RHCE——第二次作业

1.基于域名[www.openlab.com](http://www.openlab.com)可以访问网站内容为welcome to openlab!!

#首先关闭防火墙
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# getenforce
Permissive
[root@localhost ~]# yum install -y httpd
OS                                                 5.0 kB/s | 1.9 kB     00:00
everything                                         5.2 kB/s | 1.9 kB     00:00
EPOL                                               5.1 kB/s | 1.9 kB     00:00
debuginfo                                          6.1 kB/s | 2.2 kB     00:00
source                                             5.5 kB/s | 2.2 kB     00:00
update                                             5.2 kB/s | 1.9 kB     00:00
update-source                                      6.3 kB/s | 2.2 kB     00:00
Package httpd-2.4.55-3.oe2309.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
[root@localhost ~]# systemctl enable httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@localhost ~]# vim /etc/nginx/conf.d/test_httpd.conf
 
server {
        listen 192.168.168.129:80;
        root /www/name/openlab;
        server_name www.openlab.com;
        location / {
                index index.html;
        }
}
server {
        listen 192.168.168.129:80;
        root /www/name/openlab/student;
        server_name www.openlab.com/student;
        location / {
                index index.html;
        }
}
server {
        listen 192.168.168.129:80;
        root /www/name/openlab/data;
        server_name www.openlab.com/data;
        location / {
                index index.html;
        }
}
server {
        listen 192.168.168.129:80;
        root /www/name/openlab/money;
        server_name www.openlab.com/money;
        location / {
                index index.html;
        }
}

2.给该公司创建的三个子页面分别显示学生信息,教学资料和缴费网站,基于www.openlab.com/stdent网站访问学生信息,www.openlab.com/data网站访问教学资料,www.openlab.com/money网站访问缴费网站。

要求:学生信息网站只有tian和song两人可以访问,其他用户不能访问

[root@localhost ~]# mkdir -pv /www/name/openlab/{student,data,money}
mkdir: 已创建目录 '/www/name'
mkdir: 已创建目录 '/www/name/openlab'
mkdir: 已创建目录 '/www/name/openlab/student'
mkdir: 已创建目录 '/www/name/openlab/data'
mkdir: 已创建目录 '/www/name/openlab/money'
[root@localhost ~]# echo welcome to openlab  >   /www/name/openlab/index.html
[root@localhost ~]# echo 这是学生信息网  >   /www/name/openlab/student/index.html
[root@localhost ~]# echo 这是教学资料网  >   /www/name/openlab/data/index.html
[root@localhost ~]# echo 这是缴费网  >   /www/name/openlab/money/index.html
[root@localhost ~]# systemctl restart nginx
 
#增加用户:
[root@node1 ~]# htpasswd  -c /etc/nginx/users song
New password: 
Re-type new password: 
Adding password for user song
[root@node1 ~]# htpasswd  -c /etc/nginx/users tian
New password: 
Re-type new password: 
Adding password for user tian
 
[root@localhost ~]# vim /etc/nginx/conf.d/test_httpd.conf
server {
        listen 192.168.168.129:80;
        root /www/name/openlab/student;
        server_name www.openlab.com/student;
        location / {
                index index.html;
                auth_basic on;
                auth_basic_user_file /etc/nginx/users;
        }
}

访问缴费网站实现数据加密基于https访问

[root@localhost ~]# vim /etc/nginx/conf.d/test_https.conf
server {
        listen 192.168.168.129:443 ssl;
        root /www/name/openlab/money/;
        ssl_certificate /etc/pki/tls/certs/openlab.crt;
        ssl_certificate_key /etc/pki/tls/private/openlab.key;
        location / {
                index index.html;
        }
}
[root@localhost ~]# openssl req -utf8 -new -key openlab.key -x509 -days 365 -out openlab.crt
Could not read private key from openlab.key
[root@localhost ~]# openssl genrsa -out /etc/pki/tls/private/openlab.key
[root@localhost ~]# openssl req -utf8 -new -key /etc/pki/tls/private/openlab.key  -x509 -days 365 -out /etc/pki/tls/certs/openlab.crt
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:86
State or Province Name (full name) [Some-State]:xi'an
Locality Name (eg, city) []:shannxi
Organization Name (eg, company) [Internet Widgits Pty Ltd]:open
Organizational Unit Name (eg, section) []:ce
Common Name (e.g. server FQDN or YOUR name) []:local
Email Address []:admin
[root@localhost ~]# systemctl restart nginx

你可能感兴趣的:(apache,服务器,运维)