apache

##apache##

 

 

將實驗機的hostname改爲web1.web1.com

 

1.安裝httpd服務，並啓動httpd

[root@web1 ~]# yum install httpd -y

[root@web1 ~]# systemctl start httpd

 

cd到/var/www/html

[root@web1 ~]# cd /var/www/html/

 

編輯一個文件index.html(該文件由自己命名)

[root@web1 html]# vim index.html

[root@web1 html]# cat index.html

www.拉閘.com

關閉火牆

[root@web1 html]# firewall-cmd --permanent --add-service=http

success

[root@web1 html]# firewall-cmd --reload

success

 

測試

在真機上訪問index.html所在的ip

 

 

 

2.cd到/etc/httpd/conf.d

[root@web1 html]# cd /etc/httpd/conf.d

[root@web1 conf.d]# ls

autoindex.conf  php.conf  README  userdir.conf  welcome.conf

 

安裝mod_ssl  ，crypto-utils

[root@web1 conf.d]# yum install mod_ssl -y

Loaded plugins: langpacks

rhel_dvd            | 4.1 kB     00:00     

 

[root@web1 conf.d]# yum install crypto-utils -y

Loaded plugins: langpacks

 

[root@web1 conf.d]# genkey www.拉閘.com

 

 

 

 

在此期間頻繁動鼠標鍵盤，可加快速度

 

 

 

......

subject = CN=www.拉閘.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN

valid for 1 months

random seed from /etc/pki/tls/.rand.3458

output will be written to /etc/pki/tls/certs/www.拉閘.com.crt

output key written to /etc/pki/tls/private/www.拉閘.com.key

.......

 

編輯ssl.conf

加入證書文件和證書鑰匙文件

 

SSLCertificateFile /etc/pki/tls/certs/www.拉閘.com.crt

 

#   Server Private Key:

#   If the key is not combined with the certificate, use this

#   directive to point at the key file.  Keep in mind that if

#   you've both a RSA and a DSA private key you can configure

#   both in parallel (to also allow the use of DSA ciphers, etc.)

SSLCertificateKeyFile /etc/pki/tls/private/www.拉閘.com.key

[root@web1 conf.d]# systemctl restart httpd.service

 

新建一個文件default.conf（自己命名）

[root@web1 conf.d]# vim default.conf

<Virtualhost _default_:80>

        DocumentRoot /var/www/html

        Customlog logs/default.logcombined

</Virtualhost>

 

 

[root@web1 conf.d]# mkdir -p /var/www/virtual/news/html

[root@web1 conf.d]# mkdir -p /var/www/virtual/ent/html

新建一個文件news.conf(自己命名)

[root@web1 conf.d]# vim news.conf

<Virtualhost *:80>

        ServerName news.lazha.com

        DocumentRoot /var/www/virtual/news/html

        Customlog logs/news.log combined

</Virtualhost>

<Directory "/var/www/virtual/news/html">

        Require all granted

</Directory>

[root@web1 conf.d]# cp news.conf ent.conf

[root@web1 conf.d]# vim ent.conf

<Virtualhost *:80>

        ServerName ent.lazha.com

        DocumentRoot /var/www/virtual/ent/html

        Customlog logs/ent.log  combined

</Virtualhost>

<Directory "/var/www/virtual/ent/html">

        Require all granted

</Directory>

 

[root@web1 conf.d]# echo news.lazha.com > /var/www/virtual/news/html/index.html

[root@web1 conf.d]# echo ent.lazha.com > /var/www/virtual/ent/html/index.html

[root@web1 conf.d]# systemctl restart httpd.service

在瀏覽器所在主機編輯/etc/hosts

[root@foundation20 ~]# vim /etc/hosts

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4

::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

172.25.254.220 www.westos.com  westos.com music.westos.com news.westos.com

172.25.254.120 www.拉閘.com   news.lazha.com  ent.lazha.com##添加

 

 

 

3.網頁重寫

[root@web1 conf.d]# vim news.conf

<Virtualhost *:80>

        ServerName news.lazha.com

        RewriteEngine on

        RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]

