Httpd-2.4
1.mpm支持运行dos机制
2.支持event mpm
3.支持异步读写
4.支持每模块及每个目录分别使用各自的日志级别;
5.每请求配置;
6.增强版的表达式分析
7.支持毫秒级别的keeplive timeout
8.基于fqdn的虚拟主机不再需要namevirtualhost指令;
9.支持用户自定义变量
新模块:
1.mod_proxy_fcgi
2.Mod_ratelimt
3.Mod_remoteip
修改了一些配置机制;
不再支持使用order,deny,allow对ip进行访问控制
httpd依赖于apr,apr-util,apr-icon
apr:apache portable runtime 可移植运行库
安装过程:
1.先安装开发环境:
yum groupinstall "Development Tools" "Server Platform Development" -y yum install -y pcre-devel zlib-devel
要安装1.4以上版本apr 以及apr-until
2.下载安装apr-1.5.2
[root@localhost ~]# wget http://mirrors.hust.edu.cn/apache//apr/apr-1.5.2.tar.gz tar -zxvf apr-1.5.2.tar.gz cd apr-1.5.2 ./configure --prefix=/usr/local/apr make make install
3.下载安装apr-until-1.5.4
[root@localhost ~]# wget http://mirrors.cnnic.cn/apache//apr/apr-util-1.5.4.tar.gz tar -zxvf apr-util-1.5.4.tar.gz cd apr-util-1.5.4 ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr make make install
4.下载http-2.4.17
wget http://mirrors.hust.edu.cn/apache//httpd/httpd-2.4.17.tar.gz [root@localhost httpd-2.4.17]# tar -zxvf httpd-2.4.17.tar.gz
创建apache用户和组:groupadd -r apache [root@localhost ~]# useradd -r -g apache apache
./configure --prefix=/usr/local/apache --sysconfdir=/etc/httpd --enable-so --enable-ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util/ --enable-modules=most --enable-mpms-shared=all --with-mpm=prefork
--prefix | 指定httpd2.4的安装路径 |
--sysconfdir | 指定配置文件路径 |
--enable-so | 启动sharedobject共享对象 |
--enable-ssl | 启用ssl,借助于此可以实现HTTPS访问 |
--enable-cgi | 启用CGI,可以实现CGI脚本执行 |
--enable-rewrite | 启用Rewrite重写,能够实现诸如301重定向的功能,以来PCRE包 |
--with-zlib | 启用zlib压缩 |
--with-pcre | 启用PCRE |
--with-apr | 指定apr的路径,httpd2.4依赖apr1.4版本以上,所以要指明 |
--with-apr-util | 指定apr-util的路径,同上 |
--enable-modules | 启用哪些模块加载,most尽可能多的 |
--enable-mpms-shared=all | http2.4上prefork、worker、event是模块化的,可以动态加载 |
--with-mpm=prefork | 指明默认的httpd2.4 MPM,即运行在prefork模型下 |
修改系统用户:
[root@localhost apache]# vim /etc/httpd/httpd.conf #User daemon #Group daemon User apache Group apache
编译安装网页存放目录:/usr/local/apache/htdocs
ln -sv /usr/local/apache/include/ /usr/include/httpd
启动服务:添加环境变量,找到apachectl 命令路径:
vim /etc/profile.d/httpd.sh export PATH=/usr/local/apache/bin:$PATH apachectl start
或者用hash -r命令清除搜索记录:
httpd -M 查看全部模块
查看系统进程:http已经启动完毕。
[root@localhost ~]# ps aux | grep httpd root 41702 0.0 0.1 72108 1968 ? Ss 01:15 0:00 /usr/local/apache/bin/httpd -k start apache 41703 0.0 0.1 72108 1400 ? S 01:15 0:00 /usr/local/apache/bin/httpd -k start apache 41704 0.0 0.1 72108 1400 ? S 01:15 0:00 /usr/local/apache/bin/httpd -k start apache 41705 0.0 0.2 72108 2040 ? S 01:15 0:00 /usr/local/apache/bin/httpd -k start apache 41706 0.0 0.1 72108 1400 ? S 01:15 0:00 /usr/local/apache/bin/httpd -k start apache 41707 0.0 0.2 72108 2032 ? S 01:15 0:00 /usr/local/apache/bin/httpd -k start apache 41902 0.0 0.1 72108 1408 ? S 02:03 0:00 /usr/local/apache/bin/httpd -k start apache 41903 0.0 0.1 72108 1408 ? S 02:03 0:00 /usr/local/apache/bin/httpd -k start apache 41904 0.0 0.1 72108 1408 ? S 02:03 0:00 /usr/local/apache/bin/httpd -k start root 41919 0.0 0.0 103304 888 pts/0 S+ 02:06 0:00 grep httpd [root@localhost ~]#
