http
文本编码协议
无状态(cookie,session)
http协议实现的程序
静态(httpd, nginx, lighttpd)
动态 (IIS, tomcat, jetty, jboss, resin, websphere, weblogic, oc4j)
客户端工具 (telnet, elinks, curl) 纯文本协议访问工具
HTTPD配置(端口、别名、访问控制、MPM、keep-alive、dso、DocumentRoot、DirectoryIndex、默认字符集、虚拟主机、mod_deflate模块、HTTPS配置)
HTTPD工具(htpasswd, apxs, rotatelogs, suexec),HTTPD压力测试(ab, webbench, http_load, jmeter, loadrunner, tcpcopy)
ASF: Apache Software Foundation Apache 软件基金会
FSF: Free Software Foundaton 自由软件基金会
ASF赖以起家的是: httpd<命名:apache>
http协议实现
Http特性
模块化设计:DSO(Dynamic Share Object)
MPM机制(Multipurpose Process Modules) 多路处理模块
HTTP安装
1
2
|
# yum info httpd
//The Apache HTTP Server is a powerful, efficient, and extensible
//强大、高效、可扩展
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
/etc/httpd
//ServerRoot
/etc/httpd/conf.d
//配置片段目录
/etc/httpd/conf/httpd.conf
//主配置
/etc/httpd/logs
//日志目录
/etc/httpd/modules
//模块目录
/etc/httpd/run
//运行中的进程的数据
/etc/rc.d/init.d/httpd
//服务脚本
/etc/sysconfig/httpd
//服务脚本配置
/usr/lib/httpd/modules
/usr/lib/httpd/modules/mod_actions.so
//DSO机制,动态共享对象
/usr/sbin/apachectl
//apachectl程序
/usr/sbin/httpd
//MPM为IO,串行响应的进程
/usr/sbin/httpd.event
//MPM为复用I/O模型,并行响应的进程 <2.2的httpd,event不成熟>
/usr/sbin/httpd.worker
//MPM.............................
//ps axu | fgrep httpd可查看
/usr/share/doc/httpd-
2.2
.
15
//<DOCUMENTATION>
/usr/share/doc/httpd-
2.2
.
15
/ABOUT_APACHE
/usr/share/doc/httpd-
2.2
.
15
/CHANGES
/usr/share/doc/httpd-
2.2
.
15
/LICENSE
/usr/share/doc/httpd-
2.2
.
15
/NOTICE
/usr/share/doc/httpd-
2.2
.
15
/README
/usr/share/doc/httpd-
2.2
.
15
/VERSIONING
/usr/share/man/man8/apachectl.
8
.gz
//<MAN Document>
/usr/share/man/man8/htcacheclean.
8
.gz
/usr/share/man/man8/httpd.
8
.gz
/usr/share/man/man8/rotatelogs.
8
.gz
/usr/share/man/man8/suexec.
