Centos7 Apache配置虚拟主机的三种方式

举报
lxw1844912514 发表于 2022/03/27 02:17:10 2022/03/27
【摘要】 https://blog.csdn.net/tladagio/article/details/80760261 一、虚机主机的三种方式 1、基于IP 2、基于IP+端口 3、基于域名 官网文档:http://httpd.apache.org/docs/2.4/ 二、安装Apache ...

https://blog.csdn.net/tladagio/article/details/80760261

一、虚机主机的三种方式

1、基于IP

2、基于IP+端口

3、基于域名

官网文档:http://httpd.apache.org/docs/2.4/

二、安装Apache

1、系统环境


     
  1. [root@localhost ~]# cat /etc/redhat-release
  2. CentOS Linux release 7.2.1511 (Core)
  3. [root@localhost ~]# ip ad
  4. 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
  5. link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
  6. inet 127.0.0.1/8 scope host lo
  7. valid_lft forever preferred_lft forever
  8. inet6 ::1/128 scope host
  9. valid_lft forever preferred_lft forever
  10. 2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
  11. link/ether 00:0c:29:5c:ff:91 brd ff:ff:ff:ff:ff:ff
  12. inet 192.168.253.128/24 brd 192.168.253.255 scope global dynamic eno16777736
  13. valid_lft 1388sec preferred_lft 1388sec
  14. inet6 fe80::20c:29ff:fe5c:ff91/64 scope link
  15. valid_lft forever preferred_lft forever

2、yum安装


     
  1. [root@localhost ~]# yum install -y httpd
  2. *****
  3. ======================================================================================================================================================
  4. Package 架构 版本 源 大小
  5. ======================================================================================================================================================
  6. 正在安装:
  7. httpd x86_64 2.4.6-80.el7.centos base 2.7 M
  8. 为依赖而安装:
  9. apr x86_64 1.4.8-3.el7_4.1 base 103 k
  10. apr-util x86_64 1.5.2-6.el7 base 92 k
  11. httpd-tools x86_64 2.4.6-80.el7.centos base 89 k
  12. mailcap noarch 2.1.41-2.el7 base 31 k
  13. ***
  14. 已安装:
  15. httpd.x86_64 0:2.4.6-80.el7.centos
  16. 作为依赖被安装:
  17. apr.x86_64 0:1.4.8-3.el7_4.1 apr-util.x86_64 0:1.5.2-6.el7 httpd-tools.x86_64 0:2.4.6-80.el7.centos mailcap.noarch 0:2.1.41-2.el7
  18. 完毕!

可以查看安装了内容

[root@localhost ~]# rpm -ql httpd | less

    

3、配置Selinux文件,SELINUX=disabled。

[root@localhost ~]# vim /etc/selinux/config

    
SELINUX=disabled

SELINUXTYPE=targeted

或者临时关闭

[root@localhost ~]# setenforce 0

    

4、关闭防火墙


     
  1. [root@localhost ~]# systemctl stop firewalld
  2. [root@localhost ~]# systemctl disable firewalld
  3. Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
  4. Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.

5、启动httpd服务,访问测试

[root@localhost ~]# systemctl start httpd

    

三、修改主配置文件

1、查看apache主配置文件,确保存在以下配置,因为等下需要在conf.d/创建虚机主机配置。

[root@localhost ~]# vim  /etc/httpd/conf/httpd.conf 

    

IncludeOptional conf.d/*.conf

2、另外,把 Require all denied默认拒绝访问设置为允许访问: Require all granted,方便测试。


     
  1. <Directory />
  2. AllowOverride none
  3. # Require all denied
  4. Require all granted
  5. </Directory>

四、新增虚拟主机配置文件

1、添加基于多个IP的虚拟主机

1)创建配置文件


     
  1. [root@localhost ~]# cd /etc/httpd/conf.d/
  2. [root@localhost conf.d]# vim virtual.conf

 


     
  1. <VirtualHost 192.168.253.128:80>
  2. ServerName a.com
  3. DocumentRoot "/www/a.com/" #网页路径
  4. </VirtualHost>
  5. <VirtualHost 192.168.253.129:80>
  6. ServerName b.com
  7. DocumentRoot "/www/b.com/" #网页路径
  8. </VirtualHost>

