apache configuration
-
- 1.1 Build a virtual web host
- 1.2 Virtual hosting based on domain name
- 1.3 Virtual host based on IP address
- 1.4 Port-based virtual hosting
- 1.5 Apache connection retention
- 1.6 Building a web virtual directory and user authorization restrictions
- 1.6.1 Create user authentication data
- 1.6.2 Add user authorization configuration
- 1.6.3 Verify user access authorization
- 1.6.4 Browser access in the client
- 1.7 apache log split
- 1.8 Awstats analysis system
-
- 1.8.1 Transfer the software packages required to install Awstats to the /opt directory
- 1.8.2 Install Awstats package
- 1.8.3 Establish a configuration file for the site to be counted
- 1.8.4 Modify the automatically generated awstats access permissions and load the CGI module (Apache 2.4 or higher needs to load the C0GI module)
- 1.8.5 Modify site statistics configuration file
- 1.8.6 Perform log analysis and set up cron scheduled tasks
- 1.8.7 Visit Awstats analysis system site
- 1.8.8 Browser access
- 1.8.9 Optimize webpage address
- 1.8.10 Browser access
1.1 Build a virtual web host
Virtual web host refers to running multiple web sites on the same server, each of which does not actually occupy the entire server independently, so it is called a virtual web host. Virtual web hosting services can make full use of the hardware resources of the server, thereby greatly reducing the cost of website construction and operation.
The use of httpd service can be very convenient to build a virtual host server, only need to run a httpd service to support a large number of web sites at the same time. The virtual host types supported by the httpd service include the following three:
1. Based on the domain name, a different domain name is used for each virtual host, but the corresponding IP address is the same. For example, the IP addresses of www.benet.com and www.accp.com are both 192.168.238.10. This is the most commonly used type of virtual web host.
2. Based on the IP address, use a different domain name for each virtual host, and the corresponding IP address is different. This method requires multiple network interfaces for the server, so the application is not very extensive.
3. Based on the port, this method does not use domain names and IP addresses to distinguish different site content, but uses different TCP port numbers, so users need to specify the port number when browsing different virtual sites to access.
1.2 Virtual hosting based on domain name
1.2.1 Provide domain name resolution for virtual hosts
Method 1: Deploy DNS domain name resolution server to provide domain name resolution
Method 2: Temporarily configure the mapping between domain name and IP address in the /etc/hosts file
echo "192.168.238.10 www.benet.com" >> /etc/hosts
echo "192.168.238.10 www.accp.com" >> /etc/hosts
1.2.2 Prepare web documents for virtual hosts
mkdir -p /var/www/html/benet
mkdir -p /var/www/html/accp
echo "<h1>www.benet.com</h1>" > /var/www/html/benet/index.html
echo "<h1>www.accp.com</h1>" > /var/www/html/accp/index.html
1.2.3 Add virtual host configuration
vim /usr/local/httpd/conf/extra/httpd-vhosts.conf
#vim /etc/httpd/conf.d/vhosts.conf
<VirtualHost 192.168.238.10:80>
# ServerAdmin [email protected]
DocumentRoot "/var/www/html/benet"
ServerName www.benet.com
# ServerAlias www.dummy-host.example.com
ErrorLog "logs/benet.com-error_log"
CustomLog "logs/benet.com-access_log" common
</VirtualHost>
<VirtualHost 192.168.238.10:80>
DocumentRoot "/var/www/html/accp"
ServerName www.accp.com
ErrorLog "logs/accp.com-error_log"
CustomLog "logs/accp.com-access_log" common
</VirtualHost>
vim /usr/local/httpd/conf/extra/httpd-vhosts.conf 源码编译安装的虚拟主机配置文件路径
#vim /etc/httpd/conf.d/vhosts.conf RPM或YUM安装的虚拟主机配置文件路径
<VirtualHost 192.168.238.10:80> 设置虚拟战斗区域
# ServerAdmin [email protected] 设置管理员邮箱,这行可忽略
DocumentRoot "/var/www/html/benet" 设置网站根目录
ServerName www.benet.com 设置web站点的完整域名(主机名+域名)
# ServerAlias www.dummy-host.example.com
ErrorLog "logs/benet.com-error_log" 设置错误日志文件的路径
CustomLog "logs/accp.com-access_log" common 设置访问日志文件的路径
</VirtualHost>
<VirtualHost 192.168.238.10:80>
DocumentRoot "/var/www/html/accp"
ServerName www.accp.com
ErrorLog "logs/accp.com-error_log"
CustomLog "logs/accp.com-access_log" common
</VirtualHost>
1.2.4 Set access control
<Directory "/var/www/html">
Options None
AllowOverride None
Require all granted
</Directory>
<Directory "/var/www/html"> 设置目录访问权限
Options None 不启用任何的服务器特性
AllowOverride None 不允许重写Apache默认配置
Require all granted 允许所有主机访问
</Directory>
1.2.4.1 Options command explanation
The main function of the options command is to control which server features will be enabled for a specific directory. It can be used in the virtual host configuration (VirtualHost), specific directory configuration (Directory) and .htaccess file of the Apache service configuration file.
