目錄:
一、centos6使用httpd-2.2基於域名構建httpd服務
二、centos7使用httpd2.4基於域名構建httpd服務
三、centos6編譯安裝httpd-2.4基於域名構建httpd服務
一、centos6使用httpd-2.2基於域名構建httpd服務:
1、安裝http服務:
yum -y install httpd
2、編輯主配置文件開啓Name VirtualHost
NameVirtualHost 192.168.1.100:80
3、創建DocumentRoot及編輯網頁內容
[root@bogon ~]# mkdir -p /data/vhost/www1 [root@bogon ~]# mkdir -p /data/vhost/www2 [root@bogon www1]# echo "www1" >index.html [root@bogon www2]# echo "www2" >index.html
4、建立基於www1域名的虛擬主機
要求:
##定義訪問日誌和錯誤日誌
##定義192.168.1.0網段禁止訪問
##訪問www1.magedu.com/server-status輸出狀態頁面,並且僅root用戶可以訪問
具體配置如下:
[root@bogon ~]# vim /etc/httpd/conf.d/vhost1.conf <VirtualHost 192.168.1.100:80> DocumentRoot /data/vhost/www1 ServerName www1.magedu.com CustomLog /var/log/httpd/www1/aceess_log common ErrorLog /var/log/httpd/www1/err_log##日誌文件路徑需要自己創建即可,否則啓服務失敗 <Directory "/data/vhost/www1"> options None AllowOverride None Order allow,deny deny from 192.168.1.0 ###現在192.168.1.0網段中的任何主機都不可訪問www1 </Directory> <Location /server-status> ###設置訪問www1.magedu.com/server-status的狀態信息 SetHandler server-status Order allow,deny Allow from 192.168.1 AuthType Basic AuthName "admin" AuthUserFile "/etc/httpd/conf/.htpasswd"###用戶認證文件 Require valid-user </Location> </VirtualHost> [root@bogon conf]# htpasswd -c -m /etc/httpd/.htpasswd aa ##建立認證用戶 ok重啓或重加載測試
5、建立基於www2域名的虛擬主機
要求:
###定義訪問日誌和錯誤日誌
###訪問此站點爲https安全站點
具體配置如下:
<VirtualHost 192.168.1.100:80> DocumentRoot /data/vhost/www2 ServerName www2.magedu.com ErrorLog /var/log/httpd/www2/error_log ##定義錯誤日誌 CustomLog /var/log/httpd/www2/access_log common ##定義訪問日誌 </VirtualHost>
將此站點構建成HTTPS安全訪問:
建立CA:
1)生成私鑰文件:
[root@bogon tls]# (umask 077; openssl genrsa -out /etc/pki/CA/private/cakey.pem 2048)
2)生成自簽證書
[root@bogon CA]# openssl req -new -x509 -key /etc/pki/CA/private/cakey.pem -out /etc/pki/CA/cacert.pem -days 3655 Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:beijing Locality Name (eg, city) [Default City]:beijing Organization Name (eg, company) [Default Company Ltd]:magedu.com Organizational Unit Name (eg, section) []:yunwei Common Name (eg, your name or your server's hostname) []:bogon Email Address []:[email protected]
3)爲CA提供文件
[root@bogon CA]# touch {serial,index.txt}
[root@bogon CA]# echo 01 > serialhttp服務器進行配置如下:
1)生成私鑰
[root@bogon ~]# mkdir /etc/httpd/ssl [root@bogon ~]# cd /etc/httpd/ssl [root@bogon ssl]# (umask 077; openssl genrsa -out /etc/httpd/ssl/httpd.key 2048)
2)生成證書請求:
[root@bogon ssl]# openssl req -new -key /etc/httpd/ssl/httpd.key -out /etc/httpd/ssl/httpd.csr -days 365 Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:beijing Locality Name (eg, city) [Default City]:beijing Organization Name (eg, company) [Default Company Ltd]:magedu.com Organizational Unit Name (eg, section) []:yunwei Common Name (eg, your name or your server's hostname) []:bogon Email Address []:[email protected] Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:
3)將此請求證書傳給CA簽署
[root@bogon ssl]# scp httpd.csr 192.168.1.100:/tmp
4)CA簽署證書併發給請求者
[root@bogon tmp]# openssl ca -in /tmp/httpd.csr -out /etc/pki/CA/certs/httpd.crt -days 365
[root@bogon certs]# scp httpd.crt [email protected]:/etc/httpd/ssl/
5)http要支持ssl就需要安裝mod_ssl模塊
[root@bogon ~]# yum -y install mod_ssl
6)配置/etc/httpd/conf.d/ssl.conf文件
<VirtualHost 192.168.1.100:443> DocumentRoot "/data/vhost/www2" ServerName www2.magedu.com SSLCertificateFile /etc/httpd/ssl/httpd.crt SSLCertificateKeyFile /etc/httpd/ssl/httpd.key
7)重啓服務測試即可
[root@bogon ~]# httpd -t Syntax OK [root@bogon ~]# service httpd reload Reloading httpd:
------------------------------------分隔線---------------------------------------
二、centos7使用httpd2.4基於域名構建httpd服務