2)网卡绑定多个IP(我的网卡名是eno16777736,不是eth0)


     
  1. [root@localhost conf.d]# ip addr add 192.168.253.129 dev eno16777736
  2. [root@localhost conf.d]# ip add
  3. 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
  4. link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
  5. inet 127.0.0.1/8 scope host lo
  6. valid_lft forever preferred_lft forever
  7. inet6 ::1/128 scope host
  8. valid_lft forever preferred_lft forever
  9. 2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
  10. link/ether 00:0c:29:5c:ff:91 brd ff:ff:ff:ff:ff:ff
  11. inet 192.168.253.128/24 brd 192.168.253.255 scope global dynamic eno16777736
  12. valid_lft 1542sec preferred_lft 1542sec
  13. inet 192.168.253.129/32 scope global eno16777736
  14. valid_lft forever preferred_lft forever
  15. inet6 fe80::20c:29ff:fe5c:ff91/64 scope link
  16. valid_lft forever preferred_lft forever

 

3)创建虚机主机a.com和b.com的主页面


     
  1. [root@localhost conf.d]# mkdir -pv /www/{a.com,b.com}
  2. mkdir: 已创建目录 "/www"
  3. mkdir: 已创建目录 "/www/a.com"
  4. mkdir: 已创建目录 "/www/b.com"
[root@localhost conf.d]# vim /www/a.com/index.html

    

<h1>Hello,a.com</h1>

[root@localhost conf.d]# vim /www/b.com/index.html

    
<h1>Hello,b.com</h1>

4)检查配置文件是否正常


     
  1. [root@localhost conf.d]# httpd -t
  2. AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
  3. Syntax OK

5)重启httpd服务

[root@localhost conf.d]# systemctl restart httpd

    

6)打开浏览器,查看结果

2、配置基于IP+端口的虚拟主机

1)创建配置文件


     
  1. [root@localhost ~]# cd /etc/httpd/conf.d/
  2. [root@localhost conf.d]# vim virtual.conf

 


     
  1. <VirtualHost 192.168.253.128:80>
  2. ServerName a.com
  3. DocumentRoot "/www/a.com/"
  4. </VirtualHost>
  5. <VirtualHost 192.168.253.128:8080>
  6. ServerName b.com
  7. DocumentRoot "/www/b.com/"
  8. </VirtualHost>

2)修改httpd主配置文件,在Listen 80下面添加一行监控8080端口

[root@localhost conf.d]# vim /etc/httpd/conf/httpd.conf

    

Listen 8080

3)创建虚机主机a.com和b.com的主页面(如果前面已经创建就不用重复)


     
  1. [root@localhost conf.d]# mkdir -pv /www/{a.com,b.com}
  2. mkdir: 已创建目录 "/www"
  3. mkdir: 已创建目录 "/www/a.com"
  4. mkdir: 已创建目录 "/www/b.com"
  5. [root@localhost conf.d]# vim /www/a.com/index.html

<h1>Hello,a.com</h1>

[root@localhost conf.d]# vim /www/b.com/index.html

    
<h1>Hello,b.com</h1>

4)检查配置文件


     
  1. [root@localhost conf.d]# httpd -t
  2. AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
  3. Syntax OK

 

5)重启httpd服务

[root@localhost conf.d]# systemctl restart httpd

    

6)打开浏览器,查看结果

3、基于域名的虚拟主机

1)创建配置文件


     
  1. [root@localhost ~]# cd /etc/httpd/conf.d/
  2. [root@localhost conf.d]# vim virtual.conf

     
  1. <VirtualHost *:80>
  2. ServerName a.com
  3. DocumentRoot "/www/a.com/"
  4. </VirtualHost>
  5. <VirtualHost *:80>
  6. ServerName b.com
  7. DocumentRoot "/www/b.com/"
  8. </VirtualHost>

 

2)修改物理主机hosts文件(C:\Windows\System32\drivers\etc),因为这里是因为物理机去访问Apache服务器

添加:

