Apache入門篇(三)之apache2.4.33的新特性解析與虛擬主機實戰
一、http 2.4新特性
新特性:
(1) 在編譯時能夠將多個MPM構建爲可加載模塊,能夠在運行時經過LoadModule指令配置所選的MPM;php
(2) 2.2版本的event MPM在實驗階段,到了2.4版本已經徹底支持event MPM;html
(3)更好地支持異步讀寫以支持MPM和各種平臺;apache
(4) 支持每模塊及每一個目錄分別使用各自的日誌級別;vim
(5) 按請求配置;<If>,<ElseIf>和<Else>部分可用於根據每一個請求標準設置配置;windows
(6) 加強版的表達式分析器;後端
(7) 支持毫秒級的keepalive timeout;centos
(8) 基於FQDN的虛擬主機再也不須要NameVirtualHost指令;服務器
(9)新AllowOverrideList指令容許更細粒度的控制,容許在.htaccess文件中使用哪些指令。curl
(10) 支持用戶自定義變量;異步
(11)減小了內存的使用量
新模塊:
(1) mod_proxy_fcgi 實現httpd以fcgi和後端php服務器相結合
(2) mod_ratelimit 實現速率限制
(3) mod_remoteip 實現遠端ip地址的控制
修改了一些配置機制:
再也不支持使用Order, Deny, Allow來作基於IP的訪問控制;
二、centos 7上apache 2.4和2.2版本配置差別解析
[root@localhost ~]# yum install -y httpd
[root@localhost ~]# rpm -qc httpd #查看yum安裝的httpd的配置文件
/etc/httpd/conf.d/autoindex.conf /etc/httpd/conf.d/userdir.conf /etc/httpd/conf.d/welcome.conf /etc/httpd/conf.modules.d/00-base.conf /etc/httpd/conf.modules.d/00-dav.conf /etc/httpd/conf.modules.d/00-lua.conf /etc/httpd/conf.modules.d/00-mpm.conf /etc/httpd/conf.modules.d/00-proxy.conf /etc/httpd/conf.modules.d/00-systemd.conf /etc/httpd/conf.modules.d/01-cgi.conf /etc/httpd/conf/httpd.conf /etc/httpd/conf/magic /etc/logrotate.d/httpd /etc/sysconfig/htcacheclean /etc/sysconfig/httpd
配置文件:
主配置文件:/etc/httpd/conf/httpd.conf
模塊配置文件:/etc/httpd/conf.modules.d/*.conf
輔助配置文件:/etc/httpd/conf.d/*.conf
mpm:以DSO機制提供,配置文件00-mpm.conf,須要修改不一樣的模式加載,只須要修改這個文件,再也不像2.2版本只能從新編譯加載不一樣的模式。
服務控制:systemctl {start|stop|restart|status|reload} httpd.service
(1)切換使用MPM
修改配置文件加載MPM模式的格式:
LoadModule mpm_NAME_module modules/mod_mpm_NAME.so
NAME: prefork, event, worker
[root@localhost ~]# vim /etc/httpd/conf.modules.d/00-mpm.conf #修改mpm模塊加載配置文件,加載使用event模式 LoadModule mpm_event_module modules/mod_mpm_event.so [root@localhost ~]# apachectl -t Syntax OK [root@localhost ~]# systemctl restart httpd [root@localhost ~]# httpd -M |grep mpm #重啓後,能夠看到httpd的mpm模式使用了動態共享模式進行加載 mpm_event_module (shared) [root@localhost ~]# vim /etc/httpd/conf.modules.d/00-mpm.conf #修改成work模式 LoadModule mpm_worker_module modules/mod_mpm_worker.so [root@localhost ~]# apachectl -t Syntax OK [root@localhost ~]# systemctl restart httpd [root@localhost ~]# httpd -M|grep mpm #重啓後能夠看到使用了work模式 mpm_worker_module (shared)
(2) 修改'Main' server的DocumentRoot
apache 2.4版本在設置虛擬主機時,已去除了NameVirtualHost的配置,直接在主配置文件中更改配置爲
IncludeOptional conf.d/*.conf便可模塊化修改虛擬主機的配置。
(3)基於IP的訪問控制法則
容許全部主機訪問:Require all granted
拒絕全部主機訪問:Require all deny
[root@localhost ~]# curl 192.168.56.11 #在192.168.56.13上訪問正常 <h1> welcome to use apache </h1> [root@localhost html]# vim /etc/httpd/conf/httpd.conf #修改主配置文件,拒絕全部主機訪問 <Directory "/var/www/html"> Options Indexes FollowSymLinks AllowOverride None Require all denied </Directory> [root@localhost html]# apachectl -t Syntax OK [root@localhost html]# systemctl restart httpd
[root@localhost ~]# curl 192.168.56.11 #從新訪問提示403
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /on this server.</p>
</body></html>
在windows上訪問測試頁面,提示沒有權限訪問,如圖:
控制特定IP訪問:
Require ip IPADDR:受權指定來源地址的主機訪問
Require not ip IPADDR:拒絕指定來源地址的主機訪問
IPADDR:
IP: 172.16.100.2
Network/mask: 172.16.0.0/255.255.0.0
Network/Length: 172.16.0.0/16
Net: 172.16
控制特定主機(HOSTNAME)訪問
Require host HOSTNAME
