Apache configuration and application (detailed graphic introduction)

Apache configuration and application (detailed graphic introduction)

One, build a virtual web host

(1) Introduction

Virtual web host refers to running multiple web sites on the same server, each of which does not actually occupy the entire server independently, so it is called a "virtual" Teb host. Virtual web hosting services can make full use of the hardware resources of the server, thereby greatly reducing website construction and operating costs.
The use of httpd service can be very convenient to build a virtual host server, only need to run a httpd service to support a large number of web sites at the same time.

(2) The type of virtual host supported by httpd service

The virtual host types supported by httpd service include the following three types:
1. Based on domain name: use different domain names for each virtual host, but the corresponding IP address is the same. For example,
the IP addresses of www.chenwei.com and www.mm.com.com are both 192.168.126.10. This is the most commonly used type of virtual web host.
2. Based on IP address: use a different domain name for each virtual host, and the corresponding re address is also different. This method requires multiple network ports for the server, so the application is not very general.
3. Port-based: This method does not use domain names and Ir addresses to distinguish different site content, but uses different nrce port numbers, so users need to set the port number with the old teacher to access different virtual sites. .

(3) Configure virtual host based on domain name

Method 1: Deploy DNS domain name resolution server to provide domain name resolution

Before this method, everyone knows that the unreasonable domain name points to the same IP address through domain name resolution.

Method 2: Temporarily configure the mapping between domain names and IP addresses in the /etc/hosts file

echo "192.168.126.10 www.chenwei.com" >> /etc/hosts 

echo "192.168.126.10 www.mm.com" >> /etc/hosts

2.为虚拟主机准备网页文档
mkdir -p /var/www/html/chenwei
mkdir -p /var/www/html/mm
echo "<h1>hello</h1>">/var/www/htm1/chenwei/index.html
echo "<h1>hello</h1>" > /var/www/html/mm/index.html

之后输入网址可以看到网页显示的hello

3.添加虚拟主机配置
vim /usr/local/httpd/conf/extra/httpd-vhosts.conf   #源码编译安装的虚拟主机配置文件路径
#vim /etc/httpd/conf.d/vhosts.conf   #RPM或YUM安装的虚拟主机配置文件路径

<VirtualHost 192.168.126.10:80>                          #设置虚拟战斗区域
         serverAdmin [email protected]   #设置管理员箱,这行可忽略
         DocumentRoot "/var/www/html/ chenwei"            #设置网站根目录
         serverName www.chenwei.com                      #设置web站点的完整域名(主机名+域名)
         #serverAlias www.durnny-host.example.com    
         ErrorLog "logs/chenwei.com-error_log"            #设置错误日志文件的路径
         CustomLog "logs/chenwei.com-access_log" common   #设置访问日志文件的路径
</VirtualHost>

<VirtualHost 192.168.126.10:80>
         DocumentRoot "/var/www/html/mm”serverName www.mm.com
          ErrorLog "logs/mm.com-error_log"
         CustomLog "logs/mm.com-access_log"common

</VirtualHost>

4.设置访问控制
<Directory "/var/www/html">         #设置目录访问权限
    Options None                     #不启用任何的服务器特性
    Allowoverride None              #不允许重写Apache默认配置
    Require all granted              #允许所有主机访问
</Directory>

Options instruction explanation:

The main function of the Options command is to control which server features will be enabled for a specific directory. It can be used in the virtual host configuration (virtualEost), specific directory configuration (Directory) and .htaccess file of the Apache service configuration file.
Options command commonly used options:
None: means not to enable any server features.
FollowSymLinks: The server allows symbolic links (soft links) in this directory.
Indexes: If the entered URL corresponds to a file directory on the server, and there is no file specified by the DirectoryIndex directive in the Rpache configuration file in this directory (for example: DirectoryIndex index.html index.php), then all the directories under this directory will be listed file.
MultivViews: If the path requested by the client may correspond to multiple types of files, the server will automatically select a file that best matches the requirements of the client according to the specific circumstances of the client's request. For example, there are two files named hel1o.jpgo and hello.htm1 in the file folder of the server site. At this time, the user enters http://localhost/file/hello. If
there is no hello subfolder in the file folder Directory, then the server will try to find a file in the file directory that looks like
hello.*, and then return the best matching hello.jpg or hello.html according to the specific conditions of the user's request. All: Represents all features except Multiviews. This is also the default setting of the options directive.