192.168.253.128 a.com

192.168.253.128 b.com

3)物理主机ping域名测试

4)创建虚机主机a.com和b.com的主页面(如果前面已经创建就不用重复)


     
  1. [root@localhost conf.d]# mkdir -pv /www/{a.com,b.com}
  2. mkdir: 已创建目录 "/www"
  3. mkdir: 已创建目录 "/www/a.com"
  4. mkdir: 已创建目录 "/www/b.com"

 

[root@localhost conf.d]# vim /www/a.com/index.html

    

<h1>Hello,a.com</h1>

[root@localhost conf.d]# vim /www/b.com/index.html

    
<h1>Hello,b.com</h1>

5)检查配置文件


     
  1. [root@localhost conf.d]# httpd -t
  2. AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
  3. Syntax OK

 

6)重启httpd服务

[root@localhost conf.d]# systemctl restart httpd

    

 

7)打开浏览器,查看结果

五、扩展虚机主机配置文件

1、先修改回apache主配置文件,设置 Require all denied默认拒绝访问


     
  1. <Directory />
  2. AllowOverride none
  3. Require all denied
  4. </Directory>

 


这时候再去访问以上的三种配置虚机主机,会全部访问不了。因此需要针对虚机目录设置访问权限。

2、修改虚拟主机配置文件


     
  1. [root@localhost ~]# cd /etc/httpd/conf.d/
  2. [root@localhost conf.d]# vim virtual.conf

<VirtualHost *:80>
        #绑定的主域
        ServerName a.com
        #绑定的子域名
        ServerAlias www.test.com
        #网站主目录
        DocumentRoot "/www/a.com/"
        #错误日志目录
        ErrorLog  "/var/log/httpd/a.com/error.log"
        #访问日志目录
       CustomLog "/va/log/httpd/a.com.access.log"
<Directory "www/a.com/">
        Options FollowSymLinks
        AllowOverride All
        #允许任意访问
        Require all granted
</Directory>
</VirtualHost>

3、创建日志目录

  1. [root@localhost b.com]# cd /var/log/httpd/
  2. [root@localhost httpd]# mkdir a.com
  3. [root@localhost httpd]# ll
  4. 总用量 60
  5. -rw-r --r--. 1 root root 37976 1月 23 22:26 access_log
  6. drwxr-xr-x. 2 root root 6 1月 23 22:41 a.com
  7. -rw-r --r--. 1 root root 17795 1月 23 22:38 error_log
  8. [root@localhost httpd]# cd a.com/
  9. [root@localhost a.com]# touch error.log
  10. [root@localhost a.com]# touch access.log

日志目录记得更改属主和属组为Apache,否则httpd启动失败

[root@localhost httpd]# chown -R apache:apache a.com/
   

4、配置指定IP可以访问虚拟主机(可以单个IP,也可以是一个网段)

[root@localhost conf.d]# vim /etc/httpd/conf.d/virtual.conf
   
  1. <VirtualHost *:80>
  2. #绑定的主域
  3. ServerName a.com
  4. #绑定的子域名
  5. ServerAlias www.test.com
  6. #网站主目录
  7. DocumentRoot "/www/a.com/"
  8. #错误日志目录
  9. ErrorLog "/var/log/httpd/a.com/error.log"
  10. #访问日志目录
  11. CustomLog "/va/log/httpd/a.com.access.log"
  12. <Directory "www/a.com/">
  13. Options FollowSymLinks
  14. AllowOverride All
  15. #允许任意访问
  16. Require ip 192.168.253.0/24
  17. </Directory>

5、配置指定用户可以访问虚拟主机

[root@localhost conf.d]# vim /etc/httpd/conf.d/virtual.conf

    
 
   

