catalogue
2, Types of virtual hosts supported by httpd service (three types)
1. Domain name based virtual host
① Provide domain name resolution for virtual host
② Add virtual host configuration
③ Prepare web document for virtual host
⑤ Load a stand-alone configuration file
2. IP address based virtual host
3, Building web virtual directory and user authorization restrictions
1. Create user authentication data file
2. Add user authorization configuration
1, Build virtual Web host
Virtual Web host refers to running multiple Web sites in the same server, in which each site does not actually occupy the whole server independently, so it is called "virtual" Web host. Through virtual Web host service, we can make full use of the hardware resources of the server, so as to greatly reduce the cost of website construction and operation.
Using httpd service can easily build a virtual host server. Just running one httpd service can support a large number of web sites at the same time.
2, Types of virtual hosts supported by httpd service (three types)
1. Domain name based: use different domain names for each virtual host, but its corresponding IP address is the same. For example, www.lic.com COM and www.accp.com The IP addresses of COM sites are 192.168.184.10, which is the most commonly used type of virtual web host.
2. Based on IP address: different domain names are used for each virtual host, and their corresponding IP addresses are also different. This method requires multiple network interfaces for the server, so it is not widely used.
3. Port based: this method does not use domain name and IP address to distinguish different site contents, but uses different TCP port numbers. Therefore, users need to refer to different virtual sites at the same time when browsing different virtual sites
Fixed end slogan can be accessed.
The default home page directory of Apache Software installed in yum or rpm is: / var/www/html
The default home page directory of Apache Software installed with source code is: / usr/local/httpd/htdocs
1. Domain name based virtual host
① Provide domain name resolution for virtual host
Method 1: deploy DNS domain name resolution server to provide domain name resolution
#!/bin/bash
echo -e "\033[31m =====Verifying whether it is currently host only or NAT pattern===== \033[0m"
ping -c1 -W1 www.baidu.com &> /dev/null
if [ $? -eq 0 ];then echo -e "\033[31m Detection is currently NAT Mode for you to configure Online yum source \033[0m"
mkdir -p /etc/yum.repos.d/repo.bak
mv -f /etc/yum.repos.d/* /etc/yum.repos.d/repo.bak &> /dev/null
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo &> /dev/null
yum clean all &> /dev/null
yum list &> /dev/null
echo -e "\033[31m Online source configuration completed \033[0m"
else
echo -e "\033[31m Detect that the current mode is host only, and configure the local for you yum source \033[0m"
mount /dev/sr0 /mnt &> /dev/null
cd /etc/yum.repos.d/
mkdir -p /etc/yum.repos.d/repo.bak
mv -f /etc/yum.repos.d/* /etc/yum.repos.d/repo.bak &> /dev/null
echo '[local]
name=local
baseurl=file:///mnt
enabled=1
gpgcheck=0' > /etc/yum.repos.d/local.repo
yum clean all &> /dev/null
yum makecache &> /dev/null
df -h | grep "/mnt"
if [ $? -ne 0 ];then
echo -e "\033[31m It is detected that the current mode is host only, but the disc is not connected! \033[0m"
else
echo -e "\033[31m local yum Source configuration completed \033[0m"
fi
fi
yum -y install bind &> /dev/null
#Modify the main configuration file: / etc / named conf
sed -i 's/127.0.0.1;/any;/' /etc/named.conf
sed -i 's/localhost;/any;/' /etc/named.conf
for ((;;))
do
read -p "Please enter the domain name you need to configure (example) www.abc.com):" a
b=`echo $a | awk -F "." 'BEGIN{OFS="."}{$2=$2;print$2,$3}'`
c=`ip a | grep "ens33" | awk NR==2'{print}' | awk -F/ '{print$1}' | awk '{print$2}'`
#Modify the area configuration file: / etc / named rfc1912. zones
echo "zone \"$b\" IN {
type master;
file \"$b.zone\";
allow-update { none; };
};" >> /etc/named.rfc1912.zones
#Modify area data configuration file: / var / named / named localhost
cd /var/named
cp -p named.localhost $b.zone
sed -i "2c @ IN SOA $b. rname.invalid. (" /var/named/$b.zone
sed -i "8c NS $b." /var/named/$b.zone && sed -i "8 s/^/\t/" /var/named/$b.zone
sed -i "9c A $c" /var/named/$b.zone && sed -i "9 s/^/\t/" /var/named/$b.zone
sed -i "10c www IN A $c" /var/named/$b.zone
#Add specified dns server
sed -i "2c nameserver $c" /etc/resolv.conf
read -p "Do you want to continue adding( y/n): " d
case $d in
y)
continue
;;
n)
#Close the system firewall and system security mechanism
systemctl stop firewalld
setenforce 0
#Start dns Service
systemctl restart named
break
