编译安装最新版httpd,配置三种不同虚拟主机,httpd配置,访问控制配置


下载apr apr-util httpd 源码包

1 [root@localhost ~]# dnf -y install wget下载wget
2 [root@localhost ~]# wget https://downloads.apache.org/apr/apr-1.7.0.tar.gz
3 [root@localhost ~]# wget https://downloads.apache.org/apr/apr-util-1.6.1.tar.gz
4 [root@localhost ~]# wget https://downloads.apache.org/httpd/httpd-2.4.53.tar.gz
5 [root@localhost ~]# yum groups mark install "Development Tools"
6 看需要那些工具包

安装开发环境

1 [root@localhost ~]# useradd -r -M -s /sbin/nologin apache
2 [root@localhost ~]# id apache  创建一个apache系统用户不加目录不允许登录
3 uid=995(apache) gid=992(apache) 组=992(apache)
4 [root@localhost ~]# yum -y install openssl-devel pcre-devel expat-devel libtool     安装依赖包

解压apr apr-util httpd

1 [root@localhost ~]# ls
2 anaconda-ks.cfg  apr-1.7.0.tar.gz  apr-util-1.6.1.tar.gz  httpd-2.4.53.tar.gz
3 [root@localhost ~]# tar xf apr-1.7.0.tar.gz 
4 [root@localhost ~]# tar xf apr-util-1.6.1.tar.gz 
5 [root@localhost ~]# tar xf httpd-2.4.53.tar.gz 
6 [root@localhost ~]# ls
7 anaconda-ks.cfg  apr-1.7.0  apr-1.7.0.tar.gz  apr-util-1.6.1  apr-util-1.6.1.tar.gz  httpd-2.4.53  httpd-2.4.53.tar.gz

安装编译apr

 1 [root@localhost ~]# cd apr-1.7.0
 2 [root@localhost apr-1.7.0]# ./configure --prefix=/usr/local/apr
 3 configure: error: in `/root/apr-1.7.0':   报错
 4 configure: error: no acceptable C compiler found in $PATH
 5 处理
 6 [root@localhost apr-1.7.0]# dnf -y install gcc gcc-c++ --allowerasing  --nobest
 7 [root@localhost apr-1.7.0]# ./configure --prefix=/usr/local/apr
 8 rm: cannot remove 'libtoolT': No such file or directory   继续报错
 9 [root@localhost apr-1.7.0]# dnf -y install vim   下载vim
10 [root@localhost apr-1.7.0]# vim configure
11 #    $RM "$cfgfile"  注释掉或者删除
12 [root@localhost apr-1.7.0]# dnf -y install make  安装make
13 [root@localhost apr-1.7.0]# make -j 4     编译安装
14 [root@localhost apr-1.7.0]# make install

安装编译apr-util

1 [root@localhost apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr    编译子包的时候要告诉主包的位子
2 [root@localhost apr-util-1.6.1]# make -j 4   编译
3 [root@localhost apr-util-1.6.1]# make install   安装

安装编译apache

 1 [root@localhost httpd-2.4.53]# ./configure --prefix=/usr/local/apache /
 2 > --enable-so /
 3 > --enable-ssl /
 4 > --enable-cgi /
 5 > --enable-rewrite /
 6 > --with-zlib /
 7 > --with-pcre /
 8 > --with-apr=/usr/local/apr /
 9 > --with-apr-util=/usr/local/apr-util/ /
10 > --enable-modules=most /
11 > --enable-mpms-shared=all /
12 > --with-mpm=prefork
13 [root@localhost httpd-2.4.53]# make -j 4
14 [root@localhost httpd-2.4.53]# make install

设置环境变量,头文件,man文件

1 [root@localhost ~]# echo 'export   PATH=/usr/local/apache/bin:$PATH' >/etc/profile.d/apache.sh
2 [root@localhost ~]# source /etc/profile.d/apache.sh  读以下
3 [root@localhost ~]# which httpd     生成httpd命令
4 /usr/local/apache/bin/httpd 
5 [root@localhost ~]# which apachectl   生成apachectl命令
6 /usr/local/apache/bin/apachectl
7 [root@localhost ~]# ln -s /usr/local/apache/include/ /usr/include/apache 设置头文件
8 [root@localhost ~]# vim /etc/man_db.conf   设置man文档
9 MANDATORY_MANPATH                       /usr/local/apache/man

关闭防火墙

1 [root@localhost ~]# systemctl disable --now firewalld
2 Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
3 Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.  开机不自启,立马关闭
4 [root@localhost ~]# setenforce 0  关闭立即生效
5 [root@localhost ~]# getenforce
6 Permissive
7 [root@localhost ~]# vim /etc/selinux/config
8 SELINUX=disabled    修改之后下次重启就可以永久生效

