标签:httpd 配置 usr apache 最新版 root example localhost
下载apr apr-util httpd 源码包
1 [root@localhost ~]# dnf -y install wget下载wget 2 [root@localhost ~]# wget https://downloads.apache.org/apr/apr-1.7.0.tar.gz 3 [root@localhost ~]# wget https://downloads.apache.org/apr/apr-util-1.6.1.tar.gz 4 [root@localhost ~]# wget https://downloads.apache.org/httpd/httpd-2.4.53.tar.gz 5 [root@localhost ~]# yum groups mark install "Development Tools" 6 看需要那些工具包
安装开发环境
1 [root@localhost ~]# useradd -r -M -s /sbin/nologin apache 2 [root@localhost ~]# id apache 创建一个apache系统用户不加目录不允许登录 3 uid=995(apache) gid=992(apache) 组=992(apache) 4 [root@localhost ~]# yum -y install openssl-devel pcre-devel expat-devel libtool 安装依赖包
解压apr apr-util httpd
1 [root@localhost ~]# ls 2 anaconda-ks.cfg apr-1.7.0.tar.gz apr-util-1.6.1.tar.gz httpd-2.4.53.tar.gz 3 [root@localhost ~]# tar xf apr-1.7.0.tar.gz 4 [root@localhost ~]# tar xf apr-util-1.6.1.tar.gz 5 [root@localhost ~]# tar xf httpd-2.4.53.tar.gz 6 [root@localhost ~]# ls 7 anaconda-ks.cfg apr-1.7.0 apr-1.7.0.tar.gz apr-util-1.6.1 apr-util-1.6.1.tar.gz httpd-2.4.53 httpd-2.4.53.tar.gz
安装编译apr
1 [root@localhost ~]# cd apr-1.7.0 2 [root@localhost apr-1.7.0]# ./configure --prefix=/usr/local/apr 3 configure: error: in `/root/apr-1.7.0': 报错 4 configure: error: no acceptable C compiler found in $PATH 5 处理 6 [root@localhost apr-1.7.0]# dnf -y install gcc gcc-c++ --allowerasing --nobest 7 [root@localhost apr-1.7.0]# ./configure --prefix=/usr/local/apr 8 rm: cannot remove 'libtoolT': No such file or directory 继续报错 9 [root@localhost apr-1.7.0]# dnf -y install vim 下载vim 10 [root@localhost apr-1.7.0]# vim configure 11 # $RM "$cfgfile" 注释掉或者删除 12 [root@localhost apr-1.7.0]# dnf -y install make 安装make 13 [root@localhost apr-1.7.0]# make -j 4 编译安装 14 [root@localhost apr-1.7.0]# make install
安装编译apr-util
1 [root@localhost apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr 编译子包的时候要告诉主包的位子 2 [root@localhost apr-util-1.6.1]# make -j 4 编译 3 [root@localhost apr-util-1.6.1]# make install 安装
安装编译apache
1 [root@localhost httpd-2.4.53]# ./configure --prefix=/usr/local/apache \ 2 > --enable-so \ 3 > --enable-ssl \ 4 > --enable-cgi \ 5 > --enable-rewrite \ 6 > --with-zlib \ 7 > --with-pcre \ 8 > --with-apr=/usr/local/apr \ 9 > --with-apr-util=/usr/local/apr-util/ \ 10 > --enable-modules=most \ 11 > --enable-mpms-shared=all \ 12 > --with-mpm=prefork 13 [root@localhost httpd-2.4.53]# make -j 4 14 [root@localhost httpd-2.4.53]# make install
设置环境变量,头文件,man文件
1 [root@localhost ~]# echo 'export PATH=/usr/local/apache/bin:$PATH' >/etc/profile.d/apache.sh 2 [root@localhost ~]# source /etc/profile.d/apache.sh 读以下 3 [root@localhost ~]# which httpd 生成httpd命令 4 /usr/local/apache/bin/httpd 5 [root@localhost ~]# which apachectl 生成apachectl命令 6 /usr/local/apache/bin/apachectl 7 [root@localhost ~]# ln -s /usr/local/apache/include/ /usr/include/apache 设置头文件 8 [root@localhost ~]# vim /etc/man_db.conf 设置man文档 9 MANDATORY_MANPATH /usr/local/apache/man
