Apache configuration and Application

1, Build virtual Web host

1. Overview of virtual Web host

  • Virtual web host refers to running multiple web sites in the same server, in which each site does not occupy the whole server independently, so it is called "virtual" and "ieb host". Through virtual web host service, we can make full use of the hardware resources of the server, so as to greatly reduce the cost of website construction and operation.
  • Using httpd service can easily build a virtual host server. Just running one httpd service can support a large number of web sites at the same time
  • There are three types of virtual hosts supported by httpd service:
    1. Domain name based: use different domain names for each virtual host, but its corresponding IP address is the same. For example, www.benet.com COM and www.accp.com com
    The IP addresses of all sites are 192.168.80.10. This is the most commonly used type of virtual web host
    2. Based on IP address: different domain names are used for each virtual host, and their corresponding IP addresses are also different. This method requires multiple network interfaces for the server, so it is not widely used.
    3. Port based: this method does not use domain name and IP address to distinguish different site contents, but uses different TcP port numbers. Therefore, when browsing different virtual sites, users need to specify the port number at the same time to access

2. Domain name based virtual host

2.1 provide domain name resolution for virtual hosts

Temporarily configure the mapping relationship between domain name and IP address in the / etc/hosts file

echo "192.168.117.30 www.ng2.com" >> /etc/hosts
echo "192.168.117.30 www.ng3re.com" >> /etc/hosts

2.2 add virtual host configuration

vim /usr/local/httpd/conf/extra/httpd-vhosts.conf
#Source code compilation i translates the path of the installed virtual host configuration file
#vim /etc/httpd/conf.d/vhosts.conf
#Path to the virtual host configuration file for RPM or YUM installation
<VirtualHost 192.168.117.30:80>
#Set virtual combat area
#ServerAdmin webmaster@dummy-host.example.com
#Set administrator mailbox, this line can be ignored
DocumentRoot "/var/www/html/ng2"
#Site root settings
ServerName www.ng2.com
#Set the full domain name of the web site (host name + domain name)
ServerAlias www.dummy-host.example.com
ErrorLog "logs/ng2.com-error_log"
#Set the path of the error log file
CustomLog "logs/ng2.com-access_log" common
#Set the path to access the log file
</VirtualHost>
<VirtualHost 192.168.117.30:80>
DocumentRoot "/var/www/html/ng3re"
ServerName www.ng3re.com
ErrorLog "logs/ng3re.com-error_log"
CustomLog "logs/ng3re.com-access_log" common</VirtualHost>

2.3 preparing web documents for virtual hosts

mkdir -p /var/www/html/ng2
mkdir -p /var/www/html/ng3re

echo "<h1>www.ng2.com</h1>" > /var/www/html/ng2/index.html
echo "<h1>www.ng3re.com</h1>" > /var/www/html/ng3re/index.html

2.4 setting access control

vim /usr/local/httpd/conf/extra/httpd-vhosts.conf
<Directory "/var/www/html">
#Set directory access
options None
#Do not enable any server features
AllowOverride None
#Overriding Apache default configuration is not allowed
Require all granted
#Allow all hosts access
</Directory>

2.5 loading independent configuration files

vim /usr/local/httpd/conf/httpd.conf
#Source code compilation and installation of httpd service main configuration file path
------483 that 's ok------note off
Include conf/extra/httpd-vhosts.conf    #Load a stand-alone configuration file
systemctl restart httpd

2.6 accessing the virtual web host in the client

http://www.ng2.com
http://www.ng3re.com


2. Virtual host based on IP address

ifconfig ens33:0 192.168.117.100 netmask 255.255.255.0 
ifconfig

vim /usr/local/httpd/conf/extra/httpd-vhosts.conf

vim /usr/local/httpd/conf/httpd.conf
Listen 192.168.117.100:80

systemctl restart httpd


Accessing the virtual machine Web host in the client browser

3. Port based

Modify listening port

vim /usr/local/httpd/conf/extra/httpd-vhosts.conf

vim /usr/local/httpd/conf/httpd.conf

systemctl restart httpd           #Restart httpd service

Visit again

4, Apache connection retention

vim /usr/local/httpd/conf/extra/httpd-default.conf
KeepAlive on
MaxKeepAliveRequests 100
KeepAliveTimeout 5

5, Building web virtual directory and user authorization restrictions

1. Create user authentication data file

cd /usr/local/httpd/bin
./htpasswd -c /usr/local/httpd/user qq   #-c option means to create a new user data file. By default, it means that the specified user data file already exists. It is used to add a new user or modify the password of an existing user.
./htpasswd /usr/local/httpd/user ww    
cat /usr/local/httpd/user                      #Confirm user data file