启动服务

1 [root@localhost ~]# apachectl start
2 AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message  此处警告无视,等下处理
3 [root@localhost ~]# ss -antl
4 State             Recv-Q            Send-Q                       Local Address:Port                        Peer Address:Port            Process            
5 LISTEN            0                 128                                0.0.0.0:22                               0.0.0.0:*                                  
6 LISTEN            0                 128                                      *:80                                     *:*                                  
7 LISTEN            0                 128                                   [::]:22                                  [::]:*    有80端口号

编译安装最新版httpd,配置三种不同虚拟主机,httpd配置,访问控制配置

 

 

 处理警告

1 [root@localhost conf]# vim httpd.conf
2 ServerName  注释取消掉
3 [root@localhost conf]# apachectl start  没有警告了
4 [root@localhost conf]# ss -antl
5 State             Recv-Q            Send-Q                       Local Address:Port                        Peer Address:Port            Process            
6 LISTEN            0                 128                                0.0.0.0:22                               0.0.0.0:*                                  
7 LISTEN            0                 128                                      *:80                                     *:*                                  
8 LISTEN            0                 128                                   [::]:22                                  [::]:*  

设置systemctl控制httpd

 1 写一个服务文件
 2 [root@localhost system]# ls sshd.service 
 3 sshd.service                                        复制一个叫httpd.生成service文件
 4 [root@localhost system]# cp sshd.service httpd.service
 5 [root@localhost system]# vim httpd.service 
 6 [Unit]
 7 Description=httpd server daemon
 8 After=network.target sshd-keygen.target
 9 
10 [Service]                   修改成这样
11 Type=forking
12 EnvironmentFile=-/etc/sysconfig/sshd    
13 ExecStart=/usr/local/apache/bin/apachectl start
14 ExecStop=/usr/local/apache/bin/apachectl stop
15 ExecReload=/bin/kill -HUP $MAINPID
16 
17 [Install]
18 WantedBy=multi-user.target
19 [root@localhost system]# systemctl daemon-reload重新加载一下
20 [root@localhost system]# cd
21 [root@localhost ~]# systemctl status httpd    
22 ● httpd.service - httpd server daemon
23    Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
24    Active: inactive (dead)
25 [root@localhost ~]# systemctl start httpd
26 [root@localhost ~]# ss -antl
27 State             Recv-Q            Send-Q                       Local Address:Port                        Peer Address:Port            Process            
28 LISTEN            0                 128                                0.0.0.0:22                               0.0.0.0:*                                  
29 LISTEN            0                 128                                      *:80                                     *:*                                  
30 LISTEN            0                 128                                   [::]:22                                  [::]:*               
31 [root@localhost ~]# systemctl enable httpd
32 Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.  设置开机自启
33 [root@localhost ~]# systemctl status httpd
34 ● httpd.service - httpd server daemon
35    Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
36    Active: active (running) since Sun 2022-04-17 15:15:06 CST; 2min 48s ago
37  Main PID: 67806 (httpd)
38     Tasks: 6 (limit: 11175)
39    Memory: 4.2M
40    CGroup: /system.slice/httpd.service
41            ├─67806 /usr/local/apache/bin/httpd -k start
42            ├─67807 /usr/local/apache/bin/httpd -k start
43            ├─67808 /usr/local/apache/bin/httpd -k start
44            ├─67809 /usr/local/apache/bin/httpd -k start
45            ├─67810 /usr/local/apache/bin/httpd -k start
46            └─67811 /usr/local/apache/bin/httpd -k start
47 
48 4月 17 15:15:06 localhost.localdomain systemd[1]: Starting httpd server daemon...
49 4月 17 15:15:06 localhost.localdomain systemd[1]: Started httpd server daemon.

