12.04
来源:互联网 发布:北京java培训多少钱 编辑:程序博客网 时间:2024/06/05 17:39
####前端空壳,后端处理####
前端机器 IP:172.25.254.21
yum reinstall postfix -y
vim /etc/postfix/main.cf
75 myhostname = 21westos.westos.com
83 mydomain = westos.com
98 myorigin = westos.org
113 inet_interfaces = all
116 #inet_interfaces = localhost
140 local_transport = error:local delivery disabled
164 mydestination =
314 relayhost = 172.25.254.11
后端机器 ##配置好虚拟用户的机器 IP:172.25.254.11
vim /etc/postfix/main.cf
264 mynetworks = 172.25.254.21
双方都重启postfix
####Apache####
install Apache
yum install httpd -y ##install Apache
vim /etc/httpd/conf/httpd.conf ##修改Apache的默认读取文件
163 <IfModule dir_module>
164 DirectoryIndex file index.html ##默认读取file
165 </IfModule>
systemctl restart httpd
yum install httpd-manual -y ##Apache手册
ls -Z 文件名字 ##显示文件的标签
semanage fcontext -a -t httpd_sys_content_t '/www/westos(/.*)?' ##修改标签
restorecon -RvvF /www/ ##修改后刷新
vim /etc/httpd/conf/httpd.conf
121 <Directory "/www/westos">
122 require all granted
123 </Directory>
systemctl restart httpd
####访问权限问题####
vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 require all granted
123 Order Allow,Deny
124 Allow from ALL
125 Deny from 172.25.254.32
126 </Directory> ##允许所有ip访问,除了172.25.254.32
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 require all granted
123 Order Deny,Allow
124 Allow from 172.25.254.11
125 Deny from ALL
126 </Directory> ##禁止所有ip访问,除了172.25.254.11
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 require all granted
123 Order Deny,Allow
124 Allow from 172.25.254.0/24
125 Deny from ALL ##禁止所有ip访问,除了172.25.254.0/24网段
126 </Directory>
####输入用户和密码才能访问####
cd /etc/httpd/
htpasswd -cm htpasswdfile admin
htpasswd -m htpasswdfile yan
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 AllowOverride All
123 Authuserfile /etc/httpd/htpasswdfile
124 Authname "please input username and password"
125 Authtype basic
126 Require valid-user
127 </Directory> ##编辑httpd.conf文件
####不同内容不同页面访问####
服务主机配置
mkdir /var/www/virtual/news.westos.com/html -p
mkdir /var/www/virtual/music.westos.com/html -p
分别在相应目录下建立文件,要不没内容
cd /etc/httpd/conf.d
vim default.conf
vim news.conf
vim music.conf
##news.conf##
<Virtualhost *:80>
Servername news.westos.com
Documentroot /var/www/virtual/news.westos.com/html
Customlog "logs/news.log" combined
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html">
Require all granted
</Directory>
##music.conf##
<Virtualhost *:80>
Servername music.westos.com
Documentroot /var/www/virtual/music.westos.com/html
Customlog "logs/music.log" combined
</Virtualhost>
<Directory "/var/www/virtual/music.westos.com/html">
Require all granted
</Directory>
##default.conf##
<Virtualhost _default_:80>
Documentroot /var/www/html
Customlog "logs/default.log" combined
</Virtualhost>
<Directory "/var/www/html">
Require all granted
</Directory>
客户端主机配置
vim /etc/hosts
172.25.254.11 www.westos.com music.westos.com news.westos.com
####https安全访问####
yum install crypto-utils.x86_64 -y
yum install mod_ssl.x86_64 -y
genkey www.westos.com ##生成证书
┌──────────────────────────┤ Keypair generation ├──────────────────────────┐
│ │
│ You are now generating a new keypair which will be used to encrypt all ↑ │
│ SSL traffic to the server named www.westos-c.com. ▮ │
│ Optionally you can also create a certificate request and send it to a ▒ │
│ certificate authority (CA) for signing. ▒ │
│ ▒ │
│ The key will be stored in ▒ │
│ /etc/pki/tls/private/www.westos-c.com.key ▒ │