关闭防火墙
1 [root@localhost ~]# systemctl disable --now firewalld 2 Removed /etc/systemd/system/multi-user.target.wants/firewalld.service. 3 Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. 开机不自启,立马关闭 4 [root@localhost ~]# setenforce 0 关闭立即生效 5 [root@localhost ~]# getenforce 6 Permissive 7 [root@localhost ~]# vim /etc/selinux/config 8 SELINUX=disabled 修改之后下次重启就可以永久生效
启动服务
1 [root@localhost ~]# apachectl start 2 AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message 此处警告无视,等下处理 3 [root@localhost ~]# ss -antl 4 State Recv-Q Send-Q Local Address:Port Peer Address:Port Process 5 LISTEN 0 128 0.0.0.0:22 0.0.0.0:* 6 LISTEN 0 128 *:80 *:* 7 LISTEN 0 128 [::]:22 [::]:* 有80端口号
处理警告
1 [root@localhost conf]# vim httpd.conf 2 ServerName 注释取消掉 3 [root@localhost conf]# apachectl start 没有警告了 4 [root@localhost conf]# ss -antl 5 State Recv-Q Send-Q Local Address:Port Peer Address:Port Process 6 LISTEN 0 128 0.0.0.0:22 0.0.0.0:* 7 LISTEN 0 128 *:80 *:* 8 LISTEN 0 128 [::]:22 [::]:*
设置systemctl控制httpd
1 写一个服务文件 2 [root@localhost system]# ls sshd.service 3 sshd.service 复制一个叫httpd.生成service文件 4 [root@localhost system]# cp sshd.service httpd.service 5 [root@localhost system]# vim httpd.service 6 [Unit] 7 Description=httpd server daemon 8 After=network.target sshd-keygen.target 9 10 [Service] 修改成这样 11 Type=forking 12 EnvironmentFile=-/etc/sysconfig/sshd 13 ExecStart=/usr/local/apache/bin/apachectl start 14 ExecStop=/usr/local/apache/bin/apachectl stop 15 ExecReload=/bin/kill -HUP $MAINPID 16 17 [Install] 18 WantedBy=multi-user.target 19 [root@localhost system]# systemctl daemon-reload重新加载一下 20 [root@localhost system]# cd 21 [root@localhost ~]# systemctl status httpd 22 ● httpd.service - httpd server daemon 23 Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled) 24 Active: inactive (dead) 25 [root@localhost ~]# systemctl start httpd 26 [root@localhost ~]# ss -antl 27 State Recv-Q Send-Q Local Address:Port Peer Address:Port Process 28 LISTEN 0 128 0.0.0.0:22 0.0.0.0:* 29 LISTEN 0 128 *:80 *:* 30 LISTEN 0 128 [::]:22 [::]:* 31 [root@localhost ~]# systemctl enable httpd 32 Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service. 设置开机自启 33 [root@localhost ~]# systemctl status httpd 34 ● httpd.service - httpd server daemon 35 Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled) 36 Active: active (running) since Sun 2022-04-17 15:15:06 CST; 2min 48s ago 37 Main PID: 67806 (httpd) 38 Tasks: 6 (limit: 11175) 39 Memory: 4.2M 40 CGroup: /system.slice/httpd.service 41 ├─67806 /usr/local/apache/bin/httpd -k start 42 ├─67807 /usr/local/apache/bin/httpd -k start 43 ├─67808 /usr/local/apache/bin/httpd -k start 44 ├─67809 /usr/local/apache/bin/httpd -k start 45 ├─67810 /usr/local/apache/bin/httpd -k start 46 └─67811 /usr/local/apache/bin/httpd -k start 47 48 4月 17 15:15:06 localhost.localdomain systemd[1]: Starting httpd server daemon... 49 4月 17 15:15:06 localhost.localdomain systemd[1]: Started httpd server daemon.
