Comprehensive exercise: Please build a web website for openlab. Website requirements:
1. Based on the domain name www.openlab.com, the website content can be accessed as welcome to openlab!!!
2. Create three sub-interfaces for the company to display student information, teaching materials and payment websites respectively. Access student information based on the www.openlab.com/student website,
www.openlab.com/data website to access teaching materials www.openlab.com/money website to access the payment website
3. Requirements
(1) Student information website Only song and tian can access, other users cannot access.
(2) Access the payment website to implement data encryption based on https access.
experiment procedure
The first step is to download httpd and create the required folders
[root@server ~]# yum install httpd -y
[root@server ~]# mkdir -p /www/openlab
[root@server ~]# cd /www/openlab/
[root@server openlab]# mkdir student data money
[root@server openlab]# ls
data money student
Step 2: Write information in the corresponding file
[root@server openlab]# echo "welcome to openlab!!!" >> index.html
echo "welcome to openlabls!" >> index.html
[root@server openlab]# cat index.html < a i=4> welcome to openlabls!
[root@server openlab]# echo "Student Information" >> student/index.html
[root@server openlab]# echo "Teaching Materials" ; >> data/index.html
[root@server openlab]# echo "Payment website" >> money/index.html
The third step is to modify the /etc/hosts file mapping and /etc/httpd/conf/httpd.conf file configuration
vim /etc/hosts
192.168.200.133 www.openlab.com
vim /etc/httpd/conf/httpd.conf
DocumentRoot "/www/openlab"
#
# Relax access to content within /var/www.
#
<Directory "/www/openlab">
The fourth step is to start the httpd service and test it in the Linux system.
www.openlab.com
www.openlab.com/student
www.openlab.com/data
www.openlab.com/money
Step 5: Create two users song and tian, and set the password for the user to access the website
[root@server /]# useradd song
[root@server /]# passwd song
Change the password of user song.
New password:
Invalid password: Password is a palindrome
Re-enter new password:
passwd: All authentication tokens have been updated successfully.
[root@server /]# useradd tian
[root@server /]# passwd tian
Change the password of user tian .
New password:
Invalid password: Password is a palindrome
Re-enter new password:
passwd: All authentication tokens have been updated successfully.
[root@server /]# htpasswd -c /etc/httpd/passwd song
New password:
Re-type new password:
Adding password for user song
[root@server /]# htpasswd /etc/httpd/passwd tian
New password:
Re-type new password:
Adding password for user tian
Step 6 Modify the /etc/httpd/conf.d/userdir.conf file configuration and test access
[root@server /]# vim /etc/httpd/conf. d/userdir.conf
<Directory "/www/openlab/student">
authuserfile "/etc/httpd/passwd"
authname "Myprivately website"
authtype basic
require user song tian
</Directory>
Step 7: Download mod_ssl and create ssl certificate
[root@server /]# yum install mod_ssl -y
[root@server /]# vim /etc/httpd/conf.d/ssl.conf
[root@server /]# cd /etc/pki/tls/private/
[root@server private]# openssl genrsa -aes128 2048 > money.key
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
[root@server private]# cd /etc/pki/tls/certs/
[root@server certs]# openssl req -utf8 -new -key /etc/pki/tls/private/money.key -x509 -days 365 -out money.crt
Enter pass phrase for /etc/pki/tls/private/money.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:86
State or Province Name (full name) []:shanxi
Locality Name (eg, city) [Default City]:xi'an
Organization Name (eg, company) [Default Company Ltd]:openlab
Organizational Unit Name (eg, section) []:rhce
Common Name (eg, your name or your server's hostname) []:server
Email Address []:[email protected]
Modify the configuration file /etc/httpd/conf.d/ssl.conf
<virtualhost 192.168.200.133:443>
sslengine on
SSLCertificateFile /etc/pki/tls/certs/money.crt
SSLCertificateKeyFile /etc/pki/tls/private/money.key
servername 192.168.200.133
documentroot /www/openlab
alias /money /www/openlab/money
</virtualhost>
<directory /www/openlab/money>
allowoverride none
require all granted
</directory>
test access