Allowoverride instruction explanation:
.htacces5 (distributed implicit configuration file): Provides a method to change the configuration for each daily record, that is, place a file containing specific instructions in a specific daily record, and the instructions act on this directory And all sub-daily records.
When AlloOverride is set to None, the .htaccess file in the corresponding configuration directory is not read, that is, it cannot take effect.
When Allooverride is set to Al1, every time a request is made to access a file in the corresponding directory, it will be read. The configuration of the .itaceao file means that the original apeache command will be overwritten by the command in the .taoce file.
For performance and security considerations, the use of .htaccese files is generally avoided as much as possible. Any configuration that you want to put in the .ntaces file can be put in the section of the main configuration file (atrd.ont) and is efficient. Therefore, the AllowOverride attribute is generally configured as None.
Address: Restriction policy:
Require all granted: Allow all hosts to access.
Require all denied: All hosts are denied access.
Require local: Only the local host is allowed to access.
Require [not.] host<host name or domain name list>: Allow or deny access to the specified host or domain name.
Require [not] IP<IP address or network segment list>: Allow or deny the specified IP address network access

5.加载独立的配置文件
vim /usr/local/httpd/conf/httpd.conf      #源码编译安装的httpd服务主配置文件路径

--478行--取消注释
Include conf/extra/httpd-vhosts.conf          #加载独立的配置文件
#vim /etc/httpd/conf/httpd.conf               #RPM或YUM安装的httpd服务主配置文件路径
IncludeOptional conf.d/*.conf                 #最后一行己默认开启此项

systemctl restart httpd

6.在客户机中访问虚拟web主机
http://www.chenwei.com
http://www.mm.com

(4) Virtual host based on IP address

ifconfig ens33:0 192.168.126.100/24

vim /usr/local/httpd/conf/extra/httpd-vhosts.conf
<Virtualllost 132.168.126.10:80>
            DocumentRoot "/var/www/htnl/chenwei"
			ServerName www.chenwei.com
            ErrrLoc " logs/chenwei.com-error_locg"
            Cust.omLog "logs /chenwei.com-access_log" cornmon
</VirtualHost>

<VirtualHost 192.168.126.100:80>
           DocumentRoot "/var/www/html/mm"
		   ServerName www.mm.com
           ErrorLog "1ogs/mm.com-error_log”
           CustomLog "logs/accp.com-access_log"comnon
</VirtualHost>

<Directory "/var/www/html">
         Options None
         Allowoverride NoneRequire all granted
</Directory>

vim /usr/local/httpd/conf/httpd.conf
--53行--插入
Listen 192.198.80.126.100      #这一步不要忘记

syatemctl restart httpd

在客户机浏览器中访问虚拟 Web 主机。
http://192.168.126.10
http://192.168.126.100

(5) Virtual host based on port

vim /usr/local/httpd/ conf/extra/httpd-vhosts.conf
<VirtualHost 192.168.80.10:80>
       DocumentRoot "/var/www/html/chenwei"
       ServerName www.chenwei.com
        ErrorLog"1ogs/chenwei.com-error_1og"
        CustomLog "logs/chenwei.com-access_log"common
</VirtualHost>

<VirtualHost 192.168.80.10:8080>
       DocumentRoot "/var/www/html/mm"
       ServerName www.mm.com
       ErrorLog " logsi mm.com-error_log"
       CustomLog "logs/mm.com-accmmess_log" common
</VirtualHost>

<Direetory "/var/www/html">
      Options None
      Allowoverride None
	  Require all granted
</Directory>

vim /usr/local/httpd/conf/httpd.conf
--53行--插入
Listen 192.168.126.10:8080

systemctl restart httpd

在客户机中浏览器访问虚拟 web主机
http://192.168.12610:80
http://192.168.126.10:8080

2. Apache connection retention

vim /usr/local/httpd/conf/extra/httpd-default.conf

KeepAlive on
#设置是否打开连接保持功能，后面接oFT表示关闭，按ou表示打开。可以根据网站的并发请求量决定是否打开，即在高并发时打开连按保持功能，并发量不高时关闭此功能。

MaxKeepAliveRequests 100
f用于设置在一次长连接中可以传输的最大请求数量，超过此最大请求数量就会断开连接，最大值的设置决定于网站中网页的内容，一般设置数量会多于网站中所有的元素。

KeepAliveTimcout 5
#设置来自同一个客户端一次连接多次请求之间的最大间隔时间，即两次请求之间超过该时间连接就会自动断开，从而可免客户端占用迕接资准。)

3. Constructing a web virtual daily record and user authorization restrictions

1. Create a user authentication data file

cd /usr/local/httpd/bin
./htpasswd -c /usr/local/httpd/conf/user lisi
./htpasswd /usr/local/httpd/conf/user  zhangsan
#-c选项表示新建用户数据文件，缺省时则表示指定的用户数据文件已经存在，用于添加新的用户或修改现有用户的密码。

cat /usr/local/httpd/conf/user   #确认用户数据文件

2. Add user authorization configuration

vim /usr/local/httpd/conf/httpd.conf

--末行添加-
Alias /test  /var/www/html/test                             #设置虚拟日录的根目录，/ test为虚拟目录名称

