zoukankan      html  css  js  c++  java
  • 10 使用Apache服务部署静态网站

    10 使用Apache服务部署静态网站

    网站服务程序

    http 协议

    httpd 服务名称、软件包名称

    [root@linuxprobe ~]# mkdir -p /media/cdrom
    [root@linuxprobe ~]# mount /dev/cdrom /media/cdrom
    mount: /dev/sr0 is write-protected, mounting read-only
    
    [root@linuxprobe ~]# vim /etc/yum.repos.d/rhel7.repo
    [rhel7]
    name=rhel7
    baseurl=file:///media/cdrom
    enabled=1
    gpgcheck=0
    
    [root@linuxprobe ~]# yum install httpd
    
    [root@linuxprobe ~]# systemctl start httpd
    [root@linuxprobe ~]# systemctl enable httpd
    
    配置服务文件参数

    表 Linux系统中的配置文件

    服务目录 /etc/httpd
    主配置文件 /etc/httpd/conf/httpd.conf
    网站数据目录 /var/www/html
    访问日志 /var/log/httpd/access_log
    错误日志 /var/log/httpd/error_log

    表1 配置httpd服务程序时最常用的参数以及用途描述

    ServerRoot 服务目录
    ServerAdmin 管理员邮箱
    User 运行服务的用户
    Group 运行服务的用户组
    ServerName 网站服务器的域名
    DocumentRoot 网站数据目录
    Listen 监听的IP地址与端口号
    DirectoryIndex 默认的索引页页面
    ErrorLog 错误日志文件
    CustomLog 访问日志文件
    Timeout 网页超时时间,默认为300秒
    [root@linuxprobe ~]# echo "Welcome To LinuxProbe.Com" > /var/www/html/index.html
    [root@linuxprobe ~]# firefox
    
    [root@linuxprobe ~]# mkdir /home/wwwroot
    [root@linuxprobe ~]# echo "The New Web Directory" > /home/wwwroot/index.html
    
    [root@linuxprobe ~]# vim /etc/httpd/conf/httpd.conf 
    
    [root@linuxprobe ~]# systemctl restart httpd
    [root@linuxprobe ~]# firefox
    
    SELinux安全子系统

    SELinux域:

    ​ 服务

    SELinux安全上下文:

    ​ 文件

    setenforce 0 临时关闭

    setenforce 1 临时开启

    [root@linuxprobe ~]# vim /etc/selinux/config
    
    [root@linuxprobe ~]# getenforce 
    
    [root@linuxprobe ~]# setenforce 0
    [root@linuxprobe ~]# getenforce
    Permissive
    
    [root@linuxprobe ~]# setenforce 1
    [root@linuxprobe ~]# ls -Zd /var/www/html
    drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 /var/www/html
    [root@linuxprobe ~]# ls -Zd /home/wwwroot
    drwxrwxrwx. root root unconfined_u:object_r:home_root_t:s0 /home/wwwroot
    

    semanage命令

    -l参数用于查询;

    -a参数用于添加;

    -m参数用于修改;

    -d参数用于删除。

    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot/*
    
    [root@linuxprobe ~]# restorecon -Rv /home/wwwroot/
    
    10个人用户主页功能**

    Public_html 每个用户自己的网站数据目录

    getsebool -a 查看策略

    getsebool 设置策略

    [root@linuxprobe ~]# vim /etc/httpd/conf.d/userdir.conf 
    
    [root@linuxprobe home]# su - linuxprobe
    Last login: Fri May 22 13:17:37 CST 2017 on :0
    [linuxprobe@linuxprobe ~]$ mkdir public_html
    [linuxprobe@linuxprobe ~]$ echo "This is linuxprobe's website" > public_html/index.html
    [linuxprobe@linuxprobe ~]$ chmod -Rf 755 /home/linuxprobe
    
    [root@linuxprobe ~]# getsebool -a | grep http
    
    [root@linuxprobe ~]# setsebool -P httpd_enable_homedirs=on
    [root@linuxprobe ~]# firefox
    

    有时,网站的拥有者并不希望直接将网页内容显示出来,只想让通过身份验证的用户访客看到里面的内容,这时就可以在网站中添加口令功能了。

    [root@linuxprobe ~]# htpasswd -c /etc/httpd/passwd linuxprobe
    New password:此处输入用于网页验证的密码
    Re-type new password:再输入一遍进行确认
    Adding password for user linuxprobe
    
    [root@linuxprobe ~]# vim /etc/httpd/conf.d/userdir.conf
    27 #
    28 # Control access to UserDir directories. The following is an example
    29 # for a site where these directories are restricted to read-only.
    30 #
    31 <Directory "/home/*/public_html">
    32 AllowOverride all
    #刚刚生成出来的密码验证文件保存路径
    33 authuserfile "/etc/httpd/passwd"
    #当用户尝试访问个人用户网站时的提示信息
    34 authname "My privately website"
    35 authtype basic
    #用户进行账户密码登录时需要验证的用户名称
    36 require user linuxprobe
    37 </Directory>
    [root@linuxprobe ~]# systemctl restart httpd
    
