table of Contents
-
- One, build a virtual web host
- Two, the type of virtual host
- Three, configure domain-based virtual host
- Four, virtual host based on IP address
- Five, port-based virtual host
- Six, Apache connection retention
- Seven, construction of Web virtual directory and user authorization restrictions
- Eight, Apache log segmentation
- Nine, AWStats analysis system
One, build a virtual web host
A virtual web host refers to running multiple web sites on the same server, each of which does not actually occupy the entire server independently, so it is called a "virtual" web host, through the virtual web host service can make full use of the server Hardware resources, thereby greatly reducing website construction and operating costs
Two, the type of virtual host
The use of httpd service can be very convenient to build a virtual host server, only need to run a httpd service to support a large number of Web sites at the same time. The virtual host types supported by the httpd service include the following three:
1. Based on domain name: use different domain names for each virtual host, but the corresponding IP addresses are the same. For example, the IP addresses of www.benet.com and www.accp.com are both 192.168.241.3. This is the most commonly used type of virtual web host
2. Based on IP address: use a different domain name for each virtual host, and their corresponding IP addresses are also different. This method requires multiple network interfaces for the server, so the application is not very extensive
3. Port-based: This method does not use domain names and IP addresses to distinguish different site content, but uses different TCP port numbers, so users need to specify the port number at the same time when browsing different virtual sites to access
Three, configure domain-based virtual host
1. Provide domain name resolution for virtual hosts
Method 1: Deploy DNS domain name resolution server to provide domain name resolution
Method 2: Temporarily configure the mapping between domain names and IP addresses in the /etc/hosts file
echo "192.168.241.3 www.benet.com" >> /etc/hosts
echo "192.168.241.3 www.accp.com" >> /etc/hosts
2. Prepare web documents for virtual hosts
mkdir -p /var/www/html/benet
mkdir -p /var/www/html/accp
echo "<h1> www.benet.com</h1>" >/var/www/html/benet/index.html
echo "<h1> www.accp.com</h1>" >/var/www/html/accp/index.html
3. Add virtual host configuration
vim /usr/local/httpd/conf/extra/httpd-vhosts.conf
源码编译安装的虚拟主机配置文件路径
#vim /etc/httpd/conf.d/vhosts.conf
RPM或者YUM安装的虚拟主机配置文件路径
<VirtualHost 192.168.241.3:80>——————————设置虚拟主机区域
#ServerAdmin [email protected]———————设置管理员邮箱,这个可以忽略
DocumentRoot ”/var/www/html/benet“————设置网站根目录
ServerName www.benet.com
#ServerAlinas www.dummy-host.example.com
ErrorLog "logs/benet.com-error_log"————————设置错误日志文件的路径
CustomLog "logs/benet.com-access_log" common————设置访问日志文件的路径
</VirtualHost>
<VirtualHost 192.168.241.3:80>
DocumentRoot ”/var/www/html/accp“
ServerName www.accp.com
#ServerAlinas www.dummy-host.example.com
ErrorLog "logs/accp.com-error_log"
CustomLog "logs/accp.com-access_log" common
</VirtualHost>
4. Set up access control
<Directory "/var/www/html">————————设置目录访问权限
Options None————————————不启用任何的服务器特性
AllowOverride None————————不允许重写Apache默认配置
Require all granted——————允许所有主机访问
</Directory>
Options instruction explanation:
The main function of the Options instruction is to control which server features will be enabled for a specific directory. You can use the
Options instruction common options in the virtual host configuration (VirtualHost), specific directory configuration (Directoty) and .htaccess file of the Apache service configuration file :
None:
Means not to start any server features FollowSymLinks: The server allows symbolic links (soft links) in this directory.
Indexes: If the entered URL corresponds to a file directory on the server, and there is no DirectoryIndex in the Apache configuration file in this directory The file specified by the instruction (for example: DirectoryIndex index.html index.php) will list all the files in the directory.
MultiViews: If the path requested by the client may correspond to multiple types of files, the server will follow the specific The situation automatically selects a file that best matches the client's requirements. For example, there are two files named hello.jpg and hello.html in the file folder of the server site. At this time, the user enters http://localhost/file/hello. If there is no hello sub-file in the file folder Directory, then the server will try to find files like hello.* in the file folder, and then return the best matching hello.jpg or hello.html according to the specific conditions of the user’s request.
All: means all features except MultiViews , This is also the default setting of the Options directive.
AllowOverride directive parsing:
.htaccess (distributed implicit configuration file): provides a method to change the configuration for each directory, that is, place a file containing a specific directive in a specific directory, where The command acts on this directory and all its subdirectories
When AllowOverride is set to None, the .htaccess file in the corresponding configuration directory will not be read, that is, it cannot take effect.
