apache advanced configuration

This article mainly introduces the advanced configuration of apache, which has certain reference value. Now I share it with you. Friends in need can refer to it

1. Installation

• ##yum install httpd -y ##Installation

• firewall-cmd --permanent --add-service=http ##Firewall configuration

• systemctl restart firewalld ##Restart the firewall

2. Configuration file /etc/httpd/conf/httpd.conf

## During the experiment, pay attention to the consistency of the security context,

DocumentRoot "/var/www/html" ##Default publishing directory

##DirectoryIndex index.html ##Default publish file

Open by default

Change the default publish directory Change the default publish file for /var/www/

# to text

##Edit the file text and write the content

##The default open file becomes the text we set

#3. Virtual host

Usually there are many subdomains under a parent domain, and each subdomain has different functions. Therefore, when accessing each subdomain, you should access the files of the subdomain, so the virtual host allows you to access the files from the subdomain. An httpd server serves multiple websites at the same time. In this section, we will learn about name-based virtual hosting where multiple hostnames all point to the same IP address, but the web server serves different websites with different content based on the hostname used to reach the site

• After reverting the changes from the previous step.

#Create directories, publishing directories for different subdomains.

Configuration/etc/hosts

Edit http configuration file

##default.conf

##music.conf

##news.conf

Restart the service and access different files when accessing different domain names.

-------------------------------- ------------------

----------------- --------------------------------

----------------------------- ---------------

--------------------------------------------- -----

4. Authentication

Setting 172.25.254.11 does not allow access

Read allow first, then deny. Deny will overwrite some of allow’s permissions

##Effect

------------------------------------------------ ---

2. Virtual user access control

1. In /etc/httpd/ Create a user in the directory and generate user files.

It can be seen that the file has two users.

2. Configure the httpd configuration file and associate the user file.

require user lee Only user lee is allowed to log in.

test

User lee can log in normally, but user haha ​​cannot log in.

#-- ----------------------------------------

5. Https

• Https automatically encrypts data when accessing, for the security of network data transmission

• For HTTPS access, you need to install mod_ssl

  
  

##yum install mod_ssl

At this time, the configuration directory automatically generates the ssl.conf configuration file

• 
  

When accessing, it says that the website certificate is not trustworthy.

##Generate certificate.

• First install the software crypto-utils.x86_64

• ##yum install crypto-utils. x86_64

• Certificate Production

##Tell us the generated path

Then the number of secret history bits, choose the fastest 1024 bits

Then comes the generation process, which may take a while.

After finishing, this is the step. Whether to send it to CA for certification, select No.

Whether to encrypt the private key, next.

Fill in the information, next, and it’s ok

• ##Two files were generated

/etc/pki/tls/certs/www.westos.com.crt/etc/pki/tls/private/www.westos.com.key

Configure ssl.conf

##Add a certificate to the website and click add execption

##Click get certificate, then click confirm security exception

It’s ok, the website certificate is the one we just generated.

##6. Https address conversion

1. Configuration /etc/httpd/conf.d/login.conf http configuration file

Create /var/ www/html/login Create the default publishing file/var/www/html/login/index.html

Modify /etc/hosts

## and then restart Service, give the web page login.westos.com the certificate just now,

and then log in to http://login.westos.com and it will automatically jump to https://login.westos.com page.

----------------------- --------------------------

7. Proxy server Squid

Forward proxy

• ##yum install squid

• vim /etc/squid/squid.conf

##Then other hosts can set the proxy to the squid server ip:3128 port to access the Internet through the squid server, which is generally used to circumvent the wall.

Reverse proxy, (equivalent to proxy apache server)

• Configuration/etc /squid/squid.conf

• Be careful to configure the firewall to pass the http service

Then the 172.25.254.111 browser accesses the Squid server address and will get the content published on 172.25.254.11 of apache.

--------------------- --------------------------------------------------
8. Build a forum

##Install php, mod_ssl, http, php-mysql , mariadb-server

• Put the forum data package in the httpd default directory and unzip it. Discuz_X3.2_SC_UTF8.zip (This is what I downloaded)

• ##chmod 777 upload/ -R #Add permissions

  
  

• systemctl restart httpd.service

  
  

  ##Visit http://172.25.254.108/upload for web installation

• The upload folder is generated after decompression
  

Log in to the web page 172.25.254.11/upload

## and then detect each In this software situation, when everything is passed, click Next,

##Click Next

Configure mysql information.

Installing

You can access it after installation.

The above is the entire content of this article, thank you for reading. Please pay attention to the PHP Chinese website for more information!

Related recommendations:

Detailed explanation of centos installation apache and php

Detailed explanation of the relationship and role of php and apache

The above is the detailed content of apache advanced configuration. For more information, please follow other related articles on the PHP Chinese website!