1.2.4.2 options command common options
None: Indicates that no server features are enabled.
FollowSymLinks: The server allows symbolic links (soft links) in this directory.
Indexes: If the entered URL corresponds to a file directory on the server, and there is no file specified by the DirectoryIndex directive in the Apache configuration file in this directory (for example: DirectoryIndex index.html index.php), then all the files in the directory will be listed file.
Multiviews: If the path requested by the client may correspond to multiple types of files, the server will automatically select a file that best matches the requirements of the client according to the specific conditions of the client's request. For example, there are two files named hello.jpg and hello.html in the file folder of the server site. At this time, the user enters http://localhost/file/hello. If there is no hello sub-file in the file folder Directory, then the server will try to find a file like hello.* in the file folder, and then return the hello.jpg or hello.html that best matches the requirements according to the specific conditions of the user's request.
All: Indicates all features except Multiviews. This is also the default setting of the Options command.
All stands for Followsymlinks and indexes
1.2.4.3 Allowoverride instruction explanation
.htaccess (distributed implicit configuration file): Provides a method to change the configuration for each directory, that is, place a file containing a specific command in a specific directory, and the command acts on this directory and all its subdirectories.
When AlloOverride is set to None, the .htaccess file in the corresponding configuration directory is not read, that is, it cannot take effect.
When AlloOverride is set to All, every time a file in the corresponding directory is requested, the configuration of the .htaccess file will be read, which means that the original Apache directive will be overwritten by the directive in the .htaccess file.
For performance and security considerations, the use of .htaccess files is generally avoided as much as possible. Any configuration that you want to put in the .htaccess file can be put in the section of the main configuration file (httpd.conf) and is efficient. Therefore, the Allowoverride attribute is generally configured as None.
1.2.4.4 Address restriction strategy
Require all granted 允许所有主机访问
Require all denied 拒绝所有主机访问
Require local 仅允许本地主机访问
Require [not] host <主机名或域名列表> 允许或拒绝指定主机或域名访问
Require [not] ip <IP地址或网段列表> 允许或拒绝指定IP地址网络访问
1.2.5 Load independent configuration file
vim /usr/local/httpd/conf/httpd.conf 源码编译安装的httpd服务主配置文件路径
483行---取消注释(我的在480行)
Include conf/extra/httpd-vhosts.conf 加载独立的配置文件
vim /etc/httpd/conf/httpd.conf RPM或YUM安装的httpd服务主配置文件路径
IncludeOptional conf.d/*.conf 最后一行已默认开启此项
systemctl restart httpd
1.2.6 Visit the virtual web host in the client
http://www.benet.com
http://www.accp.com
1.3 Virtual host based on IP address
ifconfig ens33:0 192.168.238.100 netmask 255.255.255.0
vim /usr/local/httpd/conf/extra/httpd-vhosts.conf
<VirtualHost 192.168.238.10:80>
DocumentRoot "/var/www/html/benet"
ServerName www.benet.com
ErrorLog "logs/benet.com-error_log"
CustomLog "logs/benet.com-access_log" common
</VirtualHost>
<VirtualHost 192.168.238.100:80>
DocumentRoot "/var/www/html/accp"
ServerName www.accp.com
ErrorLog "logs/accp.com-error_log"
CustomLog "logs/accp.com-access_log" common
</VirtualHost>
<Directory "/var/www/html">
Options None
AllowOverride None
Require all granteede
</Directory>
vim /usr/local/httpd/conf/httpd.conf
53行---插入
Listen 192.168.238.100:80
(若做了上面基于域名的虚拟,可以将483行的重新注释)
systemctl restart httpd
Visit the virtual web host in the browser on the client
http://192.168.238.10
http://192.168.238.100
1.4 Port-based virtual hosting
vim /usr/local/httpd/conf/extra/httpd-vhosts.conf
<VirtualHost 192.168.238.10:80>
DocumentRoot "/var/www/html/benet"
ServerName www.benet.com