</Virtualhost>

<Directory "/var/www/virtual/news/html">

        Require all granted

</Directory>

<Virtualhost *:443>##

        ServerName news.lazha.com   ##

        DocumentRoot /var/www/virtual/news/html   ##

        Customlog logs/news-443.log     combined   ##

        SSLEngine on   ##子網頁的https登陸

        SSLCertificateFile /etc/pki/tls/certs/www.拉閘.com.crt##

        SSLCertificateKeyFile /etc/pki/tls/private/www.拉閘.com.key  ##

</Virtualhost> ##

[root@web1 conf.d]# systemctl restart httpd.service

 

測試：

在真機瀏覽器輸入：http://news.lazha.com

此時上述輸入的域名會自動變爲：https://news.lazha.com

 

 

 

 

 

4.php網頁和cgi網頁

cd到/var/www/html

新建並編輯文件index.php

[root@web1 conf.d]# cd /var/www/html/

[root@web1 html]# ls

index.html  saozhu

[root@web1 html]# vim index.php

<?php

phpinfo ();

?>

~                                                                       

~      

[root@web1 html]# vim /etc/httpd/conf/httpd.conf

164     DirectoryIndex index.php index.html

[root@web1 html]# systemctl restart httpd.service

 

[root@web1 html]# yum install php -y

Loaded plugins: langpacks

[root@web1 cgi]# yum install php-mysql.x86_64 -y

Loaded plugins: langpacks

測試：此時在網頁輸入172.25.254.2顯示頁面爲

 

 

 

 

[root@web1 cgi]# yum install httpd-manual -y

Loaded plugins: langpacks

Resolving Dependencies

--> Running transaction check

......

下載完manual可以在172.25.254.2/manual裏的CGL:Dyanmic Content裏查看下面所編輯的文件的內容

[root@web1 cgi]# vim index.cgi

#!/usr/bin/perl

print "Content-type: text/html\n\n";

print `date`;

[root@web1 cgi]# chmod +x index.cgi

[root@web1 cgi]# perl index.cgi

Content-type: text/html

 

Sat Dec 10 00:00:54 EST 2016

 

[root@web1 conf.d]# vim default.conf

<Virtualhost _default_:80>

        DocumentRoot /var/www/html

        Customlog "logs/default.log"    combined

</Virtualhost>

<Directory "/var/www/html/cgi">

        Options +ExecCGI

        AddHandler cgi-script .cgi

</Directory>

[root@web1 conf.d]# systemctl restart httpd.service

測試：

在瀏覽器輸入172.25.254.2/cgi

 

 

 

刷新頁面會看到時間的變化

 

*****

在此項實驗如果未關閉selinux的情況下可做如下操作

 

[root@web1 conf.d]# cd /var/www

[root@web1 www]# ls

cgi-bin  html  virtual

[root@web1 www]# ls -Zd cgi-bin/

drwxr-xr-x. root root system_u:object_r:httpd_sys_script_exec_t:s0 cgi-bin/

[root@web1 www]# semanage fcontext -a -t httpd_sys_script_exec_t

[root@web1 www]# semanage fcontext -a -t httpd_sys_script_exec_t '/var/www/html/cgi(/.*)?'

[root@web1 www]# restorecon -FvvR /var/www/html/cgi/##刷新標籤（將之前的標籤改爲改過後的標籤）

restorecon reset /var/www/html/cgi context unconfined_u:object_r:httpd_sys_content_t:s0->system_u:object_r:httpd_sys_script_exec_t:s0

restorecon reset /var/www/html/cgi/index.cgi context unconfined_u:object_r:httpd_sys_content_t:s0->system_u:object_r:httpd_sys_script_exec_t:s0

[root@web1 www]# getenforce

Enforcing

*****

 

5.搭建論壇

[root@web1 www]# yum install mariadb-server -y

Loaded plugins: langpacks

[root@web1 www]# systemctl start mariadb

[root@web1 ~]# netstat  -antple | grep mysql

tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN      27         94425      6820/mysqld         

