As one of the most popular web servers today, Httpd (ie Apache) plays a vital role in the Internet.
Httpd installation (the operating system is Centos6)
There are usually two ways to install Httpd, one is to install directly using rpm package, and the other is to compile and install from source code. Here we first use the rpm package to install it directly.
[root@localhost ~]# yum install httpd
After installation, we can see what files are generated
[root@localhost ~]# rpm -ql httpd
A few more important files:
Configuration files:
/etc/httpd/conf/httpd.conf
/etc/httpd/conf.d/*.conf
Service scripts:
/etc/rc.d/init.d/httpd
scripts Configuration files:
/etc/sysconfig/httpd
module directory:
/etc/httpd/modules: link file
/usr/lib64/httpd/modules
Main program:
/usr/sbin/httpd: prefork
/usr/sbin/httpd.event: event
/usr/ sbin/httpd.worker: worker
log file directory:
/var/log/httpd
access_log: access log
error_log: error log
Persistent connections (aka persistent connections)
A persistent connection means that when the client requests resources from the server within a specified period of time or the specified number of requests, it does not need to re-establish a connection through the TCP three-way handshake every time, but directly requests, which greatly saves time. However, it is not suitable for all requesters. For some users who only request once or a few times, this becomes a resource-consuming process, so long connections directly affect the performance of the server.
Timeout 60
During the three-way handshake between the client and the server, when the client initiates a request and the server responds to the request, the server waits for the client to confirm the time. If the client does not confirm within the time, the server will close the time. TCP handshake.
KeepAlive {On|Off}
Whether the persistent connection is enabled
MaxKeepAliveRequests 100
The maximum number of requests for a single persistent connection of the server, if it exceeds
KeepAliveTimeout 15
The maximum connection duration of a single persistent connection, if it exceeds, it will be disconnected
The MPM parameter
here defines the working mode of httpd (note: only one of them can be used)
httpd uses prefork by default under linux, of course, we can define it ourselves.
prefork : httpd uses processes to provide services, each process provides the service once at the same time.
worker : When httpd starts, several sub-processes will be derived from the root process. Each sub-process will have a fixed number of threads. It is these threads that will provide services at that time, that is to say, a process can provide multiple services at the same time. .
<IfModule prefork.c>
StartServers 8 is the number of child processes created by the root process when httpd is just started
MinSpareServers 5 Minimum number of idle child processes
