apache
###apache服務###
###查看服務器版本
curl -I www.XXX.com
###安裝服務
yum install httpd -y
systemctl start httpd
systemctl enable httpd
firewall-cmd --permanent --add-service=http
firewall-cmd --reload
systemctl restart httpd
###更改默認發佈目錄
vim /etc/httpd/conf/httpd.conf
164 DirectoryIndex westos index.html ##默認發佈目錄爲/var/www/html/index 改爲westos 誰在前面誰的優先級高
119 DocumentRoot "/var/www/html" ##默認發佈目錄
<Directory "/www/html"> ##更改默認發佈目錄爲/www/html
122 Require all granted
123 </Directory>
[root@server102 html]# mkdir -p /www/html
[root@server102 html]# echo meilijingjingjie > /www/html/index.html
systemctl restart httpd.service
[root@server102 html]# getenforce ##selinux爲強制級別
Enforcing
[root@server102 html]# setenforce 0
或
[root@server102 html]# semanage fcontext -a -t httpd_sys_content_t '/www(/.*)?'
[root@server102 html]# restorecon -RvvF /www/
###更改端口
[root@server102 html]# vim /etc/httpd/conf/httpd.conf
42 Listen 8080 ##更改端口爲8080
[root@server102 html]# firewall-cmd --permanent --add-port=8080
[root@server102 html]# firewall-cmd --reload
###apache虛擬主機
配置文件還原 並systemctl restart httpd.service
[root@server102 html]# cd /etc/httpd/conf/
[root@server102 conf]# vim default.conf
[root@server102 conf]# cat default.conf
<Virtualhost _default_:80>
DocumentRoot /var/www/html
CustomLog logs/default.log combined
</Virtualhost>
[root@server102 conf]# mkdir /var/www/virtual -p
[root@server102 conf]# mkdir /var/www/virtual/news/html -p
[root@server102 conf]# mkdir /var/www/virtual/ent/html -p
[root@server102 conf]# echo news.westos.com >/var/www/virtual/news/html/index.html
[root@server102 conf]# echo ent.westos.com >/var/www/virtual/ent/html/index.html
[root@server102 [root@server102 conf]# cat news.conf
<Virtualhost *:80>
ServerName news.westos.com
DocumentRoot /var/www/virtual/news/html
CustomLog logs/news.log combined
</Virtualhost>
<Directory "/var/www/virtual/news/html">
Require all granted
</Directory>
[root@server102 conf]# vim ent.conf
[root@server102 conf]# cat ent.conf
<Virtualhost *:80>
ServerName ent.westos.com
DocumentRoot /var/www/virtual/ent/html
CustomLog logs/ent.log combined
</Virtualhost>
<Directory "/var/www/virtual/ent/html">
Require all granted
</Directory>
[root@server102 conf]# vim /etc/hosts
172.25.254.102 www.westos.com news.westos.com ent.westos.com
測試:在解析所在主機測試,也可以但見DNS解析
[root@server102 conf]# systemctl restart httpd
###設定黑白名單
[root@server102 conf.d]# cat default.conf
<Virtualhost _default_:80>
DocumentRoot /var/www/html
CustomLog logs/default.log combined
</Virtualhost>
<Directory "/var/www/html">
Require all granted
Order deny,allow ##先讀deny再讀allow,誰在前面先讀誰
Deny from all
Allow from 172.25.254.102 ##黑名單拒絕所有人,白名單允許的則生效
</Directory>
###登陸用戶密碼
[root@server102 httpd]# pwd
/etc/httpd
[root@server102 httpd]# htpasswd -cm htpasswd admin ##c表示創建m表示添加
New password:
Re-type new password:
Adding password for user admin
[root@server102 httpd]# htpasswd -m htpasswd zdb ##再次添加用戶不加參數c
New password:
Re-type new password:
Adding password for user zdb
[root@server102 conf.d]# vim default.conf
[root@server102 conf.d]# cat default.conf
<Virtualhost _default_:80>
DocumentRoot /var/www/html
CustomLog logs/default.log combined