配置虚拟主机 ip访问
1 [root@localhost ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf 虚拟主机文件 2 <VirtualHost *:80> 3 ServerAdmin webmaster@dummy-host.example.com 4 DocumentRoot "/usr/local/apache/docs/dummy-host.example.com" 5 ServerName dummy-host.example.com 6 ServerAlias www.dummy-host.example.com 7 ErrorLog "logs/dummy-host.example.com-error_log" 8 CustomLog "logs/dummy-host.example.com-access_log" common 9 </VirtualHost> 10 保留一个,后面的删除 11 <VirtualHost *:80> 12 DocumentRoot "/usr/local/apache/htdocs/test.example.com" 13 ServerName test.example.com 14 ErrorLog "logs/test.example.com-error_log"放错误日志 15 CustomLog "logs/test.example.com-access_log" common正确日志 16 修改成这样 17 [root@localhost ~]# vim /usr/local/apache/conf/httpd.conf 主配置文件 18 #Include conf/extra/httpd-vhosts.conf 取消注释让虚拟主机配置生效 19 [root@localhost ~]# systemctl restart httpd重启服务 20 [root@localhost ~]# systemctl status httpd 21 ● httpd.service - httpd server daemon 22 Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled) 23 Active: active (running) since Sun 2022-04-17 15:48:13 CST; 1min 19s ago 24 Process: 67870 ExecStop=/usr/local/apache/bin/apachectl stop (code=exited, status=0/SUCCESS) 25 Process: 67874 ExecStart=/usr/local/apache/bin/apachectl start (code=exited, status=0/SUCCESS) 26 Main PID: 67879 (httpd) 27 Tasks: 6 (limit: 11175) 28 Memory: 4.3M 29 CGroup: /system.slice/httpd.service 30 ├─67879 /usr/local/apache/bin/httpd -k start 31 ├─67880 /usr/local/apache/bin/httpd -k start 32 ├─67881 /usr/local/apache/bin/httpd -k start 33 ├─67882 /usr/local/apache/bin/httpd -k start 34 ├─67883 /usr/local/apache/bin/httpd -k start 35 └─67884 /usr/local/apache/bin/httpd -k start 36 37 4月 17 15:48:13 localhost.localdomain systemd[1]: Starting httpd server daemon... 38 4月 17 15:48:13 localhost.localdomain systemd[1]: Started httpd server daemon. 39 [root@localhost test.example.com]# echo "test page" > abc.html 40 [root@localhost test.example.com]# ls 41 abc.html 42 [root@localhost test.example.com]# mv abc.html index.html 43 [root@localhost test.example.com]# ls 44 index.html 网站首页的名字一定要叫index.html才可以直接访问
刷新就可以看到内容
相同ip不同端口号访问
1 [root@localhost htdocs]# cd blog.example.com/ 另外一个网站 2 [root@localhost blog.example.com]# echo "bolg page" > index.html 3 [root@localhost ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf 写blog的配置文件 4 <VirtualHost *:80> 5 DocumentRoot "/usr/local/apache/htdocs/test.example.com" 6 ServerName test.example.com 7 ErrorLog "logs/test.example.com-error_log" 8 CustomLog "logs/test.example.com-access_log" common 9 </VirtualHost> 10 Listen 81加一给监听 11 <VirtualHost *:81> 配置一个新的81端口号 12 DocumentRoot "/usr/local/apache/htdocs/blog.example.com" 13 ServerName blog.example.com 14 ErrorLog "logs/blog.example.com-error_log" 15 CustomLog "logs/blog.example.com-access_log" common 16 </VirtualHost> 17 [root@localhost ~]# systemctl restart httpd重启服务 18 [root@localhost ~]# ss -antl 19 State Recv-Q Send-Q Local Address:Port Peer Address:Port Process 20 LISTEN 0 128 0.0.0.0:22 0.0.0.0:* 21 LISTEN 0 128 *:80 *:* 22 LISTEN 0 128 *:81 *:* 23 LISTEN 0 128 [::]:22 [::]:* 80 81端口号都有了