│ The certificate stored in ▒ │
│ /etc/pki/tls/certs/www.westos-c.com.crt ▒ │
│ ↓ │
│ │
│ ┌──────┐ ┌────────┐ │
│ │ Next │ │ Cancel │ │
│ └──────┘ └────────┘ │
│ │
│ │
└──────────────────────────────────────────────────────────────────────────┘
┌──────────────────────────┤ Choose key size ├───────────────────────────┐
│ │
│ Choose the size of your key. The smaller the key you choose the faster │
│ your server response will be, but you'll have less security. Keys of │
│ less than 1024 bits are easily cracked. │
│ │
│ We suggest you select the default, 2048 bits. │
│ │
│ │
│ 512 (insecure) │
│ 1024 (low-grade, fast speed) │
│ 2048 (medium-security, medium speed) [RECOMMENDED] │
│ 4096 (high-security, slow speed) │
│ Choose your own │
│ │
│ ┌──────┐ ┌──────┐ ┌────────┐ │
│ │ Next │ │ Back │ │ Cancel │ │
│ └──────┘ └──────┘ └────────┘ │
│ │
│ │
└────────────────────────────────────────────────────────────────────────┘
┌──────────────────┤ Generate CSR ├──────────────────┐
│ │
│ Would you like to send a Certificate Request (CSR) │
│ to a Certificate Authority (CA)? │
│ │
│ ┌─────┐ ┌────┐ │
│ │ Yes │ │ No │ │
│ └─────┘ └────┘ │
│ │
│ │
└────────────────────────────────────────────────────┘
┌────────────────────┤ Protecting your private key ├─────────────────────┐
│ │
│ At this stage you can set the passphrase on your private key. If you │
│ set the passphrase you will have to enter it every time the server │
│ starts. The passphrase you use to encrypt your key must be the same │
│ for all the keys used by the same server installation. │
│ │
│ If you do not encrypt your key, then if someone breaks into your │
│ server and grabs the file containing your key, they will be able to │
│ decrypt all communications to and from the server that were negotiated │
│ using that key. If your key is encrypted it would be much more │
│ work for someone to retrieve the private key. │
│ │
│ [ ] Encrypt the private key │
│ │
│ ┌──────┐ ┌──────┐ ┌────────┐ │
│ │ Next │ │ Back │ │ Cancel │ │
│ └──────┘ └──────┘ └────────┘ │
│ │
│ │
└────────────────────────────────────────────────────────────────────────┘
┌──────────────────┤ Enter details for your certificate ├──────────────────┐
│ │
│ You are about to be asked to enter information that will be made into │
│ a self-signed certificate for your server. What you are about to enter │
│ is what is called a Distinguished Name or a DN. There are quite a few │
│ fields but you can leave some blank │
│ │
│ Country Name (ISO 2 letter code) CN_ │
│ State or Province Name (full name) shannxi_____________ │
│ Locality Name (e.g. city) xi'an_______________ │
│ Organization Name (eg, company) westos________________________ │
│ Organizational Unit Name (eg, section) linux_________________________ │
│ │
│ Common Name (fully qualified domain name) www.westos.com________________ │
│ │
│ ┌──────┐ ┌──────┐ ┌────────┐ │
│ │ Next │ │ Back │ │ Cancel │ │
│ └──────┘ └──────┘ └────────┘ │
│ │
└──────────────────────────────────────────────────────────────────────────┘
vim ssl.conf
100 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
108 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
前端机器 IP:172.25.254.21
yum reinstall postfix -y
vim /etc/postfix/main.cf
75 myhostname = 21westos.westos.com
83 mydomain = westos.com
98 myorigin = westos.org
113 inet_interfaces = all
116 #inet_interfaces = localhost
140 local_transport = error:local delivery disabled
164 mydestination =
