https、虚拟目录、用户控制搭建web实验
实验要求
- 基于域名www.openlab.com可以访问网站内容为“welcom to openlab!!!”
- 给该公司创建三个子界面分别显示学生信息,教学资料和缴费网站,基于www.openlab.com/student网站访问学生信息,www.openlab.com/data网站访问教学资料www.openlab.com/money网站访问缴费网站。
- 要求
学生信息网站只有zhangsan和lisi两个人可以访问,其他用户不能访问
访问缴费网站实现数据加密基于https访问
搭建虚拟目录和用户控制的web
🚀在开始实验之前,要配置好本地yum源、安装http包,关闭firewalld和selinuxsetenforce 0
[root@localhost ~]# yum install httpd -y [root@localhost ~]# systemctl stop firewalld.service [root@localhost ~]# setenforce 0
🚀在/etc/httpd/conf.d/vhosts.conf创建虚拟主机配置文件,并且配置域名为www.openlab.com的web网站
[root@localhost ~]# vim /etc/httpd/conf.d/vhosts.conf <Virtualhost 192.168.133.150:80> Documentroot /www/openlab ServerName www.openlab.com </Virtualhost> <Directory /www> AllowOverride none Require all granted </Directory> [root@localhost ~]# mkdir -pv /www/openlab mkdir: created directory '/www' mkdir: created directory '/www/openlab' [root@localhost ~]# echo "welcome to openlab!!!" > /www/openlab/index.html echo "welcome to openlabmkdir -pv /www/openlab!" > /www/openlab/index.html
🚀配置本地和windows的hosts文件
[root@localhost ~]# vim /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.133.150 www.openlab.com [root@localhost ~]# curl www.openlab.com welcome to openlab!!!
创建虚拟目录
🚀通过别名创建虚拟目录并且目录标签定义
[root@localhost ~]# vim /etc/httpd/conf.d/vhosts.conf <Virtualhost 192.168.133.150:80> Documentroot /www/openlab ServerName www.openlab.com alias /student /students alias /data /datas alias /money /moneys </Virtualhost> <Directory /www> AllowOverride none Require all granted </Directory> <Directory /students> AllowOverride none Require all granted </Directory> <Directory /datas> AllowOverride none Require all granted </Directory> <Directory /moneys> AllowOverride none Require all granted </Directory>
🚀创建相应的目录和内容,并且在linux中测试
[root@localhost ~]# mkdir /{students,datas,moneys} [root@localhost ~]# echo "学生信息" > /students/index.html [root@localhost ~]# echo "教学资料" > /datas/index.html [root@localhost ~]# echo "缴费网站" > /moneys/index.html [root@localhost ~]# systemctl restart httpd.service [root@localhost ~]# curl www.openlab.com/student/ 学生信息 [root@localhost ~]# curl www.openlab.com/data/ 教学资料 [root@localhost ~]# curl www.openlab.com/money/ 缴费网站
用户控制
🚀在配置文件student的目录标签里设置访问控制,然后创建相应的用户
[root@localhost ~]# vim /etc/httpd/conf.d/vhosts.conf <Virtualhost 192.168.133.150:80> Documentroot /www/openlab ServerName www.openlab.com alias /student /www/students alias /data /www/datas alias /money /www/moneys </Virtualhost> <Directory /www> AllowOverride none Require all granted </Directory> <Directory /students> AllowOverride none AuthType Basic AuthName "Please login:" AuthUserFile /etc/httpd/users Require user zhangsan lisi </Directory> <Directory /datas> AllowOverride none Require all granted </Directory> <Directory /moneys> AllowOverride none Require all granted </Directory> [root@localhost ~]# htpasswd -c /etc/httpd/user zhangsan New password: Re-type new password: Adding password for user zhangsan [root@localhost ~]# htpasswd /etc/httpd/user lisi New password: Re-type new password: Adding password for user lisi
访问缴费网站基于https
😊创建证书密钥和证书文件
[root@localhost ~]# openssl req -newkey rsa -nodes -keyout openlab.key -x509 -days 365 -out openlab.crtt Generating a RSA private key .................................................+++++ ...........................................................................+++++ writing new private key to 'openlab.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:86 State or Province Name (full name) []:jiangsu Locality Name (eg, city) [Default City]:nanjing Organization Name (eg, company) [Default Company Ltd]:nanhang Organizational Unit Name (eg, section) []:zj Common Name (eg, your name or your server's hostname) []:zj Email Address []:root@localhost
😊在vhost配置文件中配置
[root@localhost ~]# vim /etc/httpd/conf.d/vhosts.conf <Virtualhost 192.168.133.150:80> Documentroot /www/openlab ServerName www.openlab.com alias /student /www/students alias /data /www/datas </Virtualhost> <Virtualhost 192.168.133.150:443> Documentroot /www/moneys ServerName www.openlab.com alias /money /www/moneys SSLEngine on SSLCertificateFile /root/openlab.crtt SSLCertificatekeyFile /root/openlab.key </Virtualhost> <Directory /www> AllowOverride none Require all granted </Directory> <Directory /students> AllowOverride none AuthType Basic AuthName "Please login:" AuthUserFile /etc/httpd/users Require user zhangsan lisi </Directory> <Directory /datas> AllowOverride none Require all granted </Directory> <Directory /moneys> AllowOverride none Require all granted </Directory>
