Article directory
Reprinted from cpolar article: Linux CentOS builds a Web site locally and realizes public network access
foreword
In a web project, if the deployed web site needs to be accessed externally, a medium is needed. By placing resources in this medium and pointing to the site through the exposed port, when the port corresponding to the medium is accessed externally, the medium Point to the site and complete the access. For similar media, tomcat containers, Apache, etc. are commonly used, and Apache is used here to build.
Apache2 is a popular web server application, which is commonly referred to as the server that runs the website. At present, apache has been renamed in centos, called httpd.
1. Build a web site locally
Install httpd, enter the command, y/N appears, enter y
yum install httpd
After the installation is complete, check the version information. If the following version information appears, the installation is successful.
httpd -v
start service
service httpd start
2. Test LAN access
Open the browser and enter http://192.168.XX.XX, LAN access, httpd defaults to port 80, no need to add port when accessing
Note, if this page does not appear, it may be a firewall problem, enter the following command to close the firewall (centos8)
systemctl stop firewalld.service
3. Expose the local web site
Since the site is on the local device, it can be accessed between LANs, but it cannot be accessed in the public network environment. Next, publish the web site to the public network.
Here, cpolar internal network penetration is used to create an http tunnel, and map port 80 of the internal network to the public network. There is no need for a public network IP, no need to set up a router, and no need to purchase a cloud server.
cpolar official website: https://www.cpolar.com/
3.1 Install cpolar intranet penetration
- cpolar installation (domestic use)
curl -L https://www.cpolar.com/static/downloads/install-release-cpolar.sh | sudo bash
- Or cpolar short link installation method: (for foreign use)
curl -sL https://git.io/cpolar | sudo bash
- Check the version number, if the version number is displayed normally, the installation is successful
cpolar version
- Token authentication
Log in to the background of the cpolar official website, click the verification on the left to view your own authentication token, and then paste the token in the command line
cpolar authtoken xxxxxxx
- Simple Penetration Test
cpolar http 8080
Press ctrl+c to exit
- Add a service to the system
sudo systemctl enable cpolar
- Start the cpolar service
sudo systemctl start cpolar
- View service status
sudo systemctl status cpolar
3.2 Create an http tunnel, pointing to the local port 80
cpolar http 80
As shown in the figure below, there are generated corresponding public network addresses, one for http protocol and one for https protocol (without the cumbersome steps of configuring ssl certificate), copy them down
Enter the http public network address exposed above in the browser to realize access in the public network environment. This interface appears, indicating that the site is successfully exposed to the public network.
3.3 Configure background services
Since the public network address exposed by the above command will be synchronously closed and inaccessible after the window is closed, we need to save the parameters to the configuration file. It is convenient to run the tunnel automatically in the background after each boot.
- Edit the cpolar.yml file
vi /usr/local/etc/cpolar/cpolar.yml
- After opening, press
i
edit and add the following configuration to the file
authtoken: xxxxxxxxxxxx #认证token
tunnels:
webstation:
proto: http
addr: "80"
region: cn_vip
Parameter introduction:
- webstation: tunnel name, can be customized
- proto: protocol, such as tcp or http
- region: Line region: cn cn_vip cn_top, etc. can be freely selected. For details, please refer to the official website document—— Global Infrastructure
After inputting, press Esc key to exit editing, then input to :wq
save (if your project is deployed on other ports, you can also specify other ports)
- Start all tunnel tests, the following interface appears, and then copy the public network address of the webstation tunnel (pointing to port 80).
cpolar start-all
- Open the browser and enter the copied public network address to access
4. Configure a fixed second-level subdomain name
Since the public network address generated by free cpolar is a random temporary address, it will change repeatedly within 24 hours. We can configure a fixed second-level subdomain name for it.
Note that to configure a fixed second-level subdomain name, you need to upgrade the cpolar package to the basic package or above.
Enter the cpolar official website and log in to enter the background interface, click on the reservation on the left, and find the reserved second-level subdomain name, let’s reserve a second-level subdomain name for the local web site:
- Region: Select China VIP
- Second-level domain name: customizable
- Description: It is a note, which can be customized
The second-level subdomain is reserved successfully, copy it down
- Edit the cpolar.yml configuration file
vi /usr/local/etc/cpolar/cpolar.yml
After opening press i
edit
Add a line under webstation:subdomain: ”myweb1”
After editing, press the Esc key to exit the editor, then enter: wq and press Enter to save. Then execute to start all tunnels, and copy the public network address after the address appears
cpolar start-all
5. Test using a fixed second-level subdomain name to access a local web site
Access the second-level subdomain name that has just been successfully configured in the browser, and the page configuration is successful.