Require not host HOSTNAME
HOSTNAME:
FQDN: 特定主機
DOMAIN:指定域內的全部主機
[root@localhost html]# vim /etc/httpd/conf/httpd.conf #修改主配置文件httpd.conf <Directory "/var/www/html"> Options Indexes FollowSymLinks AllowOverride None <RequireAll> Require all granted Require not ip 192.168.56.13 #配置不容許192.168.56.13ip訪問 </RequireAll> </Directory> [root@localhost html]# apachectl -t Syntax OK [root@localhost html]# systemctl restart httpd [root@localhost ~]# curl 192.168.56.11 #訪問測試 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access / on this server.</p> </body></html>
三、apache 2.4編譯安裝虛擬主機配置實戰
(1)虛擬主機分類
虛擬主機是在同一 http 服務下部署多個站點,每一個站點都使用不一樣的域名和站點目錄,或不一樣 IP 和端口。也就是
一個 http 服務配置多個站點。
①基於域名的虛擬主機
②基於端口的虛擬主機
③基於 IP 的虛擬主機
(2)配置基於域名的虛擬主機
需求
| 域名 | 目錄 |
| www.abc.org | /var/html/www |
| blog.abc.org | /var/html/blog |
| bbs.abc.org | /var/html/bbs |
[root@localhost ~]# mkdir /var/html/{www,blog,bbs} -p #建立網站目錄 [root@localhost ~]# for name in www blog bbs;do echo "http://$name.abc.org" > /var/html/$name/index.html;done #建立主頁文件index.html [root@localhost ~]# for name in www blog bbs;do cat /var/html/$name/index.html;done http://www.abc.org http://blog.abc.org http://bbs.abc.org [root@localhost ~]# cp /usr/local/apache-2.4.33/conf/extra/httpd-vhosts.conf{,.bak_$(date +%F)} [root@localhost ~]# > /usr/local/apache-2.4.33/conf/extra/httpd-vhosts.conf #配置虛擬主機文件http-vhosts.conf [root@localhost ~]# vim !$ <VirtualHost *:80> ServerAdmin aaa@abc.com DocumentRoot "/var/html/www" ServerName www.abc.org ServerAlias abc.org ErrorLog "logs/www-error-log" CustomLog "logs/www-access-log" common </VirtualHost> <VirtualHost *:80> ServerAdmin aaa@abc.com DocumentRoot "/var/html/blog" ServerName blog.abc.org ErrorLog "logs/blog-error-log" CustomLog "logs/blog-access-log" common </VirtualHost> <VirtualHost *:80> ServerAdmin aaa@abc.com DocumentRoot "/var/html/bbs" ServerName bbs.abc.org ErrorLog "logs/bbs-error-log" CustomLog "logs/bbs-access-log" common </VirtualHost>[root@localhost ~]# vim /usr/local/apache-2.4.33/conf/httpd.conf #修改主配置文件httpd.conf,加載相關擴展配置 # Server-pool management (MPM specific) Include conf/extra/httpd-mpm.conf # Virtual hosts Include conf/extra/httpd-vhosts.conf [root@localhost ~]# /usr/local/apache-2.4.33/bin/apachectl -t #檢查配置文件語法 Syntax OK [root@localhost ~]# /usr/local/apache-2.4.33/bin/apachectl graceful #平滑重啓apache [root@localhost ~]# vim /etc/host #配置本地域名解析 192.168.56.11 www.abc.org bbs.abc.org blog.abc.org [root@localhost ~]# ping www.abc.org #檢查域名解析 [root@localhost ~]# ping bbs.abc.org [root@localhost ~]# ping blog.abc.org [root@localhost ~]# curl www.abc.org #curl訪問提示報錯403:禁止訪問 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access / on this server.<br /> </p> </body></html> 報 403 錯緣由: Apache 的主配置文件 httpd.conf 中沒有配置站點目錄的訪問權限,程序不能訪問/var/html/下的目錄和文件。 [root@localhost conf]# vim httpd.conf #配置站點目錄訪問權限 #在 httpd.conf 文件最後添加以下代碼:
<Directory "/var/html"> Options FollowSymLinks AllowOverride None Require all granted </Directory> 若是是apache 2.2版本使用以下配置: <Directory /> Options FollowSymLinks AllowOverride None Order deny,allow Allow from all </Directory> [root@localhost conf]# /usr/local/apache-2.4.33/bin/apachectl -t Syntax OK [root@localhost conf]# /usr/local/apache-2.4.33/bin/apachectl graceful [root@localhost ~]# curl www.abc.org http://www.abc.org [root@localhost ~]# curl bbs.abc.org http://bbs.abc.org [root@localhost ~]# curl blog.abc.org http://blog.abc.org
