Linux-Use Apache to deploy a simple homepage website [modify website data directory, configure alias, user authentication login]

Linux cloud computing architecture-use apache to build a simple web site server

1. Introduction to web server

General website services refer to web network services . Refers to services that allow users to access various resources on the Internet through a browser. Web network service is a passive access service program, that is, it will only respond to requests sent by other hosts on the Internet, and the Web server used to provide the service program will transmit the requested content to the user through HTTP or HTTPS. (There are only requested to respond)
to provide web network service procedures IIS, Nginx, Apache
① IIS(Internet Information Services,互联网信息服务): Windows system in the default web service program, graphical site management tool, not only can provide web网站服务, can also provide FTP\NMTP\SMTPother services.
② Nginx: A rising star, very easy to use.
③ Apache: The default web service program of RHEL5, 6, 7 system, the old web service program.
④tomcat

apache official website : http://www.apache.org/
apache official website :http://httpd.apache.org/

2. Use apache to deploy web server

Web service working mode: B/S mode
Port number: 80/http (default port) 443/https (SSL secure port)

The service name of the Apache service programhttpd

# 安装httpd服务
[root@client ~]# yum install -y httpd
# 安装字符界面的浏览器客户端
[root@client ~]# yum install -y elinks

# 写点测试内容
[root@client ~]# cd /var/www/html/
[root@client html]# echo hahah > index.html

# 启动httpd服务
[root@client ~]# systemctl start httpd.service 
[root@client ~]# systemctl enable httpd.service 

# 开放80端口号
[root@client ~]# firewall-cmd --permanent --zone=public --add-port=80/tcp
success
[root@client ~]# firewall-cmd --reload 
success

# 看下能否正常访问，如果不行，估计是配置文件的问题
# 一般是这行要改： 
95 ServerName localhost:80
[root@client ~]# elinks 192.168.8.181
# 直接访问网址：
http://192.168.8.181/

3. Configure httpd service program

1. The main configuration file of the httpd service program ①Service
   directory [Path: /etc/httpd]
   ②Main configuration file [Path:/ etc/httpd/conf/httpd.conf]
   ③Website data directory [Path: /var/www/html]
   ④Access log [Path: /var/log/httpd/access_log]
   ⑤Error log [Path: /var/log/httpd/error_log]

2. Main configuration file [Path: /etc/httpd/conf/httpd.conf]
   There are 3 types of information: annotation information , global configuration (valid for all sub-sites) , regional configuration (valid for designated sub-sites)
   

 31 ServerRoot "/etc/httpd"     # httpd服务目录
 42 Listen 80          # 监听端口号，可以指定
 57 Include conf.modules.d/*.conf      
 67 User apache           # 运行httpd服务的用户
 68 Group apache         # 运行httpd服务的用户组
 87 ServerAdmin root@localhost      # 管理员邮箱   
 96 ServerName localhost:80      # web服务器名，一般为IP:80
103 <Directory />     # 设置网站数据目录的权限
104     AllowOverride none   # 设置为none，忽略.htaccess
105     Require all denied   # 拒绝所有，允许所有为allow
106 </Directory>
120 DocumentRoot "/var/www/html"     # 默认的网站数据目录
183 ErrorLog "logs/error_log"   # 错误日志存放位置
190 LogLevel warn   # 日志级别
218     CustomLog "logs/access_log" combined    # 访问日志存放位置
317 AddDefaultCharset UTF-8    # 支持的语言，默认编码
354 IncludeOptional conf.d/*.conf     # conf.d目录下conf文件也是有效配置文件

# 定义首页文件
164 <IfModule dir_module>
165     DirectoryIndex index.html   # 首页为index.html
166 </IfModule>

# Timeout 60    # 访问超时时间

#  获取状态信息的界面，配置文件本身没有这个内容
356 ExtendedStatus On
357 <location /server-status>
358  SetHandler server-status
359  Order allow,deny
360  Allow from 127.0.0.1 192.168.8.0/24
361 </location>

4. Modify web site data directory

# 查看下apache版本，可以看到版本是Apache/2.4.6 (CentOS)
[root@client ~]# curl -I 192.168.8.181
HTTP/1.1 200 OK
Date: Wed, 19 Aug 2020 13:04:25 GMT
Server: Apache/2.4.6 (CentOS)
Last-Modified: Wed, 19 Aug 2020 12:16:27 GMT
ETag: "6-5ad39f9178694"
Accept-Ranges: bytes
Content-Length: 6
Content-Type: text/html; charset=UTF-8

