apache服务(二)
####apache服务(二)####1.网页重写与虚拟主机的https
# cd /etc/httpd/conf.d/
# firewall-cmd --permanent --add-service=http
success
# firewall-cmd --permanent --add-service=https
success
# firewall-cmd --reload
success
# vim music.conf
Servername music.westos.com
RewriteEngine on 允许网页重写
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 ##重写为https
Require all granted ##授权
##443端口
Servername music.westos.com
Documentroot /var/www/virtual/music.westos.com/html
Customlog "logs/default-443.log" combined ##产生的日志放在logs/default-443.log 下
SSLEngine on ##开启认证
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##证书
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key ##钥匙
# vim news.conf
Servername news.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1
Require all granted
Servername news.westos.com
Documentroot /var/www/virtual/news.westos.com/html
Customlog "logs/news-443.log" combined
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
# systemctl restart httpd
测试机操作
# vim /etc/hosts
172.25.254.109 www.westos.com westos.com news.westos.com music.westos.com
打开firefox输入http://music.westos.com 会自动跳转为https://music.westos.com.
php
# vim index.php
# vim /etc/httpd/conf/httpd.conf ##编辑配置文件在163行添加index.php
163 DirectoryIndex index.php index.html ##apache默认读取的文件是index.php
# chmod +x /var/www/html ##给/var/www/html添加执行权限
# systemctl restart httpd.service ##重启服务
2.cgi通用网管接口
# mkdir cgi ##建立cgi目录
# yum install http-manual -y ##下载http手册
# cd cgi/
# vim index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;
# cd /etc/httpd/conf.d/
# vim default.conf
DocumentRoot /var/www/html
Customlog "logs/default.log" combined
Options +ExecCGI
AddHandler cgi-script .cgi
# chmod +x /var/www/html/cgi/*
# semanage fcontext -a -t httpd_sys_script_exec_t '/var/www/html/cgi/(/.*)?' ##设置安全上下文
# restorecon -RvvF /var/www/html/cgi/ ##刷新标签
# systemctl restart httpd.service ##重启httpd服务
论坛
# yum install mariadb -y安装数据库
若没有安装数据库,安装后要进行安全设置。因为一般情况下我们不会把数据库的端口裸露在外,所以要隐藏端口。
# vim /etc/my.cnf
10 skip-networking=1 ##隐藏数据库端口
# netstat -antlpe | grep mariadb##查看数据库开放端口
# setenforce 0 ##selinux改为警告模式
# systemctl start mariadb##开启数据库
下载论坛安装包
Discuz_X3.2_SC_UTF8.zip
# unzip Discuz_X3.2_SC_UTF8.zip
解压后进入
# chmod 777 upload/ -R
接下来进入到到浏览器按照提示进行操作。
suqid 正向代理
当你所在的主机不能访问到你所访问到的内容时,可以设置一个代理服务器,这个代理服务器上必须有你所需要的内容,这是你就可以通过代理主机
squid反向代理服务
在操作前要先卸载httpd服务,我们这台机子作为代理服务器,
# yum install squid -y
# systemctl start squid
# vim /etc/squid/squid.conf
56 http_access allow all
59 http_port 80 vhost vport
60 cache_peer 172.25.254.3 parent 80 0 no-query originserver round-robin name=w eb1
61 cache_peer 172.25.254.4 parent 80 0 no-query originserver round-robin name=w eb2
62 cache_peer_domain web1 web2 www.bili.com
## 配置文件中添加的内容在/usr/share/doc/squid-3.3.8/squid.conf.documented 中都有)
# systemctl restart squid
页:
[1]