SME server configuration solution (web server)
2001-06-05 12:51
Publisher: NetBull Readings: 114 Tanghaijing (Submission) Part III Web Server Section 1 Apache Server & 1.1 Apache is the world's ranking web server, according to the famous Web Server investigation company Netcraft survey, the world's 100 points More than 50 Web servers are using apache. Throughout the Apache, it provides our network administrators with a colorful feature, including directory index, directory alias, content negotiation, configurable HTTP error report, CGI program setUID execution, child process resource management, server-side image Mapping, rewriting URL, URL spell check, and online manual MAN, etc. That is, if you have successfully installed Apache on Linux Server, your computer will also turn around with Apache, becoming a veritable web server, which is indeed exciting. With the powerful driving force of free software development, we have reason to believe that Apache's future is bright. In the Internet era, the release of the external homepage has become an important means of establishing the company's image, and the internal home page has become the main way of company management. However, if you want to implement these features, you should first configure our Linux Server to become a powerful web server. Today, the most widely used web server software globally applied is Apache, which will detail how to configure Apache servers. I hope that all the colleagues can achieve the purpose of reading this film to reach the theoretical practice, and quickly become an excellent network administrator in a short period of time.
(LinuxByte Download Apache) & 1.2 Requisite Resources & 1.2.1 Requirements Requirements RedHat 6.2 Server Installation & 1.2.2 Required Profile / Etc/httpd/conf/httpd.conf system comes with, administrator configuration / etc / httpd / The conf / access.conf system comes with, no need to modify the /etc/httpd/conf/srm.conf system, do not need to modify the & 1.3 configuration scheme 1./etc/httpd/conf/httpd.conf Description: Apache master configuration File Source File: Servertype Standalone # Defines the startup way of Web Server to enhance its timely response ServerRoot "/ etc / httpd" on a large number of access. /var/run/httpd.pid scoreboardfile /var/run/httpd.scoreboard Timeout 300 # Response timeout, units in seconds keEpalive ON # Allow users to create permanent Connect MaxkeePaliveRequests 100 KeepaliveTimeout 15 MinSpareServerse 5 # Minimum of free server processes to be reserved Value MaxSpareServers 20 # The maximum value of the idle server process to be retained StartServers 8 # system starts the daemon MaxClients 150 # Maximum client number that can serve the service,
Greater than its part is placed in the request queue MaxRequestsPerChild 100 LoadModule vhost_alias_module modules / mod_vhost_alias.so LoadModule env_module modules / mod_env.so LoadModule config_log_module modules / mod_log_config.so LoadModule agent_log_module modules / mod_log_agent.so LoadModule referer_log_module modules / mod_log_referer.so LoadModule mime_module modules / mod_mime.so LoadModule negotiation_module modules / mod_negotiation.so LoadModule status_module modules / mod_status.so LoadModule info_module modules / mod_info.so LoadModule includes_module modules / mod_include.so LoadModule autoindex_module modules / mod_autoindex.so LoadModule dir_module modules / mod_dir.so LoadModule cgi_module modules / mod_cgi .so LoadModule asis_module modules / mod_asis.so LoadModule imap_module modules / mod_imap.so LoadModule action_module modules / mod_actions.so LoadModule userdir_module modules / mod_userdir.so LoadModule alias_module modules / mod_alias.so LoadModule rewrite_module modules / mod_rewrite.so LoadModule access_module modules / mod_access. SO LoadModule auth_module modules / mod_auth.so LoadModule anon_auth_module modules / mod_auth_anon.so LoadModule db_auth_module modules / mod_auth_db.so LoadModule digest_module modules / mod_digest.so LoadModule proxy_module modules / libproxy.so LoadModule expires_module modules / mod_expires.so LoadModule headers_module modules / mod_headers.so LoadModule usertrack_module modules / mod_usertrack.so LoadModule setenvif_module modules / mod_setenvif.so LoadModule perl_module modules / libperl.so LoadModule php3_module modules / libphp3.so ClearModuleList AddModule mod_vhost_alias.c AddModule mod_env.c AddModule mod_log_config.c AddModule mod_log_agent.c AddModule mod_log_referer.c AddModule mod_mime .c addmodule mod_negotiath.c addmodule mod_status.c Addmodule M
