Apache配置本地测试多网站域名与虚拟主机分分快

作者:电脑系统

httpd的根底配置

1卡塔 尔(英语:State of Qatar)改善监听的ip和port,在主配置文件/etc/httpd/conf/httpd.conf中期维改进,格式如:Listen  [IP:]PORT。需求注意的有3点:

  ①省略IP表示相配本机全体ip;
  ②Listen指令可重新现身数次;
  ③改进监听socket,重启服务进度方可生效。

  示例:

[root@happiness ~]# vim /etc/httpd/conf/httpd.conf
    Listen 80
    Listen 192.168.4.50:8090
[root@happiness ~]# systemctl start httpd.service
[root@happiness ~]# ss -tan
State       Recv-Q Send-Q             Local Address:Port                            Peer Address:Port              
LISTEN      0      128                 192.168.4.50:8080                                       *:*                  
LISTEN      0      5                  192.168.122.1:53                                         *:*                  
LISTEN      0      128                            *:22                                         *:*                  
LISTEN      0      128                    127.0.0.1:631                                        *:*                  
LISTEN      0      100                    127.0.0.1:25                                         *:*                  
ESTAB       0      52                 192.168.4.119:22                              192.168.4.93:49948              
LISTEN      0      128                           :::80                                        :::*                  
LISTEN      0      128                           :::22                                        :::*                  
LISTEN      0      128                          ::1:631                                       :::*                  
LISTEN      0      100                          ::1:25                                        :::* 

2卡塔尔国长连接。tcp三回九转建构后,各样财富拿到成功后不全断开连接,而是继续伺机别的财富央求的进展。对并发访谈量比较大的服务器,长连机场接人制会使得后续有个别央求不能够赢得健康响应,对这种情景,大家能够运用比较短的长久连接时长,以至比较少的乞请数量。

  配置指令:

    KeepAlive On|Off        #是不是启用长连接
    KeepAliveTimeout Seconds     #逾期时间长度
    MaxKeepAliveRequests Number       #最多维持稍微个长连接的号召

  示例:

[root@happiness ~]# vim /etc/httpd/conf.d/keepalive.conf  #新建
    KeepAlive On
    KeepAliveTimeout 30
    MaxKeepAliveRequests 200
[root@happiness ~]# systemctl restart httpd.service
[root@happiness ~]# telnet 192.168.4.50 8080
Trying 192.168.4.50...
Connected to 192.168.4.50.
Escape character is '^]'.
GET /index.html HTTP/1.1     
HOST:192.168.4.50    #输入后连按两次Enter

HTTP/1.1 200 OK
Date: Fri, 08 Jun 2018 04:25:03 GMT
Server: Apache/2.4.6 (CentOS)
Last-Modified: Fri, 08 Jun 2018 01:50:41 GMT
ETag: "17-56e17a0a33249"
Accept-Ranges: bytes
Content-Length: 23
Content-Type: text/html; charset=UTF-8

<h2>hello, world.</h2>
#注意:此处因为启用了KeepAlive,连接没有断开,可以继续输入内容;如果没有启用KeepAlive则请求成功后会直接退出telnet

3卡塔尔国自定义web站点。在httpd服务的主配置文件中,暗中同意情形下DocumentRoot "/var/www/html"定义了暗中同意web站点目录的门路。如需自定义站点,需按如下格式实行增添:

  httpd-2.2:

    DocumentRoot   "/PATH/TO/FILE"
    <Directory "/PATH/TO/FILE">              
      Options Indexes FollowSymLinks
      AllowOverride None   #用以定义每一种目录下.htaccess文件中的指令类型,但平日设置None
      Order allow,deny #概念暗许的拜会权限与Allow和Deny语句的管理顺序,此处先相称allow再相称deny
      Allow from all  #本着顾客机的域名或IP地址实行拜望节制,如:Allow from all大概Deny from 192.168等
    </Directory>

  httpd-2.4:

    DocumentRoot   "/PATH/TO/FILE"
    <Directory "/PATH/TO/FILE">
        Options Indexes FollowSymLinks
        AllowOverride None
        Require all granted  #http-2.4中的允许全数人访谈,假如要禁绝某些IP或域名的探访,如:Require not ip 1.1.1.1、Require not host xxxx.com或许禁绝全体人访问Require all denied
     </Directory>

其间options包含以下的可选参数:

参数 说明
Indexes 允许目录浏览,当客户仅指定要访问的目录,但没有指定要访问的文件,且目录下不存在默认文档时,显示该目录中的文件及子目录列表索引
MultiViews 允许内容协商的多重视图,允许返回指定的访问目录下的相关联的文件
All All包含了除MultiViews之外的所有特性,如没有指定options,默认为All
ExecCGI 允许在该目录下执行CGI脚本
FollowSymLinks 允许跟踪符号链接到源文件
Includes 允许服务器端包含功能
IncludesNoExec 允许服务器端包含功能,但禁止执行CGI脚本
None 不调用options参数

 

 

 

 

 

 

 

 

 

  示例:

[root@happiness ~]# mkdir -p /test/html
[root@happiness ~]# vim /test/html/test.html
   <h2>test web站点</h2>
[root@happiness ~]# chcon -R --reference /var/www/html /test/html #复制/var/www/html的selinux安全上下文到/data/html,如果没复制安全上下文可能会导致访问index.html出现403的提示
[root@happiness ~]# vim /etc/httpd/conf/httpd.conf
   #DocumentRoot "/var/www/html"  #注释默认的web根站点
   DocumentRoot "/test/html"  #定义要启用的web根站点
   <Directory "/test/html">
        Options None
        AllowOverride None
        Require all granted
   </Directory>
[root@happiness ~]# systemctl restart httpd.service
结果:

分分快三全天计划网站 1

1、落成情势及注意事项

<VirtualHost 172.20.30.50:8080>
DocumentRoot /www/example2-8080
ServerName www.example2.org
</VirtualHost>

 httpd的虚构主机VirtualHost

  日常在生龙活虎台服务器安装Apache后,咱们只可以访谈三个web站点,假使大家须要在生龙活虎台服务器访谈三个web站点,则供给经过Apache的VirtualHost虚构主机完毕,其实正是通过VirtualHost达成访问同三个服务器上的两样目录。
  虚构主机协理两种建构艺术:

  • 依据ip的不二秘籍,需求为每种虚构主机策动至少二个ip地址,配置格式如:

      <VirtualHost IP:PORT>
        ServerName  "www.xxx.cn"  #设想主机域名
        DocumentRoot  "/www/xxx"  #虚构主机web目录
      </VirtualHost>

    示例:

#创建目录
  [root@happiness ~]# mkdir -p /data/Vip/test1
  [root@happiness ~]# mkdir -p /data/Vip/test2
  [root@happiness ~]# chcon -R --reference /var/www/html /data/Vip #复制安全上下文
#创建index.html文件
  [root@happiness ~]# vim /data/Vip/test1/index.html
      <h1>virtual test based on ip. one</h1>
  [root@happiness ~]# vim /data/Vip/test2/index.html
      <h1>virtual test based on ip. two</h1>
#注释/var/www/html作为根路径
  [root@happiness ~]# vim /etc/httpd/conf/httpd.conf
      #DocumentRoot /var/www/html
#添加virtualhost.conf配置文件(文件名自定义)
  [root@happiness ~]# vim /etc/httpd/conf.d/virtualhost.conf
    <VirtualHost 192.168.4.119:80>
         DocumentRoot "/data/Vip/test1"
         <Directory "/data/Vip/test1">
             AllowOverride None
             Options None
             Require all granted
         </Directory>
    </VirtualHost>

    <VirtualHost 192.168.4.120:80>
        DocumentRoot "/data/Vip/test2"
        <Directory "/data/Vip/test2">
           AllowOverride None
           Options None
           Require all granted
         </Directory>
    </VirtualHost>
#启动httpd服务
  [root@happiness ~]# systemctl start httpd.service
#清空防火墙规则
  [root@happiness ~]# iptables -F
访问结果:
  • 依据port的章程,须求为各种设想主机配置一个独立的port,配置格式如:

      Listen 8080  #点名别的端口时,供给丰硕监听该端口
      <VirtualHost IP:PORT>
        ServerName  "www.xxx.cn"  #设想主机域名
        DocumentRoot  "/www/xxx"  #设想主机web目录
      </VirtualHost>

    示例:

#在上面的基础上直接修改virtualhost文件
[root@happiness ~]# vim /etc/httpd/conf.d/virtualhost.conf
Listen 8080
<VirtualHost 192.168.4.119:80>
    DocumentRoot "/data/Vip/test1"
    <Directory "/data/Vip/test1">
        AllowOverride None
        Options None
        Require all granted
    </Directory>
</VirtualHost>

<VirtualHost 192.168.4.119:8080>
    DocumentRoot "/data/Vip/test2"
    <Directory "/data/Vip/test2">
        AllowOverride None
        Options None
        Require all granted
    </Directory>
</VirtualHost>
访问结果:
  • 基于FQDN的章程,须要为各样虚构主机配置多少个FQDN,配置格式如:

      NameVirtualHost 172.16.100.6:80  #httpd-2.2须要在陈设文件中增添此句
      <VirtualHost 172.16.100.6:80>
        ServerName www.xxx.com #指定FQDN
        DocumentRoot "/www/xxxcom"
      </VirtualHost>
      <VirtualHost 172.16.100.6:80>
        ServerName www.xxx.cn #指定FQDN
        DocumentRoot "/www/xxxcn"
      </VirtualHost>

    示例:

#在上面的基础上直接修改virtualhost文件
[root@happiness ~]# vim /etc/httpd/conf.d/virtualhost.conf
<VirtualHost 192.168.4.119:80>
    ServerName www.test1.cn
    DocumentRoot "/data/Vip/test1"
    <Directory "/data/Vip/test1">
        AllowOverride None
        Options None
        Require all granted
    </Directory>
</VirtualHost>

<VirtualHost 192.168.4.119:80>
    ServerName www.test2.cn
    DocumentRoot "/data/Vip/test2"
    <Directory "/data/Vip/test2">
        AllowOverride None
        Options None
        Require all granted
    </Directory>
</VirtualHost>
访问结果:
    

