1、基于IP

2、基于IP+端口

3、基于域名

官网文档：http://httpd.apache.org/docs/2.4/

1、系统环境

[root@localhost ~]# cat /etc/redhat-release

CentOS Linux release 7.2.1511 (Core)

[root@localhost ~]# ip ad

1: lo: mtu 65536 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eno16777736: mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:5c:ff:91 brd ff:ff:ff:ff:ff:ff

inet 192.168.253.128/24 brd 192.168.253.255 scope global dynamic eno16777736

valid_lft 1388sec preferred_lft 1388sec

inet6 fe80::20c:29ff:fe5c:ff91/64 scope link

valid_lft forever preferred_lft forever

2、yum安装

[root@localhost ~]# yum install -y httpd

*****

======================================================================================================================================================

Package 架构 版本 源 大小

======================================================================================================================================================

正在安装:

httpd x86_64 2.4.6-80.el7.centos base 2.7 M

为依赖而安装:

apr x86_64 1.4.8-3.el7_4.1 base 103 k

apr-util x86_64 1.5.2-6.el7 base 92 k

httpd-tools x86_64 2.4.6-80.el7.centos base 89 k

mailcap noarch 2.1.41-2.el7 base 31 k

***

已安装:

httpd.x86_64 0:2.4.6-80.el7.centos

作为依赖被安装:

apr.x86_64 0:1.4.8-3.el7_4.1 apr-util.x86_64 0:1.5.2-6.el7 httpd-tools.x86_64 0:2.4.6-80.el7.centos mailcap.noarch 0:2.1.41-2.el7

完毕！

可以查看安装了内容

[root@localhost ~]# rpm -ql httpd | less

3、配置Selinux文件，SELINUX=disabled。

[root@localhost ~]# vim /etc/selinux/config

SELINUXTYPE=targeted

或者临时关闭

[root@localhost ~]# setenforce 0

4、关闭防火墙

[root@localhost ~]# systemctl stop firewalld

[root@localhost ~]# systemctl disable firewalld

Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.

5、启动httpd服务，访问测试

[root@localhost ~]# systemctl start httpd

1、查看apache主配置文件，确保存在以下配置，因为等下需要在conf.d/创建虚机主机配置。

[root@localhost ~]# vim /etc/httpd/conf/httpd.conf

IncludeOptional conf.d/*.conf

2、另外，把 Require all denied默认拒绝访问设置为允许访问： Require all granted，方便测试。

AllowOverride none

# Require all denied

Require all granted

1）创建配置文件

[root@localhost ~]# cd /etc/httpd/conf.d/

[root@localhost conf.d]# vim virtual.conf

ServerName a.com

DocumentRoot "/www/a.com/" #网页路径

ServerName b.com

DocumentRoot "/www/b.com/" #网页路径

2）网卡绑定多个IP（我的网卡名是eno16777736，不是eth0）

[root@localhost conf.d]# ip addr add 192.168.253.129 dev eno16777736

[root@localhost conf.d]# ip add

1: lo: mtu 65536 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eno16777736: mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:5c:ff:91 brd ff:ff:ff:ff:ff:ff

inet 192.168.253.128/24 brd 192.168.253.255 scope global dynamic eno16777736

valid_lft 1542sec preferred_lft 1542sec

inet 192.168.253.129/32 scope global eno16777736

valid_lft forever preferred_lft forever

inet6 fe80::20c:29ff:fe5c:ff91/64 scope link

valid_lft forever preferred_lft forever

3）创建虚机主机a.com和b.com的主页面

[root@localhost conf.d]# mkdir -pv /www/{a.com,b.com}

mkdir: 已创建目录 "/www"

mkdir: 已创建目录 "/www/a.com"

mkdir: 已创建目录 "/www/b.com"