     
  1. <VirtualHost *:80>
  2. #绑定的主域
  3. ServerName a.com
  4. #绑定的子域名
  5. ServerAlias www.test.com
  6. #网站主目录
  7. DocumentRoot "/www/a.com/"
  8. #错误日志目录
  9. ErrorLog "/var/log/httpd/a.com/error.log"
  10. #访问日志目录
  11. CustomLog "/va/log/httpd/a.com.access.log"
  12. <Directory "www/a.com/">
  13. Options FollowSymLinks
  14. AllowOverride authconfig
  15. AuthType basic
  16. AuthName "Restrict area"
  17. AuthUserFile "etc/httpd/.htpasswd"
  18. Require valid-user
  19. </Directory>

 

创建用户文件,第一次创建的时候要加-c,以后创建都不用加-c,否则会覆盖原数据


     
  1. [root@localhost conf.d]# pwd
  2. /etc/httpd/conf.d
  3. [root@localhost conf.d]# htpasswd -h
  4. htpasswd: illegal option -- h
  5. Usage:
  6. htpasswd [-cimBdpsDv] [-C cost] passwordfile username
  7. htpasswd -b[cmBdpsDv] [-C cost] passwordfile username password
  8. htpasswd -n[imBdps] [-C cost] username
  9. htpasswd -nb[mBdps] [-C cost] username password
  10. -c Create a new file.
  11. -n Don't update file; display results on stdout.
  12. -b Use the password from the command line rather than prompting for it.
  13. -i Read password from stdin without verification (for script usage).
  14. -m Force MD5 encryption of the password (default).
  15. -B Force bcrypt encryption of the password (very secure).
  16. -C Set the computing time used for the bcrypt algorithm
  17. (higher is more secure but slower, default: 5, valid: 4 to 31).
  18. -d Force CRYPT encryption of the password (8 chars max, insecure).
  19. -s Force SHA encryption of the password (insecure).
  20. -p Do not encrypt the password (plaintext, insecure).
  21. -D Delete the specified user.
  22. -v Verify password for the specified user.
  23. On other systems than Windows and NetWare the '-p' flag will probably not work.
  24. The SHA algorithm does not use a salt and is less secure than the MD5 algorithm.
  25. [root@localhost conf.d]# htpasswd -c -m /etc/httpd/.htpasswd tom
  26. New password:
  27. Re-type new password:
  28. Adding password for user tom

 

重启httpd服务

    [root@localhost conf.d]# httpd -t
    AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
    Syntax OK
    [root@localhost conf.d]# systemctl restart httpd

 

在浏览器测试登录

6、Require参考

Require all granted
无条件允许访问。
Require all denied
访问被无条件拒绝。
Require env env-var [env-var] ...
只有在给定的环境变量之一被设置的情况下才允许访问。
Require method http-method [http-method] ...
只有给定的HTTP方法才允许访问。
Require expr expression
如果表达式计算结果为true,则允许访问。
Require user userid [userid] ...
只有指定的用户才能访问资源。
Require group group-name [group-name] ...
只有指定组中的用户才能访问资源。
Require valid-user
所有有效的用户都可以访问资源。
Require ip 10 172.20 192.168.2
指定IP地址范围内的客户端可以访问资源。

7、Options

None:不支持任何选项
Indexes:允许索引目录
FollowSymLinks:允许访问符号链接指向的原文件
Includes:允许执行服务端包含(SSI)
ExecCGI:允许允许CGI脚本
ALL:支持所有选项

 

 

版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/tladagio/article/details/80760261

文章来源: blog.csdn.net,作者:lxw1844912514,版权归原作者所有,如需转载,请联系作者。

原文链接:blog.csdn.net/lxw1844912514/article/details/100028992

【版权声明】本文为华为云社区用户转载文章,如果您发现本社区中有涉嫌抄袭的内容,欢迎发送邮件进行举报,并提供相关证据,一经查实,本社区将立刻删除涉嫌侵权内容,举报邮箱: cloudbbs@huaweicloud.com
  • 点赞
  • 收藏
  • 关注作者

评论(0

0/1000
抱歉,系统识别当前为高风险访问,暂不支持该操作

全部回复

上滑加载中

设置昵称

在此一键设置昵称,即可参与社区互动!

*长度不超过10个汉字或20个英文字符,设置后3个月内不可修改。

*长度不超过10个汉字或20个英文字符,设置后3个月内不可修改。