<VirtualHost *:80>
DocumentRoot /www/example1
ServerName www.example1.com
ServerAlias example1.com. *.example1.com
# Other directives here
</VirtualHost>

httpd的访谈调控

1卡塔 尔(阿拉伯语:قطر‎在Directory中基于IP地址完结访谈调整

  http-2.第22中学基于IP地址的访谈调节是接纳Allow和Deny来实现的,如:
      <Directory  "/PATH/TO/FILE">
          Options Indexes FollowSymLinks
          AllowOverride None
          Order allow, deny
          Allow  from  IP | NetAddr
          Deny  from  IP | NetAddr
      </Directory>
  个中NetAddr的格式可相通:172.16、172.16.0.0、172.16.0.0/16、172.16.0.0/255.255.0.0。

  httpd-2.4中基于Ip地址访问的调整是应用Require完毕,如:
      <Directory  "/PATH/TO/FILE">
         AllowOverride none
         Options none
         <RequireAll>
            Require ip IP | NetAddr #同意访谈的IP或网段
            Require not ip IP | NetAddr #不容访问的Ip或网段
         </RequireAll>
      </Directory>
  其余httpd-2.4版本中还可以行使host名来开展访谈调整,如:
      <Directory  "/PATH/TO/FILE">
         AllowOverride none
         Options none
         <RequireAll>
           Require host google.com  #允许来自域名叫google.com全部主机的拜谒
           Require not host www.xxxx.com  #不容许来自己作主机名称叫www.xxxx.com的拜望
         </RequireAll>
      </Directory>

  示例:

[root@happiness ~]# mkdir /test/virtualhtml
[root@happiness ~]# vim /test/virtualhtml/virtualtest.html
     <h2>test for virtual</h2>
[root@happiness ~]# vim /etc/httpd/conf.d/virualhost.conf
  <VirtualHost 192.168.4.50:8080>
      DocumentRoot "/test/virtualhtml"
      <Directory "/test/virtualhtml">
          AllowOverride None
          Options None
          <RequireAll>
              Require all granted
              Require not ip 192.168.4.154    #禁止ip192.168.4.154的主机访问
          </RequireAll>
      </Directory>
  </VirtualHost>
结果:

分分快三全天计划网站 2  分分快三全天计划网站 3

 2卡塔尔国在Directory中基于顾客的采访调控

  在Directory中协助的验证方法有二种 basic明文认证和 digest音讯摘要认证,不是有着浏览器都帮衬摘要认证,因此日常的话用的超多的是 basic明文认证。
  用htpasswd命令生成认证的配置文件:

[root@happiness ~]# htpasswd -cb /data/httpduser walter 123456
[root@happiness ~]# htpasswd -b /data/httpduser alex 123456
[root@happiness ~]# cat /data/httpduser 
  walter:$apr1$CYZpqBy5$gxnNCiKSIX.qN8LRI809L.
  alex:$apr1$vGncT2dc$.S0TsnDFINqf5BhHP0Hvi.
[root@happiness ~]# chcon -R --reference /var/www /data/httpduser

  编辑主配置文件:

[root@happiness ~]# vim /etc/httpd/conf/httpd.conf
DocumentRoot "/test/html"
<Directory "/test/html">
    Options None
    AllowOverride None
    AuthType Basic  #认证方式Basic
    AuthName "user test"    #授权机制名称
    AuthUserFile "/data/httpduser"  #授权文件位置
    Require user alex  #允许访问的用户
</Directory>
[root@happiness ~]# systemctl restart httpd.service
结果:

分分快三全天计划网站 4  分分快三全天计划网站 5  分分快三全天计划网站 6

 3卡塔 尔(英语:State of Qatar)基于组的顾客访谈调节

  除了对顾客做访谈调节之外,还是能将客商划分为相应的组进而依照组来做相应的访谈调控,接着上叁个例子中的顾客来做组访谈调控。
  创造组文件:

[root@happiness ~]# vim /data/httpdgroup
   groupA:walter
   groupB:alex
[root@happiness ~]# chcon -R --reference /var/www /data/httpdgroup

  编辑主配置文件:

[root@happiness ~]# vim /etc/httpd/conf/httpd.conf
DocumentRoot "/test/html"
<Directory "/test/html">
    Options None
    AllowOverride None
    AuthType Basic  #认证方式Basic
    AuthName "user test"    #授权机制名称
    AuthUserFile "/data/httpduser"  #授权用户文件位置
    AuthGroupFile "/data/httpdgroup"  #授权用户组文件位置
    Require group groupA  #允许访问的组
</Directory>
[root@happiness ~]# systemctl restart httpd.service
结果:

分分快三全天计划网站 7  分分快三全天计划网站 8

二、虚构主机

<VirtualHost 127.0.0.3:80>
    DocumentRoot d:/AppServ/www3
    ServerName 127.0.0.3:80
</VirtualHost>...

