溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊(cè)×
其他方式登錄
點(diǎn)擊 登錄注冊(cè) 即表示同意《億速云用戶服務(wù)條款》

企業(yè)常用Centos 7.4 --虛擬主機(jī)基于域名,端口,IP,Apache訪問(wèn)控制

發(fā)布時(shí)間:2020-07-13 10:52:09 來(lái)源:網(wǎng)絡(luò) 閱讀:74557 作者:23trl 欄目:云計(jì)算

企業(yè)常用Centos 7.4 --虛擬主機(jī)基于域名,端口,IP,Apache訪問(wèn)控制

構(gòu)建虛擬主機(jī)

企業(yè)常用Centos 7.4 --虛擬主機(jī)基于域名,端口,IP,Apache訪問(wèn)控制

一共支持三種虛擬主機(jī)類型
企業(yè)常用的是第一種基于域名的虛擬主機(jī)
基于IP地址的虛擬主機(jī),一臺(tái)物理主機(jī)上需要兩個(gè)網(wǎng)卡
基于端口的虛擬主機(jī)

構(gòu)建虛擬主機(jī)之基于域名

環(huán)境需求:一臺(tái)linux作為DNS和web服務(wù)器,一臺(tái)WIN10客戶端作為測(cè)試

在我們的Linux先裝兩個(gè) 軟件包

[root@localhost ~]# yum install bind httpd -y
已安裝:
  bind.x86_64 32:9.11.4-9.P2.el7       httpd.x86_64 0:2.4.6-90.el7.centos      

作為依賴被安裝:
  apr.x86_64 0:1.4.8-5.el7                                                      
  apr-util.x86_64 0:1.5.2-6.el7                                                 
  bind-export-libs.x86_64 32:9.11.4-9.P2.el7                                    
  httpd-tools.x86_64 0:2.4.6-90.el7.centos                                      
  mailcap.noarch 0:2.1.41-2.el7                                                 

作為依賴被升級(jí):
  bind-libs.x86_64 32:9.11.4-9.P2.el7                                           
  bind-libs-lite.x86_64 32:9.11.4-9.P2.el7                                      
  bind-license.noarch 32:9.11.4-9.P2.el7                                        
  bind-utils.x86_64 32:9.11.4-9.P2.el7                                          
  dhclient.x86_64 12:4.2.5-77.el7.centos                                        
  dhcp-common.x86_64 12:4.2.5-77.el7.centos                                     
  dhcp-libs.x86_64 12:4.2.5-77.el7.centos

配置DNS主配置文件

需要改兩處
[root@localhost ~]# vim /etc/named.conf 
options {
        listen-on port 53 { any; };    //監(jiān)聽(tīng)所有地址
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        recursing-file  "/var/named/data/named.recursing";
        secroots-file   "/var/named/data/named.secroots";
        allow-query     { any; };   //允許其他所有主機(jī)可以進(jìn)行解析

配置DNS區(qū)域配置文件

我們加入兩個(gè)需要解析的域名區(qū)域配置
在正向解析上復(fù)制5行
[root@localhost ~]# vim /etc/named.rfc1912.zones 
zone "accp.com" IN {    //你需要解析的域名
        type master;
        file "accp.com.zone";    //區(qū)域數(shù)據(jù)配置文件
        allow-update { none; };
};

zone "kgc" IN {
        type master;
        file "kgc.com.zone";
        allow-update { none; };
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {

配置DNS區(qū)域數(shù)據(jù)配置文件

[root@localhost ~]# cd /var/named/
[root@localhost named]# ls
data  dynamic  named.ca  named.empty  named.localhost  named.loopback  slaves
 [root@localhost named]# cp -p named.localhost accp.com.zone  //把模板復(fù)制到數(shù)據(jù)區(qū)域配置文件中
[root@localhost named]# vim accp.com.zone  //配置

$TTL 1D
@       IN SOA  @ rname.invalid. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      @
        A       127.0.0.1
www IN  A       192.168.136.136  //添加域名解析的地址

[root@localhost named]# cp -p accp.com.zone kgc.com.zone  
 //這個(gè)只要復(fù)制過(guò)來(lái)不需要過(guò)來(lái),我們是基于不同的域名解析

開(kāi)啟服務(wù)

[root@localhost named]# systemctl stop firewalld.service
[root@localhost named]# setenforce 0
[root@localhost named]# systemctl start named

