One. ----- build static websites based on a static website http protocol on the server side:
to achieve the above need a web server on Linux Apache server software this, httpd Apache provides the main program.
1. Static website: Request to build a web site based on IP access, the root directory of the current web site is / openlab, custom website content.
[root @ localhost ~] # mount / dev / sr0 / mnt // mount
Mount: / dev / Write SR0 IS-protected, Mounting Read-only
[the root @ localhost ~] # Vim /etc/yum.repos.d/ base.repo // create a warehouse
[base] // warehouse configuration
name = Base
baseurl = File: /// mnt
gpgcheck = 0
[root @ localhost ~] # yum -y install httpd // download and install
[root @ localhost ~] # systemctl stop firewalld // disable the firewall
[root @ localhost ~] # setenforce 0 // Close selinux rule policy
[root @ localhost ~] # rpm -qa httpd // see if the installed
httpd-2.4.6-40.el7.x86_64
[root @ localhost ~] # systemctl status httpd // check the status of
[root @ localhost ~] # vim /etc/httpd/conf/httpd.conf // Check the main configuration file
[root @ localhost ~] # vim /etc/httpd/conf.d/vhost.conf // sub configuration file
< directory / OpenLAB>
AllowOverride none // set the file system permissions allow coverage
Require all granted // set access permissions to the directory
<VirtualHost 192.168.40.133:80> // set the host network exactly match the information DocumentRoot / openlab // specify the current host to access the web root directory
ServerName 192.168.40.133 // specify the access site
[root @ localhost ~] # mkdir / OpenLAB
[root @ localhost ~] # vim /openlab/index.html
the Hello, is available for purchase to OpenLAB!
[root @ localhost haha] # systemctl restart httpd // start the service
[root @ localhost haha] # curl http://192.168.40.133 // test
** 2 based on the IP address of the access to the web server: a ip corresponds to a network.
3. Port-based: access to different sites on different ports 4
to resolve domain-based Web site, you need to use the domain name: name-based 4. The domain -------> ip address
hosts file path under Windows: C: \ Windows \ System32 \ the Drivers \ etc \ hosts
hosts file path under Linux: / etc / hosts
two. ----- build static websites based on a static website https protocol
HTTP ---------> ssl ------> tcp
[root @ localhost ~] # Mount / dev / SR0 / mnt // mount
[the root @ localhost ~] # systemctl STOP firewalld.service
[the root @ localhost ~] # the setenforce 0
[the root @ localhost ~] # Vim /etc/yum.repos.d/base.repo
[Base]
name = Base
BaseURL File =: /// mnt
gpgcheck = 0
[the root @ localhost ~] # yum the install the httpd -Y
[the root @ localhost ~] # the httpd RPM -qa
the httpd-2.4.6-40.el7.x86_64. 1.
Installation encryption module 1.
[the root @ localhost ~] # yum the install mod_ssl -Y
[the root @ localhost ~] # RPM the -ql mod_ssl
/etc/httpd/conf.d/ssl.conf
/etc/httpd/conf.modules.d /00-ssl.conf
/usr/lib64/httpd/modules/mod_ssl.so
/ usr / libexec / SSL-Pass-the httpd-Dialog
/ var / Cache / the httpd / SSL
2. custom encryption information
[root @ localhost ~] Vim /etc/httpd/conf.d/vhost.conf #
<Directory / OpenLAB>
the AllowOverride none
the Require All granted
<VirtualHost 192.168.40.133:443>
the DocumentRoot / S OpenLAB
erverName 192.168.40.133
the SSLEngine ON // open SSL authentication
SSLProtocol all - SSLv2 // ssl protocol support
SSLCipherSuite HIGH: MEDIUM:! MD5: ! SEED:! IDEA // ssl algorithm suite SSLCertificateFile /etc/pki/tls/certs/openlab.crt // ssl verification certificate file SSLCertificateKeyFile /etc/pki/tls/private/openlab.key // ssl key file
3. make a certificate
[root @ localhost ~] # cd / etc / pki / TLS / certs /
[root @ localhost certs] # the make openlab.crt
[root @ localhost certs] # LL
Total 24-
lrwxrwxrwx. On Sep 49 the root the root. 9. 1 CA-bundle.crt 19:06 ->
/ etc / PKI / CA-Trust / Extracted / PEM
. /tls-ca-bundle.pemlrwxrwxrwx the root. 1 the root CA-55 On Sep 19:06. 9 the bundle. trust.crt ->
/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt
. -rw -------. 1 the root On Sep. 17 1468 03:19 localhost.crt the root-rwxr- X-XR. On Jun. 1 the root 23 is the root 610, 2015 the make-dummy-CERT
-rw-R & lt-r--. On Jun 2388 the root 23 is the root. 1, 2015 the Makefile
------- -rw. On Sep 1387. 17. 1 the root 03:31 openlab.crt the root
-rw -------. On Sep 1766. 17. 1 the root 03:28 openlab.key the root
-rwxr-X-XR . 1 root root 829 Jun 23 2015 Renew-dummy-CERT
[root @ localhost certs] openlab.key # mv / etc / pki / TLS / Private / // to be consistent with the sub configuration file [root @ localhost certs] # systemctl httpd restart
the Enter Pass phrase for 192.168.40.133:443 SSL (RSA): ******
[root @ localhost certs] # mkdir / OpenLAB
[root @ localhost certs] # echo the this IS OpenLAB> /openlab/index.html
carry out testing.
three. Virtual directories and user control:
Modify: AuthUserFile / etc / httpd / userfile
to add the user's password:
[root @ localhost httpd] # htpasswd -c / etc / httpd / userfile Song
New password:
Re-of the type new new password:
Adding password for the User Song
[root @ httpd localhost] # htpasswd -c / etc / httpd / userfile tian
New password:
Re-of the type new new password:
Adding password for the User tian
IV. Build dynamic sites:
the installation package mod_wsgi / the mod_python Web Server Gateway Interface // //
mkdir / var / WWW / Alt
<Directory "/ var / WWW / Alt">
the AllowOverride None
the Require All granted
the LISTEN 8909
<VirtualHost 192.168.0.129:8909>
WSGIScriptAlias / /var/www/alt/webinfo.wsgi