默认是80端口号,:加上81就是81端口号
不同ip相同端口号
1 [root@localhost ~]# ip addr add 192.168.149.84/24 dev ens33 2 [root@localhost ~]# ip a s ens33 3 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 4 link/ether 00:0c:29:bc:11:bf brd ff:ff:ff:ff:ff:ff 5 inet 192.168.149.85/24 brd 192.168.149.255 scope global noprefixroute ens33 6 valid_lft forever preferred_lft forever 7 inet 192.168.149.84/24 scope global secondary ens33 8 valid_lft forever preferred_lft forever 9 inet6 fe80::20c:29ff:febc:11bf/64 scope link 10 valid_lft forever preferred_lft forever 添加一个84的新ip 11 12 [root@localhost ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf 13 <VirtualHost 192.168.149.85:80> 14 DocumentRoot "/usr/local/apache/htdocs/test.example.com" 15 ServerName test.example.com 16 ErrorLog "logs/test.example.com-error_log" 17 CustomLog "logs/test.example.com-access_log" common 18 </VirtualHost> 19 <VirtualHost 192.168.149.84:80> 20 DocumentRoot "/usr/local/apache/htdocs/blog.example.com" 21 ServerName blog.example.com 22 ErrorLog "logs/blog.example.com-error_log" 23 CustomLog "logs/blog.example.com-access_log" common 24 </VirtualHost> 把*号去掉输入要访问的ip 25 [root@localhost ~]# systemctl stop httpd 先停掉 26 [root@localhost ~]# ss -antl 27 State Recv-Q Send-Q Local Address:Port Peer Address:Port Process 28 LISTEN 0 128 0.0.0.0:22 0.0.0.0:* 29 LISTEN 0 128 [::]:22 [::]:* 30 [root@localhost ~]# systemctl start httpd在启动 31 [root@localhost ~]# ss -antl 32 State Recv-Q Send-Q Local Address:Port Peer Address:Port Process 33 LISTEN 0 128 0.0.0.0:22 0.0.0.0:* 34 LISTEN 0 128 *:80 *:* 35 LISTEN 0 128 [::]:22 [::]:* 36
相同ip相同端口号不同域名
[root@localhost ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf
<VirtualHost *:80> ip去掉,端口号一样,域名本来就不一样
DocumentRoot "/usr/local/apache/htdocs/test.example.com"
ServerName test.example.com
ErrorLog "logs/test.example.com-error_log"
CustomLog "logs/test.example.com-access_log" common
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "/usr/local/apache/htdocs/blog.example.com"
ServerName blog.example.com
ErrorLog "logs/blog.example.com-error_log"
CustomLog "logs/blog.example.com-access_log" common
</VirtualHost>
[root@localhost ~]# systemctl stop httpd 停掉
[root@localhost ~]# systemctl start httpd 启动
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
在电脑的C:\windows\systenm32\drivers\etc\hosts里打开记事本更改
访问控制
1 [root@localhost ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf 2 3 4 <VirtualHost *:80> 5 DocumentRoot "/usr/local/apache/htdocs/test.example.com" 6 ServerName test.example.com 7 ErrorLog "logs/test.example.com-error_log" 8 CustomLog "logs/test.example.com-access_log" common 9 <Directory "/usr/local/apache/htdocs/test.example.com"> 10 <RequireAll> 11 Require not ip 192.168.149.1 12 Require all granted 13 </RequireAll> 14 </Directory> 15 </VirtualHost> 16 <VirtualHost *:80> 17 DocumentRoot "/usr/local/apache/htdocs/blog.example.com" 18 ServerName blog.example.com 19 ErrorLog "logs/blog.example.com-error_log" 20 CustomLog "logs/blog.example.com-access_log" common 21 </VirtualHost> 22 [root@localhost ~]# systemctl start httpd 23 [root@localhost ~]# ss -antl 24 State Recv-Q Send-Q Local Address:Port Peer Address:Port Process 25 LISTEN 0 128 0.0.0.0:22 0.0.0.0:* 26 LISTEN 0 128 *:80 *:* 27 LISTEN 0 128 [::]:22 [::]:*