;;
*)
echo "Please input correctly"
systemctl stop firewalld
setenforce 0
systemctl restart named
break
esac
done
Method 2: write in the host mapping file
echo "192.168.184.10 www.lic.com" >> /etc/hosts echo "192.168.184.10 www.accp.com" >> /etc/hosts
If you have previously configured apache, you need to rename the home page file
cd /usr/local/httpd/htdocs ls mv index.html index.html.bak
② Add virtual host configuration
vim /usr/local/httpd/conf/extra/httpd-vhosts.conf #Source code compilation and installation of virtual host configuration file path
#vim /etc/httpd/conf.d/vhosts.conf #Path of virtual host configuration file installed by RPM or YUM
<VirtualHost 192.168.184.10:80> #Set virtual host zone
#ServerAdmin webmaster@dummy-host.example.com #Set the administrator mailbox, which can be ignored
DocumentRoot "/var/www/html/lic" #Set site root
ServerName www.lic.com
#ServerAlinas www.dummy-host.example.com
ErrorLog "logs/lic.com-error_log" #Set the path of the error log file
CustomLog "logs/lic.com-access_log" common #Set the path to access the log file
</VirtualHost>
<VirtualHost 192.168.184.10:80>
DocumentRoot "/var/www/html/accp"
ServerName www.accp.com
ErrorLog "logs/accp.com-error_log"
CustomLog "logs/accp.com-access_log" common
</VirtualHost>
③ Prepare web document for virtual host
mkdir -p /var/www/html/lic mkdir -p /var/www/html/accp echo "<h1>www.lic.com</h1>" > /var/www/html/lic/index.html echo "<h1>www.accp.com</h1>" > /var/www/html/accp/index.html
④ Set access control
vim /usr/local/httpd/conf/extra/httpd-vhosts.conf
<Directory "/var/www/html"> #Set directory access
Options None #Do not enable any server features
AllowOverride None #Overriding Apache default configuration is not allowed
Require all granted #Allow all hosts access
</Directory>
Options Instruction interpretation: Options The main function of the directive is to control which server features will be enabled in a specific directory Apache Virtual host configuration for service profile( VirtualHost),Specific directory configuration( Directoty)as well as.htaccess Used in documents Options Command common options: None: Indicates that no server feature is started FollowSymLinks: The server allows symbolic connections (soft links) in this directory Indexes:If the URL entered corresponds to a file directory on the server, and there is no such directory Apache In the configuration file DirectoryIndex The file specified by the directive (for example: DirectoryIndex index.html index.php),All files in this directory are listed MultiViews: If the path requested by the client may correspond to multiple types of files, the server will automatically select a file that best matches the requirements of the client according to the specific conditions of the client request. For example, at the server site file There is a folder named hello.jpg and hello.html Two files, which are entered by the user at this time http://localhost/file/hello. If there is no Hello subdirectory in the file folder, the server will try to find the shape of hello in the file folder* And then return the best matching Hello according to the specific situation of the user's request Jpg or hello html All: Express Division MultiViews Except for all the features, which is also Options Default settings for directives AllowOverride Instruction parsing: .htaccess(Distributed implicit configuration file): it provides a method to change the configuration for each directory, that is, a file containing specific instructions is placed in a specific directory, and the instructions act on this directory and all its subdirectories When AllowOverride Set as None In the corresponding configuration directory.htaccess The file is not read, that is, it cannot take effect When AllowOverride Set as All,Each time a request is made to access a file in the corresponding directory, it will be read.htaccess The configuration of the file means that the original Apache Instructions will be.htaccess Instruction rewriting in file Considering performance and safety,It is generally avoided as far as possible.htaccess File, anything you want to put in. htaccess The configuration in the file can be placed in the main configuration file(httpd. conf) And efficient. therefore AllowOverride Properties are generally configured to None Address restriction policy: Require all granted:Allow all hosts access. Require all denied: Deny all hosts access. Require local: Allow local host access only. Require [not] host < Host name or domain name list>:Allow or deny access to the specified host or domain name. Require [not] ip <IP Address or segment list>:Allow or deny assignment IP Address network access.