314 relayhost = 172.25.254.11
后端机器 ##配置好虚拟用户的机器 IP:172.25.254.11
vim /etc/postfix/main.cf
264 mynetworks = 172.25.254.21
双方都重启postfix
####Apache####
install Apache
yum install httpd -y ##install Apache
vim /etc/httpd/conf/httpd.conf ##修改Apache的默认读取文件
163 <IfModule dir_module>
164 DirectoryIndex file index.html ##默认读取file
165 </IfModule>
systemctl restart httpd
yum install httpd-manual -y ##Apache手册
ls -Z 文件名字 ##显示文件的标签
semanage fcontext -a -t httpd_sys_content_t '/www/westos(/.*)?' ##修改标签
restorecon -RvvF /www/ ##修改后刷新
vim /etc/httpd/conf/httpd.conf
121 <Directory "/www/westos">
122 require all granted
123 </Directory>
systemctl restart httpd
####访问权限问题####
vim /etc/httpd/conf/httpd.conf
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 require all granted
123 Order Allow,Deny
124 Allow from ALL
125 Deny from 172.25.254.32
126 </Directory> ##允许所有ip访问,除了172.25.254.32
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 require all granted
123 Order Deny,Allow
124 Allow from 172.25.254.11
125 Deny from ALL
126 </Directory> ##禁止所有ip访问,除了172.25.254.11
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 require all granted
123 Order Deny,Allow
124 Allow from 172.25.254.0/24
125 Deny from ALL ##禁止所有ip访问,除了172.25.254.0/24网段
126 </Directory>
####输入用户和密码才能访问####
cd /etc/httpd/
htpasswd -cm htpasswdfile admin
htpasswd -m htpasswdfile yan
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 AllowOverride All
123 Authuserfile /etc/httpd/htpasswdfile
124 Authname "please input username and password"
125 Authtype basic
126 Require valid-user
127 </Directory> ##编辑httpd.conf文件
####不同内容不同页面访问####
服务主机配置
mkdir /var/www/virtual/news.westos.com/html -p
mkdir /var/www/virtual/music.westos.com/html -p
分别在相应目录下建立文件,要不没内容
cd /etc/httpd/conf.d
vim default.conf
vim news.conf
vim music.conf
##news.conf##
<Virtualhost *:80>
Servername news.westos.com
Documentroot /var/www/virtual/news.westos.com/html
Customlog "logs/news.log" combined
</Virtualhost>
<Directory "/var/www/virtual/news.westos.com/html">
Require all granted
</Directory>
##music.conf##
<Virtualhost *:80>
Servername music.westos.com
Documentroot /var/www/virtual/music.westos.com/html
Customlog "logs/music.log" combined
</Virtualhost>
<Directory "/var/www/virtual/music.westos.com/html">
Require all granted
</Directory>
##default.conf##
<Virtualhost _default_:80>
Documentroot /var/www/html
Customlog "logs/default.log" combined
</Virtualhost>
<Directory "/var/www/html">
Require all granted
</Directory>
客户端主机配置
vim /etc/hosts
172.25.254.11 www.westos.com music.westos.com news.westos.com
####https安全访问####
yum install crypto-utils.x86_64 -y
yum install mod_ssl.x86_64 -y
genkey www.westos.com ##生成证书
┌──────────────────────────┤ Keypair generation ├──────────────────────────┐
│ │
│ You are now generating a new keypair which will be used to encrypt all ↑ │
│ SSL traffic to the server named www.westos-c.com. ▮ │
│ Optionally you can also create a certificate request and send it to a ▒ │
│ certificate authority (CA) for signing. ▒ │
│ ▒ │
│ The key will be stored in ▒ │
│ /etc/pki/tls/private/www.westos-c.com.key ▒ │
│ The certificate stored in ▒ │
│ /etc/pki/tls/certs/www.westos-c.com.crt ▒ │
│ ↓ │
│ │
│ ┌──────┐ ┌────────┐ │
│ │ Next │ │ Cancel │ │
│ └──────┘ └────────┘ │
│ │
│ │
└──────────────────────────────────────────────────────────────────────────┘
┌──────────────────────────┤ Choose key size ├───────────────────────────┐
│ │