httpd配置内容

httpd2.2
配置文件:
    /etc/httpd/conf/httpd.conf
    /etc/httpd/conf.d/*.conf
服务脚本:
    /etc/rc.d/init.d/httpd
脚本配置文件:
    /etc/sysconfig/httpd
主程序文件:
    /usr/sbin/httpd
    /usr/sbin/httpd.event
    /usr/sbin/httpd.worker
日志文件:
    /var/log/httpd:access_log:访问日志,error_log:错误日志
站点文档:
    /var/www/html
模块文件路径:
    /usr/lib64/httpd/modules    
服务控制和启动:
    chkconfig  httpd  on|off
    service {start|stop|restart|status|configtest|reload} httpd
httpd2.4
配置文件:
    /etc/httpd/conf/httpd.conf
    /etc/httpd/conf.d/*.conf
模块相关的配置文件:
    /etc/httpd/conf.modules.d/*.conf
systemd unit file:
    /usr/lib/systemd/system/httpd.service
主程序文件:
    /usr/sbin/httpd(httpd-2.4支持MPM的动态切换)
日志文件:
    /var/log/httpd: access_log:访问日志,    error_log:错误日志
站点文档:
    /var/www/html
模块文件路径:
    /usr/lib64/httpd/modules    
服务控制:
    systemctl enable|disable httpd.service
    systemctl {start|stop|restart|status} httpd.service
  • 申明质询:WWW-Authenticate:响应码为401,谢绝客商端央求,并表达须要客商端提供账号和密码

<Directory "d:/AppServ/www3">
    Options Indexes FollowSymLinks Multiviews
    AllowOverride All
    Order Allow,Deny
    Allow from all
</Directory>

不然相会世无权访问难点。

5、错误页面消息设置

<Directory />
Options FollowSymLinks
AllowOverride None
### Order deny,allow
### Deny from all
Order allow,deny
Allow from all
Satisfy all
</Directory>

  • LoadModule status_module modules/mod_status.so
        <Location /server-status>
            SetHandler server-status
            Order allow,deny
            Allow from 172.16
        </Location>

在大家设置APACHE的时候经常暗中认可的apache的安插是独有一个网址,那样切换起来特不方便人民群众。其实这么些主题材料很好消释,便是把本机的apache配置成为虚构服务器。但是,网络海大学部分课程的是教用 apache怎样配置基于域名的设想主机的,而在本机调节和测量试验网址的时候,平常都以用本地ip(127.0.0.1 或 localhost卡塔 尔(英语:State of Qatar)直接待上访谈,未有用到域名。所以得把apache配置成为基于ip地址的虚构主机。

    错误文档的最后一行将包含服务器的名字、Apache的版本等信息  
如果不对外显示这些信息,就可以将这个参数设置为Off  
设置为Email,将显示 ServerAdmin 的Email提示。

废话少说,进入正规的布署职业,上边是apache的httpd.conf里有关配置部分( httpd.conf 位于 Apache2.2conf ):
1、Listen部分,必得一贯钦点端口,不钦命ip地址,配置应写为:
Listen 80
2、不用像基于域名的虚构主机那样写“NameVirtualHost”。

  • Satisfy ALL|Any
        ALL 客商机IP和顾客验证都亟需经过才得以
        Any 客商机IP和顾客验证,有三个满意就可以

# This is the other address
NameVirtualHost 172.20.30.50

  • ServerSignature     On | Off | EMail

  • 当顾客央浼的网页并不真实时,服务器将时有产生错误文书档案,缺省景色下是因为展开了 ServerSignature 选项

打开:hosts文件

  • 示例:
        Require valid-user
        Order allow,deny
        Allow from 192.168.1
        Satisfy Any

(2) 基于IP和多端口的设想主机配置
Listen 172.20.30.40:80
Listen 172.20.30.40:8080
Listen 172.20.30.50:80
Listen 172.20.30.50:8080

 

<VirtualHost 172.20.30.50>
DocumentRoot /www/example2
ServerName www.example2.org
# Other directives here …
</VirtualHost>

差不离的说,展开httpd.conf 在结尾参预如下内容:

  • 剥夺方法:注释中央主机的DocumentRoot指令就能够

  • 站点标记: socket
        IP形似,但端口差别
        IP差别,但端口均为暗许端口
        FQDN不同:
            需要报文中首部
            Host: www.magedu.com

  • 设想主机的布局方式
        <VirtualHost IP:PORT>
            ServerName FQDN
            DocumentRoot “/path"
        </VirtualHost>

<VirtualHost *:80>
DocumentRoot /www/example2
ServerName www.example2.org
# Other directives here
</VirtualHost>

  • 只适用于Unix平台

<Directory "d:/AppServ/www2">
    Options Indexes FollowSymLinks Multiviews
    AllowOverride All
    Order Allow,Deny
    Allow from all
</Directory>

2、基于IP的设想主机示例

<VirtualHost 172.20.30.40:80>
ServerName www.example2.org
DocumentRoot /www/otherdomain-80
</VirtualHost>

 

<VirtualHost 172.20.30.40:8080>
ServerName www.example1.com
DocumentRoot /www/domain-8080
</VirtualHost>

<VirtualHost 172.20.30.40>
DocumentRoot /www/example2
ServerName www.example2.org
</VirtualHost>