</Virtualhost>
<Directory "/var/www/html">
AuthUserFile "/etc/httpd/htpasswd"
AuthName "Please input your name and password"
AuthType basic
Require user admin ##admin表示使用這個用戶和密碼
</Directory>
[root@server102 conf.d]# systemctl restart httpd.service
###apache手冊
[root@server102 conf.d]# yum install httpd-manual -y
[root@server102 conf.d]# systemctl restart httpd.service
直接訪問 172.25.254.102/manual
###https
[root@server102 conf.d]# yum install mod_ssl -y
[root@server102 conf.d]# systemctl restart httpd.service
/etc/httpd/conf.d生成ssl.conf文件
[root@server102 conf.d]# firewall-cmd --permanent --add-service=https
[root@server102 conf.d]# firewall-cmd --reload
[root@server102 conf.d]# yum install crypto-utils -y
[root@server102 conf.d]# genkey www.westos.com
生成證書
[root@server102 conf.d]# vim ssl.conf
100 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
107 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
[root@server102 conf.d]# systemctl restart httpd.service
訪問https://172.25.254.102
[root@server102 conf.d]# vim ent.conf
[root@server102 conf.d]# cat ent.conf
<Virtualhost *:443>
ServerName ent.westos.com
DocumentRoot /var/www/virtual/ent/html
CustomLog logs/ent.log combined
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
<Virtualhost>
<Virtualhost *:80>
ServerName ent.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
<Directory "/var/www/virtual/ent/html">
Require all granted
</Directory>
[root@server102 conf.d]# systemctl restart httpd.service
訪問 http://ent.westos.com 自動轉換爲 https://ent.westos.com 並顯示內容
###php,cgi
[root@server102 html]# pwd
/var/www/virtual/news/html
[root@server102 html]# vim index.php
[root@server102 html]# cat index.php
<?php
phpinfo();
?>
[root@server102 html]# yum install php -y
[root@server102 conf.d]# pwd
/etc/httpd/conf.d
[root@server102 conf.d]# vim news.conf
<Virtualhost *:80>
ServerName news.westos.com
DocumentRoot /var/www/virtual/news/html
CustomLog logs/news.log combined
</Virtualhost>
<Directory "/var/www/virtual/news/html">
DirectoryIndex index.php
Require all granted
</Directory>
[root@server102 conf.d]# mkdir /var/www/virtual/news/html/cgi
[root@server102 conf.d]# vim /var/www/virtual/news/html/cgi/index.cgi
#!/usr/bin/prel
print "Content-type: test/html\n\n";
print `date`;
[root@server102 conf.d]# vim news.conf
[root@server102 conf.d]# cat news.conf
<Virtualhost *:80>
ServerName news.westos.com
DocumentRoot /var/www/virtual/news/html
CustomLog logs/news.log combined
</Virtualhost>
<Directory "/var/www/virtual/news/html">
DirectoryIndex index.php index.cgi
Require all granted
</Directory>
[root@server102 conf.d]# vim news.conf
[root@server102 conf.d]# cat news.conf
<Virtualhost *:80>
ServerName news.westos.com
DocumentRoot /var/www/virtual/news/html
CustomLog logs/news.log combined
</Virtualhost>
<Directory "/var/www/virtual/news/html">
DirectoryIndex index.php index.cgi
Require all granted
</Directory>
<Directory "/var/www/virtual/news/html/cgi">
Options +ExecCGI
AddHandler cgi-script .cgi
</Directory>
[root@server102 conf.d]# setenforce 0
或修改安全上下文
[root@server102 conf.d]# semanage fcontext -a -t httpd_sys_script_exec_t '/var/www/virtual/news/html/cgi(/.*)?'