# 修改网站数据目录为/data/www/html
# 创建目录并创建测试数据
[root@client ~]# mkdir -p /data/www/html
# 查看selinux安全上下文并修改为httpd_sys_content_t
[root@client ~]# ll -Zd /var/www/html/
drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 /var/www/html/
[root@client ~]# ll -Zd /data/www/html/
drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 /data/www/html/
[root@client ~]# chcon -R -t httpd_sys_content_t /data/www/html/
[root@client ~]# cp /var/www/html/index.html /data/www/html/

# 备份httpd配置文件
[root@client ~]# cd /etc/httpd/conf
[root@client conf]# cp httpd.conf httpd.conf.bak

# apache2.2和apache2.4访问控制写法：
===================================================
# apache2.4写法：
Require host 主机地址
Require ip ip地址
Require not ip 10.1.1.1
Require not host www.com
require all granted 允许所有访问
require all denied 拒绝所有访问
Require expr expression 若expression计算为true则允许访问
Require user userid 只有指定的用户才可以访问
Require group group-name 指定的用户组可以访问
Require valid-user 所有有效用户可以访问
# 修改网站数据目录
[root@client ~]# vim /etc/httpd/conf/httpd.conf
DocumentRoot "/data/www/html"
<Directory "/data/www/html">
    AllowOverride None
    Require all denied
    Require ip 192.168.8.0/24
</Directory>

===================================================
# apache2.2写法：
# 修改网站数据目录
[root@client ~]# vim /etc/httpd/conf/httpd.conf 
DocumentRoot "/data/www/html"
<Directory "/data/www/html">
     Options Indexes FollowSymLinks
     AllowOverride None
     Order allow,deny   # 有冲突时的优先级。越往后优先级越高。这里默认是拒绝的。
     Allow from 192.168.8.0/24   # 允许网段
     Deny from 192.168.9.0/24    # 拒绝网段
     Allow from .baidu.com       # 允许百度访问
 </Directory>
===============================================

[root@client ~]# systemctl restart httpd

5. Configure alias (virtual directory)

[root@client ~]# vim /etc/httpd/conf/httpd.conf
DocumentRoot "/data/www/html"
alias /data/ /data/www/html/   # 取别名，即虚拟目录
<Directory "/data/www/html">
    AllowOverride None
    Require all denied
    Require ip 192.168.8.0/24
</Directory>
[root@client ~]# systemctl restart httpd

# 当网站数据目录下不存在首页文件(index.html)，则显示该目录下文件夹。
# 生成一些目录
[root@client ~]# cp -a /boot/grub/ /data/www/html/
# 编辑httpd配置文件
[root@client ~]# vim /etc/httpd/conf/httpd.conf
Alias /data "/data/www/html"
<Directory "/data/www/html">
    AllowOverride None
    Options Indexes FollowSymLinks    # 加上该句即可
    Require all denied
    Require ip 192.168.8.0/24
</Directory>
[root@client ~]# systemctl restart httpd

6. User authentication login

[root@client ~]# vim /etc/httpd/conf/httpd.conf
DocumentRoot "/data/www/html"
        Alias /data "/data/www/html"
        <Directory "/data/www/html">
            AllowOverride None
            Options Indexes FollowSymLinks
            # Require all denied
            # Require ip 192.168.8.0/24    # 使用用户验证不可与指定IP同时使用
            authtype basic    # 认证类型
            authname "my web site"   # 认证区域名称
            authuserfile /etc/httpd/conf/passwd.secret    # 用户认证文件
            Require valid-user      # 是否将用户认证文件中的用户作为有效用户，加这句表示是
            # require user abong test  # 把abong和test作为有效用户，允许访问。
        </Directory>

# -c 创建一个用户认证文件。【每一行为  用户名:密码】
# -m 对密码进行md5加密
# -h 查看帮助信息
[root@client ~]# htpasswd -cm /etc/httpd/conf/passwd.secret test  # 首次要加-c参数
New password: 
Re-type new password: 
Adding password for user test
[root@client ~]# htpasswd -m /etc/httpd/conf/passwd.secret abong    # 追加只需-m
New password: 
Re-type new password: 
Adding password for user abong
[root@client ~]# cat /etc/httpd/conf/passwd.secret
test:$apr1$IHwwQSBP$S8uq/HHX4avbjYbK557U91
abong:$apr1$EUpr6yfG$tMcuMf/bWoYezLByROhlI0
[root@client ~]# systemctl restart httpd