apache与https(远程数据传输加密)
来源:互联网 发布:java语言爱心代码表白 编辑:程序博客网 时间:2024/05/19 03:18
#########################################apache与https
1.安装
yum install httpd -y ##安装apache服务
systemctl start httpd ##开启服务
systemctl enable httpd ##开机自启
systemctl stop firewalld ##关闭火墙
systemctl disable firewalld ##关闭开机自启
yum install httpd -y ##安装apache服务
systemctl start httpd ##开启服务
systemctl enable httpd ##开机自启
systemctl stop firewalld ##关闭火墙
systemctl disable firewalld ##关闭开机自启
2.基础了解
1)apache默认发布文件:index.html
1)apache默认发布文件:index.html
2)apache默认发布目录:/var/www/html
3)apache默认端口:80
4)apache主配置文件:/etc/httpd/conf/httpd.conf
5)apache子配置文件:/etc/httpd/conf.d
5)apache子配置文件:/etc/httpd/conf.d
3.基本配置
1)修改默认发布文件
vim /var/www/html/westos.html
<h1>westos's page</h1>
vim /etc/httpd/conf/httpd.conf
DirectoryIndex westos.html ##默认为index.html改为westos.html
systemctl restart httpd ##重启服务
测试
在浏览器中直接输入172.25.254.123访问到westos.html
1)修改默认发布文件
vim /var/www/html/westos.html
<h1>westos's page</h1>
vim /etc/httpd/conf/httpd.conf
DirectoryIndex westos.html ##默认为index.html改为westos.html
systemctl restart httpd ##重启服务
测试
在浏览器中直接输入172.25.254.123访问到westos.html
2)修改默认发布目录
mkdir /westos/www/test -p ##建立发布目录
cd /westos/www/test
vim westos.html ##建立发布文件
<h1>test's page</h1>
当selinxu为disable状态
vim /etc/httpd/conf/httpd.conf
DocumentRoot "/westos/www/test" ##修改发布目录为/westos/www/test
<Directory "/westos/www/test"> ##自定义目录权限
Require all granted
</Directory>
systemctl restart httpd ##重启服务
当selinxu为enforcing状态
vim /etc/httpd/conf/httpd.conf
DocumentRoot "/westos/www/test"
<Directory "/westos/www/test">
Require all granted
</Directory>
systemctl restart httpd
semanage fcontext -a -t httpd_sys_content_t '/westos(/.*)?' ##修改安全上下文
restorecon -RvvF /westos ##刷新
测试
在浏览器中直接输入172.25.254.123访问到westos.html
mkdir /westos/www/test -p ##建立发布目录
cd /westos/www/test
vim westos.html ##建立发布文件
<h1>test's page</h1>
当selinxu为disable状态
vim /etc/httpd/conf/httpd.conf
DocumentRoot "/westos/www/test" ##修改发布目录为/westos/www/test
<Directory "/westos/www/test"> ##自定义目录权限
Require all granted
</Directory>
systemctl restart httpd ##重启服务
当selinxu为enforcing状态
vim /etc/httpd/conf/httpd.conf
DocumentRoot "/westos/www/test"
<Directory "/westos/www/test">
Require all granted
</Directory>
systemctl restart httpd
semanage fcontext -a -t httpd_sys_content_t '/westos(/.*)?' ##修改安全上下文
restorecon -RvvF /westos ##刷新
测试
在浏览器中直接输入172.25.254.123访问到westos.html
4.apache访问控制
cd /var/www/html
mkdir admin
cd admin
vim index.html
<h1>admin's page</h1>
1)设定ip的访问
vim /etc/httpd/conf/httpd.conf
DocumentRoot "/var/www/html/admin"
<Directory "/var/www/html/admin"> ##允许所有人访问admin目录,拒绝23主机
Order Allow,Deny
Allow from all
Deny from 172.25.254.23
</Directory>
<Directory "/var/www/html/admin"> ##只允许23主机访问admin目录
Order Deny,Allow
Allow from 172.25.254.23
Deny from all
</Directory>
systemctl restart httpd
2)设定用户的访问
htpasswd -cm /etc/httpd/accessuser admin ##建立用户认证文件
vim /etc/httpd/conf/httpd.conf
<Directory "/var/www/html/admin">
AuthUserFile /etc/httpd/accessuser ##用户认证文件
AuthName "Please input your named and passwd" ##用户认证提示信息
AuthType basic ##认证类型
Require valid-user ##认证用户,认证文件中的所有用户都可以访问
[Require user admin] ##只有admin用户可以访问
</Directory>
systemctl restart httpd
cd /var/www/html
mkdir admin
cd admin
vim index.html
<h1>admin's page</h1>
1)设定ip的访问
vim /etc/httpd/conf/httpd.conf
DocumentRoot "/var/www/html/admin"
<Directory "/var/www/html/admin"> ##允许所有人访问admin目录,拒绝23主机
Order Allow,Deny
Allow from all
Deny from 172.25.254.23
</Directory>
<Directory "/var/www/html/admin"> ##只允许23主机访问admin目录
