Home | 简体中文 | 繁体中文 | 杂文 | 打赏(Donations) | ITEYE 博客 | OSChina 博客 | Facebook | Linkedin | 知乎专栏 | Search | Email

第 1 章 Apache httpd

LAMP

目录

1.1. Install
1.1.1. Quick install apache with aptitude
1.1.1.1. command
1.1.1.2. rewrite module
1.1.1.3. PHP module
1.1.1.4. deflate module
1.1.1.5. ssl module
1.1.1.6. VirtualHost
1.1.1.7. ~userdir module - /public_html
1.1.1.8. PHP 5
1.1.2. CentOS 6
1.1.2.1. Install
1.1.2.2. Uninstall
1.1.2.3. Configure
1.1.2.4. Starting
1.1.2.5. FAQ
1.1.3. Compile and then install Apache
1.1.3.1. Apache 安装与配置
1.1.3.2. 优化编译条件
1.1.3.3. PHP
1.1.3.4. Automation Installing
1.1.4. XAMPP
1.1.4.1. XAMPP for Linux
1.1.4.2. php5
1.2. Module
1.2.1. Output a list of modules compiled into the server.
1.2.2. Core
1.2.2.1. Listen
1.2.2.2. Filesystem and Webspace
1.2.2.3. Etag
1.2.2.4. 隐藏 Apache 版本信息
1.2.3. mpm
1.2.3.1. event
1.2.3.2. worker
1.2.4. Apache Log
1.2.4.1. LogLevel
1.2.4.2. LogFormat
1.2.4.3. Compressed
1.2.4.4. rotatelogs - Piped logging program to rotate Apache logs
1.2.4.5. cronolog
1.2.4.6. 日志合并
1.2.4.7. 日志归档
1.2.4.8. logger
1.2.4.9. other
1.2.5. mod_access
1.2.6. VirtualHost
1.2.6.1. ServerName/ServerAlias
1.2.6.2. rotatelogs
1.2.7. Alias / AliasMatch
1.2.8. Redirect / RedirectMatch
1.2.9. Rewrite
1.2.9.1. R=301
1.2.9.2. Rewrite + JkMount
1.2.9.3. Apache redirect domain.com to www.domain.com
1.2.9.4. 正则匹配扩展名
1.2.10. Proxy
1.2.10.1. Reverse proxy
1.2.11. Deflate
1.2.11.1. 测试 gzip,deflate 模块
1.2.12. Expires
1.2.12.1. FilesMatch
1.2.12.2. Cache-Control
1.2.12.3. ETag
1.2.13. Cache
1.2.13.1. mod_disk_cache
1.2.13.2. mod_mem_cache
1.2.14. usertrack
1.2.15. Charset
1.2.16. Dir
1.2.17. Includes
1.2.18. Apache Status
1.2.19. Mod Perl
1.2.20. mod_pagespeed -
1.2.21. Module FAQ
1.2.22. mod_setenvif
1.2.23. PHP 程序安全问题 php_admin_value
1.2.24. mod_spdy
1.3. 设置Apache实现防盗连
1.4. .htaccess
1.5. Error Prompt
1.5.1. Invalid command 'Order', perhaps misspelled or defined by a module not included in the server configuration
1.5.2. Invalid command 'AuthUserFile', perhaps misspelled or defined by a module not included in the server configuration

1.1. Install

1.1.1. Quick install apache with aptitude

$ sudo apt-get install apache2 $ sudo apt-get install apache2-mpm-worker
netkiller@Linux-server:~$ sudo apt-get install apache2
		

1.1.1.1. command

enable module: a2enmod

enable site: a2ensite

1.1.1.2. rewrite module

$ sudo a2enmod rewrite
			

1.1.1.3. PHP module

$ sudo a2enmod php5
			

1.1.1.4. deflate module

root@neo:/etc/apache2# a2enmod deflate
Module deflate installed; run /etc/init.d/apache2 force-reload to enable.
root@neo:/etc/apache2# /etc/init.d/apache2 force-reload
 * Forcing reload of apache 2.0 web server...                                                [ ok ]
root@neo:/etc/apache2#
			

