Httpd練習(xí)

練習(xí):

1、建立httpd服務(wù),要求:
(1)提供兩個(gè)基于名稱的虛擬主機(jī):
www1.stuX.com,頁面文件目錄為/web/vhosts/www1 ;錯(cuò)誤日志為/var/log/www1/error_log, 訪問日志為/var/log/httpd/www1/access_log;
www2.stuX.com,頁面文件目錄為/web/vhosts/www2 ;錯(cuò)誤日志為/var/log/www2/error_log, 訪問日志為/var/log/httpd/www2/access_log;
(2)通過www1.stuX.com/server-status輸出其狀態(tài)信息且要求只允許提供賬號(hào)的用戶訪問;
(3)www1不允許192.168.1.0/24網(wǎng)絡(luò)中的主機(jī)訪問;

2、為上面的第二個(gè)虛擬主機(jī)提供https服務(wù),使用戶可以通過https安全的訪問此web站點(diǎn);
(1) 要求使用證書認(rèn)證,證書中要求國家(CN),州(Beijing),城市(Beijing),組織為(MageEdu);
(2)設(shè)置部門為Ops,主機(jī)名為www2.stuX.com

www1.conf

<VirtualHost *:80>
    ServerName www1.stuX.com
    DocumentRoot "/web/vhosts/www1"
    ErrorLog "/var/log/httpd/www1/error_log"
    CustomLog "/var/log/httpd/www1/access_log" combined
    <Directory "/web/vhosts/www1">
        Options None
#        Require all granted
        <Requireall>
            Require not ip 192.168.1
            Require ip 192.168
        </Requireall>
    </Directory>
    <Location /server-status>
        SetHandler server-status
        <RequireAll>
            Require ip 192.168
        </requireAll>
    </Location>
</VirtualHost>

www2.conf

<VirtualHost *:80>
    ServerName www2.stuX.com
    DocumentRoot "/web/vhosts/www2"
    ErrorLog "/var/log/httpd/www2/error_log"
    CustomLog "/var/log/httpd/www2/access_log" combined
    <Directory "/web/vhosts/www2">
        Options None
        Require all granted
    </Directory>
</VirtualHost>

ssl.conf

# General setup for the virtual host, inherited from global configuration
#DocumentRoot "/var/www/html"
#ServerName www.example.com:443
DocumentRoot "/web/vhosts/www2"
ServerName www2.stuX.com:443
<Directory "/web/vhosts/www2">
Options None
Require all granted
</Directory>

#   Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate.  If
# the certificate is encrypted, then you will be prompted for a
# pass phrase.  Note that a kill -HUP will prompt again.  A new
# certificate can be generated using the genkey(1) command.
#SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateFile /etc/httpd/ssl/httpd_crt.pem

#   Server Private Key:
#   If the key is not combined with the certificate, use this
#   directive to point at the key file.  Keep in mind that if
#   you've both a RSA and a DSA private key you can configure
#   both in parallel (to also allow the use of DSA ciphers, etc.)
#SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
SSLCertificateKeyFile /etc/httpd/ssl/httpd_key.pem
最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

友情鏈接更多精彩內(nèi)容