到win10客戶端去測(cè)試能不能解析到地址

企業(yè)常用Centos 7.4 --虛擬主機(jī)基于域名,端口,IP,Apache訪問(wèn)控制

企業(yè)常用Centos 7.4 --虛擬主機(jī)基于域名,端口,IP,Apache訪問(wèn)控制

添加虛擬主機(jī)子配置文件,不要寫(xiě)在主配置文件中,系統(tǒng)加載會(huì)變慢。

[root@localhost named]# cd /etc/httpd/
[root@localhost httpd]# ls
conf  conf.d  conf.modules.d  logs  modules  run
[root@localhost httpd]# cd conf
[root@localhost conf]# ls
httpd.conf  magic
[root@localhost conf]# mkdir extra    //創(chuàng)建一個(gè)擴(kuò)展的文件夾,里面放入子配置文件,方便我們以后管理
[root@localhost conf]# ls
extra  httpd.conf  magic
[root@localhost conf]# cd extra/

配置子配置文件

[root@localhost extra]# vim vhost.conf
<VirtualHost *:80>  //標(biāo)簽虛擬主機(jī) ,*代表所有網(wǎng)絡(luò)
  DocumentRoot "/var/www/html/accp/"  //指定站點(diǎn)
  ServerName www.accp.com  //定義域名
  ErrorLog "logs/www.accp.com.error_log"  //網(wǎng)址要有日志文件,錯(cuò)誤日志文件
  Customlog "logs/www.accp.com.access_log" common  //訪問(wèn)日志文件
  <Directory "/var/www/html">  //站點(diǎn)需要設(shè)置權(quán)限,讓所有網(wǎng)絡(luò)能訪問(wèn)這個(gè)網(wǎng)頁(yè)
        Require all granted
  </Directory>
</VirtualHost>  //結(jié)尾標(biāo)簽

<VirtualHost *:80>
  DocumentRoot "/var/www/html/kgc/"
  ServerName www.kgc.com
  ErrorLog "logs/www.kgc.com.error_log"
  Customlog "logs/www.kgc.com.access_log" common
  <Directory "/var/www/html">
        Require all granted
  </Directory>
</VirtualHost>
~

在站點(diǎn)下創(chuàng)建兩個(gè)默認(rèn)網(wǎng)頁(yè)

[root@localhost httpd]# cd /var/www/html
[root@localhost html]# mkdier accp kgc  //創(chuàng)建兩個(gè)站點(diǎn)目錄
[root@localhost html]# mkdir accp kgc
[root@localhost html]# ls
accp  kgc
[root@localhost html]# cd accp
[root@localhost accp]# vim index.html  //編輯網(wǎng)頁(yè)寫(xiě)入內(nèi)容

h2>this is accp web</h2>
[root@localhost accp]# cd ../kgc/
[root@localhost kgc]# vim index.html

<h2>this is kgc web</h2>

在主配置文件中調(diào)用子配置文件

[root@localhost kgc]# cd /etc/httpd/
[root@localhost httpd]# cd conf
[root@localhost conf]# ls
extra  httpd.conf  magic
[root@localhost conf]# vim httpd.conf

#Load config files in the "/etc/httpd/conf.d" directory, if any.
IncludeOptional conf.d/*.conf
Include conf/extra/vhost.conf   //調(diào)用子配置文件

啟用web服務(wù),并去win10客戶端去測(cè)試能不能基于不同域名獲得網(wǎng)頁(yè)

企業(yè)常用Centos 7.4 --虛擬主機(jī)基于域名,端口,IP,Apache訪問(wèn)控制
企業(yè)常用Centos 7.4 --虛擬主機(jī)基于域名,端口,IP,Apache訪問(wèn)控制

虛擬主機(jī)之基于端口

子配置文件中在創(chuàng)建一個(gè)基于端口的虛擬主機(jī)

[root@localhost conf]# cd extra/
[root@localhost extra]# vim vhost.conf 

 22 <VirtualHost *:8080>  //端口加上8080
 23   DocumentRoot "/var/www/html/kgc.port/"
 24   ServerName www.kgc.port.com
 25   ErrorLog "logs/www.kgc.port.com.error_log"
 26   Customlog "logs/www.kgc.port.com.access_log" common
 27   <Directory "/var/www/html">
 28         Require all granted
 29   </Directory>
 30 </VirtualHost>

到站點(diǎn)目錄下,做一個(gè)端口的默認(rèn)網(wǎng)頁(yè)

[root@localhost extra]# cd /var/www/html/
[root@localhost html]# ls
accp  kgc
[root@localhost html]# mkdir kgc.port
[root@localhost html]# cd kgc.port/
[root@localhost kgc.port]# vim index.html

