web网站服务(2)

Posted on 2020-06-17 10:16  留不住的时间  阅读(274)  评论(0编辑  收藏  举报

web网站服务实验

 

实验名称:

web网站访问控制和虚拟主机

二、 实验目的: 

http服务的目录授权

虚拟web主机的配置

实验环境: 

 

设备名称

系统版本

IP地址

所需软件

Web服务器

CentOS-7.3

eth0=192.168.10.101

Httpd-2.24.25.tar.gz

 

客户端

CentOS-7.3

eth0=192.168.10.102

 

 

四:实验思路:

安装httpd服务器

httpd服务器的访问控制

虚拟主机:基于ip,基于端口,基于域名

 

实验过程

 

一:访问控制(要先装apache并调试好)

1:客户机地址限制

允许所有主机访问:Require all granted

拒绝所有主机访问:Require all denied

仅允许本地主机访问:Require local

允许或拒绝制定主机访问:Require [not] host

允许或拒绝制定IP或网段访问:Require [not] ip

 

1)允许所有主机访问

[root@localhost ~]# vi /usr/local/httpd/conf/httpd.conf

    <Directory "/usr/local/httpd/htdocs"> ##225

    Options None

    AllowOverride None

    Require all granted

    </Directory>

[root@localhost ~]# service httpd restart

 

2)允许指定IP访问

[root@localhost ~]# vi /usr/local/httpd/conf/httpd.conf

<Directory "/usr/local/httpd/htdocs">

    Options None

    AllowOverride None

    Require ip 192.168.10.102

</Directory>

[root@localhost ~]# service httpd restart

 

3)拒绝指定IP访问

<Directory "/usr/local/httpd/htdocs">

    Options None

    AllowOverride None

<RequireAll>

    Require all granted

    Require not ip 192.168.10.102

</RequireAll>

</Directory>

[root@localhost ~]# service httpd restart

 

2:用户授权限制

[root@localhost ~]# cd /usr/local/httpd/

[root@localhost httpd]# bin/htpasswd -c /usr/local/httpd/conf/.webpwd admin   ## -c为创建,添加用户不用加-c

按提示输入两次密码

[root@localhost httpd]# cat /usr/local/httpd/conf/.webpwd    

 

[root@localhost httpd]# vi /usr/local/httpd/conf/httpd.conf

<Directory "/usr/local/httpd/htdocs">

   Options None       

   AllowOverride None   

   AuthName "web access"

   AuthType Basic

   AuthUserFile /usr/local/httpd/conf/.webpwd

   Require valid-user

#Require user admin

</Directory>

[root@localhost httpd]# service httpd restart

[root@localhost httpd]# /usr/local/httpd/bin/apachectl restart     \\也可以重启

访问时要求输入密码

 

二:构建虚拟web主机

有三种方法:

  • 基于域名
  • 基于IP
  • 基于端口

1:基于域名的虚拟主机

1):为虚拟主机提供域名解析

在客户端(linux)设置hosts,提供域名解析

[root@localhost ~]# vi /etc/hosts

192.168.10.101  www.benet.com

192.168.10.101  www.accp.com

 

2):为虚拟主机准备网页

[root@localhost ~]# mkdir -p /var/www/html/benetcom

[root@localhost ~]# mkdir -p /var/www/html/accpcom

[root@localhost ~]# echo "<h1>www.benet.com</h1>" > /var/www/html/benetcom/index.html

[root@localhost ~]# echo "<h1>www.accp.com</h1>" > /var/www/html/accpcom/index.html

 

3):添加虚拟主机配置,基于域名的虚拟主机

[root@localhost ~]# vi /usr/local/httpd/conf/extra/httpd-vhosts.conf

<Directory "/var/www/html">

Require all granted

</Directory>

 

<VirtualHost 192.168.10.101>

    ServerAdmin webmaster@dummy-host.example.com

    DocumentRoot "/var/www/html/benetcom"

    ServerName www.benet.com

    ServerAlias www.dummy-host.example.com

    ErrorLog "logs/www.benet.com.error_log"

    CustomLog "logs/www.benet.com.access_log" common

</VirtualHost>

<VirtualHost 192.168.10.101>

    ServerAdmin webmaster@dummy-host2.example.com

    DocumentRoot "/var/www/html/accpcom"

    ServerName www.accp.com

    ErrorLog "logs/www.accp.com.error_log"

    CustomLog "logs/www.accp.com.access_log" common

</VirtualHost>

[root@localhost ~]# vi /usr/local/httpd/conf/httpd.conf

去掉注释符

    Include conf/extra/httpd-vhosts.conf

[root@localhost ~]# service httpd restart

分别用www.benet.comwww.accp.com访问

 

2:基于ip地址的虚拟主机

为服务器添加网卡

设置其ip地址为192.168.10.200

用两个ip地址访问

[root@localhost ~]# vi /usr/local/httpd/conf/extra/httpd-vhosts.conf

<Directory "/var/www/html">

Require all granted

</Directory>

 

<VirtualHost 192.168.10.101>

    ServerAdmin webmaster@dummy-host.example.com

    DocumentRoot "/var/www/html/benetcom"

    ServerName www.benet.com

    ServerAlias www.dummy-host.example.com

    ErrorLog "logs/www.benet.com.error_log"

    CustomLog "logs/www.benet.com.access_log" common

</VirtualHost>

<VirtualHost 192.168.10.200>

    ServerAdmin webmaster@dummy-host2.example.com

    DocumentRoot "/var/www/html/accpcom"

    ServerName www.accp.com

    ErrorLog "logs/www.accp.com.error_log"

    CustomLog "logs/www.accp.com.access_log" common

</VirtualHost>

3:基于端口号的虚拟主机

[root@localhost ~]# vi /usr/local/httpd/conf/extra/httpd-vhosts.conf

<Directory "/var/www/html">

Require all granted

</Directory>

 

<VirtualHost 192.16810.101:5000>

    ServerAdmin webmaster@dummy-host.example.com

    DocumentRoot "/var/www/html/benetcom"

    ServerName www.benet.com

    ServerAlias www.dummy-host.example.com

    ErrorLog "logs/www.benet.com.error_log"

    CustomLog "logs/www.benet.com.error_log" common

</VirtualHost>

<VirtualHost 192.168.10.101:8000>

    ServerAdmin webmaster@dummy-host2.example.com

    DocumentRoot "/var/www/html/accpcom"

    ServerName www.accp.com

    ErrorLog "logs/www.accp.com.error_log"

    CustomLog "logs/www.accp.com.error_log" common

</VirtualHost>

[root@localhost ~]# vi /usr/local/httpd/conf/httpd.conf

添加

    Listen 5000   ##52

    Listen 8000

[root@localhost ~]# service httpd restart