    10虚拟网站主机功能
    10.5.1 基于IP地址

    第10章 使用Apache服务部署静态网站。第10章 使用Apache服务部署静态网站。

    第10章 使用Apache服务部署静态网站。第10章 使用Apache服务部署静态网站。

    [root@linuxprobe ~]# mkdir -p /home/wwwroot/10
    [root@linuxprobe ~]# mkdir -p /home/wwwroot/20
    [root@linuxprobe ~]# mkdir -p /home/wwwroot/30
    [root@linuxprobe ~]# echo "IP:192.168.10.10" > /home/wwwroot/10/index.html
    [root@linuxprobe ~]# echo "IP:192.168.10.20" > /home/wwwroot/20/index.html
    [root@linuxprobe ~]# echo "IP:192.168.10.30" > /home/wwwroot/30/index.html
    
    [root@linuxprobe ~]# vim /etc/httpd/conf/httpd.conf
    ………………省略部分输出信息………………
    113 <VirtualHost 192.168.10.10>
    114 DocumentRoot /home/wwwroot/10
    115 ServerName www.linuxprobe.com
    116 <Directory /home/wwwroot/10 >
    117 AllowOverride None
    118 Require all granted
    119 </Directory>
    120 </VirtualHost>
    121 <VirtualHost 192.168.10.20>
    122 DocumentRoot /home/wwwroot/20
    123 ServerName bbs.linuxprobe.com
    124 <Directory /home/wwwroot/20 >
    125 AllowOverride None
    126 Require all granted
    127 </Directory>
    128 </VirtualHost>
    129 <VirtualHost 192.168.10.30>
    130 DocumentRoot /home/wwwroot/30
    131 ServerName tech.linuxprobe.com
    132 <Directory /home/wwwroot/30 >
    133 AllowOverride None
    134 Require all granted
    135 </Directory>
    136 </VirtualHost>
    ………………省略部分输出信息………………
    [root@linuxprobe ~]# systemctl restart httpd
    
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot/10
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot/10/*
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot/20
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot/20/*
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot/30
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot/30/*
    [root@linuxprobe ~]# restorecon -Rv /home/wwwroot
    
    10.5.2 基于主机域名
    [root@linuxprobe ~]# vim /etc/hosts
    127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
    ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
    192.168.10.10 www.linuxprobe.com bbs.linuxprobe.com tech.linuxprobe.com
    [root@linuxprobe ~]# ping -c 4 www.linuxprobe.com
    PING www.linuxprobe.com (192.168.10.10) 56(84) bytes of data.
    64 bytes from www.linuxprobe.com (192.168.10.10): icmp_seq=1 ttl=64 time=0.070 ms
    64 bytes from www.linuxprobe.com (192.168.10.10): icmp_seq=2 ttl=64 time=0.077 ms
    64 bytes from www.linuxprobe.com (192.168.10.10): icmp_seq=3 ttl=64 time=0.061 ms
    64 bytes from www.linuxprobe.com (192.168.10.10): icmp_seq=4 ttl=64 time=0.069 ms
    --- www.linuxprobe.com ping statistics ---
    4 packets transmitted, 4 received, 0% packet loss, time 2999ms
    rtt min/avg/max/mdev = 0.061/0.069/0.077/0.008 ms
    [root@linuxprobe ~]# 
    
    [root@linuxprobe ~]# mkdir -p /home/wwwroot/www
    [root@linuxprobe ~]# mkdir -p /home/wwwroot/bbs
    [root@linuxprobe ~]# mkdir -p /home/wwwroot/tech
    [root@linuxprobe ~]# echo "WWW.linuxprobe.com" > /home/wwwroot/www/index.html
    [root@linuxprobe ~]# echo "BBS.linuxprobe.com" > /home/wwwroot/bbs/index.html
    [root@linuxprobe ~]# echo "TECH.linuxprobe.com" > /home/wwwroot/tech/index.html
    
    [root@linuxprobe ~]# vim /etc/httpd/conf/httpd.conf
    ………………省略部分输出信息………………
    113 <VirtualHost 192.168.10.10>
    114 DocumentRoot "/home/wwwroot/www"
    115 ServerName "www.linuxprobe.com"
    116 <Directory "/home/wwwroot/www">
    117 AllowOverride None
    118 Require all granted
    119 </directory> 
    120 </VirtualHost>
    121 <VirtualHost 192.168.10.10>
    122 DocumentRoot "/home/wwwroot/bbs"
    123 ServerName "bbs.linuxprobe.com"
    124 <Directory "/home/wwwroot/bbs">
    125 AllowOverride None
    126 Require all granted
    127 </Directory>
    128 </VirtualHost>
    129 <VirtualHost 192.168.10.10>
    130 DocumentRoot "/home/wwwroot/tech"
    131 ServerName "tech.linuxprobe.com"
    132 <Directory "/home/wwwroot/tech">
    133 AllowOverride None
    134 Require all granted
    135 </directory>
    136 </VirtualHost>
    ………………省略部分输出信息………………
    
