catalogue
1, Building a virtual web host
2, Domain name based virtual host
3, Options instruction interpreter
4, AllowOverride instruction interpretation
5, IP address based virtual host
6, Apache connection retention
7, Building Web virtual directory and user authorization restrictions
1, Building a virtual web host
Virtual web host refers to running multiple web sites in the same server, in which each site does not actually occupy the whole server independently, so it is called "virtual" web host. Through the virtual web host service, we can make full use of the hardware resources of the server, so as to greatly reduce the cost of website construction and operation.
Using httpd service can easily build a virtual host server. Only one httpd service can support a large number of K web sites at the same time. Apache virtual host is equivalent to a mutually independent site in the same server, so that one host can provide multiple web services. Each virtual host is independent and does not affect each other.
There are three types of virtual hosts supported by httpd service:
Domain name based: use a different domain name for each virtual host, but its corresponding IP address is the same. For example, www.benet.com COM and www.accp.com The IP address of the com site is 192.168.80.10. This is the most commonly used type of virtual Web host.
Based on IP address: different domain names are used for each virtual host, and their corresponding IP addresses are also different. This method requires multiple network interfaces for the server, so it is not widely used.
Port based: this method does not use domain names and IP addresses to distinguish different site contents, but uses different TCP port numbers. Therefore, users need to specify port numbers when browsing different virtual sites.
2, Domain name based virtual host
1.Provide domain name resolution for virtual host Method 1:deploy DNS Domain name resolution server to provide domain name resolution Method 2:stay/etc/hosts Temporarily configure the domain name and IP Mapping of addresses echo "192.168.80.10 www. benet.com" >> /etc/hosts echo "192.168.80.10 www. accp.com" >> /etc/hosts
2.Preparing web documents for virtual hosts mkdir -P /var/www/html/benet mkdir -P /var/www/html/accp echo "<h1>www . benet. com</h1>" > /var/www/html/benet/ index . html echo "<h1>www. accp. com</h1>" > /var/www/html/accp/ index . html
3.Add virtual host configuration vim /usr/ local/httpd/ conf/extra/httpd-vhosts. conf #Source code compilation and installation of virtual host configuration file path #vim /etc/httpd/conf . d/vhosts. conf #Virtual host profile path for RPM or YUM installation <VirtualHost 192.168.80.10:80> #Set virtual host configuration area # ServerAdmin webmaster@dummy-host . example . com #Set administrator mailbox, this line can be ignored DocumentRoot " /var /www/html /benet " #Set site root ServerName WWW . benet. com #Set the full domain name of the Wweb site (host name + domain name) # ServerAlias www . dummy- host . example . com ErrorLog "logs/benet. com-error_ _log" #Set the path to the error log file CustomLog "logs/benet . com-access_ log" common #Set the path to access the log file </VirtualHost> <VirtualHost 192.168.80.10:80> DocumentRoot "/var/www/html/accp" ServerName WWw . accp . com ErrorLog "logs/ accp. com- error_ _1og" CustomLog "logs/ accp. com- access_ 1og" common </VirtualHost>
4.Set access control <Directory "/var/www/html"> #Set directory access Options None #Do not enable any server features AllowOverride None #Overriding the Apache default configuration is not allowed Require all granted #Allow all hosts access </Directory>
5.Load a stand-alone configuration file vim /usr/local/httpd/ conf/httpd. conf #The main configuration file path of httpd service installed by source code compilation --483 that 's ok--note off Include conf/extra/httpd-vhosts. conf #Load a stand-alone configuration file #vim /etc/httpd/conf /httpd. conf #Path to the httpd service master profile installed by RPM or YUM IncludeOptional conf . d/* . conf #Last This item is enabled by default in the row systemctl restart httpd
6.Accessing virtual in client Web host http: L /www.benet.com http: I /www.accp.com
3, Options instruction interpreter
options instruction explanation:
The main function of the options directive is to control which server features will be enabled for a particular directory. You can configure virtual host, di directory, and htaccess file.
Options directive common options:
None: indicates that no server features are enabled.
FollowSymLinks: the server allows symbolic connections (soft links) in this directory.
Indexes: if the entered web address corresponds to a file directory on the server, and there is no file specified by the Di rectoryIndex instruction in the Apache configuration file in this directory (for example: Di rectoryIndex. HTML index. PHP), all files in this directory will be listed.
MultiViews: if the path requested by the client may correspond to multiple types of files, the server will automatically select a file that best matches the client's requirements according to the specific circumstances of the client's request.
