restorecon -Rv /srv/ 恢復http權限(如果默認不是http的,可以用semanage fcontext)
/etc/httpd/conf.d/00vhost.conf
<VirtualHost *:80>
DocumentRoot /srv/default/www
CustomLog "logs/default-vhost.log" combined
</VirtualHost>
<Directory /srv/default/www>
Require all granted
</Directory>
/etc/httpd/conf.d/01vhost.conf
<VirtualHost *:80>
ServerName www0.example.com
DocumentRoot /srv/www0.example.com/www
ServerAlias www0
CustomLog "logs/www0.example.com.log" combined
</VirtualHost>
<Directory /srv/www0.example.com/www>
Require all granted
</Directory>
自動跳轉的ssl
<VirtualHost *:443>
ServerName demo.example.com
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/demo.example.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/demo.example.com.key
SSLCertificateChainFile /etc/pki/tls/certs/example-ca.crt
DocumentRoot /srv/www0/www
</VirtualHost>
<Directory /srv/www0/www>
Require all granted
</Directory>
<VirtualHost *:80>
ServerName www0.example.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_POST}$1 [redirect=301]
</VirtualHost>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
apache user and group
selinux:httpd_sys_script_exec_t
serving php:
mod_php
<FilesMatch \.php$>
SetHandler application/x-httpd-php
</FilesMatch>
DirectoryIndex index.php
serving phython:
WSGIScriptAlias /myapp/ /srv/myapp/www/myapp.py
connect db
如果數據庫用remote host,selinux裏httpd_can_network_connect_db需要設置爲1
如果不是一個常用的數據庫端口,
httpd_can_network_connect = 1