目录:
一、centos6使用httpd-2.2基于域名构建httpd服务
二、centos7使用httpd2.4基于域名构建httpd服务
三、centos6编译安装httpd-2.4基于域名构建httpd服务
一、centos6使用httpd-2.2基于域名构建httpd服务:
1、安装http服务:
yum -y install httpd
2、编辑主配置文件开启Name VirtualHost
NameVirtualHost 192.168.1.100:80
3、创建DocumentRoot及编辑网页内容
[[email protected] ~]# mkdir -p /data/vhost/www1 [[email protected] ~]# mkdir -p /data/vhost/www2 [[email protected] www1]# echo "www1" >index.html [[email protected] www2]# echo "www2" >index.html
4、建立基于www1域名的虚拟主机
要求:
##定义访问日志和错误日志
##定义192.168.1.0网段禁止访问
##访问www1.magedu.com/server-status输出状态页面,并且仅root用户可以访问
具体配置如下:
[[email protected] ~]# vim /etc/httpd/conf.d/vhost1.conf <VirtualHost 192.168.1.100:80> DocumentRoot /data/vhost/www1 ServerName www1.magedu.com CustomLog /var/log/httpd/www1/aceess_log common ErrorLog /var/log/httpd/www1/err_log##日志文件路径需要自己创建即可,否则启服务失败 <Directory "/data/vhost/www1"> options None AllowOverride None Order allow,deny deny from 192.168.1.0 ###现在192.168.1.0网段中的任何主机都不可访问www1 </Directory> <Location /server-status> ###设置访问www1.magedu.com/server-status的状态信息 SetHandler server-status Order allow,deny Allow from 192.168.1 AuthType Basic AuthName "admin" AuthUserFile "/etc/httpd/conf/.htpasswd"###用户认证文件 Require valid-user </Location> </VirtualHost> [[email protected] conf]# htpasswd -c -m /etc/httpd/.htpasswd aa ##建立认证用户 ok重启或重加载测试
5、建立基于www2域名的虚拟主机
要求:
###定义访问日志和错误日志
###访问此站点为https安全站点
具体配置如下:
<VirtualHost 192.168.1.100:80> DocumentRoot /data/vhost/www2 ServerName www2.magedu.com ErrorLog /var/log/httpd/www2/error_log ##定义错误日志 CustomLog /var/log/httpd/www2/access_log common ##定义访问日志 </VirtualHost>
将此站点构建成HTTPS安全访问:
建立CA:
1)生成私钥文件:
[[email protected] tls]# (umask 077; openssl genrsa -out /etc/pki/CA/private/cakey.pem 2048)
2)生成自签证书
[[email protected] CA]# openssl req -new -x509 -key /etc/pki/CA/private/cakey.pem -out /etc/pki/CA/cacert.pem -days 3655 Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:beijing Locality Name (eg, city) [Default City]:beijing Organization Name (eg, company) [Default Company Ltd]:magedu.com Organizational Unit Name (eg, section) []:yunwei Common Name (eg, your name or your server‘s hostname) []:bogon Email Address []:[email protected]
3)为CA提供文件
[[email protected] CA]# touch {serial,index.txt}
[[email protected] CA]# echo 01 > serial
http服务器进行配置如下:
1)生成私钥
[[email protected] ~]# mkdir /etc/httpd/ssl [[email protected] ~]# cd /etc/httpd/ssl [[email protected] ssl]# (umask 077; openssl genrsa -out /etc/httpd/ssl/httpd.key 2048)
2)生成证书请求:
[[email protected] ssl]# openssl req -new -key /etc/httpd/ssl/httpd.key -out /etc/httpd/ssl/httpd.csr -days 365 Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:beijing Locality Name (eg, city) [Default City]:beijing Organization Name (eg, company) [Default Company Ltd]:magedu.com Organizational Unit Name (eg, section) []:yunwei Common Name (eg, your name or your server‘s hostname) []:bogon Email Address []:[email protected] Please enter the following ‘extra‘ attributes to be sent with your certificate request A challenge password []: An optional company name []:
3)将此请求证书传给CA签署
[[email protected] ssl]# scp httpd.csr 192.168.1.100:/tmp
4)CA签署证书并发给请求者
[[email protected] tmp]# openssl ca -in /tmp/httpd.csr -out /etc/pki/CA/certs/httpd.crt -days 365
[[email protected] certs]# scp httpd.crt [email protected]:/etc/httpd/ssl/
5)http要支持ssl就需要安装mod_ssl模块
[[email protected] ~]# yum -y install mod_ssl
6)配置/etc/httpd/conf.d/ssl.conf文件
<VirtualHost 192.168.1.100:443> DocumentRoot "/data/vhost/www2" ServerName www2.magedu.com SSLCertificateFile /etc/httpd/ssl/httpd.crt SSLCertificateKeyFile /etc/httpd/ssl/httpd.key
7)重启服务测试即可
[[email protected] ~]# httpd -t Syntax OK [[email protected] ~]# service httpd reload Reloading httpd:
------------------------------------分隔线---------------------------------------
二、centos7使用httpd2.4基于域名构建httpd服务
