Apache主配置文件: /etc/httpd/conf/httpd.conf
... Listen 80 ##修改默认端口 ... <IfModule dir_module> DirectoryIndex index.html westos ##修改默认读取文件及顺序 </IfModule> ... DocumentRoot "/www/html" ##修改默认家目录 <Directory "/www"> Require all granted ##给予网络文件访问权限,授权 </Directory> ...mkdir /var/www/news mkdir /var/www/qq echo news.westos.com > /var/www/news/westos echo qq.westos.com > /var/www/qq/westos echo www.westos.com > /var/www/html/westos
cd /etc/httpd/conf.d/ ##http子配置文件目录 vim default.conf ##编辑默认子配置文件
<Virtualhost _default_:80> Documentroot /var/www/html ##默认家目录 customlog "logs/default.log" combined ##日志存放地址 </Virtualhost> <Directory /var/www/html> require all granted ##授权 </Directory>cp default.conf news.conf vim news.conf
<Virtualhost *:80> Servername news.westos.com ##访问的域名 Documentroot /var/www/news ##域名对应的家目录 customlog "logs/news.log" combined </Virtualhost> <Directory /var/www/news> require all granted </Directory>cp news.conf qq.conf vim qq.conf
<Virtualhost *:80> Servername qq.westos.com ##访问的域名 Documentroot /var/www/qq ##域名对应的家目录 customlog "logs/qq.log" combined </Virtualhost> <Directory /var/www/qq> require all granted </Directory>systemctl restart httpd
1)添加目录访问权限,用户
cd /etc/httpd/conf htpasswd -cm apacheuser admin ##建立apache用户,第一个建立的+c,并记录到apacheuser中 htpasswd -m apacheuser lee cat apacheuser
vim /etc/httpd/conf.d/news.conf
... <Directory /var/www/news/admin> Authuserfile /etc/httpd/conf/apacheuser ##用户和密码文件所在位置 Authname "Please passwd" Authtype basic ##类型 # Require user admin ##白名单 Require valid-user ##允许所有用户访问 </Directory> ...2)添加目录访问权限,ip vim /etc/httpd/conf.d/news.conf
... <Directory /var/www/news> Order deny,allow allow from 172.25.254.25 deny from all </Directory> ...1)生成自签名证书
1> 确保已安装crypto-utils软件包。 [root@apache-server ~]# yum install crypto-utils mod_ssl -y 2> 调用genkey,同时为生成的文件指定唯一名称(例如,服务器的主机全名)。 –days可以指定证书有效期 [root@apache-server ~]# genkey apache-server.com
2)安装证书及其私钥
1> 确定已安装mod_ssl软件包。 [root@apache-server ~]# yum install mod_ssl -y 2> vim /etc/httpd/conf.d/yu.conf
<Virtualhost *:443> Servername yu.westos.com Documentroot /var/www/yu Customlog "logs/yu.log" combined SSLEngine on SSLCertificateFile /etc/pki/tls/certs/apache-server.crt ##指定证书文件 SSLCertificateKeyFile /etc/pki/tls/private/apache-server.key ##指定锁文件 </Virtualhost> <Directory "/var/www/yu"> Require all granted </Directory> <Virtualhost *:80> ##端口转换 Servername yu.westos.com RewriteEngine on RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301] </Virtualhost>[root@apache-server ~]# systemctl restart httpd