8
.gz
/
var
/cache/mod_proxy
//<缓存目录>
/
var
/lib/dav
//<程序运行中的数据>
/
var
/log/httpd
//《日志目录》
/
var
/run/httpd
//《运行中的httpd进程的数据》
/
var
/www/error/
//错误页面html网页存放目录
/
var
/www/html
//DocuRoot目录,资源路径的根映射的位置
|
httpd配置文件
1
2
3
4
|
/etc/httpd/conf/httpd.conf
//首次配置需要备份文件:
# cp -v /etc/httpd/conf/httpd.conf{,.bak}
|
配置文件格式
1
2
3
4
|
# fgrep
'Section'
/etc/httpd/conf/httpd.conf
### Section
1
: Global Environment
//全局环境:定义httpd通用功能特性
### Section
2
:
'Main'
server configuration
//主配置段:一个服务器提供单个站点
### Section
3
: Virtual Hosts
//虚拟主机:一个服务器提供多个站点
|
配置指令格式
1
2
3
|
Directive(指令) Value(值)
指令:不区分大小写
值:可能区分大小写
|
HTTPD配置及应用
+++++++++++++++++++++++++++++++++++++++++++++++++++++
1、port
使用示例
+++++++++++++++++++++++++++++++++++++++++++++++++++++
2、持久和非持久连接
//并发访问量过大场景,时间或数量限制过大时,可能会导致后续的请求被[拒绝服务],可以关闭或调整时间或数量限制
不同版本对应的特性
<默认配置:关闭持久连接功能
重载并验证
1
|
# service httpd reload
|
<修改配置:开启持久连接功能
重载并验证
1
|
# service httpd reload
|
+++++++++++++++++++++++++++++++++++++++++++++++++++++
3、MPM 并发响应模型Multipath Process Module
1
2
3
|
10
多种[适用在多种平台之上]
Linux: prefork, worker, event
编译时,一次只能编译单个模块
|
1)查看当前使用的模块
2)查看装载的模块
3)更换MPM
使用示例
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
更改为worker
# awk
'$1 != "#" && $0 !~ /^[[:space:]]*$/{print}'
/etc/sysconfig/httpd
#HTTPD=/usr/sbin/httpd.worker
HTTPD=/usr/sbin/httpd.worker
#OPTIONS=
#HTTPD_LANG=C
#PIDFILE=/
var
/run/httpd/httpd.pid
# service httpd restart
# ps axu | fgrep httpd
root
20183
0.0
1.4
11716
3560
? Ss
22
:
02
0
:
00
/usr/sbin/httpd.worker
apache
20298
0.0
1.2
289448
3000
? Sl
22
:
02
0
:
00
/usr/sbin/httpd.worker
更改为event
# awk
'$1 != "#" && $0 !~ /^[[:space:]]*$/{print}'
/etc/sysconfig/httpd
#HTTPD=/usr/sbin/httpd.worker
HTTPD=/usr/sbin/httpd.event
#OPTIONS=
#HTTPD_LANG=C
#PIDFILE=/
var
/run/httpd/httpd.pid
# service httpd restart
# ps axu | fgrep httpd
root
20360
0.6
1.4
12184
3556
? Ss
22
:
04
0
:
00
/usr/sbin/httpd.event
apache
20363
0.0
1.1
289916
2916
? Sl
22
:
04
0
:
00
/usr/sbin/httpd.event
apache
20364
0.0
1.1
289916
2904
? Sl
22
:
04
0
:
00
/usr/sbin/httpd.event
apache
20365
0.0
1.1
289916
2904
? Sl
22
:
04
0
:
00
/usr/sbin/httpd.event
|
MPM配置详解 /etc/httpd/conf/httpd.conf <网站的承载能力有一定影响>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
# prefork MPM
# StartServers: 启动服务器后,预留的进程数
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# ServerLimit: 服务器的生命周期内为MaxClients准备的最大值
# MaxClients: 最大并发数
# MaxRequestsPerChild: 每个进程最大响应请求数
<IfModule prefork.c>
StartServers
8
MinSpareServers
5
MaxSpareServers
20
ServerLimit
256
MaxClients
256
MaxRequestsPerChild
4000
</IfModule>
# worker MPM
# StartServers: 启动服务预留进程数
# MaxClients: 最大并发数
# MinSpareThreads: 最小并发数
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: 每个进程内的线程数
# MaxRequestsPerChild: 每个线程最多响应请求数
<IfModule worker.c>
StartServers
4
MaxClients
300
MinSpareThreads
25
MaxSpareThreads
75
ThreadsPerChild
25
MaxRequestsPerChild
0
//0表示没有上限
</IfModule>
配置:影响网站的承载能力
|
PV承载量= \(每秒请求资源数 * 86400 \)/每个页面的资源数 //满载工作
考虑:全天满负荷运行?带宽使用大小?
