System management and network service
The configuration of the experimental environment:
configure the network card file to
build the software warehouse
View the specific configuration process (software warehouse configuration)
http: Hypertext Transfer Protocol (check data)
curl -I www.taobao.com
Note: View the service software
Apache
nginx
stgw
jfe
How to install Apache to
install the Apache service
Open the Apache
setting firewall (set when the firewall is turned on)
firewall-cmd --permanent --add--service=http
fire-cmd --reload
fire-cmd --list-all
Operation process:
Basic configuration of Apache
Service name: httpd
view configuration file
netstat -antlupe | grep httpd
Port change
netstat -antlupe | grep httpd View the port
Edit the main configuration file Listen
45 line
Firewall must set the port to open
Restart the httpd service, and view the change result
/var/www/html (default publishing file)
requirement: file name: index.html
How to change the default publishing file
setting
/etc/httpd/conf/httpd.conf in the main configuration file
When there are two default files, access the file westos. When the file westos does not exist, access index.html.
Note: After the modification is completed, the htppd service must be restarted and verified on the web page.
Change of the default publishing directory, line 122 in the main configuration file of the
original directory /var/www/html
<Directory “/var/www/westos”>
Require all granted
and authorize access to the directory.
Restart the httpd service and verify on the web page
Apache access control
Based on ip
All users are prohibited from accessing, only 172.25.254.40 users are allowed to access
User-based access settings
Write htpasswd -cm /etc/httpd/.htpasswd lee
htpasswd -m /etc/httpd/.htpasswd lee
in the main configuration file (about 130 lines)
and restart the service.
When you visit again, you don’t need to enter the user and password
browser information Clear ctrl +shift+del
Apache virtual host
Solve the publishing of multiple pages,
assuming the website is westos.org
linux shell python is the three sub-pages in westos.org
Note: local address resolution (the host where the browser is located)
At this time, when you visit the four web pages, you will all visit
the sub-configuration directory of the default test page Apache: /etc/httpd/conf.d
configuration root directory /etc/httpd
Note: ~ in the above figure is an incorrect input, after completing the above configuration Restart the htppd service and
you can access the three sub-pages through the domain name
Apache to (php perl python) access
https:
The security of encrypted transmission plaintext is too poor
php release
Note: successful access to php
perl access
Cgi executes the script.
Condition: Install the help documentation of httpd-manual Apache
Find the cgi program through the network
Create /var/www/html/cgi
write file index.cgi
chmod +x index.cgi
modify file permissions
modify the main file /etc/httpd/conf.d/vhost.conf
restart httpd service, apache access Show results
python access
The configuration of the experimental environment:
dnf install mod_ssl
After dnf install mod_ssl is
completed, there will be an encrypted configuration file in /etc/httpd/conf.d.
Restart httpd
firewall-cmd --permanent --add-service=https ##Firewall supports
firewall-cmd --reload
firewall-cmd - list-all
openssl genrsa -out /etc/httpd/webkey/www.westos.org.key 2048
openssl genrsa -out /etc/httpd/webkey/www.westos.org.csr 2048 ##visa
After creating the directory
openssl genrsa -out /etc/httpd/webkey/www.westos.org.key 2048 #Generate key
openssl req -new -key /etc/httpd/webkey/www.westos.org.key -out /etc/httpd/webkey/www.westos.org.csr ##visa request writing
##Fill in company information,
country, province, city company Department domain mailbox
openssl x509 -req -days 365 -in /etc/httpd/webkey/www.westos.org.csr -signkey /etc/httpd/wenkey/www.westos.org.key -out /etc/httpd/webkey/www. westos.org.crt
##certificate issue
#x509 certificate format
#-rep request
#-in load visa name
Create an encrypted website
/var/www/westos.org/lodin -p
echo login.westos.org> /var/www/westos.org/login/index.html
vim /etc/httpd/conf.d/vhost.conf
<VirtualHost *:443>
ServerName=login.westos.org
DocumentRoot /var/www/westos.org/login
Customlog logs/login.log combined
SSLENGINE ON
SSLCertificateFile /etc/httpd/webkey/www.westos.org.crt
SSLCertificateKeyFile /etc/httpd/webkey/www.westos.org.key
Use sp /etc/httpd/conf.d/ssl.conf ##Parameter reference file
systemctl restart httpd ##Restart the system
vim /etc/hosts ##Edit local analysis
No http access, port conversion from 80 to 443
vim /etc/httpd/conf.d/vhost.conf
<VirtualHost :80>
ServerName=login.westos.org
RewriteEngine On
RewriteRule ^(/. )$ https://%{ HTTP_HOST}$1 ##Automatically encrypt and
restart the service