本文主要讲解源码编译http2.4.9,并能实现基于虚拟主机、用户认证等实现网页访问。
http2.4.9会依赖于更高版本的apr和apr-util,所有需要先对apr和apr-util进行编译
http2.4系列相对于http2.2系列新增的功能有
1) MPM支持在运行时装载
2)支持event
3)异步读写
4)在每模块及每目录上指定日志级别
5)每请求配置
6)增强版的表达式分析器
7)毫秒级的keepalive timeout
8)支持主机名的虚拟主机不在需要NameVirtualHost指令
9)支持使用自定义变量
新增的模块由mod_proxy_fcgi,mod_ratelimit,mod_request,mod_remoteip
对应IP的访问做了修改,不在使用order,allow deny这些机制,而是统一使用require进行
一、环境准备
安装好开发包组和pcre-devel工具,下载最新版的httpd、apr和apr-util,本文下载的都为最新的源码包
[root@wangfeng7399 ~]# yum install -y pcre-devel [root@wangfeng7399 ~]# wget http://apache.fayea.com/apache-mirror//httpd/httpd-2.4.9.tar.bz2 [root@wangfeng7399 ~]# wget http://mirrors.hust.edu.cn/apache//apr/apr-1.5.0.tar.gz [root@wangfeng7399 ~]# wget http://mirrors.hust.edu.cn/apache//apr/apr-util-1.5.3.tar.gz
二、安装apr
[root@wangfeng7399 ~]# tar xf apr-1.5.0.tar.gz [root@wangfeng7399 ~]# cd apr-1.5.0 [root@wangfeng7399 apr-1.5.0]# ./configure --prefix=/usr/local/apr [root@wangfeng7399 apr-1.5.0]# make && make install
三、安装apr-util
[root@wangfeng7399 ~]# tar xf apr-util-1.5.3.tar.gz [root@wangfeng7399 ~]# cd apr-util-1.5.3 [root@wangfeng7399 apr-util-1.5.3]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr [root@wangfeng7399 apr-util-1.5.3]# make && make install
四、编译httpd
[root@wangfeng7399 ~]# tar xf httpd-2.4.9.tar.bz2 [root@wangfeng7399 ~]# cd httpd-2.4.9 [root@wangfeng7399 httpd-2.4.9]# ./configure --prefix=/usr/local/httpd --sysconfdir=/etc/httpd --enable-so --enable--ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util --enable-modeles=most --enable-mpms-shared=all --with-mpm=event [root@wangfeng7399 httpd-2.4.9]# make && make install
enable-so enable--ssl --enable-cgi --enable-rewrite --with-zlib --with-pcre 启动so、ssl、cgi、rewrite、zlib、pcre等功能
--with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util 指定apr和apr-util的地址
--enable-modeles=most 编译常用的模块
--enable-mpms-shared=all --with-mpm=event 编译所有的mpms,并以event作为默认
1、导出头文件
root@wangfeng7399 ~]# ln -sv /usr/local/httpd/include/ /usr/include/httpd
2、导出帮助文件
在/etc/man.conf中添加
MANPATH /usr/local/httpd/man
3.导出二进制文档
[root@wangfeng7399 httpd]# vi /etc/profile.d/http.sh export PATH=/usr/local/httpd/bin:$PATH
测试
可以通过 apachectl start启动
准备系统启动脚本
[root@wangfeng7399 init.d]# cat httpd #!/bin/bash # # httpd Startup script for the Apache HTTP Server # # chkconfig: - 85 15 # description: The Apache HTTP Server is an efficient and extensible \ # server implementing the current HTTP standards. # processname: httpd # config: /etc/httpd/httpd.conf # config: /etc/sysconfig/httpd # pidfile: /var/run/httpd/httpd.pid # ### BEGIN INIT INFO # Provides: httpd # Required-Start: $local_fs $remote_fs $network $named # Required-Stop: $local_fs $remote_fs $network # Should-Start: distcache # Short-Description: start and stop Apache HTTP Server # Description: The Apache HTTP Server is an extensible server # implementing the current HTTP standards. ### END INIT INFO # Source function library. . /etc/rc.d/init.d/functions if [ -f /etc/sysconfig/httpd ]; then . /etc/sysconfig/httpd fi # Start httpd in the C locale by default. HTTPD_LANG=${HTTPD_LANG-"C"} # This will prevent initlog from swallowing up a pass-phrase prompt if # mod_ssl needs a pass-phrase from the user. INITLOG_ARGS="" # Set HTTPD=/usr/sbin/httpd.worker in /etc/sysconfig/httpd