httpd 2.4 httpd-vhosts

(1)httpd.conf中的“#Include /etc/httpd/extra/httpd-vhosts.conf”注释去掉增加

Include /etc/httpd/vhosts/stu1.conf

Include /etc/httpd/vhosts/stu1.conf

(2)mkdir /web/vhosts/{www1,www2} -pv

(3)chcon -R -t httpd_sys_content_t /web/vhosts/*

(4)mkdir /var/log/httpd/{www1,www2} -pv

(5)echo “the is www1” > /web/vhosts/www1/index.html

(6)echo “the is www2” > /web/vhosts/www2/index.html

(7)iptables -F

(8)htpasswd -c -b /etc/httpd/.stuX.users tom inspur

(9)htpasswd -b -m /etc/httpd/.stuX.users jerry inspur

(10)vim /etc/hosts 192.168.179.137

www1.stuX.com www2.stuX.com

(11)

第一个虚拟主机

vim /etc/httpd/vhosts/stu1.conf

<VirtualHost *:80>

servername www1.stuX.com

DocumentRoot “/web/vhosts/www1”

ErrorLog “/var/log/httpd/www1/error_log “

LogLevel warn

LogFormat “%h %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\”” combined

Customlog “/var/log/httpd/www1/accec_log ” combined

<Directory “/web/chosts/www1”>

Options None

AllowOverride None

require all granted

</Directory>

############################################################################

禁止一个网段访问

#<Directory “/web/chosts/www1”>

#Options None

#AllowOverride None

#<RequireAll>

#require not ip 192.168.1.0/24

#require all granted

#</RequireAll>

#</Directory>

#############################################################################

<Location /server-status>

SetHandler server-status

AuthType basic

AuthName “you must enter username and passwd”

AuthUserFile “/etc/httpd/.stuX.users”

Require user tom jerry

</Location>

</VirtualHost>

第二个虚拟主机

vim /etc/httpd/vhosts/stu2.conf

<VirtualHost *:80>

servername www2.stuX.com

DocumentRoot “/web/vhosts/www2”

<Directory “/web/chosts/www2”>

Options None

AllowOverride

None require all granted

</Directory>

</VirtualHost>

https

(1)把httpd.conf中的以下注释去掉

LoadModule ssl_module modules/mod_ssl.so

LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

注意,需要编译时要添加SSL模块,如果是yum安装httpd,这需要装yum install mod_ssl -y

(2)编辑httpd-ssl.conf

SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES

SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES

SSLHonorCipherOrder on

SSLProtocol all -SSLv3

SSLProxyProtocol all -SSLv3

<VirtualHost _default_:443>

DocumentRoot “/web/vhosts/www2/”

ServerName www2.stuX.com

ErrorLog “/var/log/httpd/www2/error_log”

CustomLog “/var/log/httpd/www2/access_log” common

SSLEngine on

SSLCertificateFile “/etc/httpd/vhosts/ssl/httpd.crt”

SSLCertificateKeyFile “/etc/httpd/vhosts/ssl/httpd.key”

SSLCACertificateFile “/etc/httpd/vhosts/ssl/httpd.crt”

</VirtualHost>

 

—————————————————————————————————————————————————————————————————-

如果网页目录修改了,要修改selinux安全上下文

修改selinux安全上下文

semanage fcontext -a -t httpd_sys_content_t /var/www/html
semanage fcontext -a -t httpd_sys_content_t /var/www/html/*
restorecon -Rv /var/www/html