  • 依附组账号实行求证

"d:/AppServ/www2" 为你的站点存放目录:重启apache2今后,你的设想主机就安顿好了,未来就足以因此127.0.0.2,和127.0.0.3步入分裂的站点了。

  • 安全域:需求客商认证后方能访问的渠道;应该经过名称对其进展标志,以便于告知客商认证的原由

运行:C:WINDOWSsystem32driversetc

  • 证实情势三种
        basic:明文
        digest:消息摘要认证,宽容性差

NameVirtualHost 172.20.30.40

  • 建议:上述配置存放在独立的配备文件中

<VirtualHost 172.20.30.40:80>
DocumentRoot /www/example1-80
ServerName www.example1.com
</VirtualHost>

 

<VirtualHost 172.20.30.40>
DocumentRoot /www/example1
ServerName www.example1.com
</VirtualHost>

生龙活虎、基于客商的访谈调控

(5)在差别的端口上运转差异的站点(基于多端口的服务器上安顿基于域名的虚构主机):
Listen 80
Listen 8080

6、ServerType inetd | standalone.

(4)在四个IP地址的服务器上计划基于域名的虚构主机:
Listen 80

分分快三全天计划网站 9

上边为详细表达深入分析:

1、调控项目

(3)单个IP地址的服务器上依据域名的虚构主机配置:
# Ensure that Apache listens on port 80
Listen 80

[root@Centos6-serverconf.d]#vim auth.conf 
<Directory /app/website/secret>
        Authtype Basic
        AuthName "Administator private"
        AuthUserFile "/etc/httpd/conf.d/.httpusers"
        AuthGroupFile "/etc/httpd/conf.d/.httpgroups"
        Require group admins                                                                           
</Directory>

[root@Centos6-serverconf.d]#vim .httpgroups
admins: http1 http3
users: http2

<VirtualHost 172.20.30.40:8080>
ServerName www.example2.org
DocumentRoot /www/otherdomain-8080
</VirtualHost>

3、基于端口的虚构主机

首先,大家都晓得,全部以127一马超过的ip地址都应有针对本机,并不仅127.0.0.1,那点大家能够实践。
那样一来,也正是说本机有丰硕多的ip地址供你来设置设想主机了。

  • 表达:Authorization:客商端客户填入账号和密码后再一次发送央求报文;认证通过时,则服务器发送响应的能源

重启apache2将来,你的设想主机就安插好了,今后就能够透过127.0.0.1和127.0.0.2,127.0.0.3跻身差异的站点了。

  • 示例:
        <Directory "/www/htdocs/admin">
            Options None
            AllowOverride None
            AuthType Basic
            AuthName "Administator private"
            AuthUserFile "/etc/httpd/conf.d/.httpusers"
            AuthGroupFile "/etc/httpd/conf.d/.httpgroups"

            Require group admins

        </Directory>
        vim /etc/httpd/conf.d/.httpgroups

        admins: http1 http3
        users: http2 

加多域名指向。

#实验:基于IP地址的虚拟主机
[root@Centos6-serverapp]#ls
website
[root@Centos6-serverapp]#cp website/ website2 -r
[root@Centos6-serverapp]#cp website/ website3 -r

[root@Centos6-serverapp]#vim website2/index.html 
/app/website2 
[root@Centos6-serverapp]#vim website3/index.html 
/app/website3 

[root@Centos6-serverconf.d]#pwd
/etc/httpd/conf.d

[root@Centos6-serverconf.d]#vim vhost.conf 
        documentroot /app/website
<Virtualhost 192.168.1.251:80
<Virtualhost 192.168.1.100:80>
        DocumentRoot /app/website
        ErrorLog logs/website1-error_log
        CustomLog logs/website1-access_log common
</Virtualhost>
<Virtualhost 192.168.1.250:80>
        DocumentRoot /app/website2
        ErrorLog logs/website2-error_log
        CustomLog logs/website2-access_log common
</Virtualhost>
<Virtualhost 192.168.1.251:80>
        DocumentRoot /app/website3
        ErrorLog logs/website3-error_log
        CustomLog logs/website3-access_log common                                                      
</Virtualhost>

[root@centos7mini~]#curl 192.168.1.100
/app/website

[root@centos7mini~]#curl 192.168.1.250
/app/website2
[root@centos7mini~]#curl 192.168.1.251
/app/website3

[root@Centos6-serverconf.d]#ll /var/log/httpd/
-rw-r--r-- 1 root root      71 Jan 28 19:46 website1-access_log
-rw-r--r-- 1 root root       0 Jan 28 19:45 website1-error_log
-rw-r--r-- 1 root root      71 Jan 28 19:46 website2-access_log
-rw-r--r-- 1 root root       0 Jan 28 19:45 website2-error_log
-rw-r--r-- 1 root root      71 Jan 28 19:46 website3-access_log
-rw-r--r-- 1 root root       0 Jan 28 19:45 website3-error_log