od_info.c AddModule mod_include.c AddModule mod_autoindex.c AddModule mod_dir.c AddModule mod_cgi.c AddModule mod_asis.c AddModule mod_imap.c AddModule mod_actions.c #AddModule mod_speling.c AddModule mod_userdir.c AddModule mod_alias.c AddModule mod_rewrite.c AddModule mod_access .c AddModule mod_auth.c AddModule mod_auth_anon.c AddModule mod_auth_db.c AddModule mod_digest.c AddModule mod_proxy.c AddModule mod_expires.c AddModule mod_headers.c AddModule mod_usertrack.c AddModule mod_so.c AddModule mod_setenvif.c AddModule mod_perl.c AddModule mod_php3.c Port 80 # Define the TCP port number User Nobody Group Nobody # above the server used to assign new users assigned to HTTPD, which is the lowest in security considerations. ServerAdmin root@weboa.com.cn # Setting Web Administrator's Mail Address ServerName Weboa # Defines the host name to the client from the server from the server, the default is localhost, often installing Linux, often Here is wrong here. Documentroot "/ home / weboa / jakarta-tomcat / webapps / weboa" sets the root directory of all Apache documents, for example, users have access requests for http://www.weboa.com.cn/index.html, Apache Its response is /Home/webo/jakarta-tomcat/webapps/weboa/index.htmloptions Followsymlinks
ALLOWOVERRIDE NONE
Options INDEXES INCLUDES FOLLOWSYMLINKS
ALLOWOVERRIDE NONE
ORDER ALOW, DENY
Allow from all # Allows everyone to access
Userdir public_html directoryindex index.html index.htm index.shtml index.cgi # Sets a variety of successful access to the home page, for improving the system's fault tolerance AccessFileName .htaccess
ORDER ALOW, DENY
Deny from all
Usecanonicalname on typesconfig /etc/mime.types defaulttype text / plain
MimeMagicfile Share / Magic
Hostnamelookups Off ErrorLog / USR / HTTPD / LOG / ERROR_LOG Loglevel WARN # Defines those error types to log log logs logformat "% h% l% u% t"% r "%> s% b"% {refrer} i " "% {User-agent} i" "Combined # All logformats are used to define entry logformat"% h% l% u% t "% r"%> s% B "common logformat"% {refrer} I ->% u "referer logformat"% {user-agent} i "agent customlog / usr / httpd / log / access_log common serverignature on alias / icons /" / home / httpd / icons / "# Define Virtual Host Directory and System Corresponding relationship Options Indexes MultiViews
ALLOWOVERRIDE NONE
ORDER ALOW, DENY
ALLOW FROM ALL
Scriptalias / cgi-bin / "/ home / httpd / cgi-bin /" # defines the CGI directory
ALLOWOVERRIDE NONE
Options Execcgi
ORDER ALOW, DENY
ALLOW FROM ALL
IndexOptions FancyIndexing AddIconByEncoding (CMP, / icons / compressed.gif) x-compress x-gzip AddIconByType (TXT, / icons / text.gif) text / * AddIconByType (IMG, / icons / image2.gif) image / * AddIconByType (SND , / icons / sound2.gif) AUDIO / * AddiconBytype (vid, / icons / movie.gif) video / * addicon /icons/binary.gif .bin .exe addicon /icons/binhex.gif .hqx addicon / icons / tar .gif.tar addicon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .g addicon /icons/compressed.gif .z .z .tgz .gz .zip addicon/ICONS/a.gif .ps. Ai .eps addicon /icons/Layout.gif .html .shtml .htm .pdf addicon /icons/text.gif.txt addicon /icons/c.gif.c addicon /icons/p.gif.pl .py addicon / icons /f.gif .for addicon /icons/dvi.gif .dvi addicon /icons/uuencoded.gif .uu addicon /icons/script.gif .conf .sh .shar .csh .ksh .tcl addicon /icons/tex.gif. .Tex addicon /icons/bomb.gif core addicon /icons/back.gif .. addicon /icons/Hand.Right.gif Readme addicon /icons/folder.gif ^^ Directory ^^ addicon /icons/blank.gif ^^ Blankicon ^^ Defaulticon / ICONS / UNEN known.gif ReadmeName README HeaderName HEADER AddEncoding x-compress Z AddEncoding x-gzip gz tgz AddLanguage en .en AddLanguage fr .fr AddLanguage de .de AddLanguage da .da AddLanguage el .el AddLanguage it .it LanguagePriority en fr deAddType application / x- httpd-php3 .php3