# Path to the apachectl script, server binary, and short-form for messages.
apachectl=/usr/local/apache/bin/apachectl
httpd=${HTTPD-/usr/local/apache/bin/httpd}
prog=httpd
pidfile=${PIDFILE-/usr/local/apache/logs/httpd.pid}
lockfile=${LOCKFILE-/var/lock/subsys/httpd}
RETVAL=0
STOP_TIMEOUT=${STOP_TIMEOUT-10}
配置:
1:切换使用mpm:
打开配置文档找到以下模块位置:
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so #LoadModule mpm_worker_module modules/mod_mpm_worker.so
NAME:prefork,event,worker
2:修改“main”server的DocumentRoot
打开:
[root@localhost ~]# vim /etc/httpd/httpd.conf
找到:
# DocumentRoot: The directory out of which you will serve your # documents. By default, all requests are taken from this directory, but # symbolic links and aliases may be used to point to other locations. # DocumentRoot "/usr/local/apache/htdocs" 修改两个主页目录同上,并且一致
3:基于ip的访问控制法则
允许所有主机访问:Require all granted
拒绝所有主机访问:Require all deny
控制特定ip访问:
require ip IPADDR:授权指定来源的主机访问
Require not ip IPADDR:拒绝指定来源地址的主机访问
ipADDR:
ip:192.168.1.1
network/mask 192.168.1.0/24
Network/Lenth
HostName:
FqDN
DOMAIN:
4:虚拟主机配置:
基于IP,port和FQDN
基于FQDN不再需要NameVirtualHost指令
(1)需要注释掉中心主机:
# DocumentRoot: The directory out of which you will serve your # documents. By default, all requests are taken from this directory, but # symbolic links and aliases may be used to point to other locations. # #DocumentRoot "/usr/local/apache/htdocs" #
(2)找到配置文件里的以下参数:
# Virtual hosts Include /etc/httpd/extra/httpd-vhosts.conf 这项开启
(3)进入到extra目录下:找到httpd-vhosts.conf
[root@localhost ~]# cd /etc/httpd/extra/ [root@localhost extra]# ls httpd-autoindex.conf httpd-default.conf httpd-languages.conf httpd-mpm.conf httpd-ssl.conf httpd-vhosts.conf httpd-dav.conf httpd-info.conf httpd-manual.conf httpd-multilang-errordoc.conf httpd-userdir.conf proxy-html.conf [root@localhost extra]#
打开httpd-vhosts.conf配置文件:
修改参数,以下实例参考:
ServerAdmin [email protected] DocumentRoot "/vhost/www.a.com/htdoc/" ServerName www.a.com ServerAlias a.com ErrorLog "logs/www.a.com-error_log" CustomLog "logs/www.a.com-access_log" combined Options None AllowOverride none Require all granted
修改启动脚本参数为以下内容:
apachectl=/usr/local/apache/bin/apachectl httpd=${HTTPD-/usr/local/apache/bin/httpd} prog=httpd pidfile=${PIDFILE-/usr/local/apache/logs/httpd.pid} lockfile=${LOCKFILE-/var/lock/subsys/httpd} RETVAL=0 STOP_TIMEOUT=${STOP_TIMEOUT-10}