For example, in the file folder of the server site, there is a file named hello Jpg and hello Two files of HTML. At this time, the user enters http://localhost/file/hello , if there is no Hello subdirectory in the file folder, the server will try to find a directory like hello* File, and then return the best matching Hello according to the specific situation of the user's request Jipg or hello html.
All: indicates all properties except MultiViews. This is also the default setting for the 0options directive.
4, AllowOverride instruction interpretation
Htaccess (distributed implicit configuration file): it provides a method to change the configuration for each directory, that is, a file containing specific instructions is placed in a specific directory, and the instructions act on this directory and all its subdirectories.
When AllowOverride is set to None, it is displayed in the corresponding configuration directory The htaccess file is not read, that is, it cannot take effect.
When AllowOverride is set to All, it will be read every time a request is made to access a file in the corresponding directory The configuration of htaccess file means that the original Apache instruction will be, Instruction rewriting in htaccess file.
In terms of performance and safety, it is generally avoided as much as possible Htaccess file, anything you want to put in The configurations in the htaccess file can be placed in the < Directory > section of the main configuration file (httpd.conf), which is efficient. Therefore, the AllowOverride property is generally configured to None.
Address restriction policy:
- Require all granted: allow access to all hosts.
- Require all denied: all hosts are denied access.
- Require local: only local host access is allowed.
- Require [not] host < host name or domain name list >: allow or deny access to the specified host or domain name.
- Require [not] IP < IP address or network segment list >: allow or deny network access to the specified IP address.
5, IP address based virtual host
ifconfig ens33:0 192.168.80.100 netmask 255.255.255.0 vim /usr/ local/httpd/ conf/extra/httpd-vhosts . conf <VirtualHost 192.168.80.10:80> DocumentRoot " /var/www/html/benet" ServerName WWw . benet . com ErrorLog "logs/benet. com-error_ 1og" CustomLog "logs /benet. com-access_ log" common </VirtualHost> <VirtualHost 192.168.80.100:80> DocumentRoot "/var/www/html/accp" ServerName WWw . accp . com ErrorLog "logs/accp.com-error_ 1og" customLog "logs/ accp. com- access_ _log" common </VirtualHost> <Directory "/var/www/html"> Options None AllowOverride None Require all granted </Directory> vim /usr/ 1ocal/httpd/ conf/httpd. conf --53 that 's ok--insert Listen 192.198.80.100:80 systemctl restart httpd
6, Apache connection retention
vim /usr/1oca1/httpd/ conf/extra/httpd-default. conf
KeepAlive On
#Set whether to turn ON the connection holding function, and then OFF means OFF, and then ON means ON. You can decide whether to open it according to the concurrent requests of the website, that is, turn ON the connection retention function when the concurrency is high, and turn OFF this function when the concurrency is not high.
MaxKeepAliveRequests 100
#It is used to set the maximum number of requests that can be transmitted in the -- second long connection. If the maximum number of requests exceeds, the connection will be disconnected. The setting of the maximum value depends on the content of the web page in the website. Generally, the number of settings will be more than all elements in the website.
KeepAliveTimeout 5
#Set the maximum interval between multiple requests for a connection from the same client, that is, the connection will be automatically disconnected after this time, so as to avoid the client occupying connection resources
7, Building Web virtual directory and user authorization restrictions
1.Create user authentication data file cd /usr/local/httpd/bin . /htpasswd -C /usr/local/httpd/ conf/user zhangsan . /htpasswd /usr/local/httpd/conf/user lisi #-c option means to create a new user data file. By default, it means that the specified user data file already exists. It is used to add a new user or modify the password of an existing user.
2.Add user authorization configuration vim /usr/ local/httpd/ conf/httpd. conf --Last line add-- Alias /test /var/www/html/test #Set the root directory of the virtual directory, / test is the name of the virtual directory <Directory "/var /www/html/test"> #Set virtual directory configuration area AuthName "Hello!" #Define the protected realm name, which is displayed in the authentication dialog box AuthType Basic #Set the type of authentication. Basic represents basic authentication AuthUserFile /usr/local/httpd/conf/user #Set the path of the authentication file used to save the user account and password Require valid-user #Turn on user authentication. Only legal users in the authentication file can access it #authgroupfile /usr/local/httpd/ conf/group #Set the path of the authentication file used to save the group account and password #Require user zhangsan #Allow only specified users to access #Require group zhangsan #Only the specified group is allowed to access </Directory>
3.Verify user access authorization mkdir -p /var/www/html/test echo "<h1>this is vdir test</h1>" > /var/www/html/test/index.html systemctl restart httpd Browser access in client http://192.168.80.10:80/test