⑤ Load a stand-alone configuration file
vim /usr/local/httpd/conf/httpd.conf #Source code compilation and installation of httpd service main configuration file path ------483 that 's ok------note off Include conf/extra/httpd-vhosts.conf #Load a stand-alone configuration file #vim /etc/httpd/conf/httpd.conf #Path to the httpd service master profile installed by RPM or YUM IncludeOptional conf.d/*.conf #The last line is enabled by default systemctl restart httpd
Accessing the virtual web host in the client
2. IP address based virtual host
ifconfig ens33:0 192.168.184.100 netmask 255.255.255.0 Add a virtual network card vim /usr/local/httpd/conf/extra/httpd-vhosts.conf <VirtualHost 192.168.184.10:80> DocumentRoot "/var/www/html/lic" ServerName www.lic.com ErrorLog "logs/lic.com-error_log" CustomLog "logs/lic.com-access_1og" common </VirtualHost> <VirtualHost 192.168.184.100:80> DocumentRoot "/var/www/html/accp" ServerName www.accp.com ErrorLog "logs/accp.com-error_log" CustomLog "logs/accp.com-access_1og" common </VirtualHost> <Directory "/var/www/html"> Options None AllowOverride None Require all granted </Directory>
vim /usr/local/httpd/conf/httpd.conf Listen 192.168.184.100:80 (53 (row) systemctl restart httpd
3. Port based
Modify listening port
ifconfig ens33:0 192.168.184.100 netmask 255.255.255.0 Add a virtual network card vim /usr/local/httpd/conf/extra/httpd-vhosts.conf <VirtualHost 192.168.184.10:80> DocumentRoot "/var/www/html/lic" ServerName www.lic.com ErrorLog "logs/lic.com-error_log" CustomLog "logs/lic.com-access_1og" common </VirtualHost> <VirtualHost 192.168.184.100:8080> ((modify port) DocumentRoot "/var/www/html/accp" ServerName www.accp.com ErrorLog "logs/accp.com-error_log" CustomLog "logs/accp.com-access_1og" common </VirtualHost> <Directory "/var/www/html"> Options None AllowOverride None Require all granted </Directory>
vim /usr/local/httpd/conf/httpd.conf Listen 192.168.184.100:80 (53 (row) Listen 192.168.184.100:8080 systemctl restart httpd
Apache connection retention
vim /usr/local/httpd/conf/extra/httpd-default.conf KeepAlive on #Set whether to turn ON the connection holding function, followed by 0FF for off and ON for ON. You can decide whether to open it according to the concurrent requests of the website, that is, turn ON the connection retention function when the concurrency is high, and turn off this function when the concurrency is not high MaxKeepAliveRequests 100 #It is used to set the maximum number of requests that can be transmitted in a long connection. If the maximum number of requests exceeds, the connection will be disconnected. The setting of the maximum value depends on the content of the web page in the website. Generally, the number of settings will be more than all elements in the website KeepAliveTimeout 5 #Set the maximum interval between multiple requests for a connection from the same client, that is, the connection will be automatically disconnected after this time between two requests, so as to avoid the client occupying connection resources.
3, Building web virtual directory and user authorization restrictions
1. Create user authentication data file
cd /usr/local/httpd/bin ./htpasswd -c /usr/local/httpd/user zhangsan #-c option means to create a new user data file. By default, it means that the specified user data file already exists. It is used to add a new user or modify the password of an existing user. ./htpasswd /usr/local/httpd/user lisi cat /usr/local/httpd/user #Confirm user data file
2. Add user authorization configuration
vim /usr/local/httpd/conf/httpd.conf -----Last line add------ Alias /test /var/www/html/test #Set the root directory of the virtual directory, / test is the name of the virtual directory <Directory "/var/www/html/test"> #Set virtual directory configuration area AuthName "Hello!" #Define the protected domain name, which will be displayed in the authentication dialog box AuthType Basic #Set the type of authentication. Basic indicates basic authentication AuthUserFile /usr/local/httpd/user #Set the path of the authentication file used to save the user account and password Require valid-user #Turn on user authentication. Only legal users in the authentication file can access it #authgroupfile /usr/local/httpd/conf/group #Set the path of the authentication file used to save the group account and password #Require user zhangsan #Allow only specified users to access #Require group zhangsan #Allow access only to specified groups </Directory>
3. Verify user access
mkdir -p /var/www/html/test echo "<h1>hello lic</h1>" > /var/www/html/test/index.html systemctl restart httpd
4. Browser access in client
