目标:
- 建立DNS服务器,同时为linux.com, php.net, apache.org三个域提供解析;要求,每个域内的www主机均指向本机唯一的IP;
- 建立httpd服务器,分别为www.linux.com, www.php.net, www.apache.org 各提供一个虚拟主机,位置分别为/www/linux,/www/php,/www/apache;
- 每个虚拟主机的要使用各自的错误日志和访问日志,日志文件名称以虚拟主机名称打头;三个虚拟主机的日志文件都位于/www/logs目录中;
- www.linux.com虚拟主机仅允许来自172.16.0.0/16(除了172.16.100.0/24)的主机访问,且支持基于SSL的访问;
- www.php.net虚拟主机仅允许提供了帐号和密码的请求者访问;
- 通过http://www.apache/mail可以访问/web/mail目录中的网页,而且此目录允许执行CGI脚本(请测试通过)
我们开始吧!我的环境是redhat 5.8,已安装自带的bind97,bind97_lib,bind97_utils,httpd2.2.3,
1.建立DNS服务器。建立/etc/named.conf,并为之建立各自区域文件,启动named服务,测试,并把测试机(我用的是我的xp)的DNS改为刚建立的DNS的地址
1: /etc/named.conf :2:3: options {4: directory "/var/named";5: };6: zone "linux.com" IN {7: type master;8: file "linux.php.apache";9: };10: zone "php.net" IN {11: type master;12: file "linux.php.apache";13: };14: zone "apache.org" IN {15: type master;16: file "linux.php.apache";17: };18:19: /var/named/linux.php.apache20:21:22: $TTL 8640023: @ IN SOA ns admin (24: 00125: 2H26: 5M27: 7D28: 2H )29: IN NS ns30: ns IN A 172.16.1.131: www IN A 172.16.1.1
2.修改/etc/httpd/conf/httpd.conf,注释主服务器区域的文档目录栏,取消基于域名的虚拟主机选项,然后建立虚拟机主机.新建几个目录,与日志文件,更改权限
1: #DocumentRoot "/var/www/html" ##282行左右2: NameVirtualHost *:80 ##973行左右取消注释3: ##在最后建立三个虚拟主机4: <VirtualHost *:80>5: ServerName "www.linux.com"6: DocumentRoot /www/linux7: ErrorLog /www/logs/linux-error_log8: CustomLog /www/logs/linux-access_log common9: </VirtualHost>10: <VirtualHost *:80>11: ServerName "www.php.net"12: DocumentRoot /www/php13: ErrorLog /www/logs/php-error_log14: CustomLog /www/logs/php-access_log common15: </VirtualHost>16: <VirtualHost *:80>17: ServerName "www.apache.org"18: DocumentRoot /www/apache19: ErrorLog /www/logs/apache-error_log20: CustomLog /www/logs/apache-access_log common21: </VirtualHost>22:23: mkdir /www/{linux,php,apache/logs}; ##建立目录24: touch /www/logs/{linux-error_log,linux-access_log,php-error_log,php-access_log,apache-access_log,apache-error_log};25: echo "I am linux " >/www/linux/index.html;26: echo "I am php " >/www/php/index.html;27: echo "I am linux " >/www/apache/index.html;28: chown apache:apache -R /www
3.修改名字为www.linux.com虚拟主机的访问权限
1: <VirtualHost *:80>2: ServerName "www.linux.com"3: DocumentRoot /www/linux4: ErrorLog /www/logs/linux-error_log5: CustomLog /www/logs/linux-access_log common6: <Directory "/www/linux">7: Order Allow,Deny8: Allow From 172.16.0.0/169: Deny From 172.16.100.0/2410: </Directory>11: </VirtualHost>
4.为www.linux.com建立证书,方法见http://laoguang.blog.51cto.com/6013350/1035608
5.安装mod_ssl这个模块,基于ssl访问的https由它提供,修改它的配置文件/etc/httpd/conf.d/ssl.conf
1: yum -y install mod_ssl ##已配好yum,自动安装2:3: /etc/httpd/conf.d/ssl.conf4:5: DocumentRoot "/www/linux" ##86行加入这两行6: ServerName www.linux.com7: SSLCertificateFile /etc/httpd/conf.d/linux.crt ##113行左右修改为SSL的证书的位置 (这是我建立证书的位置)8: SSLCertificateKeyFile /etc/httpd/conf.d/linux.key ##120行左右修改为SSL的私钥的位置
6.为www.php.net 设定访问权限
1: <VirtualHost *:80> 2: ServerName "www.php.net"
3: DocumentRoot /www/php 4: ErrorLog /www/logs/php-error_log 5: CustomLog /www/logs/php-access_log common 6: <Directory /www/php> 7: AllowOverride Authconfig 8: options none 9: Authtype basic 10: Authname "Hi,I'm secreat"
11: AuthUserFile /etc/httpd/conf.d/htpasswd 12: Require valid-user 13: </Directory> 14: </VirtualHost> 1: htpasswd -c -m /etc/httpd/conf.d/htpasswd laoguang 2: New password: 3: Re-type new password:
1: <VirtualHost *:80> 2: ServerName "www.apache.org"
3: DocumentRoot /www/apache 4: ErrorLog /www/logs/apache-error_log 5: CustomLog /www/logs/apache-access_log common 6: alias /mail "/web/mail"
7: AddHandler cgi-script .cgi 8: <Directory /web/mail> 9: Options execCGI 10: </Directory> 11: </VirtualHost> 1: vim /www/apache/test.cgi 2: 3: #!/bin/bash 4: cat <<EOF 5: Content-Type: text/html 6: 7: <pre> 8: $(/bin/date) 9: my name is `id -nu`
10: my hostname $HOSTNAME 11: `/bin/date` 12: `echo $PATH` 13: </pre> 14: EOF 15: 16: 17: ##浏览器访问 www.apache.org/mail/test.cgi看是否能正常执行 )
:三国猛兽传)
_小花_新浪博客)