When AllowOverride is set to All, every time a file in the corresponding directory is requested, the .htaccess file will be read. Configuration means that the original Apache directives will be overwritten by the directives in the .htaccess file. For
performance and security considerations, the use of .htaccess files is generally avoided as much as possible. Any configuration that you want to put in the .htaccess file can be placed in the main In the configuration file (httpd. conf) section, and efficient. Therefore, the AllowOverride attribute is generally configured as None
address restriction strategy:
Require all granted: Allow all hosts to access.
Require all denied: All hosts are denied access.
Require local: Only the local host is allowed to access.
Require [not] host <host name or domain name list>: Allow or deny access to the specified host or domain name.
Require [not] ip <IP address or network segment list>: Allow or deny the specified IP address network access.
5. Load a separate configuration file
vim /usr/local/httpd/conf/httpd.conf
#源码编译安装的httpd服务主配置文件路径
--483行--取消注释
Include conf/extra/httpd-vhosts.conf————————————加载独立的配置文件
#vim /etc/httpd/ conf /httpd. conf————————————RPM或YUM安装的httpd服务主配置文件路径
IncludeOptional conf.d/* .conf——————————最后一行已默认开启此项
systemctl restart httpd
6. Visit the virtual web host
http://www.benet.com
http://www. accp. com in the client
Four, virtual host based on IP address
ifconfig ens33:0 192.168.241.30 netmask 255.255.255.0
vim /usr/local/httpd/conf/extra/httpd-vhosts.conf
<VirtualHost 192.168.241.3:80>
DocumentRoot "/var/www/html/benet"
ServerName www.benet.com
ErrorLog "logs/benet.com-error_log"
CustomLog "logs/benet.com-access_1og" common
</VirtualHost>
<VirtualHost 192.168.241.30:80>
DocumentRoot "/var/www/html/accp"
ServerName www.accp.com
ErrorLog "logs/accp.com-error_log"
CustomLog "logs/accp.com-access_1og" common
</VirtualHost>
<Directory "/var/www/html">
Options None
AllowOverride None
Require all granted
</Directory>
vim /usr/local/httpd/conf/httpd.conf
--53行--插入
Listen 192.198.241.30:80
systemctl restart httpd
在客户机中浏览器访问虚拟机Web主机
http://192.168.241.3
http://192.168.241.30
Client input IP address:
http://192.168.241.3
http://192.168.241.30
Five, port-based virtual host
vim /usr/local/httpd/conf/extra/httpd-vhosts.conf
<VirtualHost 192.168.241.3:80>
DocumentRoot "/var/www/html/benet"
ServerName www.benet.com
ErrorLog "logs/benet.com-error_log"
CustomLog "logs/benet.com-access_1og" common
</VirtualHost>
<VirtualHost 192.168.241.3:8080>
DocumentRoot "/var/www/html/accp"
ServerName www.accp.com
ErrorLog "logs/accp.com-error_log"
CustomLog "logs/accp.com-access_1og" common
</VirtualHost>
<Directory "/var/www/html">
Options None
AllowOverride None
Require all granted
</Directory>
vim /usr/local/httpd/conf/httpd.conf
--53行--插入
Listen 192.198.241.3:8080
systemctl restart httpd
在客户机中浏览器访问虚拟机Web主机
http://192.168.241.3:80
http://192.168.241.3:8080
In the client, the browser accesses the virtual machine Web host
http://192.168.241.3:80
http://192.168.241.3:8080
Six, Apache connection retention
vim /usr/local/httpd/conf/extra/httpd-default.conf
KeepAlive on
#设置是否打开连接保持功能,后面接0FF表示关闭,接ON表示打开。可以根据网站的并发请求量决定是否打开,即在高并发时打开连接保持功能,并发量不高时关闭此功能
MaxKeepAliveRequests 100
#用于设置在一次长连接中可以传输的最大请求数量,超过此最大请求数量就会断开连接,最大值的设置决定于网站中网页的内容,一般设置数量会多于网站中所有的元素
KeepAliveTimeout 5
#设置来自同一个客户端一次连接多次请求之间的最大间隔时间,即两次请求之间超过该时间连接就会自动断开,从而避免客户端占用连接资源。
Seven, construction of Web virtual directory and user authorization restrictions
1. Create a user authentication data file
cd /usr/local/httpd/bin
./htpasswd -c /usr/local/httpd/conf/user zhangsan
./htpasswd /usr/local/httpd/conf/user lisi
#-c选项表示新建用户数据文件,缺省时则表示指定的用户数据文件已经存在,用于添加新的用户或修改现有用户的密码。
cat /usr/local/httpd/conf/user————————#确认用户数据文件
2. Add user authorization configuration
vim /usr/local/httpd/conf/httpd.conf
#####末行添加#####
Alias /test/var/www/html/test————————设置虚拟目录的根目录,/test为虚拟目录名称
<Directory "/var/www/html/test">——————设置虚拟目录配置区域
AuthName "Hello!"————————————定义受保护的领域名称,会在认证对话框中显示
AuthType Basic——————————设置认证的类型,Basic表示基本认证
AuthUserFile /usr/local/httpd/conf/user——————————设置用于保存用户账号和密码的认证文件的路径
Require valid-user————————————开启用户认证,只有认证文件中的合法用户才能访问
#authgroupfile /usr/local/httpd/conf/group——————设置用于保存组账号和密码的认证文件的路径
#Require user zhangsan————————————#仅允许指定用户访问
#Require group zhangsan——————————#仅允许指定组访问
</Directory>
3. Verify user access authorization
mkdir -p /var/www/html/test
echo "<h1>this is vdir test</h1>" > /var/www/html/test/index.html
systemctl restart httpd
在客户机中浏览器访问
http://192.168.241.3:80/test
Eight, Apache log segmentation
Use Apache's built-in rotatelogs segmentation tool to automatically segment Apache logs according to the date of each day.
