zoukankan      html  css  js  c++  java
  • Apache的安装部署 2(加密认证 ,网页重写 ,搭建论坛)

    一.http和https的基本理论知识
    1. 关于https:
    HTTPS(全称:Hypertext Transfer Protocol Secure,超文本传输安全协议),是以安全为
    目标的HTTP通道,即HTTP的安全版。HTTP下加入SSL层,HTTPS的安全基础是SSL,因此加密的详细
    内容就需要SSL。 它是一个URI scheme(抽象标识符体系),句法类同http体系。用于安全的HTTP
    数据传输。https:URL表明它使用了HTTP,但HTTPS存在不同于HTTP的默认端口及一个加密/身份验
    证层(在HTTP与TCP之间)。

    2.http与https的区别
    HTTP协议传输的数据都是未加密的,也就是明文的,因此使用HTTP协议传输隐私信息非常不安全,
    为了保证这些隐私数据能加密传输,于是网景公司设计了SSL(Secure Sockets Layer)协议用于
    对HTTP协议传输的数据进行加密,从而就诞生了HTTPS。即HTTPS协议是由SSL+HTTP协议构建的可
    进行加密传输、身份认证的网络协议,要比http协议安全。

    HTTPS和HTTP的区别主要如下:
      
      (1)https协议需要到ca申请证书,一般免费证书较少,需要一定费用。
      (2)http是超文本传输协议,信息是明文传输,https则是具有安全性的ssl加密传输协议。
      (3)http和https使用的是完全不同的连接方式,用的端口也不一样,前者是80,后者是443。
      (4)http的连接很简单,是无状态的;HTTPS协议是由SSL+HTTP协议构建的可进行加密传输、身份认证的网络协议,比http协议安全。

    二.具体实现
    1.加密认证
    没有加密之前,访问https不能访问


    [root@apache-server ~# cd /etc/httpd/conf.d
    [root@apache-server conf.d]# yum install -y mod_ssl # 用mod_ssl来实现https
    [root@apache-server conf.d]# ls # 会生成一个文件


    [root@apache-server conf.d]# systemctl restart httpd

    有了加密软件之后,就可以通过证书来进行访问

     

     

     

     

    上面的证书是系统自己生成的,可是我想自己制作证书,以下操作是我自己在生成证书

     

     


    [root@apache-server conf.d]# yum install -y crypto-utils # 此软件提供加密工具
    [root@apache-server conf.d]# genkey www.westos.com # 生成该网页的证书和密钥

     

     

     

     

     

     

     

     

    [root@apache-server conf.d]# vim ssl.conf # 把生成的证书和密钥写进文件里
    101 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
    109 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
    [root@apache-server conf.d]# systemctl restart httpd  


    打开浏览器访问

     

     

     


    虽然加密成功了,但是在网页上必须输入https://172.25.254.142才可以进行访问,不能自动跳转,接下来我们来优化一下,让它自己跳转

    2.网页重写
    [root@apache-server conf.d]# cd /var/www/
    [root@apache-server www]# ls
    cgi-bin html wetos.com
    [root@apache-server www]# cd wetos.com/
    [root@apache-server wetos.com]# ls
    music news
    [root@apache-server wetos.com]# mkdir login/html/ -p
    [root@apache-server wetos.com]# vim login/html/index.html
    1 this is login's page
    [root@apache-server wetos.com]# cd /etc/httpd/conf.d/
    [root@apache-server conf.d]# vim login.conf
    1 <VirtualHost *:443>
    2 SSLEngine on
    3 ServerName login.westos.com
    4 DocumentRoot /var/www/westos.com/login/html
    5 CustomLog logs/login.log combined
    6 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
    7 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
    8 </VirtualHost>
    9 <Directory "/var/www/westos.com/login/html">
    10 Require all granted
    11 </Directory>
    12 <VirtualHost *:80>
    13 ServerName login.westos.com
    14 RewriteEngine on
    15 RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=302]
    16 </VirtualHost>


