• RHCE(三)--- 基于HTTP、HTTPS搭建静态网页

    目录

    一、http配置文件

    二、综合练习:请给openlab搭建web网站

    1、配置 /etc/httpd/conf.d/vhosts.conf(首先确保安装httpd)

    2、创建对应目录和用户

    3、写入相应内容到相应目录下的 index.hcml文件中(网页显示的内容)

    4、配置缴费网站(www.openlab.com/money)基于https访问

    (1)安装mod_ssl 加密模块

    (2)生成证书

    (3)修改 /etc/httpd/conf.d/vhosts.conf 下的关于www.openlab.com/money部分

    5、重启服务

    三、测试

    1、在缓存文件 /etc/hosts 中添加 IP 与域名信息

    2、访问www.openlab.com

    3、只有 song 和 tian 可以访问www.openlab.com/student,其他用户不能访问

    4、访问www.openlab.com/data

    5、数据加密访问www.openlab.com/money

    一、http配置文件

    1、httpd主配置文件在 /etc/httpd/conf/httpd.conf

    2、额外的参数文件 /etc/httpd/conf.d/*.conf

    3、设置默认访问apache欢迎界面的配置文件 /etc/httpd/conf.d/welcome.conf

    4、apache欢迎界面的具体文件 /usr/share/httpd/noindex/index.html

    5、默认的首页所在目录/var/www/html/,当输入网址时所显示的数据,就是放在这个目录当中的首页文件(默认为index.html)

    6、自己定义的静态页面是在/var/www/html目录,因为主配置文件中DocumentRoot "/var/www/html"  #网页文件存放的目录

    7、静态网页的名字是index.html 是因为主配置文件中目录模块配置的目录索引,索引文件名为index.html

    #加载一个目录模块
         DirectoryIndex index.html

    8、默认给一些可执行的CGI(网页程序)程序放置的目录/var/www/cgi-bin/,当输入网址/cgi-bin/时所显示的数据所在

    9、默认的Apache日志文件都放在/var/log/httpd/


    二、综合练习:请给openlab搭建web网站

    1.基于域名[www.openlab.com](http://www.openlab.com)可以访问网站内容为 welcome to openlab!!!


    2.给该公司创建三个子界面分别显示学生信息,教学资料和缴费网站

    [www.openlab.com/student(http://www.openlab.com/student) 网站访问学生信息

    [www.openlab.com/data](http://www.openlab.com/data)网站访问教学资料
    [www.openlab.com/money](http://www.openlab.com/money网站访问缴费网站)

    3.要求(1)学生信息网站只有song和tian两人可以访问,其他用户不能访问

              (2)访问缴费网站实现数据加密基于https访问

    1、配置 /etc/httpd/conf.d/vhosts.conf(首先确保安装httpd)

    1. [root@server ~]# vim /etc/httpd/conf.d/vhosts.conf
    2.  
    3.  
    4. 192.168.225.140:80>
    5.         DocumentRoot /www/openlab
    6.         ServerName www.openlab.com
    8.  
    9. 192.168.225.140:80>
    10.         DocumentRoot /www/openlab/student
    11.         ServerName www.openlab.com/student
    13.  
    14. 192.168.225.140:80>
    15.         DocumentRoot /www/openlab/data
    16.         ServerName www.openlab.com/data
    18.  
    19. 192.168.225.140:80>
    20.         DocumentRoot /www/openlab/money
    21.         ServerName www.openlab.com/money
    23.  
    25.         AllowOverride none
    26.         Require all granted
    28.  
    29. //用户认证
    31.         AuthType Basic                    //基本认证类型
    32.         AuthName "Please login:"          //提示信息
    33.         AuthUserFile /etc/httpd/userfile  //用户认证文件的用户名和密码指定的文件所在位置
    34.         Require user song     //指定哪个用户可以访问服务器
    35.         Require user tian
    37.

    2、创建对应目录和用户

    1. [root@server ~]# mkdir /www/openlab/{student,data,money} -pv
    2. mkdir: created directory '/www'
    3. mkdir: created directory '/www/openlab'
    4. mkdir: created directory '/www/openlab/student'
    5. mkdir: created directory '/www/openlab/data'
    6. mkdir: created directory '/www/openlab/money'
    7.  
    8. [root@server ~]# htpasswd -c /etc/httpd/userfile song
    9. New password: 
    10. Re-type new password: 
    11. Adding password for user song
    12. [root@server ~]# htpasswd /etc/httpd/userfile tian
    13. New password: 
    14. Re-type new password: 
    15. Adding password for user tian
    16. [root@server ~]# htpasswd /etc/httpd/userfile wu
    17. New password: 
    18. Re-type new password: 
    19. Adding password for user wu

    3、写入相应内容到相应目录下的 index.hcml文件中(网页显示的内容)

    1. [root@server ~]# echo welcome to openlab > /www/openlab/index.html
    2. [root@server ~]# echo student information > /www/openlab/student/index.html
    3. [root@server ~]# echo teaching information > /www/openlab/data/index.html
    4. [root@server ~]# echo payment information > /www/openlab/money/index.html