vim /usr/local/httpd/conf/httpd.conf
####275行####修改
ErrorLog "| /usr/local/bin/rotatelogs -l /var/log/httpd/error_%Y%m%d.log 86400"————————————————————分割错误日志
####305行####修改
CustomLog "| /usr/local/bin/rotatelogs -l /var/log/httpd/access_%Y%m%d.log 86400" combined————————————分割访问日志
vim /usr/local/httpd/conf/extra/httpd-vhosts.conf
ErrorLog "| /usr/local/bin/rotatelogs -l /var/log/httpd/benet.com-error_%F.log 86400"
CustomLog "| /usr/local/bin/rotatelogs -l /var/log/httpd/benet.com- access_%F.log 86400" combined
#开头的|为管道符号。
#-l选项表示使用本地时间为时间基准。
#86400表示1天,即每天生成一个新的日志文件。
mkdir /var/log/httpd————————创建分割后的日志文件保存目录
systemctl restart httpd
ls /var/log/httpd
Nine, AWStats analysis system
AWStats is an open source log analysis system developed using Perl language, which is used to complete automated log statistics and analysis.
1. Transfer the software packages required to install Awstats to
awstats-7.6.tar.gz in the /opt directory
2. Install AWStats package
cd /opt
tar zxvf awstats-7.6.tar.gz
mv /opt/awstats-7.6 /usr/local/awstats
3. Establish a configuration file for the site to be counted
cd /usr/local/awstats/tools
./awstats_configure.pl
......
Config file path ('none' to skip web server setup):
> /usr/local/httpd/conf/httpd.conf————————输入httpa服务主配置文件的路径
Your web site,virtual server or profile name:
> www.kgc.com————————————输入要统计的站点域名
其它全部是y或者回车
After all press enter
3. Modify the automatically generated awstats access permissions and load the CGI module (Apache2.4 or higher version needs to load the CGI module)
vim /usr/local/httpd/conf/httpd.conf
ErrorLog "logs/error_log"
CustomLog "logs/access_log" combined
#####143行
<IfModule !mpm_prefork_module>
LoadModule cgid_ module modules/mod_cgid.so——————取消注释
</IfModule>
<IfModule mpm_prefork_module>
LoadModule cgi_module modules/mod_cgi.so——————取消注释
</IfModule>
##跳至末行修改##
<Directory "/usr/local/awstats/wwwroot">
Options None
AllowOverride None
#Order allow,deny——————注释掉
#Allow from all—————注释掉
Require all granted————————添加
</Directory>
4. Modify the site statistics configuration file
vim /etc/awstats/awstats.www.kgc.com.conf
LogFile="/usr/local/httpd/logs/access_log"——————————修改访问日志文件位置
DirData="/var/lib/awstats"————————awstats目录默认不存在,需要手动创建
5. Perform log analysis and set up cron scheduled tasks
systemctl restart httpd
cd /usr/local/awstats/tools/
./awstats_updateall.pl now————————更新数据(根据站点配置文件指定的日志文件路径)
crontab -e
*/5 * * * * /usr/local/awstats/tools/awstats_updateall.pl now
systemctl start crond
6. Visit AwStats analysis system site
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
echo "192.168.241.3 www.kgc.com" >> /etc/hosts
浏览器访问
http://www.kgc.com/awstats/awstats.pl?config=www.kgc.com
Remember to restart the service after setting this. To get the traffic
7. Optimize the web address
vim /var/www/html/aws.html
<html>
<head>
<meta http-equiv=refresh content="O;url=http://www.kgc.com/awstats/awstats.pl?config=www.kgc.com">
</head>
<body></body>
</html>
HTML文件结构解释:
<html> </html>:用于HTML文件结构最外层表示的标签
<head></head>:用于HTML网页内容描述信息的头标签
<body></body>:用于显示网页内容的内容标签
<meta>:定义了HTML文档中的元数据,比如针对搜索引擎和更新频度的描述和关键词。这里的http-equiv=refresh用于实现网页自动跳转
浏览器访问
http://www.kgc.com
