apache罗列
[*] restorecon -Rv /srv/恢复http权限(如果默认不是http的,可以用semanage fcontext)
[*] /etc/httpd/conf.d/00vhost.conf
DocumentRoot /srv/default/www
CustomLog "logs/default-vhost.log" combined
Require all granted
[*] /etc/httpd/conf.d/01vhost.conf
ServerName www0.example.com
DocumentRoot /srv/www0.example.com/www
ServerAlias www0
CustomLog "logs/www0.example.com.log" combined
Require all granted
[*] 自动跳转的ssl
ServerName demo.example.com
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/demo.example.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/demo.example.com.key
SSLCertificateChainFile /etc/pki/tls/certs/example-ca.crt
DocumentRoot /srv/www0/www
Require all granted
ServerName www0.example.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_POST}$1
[*] ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
apache user and group
selinux:httpd_sys_script_exec_t
[*] serving php:
mod_php
SetHandler application/x-httpd-php
DirectoryIndex index.php
[*] serving phython:
WSGIScriptAlias /myapp/ /srv/myapp/www/myapp.py
[*] connect db
如果数据库用remote host,selinux里httpd_can_network_connect_db需要设置为1
[*] 如果不是一个常用的数据库端口,
httpd_can_network_connect = 1
页:
[1]