配置虚拟主机   ip访问

 1 [root@localhost ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf   虚拟主机文件
 2 <VirtualHost *:80>
 3     ServerAdmin webmaster@dummy-host.example.com
 4     DocumentRoot "/usr/local/apache/docs/dummy-host.example.com"
 5     ServerName dummy-host.example.com
 6     ServerAlias www.dummy-host.example.com
 7     ErrorLog "logs/dummy-host.example.com-error_log"
 8     CustomLog "logs/dummy-host.example.com-access_log" common
 9 </VirtualHost>
10 保留一个,后面的删除
11 <VirtualHost *:80>
12     DocumentRoot "/usr/local/apache/htdocs/test.example.com"
13     ServerName test.example.com
14     ErrorLog "logs/test.example.com-error_log"放错误日志
15     CustomLog "logs/test.example.com-access_log" common正确日志
16 修改成这样
17 [root@localhost ~]# vim /usr/local/apache/conf/httpd.conf 主配置文件
18 #Include conf/extra/httpd-vhosts.conf   取消注释让虚拟主机配置生效
19 [root@localhost ~]# systemctl restart httpd重启服务
20 [root@localhost ~]# systemctl status httpd
21 ● httpd.service - httpd server daemon
22    Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
23    Active: active (running) since Sun 2022-04-17 15:48:13 CST; 1min 19s ago
24   Process: 67870 ExecStop=/usr/local/apache/bin/apachectl stop (code=exited, status=0/SUCCESS)
25   Process: 67874 ExecStart=/usr/local/apache/bin/apachectl start (code=exited, status=0/SUCCESS)
26  Main PID: 67879 (httpd)
27     Tasks: 6 (limit: 11175)
28    Memory: 4.3M
29    CGroup: /system.slice/httpd.service
30            ├─67879 /usr/local/apache/bin/httpd -k start
31            ├─67880 /usr/local/apache/bin/httpd -k start
32            ├─67881 /usr/local/apache/bin/httpd -k start
33            ├─67882 /usr/local/apache/bin/httpd -k start
34            ├─67883 /usr/local/apache/bin/httpd -k start
35            └─67884 /usr/local/apache/bin/httpd -k start
36 
37 4月 17 15:48:13 localhost.localdomain systemd[1]: Starting httpd server daemon...
38 4月 17 15:48:13 localhost.localdomain systemd[1]: Started httpd server daemon.
39 [root@localhost test.example.com]# echo "test page" > abc.html
40 [root@localhost test.example.com]# ls
41 abc.html
42 [root@localhost test.example.com]# mv abc.html index.html
43 [root@localhost test.example.com]# ls
44 index.html    网站首页的名字一定要叫index.html才可以直接访问

编译安装最新版httpd,配置三种不同虚拟主机,httpd配置,访问控制配置刷新就可以看到内容

 

 

 

相同ip不同端口号访问

 1 [root@localhost htdocs]# cd blog.example.com/  另外一个网站
 2 [root@localhost blog.example.com]# echo "bolg page" > index.html
 3 [root@localhost ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf     写blog的配置文件
 4 <VirtualHost *:80>
 5     DocumentRoot "/usr/local/apache/htdocs/test.example.com"
 6     ServerName test.example.com
 7     ErrorLog "logs/test.example.com-error_log"
 8     CustomLog "logs/test.example.com-access_log" common
 9 </VirtualHost>
10 Listen 81加一给监听
11 <VirtualHost *:81>   配置一个新的81端口号
12     DocumentRoot "/usr/local/apache/htdocs/blog.example.com"
13     ServerName blog.example.com
14     ErrorLog "logs/blog.example.com-error_log"
15     CustomLog "logs/blog.example.com-access_log" common
16 </VirtualHost>
17 [root@localhost ~]# systemctl restart httpd重启服务
18 [root@localhost ~]# ss -antl
19 State             Recv-Q            Send-Q                       Local Address:Port                       Peer Address:Port            Process            
20 LISTEN            0                 128                                0.0.0.0:22                              0.0.0.0:*                                  
21 LISTEN            0                 128                                      *:80                                    *:*                                  
22 LISTEN            0                 128                                      *:81                                    *:*                                  
23 LISTEN            0                 128                                   [::]:22                                 [::]:*        80 81端口号都有了

编译安装最新版httpd,配置三种不同虚拟主机,httpd配置,访问控制配置默认是80端口号,:加上81就是81端口号编译安装最新版httpd,配置三种不同虚拟主机,httpd配置,访问控制配置

 

 