2. Add user authorization configuration

vim /usr/local/httpd/conf/httpd.conf 
-----Last line add------
Alias /test /var/www/html/test               #Set the root directory of the virtual directory, / test is the name of the virtual directory
<Directory "/var/www/html/test">            #Set virtual directory configuration area
AuthName "Hello!"                           #Define the protected domain name, which will be displayed in the authentication dialog box
AuthType Basic                              #Set the type of authentication. Basic indicates basic authentication
AuthUserFile /usr/local/httpd/user     #Set the path of the authentication file used to save the user account and password
Require valid-user                          #Turn on user authentication. Only legal users in the authentication file can access it
#authgroupfile /usr/local/httpd/conf/group  #Set the path of the authentication file used to save the group account and password
#Require user zhangsan                      #Allow only specified users to access
#Require group zhangsan                     #Allow access only to specified groups
</Directory>

3. Verify user access rights

mkdir -p /var/www/html/test
echo "<h1>hello ng2</h1>" > /var/www/html/test/index.html
systemctl restart httpd


Browser access in client

http://192.168.117.30:80/test


6, Log segmentation

Use Apache's own rotatelogs segmentation tool to automatically segment Apache logs according to the date of each day

vim /usr/local/httpd/conf/httpd.conf
-----274 Near the line-----modify
ErrorLog "| /usr/local/bin/rotatelogs -l /var/log/httpd/error_%Y%m%d.log 86400"                #Split error log
-----304 Near the line-----modify
CustomLog "| /usr/local/bin/rotatelogs -l /var/log/httpd/access_%Y%m%d.log 86400" combined     #Split access log
vim /usr/local/httpd/conf/extra/httpd-vhosts.conf                                              #Virtual hosts can also be split
ErrorLog "| /usr/local/bin/rotatelogs -l /var/log/httpd/ng2.com-error_%F.log 86400"
CustomLog "| /usr/local/bin/rotatelogs -l /var/log/httpd/ng2.com- access_%F.log 86400" combined
#The beginning | is the pipe symbol.
#-The l option indicates that the local time is used as the time base.
#86400 means one day, that is, a new log file is generated every day.
mkdir /var/log/httpd                                                                           #Create the directory where the split log files are saved
systemctl restart httpd
ls /var/log/httpd

7, AWStats analysis system

1. Drag the AWStats package and unzip it

cd /opt
tar zxvf awstats-7.6.tar.gz
mv /opt/awstats-7.6 /usr/local/awstats

2. Statistics site establishment profile

cd /usr/local/awstats/tools
./awstats_configure.pl

Config file path ('none' to skip web server setup):
> /usr/local/httpd/conf/httpd.conf   #Enter the path to the httpd service master profile
Your web site,virtual server or profile name:
> www.abc.com                        #Enter the domain name of the site to be counted
 Everything else is y Or enter




3. Modify the access permission of awstats and load the CGI module

vim /usr/local/httpd/conf/httpd.conf
ErrorLog "logs/error_log"
CustomLog "logs/access_log" combined
-----143 that 's ok-----
LoadModule cgid_ module modules/mod_cgid.so          #note off
LoadModule cgi_module modules/mod_cgi.so             #note off

-----Skip to last line modification-----
<Directory "/usr/local/awstats/wwwroot">
Options None
AllowOverride None
#Order allow,deny         #Comment
#Allow from all           #Comment
Require all granted       #add to
</Directory>

4. Modify the site statistics configuration file

vim /etc/awstats/awstats.www.abc.com.conf
#50 lines
LogFile="/usr/local/httpd/logs/access_log"   #Modify access log file location
#220 lines
DirData="/var/lib/awstats"                   #The awstats directory does not exist by default and needs to be created manually
mkdir /var/lib/awstats

5. Perform log analysis and set cron scheduling tasks

systemctl restart httpd
cd /usr/local/awstats/tools/
./awstats_updateall.pl now          #Update data (log file path specified according to site configuration file)

crontab -e                          #Write scheduled tasks and update log file data every 5 minutes
*/5 * * * * /usr/local/awstats/tools/awstats_updateall.pl now
systemctl start crond

6. Visit the AwStats analysis system site

systemctl stop firewalld
systemctl disable firewalld
setenforce 0
echo "192.168.117.30 www.abc.com" >> /etc/hosts

Browser access

http://www.abc.com/awstats/awstats.pl?config=www.abc.com

Tags: Linux Apache

Posted by baronmask on Tue, 29 Mar 2022 22:19:18 +0300