找回密码
 注册
【阿里云】2核2G云新老同享 99元/年,续费同价华为云精选云产品特惠做网站就用糖果主机Jtti,新加坡服务器,美国服务器,香港服务器
查看: 150|回复: 0

[转贴] httpd高级配置

[复制链接]
发表于 2011 年 3 月 5 日 22:10:13 | 显示全部楼层 |阅读模式

马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。

您需要 登录 才可以下载或查看,没有账号?注册

×

本帖最后由 高兴的地瓜 于 2011-3-3 10:03 编辑
   一、虚拟主机配置
    1、基于ip
    要求:通过192.168.32.31可以访问/var/www/html目录内容,通过192.168.32.32可以访  问/var/www/virt目录内容
    [root@station1 ~]#vi /etc/httpd/conf/httpd.conf
    <VirtualHost 192.168.32.31:80>
    ServerAdmin netsword@kvm.com
    DocumentRoot /var/www/html
    ServerName 192.168.32.31:80
    ErrorLog logs/dummy-host.kvm.com-error_log
    CustomLog logs/dummy-host.kvm.com-access_log common
    </VirtualHost>
    <VirtualHost 192.168.32.32:80>
    ServerAdmin netsword@kvm.com
    DocumentRoot /var/www/virt
    ServerName 192.168.32.32:80
    ErrorLog logs/dummy-host.kvm.com-error_log
    CustomLog logs/dummy-host.kvm.com-access_log common
    </VirtualHost>
    2、基于端口
    要求:通过192.168.32.31的80端口可以访问/var/www/html目录内容,通过192.168.32.31的8080端口可以访问/var/www/virt目录内容
    [root@station1 ~]#vi /etc/httpd/conf/httpd.conf
    Listen 80            #此端口配置文件默认就有
    Listen 8080          #手动添加此端口
    <VirtualHost 192.168.32.31:80>
    ServerAdmin netsword@kvm.com
    DocumentRoot /var/www/html
    ServerName 192.168.32.31:80
    ErrorLog logs/dummy-host.kvm.com-error_log
    CustomLog logs/dummy-host.kvm.com-access_log common
    </VirtualHost>
    <VirtualHost 192.168.32.31:8080>
    ServerAdmin netsword@kvm.com
    DocumentRoot /var/www/virt
    ServerName 192.168.32.31:8080
    ErrorLog logs/dummy-host.kvm.com-error_log
    CustomLog logs/dummy-host.kvm.com-access_log common
    </VirtualHost>
    3、基于主机头
    要求:通过station1.kvm.com可以访问/var/www/html目录内容,通过www.kvm.com可以访问/var/www/virt目录内容  (注意要求DNS服务器上有这两个网站解析)
    [root@station1 ~]#vi /etc/httpd/conf/httpd.conf
    NameVirtualHost 192.168.32.31:80   #要求必须由此行,此行表示打开主机头虚拟主机
    <VirtualHost 192.168.32.31:80>
    ServerAdmin netsword@kvm.com
    DocumentRoot /var/www/html
    ServerName station1.kvm.com
    ErrorLog logs/dummy-host.kvm.com-error_log
    CustomLog logs/dummy-host.kvm.com-access_log common
    </VirtualHost>
    <VirtualHost 192.168.32.31:80>
    ServerAdmin netsword@kvm.com
    DocumentRoot /var/www/virt
    ServerName www.kvm.com
    ErrorLog logs/dummy-host.kvm.com-error_log
    CustomLog logs/dummy-host.kvm.com-access_log common
    </VirtualHost>