 不同ip相同端口号

 1 [root@localhost ~]# ip addr add 192.168.149.84/24 dev ens33
 2 [root@localhost ~]# ip a s ens33
 3 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
 4     link/ether 00:0c:29:bc:11:bf brd ff:ff:ff:ff:ff:ff
 5     inet 192.168.149.85/24 brd 192.168.149.255 scope global noprefixroute ens33
 6        valid_lft forever preferred_lft forever
 7     inet 192.168.149.84/24 scope global secondary ens33
 8        valid_lft forever preferred_lft forever
 9     inet6 fe80::20c:29ff:febc:11bf/64 scope link 
10        valid_lft forever preferred_lft forever   添加一个84的新ip
11 
12 [root@localhost ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf   
13 <VirtualHost 192.168.149.85:80>
14     DocumentRoot "/usr/local/apache/htdocs/test.example.com"
15     ServerName test.example.com
16     ErrorLog "logs/test.example.com-error_log"
17     CustomLog "logs/test.example.com-access_log" common
18 </VirtualHost>
19 <VirtualHost 192.168.149.84:80>
20     DocumentRoot "/usr/local/apache/htdocs/blog.example.com"
21     ServerName blog.example.com
22     ErrorLog "logs/blog.example.com-error_log"
23     CustomLog "logs/blog.example.com-access_log" common
24 </VirtualHost>  把*号去掉输入要访问的ip
25 [root@localhost ~]# systemctl stop httpd  先停掉
26 [root@localhost ~]# ss -antl
27 State             Recv-Q            Send-Q                       Local Address:Port                       Peer Address:Port            Process            
28 LISTEN            0                 128                                0.0.0.0:22                              0.0.0.0:*                                  
29 LISTEN            0                 128                                   [::]:22                                 [::]:*                                  
30 [root@localhost ~]# systemctl start httpd在启动
31 [root@localhost ~]# ss -antl
32 State             Recv-Q            Send-Q                       Local Address:Port                       Peer Address:Port            Process            
33 LISTEN            0                 128                                0.0.0.0:22                              0.0.0.0:*                                  
34 LISTEN            0                 128                                      *:80                                    *:*                                  
35 LISTEN            0                 128                                   [::]:22                                 [::]:*         
36  

编译安装最新版httpd,配置三种不同虚拟主机,httpd配置,访问控制配置编译安装最新版httpd,配置三种不同虚拟主机,httpd配置,访问控制配置   

 

 

 相同ip相同端口号不同域名

[root@localhost ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>  ip去掉,端口号一样,域名本来就不一样
    DocumentRoot "/usr/local/apache/htdocs/test.example.com"
    ServerName test.example.com
    ErrorLog "logs/test.example.com-error_log"
    CustomLog "logs/test.example.com-access_log" common
</VirtualHost>
<VirtualHost *:80>
    DocumentRoot "/usr/local/apache/htdocs/blog.example.com"
    ServerName blog.example.com
    ErrorLog "logs/blog.example.com-error_log"
    CustomLog "logs/blog.example.com-access_log" common
</VirtualHost>
[root@localhost ~]# systemctl stop httpd    停掉
[root@localhost ~]# systemctl start httpd    启动
[root@localhost ~]# ss -antl
State             Recv-Q            Send-Q                       Local Address:Port                       Peer Address:Port            Process            
LISTEN            0                 128                                0.0.0.0:22                              0.0.0.0:*                                  
LISTEN            0                 128                                      *:80                                    *:*                                  
LISTEN            0                 128                                   [::]:22                                 [::]:*  

在电脑的C:/windows/systenm32/drivers/etc/hosts里打开记事本更改编译安装最新版httpd,配置三种不同虚拟主机,httpd配置,访问控制配置

 编译安装最新版httpd,配置三种不同虚拟主机,httpd配置,访问控制配置

 

 

 编译安装最新版httpd,配置三种不同虚拟主机,httpd配置,访问控制配置    编译安装最新版httpd,配置三种不同虚拟主机,httpd配置,访问控制配置

 

 

 

 访问控制

 1 [root@localhost ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf 
 2 
 3 
 4 <VirtualHost *:80>
 5     DocumentRoot "/usr/local/apache/htdocs/test.example.com"
 6     ServerName test.example.com
 7     ErrorLog "logs/test.example.com-error_log"
 8     CustomLog "logs/test.example.com-access_log" common
 9     <Directory "/usr/local/apache/htdocs/test.example.com">
10         <RequireAll>
11             Require not ip 192.168.149.1
12             Require all granted
13         </RequireAll>
14     </Directory>
15 </VirtualHost>
16 <VirtualHost *:80>
17     DocumentRoot "/usr/local/apache/htdocs/blog.example.com"
18     ServerName blog.example.com
19     ErrorLog "logs/blog.example.com-error_log"
20     CustomLog "logs/blog.example.com-access_log" common
21 </VirtualHost>
22 [root@localhost ~]# systemctl start httpd
23 [root@localhost ~]# ss -antl
24 State             Recv-Q            Send-Q                       Local Address:Port                       Peer Address:Port            Process            
25 LISTEN            0                 128                                0.0.0.0:22                              0.0.0.0:*                                  
26 LISTEN            0                 128                                      *:80                                    *:*                                  
27 LISTEN            0                 128                                   [::]:22                                 [::]:* 

