####apache服务(二)####
1.网页重写与虚拟主机的https[root@web-1 html]# cd /etc/httpd/conf.d/[root@web-1 conf.d]# firewall-cmd --permanent --add-service=http success[root@web-1 conf.d]# firewall-cmd --permanent --add-service=httpssuccess[root@web-1 conf.d]# firewall-cmd --reload success[root@web-1 conf.d]# vim music.conf <Virtualhost *:80> Servername music.westos.com RewriteEngine on 允许网页重写 RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301] ##重写为https</Virtualhost><Directory "/var/www/virtual/music.westos.com/html"> Require all granted ##授权</Directory><Virtualhost *:443> ##443端口 Servername music.westos.com Documentroot /var/www/virtual/music.westos.com/html Customlog "logs/default-443.log" combined ##产生的日志放在logs/default-443.log 下 SSLEngine on ##开启认证 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##证书 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key ##钥匙</Virtualhost>[root@web-1 conf.d]# vim news.conf <Virtualhost *:80> Servername news.westos.com RewriteEngine on RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]</Virtualhost><Directory "/var/www/virtual/news.westos.com/html"> Require all granted</Directory><Virtualhost *:443> Servername news.westos.com Documentroot /var/www/virtual/news.westos.com/html Customlog "logs/news-443.log" combined SSLEngine on SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key</Virtualhost>[root@web-1 conf.d]# systemctl restart httpd测试机操作[root@maillinux ~]# vim /etc/hosts172.25.254.109 www.westos.com westos.com news.westos.com music.westos.com打开firefox输入http://music.westos.com 会自动跳转为https://music.westos.com.php[root@web-1 html]# vim index.php <?phpphpinfo ();?>[root@web-1 html]# vim /etc/httpd/conf/httpd.conf ##编辑配置文件在163行添加index.php 163 DirectoryIndex index.php index.html ##apache默认读取的文件是index.php[root@web-1 html]# chmod +x /var/www/html ##给/var/www/html添加执行权限[root@web-1 html]# systemctl restart httpd.service ##重启服务2.cgi通用网管接口[root@web-1 html]# mkdir cgi ##建立cgi目录[root@web-1 html]# yum install http-manual -y ##下载http手册[root@web-1 html]# cd cgi/[root@web-1 cgi]# vim index.cgi #!/usr/bin/perlprint "Content-type: text/html\n\n"; print `date`;[root@web-1 html]# cd /etc/httpd/conf.d/[root@web-1 conf.d]# vim default.conf <Virtualhost _default_:80> DocumentRoot /var/www/html Customlog "logs/default.log" combined</Virtualhost><Directory "/var/www/html"> Options +ExecCGI AddHandler cgi-script .cgi</Directory>[root@web-1 conf.d]# chmod +x /var/www/html/cgi/*[root@web-1 conf.d]# semanage fcontext -a -t httpd_sys_script_exec_t '/var/www/html/cgi/(/.*)?' ##设置安全上下文[root@web-1 conf.d]# restorecon -RvvF /var/www/html/cgi/ ##刷新标签[root@web-1 conf.d]# systemctl restart httpd.service ##重启httpd服务 论坛 [root@web-1 html]# yum install mariadb -y 安装数据库 若没有安装数据库,安装后要进行安全设置。因为一般情况下我们不会把数据库的端口裸露在外,所以要隐藏端口。[root@web-1 html]# vim /etc/my.cnf 10 skip-networking=1 ##隐藏数据库端口[root@web-1 html]# netstat -antlpe | grep mariadb ##查看数据库开放端口[root@web-1 html]# setenforce 0 ##selinux改为警告模式[root@web-1 html]# systemctl start mariadb ##开启数据库下载论坛安装包Discuz_X3.2_SC_UTF8.zip[root@web-1 html]# unzip Discuz_X3.2_SC_UTF8.zip 解压后进入[root@web-1 html]# chmod 777 upload/ -R接下来进入到到浏览器按照提示进行操作。suqid 正向代理当你所在的主机不能访问到你所访问到的内容时,可以设置一个代理服务器,这个代理服务器上必须有你所需要的内容,这是你就可以通过代理主机squid反向代理服务在操作前要先卸载httpd服务,我们这台机子作为代理服务器,[root@web-1 conf.d]# yum install squid -y[root@web-1 conf.d]# systemctl start squid[root@web-1 conf.d]# vim /etc/squid/squid.conf56 http_access allow all 59 http_port 80 vhost vport 60 cache_peer 172.25.254.3 parent 80 0 no-query originserver round-robin name=w eb1 61 cache_peer 172.25.254.4 parent 80 0 no-query originserver round-robin name=w eb2 62 cache_peer_domain web1 web2 www.bili.com## 配置文件中添加的内容在/usr/share/doc/squid-3.3.8/squid.conf.documented 中都有)[root@web-1 conf.d]# systemctl restart squid