rhel7 http实例2
rhel7 http實例2
前面的配置請參考 http://4708948.blog.51cto.com/4698948/1702486
客戶機
[root@desktop0 conf.d]# curl https://server0:443
curl: (60) Peer's certificate issuer has been marked as not trusted by the user.
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
第十五題 虛擬主機
搭建一臺虛擬主機使用域名www.server0.example.com(域名解析已由server.domain0.example.com上做好)該服務器的家目錄在/var/www/virtual。頁面文件從http://server.domain0.example.com/pub/html/www8.html下載到/var/www/html/virtual下,更名為index.html,網頁內容請勿修改,要求原物理主機可以繼續訪問
服務器
[root@server0 conf.d]# cd /var/www/
[root@server0 www]# mkdir virtual
[root@server0 www]# cd virtual/
[root@server0 virtual]# vim index.html
[root@server0 virtual]# cat index.html
151515151515151515151515151515
[root@server0 virtual]# vim /etc/httpd/conf.d/hrr.conf
<VirtualHost *:80>
DocumentRoot "/var/www/virtual/"
ServerName www.server0.example.com
ErrorLog "/var/log/httpd/www.server0.example.com-error_log"
CustomLog "/var/log/httpd/www.server0.example.com-access_log" common
</VirtualHost>
[root@server0 virtual]# systemctl restart httpd
客戶機
[root@desktop0 conf.d]# vim /etc/hosts
[root@desktop0 conf.d]# curl http://www.server0.example.com
151515151515151515151515151515
[root@desktop0 conf.d]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.25.0.11 www.server0.example.com
172.25.254.254 cla***oom.example.com
172.25.254.254 content.example.com
[root@desktop0 conf.d]#
第十七題 http訪問權限
在www.server0.example.com網站的根目錄創建restricted目錄。下載ftp://cla***oom.example.com/pub/html/restricted0.html到restricted目錄,改為index.html,請不要修改該文件的內容。要求僅desktop0主機才能訪問到該頁面。其他主機拒絕訪問。
服務器
[root@server0 conf.d]# vim hrr.conf
[root@server0 conf.d]# systemctl restart httpd
客戶機1
[root@desktop0 conf.d]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.0.10 netmask 255.255.255.0 broadcast 172.25.0.255
[root@desktop0 conf.d]# curl http://www.server0.example.com/restricted/
desktop0 only
[root@desktop0 conf.d]#
客戶機2
[root@foundation0 images]# ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.250 netmask 255.255.255.0 broadcast 172.25.254.255
[root@foundation0 images]# cat /etc/hosts
172.25.0.11 www.server0.example.com
[root@foundation0 images]# curl http://www.server0.example.com/
151515151515151515151515151515
[root@foundation0 images]# curl http://www.server0.example.com/restricted/
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
You don't have permission to access /restricted/
on this server.
</body></html>
[root@foundation0 images]#
題目12
配置WEB站點
Server上配置一個站點http://server0.example.com然后執行下述步驟:
從ftp://172.25.254.250/pub/RHCE/12.html下載文件,并且將文件重命名index.html不要修改此文件的內容
將文件index.html拷貝到您的web服務器的dosumentroot目錄下
來自于example.com域的客戶端可以訪問此WEB服務
來自于deny.com域 的客戶端拒絕訪問此WEB服務
服務器
Yum y install http*
cd /etc/httpd/conf.d/
cp /usr/share/doc/httpd-2.4.6/httpd-vhosts.conf hrr.conf
vim hrr.conf
Systemctl enable httpd
Systemctl start httpd
firewall-config
然后直接關掉
[root@server0 html]# firewall-cmd --reload
success
[root@server0 html]# firewall-cmd --list-all --zone=public
public (default, active)
interfaces: eth0 eth1 eth2 team0
sources:
services: dhcpv6-client http nfs ssh
ports: 139/tcp 138/tcp 445/tcp 80/tcp 5423/tcp 137/tcp
masquerade: no
forward-ports: port=5423:proto=tcp:toport=80:toaddr=
icmp-blocks:
rich rules:
rule family="ipv4" destination address="172.25.0.0/24" service name="http" accept
rule family="ipv4" destination address="172.25.1.0/24" service name="http" reject
cd /var/www/html/
vim index.html
12
客戶端
[root@desktop0 ~]# curl http://server0
12
[root@desktop0 ~]#
題目13配置安全WEB服務
為站點http://server0.example.com配置TLS加密一個已簽名證書從http://cla***oom.example.com/pub/tls/certs/www0.crt獲取,此證書的密鑰從http://cla***oom.example.com/pub/tls/private/www0.key獲取,此證書的簽名授權信息從http://cla***oom.example.com/pub/example-ca.crt獲取(在教室中才有這些證書)
題目14
配置虛擬主機
在server0上擴展您的web服務器,為站點
http://14.example.com創建了個虛擬主機,然后執行下述步驟:
A設置docume
轉載于:https://blog.51cto.com/4708948/1702487
總結
以上是生活随笔為你收集整理的rhel7 http实例2的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 二一、MDT 2013 Update 1
- 下一篇: web自动化测试之百度经验-HTTP层面