NameVirtualHost 172.20.30.40:80
NameVirtualHost 172.20.30.40:8080

分分快三全天计划网站 10

3、设想主机的计划
(1)基于IP地址的虚构主机配置
Listen 80
<VirtualHost 172.20.30.40>
DocumentRoot /www/example1
ServerName www.example1.com
</VirtualHost>
<VirtualHost 172.20.30.50>
DocumentRoot /www/example2
ServerName www.example2.org
</VirtualHost>

  • standalone 独立服务格局

# This is the "main" server running on 172.20.30.40
ServerName server.domain.com
DocumentRoot /www/mainserver

  • (2) 提供账号和密码存储(文本文件卡塔尔国

<VirtualHost 172.20.30.40:80>
ServerName www.example1.com
DocumentRoot /www/domain-80
</VirtualHost>

  • 基于ip:为各种虚构主机计划最少三个ip地址

<VirtualHost 172.20.30.50:80>
DocumentRoot /www/example2-80
ServerName www.example1.org
</VirtualHost>

  • 建议安装为 Off

==========================================================================

    使用专用命令完成此类文件的创建及用户管理

     htpasswd [options]
/PATH/HTTPD_PASSWD_FILE username  



    -c:自动创建文件,仅应该在文件不存在时使用  



    -m:md5格式加密,默认方式

    -s: sha格式加密  


    -D:删除指定用户

<VirtualHost 172.20.30.50>
DocumentRoot /www/example1
ServerName www.example1.com
# Other directives here …
</VirtualHost>
IXDBA.NET社区论坛

4、然后相应的安顿好各种目录属性,下边是二个目录属性的出类拔萃配置:
<Directory "d:/AppServ/www2">
    Options Indexes FollowSymLinks Multiviews
    AllowOverride All
    Order Allow,Deny
    Allow from all
</Directory>

  • inetd 非独立服务形式

<VirtualHost 127.0.0.2:80>
    DocumentRoot d:/AppServ/www2
    ServerName 127.0.0.2:80
</VirtualHost>

#实验:创建加密的用户及密码
[root@Centos6-serverconf.d]#pwd
/etc/httpd/conf.d

[root@Centos6-serverconf.d]#ls -a
.  ..  .httpusers  

[root@Centos6-serverconf.d]#htpasswd -c .httpusers http1
New password: 
Re-type new password: 
Adding password for user http1

[root@Centos6-serverconf.d]#htpasswd -s .httpusers http2
Adding password for user http2

[root@Centos6-serverconf.d]#htpasswd -m .httpusers http3
Adding password for user http3

[root@Centos6-serverconf.d]#cat .httpusers 
http1:b4QECtkC6VarQ
http2:{SHA}s6VCX366xaGxnQ00QYzgpPZKelE=
http3:$apr1$H31NOGIE$tafiBf6tKSZmId1VqUz1H0

[root@Centos6-serverconf.d]#mkdir /app/website/secret
[root@Centos6-serverconf.d]#echo /app/website/secret/index.html > /app/website/secret/index.html

[root@Centos6-serverconf.d]#vim auth.conf
<Directory /app/website/secret>
        Authtype Basic
        AuthName "Admin dir"
        AuthUserFile "/etc/httpd/conf.d/.htusers"
        Require user http1 http2                                                                       
</Directory>
[root@Centos6-serverconf.d]#service httpd restart 

[root@centos7mini~]#curl -I HTTP/1.1 401 Authorization Required                       --->401提示
Date: Wed, 24 Jan 2018 07:19:41 GMT
Server: Apache
WWW-Authenticate: Basic realm="Admin dir"
Connection: close
Content-Type: text/html; charset=iso-8859-1

<VirtualHost 172.20.30.40:8080>
DocumentRoot /www/example1-8080
ServerName www.example1.com
</VirtualHost>

3、虚构主机配置段:在httpd.conf 最后加上
<VirtualHost 127.0.0.2:80>
    DocumentRoot d:/AppServ/www2
    ServerName 127.0.0.2:80
</VirtualHost>

  • 连带安装:
        vim /etc/httpd/conf/httpd.conf
        <IfModule mod_userdir.c>
            #UserDir disabled
            UserDir public_html #点名分享目录的称呼
        </IfModule>     

        计划目录
            su – wang;mkdir ~/public_html
            setfacl –m u:apache:x ~student
        访问
            

  • 细心:要改善分享文件夹的拜见权限

(6)基于域名和依照IP的混合设想主机的布置:
Listen 80

     (1) 定义安全域  
    &lt;Directory “/path"&gt;  
        AuthType Basic  
        AuthName "String“  
        AuthUserFile "/PATH/HTTPD_USER_PASSWD_FILE"  
        AuthGroupFile "/PATH/HTTPD_GROUP_FILE"  
        Require group grpname1 grpname2 ...  
    &lt;/Directory&gt;  


     (2)
创建用户账号和组账号文件;  



    组文件:每一行定义一个组  
    GRP_NAME: username1 username2 ...

# Listen for virtual host requests on all IP addresses
NameVirtualHost *:80

1、改善域名访问格局:

4、完成客户家目录的http分享

<VirtualHost 172.20.30.40>
DocumentRoot /www/example3
ServerName www.example3.net
</VirtualHost>

  • 基于FQDN:为各种虚构主机使用最少二个FQDN

  • 注意:平常设想机不要与main主机混用;因而,要使用设想主机,日常先禁止使用main主机

2、修改httpd.conf.