ErrorLog "logs/benet.com-error_log"
CustomLog "logs/benet.com-access_log" common
</VirtualHost>
<VirtualHost 192.168.238.10:8080>
DocumentRoot "/var/www/html/accp"
ServerName www.accp.com
ErrorLog "logs/accp.com-error_log"
CustomLog "logs/accp.com-access_log" common
</VirtualHost>
<Directory "/var/www/html">
Options None
AllowOverride None
Require all granted
</Directory>
vim /usr/local/httpd/conf/httpd.conf
53行---插入
Listen 192.168.238.10:8080
systemctl restart httpd
Browser access to virtual web host in client
http://192.168.238.10:80
http://192.168.238.10:8080
1.5 Apache connection retention
vim /usr/local/httpd/conf/extra/httpd-default.conf
KeepAlive On
sets whether to open the connection keep function, followed by OFF to indicate close, and press ON to indicate open. You can decide whether to open it according to the number of concurrent requests of the website, that is, open the connection retention function when the concurrency is high, and close this function when the concurrency is not high.
MaxKeepAliveRequests 100 is
used to set the maximum number of requests that can be transmitted in a long connection. If the maximum number of requests is exceeded, the connection will be disconnected. The maximum setting is determined by the content of the web page in the website. Generally, the number of settings will be more than all in the website element.
KeepAliveTimeout 5
sets the maximum interval time between multiple requests from the same client connection, that is, the connection will be automatically disconnected after the time between two requests, thereby avoiding the client from occupying connection resources.
1.6 Building a web virtual directory and user authorization restrictions
1.6.1 Create user authentication data
cd /usr/local/httpd/bin
./htpasswd -c /usr/local/httpd/conf/user xyw
-c选项表示新建用户数据文件,缺省时则表示指定的用户数据文件已经存在,用于添加新的用户或修改现有用户的密码
./htpasswd /usr/local/httpd/conf/user zhangsan
cat /usr/local/httpd/conf/httpd.conf 确认用户数据文件
1.6.2 Add user authorization configuration
vim /usr/local/httpd/conf/httpd.conf
--末行添加--
Alias /test /var/www/html/test
<Directory "/var/www/html/test">
AuthName "Hello!"
AuthType Basic
AuthUserFile /usr/local/httpd/conf/user
Require valid-user
#authgroupfile /usr/local/httpd/conf/group
#Require user zhangsan
#Require group zhangsan
</Directory>
Alias /test /var/www/html/test 设置虚拟目录的根目录,/test为虚拟目录名称
<Directory "/var/www/html/test"> 设置虚拟目录配置区域
AuthName "Hello!" 定义受保护的领域名称,会在认证对话框中显示
AuthType Basic 设置认证的类型,basic表示基本认证
AuthUserFile /usr/local/httpd/conf/user 设置用于保存用户账号和密码的认证文件的路径
Require valid-user 开启用户认证,只有认证文件中的合法用户才能访问
#authgroupfile /usr/local/httpd/conf/group 设置用于保存组账号和密码的认证文件的路径
#Require user zhangsan 仅允许指定用户访问
#Require group zhangsan 仅允许指定组访问
</Directory>
1.6.3 Verify user access authorization
mkdir -p /var/www/html/test
echo "<h1>this is vdir test</h1>" > /var/www/html/test/index.html
systemctl restart httpd
The following is the debugging content
1.6.4 Browser access in the client
http://192.168.238.10:80/test
1.7 apache log split
Use Apache's own rotatelogs segmentation tool to automatically split the Apache log according to the date of the day
vim /usr/local/httpd/conf/httpd.conf
275行--修改
ErrorLog "| /usr/local/bin/rotatelogs -l /var/log/httpd/error_%Y%m%d.log 86400" #分割错误日志
305行--修改
CustomLog "| /usr/local/bin/rotatelogs -l /var/log/httpd/access_%Y%m%d.log 86400" combined #分割访问日志
vim /usr/local/httpd/conf/extra/httpd-vhosts.conf
ErrorLog "| /usr/local/bin/rotatelogs -l /var/log/httpd/benet.com-error_%F.log 86400"
CustomLog "| /usr/local/bin/rotatelogs -l /var/log/httpd/benet.com-access_%F.log 86400" combined
#开头的 | 为管道符号
#-l 选项表示使用本地时间为时间基准
#86400表示一天,及每天生成一个新的日志文件
mkdir /var/log/httpd 创建分割后的日志文件保存目录
systemctl restart httpd
ls /var/log/httpd
1.8 Awstats analysis system
Awstats is an open source log analysis system developed using Perl language, which is used to complete automated log statistics and analysis.
