHost>

基於用戶的訪問控制

[root@xiaochen ~]# htpasswd -c /tmp/test.users tom
New password: 
Re-type new password: 
Adding password for user tom
[root@xiaochen ~]# htpasswd -m /tmp/test.users jerry
New password: 
Re-type new password: 
Adding password for user jerry
[root@xiaochen ~]# htpasswd -m /tmp/test.users xiaochen
New password: 
Re-type new password: 
Adding password for user xiaochen
[root@xiaochen ~]# mv /tmp/test.users /etc/httpd/conf.d/.htpasswd
[root@xiaochen ~]# mkdir -p /var/www/html/testusers
[root@xiaochen ~]# echo "Testusers Area" > /var/www/html/testusers/index.html
[root@xiaochen ~]# cat /etc/httpd/conf.d/testusers.conf 
<Directory "/var/www/html/testusers">
    Options None
    AllowOverride None
    AuthType basic
    AuthName "Test Area,pls enter your username and password"
    AuthUserFile "/etc/httpd/conf.d/.htpasswd"
    Require user tom jerry obama
</Directory>
[root@xiaochen ~]# cat /etc/httpd/conf.d/virtualhost.conf 
<VirtualHost 192.168.10.10:80>
DocumentRoot "/var/www/html/testusers"
ServerName www.ilinux.com
<Directory "</var/www/html/testusers">
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
<VirtualHost 192.168.10.10:80>
DocumentRoot "/var/www/html/testusers"
ServerName www.iunix.com
<Directory "/var/www/html/testusers">
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
[root@xiaochen ~]# httpd -t
Syntax OK 
[root@xiaochen ~]# systemctl restart httpd

最後測試：

持久連接
持久連接是創建連接後持續獲取資源不斷開，一直響應到把須要獲取的資源都成功獲取了之後才終止連接

#建立模塊化文件
[root@xiaochen ~]# cat /etc/httpd/conf.d/keepalive.conf 
KeepAlive On
KeepAliveTimeout 35
MaxKeepAliveRequests 100
[root@xiaochen ~]# httpd -t
Syntax OK
[root@xiaochen ~]# systemctl restart httpd