  • 可和依照IP的设想主机混和使用

  •     listen 808
        listen 8080
        <VirtualHost 172.16.100.6:80>
            ServerName www.a.com
            DocumentRoot "/www/a.com/htdocs"
        </VirtualHost>

安顿生效前提,必需改革跟目录为:

#实验:基于FQDN的虚拟主机

[root@Centos6-serverconf.d]#vim vhost.conf   
NameVirtualHost *:80
<Virtualhost *:80>
        DocumentRoot /app/website
        ServerName www.a.com
        ErrorLog logs/website1-error_log
        CustomLog logs/website1-access_log common
</Virtualhost>
<Virtualhost *:80>
        DocumentRoot /app/website2
        ServerName www.b.com
        ErrorLog logs/website2-error_log
        CustomLog logs/website2-access_log common
</Virtualhost>
<Virtualhost *:80>                                                                                     
        DocumentRoot /app/website3
        ServerName www.c.com
        ErrorLog logs/website3-error_log
        CustomLog logs/website3-access_log common
</Virtualhost>
#注意:如果通过IP来访问,而不是通过FQDN访问,第一个为IP默认要访问的地址!!!
[root@centos7mini~]#vim /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.100     

[root@centos7mini~]#curl www.a.com
/app/website

[root@centos7mini~]#curl www.b.com
/app/website2

[root@centos7mini~]#curl www.c.com
/app/website3

[root@centos7mini~]#telnet www.b.com 80                ---> 这的FQDN无所谓
Trying 192.168.1.100...
Connected to www.b.com.
Escape character is '^]'.
GET / http/1.1
HOST:                                         ---> 这的主机头才是要访问的地址
HTTP/1.1 200 OK
Date: Sun, 28 Jan 2018 12:06:33 GMT
Server: Apache
Last-Modified: Sun, 28 Jan 2018 11:34:22 GMT
ETag: "12000d-e-563d482c9ad21"
Accept-Ranges: bytes
Content-Length: 14
Connection: close
Content-Type: text/html; charset=UTF-8
/app/website3
Connection closed by foreign host.

#注意:一般虚拟机不要与main主机混用;因此,要使用虚拟主机,一般先禁用main主机
#注意:如果通过IP来访问,而不是通过FQDN访问,第一个为IP默认要访问的地址!!!
[root@centos7mini~]#curl 192.168.1.100
/app/website

[root@centos7mini~]#vim /etc/hosts
192.168.1.100     

[root@centos7mini~]#curl /app/website
[root@centos7mini~]#curl /app/website
[root@centos7mini~]#curl /app/website

4、基于FQDN的虚构主机

 


#实验:基于端口的虚拟主机
[root@Centos6-serverconf.d]#vim vhost.conf 
listen 8001
listen 8002
listen 8003                                                                                            
<Virtualhost *:8001>
        DocumentRoot /app/website
        ErrorLog logs/website1-error_log
        CustomLog logs/website1-access_log common
</Virtualhost>
<Virtualhost *:8002>
        DocumentRoot /app/website2
        ErrorLog logs/website2-error_log
        CustomLog logs/website2-access_log common
</Virtualhost>
<Virtualhost *:8003>
        DocumentRoot /app/website3
        ErrorLog logs/website3-error_log
        CustomLog logs/website3-access_log common
</Virtualhost>
[root@Centos6-serverconf.d]#ss -ntl
State       Recv-Q Send-Q                   Local Address:Port                     Peer Address:Port 
LISTEN      0      128                                 :::8001                               :::*     
LISTEN      0      128                                 :::8002                               :::*     
LISTEN      0      128                                 :::8003                               :::*     
LISTEN      0      128                                 :::80                                 :::*  

[root@centos7mini~]#curl 192.168.1.100:8001
/app/website

[root@centos7mini~]#curl 192.168.1.100:8002
/app/website2

[root@centos7mini~]#curl 192.168.1.100:8003
/app/website3
  • 基于port:为各类虚构主机使用最少叁个独立的port
  • SELinux: http_enable_homedirs

7、status页面

  • 顾客的账号和密码
        设想账号:仅用于访问某服务时用到的辨证标志
        存款和储蓄方法:文本文件,SQL数据库,ldap目录存款和储蓄,nis等
    &lt;VirtualHost 172.16.100.7:80&gt;  
        ServerName [www.b.net](http://www.b.net)  
        DocumentRoot "/www/b.net/htdocs"  
    &lt;/VirtualHost&gt;


    &lt;VirtualHost 172.16.100.8:80&gt;  
        ServerName [www.c.org](http://www.c.org)  
        DocumentRoot "/www/c.org/htdocs"  
    &lt;/VirtualHost&gt;

2、basic认证配置

    &lt;VirtualHost 172.16.100.6:808&gt;  
        ServerName [www.b.net](http://www.b.net/)  
        DocumentRoot
"/www/b.net/htdocs"  
    &lt;/VirtualHost&gt;