│ Choose the size of your key. The smaller the key you choose the faster │
│ your server response will be, but you'll have less security. Keys of │
│ less than 1024 bits are easily cracked. │
│ │
│ We suggest you select the default, 2048 bits. │
│ │
│ │
│ 512 (insecure) │
│ 1024 (low-grade, fast speed) │
│ 2048 (medium-security, medium speed) [RECOMMENDED] │
│ 4096 (high-security, slow speed) │
│ Choose your own │
│ │
│ ┌──────┐ ┌──────┐ ┌────────┐ │
│ │ Next │ │ Back │ │ Cancel │ │
│ └──────┘ └──────┘ └────────┘ │
│ │
│ │
└────────────────────────────────────────────────────────────────────────┘
┌──────────────────┤ Generate CSR ├──────────────────┐
│ │
│ Would you like to send a Certificate Request (CSR) │
│ to a Certificate Authority (CA)? │
│ │
│ ┌─────┐ ┌────┐ │
│ │ Yes │ │ No │ │
│ └─────┘ └────┘ │
│ │
│ │
└────────────────────────────────────────────────────┘
┌────────────────────┤ Protecting your private key ├─────────────────────┐
│ │
│ At this stage you can set the passphrase on your private key. If you │
│ set the passphrase you will have to enter it every time the server │
│ starts. The passphrase you use to encrypt your key must be the same │
│ for all the keys used by the same server installation. │
│ │
│ If you do not encrypt your key, then if someone breaks into your │
│ server and grabs the file containing your key, they will be able to │
│ decrypt all communications to and from the server that were negotiated │
│ using that key. If your key is encrypted it would be much more │
│ work for someone to retrieve the private key. │
│ │
│ [ ] Encrypt the private key │
│ │
│ ┌──────┐ ┌──────┐ ┌────────┐ │
│ │ Next │ │ Back │ │ Cancel │ │
│ └──────┘ └──────┘ └────────┘ │
│ │
│ │
└────────────────────────────────────────────────────────────────────────┘
┌──────────────────┤ Enter details for your certificate ├──────────────────┐
│ │
│ You are about to be asked to enter information that will be made into │
│ a self-signed certificate for your server. What you are about to enter │
│ is what is called a Distinguished Name or a DN. There are quite a few │
│ fields but you can leave some blank │
│ │
│ Country Name (ISO 2 letter code) CN_ │
│ State or Province Name (full name) shannxi_____________ │
│ Locality Name (e.g. city) xi'an_______________ │
│ Organization Name (eg, company) westos________________________ │
│ Organizational Unit Name (eg, section) linux_________________________ │
│ │
│ Common Name (fully qualified domain name) www.westos.com________________ │
│ │
│ ┌──────┐ ┌──────┐ ┌────────┐ │
│ │ Next │ │ Back │ │ Cancel │ │
│ └──────┘ └──────┘ └────────┘ │
│ │
└──────────────────────────────────────────────────────────────────────────┘
vim ssl.conf
100 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
108 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
0 0
- 12.04
- 12.04
- 12.04.01 ~ 12.04.07
- 12.04.08 ~ 12.04.14
- 12.04.15 ~ 12.04.21
- 12.04.22 ~ 12.04.28
- Ubuntu 12.04
- bochs `` 12.04
- Ubuntu 12.04
- ubuntu 12.04
- ubuntu 12.04
- 12.04 源
- 12.04学习计划
- 12.04 Day10
- RichView 12.04 破解版
- 本周计划11.28-12.04
- ubuntu 12.04 preview
- ubuntu 11.10-12.04学习
- 2016 Unicode Conference拾遗(四)
- Android 之窗口小部件详解--App Widget
- 12.03
- c++和java字节高低位的转换
- ToolBar+NavigationDraw实现炫酷的侧边栏
- 12.04
- C语言
- android 自定义ViewGroup实现仿淘宝的商品详情页
- js显示年月日 星期
- ListView嵌套CheckBox滑动时CheckBox选中状态错乱
- android核心技术之性能分析工具TraceView
- 第十五周项目2-用哈希法组织关键字
- 大神教你如何构建面向应用的运维管理新思维
- 我的第一个网页!激动!