Linux服務器搭建web網站

目標：
1、域名爲www.haha.com,可訪問的網站內容爲 welcome to haha！！
2、給該公司創建三個虛擬網站目錄、/data（數據）、/student（學生）、/money（繳費）
3、基於www.haha.com/student 網站訪問學生網站、基於www.haha.com/data訪問數據網站、基於www.haha.com/money 訪問繳費網站
4、學生和繳費網站都可以訪問，數據網站只有zhangsan、lisi可以訪問
5、繳費網站實現數據加密基於 HTTPS 訪問

1、配置yum源，掛載、安裝httpd、mod_ssl包

[root@localhost ~]# cat /etc/redhat-release 
Red Hat Enterprise Linux Server release 7.5 (Maipo)

[base]
name=base
baseurl=file:///mnt
gpgcheck=0
enable=1

[root@localhost ~]# mount /dev/sr0 /mnt/

[root@localhost ~]# yum install httpd -y							#http安裝包
[root@localhost ~]# yum install mod_ssl.x86_64 -y					#ssl安裝包

2、關閉seLinux和防火牆

[root@localhost ~]# systemctl stop firewalld.service 
[root@localhost ~]# setenforce 0

3、創建認證

[root@localhost certs]# pwd
/etc/pki/tls/certs

[root@localhost certs]# make haha.crt
umask 77 ; \
/usr/bin/openssl genrsa -aes128 2048 > haha.key
Generating RSA private key, 2048 bit long modulus
............................................+++
...........................................................................................+++
e is 65537 (0x10001)
Enter pass phrase:
Verifying - Enter pass phrase:
umask 77 ; \
/usr/bin/openssl req -utf8 -new -key haha.key -x509 -days 365 -out haha.crt 
Enter pass phrase for haha.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:cn
Locality Name (eg, city) [Default City]:x'a
Organization Name (eg, company) [Default Company Ltd]:haha
Organizational Unit Name (eg, section) []:haha
Common Name (eg, your name or your server's hostname) []:haha
Email Address []:[email protected]

認證信息填寫完成後：
[root@localhost certs]# ll
創建的ca認證（基於本地）
-rw-------. 1 root root 1367 8月   4 17:01 haha.crt
-rw-------. 1 root root 1766 8月   4 17:00 haha.key

4、配置虛擬主機文件

[root@localhost ~]# vim /etc/httpd/conf.d/vhost.conf 					#虛擬文件/（自己命名）

<directory /haha>
        allowoverride none
        require all granted
</directory>

<virtualhost 192.168.218.100:80>
        servername www.haha.com
        documentroot /haha
        documentroot /haha/student
</virtualhost>

<directory /haha/data>
        authtype basic
        authname "please login!!!"
        authuserfile /etc/httpd/mysecret
        require user zhangsan lisi
</directory>


<virtualhost 192.168.218.100:443>
        servername www.haha.com/money
        documentroot /haha/money
        SSLEngine on
        SSLProtocol all -SSLv2
        SSLcipherSuite HIFH:MEDIUM:!aNILL:!MD5:!SEED:!IDEA
        SSlCertificateFile /etc/pki/tls/certs/haha.crt
        SSLcertificateKeyFile /etc/pki/tls/certs/haha.key
</virtualhost>

5、目錄信息

[root@localhost ~]# mkdir /haha
[root@localhost ~]# cd /haha/
[root@localhost haha]# mkdir data
[root@localhost haha]# mkdir student
[root@localhost haha]# mkdir money

[root@localhost haha]# vim /haha/index.html 
welcome to haha!!

[root@localhost ~]# htpasswd -c /etc/httpd/mysecret zhangsan
New password: 
Re-type new password: 
Adding password for user zhangsan

[root@localhost ~]# htpasswd  /etc/httpd/mysecret lisi
New password: 
Re-type new password: 
Adding password for user lisi

6、重啓服務

[root@localhost ~]# systemctl restart httpd.service 
Enter SSL pass phrase for www.haha.com/money:443 (RSA) : ******

配置本地域名解析文件：
[root@localhost ~]# vim /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.218.100  www.haha.com