Apache configuration and Application

Posted by Master_Phantom on Wed, 19 Jan 2022 11:09:51 +0100

catalogue

1, Building a virtual web host

2, Domain name based virtual host

3, Options instruction interpreter

4, AllowOverride instruction interpretation

5, IP address based virtual host

6, Apache connection retention

7, Building Web virtual directory and user authorization restrictions

1, Building a virtual web host

Virtual web host refers to running multiple web sites in the same server, in which each site does not actually occupy the whole server independently, so it is called "virtual" web host. Through the virtual web host service, we can make full use of the hardware resources of the server, so as to greatly reduce the cost of website construction and operation.

Using httpd service can easily build a virtual host server. Only one httpd service can support a large number of K web sites at the same time. Apache virtual host is equivalent to a mutually independent site in the same server, so that one host can provide multiple web services. Each virtual host is independent and does not affect each other.

There are three types of virtual hosts supported by httpd service:
Domain name based: use a different domain name for each virtual host, but its corresponding IP address is the same. For example, www.benet.com COM and www.accp.com The IP address of the com site is 192.168.80.10. This is the most commonly used type of virtual Web host.

Based on IP address: different domain names are used for each virtual host, and their corresponding IP addresses are also different. This method requires multiple network interfaces for the server, so it is not widely used.

Port based: this method does not use domain names and IP addresses to distinguish different site contents, but uses different TCP port numbers. Therefore, users need to specify port numbers when browsing different virtual sites.

2, Domain name based virtual host

1.Provide domain name resolution for virtual host
 Method 1:deploy DNS Domain name resolution server to provide domain name resolution
 Method 2:stay/etc/hosts Temporarily configure the domain name and IP Mapping of addresses
echo "192.168.80.10 www. benet.com" >> /etc/hosts
echo "192.168.80.10 www. accp.com" >> /etc/hosts

 

2.Preparing web documents for virtual hosts
mkdir -P /var/www/html/benet
mkdir -P /var/www/html/accp
echo "<h1>www . benet. com</h1>" > /var/www/html/benet/ index . html
echo "<h1>www. accp. com</h1>" > /var/www/html/accp/ index . html
3.Add virtual host configuration
vim /usr/ local/httpd/ conf/extra/httpd-vhosts. conf      #Source code compilation and installation of virtual host configuration file path
#vim /etc/httpd/conf . d/vhosts. conf        #Virtual host profile path for RPM or YUM installation

<VirtualHost 192.168.80.10:80>      #Set virtual host configuration area
#    ServerAdmin webmaster@dummy-host . example . com     #Set administrator mailbox, this line can be ignored
DocumentRoot " /var /www/html /benet "      #Set site root
ServerName WWW . benet. com       #Set the full domain name of the Wweb site (host name + domain name)
#     ServerAlias www . dummy- host . example . com
ErrorLog "logs/benet. com-error_ _log"      #Set the path to the error log file
CustomLog "logs/benet . com-access_ log" common     #Set the path to access the log file
</VirtualHost>


<VirtualHost 192.168.80.10:80>
DocumentRoot "/var/www/html/accp"
ServerName WWw . accp . com
ErrorLog "logs/ accp. com- error_ _1og"
CustomLog "logs/ accp. com- access_ 1og" common
</VirtualHost>

 

4.Set access control
<Directory "/var/www/html">      #Set directory access
Options None         #Do not enable any server features
AllowOverride None     #Overriding the Apache default configuration is not allowed
Require all granted        #Allow all hosts access
</Directory>
5.Load a stand-alone configuration file
vim /usr/local/httpd/ conf/httpd. conf     #The main configuration file path of httpd service installed by source code compilation
--483 that 's ok--note off
Include conf/extra/httpd-vhosts. conf      #Load a stand-alone configuration file
#vim /etc/httpd/conf /httpd. conf       #Path to the httpd service master profile installed by RPM or YUM
IncludeOptional conf . d/* . conf           #Last This item is enabled by default in the row
systemctl restart httpd
6.Accessing virtual in client Web host
http: L /www.benet.com
http: I /www.accp.com

 

3, Options instruction interpreter

options instruction explanation:

The main function of the options directive is to control which server features will be enabled for a particular directory. You can configure virtual host, di directory, and htaccess file.

Options directive common options:

None: indicates that no server features are enabled.

FollowSymLinks: the server allows symbolic connections (soft links) in this directory.

Indexes: if the entered web address corresponds to a file directory on the server, and there is no file specified by the Di rectoryIndex instruction in the Apache configuration file in this directory (for example: Di rectoryIndex. HTML index. PHP), all files in this directory will be listed.

MultiViews: if the path requested by the client may correspond to multiple types of files, the server will automatically select a file that best matches the client's requirements according to the specific circumstances of the client's request.