1.8.1 Transfer the software packages required to install Awstats to the /opt directory
awstats-7.6.tar.gz
1.8.2 Install Awstats package
cd /opt
tar zxvf awstats-7.6.tar.gz
mv /opt/awstats-7.6 /usr/local/awstats
1.8.3 Establish a configuration file for the site to be counted
cd /usr/local/awstats/tools
./awstats_configure.pl
......
Config file path ('none' to skip web server setup):
> /usr/local/httpd/conf/httpd.conf 输入httpd服务主配置文件的路径
Your web site, virtual server or profile name:
> www.xyw. com 输入要统计的站点域名
其它全是y或者回车
1.8.4 Modify the automatically generated awstats access permissions and load the CGI module (Apache 2.4 or higher needs to load the C0GI module)
vim /usr/local/httpd/conf/httpd.conf
ErrorLog "logs/error_log"
CustomLog "logs/access_log" combined
......
--143行--
<IfModule !mpm_prefork_module>
LoadModule cgid_module modules/mod_cgid.so 取消注释
</IfModule>
<IfModule mpm_prefork_module>
LoadModule cgi_module modules/mod_cgi.so</IfModule> 取消注释
</IfModule>
......
-跳至末行修改-
<Directory "/usr/local/awstats/wwwroot">
Options None
AllowOverride None
#Order allow, deny 注释掉
#Allow from all 注释掉
Require all granted 添加
</Directory>
1.8.5 Modify site statistics configuration file
“/var/log/httpd/mylog.log”
vim /etc/awstats/awstats.www.xyw.com.conf
LogFile="/usr/local/httpd/logs/access_log" #修改访问日志文件位置
DirData="/var/lib/awstats" #awstats目录默认不存在,需要手动创建
mkdir /var/lib/awstats
1.8.6 Perform log analysis and set up cron scheduled tasks
systemctl restart httpd
cd /usr/local/awstats/tools/
./awstats_updateall.pl now 更新数据(根据站点配置文件指定的日志文件路径)
crontab -e
*/5 * * * * /usr/local/awstats/tools/awstats_updateall.pl now
systemctl start crond
1.8.7 Visit Awstats analysis system site
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
echo "192.168.238.10 www.xyw.com" >> /etc/hosts
1.8.8 Browser access
http://www.xyw.com/awstats/awstats.pl?config=www.xyw.com
1.8.9 Optimize webpage address
vim /var/www/html/aws.html 这里出现了问题,然后有了下面这一步修改
cp /var/www/html/aws.html /usr/local/httpd/htdocs/
正确的内容是:
vim /usr/local/httpd/htdocs/
<html>
<head>
<meta http-equiv=refresh content="o;url=http://www.xyw.com/awstats/awstats.pl?config=www.xyw.com">
</head>
<body></body>
</html>
HTML文件结构解释:
<html> </html>:用于HTML文件结构最外层表示的标签
<head> </head>:用于HTML网页内容描述信息的头标签
<body> </body>:用于显示网页内容的内容标签
<meta>:定义了HTML文档中的元数据,比如针对搜索引擎和更新频度的描述和关键词。这里的http-equiv=refresh用于实现网页自动跳转
1.8.10 Browser access
http://www.xyw.com/aws.html