    4、配置缴费网站(www.openlab.com/money)基于https访问

    (1)安装mod_ssl 加密模块

    [root@server ~]# yum install mod_ssl -y

    1. [root@server ~]# vim /etc/httpd/conf.d/ssl.conf
    2.  
    3. 443>
    4. SSLEngine on      //开启ssl认证访问
    5. SSLCertificateFile /etc/pki/tls/certs/localhost.crt     //指定证书路径
    6. SSLCertificateKeyFile /etc/pki/tls/private/localhost.key   //指定私钥文件路径

    (2)生成证书

    1. [root@server ~]# openssl req -newkey rsa:4096 -nodes -sha256 -keyout /etc/pki/tls/private/openlab.key -x509 -days 365 -out /etc/pki/tls/certs/openlab.crt
    2. Generating a RSA private key
    3. ..........................................................................................++++
    4. .............................................................++++
    5. writing new private key to '/etc/pki/tls/private/openlab.key'
    6. -----
    7. You are about to be asked to enter information that will be incorporated
    8. into your certificate request.
    9. What you are about to enter is what is called a Distinguished Name or a DN.
    10. There are quite a few fields but you can leave some blank
    11. For some fields there will be a default value,
    12. If you enter '.', the field will be left blank.
    13. -----
    14. Country Name (2 letter code) [XX]:86
    15. State or Province Name (full name) []:shannxi                
    16. Locality Name (eg, city) [Default City]:xi'an   
    17. Organization Name (eg, company) [Default Company Ltd]:openlab
    18. Organizational Unit Name (eg, section) []:ce
    19. Common Name (eg, your name or your server's hostname) []:xixi
    20. Email Address []:ada
    1. [root@server ~]# ll /etc/pki/tls/private/
    2. total 4
    3. -rw-------. 1 root root 3272 Sep  6 20:45 openlab.key
    4. [root@server ~]# ll /etc/pki/tls/certs
    5. total 4
    6. lrwxrwxrwx. 1 root root   49 Jun 17  2021 ca-bundle.crt -> /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
    7. lrwxrwxrwx. 1 root root   55 Jun 17  2021 ca-bundle.trust.crt -> /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt
    8. -rw-r--r--. 1 root root 2057 Sep  6 20:50 openlab.crt

    (3)修改 /etc/httpd/conf.d/vhosts.conf 下的关于www.openlab.com/money部分

    1. [root@server ~]# vim /etc/httpd/conf.d/vhosts.conf 
    2.  
    3. 192.168.225.140:443>   //修改端口为443
    4.         DocumentRoot /www/openlab/money
    5.         ServerName www.openlab.com/money
    6.         SSLEngine on          //开启ssl认证访问
    7.         SSLCertificateFile /etc/pki/tls/certs/openlab.crt        //指定证书路径
    8.         SSLCertificateKeyFile /etc/pki/tls/private/openlab.key   //指定私钥文件路径

    5、重启服务

    [root@server ~]# systemctl restart httpd


    三、测试

    1、在缓存文件 /etc/hosts 中添加 IP 与域名信息

    1. [root@server ~]# vim /etc/hosts
    2.  
    3. 127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
    4. ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
    5. 192.168.225.140 www.openlab.com
    windows 下的 hosts 文件路径:
    C:\Windows\System32\drivers\etc\hosts
     

    2、访问www.openlab.com

    1. [root@server ~]# curl www.openlab.com
    2. welcome to openlab

    3、只有 song 和 tian 可以访问www.openlab.com/student,其他用户不能访问

    1. [root@server ~]# curl www.openlab.com/student/ -u song
    2. Enter host password for user 'song':
    3. student information
    4. [root@server ~]# curl www.openlab.com/student/ -u tian
    5. Enter host password for user 'tian':
    6. student information
    7. [root@server ~]# curl www.openlab.com/student/ -u wu
    8. Enter host password for user 'wu':
    9. "-//IETF//DTD HTML 2.0//EN">
    11. <span class="hljs-number">401</span> Unauthorized      //请求未经授权
    13. Unauthorized
    14. This server could not verify that you
    15. are authorized to access the document
    16. requested.  Either you supplied the wrong
    17. credentials (e.g., bad password), or your
    18. browser doesn't understand how to supply
    19. the credentials required.

    4、访问www.openlab.com/data

    1. [root@server ~]# curl www.openlab.com/data/
    2. teaching information

    5、数据加密访问www.openlab.com/money

     

  • 相关阅读:
    【TB作品】MSP430,G2533单片机,红外发射,红外接收,红外通信,IR发射
    深度解读:金融企业容器云平台存储如何选型
    c#使用UDP进行聊天通信
    Vue基础5
    计算机网络相关知识点总结(一)
    (附源码)php校园寝室分配查询系统 毕业设计 032027
    快照和镜像
    Zabbix
    21.ref属性
    洛谷 P3128 [USACO15DEC] Max Flow P
  • 原文地址:https://blog.csdn.net/weixin_58299245/article/details/126677799