Linux下Apache部署

1.建用户    

    [root]# groupadd apache

    [root]# useradd apache -g apache

    [root]# passwd apache

    [root]# su - apache


2.下载openssl-1.0.2g.tar.gz到用户目录~(/home/apache/)

    

    [apache]#tar -zxvf openssl-1.0.2g.tar.gz

    [apache]#cd openssl-1.0.2g

    [apache]#mkdir /opt/openssl

    [apache]#./config --prefix=/opt/openssl

    [apache]#make && make install

3.下载httpd-2.2.22.tar.gz到用户目录~(/home/apache/)

    [apache]#tar -zxvf httpd-2.2.22.tar.gz

    [apache]#cd ../httpd-2.2.22

    [apache]#export LDFLAGS=-ldl //执行下面命令前最好加上这句话,否则可能报错:            configure: error: ... Error, SSL/TLS libraries were missing or unusable

    [apache]#./configure --prefix=/opt/httpd --enable-so--enable-info--enable-headers --enable-mods-shared=all --enable-ssl=static --with-ssl=/opt/openssl


    指定模块:./configure --prefix=/opt/httpd --enable-so--enable-info--enable-headers --enable-mods-shared="proxy proxy_http proxy_connect" --enable-ssl=static --with-ssl=/opt/openssl --enable-rewrite --enable-speling --enable-forward

    [apache]#make     //编译apache

    [apache]#make install    //安装apache

    或者编译并且安装apache

    [apache]#make && make install

注意,非root用户1024以下端口不可用,需要修改默认80端口为其他可用端口

vi /opt/httpd/conf/httpd.conf


4.查看代理模块及安装:

    ./apachectl -M|grep proxy

    如果没有任何模块,安装步骤:(注意:proxy_util.c是基础模块,必须先安装。如果出错,每个命令后都加上)

    cd /home/apache/httpd-2.2.22/modules/proxy

    /opt/httpd/bin/apxs -c -i -a mod_proxy.c proxy_util.c

    /opt/httpd/bin/apxs -c -i -a mod_proxy_http.c

    /opt/httpd/bin/apxs -c -i -a mod_proxy_ftp.c

    /opt/httpd/bin/apxs -c -i -a mod_proxy_connect.c

    /opt/httpd/bin/apxs -c -i -a mod_proxy_balancer.c

    /opt/httpd/bin/apxs -c -i -a mod_proxy_scgi.c

    /opt/httpd/bin/apxs -c -i -a mod_proxy_ajp.c ajp*.c


httpd.conf代理配置,举例:

#开启代理服务,客户端可指定当前IP及端口作为代理配置

ProxyRequests On

#代理指向如果是https协议,必须加上该属性,否则转发错误

SSLProxyEngine On


ProxyPass/https/https://url/

ProxyPa***everse/https/https://url/


ProxyPass/http/http://url/

ProxyPa***everse/http/http://url/


Listen 8081

ProxyRequests On

#配置允许访问的目的地址以及可使用代理的来源地址

Order deny,allow

Allow from all

#Allow from IP1 IP2...


SSL加虚拟机配置

Listen 9443

NameVirtualHost *:9443

#ServerName domain:9443

DocumentRoot htdocs

DirectoryIndex index.htm

#SSLEngine on

#SSLVerifyClient require

SSLVerifyDepth  10

#SSLCertificateFile conf/server.crt

#SSLCertificateKeyFile conf/server.key

#SSLCACertificateFile conf/CFCA_TEST_CS_CA.cer

#SSLCertificateChainFile conf/CFCA_TEST_OCA1.cer

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLOptions +StdEnvVars

#ProxyRequests On

#SSLProxyEngine On

#ProxyPass/http/http://url/

#ProxyPa***everse/http/http://url/



如果具有root用户权限,可把apache加入到自动启动服务:

[root]#chkconfig --list httpd     //查看httpd服务是否已存在

[root]#chkconfig httpd off    //关闭系统自带了httpd的服务,如果存在httpd服务   

[root]#service httpd status    //查看自带httpd服务状态

[root]#/opt/httpd/bin/apachectl -k start    //linux启动apache命令              

[root]#netstat -an|grep :80    //查看linux80端口是否开启

[root]#ps -aux|grep httpd     //linux下查看apache进程

[root]#cd ../..

[root]#cp /opt/httpd/bin/apachectl /etc/rc.d/init.d/apache //拷贝apache启动脚本

[root]#vi /etc/rc.d/init.d/apache    // 这里是编辑apache启动脚本

在开头的#!/bin/sh下面加上(未知作用)

#chkconfig: 2345  85  15

[root]#chkconfig --add apache    //添加apache服务

[root]#chkconfig --list apache    //列出apache服务

[root]#service apache stop    //停止apache服务

[root]#netstat -an|grep :80     //查看linux的80端口是否关闭

[root]#ps -aux|grep httpd     //查看是否存在httpd服务,若果之前自带httpd服务启动的话会导致新添加的apache服务启动失败

[root]#service apache start    //启动apache服务

打开服务器ip地址,看是否出现了It works!,如果出现的话,apache已经安装成功了



root用户下,Apache的启动、关闭、重启

  启动命令:service httpd start

  关闭命令:service httpd stop

  重启命令:service httpd restart

  状态查询:service httpd status


非root用户下,Apache的启动、关闭、重启

  启动命令:/opt/httpd/bin/apachectl start

  关闭命令:/opt/httpd/bin/apachectl stop

  重启命令:/opt/httpd/bin/apachectl restart

  状态查询:/opt/httpd/bin/apachectl status