    &lt;VirtualHost 172.16.100.6:8080&gt;  
        ServerName [www.c.org](http://www.c.org/)  
        DocumentRoot
"/www/c.org/htdocs"  
    &lt;/VirtualHost&gt;

 

分分快三全天计划网站 11分分快三全天计划网站 12

    &lt;VirtualHost *:80&gt;  
        ServerName [www.b.net](http://www.b.net)  
        DocumentRoot "/www/b.net/htdocs"  
    &lt;/VirtualHost&gt;


    &lt;VirtualHost *:80&gt;  
        ServerName [www.c.org](http://www.c.org)  
        DocumentRoot "/www/c.org/htdocs"  
    &lt;/VirtualHost&gt;  
  • (1) 定义安全域
        <Directory "/path">
            Options None
            AllowOverride None
            AuthType Basic(验证措施卡塔尔
            AuthName "String"(描述音讯卡塔 尔(英语:State of Qatar)
            AuthUserFile "/PATH/HTTPD_USER_PASSWD_FILE"(账户文件贮存地点卡塔 尔(英语:State of Qatar)
            Require user username1 username2 ...(允许客商为怎么卡塔 尔(阿拉伯语:قطر‎
        </Directory>
        允许账号文件中的全部顾客登入访谈:
            Require valid-user
  • NameVirtualHost *:80 httpd2.4没有必要此命令
        <VirtualHost *:80>
            ServerName www.a.com
            DocumentRoot "/www/a.com/htdocs"
        </VirtualHost>

3、远程顾客端和顾客验证的决定

  •  ExtendedStatus On 显示扩张消息
[root@Centos6-serverconf.d]#vim /etc/httpd/conf/httpd.conf
<Location /status>
    SetHandler server-status
    Order deny,allow
#    Deny from all
    Allow from .example.com                                                                            
</Location>

#正常打开网页所显示的内容
Apache Server Status for 192.168.1.100
Server Version: Apache/2.2.15 (Unix) DAV/2                             #软件版本信息
Server Built: Mar 22 2017 06:52:55                                     #软件编译时间
Current Time: Wednesday, 24-Jan-2018 16:42:14 CST                      #当前时间
Restart Time: Wednesday, 24-Jan-2018 16:41:49 CST                      #上次重启服务时间
Parent Server Generation: 0                                            #父代服务器生成:0
Server uptime:  24 seconds                                             
1 requests currently being processed, 7 idle workers                   #1个工作中,7个空闲状态
W_______........................................................

................................................................

................................................................

................................................................

Scoreboard Key:
 "_" Waiting for Connection,  "S" Starting up,  "R" Reading Request,
 "W" Sending Reply,  "K" Keepalive (read),  "D" DNS Lookup,
 "C" Closing connection,  "L" Logging,  "G" Gracefully finishing,
 "I" Idle cleanup of worker,  "." Open slot with no current process
PID Key:                                                               #子进程pid编号
   48392 in state: W ,   48393 in state: _ ,   48394 in state: _ 
   48395 in state: _ ,   48396 in state: _ ,   48397 in state: _ 
   48398 in state: _ ,   48399 in state: _ ,
To obtain a full report with current status information you need to use the ExtendedStatus On directive.

#
“_”等待连接            “S”启动            “R”读取请求时
“W”发送回复            “K”保持连接(读)    “D” DNS查找
“C”关闭连接            “L”日志            “G”优雅地完成
“I”空闲清理工作人员     “,.”打开没有当前进程的插槽

 

  •     <VirtualHost 172.16.100.6:80>
            ServerName www.a.com
            DocumentRoot "/www/a.com/htdocs"
        </VirtualHost>
  • 依附模块mod_userdir.so实现
[root@Centos6-serverconf.d]#vim /etc/httpd/conf/httpd.conf 
ServerSignature Off
[root@Centos6-serverconf.d]#httpd -M | grep userdir
 userdir_module (shared)
[root@Centos6-serverconf.d]#getenforce                    --->默认就把SELinux关闭了
Disabled

[root@Centos6-serverconf.d]#vim /etc/httpd/conf/httpd.conf 
<IfModule mod_userdir.c>

#    UserDir disabled                                     --->注释掉或者改成enabled

    UserDir publicweb                                     --->共享文件夹的名字

[root@Centos6-serverconf.d]#ll -d /home/L/
drwx------ 3 L L 4096 Jan 24 15:59 /home/L/
[root@Centos6-serverconf.d]#tail /var/log/httpd/error_log 
[Wed Jan 24 16:21:32 2018] [error] [client 192.168.1.5] (13)Permission denied: access to /~L/ denied

[root@Centos6-serverconf.d]#setfacl -m u:apache:x /home/L/
[root@centos7mini~]#curl 
/home/L/publicweb/index.html

[root@Centos6-serverconf.d]#mkdir /root/publicweb
[root@Centos6-serverconf.d]#echo /root/publicweb/index.html > /root/publicweb/index.html
[root@Centos6-serverconf.d]#setfacl -m u:apache:x /root/

本文由分分快三计划发布,转载请注明来源

关键词: 分分快三计划 Apache Basic 认真 组账