####apache服務####
[root@web-1 ~]# yum install httpd -y
[root@web-1 html]# yum install httpd-manual -y
更改默認方文件
[root@web-1 html]# vim /etc/httpd/conf/httpd.conf
163 DirectoryIndex file index.html
[root@mailwestos ~]# cd /var/www/html/
[root@mailwestos html]# vim file
www.westos.com
[root@mailwestos html]# systemctl restart httpd.service
測試
[kiosk@foundation40 Desktop]$ ssh -X [email protected]
[root@maillinux ~]# firefox
輸入ip後將自動讀取/var/www/html/file 文件
顯示 www.westos.com
更改默認方目錄
[root@web-1 html]# mkdir /www/westos -p
[root@web-1 html]# semanage fcontext -a -t httpd_sys_content_t '/www/westos(/*)?' ##修改安全上下文
[root@web-1 html]# restorecon -RvvF /www/
restorecon reset /www context unconfined_u:object_r:default_t:s0->system_u:object_r:default_t:s0
restorecon reset /www/westos context unconfined_u:object_r:default_t:s0->system_u:object_r:httpd_sys_content_t:s0
[root@web-1 html]# cd /www/westos/
[root@web-1 westos]# vim index.html
www.westos.com.paseages
[root@web-1 westos]# ls -Z
-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 index.html
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
119 #DocumentRoot "/var/www/html"
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 Require all granted
123 </Directory>
[root@web-1 westos]# systemctl restart http
測試:
可以選擇一臺機子測試,進入firefox後 輸入ip 便可以看到顯示的內容爲
www.westos.com.paseages
2. 設置用戶使用權限
(1)除209外其他用戶均可使用
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 Require all granted
123 Order Allow,Deny
124 Allow from All
125 Deny from 172.25.254.209
126 </Directory>
[root@web-1 westos]# systemctl restart http
(2)所有用戶均可使用
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 Require all granted
123 Order Deny,Allow
124 Allow from ALL
125 Deny from 172.25.254.209
[root@web-1 westos]# systemctl restart http
(3)除9外其他均不可使用
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 Require all granted
123 Order Deny,Allow
124 Allow from 172.25.254.9
125 Deny from ALL
用戶認證
[root@web-1 httpd]# htpasswd -cm htpasswdfile admin ##創建新用戶
New password:
Re-type new password:
Adding password for user admin
[root@web-1 httpd]# htpasswd -m htpasswdfile westos ##再次創建用戶時不加參數c,不然會覆蓋前一個用戶信息
New password:
Re-type new password:
Adding password for user westos
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 # Require all granted
123 AllowOverride All
124 Authuserfile /etc/httpd/htpasswdfile
125 Authname "Please input username and passwd"
126 Authtype basic
127 Require user admin ##只允許admin訪問
128 </Directory>
[root@web-1 httpd]# systemctl restart httpd
[root@web-1 westos]# vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 # Require all granted
123 AllowOverride All
124 Authuserfile /etc/httpd/htpasswdfile
125 Authname "Please input username and passwd"
126 Authtype basic
127 Require valid-user ##允許所建立的所有用戶訪問
128 </Directory>
[root@web-1 httpd]# systemctl restart httpd
2.創建虛擬機
[root@web-1 ~]# cd /var/www/html/
[root@web-1 ~]# vim index.html
www.westos.com
[root@web-1 ~]# mkdir /var/www/virtual/news.westos.com/html -p ##建立虛擬機訪問的目錄
[root@web-1 ~]# cd /var/www/virtual/news.westos.com/html
[root@web-1 html]# vim index.html
[root@web-1 html]# mkdir /var/www/virtual/music.westos.com/html -p
[root@web-1 html]# cd /var/www/virtual/music.westos.com/html
[root@web-1 html]# vim index.html
[root@web-1 html]# cd /etc/httpd/conf.d/
[root@web-1 conf.d]# vim default.conf
<Virtualhost _default_:80>
Documentroot /var/www/html
Customlog "logs/default.log" combined
</Virtualhost>
<Directory "/var/www/html">
Require all granted
</Directory>
[root@web-1 conf.d]# vim news.conf
<Virtualhost *:80>
Servername news.westos.com
Documentroot /var/www/virtual/news.westos.com/html
Customlog "logs/default.log" combined
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html">
Require all granted
</Directory>
[root@web-1 conf.d]# vim music.conf
<Virtualhost *:80>
Servername music.westos.com
Documentroot /var/www/virtual/music.westos.com/html
Customlog "logs/default.log" combined
</Virtualhost>
<Directory "/var/www/virtual/music.westos.com/html">
Require all granted
</Directory>
[root@web-1 conf.d]# systemctl restart httpd.service
測試機上的更改
vim /etc/hosts
172.25.254.109 www.westos.com westos.com news.westos.com music.westos.com
https
做https時要先將原來的設置恢復
[root@web-1 conf.d]# vim /etc/httpd/conf/httpd.conf
119 DocumentRoot "/var/www/html"
120 #DocumentRoot "/www/westos"
122-128刪除
[root@web-1 conf.d]# yum install mod_ssl -y ##安裝加密模塊
[root@web-1 conf.d]# yum install crypto-utils -y ##安裝服務製作證書
[root@web-1 conf.d]# genkey www.westos.com ##生成證書與鑰匙
/usr/bin/keyutil -c makecert -g 1024 -s "CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN" -v 1 -a -z /etc/pki/tls/.rand.9611 -o /etc/pki/tls/certs/www.westos.com.crt -k /etc/pki/tls/private/www.westos.com.key
cmdstr: makecert
cmd_CreateNewCert
command: makecert
keysize = 1024 bits
subject = CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN
valid for 1 months
random seed from /etc/pki/tls/.rand.9611
output will be written to /etc/pki/tls/certs/www.westos.com.crt
output key written to /etc/pki/tls/private/www.westos.com.key
Generating key. This may take a few moments...
Made a key
Opened tmprequest for writing
/usr/bin/keyutil Copying the cert pointer
Created a certificate
Wrote 882 bytes of encoded data to /etc/pki/tls/private/www.westos.com.key
Wrote the key to:
/etc/pki/tls/private/www.westos.com.key
[root@web-1 conf]# cd /etc/httpd/conf.d
[root@web-1 conf.d]# vim ssl.conf ##編輯配置文件
100 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##證書
107 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key ##鑰匙
[root@web-1 conf.d]# systemctl restart httpd.service
在真機上測試
打開firefox 輸入 https://172.25.254.109
shift+ctrl+delect 是刪除歷史記錄