本文共 8078 字,大约阅读时间需要 26 分钟。
http的应用
httpd-2.4: 新特性: (1) MPM支持运行DSO机制;以模块形式按需加载; (2) 支持event MPM; (3) 支持异步读写; (4) 支持每模块及每个目录分别使用各自的日志级别; (5) 每请求配置;(6) 增强版的表达式分析器; (7) 支持毫秒级的keepalive timeout; (8) 基于FQDN的虚拟主机不再需要NameVirtualHost指令; (9) 支持用户自定义变量; 新模块: (1) mod_proxy_fcgi (2) mod_ratelimit (3) mod_remoteip 修改了一些配置机制: 不再支持使用Order, Deny, Allow来做基于IP的访问控制;安装httpd-2.4 httpd依赖于apr-1.4+, apr-util-1.4+, [apr-icon] apr: apache portable runtime CentOS 6: 默认:apr-1.3.9, apr-util-1.3.9 编译安装步骤: 1.4+版的apr和apr-util 前提: 安装开发环境,安装pcre-devel (1) apr # ./configure --prefix=/usr/local/apr # make && make install (2) apr-util # ./configure --prefix=/usr/local/apr-util --with=/usr/local/apr # make && make install # groupadd -r apache # useradd -r -g apache apahce # ./configure --prefix=/usr/local/apache --sysconf=/etc/httpd24 --enable-so --enable-ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util/ --enable-modules=most --enable-mpms-shared=all --with-mpm=prefork # make && make install 启动服务: apachectl CentOS 7: 配置文件: 主配置文件:/etc/httpd/conf/httpd.conf 模块配置文件:/etc/httpd/conf.modules.d/*.conf 辅助配置文件:/etc/httpd/conf.d/*.conf mpm:以DSO机制提供,配置文件00-mpm.conf 服务控制:systemctl {start|stop|restart|status|reload} httpd.service 配置: (1) 切换使用MPM LoadModule mpm_NAME_module modules/mod_mpm_NAME.so NAME: prefork, event, worker (2) 修改'Main' server的DocumentRoot (3) 基于IP的访问控制法则 允许所有主机访问:Require all granted 拒绝所有主机访问:Require all deny 控制特定IP访问: Require ip IPADDR:授权指定来源地址的主机访问 Require not ip IPADDR:拒绝指定来源地址的主机访问 IPADDR: IP: 172.16.100.2 Network/mask: 172.16.0.0/255.255.0.0 Network/Length: 172.16.0.0/16 Net: 172.16 控制特定主机(HOSTNAME)访问 Require host HOSTNAME Require not host HOSTNAME HOSTNAME: FQDN: 特定主机 DOMAIN:指定域内的所有主机 Require all granted Require not ip 10.252.46.165 (4) 虚拟主机 基于IP、Port和FQDN都支持; 基于FQDN的不再需要NameVirtualHost指令; (5) ssl 启用模块: LoadModule ssl_module modules/mod_ssl.so (6) CentOS 6 服务脚本 #!/bin/bash # # httpd Startup script for the Apache HTTP Server # # chkconfig: - 85 15 # description: The Apache HTTP Server is an efficient and extensible \ # server implementing the current HTTP standards. # processname: httpd # config: /etc/httpd/conf/httpd.conf # config: /etc/sysconfig/httpd # pidfile: /var/run/httpd/httpd.pid # ### BEGIN INIT INFO # Provides: httpd # Required-Start: $local_fs $remote_fs $network $named # Required-Stop: $local_fs $remote_fs $network # Should-Start: distcache # Short-Description: start and stop Apache HTTP Server # Description: The Apache HTTP Server is an extensible server # implementing the current HTTP standards. ### END INIT INFO # Source function library. . /etc/rc.d/init.d/functions if [ -f /etc/sysconfig/httpd ]; then . /etc/sysconfig/httpd fi # Start httpd in the C locale by default. HTTPD_LANG=${HTTPD_LANG-"C"} # This will prevent initlog from swallowing up a pass-phrase prompt if # mod_ssl needs a pass-phrase from the user. INITLOG_ARGS="" # Set HTTPD=/usr/sbin/httpd.worker in /etc/sysconfig/httpd to use a server # with the thread-based "worker" MPM; BE WARNED that some modules may not # work correctly with a thread-based MPM; notably PHP will refuse to start. # Path to the apachectl script, server binary, and short-form for messages. apachectl=/usr/local/apache/bin/apachectl httpd=/usr/local/apache/bin/httpd prog=httpd pidfile=${PIDFILE-/var/run/httpd/httpd24.pid} lockfile=${LOCKFILE-/var/lock/subsys/httpd24} RETVAL=0 STOP_TIMEOUT=${STOP_TIMEOUT-10} # The semantics of these two functions differ from the way apachectl does # things -- attempting to start while running is a failure, and shutdown # when not running is also a failure. So we just do it the way init scripts # are expected to behave here. start() { echo -n $"Starting $prog: " LANG=$HTTPD_LANG daemon --pidfile=${pidfile} $httpd $OPTIONS RETVAL=$? echo [ $RETVAL = 0 ] && touch ${lockfile} return $RETVAL } # When stopping httpd, a delay (of default 10 second) is required # before SIGKILLing the httpd parent; this gives enough time for the # httpd parent to SIGKILL any errant children. stop() { echo -n $"Stopping $prog: " killproc -p ${pidfile} -d ${STOP_TIMEOUT} $httpd RETVAL=$? echo [ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile} } reload() { echo -n $"Reloading $prog: " if ! LANG=$HTTPD_LANG $httpd $OPTIONS -t >&/dev/null; then RETVAL=6 echo $"not reloading due to configuration syntax error" failure $"not reloading $httpd due to configuration syntax error" else # Force LSB behaviour from killproc LSB=1 killproc -p ${pidfile} $httpd -HUP RETVAL=$? if [ $RETVAL -eq 7 ]; then failure $"httpd shutdown" fi fi echo } # See how we were called. case "$1" in start) start ;; stop) stop ;; status) status -p ${pidfile} $httpd RETVAL=$? ;; restart) stop start ;; condrestart|try-restart) if status -p ${pidfile} $httpd >&/dev/null; then stop start fi ;; force-reload|reload) reload ;; graceful|help|configtest|fullstatus) $apachectl $@ RETVAL=$? ;; *) echo $"Usage: $prog {start|stop|restart|condrestart|try-restart|force-reload|reload|status|fullstatus|graceful|help|configtest}" RETVAL=2 esac exit $RETVAL
转载于:https://blog.51cto.com/zhanx/2323237