[root@localhost conf.d]# vim /www/a.com/index.html

Hello,a.com

[root@localhost conf.d]# vim /www/b.com/index.html

4）检查配置文件是否正常

[root@localhost conf.d]# httpd -t

AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message

Syntax OK

5）重启httpd服务

[root@localhost conf.d]# systemctl restart httpd

6）打开浏览器，查看结果

1）创建配置文件

[root@localhost ~]# cd /etc/httpd/conf.d/

[root@localhost conf.d]# vim virtual.conf

ServerName a.com

DocumentRoot "/www/a.com/"

ServerName b.com

DocumentRoot "/www/b.com/"

2）修改httpd主配置文件，在Listen 80下面添加一行监控8080端口

[root@localhost conf.d]# vim /etc/httpd/conf/httpd.conf

Listen 8080

3）创建虚机主机a.com和b.com的主页面（如果前面已经创建就不用重复）

[root@localhost conf.d]# mkdir -pv /www/{a.com,b.com}

mkdir: 已创建目录 "/www"

mkdir: 已创建目录 "/www/a.com"

mkdir: 已创建目录 "/www/b.com"

[root@localhost conf.d]# vim /www/a.com/index.html

Hello,a.com

[root@localhost conf.d]# vim /www/b.com/index.html

4）检查配置文件

[root@localhost conf.d]# httpd -t

AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message

Syntax OK

5）重启httpd服务

[root@localhost conf.d]# systemctl restart httpd

6）打开浏览器，查看结果

1）创建配置文件

[root@localhost ~]# cd /etc/httpd/conf.d/

[root@localhost conf.d]# vim virtual.conf

ServerName a.com

DocumentRoot "/www/a.com/"

ServerName b.com

DocumentRoot "/www/b.com/"

2）修改物理主机hosts文件（C:\Windows\System32\drivers\etc），因为这里是因为物理机去访问Apache服务器

添加：

192.168.253.128 a.com

3）物理主机ping域名测试

4）创建虚机主机a.com和b.com的主页面（如果前面已经创建就不用重复）

[root@localhost conf.d]# mkdir -pv /www/{a.com,b.com}

mkdir: 已创建目录 "/www"

mkdir: 已创建目录 "/www/a.com"

mkdir: 已创建目录 "/www/b.com"

[root@localhost conf.d]# vim /www/a.com/index.html

Hello,a.com

[root@localhost conf.d]# vim /www/b.com/index.html

5）检查配置文件

[root@localhost conf.d]# httpd -t

AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message

Syntax OK

6）重启httpd服务

[root@localhost conf.d]# systemctl restart httpd

7）打开浏览器，查看结果

1、先修改回apache主配置文件，设置 Require all denied默认拒绝访问

AllowOverride none

Require all denied

这时候再去访问以上的三种配置虚机主机，会全部访问不了。因此需要针对虚机目录设置访问权限。

2、修改虚拟主机配置文件

[root@localhost ~]# cd /etc/httpd/conf.d/

[root@localhost conf.d]# vim virtual.conf

#绑定的主域

ServerName a.com

#绑定的子域名

ServerAlias www.test.com

#网站主目录

DocumentRoot "/www/a.com/"

#错误日志目录

ErrorLog  "/var/log/httpd/a.com/error.log"

#访问日志目录

CustomLog "/va/log/httpd/a.com.access.log"

Options FollowSymLinks

AllowOverride All

#允许任意访问

Require all granted

3、创建日志目录

[root@localhost b.com]# cd /var/log/httpd/

[root@localhost httpd]# mkdir a.com

[root@localhost httpd]# ll

总用量 60

-rw-r --r--. 1 root root 37976 1月 23 22:26 access_log

drwxr-xr-x. 2 root root 6 1月 23 22:41 a.com

-rw-r --r--. 1 root root 17795 1月 23 22:38 error_log

[root@localhost httpd]# cd a.com/

[root@localhost a.com]# touch error.log

[root@localhost a.com]# touch access.log

日志目录记得更改属主和属组为Apache，否则httpd启动失败

[root@localhost httpd]# chown -R apache:apache a.com/

4、配置指定IP可以访问虚拟主机（可以单个IP，也可以是一个网段）

[root@localhost conf.d]# vim /etc/httpd/conf.d/virtual.conf

#绑定的主域

ServerName a.com

#绑定的子域名

ServerAlias www.test.com

#网站主目录

DocumentRoot "/www/a.com/"