(3)配置基於端口的虛擬主機
(1)修改 httpd.conf 文件,配置監聽端口 [root@localhost conf]# vim httpd.conf 在 Listen 80 下面新增以下代碼: Listen 8001 Listen 8002 (2) 將 blog 和 bbs 站點監聽端口改成以下: [root@localhost conf]# vim extra/httpd-vhosts.conf <VirtualHost *:80> ServerAdmin aaa@abc.com DocumentRoot "/var/html/www" ServerName www.abc.org ServerAlias abc.org ErrorLog "logs/www-error-log" CustomLog "logs/www-access-log" common </VirtualHost> <VirtualHost *:8001> #監聽8001端口 ServerAdmin aaa@abc.com DocumentRoot "/var/html/blog" ServerName blog.abc.org ErrorLog "logs/blog-error-log" CustomLog "logs/blog-access-log" common </VirtualHost> <VirtualHost *:8002> #監聽8002端口 ServerAdmin aaa@abc.com DocumentRoot "/var/html/bbs" ServerName bbs.abc.org ErrorLog "logs/bbs-error-log" CustomLog "logs/bbs-access-log" common </VirtualHost> [root@localhost conf]# /usr/local/apache-2.4.33/bin/apachectl -t #檢查語法 Syntax OK [root@localhost conf]# /usr/local/apache-2.4.33/bin/apachectl graceful #平滑啓動apache [root@localhost conf]# netstat -tulnp |grep httpd #檢查監聽端口 tcp6 0 0 :::80 :::* LISTEN 51199/httpd tcp6 0 0 :::8001 :::* LISTEN 51199/httpd tcp6 0 0 :::8002 :::* LISTEN 51199/httpd [root@localhost conf]# curl blog.abc.org:8001 #測試訪問結果 http://blog.abc.org [root@localhost conf]# curl blog.abc.org:8002 http://bbs.abc.org
(4)配置基於IP的虛擬主機
(1)爲 eth0 臨時配置一個新 IP [root@localhost ~]# ifconfig eth0:0 192.168.56.110/24 up (2)檢查 [root@localhost ~]# ifconfig eth0:0 eth0:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.56.110 netmask 255.255.255.0 broadcast 192.168.56.255 ether 00:0c:29:ce:31:fd txqueuelen 1000 (Ethernet) [root@localhost ~]# ping 192.168.56.110 PING 192.168.56.110 (192.168.56.110) 56(84) bytes of data. 64 bytes from 192.168.56.110: icmp_seq=1 ttl=64 time=0.104 ms 64 bytes from 192.168.56.110: icmp_seq=2 ttl=64 time=0.034 ms 64 bytes from 192.168.56.110: icmp_seq=3 ttl=64 time=0.044 ms 64 bytes from 192.168.56.110: icmp_seq=4 ttl=64 time=0.059 ms ^C --- 192.168.56.110 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3001ms rtt min/avg/max/mdev = 0.034/0.060/0.104/0.027 ms (3)修改擴展配置文件 httpd-vhosts 文件,配置相關 IP [root@localhost conf]# vim extra/httpd-vhosts.conf #將blog.abc.org站點改成ip訪問 <VirtualHost 192.168.56.110:80> ServerAdmin aaa@abc.com DocumentRoot "/var/html/blog" ServerName 192.168.56.110 ErrorLog "logs/blog-error-log" CustomLog "logs/blog-access-log" common </VirtualHost> [root@localhost conf]# /usr/local/apache-2.4.33/bin/apachectl -t Syntax OK [root@localhost conf]# /usr/local/apache-2.4.33/bin/apachectl graceful [root@localhost conf]# curl 192.168.56.110 http://blog.abc.org
相關文章
- 1. Apache虛擬主機-解惑篇
- 2. Apache(Apache的虛擬主機)
- 3. apache虛擬主機配置及解析
- 4. Apache虛擬主機的三種配置
- 5. Apache虛擬主機
- 6. Apache的虛擬主機
- 7. Apache虛擬主機的實現方式
- 8. apache虛擬主機三種設置
- 9. ***阿里雲ECS實戰配置虛擬主機 + Apache 配置虛擬主機三種方式
- 10. 【Java】實戰Java虛擬機之三「G1的新生代GC」
- 更多相關文章...
- • MySQL 5.7的新特性(新功能) - MySQL教程
- • PHP 7 新特性 - PHP教程
- • Java Agent入門實戰(三)-JVM Attach原理與使用
- • 互聯網組織的未來:剖析GitHub員工的任性之源
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
歡迎關注本站公眾號,獲取更多信息