AddType Application / X-httpd-php3-source .phps
AddType Application / X-httpd-php .phtml
AddType application / x-tar .tgz AddType text / html .shtml AddHandler server-parsed .shtml AddHandler imap-file map BrowserMatch "RealPlayer 4.0" force-response-1.0 BrowserMatch "Java / 1.0" force-response-1.0 BrowserMatch "JDK / 1.0 "Force-Response-1.0
Alias / perl / / home / httpd / perl /
SetHandler Perl-script
Perlhandler Apache :: Registry
Options Execcgi
Alias / Doc / / USR / Doc / Order Deny, Allow
Deny from all
ALLOW from Localhost
Options Indexes FollowSymlinks
Include /etc/httpd/conf/tomcat-apache.conf alias / netcard "/ home / weboa / jakarta-tomcat / webApps / weboa / net_card"
Options Indexes FollowSymlinks
ALLOW FROM ALL
Cachesize 5 # Defines the cache area size and in KB. You can check the cachegcinterval 4 # every 4 hours according to the needs and hard disk space size, if you have exceeded Cachesize, delete file cacheMaxExpire 24 #http files Most 24 hours CacheLastModifiedFactor 0.1 # Defines the HTTP file failure period, the default is 0.1 It means that the failure period = time X in the last revision
For example, it is 5 hours from the last revised time, then the failure period is 5x0.1 = 0.5 hours.
CachedefaultExpire 1
# This instruction provides a default time (hour) to destroy the cache file, which is unknown to the last change time of these files. The cachemaxexpire command does not overwrite this setting
### The following is to increase SSL security authentication for Apache ##
## The following is how to log in to control on a directory ##
1. Add the following in /etc/httpd/conf/httpd.conf:
Alias / WEBOA / "/ home / weboa /"
Options Indexes MultiViews
ALLOWOVERRIDE AUTHCONFIG
ORDER ALOW, DENY
ALLOW FROM ALL
2. Create a .htaccess file in the / home / weboa directory
Authname "Shared Files"
Authtype Basic
Authorfile / etc / httpd / conf / passwd
Require Valid-User
3. Execute the command to generate an authentication file in the / etc / httpd / conf directory
Htpasswd -c THJ THJ # Create a authentication file and the first name and password
Htpasswd Weboa Weboa # Add other usernames and passwords
### The following is a method of implementing a virtual host ###
Need to add the following in /etc/httpd/conf/httpd.conf:
Alias / WebAdmin / "/ Home / Weboa / WebAdmin / HTML /"
Options Indexes MultiViews
ALLOWOVERRIDE NONE
ORDER ALOW, DENY
ALLOW FROM ALL
NameVirtualHost 192.168.0.1 # DNS server for virtual domain name
ServerAdmin root@weboa.com.cn # NMS email address
DocumentRoot / Home / Weboa / WebAdmin / HTML / # server page directory
ServerName Webadmin.Weboa.com.cn # server name
Need to add content added to /VAR/NAMED/Name2ip.conf:
WebAdmin in A 192.168.0.1
& 1.4 Test and Management Measures
& 1.4.1 Test Method
1. Whenever the administrator changes the setting of Apache,
/etc/rc.d/init.d/httpd restart makes changes to take effect.
& 1.4.2 Management Method 1. Apache offers a lot of log files, when Apache is wrong, the administrator can
Diagnose according to the path to ERRORLOG definition in htppd.conf. The specific method is: tail
-F / var / log / httpd / apache / error_log
& 1.5 small knot
The web service is the most basic service of the Internet server. The Apache software included in the Linux release is a performance-fashioned web server. It is also the most popular web server on the Internet. Because it is time to test countless users, the current Apache The default option is already very suitable for us. You only need to change several options that are closely related to the current application environment to achieve your purpose.