编译安装最新版httpd,配置三种不同虚拟主机,httpd配置,访问控制配置编译安装最新版httpd,配置三种不同虚拟主机,httpd配置,访问控制配置

 

 

 ssl:
启用模块,如果已经有了但是注释了,则取消注释即可

1 [root@localhost conf]# vim httpd.conf
2 LoadModule ssl_module modules/mod_ssl.so

生成证书

 1 a)CA生成一对密钥
 2 [root@localhost conf]# cd /etc/pki
 3 [root@localhost pki]# mkdir CA  创建CA目录
 4 [root@localhost pki]# cd CA
 5 [root@localhost CA]# mkdir private  创建private目录
 6 [root@localhost CA]# ls
 7 private
 8 [root@localhost CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048)    生成密钥
 9 [root@localhost CA]# ls private/
10 cakey.pem
11 [root@localhost CA]# openssl rsa -in private/cakey.pem -pubout提取公钥
12 b) CA生成自签署证书
13 [root@localhost CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 365
14 [root@localhost CA]# ls
15 cacert.pem  private     生成证书
16 [root@localhost CA]# mkdir certs newcerts crl
17 [root@localhost CA]# ls   创建目录
18 cacert.pem  certs  crl  newcerts  private        生成两个文件
19 [root@localhost CA]# touch index.txt && echo 01 > serial
20 c) 客户端(例如httpd服务器)生成密钥
21 [root@localhost CA]# mkdir certs newcerts crl
22 [root@localhost conf]# mkdir ssl
23 [root@localhost conf]# ls
24 extra  httpd.conf  magic  mime.types  original  ssl
25 [root@localhost conf]# cd ssl/
26 [root@localhost ssl]# (umask 077;openssl genrsa -out httpd.key 2048)生成httpd.key的文件
27 [root@localhost ssl]# ls
28 httpd.key
29  d) 客户端生成证书签署请求
30 [root@localhost ssl]# openssl req -new -key httpd.key -days 365 -out httpd.csr     和刚才生成证书所填都一致
31 [root@localhost ssl]# ls
32 httpd.csr  httpd.key
33  f) CA签署客户端提交上来的证书
34 [root@localhost ssl]# openssl ca -in httpd.csr -out httpd.crt -days 365
35 [root@localhost ssl]# ls
36 httpd.crt    httpd.key    完成  一给公钥一个私钥

配置httpd

1 [root@localhost conf]# vim httpd.conf 
2 Include conf/extra/httpd-ssl.conf  注释取消掉
3 [root@localhost conf]# ls extra/
4 [root@localhost conf]# vim extra/httpd-ssl.conf修改配置文件
5 DocumentRoot "/usr/local/apache/htdocs/test.example.com"
6 ServerName test.example.com:443
7 SSLCertificateFile "/usr/local/apache/conf/ssl/httpd.crt"
8 SSLCertificateKeyFile "/usr/local/apache/conf/ssl/httpd.key"

   [root@localhost ~]# httpd -t   检查语法
   AH00526: Syntax error on line 92 of /usr/local/apache/conf/extra/httpd-ssl.conf:
   SSLSessionCache: ‘shmcb’ session cache not supported (known names: ). Maybe you need to load the appropriate socache module (mod_socache_shmcb?).
   [root@localhost ~]# vim /usr/local/apache/conf/httpd.conf

 LoadModule socache_shmcb_module modules/mod_socache_shmcb.so   注释取消掉

  

    [root@localhost ~]# httpd -t
     Syntax OK

启动服务

1 [root@localhost ~]# systemctl restart httpd 
2 [root@localhost ~]# ss -antl
3 State             Recv-Q            Send-Q                       Local Address:Port                       Peer Address:Port            Process            
4 LISTEN            0                 128                                0.0.0.0:22                              0.0.0.0:*                                  
5 LISTEN            0                 128                                      *:80                                    *:*                                  
6 LISTEN            0                 128                                   [::]:22                                 [::]:*                                  
7 LISTEN            0                 128                                      *:443                                   *:*                              443有了     
8 [root@localhost ~]# vim /usr/local/apache/conf/extra/httpd-vhosts.conf   把拒绝的删除点
9 [root@localhost ~]# http://test.example.com/

编译安装最新版httpd,配置三种不同虚拟主机,httpd配置,访问控制配置

 

原创文章,作者:6024010,如若转载,请注明出处:https://blog.ytso.com/245494.html

(0)
上一篇 2022年4月18日
下一篇 2022年4月18日

相关推荐

发表回复

登录后才能评论