二、多种用户认证方式配置
    1、使用htpsswd工作生成的密码文件认证用户来源
    [root@station1 conf.d]# htpasswd -cm /etc/httpd/.webusers netsword
    [root@station1 conf.d]# htpasswd -m /etc/httpd/.webusers netswordster
    [root@station1 conf.d]# htpasswd -m /etc/httpd/.webusers zhxy
    [root@station1 conf.d]# htpasswd -m /etc/httpd/.webusers zxy
    [root@station1 conf.d]# vi /etc/httpd/.webgroup  #给用户分组
    net:netsword netswordster
    zh:zhxy zxy
    # -c:表示创建密码文件
    # -m:增加用户到密码文件
    # -D:从密码文件中删除用户
    [root@station1 conf.d]#
    [root@station1 conf.d]# vi /etc/htttpd/conf/httpd.conf
    <VirtualHost 192.168.32.31:80>
    ServerAdmin netsword@kvm.com
    DocumentRoot /var/www/html
    ServerName station1.kvm.com
    <Directory /var/www/html>
    AuthName TestAdmin    #提示信息
    AuthType basic        #基本身份认证,即基于密码文件的身份认证
    AuthUserFile /etc/httpd/.webusers
    Require valid-user
    #有此行所有用户均可访问;如无此行,则后面net组内用户可访问
    AuthGroupFile /etc/httpd/.webgroup      #可访问用户为net组中用户
    Require Group net
    #valid-user:表所有密码文件中的用户均可访问此目录,也可为Require netsword则表示只有密码文件中netsword账户可以访问此目录
    </Directory>
    ErrorLog logs/dummy-host.kvm.com-error_log
    CustomLog logs/dummy-host.kvm.com-access_log common
    </VirtualHost>
    2、使用MySQL数据库认证用户来源
    安装mysql及httpd中mysql认证模块
    [root@station1 ~]# yum install mysql-server.i386
    [root@station1 ~]# yum install mysql-devel.i386
    [root@station1 ~]# yum install mod_auth_mysql.i386
    [root@station1 ~]# service mysqld start
    [root@station1 ~]# chkconfig mysql on
    创建认证用户和认证组
    [root@station1 ~]# mysqladmin -u root password redhat
    [root@station1 ~]# mysql -uroot -predhat
    Welcome to the MySQL monitor.  Commands end with ; or \g.
    Your MySQL connection id is 131
    Server version: 5.0.77 Source distribution
    Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
    mysql> create database apacheusers;
    mysql> use apacheusers;
    mysql> create table user (name char(25),pwd char(25), primary key (name));
    mysql> create table grp (uname char(25),gname char(25),primary key (uname,gname));
    mysql> grant select on apacheusers.user to apacheuser@localhost identified by 'redhat';
    mysql> grant select on apacheusers.grp to apacheuser@localhost identified by 'redhat';
    mysql> insert into user (name,pwd) values ('netsword','111');
    mysql> insert into user (name,pwd) values ('netswordster','111');
    mysql> insert into user (name,pwd) values ('zhxy','222');
    mysql> insert into user (name,pwd) values ('zxy','222');
    mysql> insert into grp (uname,gname) values ('netsword','net');
    mysql> insert into grp (uname,gname) values ('netswordster','net');
    mysql> insert into grp (uname,gname) values ('zhxy','zh');
    mysql> insert into grp (uname,gname) values ('zxy','zh');
    修改配置文件,开启mysql认证
    [root@station1 ~]# vi /etc/httpd/conf/httpd.conf
    NameVirtualHost 192.168.32.31:80
    <VirtualHost 192.168.32.31:80>
    ServerAdmin netsword@kvm.com
    DocumentRoot /var/www/html
    ServerName station1.kvm.com
    <Directory /var/www/html>
    AuthName TestAdmin
    AuthType basic
    AuthMySQLEnable on
    AuthMySQLUser apacheuser
    AuthMySQLPassword redhat
    AuthMySQLDB apacheusers
    AuthMySQLUserTable user
    AuthMySQLNameField name
    AuthMySQLPasswordField pwd
    Require valid-user
    AuthMySQLGroupTable grp
    AuthMySQLGroupField gname
    Require Group net
    </Directory>
    ErrorLog logs/dummy-host.kvm.com-error_log
    CustomLog logs/dummy-host.kvm.com-access_log common
    </VirtualHost>
    三、HTTPS配置
    1、自颁发证书
    [root@station1 ~]#yum install mod_ssl.i386
    [root@station1 ~]#mkdir /etc/httpd/.sslkey
    [root@station1 ~]#openssl genrsa -out /etc/httpd/.sslkey/server.key 1024
    [root@station1 ~]#openssl req -new -x509 -key /etc/httpd/.sslkey/server.key -out /etc/httpd/.sslkey/server.cert #生成密钥对
    [root@station1 ~]#chmod -R 400 /etc/httpd/.sslkey    #保证证书安全
    [root@station1 ~]#vi /etc/httpd/conf/httpd.conf
    <VirtualHost 192.168.32.31:443>
    ServerAdmin webmaster@dummy-host.kvm.com
    DocumentRoot /var/www/virt
    ServerName www.kvm.com
    SSLEngine on                                         #开启ssl认证
    SSLCertificateFile /etc/httpd/.sslkey/server.crt     #证书文件
    SSLCertificateKeyFile /etc/httpd/.sslkey/server.key  #密钥文件
    </VirtualHost>


Jgwy.Com - Free Web Hosting Guide & Directory In China since 2001! Jgwy.Net-Jglt.Net
您需要登录后才可以回帖 登录 | 注册

本版积分规则

Archiver|手机版|小黑屋|金光论坛

GMT+8, 2024 年 11 月 20 日 09:45 , Processed in 0.021760 second(s), 22 queries .

Powered by Discuz! X3.5

© 2001-2024 Discuz! Team.

快速回复 返回顶部 返回列表