table of Contents
1. Start the httpd service first
2. Use the port to verify whether the service is started
4. Analysis of the main configuration file of the Apache service software
Apache's access control settings
Apache configuration
web service
Use the operating system as a web server. After the homepage is placed on the server, it is shared by the web service. Others connect to my service. I will show you the homepage file. I can help you parse the HTML homepage information.
Most of the web services we use now are http This software
lamp platform:
L=Linux
A=Apache (Apache is the name of a website community, Apache has a lot of software underneath, among which http software is very well-known, so that many people call http software Apache, remember that http is Apache will do)
M=MySQL (database)
P=PHP
dynamic webpages:
Contact: The
system linux uses Apache's http software, no matter what database or programming language, as long as this language can read and write the contents of the database, HTML statements can be generated through this language, and the home page generated by HTML statements It can be shared by Apache.
For example: After
posting a message, php submits your statement to the database,
php logs in to the database, calls all your messages, and displays your message
to the homepage.
Apache
I installed it once when I was learning the source code package. This time I won’t talk about the httpd of the source package.
Such an important web service software must have been installed under normal circumstances on our current operating system.
Confirm whether there is this service (included in general Linux systems )
rpm -qa | grep httpd
You can see that it has been installed, so what is the difference between this and the previous source packaging? The difference is that this is httpd installed by the rpm package software. The previous one was packaged in source code.
This software package has been packaged in the system by rpm for a long time, and it has been installed again.
Since this software comes with it, how can this software be used?
Since it is a web service, it is an external service. The external service must have an IP address. After the service is started, there must be a port number.
Others connect to your port through the IP address and send your homepage information to the user through your port.
External service
ip address Port number 80 (HTTP) 443 (HTTPS)
Check your own IP:
1. Start the httpd service first
service httpd start
2. Use the port to verify whether the service is started
ss -antpl | grep 80 (ss is the command to view the open ports of the machine, and netstat is also OK)
3. Create a homepage
The homepage of this service is under the path /var/www/html/ (the homepage is also a constantly changing file)
, and there is nothing by default, so you need to write it yourself
It is best to turn off both selinux and firewall (it may be restricted by them)
Centos7 view firewall status: firewall-cmd --state
centos7 close the firewall command: systemctl stop firewalld.service
permanently close the firewall: chkconfig -level 35 iptables offCentos6 view firewall status: service iptables status or /etc/init.d/iptables status
Centos6 to turn on/off/restart the firewall: service iptables start/stop/restart to
permanently turn off the firewall: /sbin/service iptables stop chkconfig iptables off to take effect after restarting the systemUse root authority to turn off the firewall: execute /etc/init.d/iptables stop, and run the command /etc/init.d/iptables status to view the firewall status. This method is to temporarily disable the firewall. After restarting the system, the firewall will automatically start
You can also use setup to turn off the firewall in centos7
Press space to close
Sometimes selinux will restrict according to the label, and some labels are correct without restriction.
Close: setenforce 0
Let's verify if my homepage can be seen, open winxp-1 (ip has been configured as 192.168.1.1, vmnet2),
open the browser of winxp-1, and enter the other party's IP: 192.168.1.254
Explain that the homepage was successfully shared
4. Analysis of the main configuration file of the Apache service software
vim /etc/httpd/conf/httpd.conf
Join the server that has been captured, log in to winxp and enter 192.168.1.254/share/ (share is created by yourself), copy passwd and shadow into it, and download
Turn off the shared directory function:
Turn off the index, which is the index function, which is the function of the shared directory
After saving, restart the service service httpd restart
and then use winxp-1 access after restarting, you will not have permission to access this path.
Apache's access control settings
First open the Apache configuration file
vim /etc/httpd/conf/httpd.conf
1. Homepage access control
Order allow, deny (allow before deny and after deny can be understood as a whitelist : all "good people" in it) allow first and then deny
Allow from 192.168.1.2 (whoever writes allow from, whoever can access)
[if written as Allow from 192.168.1. Indicates that all hosts in this network segment can access, and one network segment is allowed]Order deny, allow (write deny first and then write allow is equivalent to a blacklist )
Deny from 192.168.1.2 (whoever writes allow from can not access)
If you want to deny a network segment: Deny from 192.168.1. (dot can't Omit, no need to write 0, no need to write subnet mask)
Requirements: Only allow the 192.168.1.2 host to access the homepage
Comment those two lines, don’t delete them, copy 2yy, and paste p
Restart the service after saving the configuration file to take effect
Use winxp-1 (192.168.1.1) browser to visit 192.168.1.254
Visit 192.168.1.254/index.html and find that access is denied
Change the IP of winxp-1 to 192.168.1.2 and log in successfully to access
2. Encrypt the page
To access, you need to enter the user name and then the password before you can enter.
Where do you get the user name and password? Need to configure yourself to
create a small tool for username and password: htpasswd
[root@Waffle ~]# htpasswd -c /etc/httpd/conf/httpuser tom (httpuser is created by myself)
New password:
Re-type new password:
Adding password for user tom
Set this file only apache can read
Set the apache configuration file
Restart the service after saving
Construction of LAMP platform
1、Linux
2. apache (already installed)
3、mysql
Install yum install mysql-server -y (add -y no need to manually determine)
Start service mysqld start
Set user password for database mysqladmin -u root -p password "123456"
Log in to the database mysql -u root -p
4、PHP
Install yum install php (Y)
PHP needs some plug-ins to connect to the database:
Install plug-ins 1 yum install php-mysql (Y)
Install plugin 2 rpm -ivh php-mbstring
Configure php configuration file
vim /etc/php.ini
Write the index.php file under /var/www/html/
vim /var/www/html/index.php
<?
phpinfo();
?>
Apache must have read permissions on this file