ssl:
启用模块,如果已经有了但是注释了,则取消注释即可
1 [root@localhost conf]# vim httpd.conf 2 LoadModule ssl_module modules/mod_ssl.so
生成证书
1 a)CA生成一对密钥 2 [root@localhost conf]# cd /etc/pki 3 [root@localhost pki]# mkdir CA 创建CA目录 4 [root@localhost pki]# cd CA 5 [root@localhost CA]# mkdir private 创建private目录 6 [root@localhost CA]# ls 7 private 8 [root@localhost CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048) 生成密钥 9 [root@localhost CA]# ls private/ 10 cakey.pem 11 [root@localhost CA]# openssl rsa -in private/cakey.pem -pubout提取公钥 12 b) CA生成自签署证书 13 [root@localhost CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 365 14 [root@localhost CA]# ls 15 cacert.pem private 生成证书 16 [root@localhost CA]# mkdir certs newcerts crl 17 [root@localhost CA]# ls 创建目录 18 cacert.pem certs crl newcerts private 生成两个文件 19 [root@localhost CA]# touch index.txt && echo 01 > serial 20 c) 客户端(例如httpd服务器)生成密钥 21 [root@localhost CA]# mkdir certs newcerts crl 22 [root@localhost conf]# mkdir ssl 23 [root@localhost conf]# ls 24 extra httpd.conf magic mime.types original ssl 25 [root@localhost conf]# cd ssl/ 26 [root@localhost ssl]# (umask 077;openssl genrsa -out httpd.key 2048)生成httpd.key的文件 27 [root@localhost ssl]# ls 28 httpd.key 29 d) 客户端生成证书签署请求 30 [root@localhost ssl]# openssl req -new -key httpd.key -days 365 -out httpd.csr 和刚才生成证书所填都一致 31 [root@localhost ssl]# ls 32 httpd.csr httpd.key 33 f) CA签署客户端提交上来的证书 34 [root@localhost ssl]# openssl ca -in httpd.csr -out httpd.crt -days 365 35 [root@localhost ssl]# ls 36 httpd.crt httpd.key 完成 一给公钥一个私钥
配置httpd
1 [root@localhost conf]# vim httpd.conf 2 Include conf/extra/httpd-ssl.conf 注释取消掉 3 [root@localhost conf]# ls extra/ 4 [root@localhost conf]# vim extra/httpd-ssl.conf修改配置文件 5 DocumentRoot "/usr/local/apache/htdocs/test.example.com" 6 ServerName test.example.com:443 7 SSLCertificateFile "/usr/local/apache/conf/ssl/httpd.crt" 8 SSLCertificateKeyFile "/usr/local/apache/conf/ssl/httpd.key"
[root@localhost ~]# httpd -t 检查语法
AH00526: Syntax error on line 92 of /usr/local/apache/conf/extra/httpd-ssl.conf:
SSLSessionCache: 'shmcb' session cache not supported (known names: ). Maybe you need to load the appropriate socache module (mod_socache_shmcb?).
[root@localhost ~]# vim /usr/local/apache/conf/httpd.conf
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so 注释取消掉
[root@localhost ~]# httpd -t
Syntax OK
启动服务
1 [root@localhost ~]# systemctl restart httpd 2 [root@localhost ~]# ss -antl 3 State Recv-Q Send-Q Local Address:Port Peer Address:Port Process 4 LISTEN 0 128 0.0.0.0:22 0.0.0.0:* 5 LISTEN 0 128 *:80 *:* 6 LISTEN 0 128 [::]:22 [::]:* 7 LISTEN 0 128 *:443 *:* 443有了 8 [root@localhost ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf 把拒绝的删除点 9 [root@localhost ~]# http://test.example.com/
标签:httpd,配置,usr,apache,最新版,root,example,localhost 来源: https://www.cnblogs.com/sunyiming023654/p/16157868.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。