    [root@apache-server conf.d]# systemctl restart httpd

    [root@foundation78 Desktop]# vim /etc/hosts # 写解析
    172.25.254.142 www.westos.com news.westos.com music.westos.com login.westos.com

    在浏览器上测试

    3.搭建论坛
    [root@apache-server conf.d]# mkdir -p /var/www/westos.com/bbs/html/
    [root@apache-server conf.d]# cd /var/www/westos.com/bbs/html
    [root@apache-server html]# ls # 获取论坛模版的压缩包
    Discuz_X3.2_SC_UTF8.zip
    [root@apache-server html]# unzip Discuz_X3.2_SC_UTF8.zip # 解压
    [root@apache-server html]# ls
    Discuz_X3.2_SC_UTF8.zip readme upload utility
    [root@apache-server html]# cd readme/
    [root@apache-server readme]# ls
    changelog.txt convert.txt license.txt readme.txt upgrade.txt
    [root@apache-server readme]# less readme.txt


    [root@apache-server readme]# cd ..
    [root@apache-server html]# cd upload/
    [root@apache-server upload]# ls
    admin.php connect.php forum.php member.php search.php uc_serverapi cp.php group.php misc.php source userapp.phpapi.php crossdomain.xml home.php plugin.php staticarchiver data index.php portal.php templateconfig favicon.ico install robots.txt uc_client
    [root@apache-server upload]# chmod -R 777 config
    [root@apache-server upload]# chmod -R 777 data
    [root@apache-server html]# cd /etc/httpd/conf.d/
    [root@apache-server conf.d]# vim bbs.conf
    1 <VirtualHost *:80>
    2 ServerName bbs.westos.com
    3 DocumentRoot /var/www/westos.com/bbs/html
    4 CustomLog logs/bbs.log combined
    5 </VirtualHost>
    6 <Directory "/var/www/westos.com/bbs/html">
    7 Require all granted
    8 </Directory>


    [root@apache-server conf.d]# systemctl restart httpd
    1
    [root@foundation78 ~]# vim /etc/hosts
    172.25.254.142 bbs.westos.com

    再次进行访问

     

     

     

    [root@apache-server conf.d]# getenforce
    Enforcing
    [root@apache-server conf.d]# setenforce 0 # 把selinux设置成为警告模式

    刷新网页

     


    [root@apache-server conf.d]# cd /var/www/westos.com/bbs/html/
    [root@apache-server html]# ls
    Discuz_X3.2_SC_UTF8.zip readme upload utility
    [root@apache-server html]# cd upload/
    [root@apache-server upload]# ls
    admin.php connect.php forum.php member.php search.php uc_serverapi cp.php group.php misc.php source userapp.phpapi.php crossdomain.xml home.php plugin.php staticarchiver data index.php portal.php templateconfig favicon.ico install robots.txt uc_client

    [root@apache-server upload]# chmod -R 777 uc_client uc_server


    刷新网页

     

    [root@apache-server upload]# yum install -y mariadb-server
    [root@apache-server upload]# vim /etc/my.cnf
    10 skip-networking=1
    [root@apache-server upload]# systemctl start mariadb
    [root@apache-server upload]# netstat -antlp | grep mysql
    [root@apache-server upload]# mysql_secure_installation
    [root@apache-server upload]# php -m # 发现php不支持mysql
    [root@apache-server upload]# yum install -y php-mysql
    [root@apache-server upload]# systemctl restart httpd

    刷新网页

     

     

     

     

     

     

     


    论坛搭建成功

  • 相关阅读:
    phpexcel读取excel文件
    laravel的表单验证(下面有些信息未验证,转的)
    Laravel框架学习(Response)
    laravel文件存储Storage
    Laravel 5 教程
    js中substring和substr的用法
    jquery 规范
    总结oninput、onchange与onpropertychange事件的用法和区别
    jquery 选择器的总结
    jquery选择器中的find和空格,children和>的区别、及父节点兄弟节点,还有判断是否存在的写法
  • 原文地址:https://www.cnblogs.com/guarderming/p/11957854.html
Copyright © 2011-2022 走看看