<h2>this is kgc.port web</h2>
~

在主配置文件中開(kāi)啟加入個(gè)監(jiān)聽(tīng)地址

[root@localhost kgc.port]# vim /etc/httpd/conf/httpd.conf 

Listen 192.168.136.136:80
Listen 192.168.136.136:8080
#Listen 80

開(kāi)啟服務(wù),查看端口有沒(méi)有被提供出來(lái)

[root@localhost kgc.port]# systemctl restart httpd
[root@localhost kgc.port]# netstat -ntap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      1/systemd           
tcp        0      0 192.168.136.136:8080    0.0.0.0:*               LISTEN      59009/httpd         
tcp        0      0 192.168.136.136:80      0.0.0.0:*               LISTEN

用客戶端win10測(cè)試基于端口的不同訪問(wèn)網(wǎng)頁(yè)

企業(yè)常用Centos 7.4 --虛擬主機(jī)基于域名,端口,IP,Apache訪問(wèn)控制

80端口還是原來(lái)的網(wǎng)頁(yè)

企業(yè)常用Centos 7.4 --虛擬主機(jī)基于域名,端口,IP,Apache訪問(wèn)控制

虛擬主機(jī)之基于IP

添加一塊網(wǎng)卡

企業(yè)常用Centos 7.4 --虛擬主機(jī)基于域名,端口,IP,Apache訪問(wèn)控制

[root@localhost ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.136.136  netmask 255.255.255.0  broadcast 192.168.136.255
        inet6 fe80::e3c7:14af:6e4d:7216  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:c9:dd:05  txqueuelen 1000  (Ethernet)
        RX packets 101  bytes 10639 (10.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 113  bytes 12291 (12.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens36: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.136.138  netmask 255.255.255.0  broadcast 192.168.136.255
        inet6 fe80::658e:4c2d:2273:9cf5  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:c9:dd:0f  txqueuelen 1000  (Ethernet)
        RX packets 108  bytes 14566 (14.2 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 42  bytes 5695 (5.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

到子配置文件中開(kāi)始配置

[root@localhost ~]# cd /etc/httpd/conf/extra/
[root@localhost extra]# ls
vhost.conf
[root@localhost extra]# vim vhost.conf

企業(yè)常用Centos 7.4 --虛擬主機(jī)基于域名,端口,IP,Apache訪問(wèn)控制


<VirtualHost 192.168.136.138:80>  //“*”改成第二塊網(wǎng)卡的地址
  2   DocumentRoot "/var/www/html/accp/"
  3   ErrorLog "logs/www.accp.com.error_log"
  4   Customlog "logs/www.accp.com.access_log" common
  5   <Directory "/var/www/html">
  6         Require all granted
  7   </Directory>
  8 </VirtualHost>
  9  
 10  
 11 <VirtualHost 192.168.136.136:80>  //改成第一塊網(wǎng)卡的地址
 12   DocumentRoot "/var/www/html/accp02/"  //重新在站點(diǎn)下寫(xiě)一個(gè)網(wǎng)頁(yè)
 13   ErrorLog "logs/www.accp02.com.error_log"
 14   Customlog "logs/www.accp02.com.access_log" common
 15   <Directory "/var/www/html">
 16         Require all granted
 17   </Directory>
 18 </VirtualHost>
 19

到站點(diǎn)下創(chuàng)建一個(gè)網(wǎng)頁(yè)內(nèi)容

[root@localhost extra]# cd /var/www/html/
[root@localhost html]# mkdir accp02
[root@localhost html]# cd accp02
[root@localhost accp02]# vim index.html

<h2>this is 136 accp02 web</h2>
~                                                                                
~                                                                                
~                               

[root@localhost accp02]# vim ../accp/index.html 
<h2>this is 128 accp web</h2>
~                                                                                
~                                                                                
~

在主配置文件中增加監(jiān)聽(tīng)138的地址,開(kāi)啟服務(wù)

#prevent Apache from glomming onto all bound IP addresses.
Listen 192.168.136.136:80
Listen 192.168.136.138:80
#Listen 192.168.136.136:8080
#Listen 80

[root@localhost extra]# systemctl status httpd

去客戶端測(cè)試一下,記得我們之前給客戶端指定的dns解析地址弄到自動(dòng)獲取,不然你的客戶端無(wú)法上網(wǎng),無(wú)法訪問(wèn)網(wǎng)址

企業(yè)常用Centos 7.4 --虛擬主機(jī)基于域名,端口,IP,Apache訪問(wèn)控制企業(yè)常用Centos 7.4 --虛擬主機(jī)基于域名,端口,IP,Apache訪問(wèn)控制