For example, in the file folder of the server site, there is a file named hello Jpg and hello Two files of HTML. At this time, the user enters http://localhost/file/hello , if there is no Hello subdirectory in the file folder, the server will try to find a directory like hello* File, and then return the best matching Hello according to the specific situation of the user's request Jipg or hello html.
All: indicates all properties except MultiViews. This is also the default setting for the 0options directive.

4, AllowOverride instruction interpretation

Htaccess (distributed implicit configuration file): it provides a method to change the configuration for each directory, that is, a file containing specific instructions is placed in a specific directory, and the instructions act on this directory and all its subdirectories.

When AllowOverride is set to None, it is displayed in the corresponding configuration directory The htaccess file is not read, that is, it cannot take effect.

When AllowOverride is set to All, it will be read every time a request is made to access a file in the corresponding directory The configuration of htaccess file means that the original Apache instruction will be, Instruction rewriting in htaccess file.
In terms of performance and safety, it is generally avoided as much as possible Htaccess file, anything you want to put in The configurations in the htaccess file can be placed in the < Directory > section of the main configuration file (httpd.conf), which is efficient. Therefore, the AllowOverride property is generally configured to None.

Address restriction policy:

  • Require all granted: allow access to all hosts.
  • Require all denied: all hosts are denied access.
  • Require local: only local host access is allowed.
  • Require [not] host < host name or domain name list >: allow or deny access to the specified host or domain name.
  • Require [not] IP < IP address or network segment list >: allow or deny network access to the specified IP address.
     

5, IP address based virtual host

ifconfig ens33:0 192.168.80.100 netmask 255.255.255.0

vim /usr/ local/httpd/ conf/extra/httpd-vhosts . conf
<VirtualHost 192.168.80.10:80>
DocumentRoot " /var/www/html/benet"
ServerName WWw . benet . com
ErrorLog "logs/benet. com-error_ 1og"
CustomLog "logs /benet. com-access_ log" common
</VirtualHost>

<VirtualHost 192.168.80.100:80>
DocumentRoot "/var/www/html/accp"
ServerName WWw . accp . com
ErrorLog "logs/accp.com-error_ 1og"
customLog "logs/ accp. com- access_ _log" common
</VirtualHost>

<Directory "/var/www/html">
Options None
AllowOverride None
Require all granted
</Directory>

vim /usr/ 1ocal/httpd/ conf/httpd. conf
--53 that 's ok--insert
Listen 192.198.80.100:80


systemctl restart httpd

6, Apache connection retention

vim /usr/1oca1/httpd/ conf/extra/httpd-default. conf

KeepAlive On

#Set whether to turn ON the connection holding function, and then OFF means OFF, and then ON means ON. You can decide whether to open it according to the concurrent requests of the website, that is, turn ON the connection retention function when the concurrency is high, and turn OFF this function when the concurrency is not high.

MaxKeepAliveRequests 100

#It is used to set the maximum number of requests that can be transmitted in the -- second long connection. If the maximum number of requests exceeds, the connection will be disconnected. The setting of the maximum value depends on the content of the web page in the website. Generally, the number of settings will be more than all elements in the website.

KeepAliveTimeout 5

#Set the maximum interval between multiple requests for a connection from the same client, that is, the connection will be automatically disconnected after this time, so as to avoid the client occupying connection resources

7, Building Web virtual directory and user authorization restrictions

1.Create user authentication data file
cd /usr/local/httpd/bin
. /htpasswd -C /usr/local/httpd/ conf/user zhangsan
. /htpasswd /usr/local/httpd/conf/user lisi
#-c option means to create a new user data file. By default, it means that the specified user data file already exists. It is used to add a new user or modify the password of an existing user.
2.Add user authorization configuration
vim /usr/ local/httpd/ conf/httpd. conf
--Last line add--
Alias /test /var/www/html/test   #Set the root directory of the virtual directory, / test is the name of the virtual directory
<Directory "/var /www/html/test">    #Set virtual directory configuration area
AuthName "Hello!"    #Define the protected realm name, which is displayed in the authentication dialog box
AuthType Basic   #Set the type of authentication. Basic represents basic authentication
AuthUserFile /usr/local/httpd/conf/user   #Set the path of the authentication file used to save the user account and password
Require valid-user    #Turn on user authentication. Only legal users in the authentication file can access it
#authgroupfile /usr/local/httpd/ conf/group    #Set the path of the authentication file used to save the group account and password
#Require user zhangsan   #Allow only specified users to access
#Require group zhangsan    #Only the specified group is allowed to access
</Directory>

 

 

 

3.Verify user access authorization
mkdir -p /var/www/html/test
echo "<h1>this is vdir test</h1>" > /var/www/html/test/index.html
systemctl restart httpd

Browser access in client
http://192.168.80.10:80/test

 

 

 

 

Topics: Front-end Web Development Linux Apache server