Order Deny,Allow
Allow from 172.25.254.23
Deny from all
</Directory>
systemctl restart httpd
2)设定用户的访问
htpasswd -cm /etc/httpd/accessuser admin ##建立用户认证文件
vim /etc/httpd/conf/httpd.conf
<Directory "/var/www/html/admin">
AuthUserFile /etc/httpd/accessuser ##用户认证文件
AuthName "Please input your named and passwd" ##用户认证提示信息
AuthType basic ##认证类型
Require valid-user ##认证用户,认证文件中的所有用户都可以访问
[Require user admin] ##只有admin用户可以访问
</Directory>
systemctl restart httpd
5.apache语言支持:php html cgi
1)html语言默认支持
2)php:需安装php服务
yum install php -y
systemctl restart httpd
3)cgi
mkdir /var/www/html/cgi
cd /var/www/html/cgi
vim index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;
vim /etc/httpd/conf/httpd.conf
<Directory "/var/www/html/cgi">
Options +ExecCGI
AddHandler cgi-script .cgi
</Directory>
systemctl restart httpd
测试
在浏览器中输入172.25.254.123/cgi访问
1)html语言默认支持
2)php:需安装php服务
yum install php -y
systemctl restart httpd
3)cgi
mkdir /var/www/html/cgi
cd /var/www/html/cgi
vim index.cgi
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print `date`;
vim /etc/httpd/conf/httpd.conf
<Directory "/var/www/html/cgi">
Options +ExecCGI
AddHandler cgi-script .cgi
</Directory>
systemctl restart httpd
测试
在浏览器中输入172.25.254.123/cgi访问
6.虚拟主机
1)建立测试页
mkdir -p /var/www/virtual/news.westos.com/html ##虚拟主机默认发布目录
mkdir -p /var/www/virtual/money.westos.com/html
echo "<h1>money.westos.com's page</h1>" > /var/www/virtual/money.westos.com/html/index.html
echo "<h1>news.westos.com's page</h1>" > /var/www/virtual/news.westos.com/html/index.html
2)配置
vim /etc/httpd/conf.d/default.conf ##未指定域名的访问都访问default
<Virtualhost _default_:80> ##虚拟主机开启的端口
DocumentRoot "/var/www/html" ##虚拟主机的默认发布目录
CustomLog "logs/default.log" combined ##虚拟主机日志
</Virtualhost>
vim /etc/httpd/conf.d/news.conf ##指定域名news.westos.com的访问到指定默认发布目录
<Virtualhost *:80>
ServerName "news.westos.com" ##指定域名
DocumentRoot "/var/www/virtual/news.westos.com/html" ##默认发布目录
CustomLog "logs/news.log" combined ##日志
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html"> ##默认发布目录的访问授权
Require all granted
</Directory>
vim /etc/httpd/conf.d/moeny.conf ##指定域名news.westos.com的访问到指定默认发布目录
<Virtualhost *:80>
ServerName "money.westos.com" ##指定域名
DocumentRoot "/var/www/virtual/money.westos.com/html" ##默认发布目录
CustomLog "logs/money.log" combined ##日志
</Virtualhost>
<Directory "/var/www/virtual/money.westos.com/html"> ##默认发布目录的访问授权
Require all granted
</Directory>
systemctl restart httpd
3)测试
在浏览器所在主机中做域名解析
vim /etc/hosts ##域名解析
172.25.254.123 www.westos.com news.westos.com money.westos.com
浏览器输入域名访问,不同域名访问不同页面
1)建立测试页
mkdir -p /var/www/virtual/news.westos.com/html ##虚拟主机默认发布目录
mkdir -p /var/www/virtual/money.westos.com/html
echo "<h1>money.westos.com's page</h1>" > /var/www/virtual/money.westos.com/html/index.html
echo "<h1>news.westos.com's page</h1>" > /var/www/virtual/news.westos.com/html/index.html
2)配置
vim /etc/httpd/conf.d/default.conf ##未指定域名的访问都访问default
<Virtualhost _default_:80> ##虚拟主机开启的端口
DocumentRoot "/var/www/html" ##虚拟主机的默认发布目录
CustomLog "logs/default.log" combined ##虚拟主机日志
</Virtualhost>
vim /etc/httpd/conf.d/news.conf ##指定域名news.westos.com的访问到指定默认发布目录
<Virtualhost *:80>
ServerName "news.westos.com" ##指定域名
DocumentRoot "/var/www/virtual/news.westos.com/html" ##默认发布目录
CustomLog "logs/news.log" combined ##日志
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html"> ##默认发布目录的访问授权
Require all granted
</Directory>
vim /etc/httpd/conf.d/moeny.conf ##指定域名news.westos.com的访问到指定默认发布目录
<Virtualhost *:80>
ServerName "money.westos.com" ##指定域名