MaxSpareServers 20 最大的空闲子进程数
ServerLimit 256 服务器能接受的最大的并发请求数
MaxClients 256 客户端最大并发请求的数量 显然它必须小于serverlimit
MaxRequestsPerChild 4000 每个子进程最多可以接受的请求数,超过即KILL
</IfModule>
<IfModule worker.c>
StartServers 4 是httpd刚启动时,root进程创建的子进程数
MaxClients 300 客户端最大并发请求的数量
MinSpareThreads 25 最少的空闲线程数
MaxSpareThreads 75 最大的空闲进程数
ThreadsPerChild 25 每个子进程最多可以生成的线程数
MaxRequestsPerChild 0 每个子进程可接受的请求数,0表示任意个
</IfModule>
指定监听的地址和端口
格式:Listen [IP:]PORT IP地址可以省略
端口是可以定义多个的,他并不是唯一的
一般httpd默认监听在80端口
DSO机制装载的模块
DSO即Dynamic Shared Object动态分享对象。
这里定义了系统装载的一些模块,其格式为
LoadModule Module_Name(模块名称)/path/to/Module_File
(模块路径,这里是相对路径,相对于前面定义的ServerRoot "/etc/httpd"目录下,当然也可以使用绝对路径)
如果你想添加模块的话,直接按照格式写在配置文件中即可;
当然,你不想启用的话可以直接通过#进行注释即可,保存后即可生效。
你也可以通过命令查看装载的模块信息
# httpd -D DUMP_MODULES
指定站点根目录
DocumentRoot "/var/www/html"
DocumentRoot定义了httpd服务器的站点根目录,你在互联网上访问该服务器时访问的都是该根目录下的内容;当然,路径也是可以自己定义的,默认一般都为/var/www/html
站点路径访问控制
这里的访问控制可以有2种方式:
基于本地文件系统路径:
<Directory "/path/to/somewhere"> </Directory>
(1) Options
Indexes: 当访问的路径下无默认的主页面,将所有资源以列表形式呈现给用户;
这项比较危险,一般不建议启用;当然如果作为文件服务器让别人下载文件的话可以启用。
FollowSymlinks: 跳跃符号链接,直接相当于访问符号链接指向的文件。
(2) AllowOverride
支持在每个页面目录下创建.htaccess用于实现对此目录中资源访问时的访问控制功能。
(3) Order
Deny为拒绝,allow为允许。网络地址格式较为灵活:
172.16
172.16.0.0
172.16.0.0/16
172.16.0.0/255.255.0.0
可以通过deny和allow的先后顺序不同来定义白名单和黑名单
例如:
order deny allow
deny 192.168.0.1
这样就定义了一个黑名单,除了192.168.0.1都可以访问
再如:
order allow deny
allow 172.16.0.0/16
这样就定义了个白名单,除了172.16.0.0网段的都不能访问
基于URL访问路径做访问控制
<Location "/path/to/URL"> </Location>
定义默认的主页面:
DirectoryIndex index.html index.html.var
DirectoryIndex可以定义服务器的默认主页面
这里需要解释的是:当通过互联网访问你的服务器时,访问的是某个路径,而非路径下的文件时,如果该路径下有对应的index.html或者index.html.var文件,则显示为该文件的内容,否则,则会根据站点访问控制里的options选项显示相应的内容。
配置日志功能
这里定义了错误日志以及访问日志,日志的等级,日志的格式等。
ErrorLog "/path/to/error_log" 错误日志路径
LogLevel {debug|info|notice|warn|error|crit|alert|emerg} 日志等级
LogFormat 日志格式
CustomLog "/path/to/access_log" LogFormat_Name 访问日志路径以及日志格式名称
下面是日志格式中一些选项的意义。
%h: 客户端地址
%l: 远程登录名,通常为-
%u: 认证时输入用户名,没有认证时为-
%t: 服务器收到 用户请求时的时间
%r:请求报名的起始行
%>s: 响应状态码
%b: 响应报文的长度,单位是字节
%{HEADER_NAME}i: 记录指定首部对应的值
路径别名
路径别名可以实现URL路径的映射,从而所访问的页面资源不再依赖于站点的根目录。
格式:
Alias /URL/ "/path/to/somewhere/"
CGI脚本
脚本的默认存放位置:/var/www/cgi-bin/
在浏览器中的访问格式:http://server/cgi-bin/
虚拟主机
虚拟主机可以分成3类
1、基于端口
2、基于IP
3、基于主机名
注意,使用虚拟的前提:取消主服务器,即注释主服务器的站点根路径指定:DocumentRoot
定义虚拟主机
NameVirtualHost IP:PORT
<VirtualHost IP:PORT>
ServerName
DocumentRoot
ServerAlias
ErrorLog
CustomLog
</VirtualHost>
配置文件语法检查:
httpd -t
service httpd configtest
配置示例:
<VirtualHost 172.16.249.57:80> 第一个和第二个是基于主机名的,第三个是基于端口的
ServerName www.a.org
DocumentRoot "/web/a" 需要声明的是这些目录都要先创建起来,并且每个根目录下
</VirtualHost> 都有创建index.html文件,里面分别写上a,b,c
<VirtualHost 172.16.249.57:80>
ServerName www.b.net
DocumentRoot "/web/b"
</VirtualHost>
<VirtualHost 172.16.249.57:8080>
ServerName www.c.gov
DocumentRoot "/web/c"
</VirtualHost
转:http://wiggins.blog.51cto.com/8733640/1538289