linux——apache

1.apachece
企业中常用的web服务，用来提供http：//（超文本传输协议）

2.apache的安装

yum install httpd -y

yum install httpd-manual

systemctl start httpd
systemctl enable httpd
systemctl stop firewalld

systemctl disable firewalld

#测试： http://172.25.254.xx

       http://172.25.254.xx/manual

3.apache的基础信息

主配置目录：/etc/httpd/conf
主配置文件：/etc/httpd/conf/httpd.conf
子配置目录：/etc/httpd/conf.d
子配置文件：/etc/httpd/conf.d/*.conf
默认发布目录：/var/www/html
默认发布文件：index.html
默认端口：80
默认安全上下文：httpd_sys_content_t
程序开启默认用户：apache
apache日志:/etc/httpd/logs/*


默认发布端口：
vim /etc/httpd/conf/httpd.conf
43 Listen 8080    ##修改默认端口为8080

systemctl restart httpd

访问：

http://172.25.254.xx:8080

修改默认发布文件：
默认发布文件就是访问apache时没有指定文件名称时默认访问的文件，这个文件可以指定多个，有顺序访问
vim /etc/httpd/conf/httpd.conf
164     DirectoryIndex index.html test.html     ##当index.html不存在时，访问test.html

systemctl restart httpd

修改默认发布目录：
vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/html"
121 <Directory "/www">
122       Require all granted     ##所有人都可以访问此站点
123 </Directory>

systemctl restart httpd

mkdir -p /www/html      ##建立站点
vim /www/html/index.html    ###写被访问内容
semanage fcontext -a -t httpd_sys_content_t '/www(/.*)?'   ##安全上下文

restorecon -RvvF /www/

被访问内容为：

访问：

修改站点及访问目录：

服务端：
mkdir /var/www/virtual/linux.westos.com/html -p
mkdir /var/www/virtual/c.westos.com/html -p

vim /var/www/virtual/linux.westos.com/html/index.html
linux.westos.com

vim /var/www/virtual/c.westos.com/html/index.html
c.westos.com

[root@localhost conf.d]# vim default.conf     ##切换到/etc/httpd/conf.d/目录（cd /etc/httpd/conf.d/）

<VirtualHost _default_:80>
      DocumentRoot "/var/www/html"
      CustomLog "logs/www.westos.com.log" combined
</VirtualHost>

[root@localhost conf.d]# vim linux.conf
<VirtualHost *:80>
        ServerName linux.westos.com     ##制定站点名称
        DocumentRoot "/var/www/virtual/linux.westos.com/html/"   ##站点默认发布目录
        CustomLog "logs/linux.westos.com.logs" combiend    ##站点日志combiend表示四种日志的集合
</VirtualHost>
<Directory "/var/www/virtual/linux.westos.com/html/">
         Require all granted
</Directory>

[root@localhost conf.d]# vim c.conf
<VirtualHost *:80>
        ServerName c.westos.com
        DocumentRoot "/var/www/virtual/c.westos.com/html/"
        CustomLog "logs/c.westos.com.logs" combiend
</VirtualHost>
<Directory "/var/www/virtual/c.westos.com/html/">
         Require all granted
</Directory>

配置简介写法  :%s/linux/c/g      ##将文中的linux全换成c

[root@localhost conf.d]# systemctl restart httpd.service

访问端测试：
[root@foundation13 ~]# vim /etc/hosts
172.25.254.213 c.westos.com linux.westos.com www.westos.conf

访问：

由于字母开头c，d，l中，c在前面，所以默认访问到的是c.conf中的内容

5.apache内部的访问控制

1）针对与主机的访问控制
mkdir /var/www/html/text
vim adefault.conf
<Directory "/var/www/html/text">
          Order deny,allow
          Allow from 172.25.254.88    ##只应许88号机访问
          Deny from all
</Directory>
systemctl restart httpd.service

2）用户方式的访问控制
htpasswd -cm /etc/httpd/userpass admin
htpasswd -m /etc/httpd/userpass admin1     ##创建访问用户
mkdir /var/www/html/admin

vim adefault.conf
<Directory "/var/www/html/admin">
       AuthUserFile /etc/httpd/userpass
       AuthName "Please input yuor name and password"
       AuthType basic
       #Require user admin     ##允许admin访问
       Require valid-user      ##允许所有人访问
</Directory>

vim /var/www/html/admin/index.html
  admin

systemctl restart httpd.service

adefault.conf中的内容：

/admin/index.html中的内容：

访问：

用户admin:

用户admin1:

6.apache支持的语言
1）html  （前章已介绍过）
2）php
vim /var/www/html/index.php
<?php
        phpinfo();
?>

yum install php -y
systemctl restart httpd

测试：
172.25.254.xx/index.php

3）cgi
vim adefault.conf .cgi
<Directory "/var/www/html/cgi">
    Options +ExecCGI
    AddHandler cgi-script .cgi
</Directory>

mkdir -p /var/www/html/cgi
semanage fcontext -a -t httpd_sys_script_exec_t '/var/www/html/cgi(/.*)?'    ##安全上下文的设定
restorecon -RvvF /var/www/html/cgi/

vim /var/www/html/cgi/index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;       ##访问时间

[root@localhost conf.d]# chmod +x /var/www/html/cgi/index.cgi
[root@localhost conf.d]# /var/www/html/cgi/index.cgi            ##执行脚本确保脚本正常运行

systemctl restart httpd

访问：

7.https
保护客户端密码不被**
yum install mod_ssl -y
yum install crypto-utils -y    ##提供443端口
rpm -qa | grep crypt
rpm -qa crypto-utils-2.4.1-42.e17.x86_64    ##下载软件

genkey www.westos.com

（需要在实验机上敲击键盘，进度条才会走动，这是要设定加密的原因）

vim /etc/httpd/conf.d/ssl.conf
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
systemctl restart httpd

访问：

8.设定http主机和认证
mkdir -p /var/www/html/virtual/login.westos.com/html

vim login.conf      ###在/etc/httpd/conf.d/目录下

<VirtualHost *:443>
      ServerName login.westos.com
      DocumentRoot /var/www/html/virtual/login.westos.com/html
      CustomLog "logs/login.logs" combined
      SSLEngine on
      SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
      SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
</VirtualHost>
<Directory "/var/www/html/virtual/login.westos.com/html">
       Require all granted
</Directory>

获取证书：

<virtualHost *：80>                       
    ServerName login.westos.com
    RewriteEngine on
    RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]               ##自动转换到https

</VirtualHost>

^(/.*)$  ##客户在游览器地址栏中输入的所有字符
https://    强制客户加密访问
%{HTTP_HOST}  ##客户请求主机
$1   ##表示^(/.*)$的值
[redirect=301]   ##临时重写，302永久挂载