DocumentRoot "/var/www/virtual/money.westos.com/html" ##默认发布目录
CustomLog "logs/money.log" combined ##日志
</Virtualhost>
<Directory "/var/www/virtual/money.westos.com/html"> ##默认发布目录的访问授权
Require all granted
</Directory>
systemctl restart httpd
3)测试
在浏览器所在主机中做域名解析
vim /etc/hosts ##域名解析
172.25.254.123 www.westos.com news.westos.com money.westos.com
浏览器输入域名访问,不同域名访问不同页面
7.https:网页注册登陆数据加密
1)定义
Hyper text transfer protocol over Secure socker layer
通过ssl实现加密
2)配置
mkdir /var/www/virtual/login.westos.com/html -p
cd /var/www/virtual/login.westos.com/html
vim index.html
<h1>login.westos.com page</h1>
yum install mod_ssl crypto-utils -y
genkey www.westos.com ##生成证书和密钥
生成的证书:/etc/pki/tls/certs/www.westos.com.crt
生成的密钥:/etc/pki/tls/private/www.westos.com.key
vim /etc/httpd/conf.d/login.conf
<Virtualhost *:443> ##https端口为443
ServerName "login.westos.com"
DocumentRoot "/var/www/virtual/login.westos.com/html"
CustomLog "logs/login.log" combined
SSLEngine on ##开启https功能
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##证书
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key ##密钥
</Virtualhost>
<Directory "/var/www/virtual/login.westos.com/html">
Require all granted
</Directory>
<Virtualhost *:80> ##网页重写实现自动访问https
ServerName login.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
systemctl restart httpd
1)定义
Hyper text transfer protocol over Secure socker layer
通过ssl实现加密
2)配置
mkdir /var/www/virtual/login.westos.com/html -p
cd /var/www/virtual/login.westos.com/html
vim index.html
<h1>login.westos.com page</h1>
yum install mod_ssl crypto-utils -y
genkey www.westos.com ##生成证书和密钥
生成的证书:/etc/pki/tls/certs/www.westos.com.crt
生成的密钥:/etc/pki/tls/private/www.westos.com.key
vim /etc/httpd/conf.d/login.conf
<Virtualhost *:443> ##https端口为443
ServerName "login.westos.com"
DocumentRoot "/var/www/virtual/login.westos.com/html"
CustomLog "logs/login.log" combined
SSLEngine on ##开启https功能
SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##证书
SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key ##密钥
</Virtualhost>
<Directory "/var/www/virtual/login.westos.com/html">
Require all granted
</Directory>
<Virtualhost *:80> ##网页重写实现自动访问https
ServerName login.westos.com
RewriteEngine on
RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</Virtualhost>
systemctl restart httpd
##^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
^(/.*)$ 客户主机在地址栏中写入的所有字符,不包括换行符
https:// 定向成为访问协议
%{HTTP_HOST} 客户请求主机
$1 $1的值就表示^(/.*)$的值
[redirect=301] 临时重定向,302表示永久重定向
^(/.*)$ 客户主机在地址栏中写入的所有字符,不包括换行符
https:// 定向成为访问协议
%{HTTP_HOST} 客户请求主机
$1 $1的值就表示^(/.*)$的值
[redirect=301] 临时重定向,302表示永久重定向
3)测试
在客户主机中添加解析
vim /etc/hosts
172.25.254.123 login.westos.com
访问http://login.westos.com会自动调转到https://login.westos.com实现网页数据加密传输
阅读全文
0 0
- apache与https(远程数据传输加密)
- 【Https】iOS端两种Https数据传输加密方法
- nginx+apache实现网站的ssl加密(https)
- JSON 数据传输 与调用远程接口
- JSON 数据传输 与调用远程接口
- Tomcat集群apache摘要认证https加密
- 加密,数字证书与HTTPS原理
- apache http与https配置
- apache http与https配置
- https-安全数据传输
- https数据传输介绍
- 理解SSL(https)中的对称加密与非对称加密
- 安全科普:理解SSL(https)中的对称加密与非对称加密
- 理解SSL(https)中的对称加密与非对称加密
- 理解SSL(https)中的对称加密与非对称加密
- 安全科普:理解SSL(https)中的对称加密与非对称加密
- 理解SSL(https)中的对称加密与非对称加密
- 安全科普:理解SSL(https)中的对称加密与非对称加密
- 冒泡法排序算法
- 数据库连接池原理详解与自定义连接池实现
- php基础篇--wy
- Apache配置中文说明
- Windows 底下根据一个进程的名字杀死一个进程的代码
- apache与https(远程数据传输加密)
- 【Git & GitHub】利用Git Bash进行第一次提交文件
- String、StringBuffer、与StringBuilder的区别
- Linux SVN 命令详解
- 语音合成vocoder(四) aperiodicity参数
- npm版本升级问题
- How I’ve handled multiple screen resolutions in my Unity3D game
- 对象序列化
- Android 5.0 M特性 样式设置