欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  科技

HTTP实验:分别使用httpd-2.2和httpd-2.4实现

程序员文章站 2022-06-05 21:00:57
1. 需求描述 2. 使用apache 2.4.6实现 2.1. 编译安装apache 2.4.6 参考 "Centos7编译安装apache 2.4.6" 2.2. /usr/local/apache2/httpd.conf配置 2.3. /usr/local/apache2/extra/http ......

1. 需求描述

1、建立httpd服务,要求:
    (1) 提供两个基于名称的虚拟主机:
       www1.stux.com,页面文件目录为/web/vhosts/www1;错误日志为/var/log/httpd/www1/error_log,访问日志为/var/log/httpd/www1/access_log;
       www2.stux.com,页面文件目录为/web/vhosts/www2;错误日志为/var/log/httpd/www2/error_log,访问日志为/var/log/httpd/www2/access_log;
    (2) 通过www1.stux.com/server-status输出其状态信息,且要求只允许提供账号的用户访问;
    (3) www1不允许192.168.1.0/24网络中的主机访问;
   
2、为上面的第2个虚拟主机提供https服务,使得用户可以通过https安全的访问此web站点;
    (1) 要求使用证书认证,证书中要求使用国家(cn),州(beijing),城市(beijing),组织为(mageedu);
    (2) 设置部门为ops, 主机名为www2.stux.com;

2. 使用apache 2.4.6实现

2.1. 编译安装apache 2.4.6

参考centos7编译安装apache 2.4.6

2.2. /usr/local/apache2/httpd.conf配置

serverroot "/usr/local/apache2"
listen 0.0.0.0:80
loadmodule authn_file_module modules/mod_authn_file.so
loadmodule authn_core_module modules/mod_authn_core.so
loadmodule authz_host_module modules/mod_authz_host.so
loadmodule authz_groupfile_module modules/mod_authz_groupfile.so
loadmodule authz_user_module modules/mod_authz_user.so
loadmodule authz_core_module modules/mod_authz_core.so
loadmodule access_compat_module modules/mod_access_compat.so
loadmodule auth_basic_module modules/mod_auth_basic.so
loadmodule socache_shmcb_module modules/mod_socache_shmcb.so
loadmodule reqtimeout_module modules/mod_reqtimeout.so
loadmodule filter_module modules/mod_filter.so
loadmodule mime_module modules/mod_mime.so
loadmodule log_config_module modules/mod_log_config.so
loadmodule env_module modules/mod_env.so
loadmodule headers_module modules/mod_headers.so
loadmodule setenvif_module modules/mod_setenvif.so
loadmodule version_module modules/mod_version.so
loadmodule ssl_module modules/mod_ssl.so
loadmodule mpm_worker_module modules/mod_mpm_worker.so
loadmodule unixd_module modules/mod_unixd.so
loadmodule status_module modules/mod_status.so
loadmodule autoindex_module modules/mod_autoindex.so
loadmodule dir_module modules/mod_dir.so
loadmodule alias_module modules/mod_alias.so
<ifmodule unixd_module>
</ifmodule>
<virtualhost 10.207.51.53:80>
    servername www1.stux.com
    documentroot "/web/vhosts/www1"
    <location /server-status>
        sethandler server-status
        authtype basic
        authname "admin area, please enter username and passwd"
        authuserfile "/web/vhosts/www1-passwd"    
        require user allen barry
    </location>
    <directory /web/vhosts/www1>
        options indexes
        allowoverride none
        <requireall>
        require not ip 192.168.1.0/24
        require all granted
        </requireall>
    </directory>
    errorlog /var/log/httpd/www1/error_log
    customlog /var/log/httpd/www1/access_log combined
</virtualhost>
documentroot "/usr/local/apache2/htdocs"
<ifmodule dir_module>
    directoryindex index.html
</ifmodule>
loglevel warn
<ifmodule log_config_module>
    logformat "%h %l %u %t \"%r\" %>s %b \"%{referer}i\" \"%{user-agent}i\"" combined
    logformat "%h %l %u %t \"%r\" %>s %b" common
    <ifmodule logio_module>
      logformat "%h %l %u %t \"%r\" %>s %b \"%{referer}i\" \"%{user-agent}i\" %i %o" combinedio
    </ifmodule>
    customlog "logs/access_log" common
</ifmodule>

include /etc/httpd/extra/httpd-mpm.conf
include /etc/httpd/extra/httpd-ssl.conf

2.3. /usr/local/apache2/extra/httpd-ssl.conf配置

listen 443 https
sslciphersuite high:medium:!anull:!md5
<virtualhost _default_:443>
documentroot "/web/vhosts/www2"
servername www2.stux.com:443
errorlog "/var/log/httpd/www2/ssl/error_log"
transferlog "/var/log/httpd/www2/ssl/access_log"
<directory /web/vhosts/www2>
        options indexes
        allowoverride none
        require all granted
        </directory>
sslengine on
sslcertificatefile "/web/vhosts/certificate/stux.httpd.crt"
sslcertificatekeyfile "/etc/pki/ca/private/private.key"
customlog "/var/log/httpd/www2/ssl/access_log" \
          "%t %h %{ssl_protocol}x %{ssl_cipher}x \"%r\" %b"
</virtualhost>  

2.4. 测试效果

HTTP实验:分别使用httpd-2.2和httpd-2.4实现
HTTP实验:分别使用httpd-2.2和httpd-2.4实现
HTTP实验:分别使用httpd-2.2和httpd-2.4实现