2014年8月31日日曜日

Linux: part2 : Apache




----------------------------------------------------
Chapter 14 Apache
----------------------------------------------------
--------------------------
sec.14-1 basic
--------------------------
/etc/httpd/conf/httpd.conf
/etc/httpd/conf.d        <---
/etc/httpd/modules        <--- modules' directory
/etc/rc.d/init.d/httpd        <--- Apache's init script
/etc/logrotate.d/httpd        <--- logrote configration
/usr/sbin/httpd        <--- httpd daemon (main Apache)
/var/log/httpd        <--- access_log and error_log
/var/www/cgi-bin
/var/www/html
/var/www/icons

*iptables /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
#service iptables restart

*basic setting
/etc/httpd/conf/httpd.conf
"ServerName"
ServerName www.example.com:80

*Disable character set because file created by Win is CP932 while Linux is based on UTF-8.
*comment out/etc/httpd/conf/httpd.conf
#AddDefaultCharset UTF-8

#service httpd start
#chkconfig httpd on

*HP file (/var/www/html)
#useradd -d /var/www/html -u 400 -M webadm
#passwd webadm
chown webadm:webadm /var/www/html

-u 400: uid is 400, less than 500 is system admin for uid.
#ls -l /var/www/html/index.html
#chmode -R o+r /var/www/html/

--------------------------
sec.14-1 convenient setting
--------------------------
CentOS6's Apache reads new ".conf" file under /etc/httpd/conf.d/
#service httpd configtest
#service httpd reload

/etc/httpd/conf.d/private.conf
<Directory "var/www/html/private/"
Order Deny, Allow
Deny from all
Allow from 192.168.2.0/255.255.255.0
</Directory>

Order Allow, Deny
Allow from 192.168.1.0/255.255.255.0
Deny from all

#touch /etc/httpd/conf/htpasswd
#chown apache /etc/httpd/conf/htpasswd
#chmod 600 /etc/httpd/conf/htpasswd
ls -l /etc/httpd/conf/htpasswd
#htpasswd /etc/httpd/conf/htpasswd admin
#htpasswd -D /etc/httpd/conf/htpasswd admin

<Directory "/var/www/html/private/">
Order Deny, Allow
Allow from all

AuthType Basic
AuthUserFile "/etc/httpd/conf/htpasswd"
AuthName "admin user only"
Require valid-user
</Directory>

http://www.example.com/private/

/usr/local/html/
http://www.example.com/local/
mkdir /usr/local/html
chown webadm:webadm /usr/local/html
chmode -R o+r /usr/local/html
/etc/httpd/conf.d/private.conf
#Alias for /usr/local/data
Alias /local/ "/usr/local/html/"

<Location "/local">
Order Deny, Allow
Allow from all
</Location>


/var/www/html/private/index.html
#Redirect to designet
Redirect /redirect_test.html http://www.designet.jp/top.html

*ErrorDocument 401 /notauth.html
ErrorDocument 403 /forbidden.html
ErrorDocument 404 /notfound.html

*Wecome page's disablement
mv /etc/httpd/conf.d/welcome.conf /etc/httpd/conf.d/welcome.conf.org

--------------------------
sec.14-3 Analyze--Webalizer
--------------------------
#yum install webalizer
/etc/httpd/conf.d/webalizer.conf
/etc/webalizer.conf
/etc/cron.daily/00webalizer
/usr/bin/webalizer
/ver/www/usage

/etc/httpd/conf/webalizer.conf
<Location /usage>
 Order deny,allow
 Deny from all
 Allow from 192.168.2.100
</Location>

#service httpd reload
#webalizer -Q
#ls -l /var/www/usage/

投稿者 時刻:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)