to use a server # with the thread-based "worker" MPM; BE WARNED that some modules may not # work correctly with a thread-based MPM; notably PHP will refuse to start. # Path to the apachectl script, server binary, and short-form for messages. apachectl=/usr/local/httpd/bin/apachectl httpd=/usr/local/httpd/bin/httpd prog=httpd pidfile=${PIDFILE-/var/run/httpd/httpd.pid} lockfile=${LOCKFILE-/var/lock/subsys/httpd} RETVAL=0 STOP_TIMEOUT=${STOP_TIMEOUT-10} # The semantics of these two functions differ from the way apachectl does # things -- attempting to start while running is a failure, and shutdown # when not running is also a failure. So we just do it the way init scripts # are expected to behave here. start() { echo -n $"Starting $prog: " LANG=$HTTPD_LANG daemon --pidfile=${pidfile} $httpd $OPTIONS RETVAL=$? echo [ $RETVAL = 0 ] && touch ${lockfile} return $RETVAL } # When stopping httpd, a delay (of default 10 second) is required # before SIGKILLing the httpd parent; this gives enough time for the # httpd parent to SIGKILL any errant children. stop() { echo -n $"Stopping $prog: " killproc httpd RETVAL=$? echo [ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile} } reload() { echo -n $"Reloading $prog: " if ! LANG=$HTTPD_LANG $httpd $OPTIONS -t >&/dev/null; then RETVAL=6 echo $"not reloading due to configuration syntax error" failure $"not reloading $httpd due to configuration syntax error" else # Force LSB behaviour from killproc LSB=1 killproc -p ${pidfile} $httpd -HUP RETVAL=$? if [ $RETVAL -eq 7 ]; then failure $"httpd shutdown" fi fi echo } # See how we were called. case "$1" in start) start ;; stop) stop ;; status) status -p ${pidfile} $httpd RETVAL=$? ;; restart) stop start ;; condrestart|try-restart) if status -p ${pidfile} $httpd >&/dev/null; then stop start fi ;; force-reload|reload) reload ;; graceful|help|configtest|fullstatus) $apachectl $@ RETVAL=$? ;; *) echo $"Usage: $prog {start|stop|restart|condrestart|try-restart|force-reload|reload|status|fullstatus|graceful|help|configtest}" RETVAL=2 esac exit $RETVAL
搭建基于主机名的虚拟主机
编辑配置文件
[root@wangfeng7399 extra]# vi httpd-vhosts.conf <VirtualHost *:80> ServerAdmin www.wangfeng7399.com DocumentRoot "/www/html/wangfeng7399" </VirtualHost> <VirtualHost *:80> ServerAdmin www.wangfeng17399.com DocumentRoot "/www/html/wangfeng17399"
修改主配置文件将主记录注释掉,将辅助http-vhosts启动起来
#DocumentRoot "/usr/local/httpd/htdocs" # Virtual hosts Include /etc/httpd/extra/httpd-vhosts.conf
分别在/www/html/wangfeng7399和/www/html/wangfeng17399中提供网页文件,并修改其权限
在window的hosts文件中添加对两个域名的解析
测试
基于用户验证
我们假设在www.wangfeng17399.com中有一个2.html中的数据为敏感数据,我们要对其做基于用户的验证才能登陆。
<VirtualHost *:80> DocumentRoot "/www/html/wangfeng17399" ServerName www.wangfeng17399.com <Directory "/www/html/wangfeng17399/2.html"> Options None AllowOverride AuthConfig //文件需要认证 AuthType Basic //认证类型为基本认证 AuthName "Private Area" //显示的标题 AuthBasicProvider file //认证的提供者 AuthUserFile /usr/local/apache/.userpasswd //认证的文件 Require valid-user //可以读取认证文件的用户,vaild-user 表示所有合法用户,也可以 user admin wangfeng7399来制定单个用户 </Directory> </VirtualHost>
生成认证文件
[root@wangfeng7399 extra]# htpasswd -c /usr/local/apache/.userpasswd wangfeng7399 New password: Re-type new password: Adding password for user wangfeng7399
验证
要求用户输入用户名和密码
输入用户名和密码后可以看到2.html的内容