#错误日志目录

ErrorLog "/var/log/httpd/a.com/error.log"

#访问日志目录

CustomLog "/va/log/httpd/a.com.access.log"

Options FollowSymLinks

AllowOverride All

#允许任意访问

Require ip 192.168.253.0/24

5、配置指定用户可以访问虚拟主机

[root@localhost conf.d]# vim /etc/httpd/conf.d/virtual.conf

#绑定的主域

ServerName a.com

#绑定的子域名

ServerAlias www.test.com

#网站主目录

DocumentRoot "/www/a.com/"

#错误日志目录

ErrorLog "/var/log/httpd/a.com/error.log"

#访问日志目录

CustomLog "/va/log/httpd/a.com.access.log"

Options FollowSymLinks

AllowOverride authconfig

AuthType basic

AuthName "Restrict area"

AuthUserFile "etc/httpd/.htpasswd"

Require valid-user

创建用户文件，第一次创建的时候要加-c，以后创建都不用加-c，否则会覆盖原数据

[root@localhost conf.d]# pwd

/etc/httpd/conf.d

[root@localhost conf.d]# htpasswd -h

htpasswd: illegal option -- h

Usage:

htpasswd [-cimBdpsDv] [-C cost] passwordfile username

htpasswd -b[cmBdpsDv] [-C cost] passwordfile username password

htpasswd -n[imBdps] [-C cost] username

htpasswd -nb[mBdps] [-C cost] username password

-c Create a new file.

-n Don't update file; display results on stdout.

-b Use the password from the command line rather than prompting for it.

-i Read password from stdin without verification (for script usage).

-m Force MD5 encryption of the password (default).

-B Force bcrypt encryption of the password (very secure).

-C Set the computing time used for the bcrypt algorithm

(higher is more secure but slower, default: 5, valid: 4 to 31).

-d Force CRYPT encryption of the password (8 chars max, insecure).

-s Force SHA encryption of the password (insecure).

-p Do not encrypt the password (plaintext, insecure).

-D Delete the specified user.

-v Verify password for the specified user.

On other systems than Windows and NetWare the '-p' flag will probably not work.

The SHA algorithm does not use a salt and is less secure than the MD5 algorithm.

[root@localhost conf.d]# htpasswd -c -m /etc/httpd/.htpasswd tom

New password:

Re-type new password:

Adding password for user tom

重启httpd服务

[root@localhost conf.d]# httpd -t AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message Syntax OK [root@localhost conf.d]# systemctl restart httpd

在浏览器测试登录

6、Require参考

Require all granted

无条件允许访问。

Require all denied

访问被无条件拒绝。

Require env env-var [env-var] ...

只有在给定的环境变量之一被设置的情况下才允许访问。

Require method http-method [http-method] ...

只有给定的HTTP方法才允许访问。

Require expr expression

如果表达式计算结果为true，则允许访问。

Require user userid [userid] ...

只有指定的用户才能访问资源。

Require group group-name [group-name] ...

只有指定组中的用户才能访问资源。

Require valid-user

所有有效的用户都可以访问资源。

Require ip 10 172.20 192.168.2

指定IP地址范围内的客户端可以访问资源。

7、Options

None:不支持任何选项

Indexes：允许索引目录

FollowSymLinks：允许访问符号链接指向的原文件

Includes：允许执行服务端包含（SSI）

ExecCGI：允许允许CGI脚本

ALL：支持所有选项

Apache CentOS HTTP PHP 虚拟化

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。