Aapache訪問(wèn)權(quán)限控制(客戶機(jī)權(quán)限控制)

企業(yè)常用Centos 7.4 --虛擬主機(jī)基于域名,端口,IP,Apache訪問(wèn)控制

到子配置文件,也叫容器,當(dāng)中做客戶機(jī)訪問(wèn)權(quán)限控制,像當(dāng)于黑白名單,這個(gè)容器,系統(tǒng)的所有命令都會(huì)去實(shí)現(xiàn),不會(huì)像ACL訪問(wèn)控制列表從上到下逐條匹配識(shí)別命令。

[root@localhost ~]# cd /etc/httpd/conf/extra/
[root@localhost extra]# ls
vhost.conf
[root@localhost extra]# vim vhost.conf 

<VirtualHost 192.168.136.138:80>
  DocumentRoot "/var/www/html/accp/"
  ErrorLog "logs/www.accp.com.error_log"
  Customlog "logs/www.accp.com.access_log" common
  <Directory "/var/www/html">
        <RequireAll>   //要加入子容器的標(biāo)簽
          Require not ip 192.168.136.137  //拒絕這個(gè)地址訪問(wèn),也可以拒絕網(wǎng)段比如 Require not ip 192.168.136.0/24
          Require all granted
        </RequireAll>  //結(jié)尾標(biāo)簽
  </Directory>
</VirtualHost>
[root@localhost extra]# systemctl restart httpd  //重啟服務(wù)

到客戶端去測(cè)試一下

因?yàn)樽隽嗽L問(wèn)控制所以,只能訪問(wèn)web服務(wù)的默認(rèn)網(wǎng)站

企業(yè)常用Centos 7.4 --虛擬主機(jī)基于域名,端口,IP,Apache訪問(wèn)控制

用戶登錄訪問(wèn)控制

[root@localhost extra]# cd /etc/httpd/conf  
[root@localhost conf]# htpasswd -c /etc/httpd/conf/pwd chen01 //創(chuàng)建一個(gè)chen01用戶,放在路徑底下,起個(gè)名字pwd. htpasswd:用YUM安裝直接可以使用,如果手工編譯安裝,要把這個(gè)命令加到/usr/local/bin系統(tǒng)識(shí)別的命令底下。
New password:   //輸入你的密碼
Re-type new password:   //重復(fù)輸入
Adding password for user chen01
[root@localhost conf]# ls
extra  httpd.conf  magic  pwd
[root@localhost conf]# cat pwd
chen01:$apr1$lOLJMVUo$EZ7qupc1bHN3k38OUw/1F.
[root@localhost conf]# htpasswd /etc/httpd/conf/pwd chen02  //如果這個(gè)目錄已存在,就不要加-c了
New password: 
Re-type new password: 
Adding password for user chen02
[root@localhost conf]# cat pwd
chen01:$apr1$lOLJMVUo$EZ7qupc1bHN3k38OUw/1F.
chen02:$apr1$5cbb6tpU$mt5EZG/8y7qXhyi1Pz2Lk1
[root@localhost conf]#

添加到容器當(dāng)中指定某個(gè)IP用戶登錄訪問(wèn)控制

[root@localhost extra]# vim vhost.conf 

<VirtualHost 192.168.136.136:80>
  DocumentRoot "/var/www/html/accp02/"
  ErrorLog "logs/www.accp02.com.error_log"
  Customlog "logs/www.accp02.com.access_log" common
  <Directory "/var/www/html">
        AuthName "DocumentRoot"  //聲明信息
        AuthType Basic  //驗(yàn)證類型為基本驗(yàn)證
        AuthUserFile /etc/httpd/conf/pwd //驗(yàn)證文件,目錄位置
        Require valid-user  //授權(quán)給用戶登錄
  </Directory>
</VirtualHost>
[root@localhost extra]# systemctl restart httpd

去客戶機(jī)測(cè)試一下用戶登錄訪問(wèn)控制

企業(yè)常用Centos 7.4 --虛擬主機(jī)基于域名,端口,IP,Apache訪問(wèn)控制企業(yè)常用Centos 7.4 --虛擬主機(jī)基于域名,端口,IP,Apache訪問(wèn)控制

以上就是我們所有的內(nèi)容了,謝謝大家收看

向AI問(wèn)一下細(xì)節(jié)

免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng),如果涉及侵權(quán)請(qǐng)聯(lián)系站長(zhǎng)郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。

AI