[root@web1 ~]# vim /etc/my.cnf

# instructions in http://fedoraproject.org/wiki/Systemd    

skip-networking=1##隱藏mysql的端口,不讓它在互聯網裏暴露，確保數據庫網絡環境安全這行是加入的

[root@web1 ~]# systemctl restart mariadb

[root@web1 ~]# netstat  -antple | grep mysql

沒有顯示

[root@web1 html]# unzip Discuz_X3.2_SC_UTF8.zip

[root@web1 html]# ls

cgi                      index.html  readme  upload

Discuz_X3.2_SC_UTF8.zip  index.php   saozhu  utility

[root@web1 html]# chmod 777 upload/data/ upload/config/ -R

[root@web1 html]# setenforce 0

[root@web1 html]# systemctl restart httpd.service

 

 

 

squid正向代理

[root@web1 html]# yum install squid -y

Loaded plugins: langpacks

Resolving Dependencies

[root@web1 squid]# vim /etc/squid/squid.conf

 56 http_access allow all

  57

 58 # Squid normally listens to port 3128

 59 http_port 3128

  60

 61 # Uncomment and adjust the following to add a disk cache directory.

 62 cache_dir ufs /var/spool/squid 100 16 256

[root@web1 squid]# systemctl restart squid.service

 

 

 

 

squid反向代理

在要做實驗的主機上卸載httpd服務並刪除殘留文件

[root@web1 ~]# yum remove httpd -y

Loaded plugins: langpacks

Resolving Dependencies

..

warning: /etc/httpd/conf/httpd.conf saved as /etc/httpd/conf/httpd.conf.rpmsave

  Verifying  : php-5.4.16-21.el7.x86_64                                     1/4

  Verifying  : 1:mod_ssl-2.4.6-17.el7.x86_64                                2/4

  Verifying  : httpd-manual-2.4.6-17.el7.noarch                             3/4

  Verifying  : httpd-2.4.6-17.el7.x86_64                                    4/4

 

Removed:

  httpd.x86_64 0:2.4.6-17.el7                                                   

 

Dependency Removed:

  httpd-manual.noarch 0:2.4.6-17.el7        mod_ssl.x86_64 1:2.4.6-17.el7       

  php.x86_64 0:5.4.16-21.el7               

 

Complete!

 

[root@web1 ~]#rm -fr /etc/httpd

此時在其他主機上訪問不到本主機的ip （訪問出錯）

 

安裝squid服務

[root@web1 ~]# yum install squid -y

[root@web1 ~]# systemctl start squid

[root@web1 etc]# vim /etc/squid/squid.conf

 56 http_access allow all

 57

 58 # Squid normally listens to port 3128

 59 http_port 80 vhost vport

 60 cache_peer 172.25.254.3 parent 80 0 no-query

     |||| || || ||

                                                       

 61 # Uncomment and adjust the following to add a disk cache directory.

 62 cache_dir ufs /var/spool/squid 100 16 256

 

[root@web1 etc]# systemctl restart squid.service

測試

在真機上用瀏覽器訪問172.25.254.120顯示的結果是172.25.254.3的默認發佈目錄裏的東西

 

默認發佈目錄在/var/www/html下邊

vim /etc/httpd/conf/httpd.conf

 

[root@web1 etc]# vim /etc/squid/squid.conf

 56 http_access allow all

  57

 58 # Squid normally listens to port 3128

 59 http_port 80 vhost vport

 60 cache_peer 172.25.254.3 parent 80 0 no-query originserver round-robin name=web1

 61 cache_peer 172.25.254.4 parent 80 0 no-query originserver round-robin name=web2

 62 cache_peer_domain web1 web2 www.taobao.com

 63 # Uncomment and adjust the following to add a disk cache directory.

 64 cache_dir ufs /var/spool/squid 100 16 256

[root@web1 etc]# systemctl restart squid.service

[root@web1 etc]# systemctl stop firewalld.service

測試

[root@foundation20 ~]# vim /etc/hosts

172.25.254.120 www.westos.com   news.westos.com  ent.westos.com www.taobao.com

~   

在真機上通過瀏覽器訪問www.taobao.com 刷新就會看見ip爲172.25.254.3和172.25.254.4的默認發佈目錄裏的內容