今天我來給大家分享一下在Linux下搭建web服務器
1、安裝包
yum install httpd
安裝完成後我們會在/etc目錄下看到有一個httpd的目錄
我們的默認文件存放位置在/var/www/html
然後修改我們的注配置文件
vim /etc/httpd/conf/httpd.conf ServerName 自己的主機名:80
表示服務名稱爲自己的主機名,監聽在80端口
然後就可以建文件了
vim /var/www/html/index.html hello
這就是我們的主頁文件了
然後我們開啓一下我的HTTP服務
service httpd start
然後我們就可以在另外一臺虛擬機上測試了
這就簡單的搭建好一臺web服務器了。
注:如果顯示無法連接,可能是你的防火牆給擋在牆外了,需要關閉防火牆才行。
2、創建基於文件的訪問控制
首先我們需要創建一個目錄
cd /var/www/html mkdir admin mkdir bbs vim bbs/index.html hello a vim /etc/httpd/conf/httpd.conf <Directory "/var/www/html/admin"> Options none Allowoverride AuthConfig AuthType Basic AuthName "Admin Area." AuthUserFile /etc/httpd/conf/.httpasswd Require valid-user </Directory>
然後做用戶名和密碼存放文件
htpasswd -c -m /etc/httpd/conf/.httpasswd tom tom tom htpasswd -m /etc/httpd/conf/.httpasswd jry jry jry
然後重讀一下配置文件
service httpd reload
當我們再次訪問時就會彈出輸入用戶名和密碼了
3、基於組的訪問控制配置
在2的基礎上,我們創建一個文件
vim /etc/httpd/conf/.httpgroup test:tom
添加test組,組成員爲tom,然後再編輯配置文件,把上個實例中的文件內容修改如下
vim /etc/httpd/conf/httpd.conf <Directory "/var/www/html/admin"> Options none Allowoverride AuthConfig AuthType Basic AuthName "Admin Area." AuthUserFile /etc/httpd/conf/.httpasswd AuthGroupFile /etc/httpd/conf/.httpgroup Require group test </Directory>
然後重讀配置文件
service httpd reload
然後我們分別登陸tom和jry查看
4、基於端口做虛擬主機
編輯主配置文件
vim /etc/httpd/conf/httpd.conf 添加 Listen 8080 開啓監聽8080端口 #DocumentRoot "/var/www/html" 註釋掉中心主機配置,這樣虛擬主機配置才能生效 <VirtualHost 172.16.249.29:80> ServerName www.jsh.com DocumentRoot "/web/hosta" </VirtualHost> <VirtualHost 172.16.249.29:8080> ServerName www.jsh.com DocumentRoot "/web/hostb" </VirtualHost>
配置文件語法檢查
httpd -t
創建對應的目錄,並提供頁面文件
mkdir -pv /web/host{a,b}
vim /web/hosta/index.html
hello hosta
vim /web/hostb/index.html
hello hostb然後重讀配置文件
service httpd restart
然後就可以測試了
5、基於IP的虛擬主機
步驟跟4實例中的一樣,只用把第二個IP地址改爲其他IP即可,並把8080端口改爲80。
6、基於ssl的配置
首先我們需要自建CA [root@jsh ~]# cd /etc/pki/CA/ 生成密鑰文件 [root@jsh CA]# (umask 077; openssl genrsa -out private/cakey.pem 2048) 創建自簽證書 [root@jsh CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 1000 You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:Henan Locality Name (eg, city) [Default City]:ZZ Organization Name (eg, company) [Default Company Ltd]:jsh Organizational Unit Name (eg, section) []:ops Common Name (eg, your name or your server's hostname) []:caserver.jsh.com Email Address []: 初始化 [root@jsh CA]# touch serial index.txt [root@jsh CA]# echo 00 > serial 在另外一臺http服務器上創建密鑰文件 [root@jsh ~]# cd /etc/httpd/ [root@jsh httpd]# mkdir ssl [root@jsh httpd]# cd ssl [root@jsh ssl]# (umask 077; openssl genrsa -out httpd.key 1024) 生成請求證書 [root@jsh ssl]# openssl req -new -key httpd.key -out httpd.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:Henan Locality Name (eg, city) [Default City]:ZZ Organization Name (eg, company) [Default Company Ltd]:jsh Organizational Unit Name (eg, section) []:ops Common Name (eg, your name or your server's hostname) []:jsh Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: 簽署證書 [root@jsh ssl]# openssl ca -in httpd.csr -out httpd.crt -days 1000 編輯配置文件 [root@jsh ssl]# cd /etc/httpd/conf.d/ [root@jsh conf.d]# vim ssl.conf 修改監聽端口爲443 SSLCertificateFile/etc/httpd/ssl/httpd.crt SSLCertificateKeyFile/etc/httpd/ssl/httpd.key DocumentRoot "/web/vhosta" [root@jsh conf.d]# 好啦,這樣就完成了!!!