带宽:每个PV消耗多少KB * PV承载量
使用示例
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
查看此模块已经被装载
# httpd -M | fgrep deflate_module
deflate_module (shared)
禁用
# vim /etc/httpd/conf/httpd.conf
#LoadModule deflate_module modules/mod_deflate.so
重载
# service httpd reload
查看
# httpd -M | fgrep deflate_module
Syntax OK
|
+++++++++++++++++++++++++++++++++++++++++++++++++++++
4、URL资源路径映射之一:DocRoot <资源路径的根映射为文件系统的哪个目录>
使用示例:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
# setenforing
0
# iptables -F
# cat > /
var
/www/html/index.html << EOF
<html>
<head>
<title>MageEdu</title>
</head>
<body>
<h1>Hello</h1>
<p> <a href=
"https://s5.51cto.com/wyfs02/M00/07/31/wKiom1nEuS7Tii_KAAA2TqP_0qY316.png"
>haha</p>
</body>
</html>
EOF
# httpd -t && service httpd reload
# yum install elinks
# elinks -dump
127.0
.
0.1
抓取后退出
Hello
[
1
]haha
References
Visible links
1
. https:
//s5.51cto.com/wyfs02/M00/07/31/wKiom1nEuS7Tii_KAAA2TqP_0qY316.png
|
1
2
3
4
5
6
7
8
9
10
|
修改配置/etc/httpd/conf/httpd.conf
DocumentRoot
"/www/htdocs"
# install -d /www/htdocs
# cat > /www/htdocs/index.html << EOF
hello everyone
EOF
#
# httpd -t && service httpd reload
# curl
127.0
.
0.1
hello everyone
|
+++++++++++++++++++++++++++++++++++++++++++++++++++++
5、站点访问控制
+++++++++++++++++++++++++++++++++++++++++++++++++++++
6、默认主页面
DirectoryIndex index.html index.html.var
自左向右,依次匹配给出目录下的文件,存在时,显示
7、文件系统路径访问控制
7、1基于来源地址
使用示例
>>>>>>>>>>>>>>>>>>>>>>>>Indexes<下载站使用>
>>>>>>>>>>>>>>>>>>>>>>>>FollowSymlinks
>>>>>>>>>>>>>>>>>>>>>>>>来源地址访问控制
7、2用户访问控制
安全域:认证后方能访问的目录,应该用名称标识
定义在/etc/httpd/conf/httpd.conf文件中
1)基于用户认证
2)基于组认证
使用示例
1、创建目录,使之能访问
1
2
|
# install -d /www/htdocs/admin
# echo
"hello"
> /www/htdocs/admin/index.html
|
2、添加配置
1
2
3
4
5
6
7
8
|
<Directory
"/www/htdocs/admin"
>
Options None
AllowOverride None
AuthType Basic
AuthName
"Administrator private"
AuthUserFile
"/etc/httpd/conf.d/.htpasswd"
Require valid-user
<
/Directory
>
|
1
2
3
4
5
|
# httpd -t
# service httpd reload
# htpasswd -c -m /etc/httpd/conf.d/.htpasswd tom
# htpasswd -m /etc/httpd/conf.d/.htpasswd obama
# htpasswd -m /etc/httpd/conf.d/.htpasswd obama
|
3、添加组配置
1
2
3
4
5
6
7
8
9
|
<Directory
"/www/htdocs/admin"
>
Options None
AllowOverride None
AuthType Basic
AuthName
"Administrator private"
AuthUserFile
"/etc/httpd/conf.d/.htpasswd"
AuthGroupFile
"/etc/httpd/conf.d/.htgroup"
Require group weblogic
<
/Directory
>
|
1
2
|
# httpd -t
# service httpd reload
|
8、日志设定
错误日志
1、日志为链接路径
访问日志
1
2
|
官方:httpd.apache.org http:
//httpd.apache.org/docs/2.2/mod/mod_log_config.html#logformat
Documetation -->
2.2
--> 日志文件
|
9、路径别名
使用示例
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
##默认配置
# setenforce
0
# iptables -F
# cat > /
var
/www/html/index.html << EOF
<html>
<head>
<title>MageEdu</title>
</head>
<body>
<h1>Hello</h1>
<p> <a href=
|