centos7上的httpd-2.4基本同centos6上的httpd2.2一樣,所有有的地方就不詳細的說明和操作了。
1、安裝httpd服務
yum -y install httpd
2、創建網頁及儲存路徑
mkdir -p /data/vhost/www{1,2}
echo "centos7 www1" > /data/vhost/www1/index.html
echo "centos7 www2" > /data/vhost/www2/index.html
3、建立虛擬主機www1並且做相應的限制等
[root@bogon ~]# vim /etc/httpd/conf.d/vhost1.conf <VirtualHost 192.168.1.104:80> DocumentRoot /data/vhost/www1 ServerName www1.magedu.com CustomLog /var/log/httpd/www1/acess_log common ErrorLog /var/log/httpd/www1/err_log <Directory "/data/vhost/www1"> Options None AllowOverride None ##定義訪問權限: <RequireAll> Require all granted Require not ip 192.168 </RequireAll> </Directory> ####定義狀態頁面並且認證 <Location "/server-status"> SetHandler server-status Require all granted AuthType Basic AuthName "admin" AuthUserFile "/etc/httpd/.htpasswd" Require valid-user </Location> </VirtualHost>
4、建立虛擬主機www2
[root@bogon ~]# vim /etc/httpd/conf.d/vhost2.conf <VirtualHost 192.168.1.104:80> DocumentRoot /data/vhost/www2 ServerName www2.magedu.com CustomLog /var/log/httpd/www2/acess_log common ErrorLog /var/log/httpd/www2/err_log <Directory "/data/vhost/www2"> Options None AllowOverride None Require all granted </Directory> </VirtualHost>
----------------------------------分隔線-----------------------------------------
三、centos6編譯安裝httpd-2.4基於域名構建httpd服務
由於httpd-2.4所依賴的apr和apr-until需要1.4版本以上。而centos默認自帶的版本比較低,所以我們在centos6使用httpd-2.4的時候需要我們手動進行編譯安裝纔可以:
準備工具:apr-1.4.6.tar
apr-util-1.4.1.tar
httpd-2.4.6.tar
1、安裝開發包組件
[root@bogon ~]# yum -y install prce-devel
[root@bogon ~]# yum groupinstall Development tools Server Platform Development
2、安裝apr
[root@bogon ~]# tar xf apr-1.4.6.tar.bz2 [root@bogon ~]# cd apr-1.4.6 [root@bogon apr-1.4.6]# ./configure --prefix=/usr/local/apr [root@bogon apr-1.4.6]# make && make install
3、安裝apr-until
[root@bogon ~]# tar xf apr-util-1.4.1.tar.bz2 [root@bogon ~]# cd apr-util-1.4.1 [root@bogon apr-util-1.4.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr [root@bogon apr-util-1.4.1]# make && make install
4、編譯安裝httpd2.4
[root@bogon ~]# tar xf httpd-2.4.6.tar.bz2 [root@bogon ~]# cd httpd-2.4.6 [root@bogon httpd-2.4.6]# ./configure --prefix=/usr/local/apache24 --sysconfdir= /etc/httpd24 --enable-so --enable--ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util --enable-modules=most --enable-mpms-shared=all --with-mpm=prefork [root@bogon ~]# make && make install
5、啓動服務查查看下監聽端口
[root@bogon ~]# /usr/local/apache24/bin/apachectl start [root@bogon ~]# ss -tnl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 :::53263 :::* LISTEN 0 128 :::111 :::* LISTEN 0 128 *:111 *:* LISTEN 0 128 :::80 :::*
6、開啓虛擬主機模塊編輯配置文件去除#即可
[root@bogon ~]# vim /etc/httpd24/httpd.conf Include /etc/httpd24/extra/httpd-vhosts.conf ##啓用此項
7、配置虛擬主機
[root@bogon ~]# vim /etc/httpd24/extra/httpd-vhosts.conf <VirtualHost 192.168.1.100:80> DocumentRoot "/usr/local/apache24/htdocs/test1" ServerName test1.ma.com ErrorLog "/var/log/test1/errlog" CustomLog "/var/log/test1/acccesslog" common </VirtualHost> <VirtualHost 192.168.1.100:80> DocumentRoot "/usr/local/apache24/htdocs/test2" ServerName test2.ma.com ErrorLog "/var/log/test2/errlog" CustomLog "/var/log/test2/accesslog" common </VirtualHost>
8、創建網頁測試文檔
[root@bogon htdocs]# pwd /usr/local/apache24/htdocs [root@bogon htdocs]# mkdir test1 test2 [root@bogon htdocs]# echo "test1" > test1/index.html [root@bogon htdocs]# echo "test2" > test2/index.html
9、檢查配置文件是否正確
[root@bogon ~]# apachectl -t Syntax OK
10、重啓啓動服務測試
[root@bogon ~]# /usr/local/apache24/bin/apachectl restart [root@bogon ~]# curl http://test1.ma.com test1 [root@bogon ~]# curl http://test2.ma.com test2