综合练习: 请给openlab搭建web网站,网站需求:
1.基于域名www.openlab.com可以访问网站内容为 welcome to openlab!!!。
2.给该公司创建三个子界面分别显示学生信息,教学资料和缴费网站,基于www.openlab.com/student 网站访问学生信息,
www.openlab.com/data网站访问教学资料www.openlab.com/money 网站访问缴费网站
3.要求
(1) 学生信息网站只有song和tian两人可以访问,其他用户不能访问。
(2) 访问缴费网站实现数据加密基于https访问。
实验过程
第一步下载httpd、创建所需要的文件夹
[root@server ~]# yum install httpd -y
[root@server ~]# mkdir -p /www/openlab
[root@server ~]# cd /www/openlab/
[root@server openlab]# mkdir student data money
[root@server openlab]# ls
data money student
第二步、在对应文件中写入信息
[root@server openlab]# echo "welcome to openlab!!!" >> index.html
echo "welcome to openlabls!" >> index.html
[root@server openlab]# cat index.html
welcome to openlabls!
[root@server openlab]# echo "学生信息" >> student/index.html
[root@server openlab]# echo "教学资料" >> data/index.html
[root@server openlab]# echo "缴费网站" >> money/index.html
第三步、修改/etc/hosts文件映射、/etc/httpd/conf/httpd.conf文件配置
vim /etc/hosts
192.168.200.133 www.openlab.com
vim /etc/httpd/conf/httpd.conf
DocumentRoot "/www/openlab"
#
# Relax access to content within /var/www.
#
<Directory "/www/openlab">
第四步开启httpd服务,在linux系统中测试
www.openlab.com
www.openlab.com/student
www.openlab.com/data
www.openlab.com/money
第五步:创建两个用户song和tian,并给用户设置访问网站的密码
[root@server /]# useradd song
[root@server /]# passwd song
更改用户 song 的密码 。
新的密码:
无效的密码: 密码是一个回文
重新输入新的密码:
passwd:所有的身份验证令牌已经成功更新。
[root@server /]# useradd tian
[root@server /]# passwd tian
更改用户 tian 的密码 。
新的密码:
无效的密码: 密码是一个回文
重新输入新的密码:
passwd:所有的身份验证令牌已经成功更新。
[root@server /]# htpasswd -c /etc/httpd/passwd song
New password:
Re-type new password:
Adding password for user song
[root@server /]# htpasswd /etc/httpd/passwd tian
New password:
Re-type new password:
Adding password for user tian
第六步修改/etc/httpd/conf.d/userdir.conf文件配置并测试访问
[root@server /]# vim /etc/httpd/conf.d/userdir.conf
<Directory "/www/openlab/student">
authuserfile "/etc/httpd/passwd"
authname "Myprivately website"
authtype basic
require user song tian
</Directory>
第七步:下载mod_ssl,创建ssl证书
[root@server /]# yum install mod_ssl -y
[root@server /]# vim /etc/httpd/conf.d/ssl.conf
[root@server /]# cd /etc/pki/tls/private/
[root@server private]# openssl genrsa -aes128 2048 > money.key
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
[root@server private]# cd /etc/pki/tls/certs/
[root@server certs]# openssl req -utf8 -new -key /etc/pki/tls/private/money.key -x509 -days 365 -out money.crt
Enter pass phrase for /etc/pki/tls/private/money.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:86
State or Province Name (full name) []:shanxi
Locality Name (eg, city) [Default City]:xi'an
Organization Name (eg, company) [Default Company Ltd]:openlab
Organizational Unit Name (eg, section) []:rhce
Common Name (eg, your name or your server's hostname) []:server
Email Address []:[email protected]
修改配置文件/etc/httpd/conf.d/ssl.conf
<virtualhost 192.168.200.133:443>
sslengine on
SSLCertificateFile /etc/pki/tls/certs/money.crt
SSLCertificateKeyFile /etc/pki/tls/private/money.key
servername 192.168.200.133
documentroot /www/openlab
alias /money /www/openlab/money
</virtualhost>
<directory /www/openlab/money>
allowoverride none
require all granted
</directory>
测试访问