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot/www
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot/www/*
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot/bbs
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot/bbs/*
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot/tech
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot/tech/*
    [root@linuxprobe ~]# restorecon -Rv /home/wwwroot
    
    [root@linuxprobe ~]# firefox 
    
    10.5.3 基于端口号
    [root@linuxprobe ~]# mkdir -p /home/wwwroot/6111
    [root@linuxprobe ~]# mkdir -p /home/wwwroot/6222
    [root@linuxprobe ~]# echo "port:6111" > /home/wwwroot/6111/index.html
    [root@linuxprobe ~]# echo "port:6222" > /home/wwwroot/6222/index.html
    
    [root@linuxprobe ~]# vim /etc/httpd/conf/httpd.conf 
    ………………省略部分输出信息……………… 
     33 #
     34 # Listen: Allows you to bind Apache to specific IP addresses and/or
     35 # ports, instead of the default. See also the <VirtualHost>
     36 # directive.
     37 #
     38 # Change this to Listen on specific IP addresses as shown below to 
     39 # prevent Apache from glomming onto all bound IP addresses.
     40 #
     41 #Listen 12.34.56.78:80
     42 Listen 80
     43 Listen 6111
     44 Listen 6222
    ………………省略部分输出信息……………… 
    
    [root@linuxprobe ~]# vim /etc/httpd/conf/httpd.conf
    ………………省略部分输出信息……………… 
    113 <VirtualHost 192.168.10.10:6111>
    114 DocumentRoot "/home/wwwroot/6111"
    115 ServerName www.linuxprobe.com
    116 <Directory "/home/wwwroot/6111">
    117 AllowOverride None
    118 Require all granted
    119 </Directory> 
    120 </VirtualHost>
    121 <VirtualHost 192.168.10.10:6222>
    122 DocumentRoot "/home/wwwroot/6222"
    123 ServerName bbs.linuxprobe.com
    124 <Directory "/home/wwwroot/6222">
    125 AllowOverride None
    126 Require all granted
    127 </Directory>
    128 </VirtualHost>
    ………………省略部分输出信息………………
    
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot/6111
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot/6111/*
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot/6222
    [root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t /home/wwwroot/6222/*
    [root@linuxprobe ~]# restorecon -Rv /home/wwwroot/
    
    [root@linuxprobe ~]# systemctl restart httpd
    
    [root@linuxprobe ~]# semanage port -l | grep http
    
    [root@linuxprobe ~]# semanage port -a -t http_port_t -p tcp 6111
    [root@linuxprobe ~]# semanage port -a -t http_port_t -p tcp 6222
    [root@linuxprobe ~]# semanage port -l| grep http
    http_cache_port_t tcp 8080, 8118, 8123, 10001-10010
    http_cache_port_t udp 3130
    http_port_t tcp  6222, 6111, 80, 81, 443, 488, 8008, 8009, 8443, 9000
    pegasus_http_port_t tcp 5988
    pegasus_https_port_t tcp 5989
    [root@linuxprobe ~]# systemctl restart httpd
    [root@linuxprobe ~]# firefox
    
    10.6 Apache的访问控制
    [root@linuxprobe ~]# mkdir /var/www/html/server
    [root@linuxprobe ~]# echo "Successful" > /var/www/html/server/index.html
    
    [root@linuxprobe ~]# vim /etc/httpd/conf/httpd.conf
    ………………省略部分输出信息………………
    129 <Directory "/var/www/html/server">
    130 SetEnvIf User-Agent "Firefox" ff=1
    131 Order allow,deny
    132 Allow from env=ff
    133 </Directory>
    ………………省略部分输出信息………………
    [root@linuxprobe ~]# systemctl restart httpd
    [root@linuxprobe ~]# firefox
    
    [root@linuxprobe ~]# vim /etc/httpd/conf/httpd.conf
    ………………省略部分输出信息………………
    129 <Directory "/var/www/html/server">
    130 Order allow,deny 
    131 Allow from 192.168.10.20
    132 </Directory>
    ………………省略部分输出信息………………
    [root@linuxprobe ~]# systemctl restart httpd
    [root@linuxprobe ~]# firefox
    
  • 相关阅读:
    获取窗口句柄
    人生路上要懂得“刹车”(转)
    关于打开外部程序并且发送一个按键消息 (转)
    CString 和 char * 的相互转换
    iOS开发之了解iPhone中Get和Post方式(转)
    一些简单的Python代码,尝尝Python啥味道 (转)
    iphone 使用委托(delegate)在不同的窗口之间传递数据(转)
    UITextView控件的用法详解 (转)
    iPhone起步1: "Hello,World!" in iPhone Development (转)
    【引用】iphone xml解析流程
  • 原文地址:https://www.cnblogs.com/gerenboke/p/12618856.html
Copyright © 2011-2022 走看看