centos7上的httpd-2.4基本同centos6上的httpd2.2一样,所有有的地方就不详细的说明和操作了。
1、安装httpd服务
yum -y install httpd
2、创建网页及储存路径
mkdir -p /data/vhost/www{1,2}
echo "centos7 www1" > /data/vhost/www1/index.html
echo "centos7 www2" > /data/vhost/www2/index.html
3、建立虚拟主机www1并且做相应的限制等
[[email protected] ~]# vim /etc/httpd/conf.d/vhost1.conf <VirtualHost 192.168.1.104:80> DocumentRoot /data/vhost/www1 ServerName www1.magedu.com CustomLog /var/log/httpd/www1/acess_log common ErrorLog /var/log/httpd/www1/err_log <Directory "/data/vhost/www1"> Options None AllowOverride None ##定义访问权限: <RequireAll> Require all granted Require not ip 192.168 </RequireAll> </Directory> ####定义状态页面并且认证 <Location "/server-status"> SetHandler server-status Require all granted AuthType Basic AuthName "admin" AuthUserFile "/etc/httpd/.htpasswd" Require valid-user </Location> </VirtualHost>
4、建立虚拟主机www2
[[email protected] ~]# vim /etc/httpd/conf.d/vhost2.conf <VirtualHost 192.168.1.104:80> DocumentRoot /data/vhost/www2 ServerName www2.magedu.com CustomLog /var/log/httpd/www2/acess_log common ErrorLog /var/log/httpd/www2/err_log <Directory "/data/vhost/www2"> Options None AllowOverride None Require all granted </Directory> </VirtualHost>
----------------------------------分隔线-----------------------------------------
三、centos6编译安装httpd-2.4基于域名构建httpd服务
由于httpd-2.4所依赖的apr和apr-until需要1.4版本以上。而centos默认自带的版本比较低,所以我们在centos6使用httpd-2.4的时候需要我们手动进行编译安装才可以:
准备工具:apr-1.4.6.tar
apr-util-1.4.1.tar
httpd-2.4.6.tar
1、安装开发包组件
[[email protected] ~]# yum -y install prce-devel
[[email protected] ~]# yum groupinstall Development tools Server Platform Development
2、安装apr
[[email protected] ~]# tar xf apr-1.4.6.tar.bz2 [[email protected] ~]# cd apr-1.4.6 [[email protected] apr-1.4.6]# ./configure --prefix=/usr/local/apr [[email protected] apr-1.4.6]# make && make install
3、安装apr-until
[[email protected] ~]# tar xf apr-util-1.4.1.tar.bz2 [[email protected] ~]# cd apr-util-1.4.1 [[email protected] apr-util-1.4.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr [[email protected] apr-util-1.4.1]# make && make install
4、编译安装httpd2.4
[[email protected] ~]# tar xf httpd-2.4.6.tar.bz2 [[email protected] ~]# cd httpd-2.4.6 [[email protected] httpd-2.4.6]# ./configure --prefix=/usr/local/apache24 --sysconfdir= /etc/httpd24 --enable-so --enable--ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util --enable-modules=most --enable-mpms-shared=all --with-mpm=prefork [[email protected] ~]# make && make install
5、启动服务查查看下监听端口
[[email protected] ~]# /usr/local/apache24/bin/apachectl start [[email protected] ~]# ss -tnl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 :::53263 :::* LISTEN 0 128 :::111 :::* LISTEN 0 128 *:111 *:* LISTEN 0 128 :::80 :::*
6、开启虚拟主机模块编辑配置文件去除#即可
[[email protected] ~]# vim /etc/httpd24/httpd.conf Include /etc/httpd24/extra/httpd-vhosts.conf ##启用此项
7、配置虚拟主机
[[email protected] ~]# vim /etc/httpd24/extra/httpd-vhosts.conf <VirtualHost 192.168.1.100:80> DocumentRoot "/usr/local/apache24/htdocs/test1" ServerName test1.ma.com ErrorLog "/var/log/test1/errlog" CustomLog "/var/log/test1/acccesslog" common </VirtualHost> <VirtualHost 192.168.1.100:80> DocumentRoot "/usr/local/apache24/htdocs/test2" ServerName test2.ma.com ErrorLog "/var/log/test2/errlog" CustomLog "/var/log/test2/accesslog" common </VirtualHost>
8、创建网页测试文档
[[email protected] htdocs]# pwd /usr/local/apache24/htdocs [[email protected] htdocs]# mkdir test1 test2 [[email protected] htdocs]# echo "test1" > test1/index.html [[email protected] htdocs]# echo "test2" > test2/index.html
9、检查配置文件是否正确
[[email protected] ~]# apachectl -t Syntax OK
10、重启启动服务测试
[[email protected] ~]# /usr/local/apache24/bin/apachectl restart [[email protected] ~]# curl http://test1.ma.com test1 [[email protected] ~]# curl http://test2.ma.com test2
时间: 2024-10-19 19:57:24