<Directory "/var/www/html/test">                           #设置虚拟目录配置区域
     AuthName "Hello!"                                      #定义受保护的领域名称，会在认证对话框中显示
     AuthType Basic                                         #设置认证的类型，Basic表 示基本认证
     AuthUserFile /usr/local/httpd/conf/user                 #设置用于保存用户账号和密码的认证文件的路径
     Require valid-user                                      #开启用户认证，只有认证文件中的合法用户才能访问
     #authgroupfile /usr/local/httpd/conf/group              #设置用于保存组账号和密码的认证文件的路径
     #Require user zhangsan                                 #仅允许指定用户访问
     #Require group zhangsan                                #仅允许指定组访问
</Directory>

3. Verify user access authorization

mkdir -p /var/www/html/test
echo "<h1>hello world</h1>" > /var/www/htm1/test/index.html
systemctl restart httpd

在客户机中浏览器访问
http://192.168.126.10:80/test

Four, Apache log segmentation

使用Apache自带rotatelogs分割工具，将 Apache 的日志进行按每天的日期自动分割。
vim /usr/local/httpd/conf/httpd.conf
-—275行--修改
ErrorLog "| /usr/local/bin/rotatelogs -l /var/log/httpd/error_%Y%m%d.log 86400"
分剖错误日志
--305行--修改
CustomLog "| /usr/local/bin/rotatelogs -l /var/log/httpd/accesss_%Y%m%d.log 86400"combined
#分割访问日志

下面这个是在虚拟主机上面修改：

vim /usr/local/httpd/conf/extra/httpd-vhosts.conf
ErrorLog "|/usr/local/bin/rotatelogs -l /var/log/httpd/benet.com-error_%F.log 86400"
CustomLog "|/usr/local/bin/rotatelogs -l /var/log/httpd/benet.com-access_%F.log 86400" combined

#开头的l为管道符号。
#-l选项表示使用本地时间为时间基准。
#86400表示一天,即每天生成一个新的日志文件。
mkdir /var/log/httpd  #创建分剖后的日志文件保存目录

systemctl restart httpd
ls /var/log/httpd    #查看日志文件

Five, Awstats analysis system

ANstats is an open source log analysis system developed using perl language, which is used to complete automated log statistics and analysis.

1. Transfer the software packages required for installing AwStats to the /opt directory

awstats-7.6.tar-gz

2. Install the Awstats package

cd /opt
tar zxvf awstats-7.6.tar.gz
mv /opt/awstats-7.6  /usr/local/awstats

3. Establish a configuration file for the site to be counted

cd /usr/local/awstats/tools
 ./awstats_configure.pl

.....
Config file path ( 'none' to skip web server setup) :

>/usr/local/httpd/conf/httpd.conf          #输入httpd服务主配置文件的路径
>Your web site, virtual server or profile name :
>www.kgc.com                                  #输入要统计的站点域名
>

4. Modify the automatically generated awstats access permissions and load the cGI module (Apache 2.4 or above needs to load the cGI module)

vim /usr/local/httpd/conf/httpd.conf

ErrorLog "logs/error_log"
CustomLog "logs /access_log" combined

--143行--
....-:
<IfModule ! mpm prefork module>
     LoadModulecgid modulc modules/ mod_cgid.so  #取消注释
</IfModule>

<IfModule mpm prefork_module>
   LoadModule cgi_module modules/mod_cgi.so      #取消注释

</IfModule>
......

--跳至末行修改--
<Directory "/usr/ local i awst.ats / wwwroot." >
           Options None
           Allowoverride None                  #注释掉
		   #Oorder allow , deny                #注释掉
           #Allow from all                     #注释掉
           Require all granted                 #添加
</Directory>

5. Modify the site statistics configuration file

vim /etc/awstats/awstats.www.kgc.com.conf
LogFile="/usr/local/httpd/logs/access_log"  #修改访问日志文件位置
DirData="/var/lib/awstats"               #awstats目录默认不存在,需要手动创建

mkdir /var/lib/awstats

6. Perform log analysis and set up cron scheduled tasks

systemctl restart httpd
cd /usr/local/awstats/tools
./awstats_updateall.pl now             #更新数据(根据站点配置文件指定的日志文件路径）

crontab -e
*/5 * * * *   /usr/local/awstats/tools/awstats_updateall.pl now

systemctl start crond

7. Visit Awstats analysis system site

systemctl stop firewalld
systemctl disable firewalld
setenforce 0

echo "192.168.126.10 www.kgc.com” >>etc/hosts
浏览器访问
http://www.kgc.com/awstats/awstats.pl?config=www.kgc.com

8. Optimize the web address

vim /usr/local/httpd/htdocs/aws.html

<html>
<head>
<meta http-equiv=refresh content="0;url=http:// www.kgc.com/awstats/awstats.pl?config=www.kgc.com">
</head>
<body></body>
</html>

HTML文件结构解释:
<html> </html> :用于HTML文件结构最外层表示的标签
<head> </head> :用于HTML网页内容描述信息的头标签
<body < / body> :用于显示网页内容的内容标签
<meta>:定义了HTML文档中的元数据，比如针对搜索引擎和更新频度的描述和关键词。这里的
http-equiv-refresh用于实现网页自动跳转
浏览器访问