Apache服务
1.yum install httpd -y
2.yum install httpd-manual -y#安装手册
3.systemctl start httpd
一.修改默认的发布目录
一般来说http服务的默认发布目录在/var/www/html页面中。首先读取首页index.html
如何修改:
1. vim /etc/httpd/conf/httpd.conf
119 # DocumentRoot "/var/www/html"#将原来的默认发布目录注释。方便恢复
120 DocumentRoot "/www/lyitx"#指定新的默认发布目录
121
122 Require all granted#允许所有人访问
123
2.创建目录
mkdir -p /www/lyitx
cd /www/lyitx
vim index.html
内容不限制
这里是lyitx目录
重启服务
Systemctl restart httpd
测试:
在火狐浏览器中输入:
172.25.254.66/index.html
实验成功
2.设置ip访问权限
A.访问黑名单-禁止某个ip访问
vim /etc/httpd/conf/httpd.conf
在之前修改的文件上修改
121
122 Require all granted
123 Order Allow,Deny#系统默认先读前面的Allow,再读Deny
124 Allow from All#允许所有人访问
125 Deny from 172.25.254.50#除了50主机
126
Require all granted
Order Allow,Deny
Allow from All
Deny from 172.25.254.0/24
如此设置:允许除了172.25.254.x网段的所有ip访问
Require all granted
Order Deny,Allow#先读去前面的deny-拒绝所有人,再允许50主机
Deny from All
Allow from 172.25.254.50
cmd_CreateNewCert
command: makecert
keysize = 1024 bits
subject = CN=www.lyitx.com, OU=linux, O=lyitx, L=xi'an, ST=shannxi, C=CN
valid for 1 months
random seed from /etc/pki/tls/.rand.9611
output will be written to /etc/pki/tls/certs/www.lyitx.com.crt
output key written to /etc/pki/tls/private/www.lyitx.com.key
Generating key. This may take a few moments...
Made a key
Opened tmprequest for writing
/usr/bin/keyutil Copying the cert pointer
Created a certificate
Wrote 882 bytes of encoded data to /etc/pki/tls/private/www.lyitx.com.key
Wrote the key to:
/etc/pki/tls/private/www.lyitx.com.key
cd /etc/httpd/conf.d
vim ssl.conf
100 SSLCertificateFile /etc/pki/tls/certs/www.lyitx.com.crt
107 SSLCertificateKeyFile /etc/pki/tls/private/www.lyiyx.com.key
systemctl restart httpd.service