[root@server102 conf.d]# restorecon -RvvF /var/www/virtual/news/html/cgi
###論壇搭建
[root@server102 conf.d]# yum install mariadb-server -y
[root@server102 conf.d]# vim /etc/my.cnf
10 skip-networking=1
[root@server102 conf.d]# systemctl restart mariadb
[root@server102 conf.d]# mysql_secure_installation
/usr/bin/mysql_secure_installation: line 379: find_mysql_client: command not found
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n]
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n]
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n]
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n]
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
[root@server102 html]# pwd
/var/www/virtual/news/html
[root@server102 html]# yum install lftp -y
[root@server102 html]# lftp 172.25.254.250
lftp 172.25.254.250:~> cd pub/
lftp 172.25.254.250:/pub> get Discuz_X3.2_SC_UTF8.zip
12486177 bytes transferred
[root@server102 html]# unzip Discuz_X3.2_SC_UTF8.zip
[root@server102 upload]# chmod 777 * -R
[root@server102 upload]# setenforce 0
[root@server102 upload]# yum install php-mysql -y
訪問 http://news.westos.com/upload/forum.php
[root@server102 html]# curl -I news.westos.com
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2016 08:36:26 GMT
Server: Apache/2.4.6 (Red Hat) OpenSSL/1.0.1e-fips PHP/5.4.16
Last-Modified: Fri, 09 Dec 2016 01:14:23 GMT
ETag: "1c-5432f79764a64"
Accept-Ranges: bytes
Content-Length: 28
Content-Type: text/html; charset=UTF-8
###wsgi
[root@server102 html]# lab webapp setup
Creating web application files... SUCCESS
[root@server102 html]# cd /home/student/
[root@server102 student]# ls
webapp.wsgi
[root@server102 student]# cp webapp.wsgi /var/www/virtual/news/html/cgi/
[root@server102 student]# cd /etc/httpd/conf.d/
[root@server102 conf.d]# vim ent.conf
[root@server102 conf.d]# cat ent.conf
<Virtualhost *:443>
ServerName ent.westos.com
DocumentRoot /var/www/virtual/ent/html
CustomLog logs/ent.log combined
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
WSGIScriptAlias /cgi /var/www/virtual/news/html/cgi/
<Virtualhost>
<Virtualhost *:80>
ServerName ent.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
<Directory "/var/www/virtual/ent/html">
Require all granted
</Directory>
[root@server102 conf.d]# yum install mod_wsgi -y
訪問 ent.westos.com/cgi
###squid
###實驗環境
虛擬機server雙網卡
eth0=172.25.254.102
eth1=172.25.2.100
虛擬機desktop單網卡
eht0=172.25.2.200
###squid正向代理
在虛擬機server中
[root@server102 ~]# yum install squid -y
[root@server102 ~]# vim /etc/squid/squid.conf
56 http_access allow all
59 http_port 3128
62 cache_dir ufs /var/spool/squid 100 16 256
[root@server102 squid]# systemctl start squid
[root@server102 ~]# systemctl stop firewalld.service
訪問172.25.254.2,可以訪問到
在虛擬機desktop中
打開瀏覽器
選擇Edit-->Preferences-->Advanced-->Settings-->Manual proxy configuration HTTP Proxy:172.25.2.100 Port:3128-->Use this proxy server for all protocols
訪問172.25.254.2,可以訪問到
[root@desktop ~]# ping 172.25.254.2
connect: Network is unreachable
ping 不通
###squid反向代理
[root@server102 ~]# vim /etc/squid/squid.conf
59 http_port 80 vhost vport
60 cache_peer 172.25.254.2 parent 80 0 proxy-only
[root@server102 ~]# systemctl restart squid.service
[root@server102 ~]# rpm -qa | grep http 無顯示代表本機沒有httpd服務
[root@server102 ~]# firefox
訪問172.25.254.102顯示內容爲172.25.254.2的默認發佈目錄內容
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章