1.1.1.5. ssl module

a2enmod ssl

a2ensite ssl

/etc/apache2/httpd.conf 加入

ServerName 220.201.35.11
			

安全模块

netkiller@Linux-server:~$ sudo apt-get install libapache2-mod-security

netkiller@Linux-server:/etc/apache2$ sudo vi ports.conf
netkiller@Linux-server:/etc/apache2$ cat ports.conf
Listen 80
Listen 443

NameVirtualHost *
NameVirtualHost *:443


netkiller@Linux-server:/etc/apache2$ sudo apache2-ssl-certificate
or
netkiller@Linux-server:~$ apache2-ssl-certificate -days 365

netkiller@Linux-server:~$ a2enmod ssl
or
netkiller@Linux-server:/etc/apache2/mods-enabled$ sudo ln -s ../mods-available/ssl.conf
netkiller@Linux-server:/etc/apache2/mods-enabled$ sudo ln -s ../mods-available/ssl.load

netkiller@Linux-server:/etc/apache2/sites-enabled$ sudo mkdir ssl/
netkiller@Linux-server:/etc/apache2/sites-enabled$ sudo cp netkiller woodart ssl/


netkiller@Linux-server:/etc/apache2/mods-enabled$ sudo /etc/init.d/apache2 reload
 * Reloading apache 2.0 configuration...                                        [ ok ]
netkiller@Linux-server:/etc/apache2/mods-enabled$

			

1.1.1.6. VirtualHost

VirtualHost 虚拟主机


netkiller@Linux-server:/etc/apache2/sites-available$ sudo vi woodart

#NameVirtualHost neo.6600.org
<VirtualHost 220.201.35.11>
        ServerAdmin openx@163.com

        DocumentRoot /home/netkiller/www
        ServerName neo.6600.org
        ServerAlias www.neo.6600.org
        <Directory /home/netkiller/www>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride All
                Order allow,deny
                allow from all
                # Uncomment this directive is you want to see apache2's
                # default start page (in /apache2-default) when you go to /
                #RedirectMatch ^/$ /apache2-default/
        </Directory>

#       ScriptAlias /cgi-bin/ /home/netkiller/www/
#       <Directory "/home/netkiller/www">
#               AllowOverride None
#               Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
#               Order allow,deny
#               Allow from all
#       </Directory>

        ErrorLog /var/log/apache2/neo.error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
#       LogLevel warn

        CustomLog /var/log/apache2/neo.access.log combined
#       ServerSignature On

</VirtualHost>

netkiller@Linux-server:/etc/apache2/sites-available$ sudo apache2 -k restart

			

1.1.1.7. ~userdir module - /public_html

~web环境

netkiller@Linux-server:~$ mkdir public_html
netkiller@Linux-server:~$ cd public_html/
netkiller@Linux-server:~/public_html$
netkiller@Linux-server:~/public_html$ echo helloworld>index.html
netkiller@Linux-server:~/public_html$ ls
index.html
			

http://xxx.xxx.xxx.xxx/~netkiller/

1.1.1.8. PHP 5

$ sudo apt-get install php5
netkiller@Linux-server:~$ sudo apt-get install php5
			

pgsql模块

netkiller@Linux-server:~$ sudo apt-get install php5-pgsql

netkiller@Linux-server:~$sudo cp /usr/lib/php5/20051025/pgsql.so /etc/php5/apache2/
			

php5-gd - GD module for php5

$ sudo apt-get install php5-gd
netkiller@Linux-server:~$ apt-cache search gd
libgdbm3 - GNU dbm database routines (runtime version)
libgd2-xpm - GD Graphics Library version 2
php5-gd - GD module for php5
pnm2ppa - PPM to PPA converter
postgresql-doc-8.1 - documentation for the PostgreSQL database management system
libruby1.8 - Libraries necessary to run Ruby 1.8
ruby1.8 - Interpreter of object-oriented scripting language Ruby 1.8
klogd - Kernel Logging Daemon
sysklogd - System Logging Daemon
upstart-logd - boot logging daemon
netkiller@Linux-server:~$ sudo apt-get install php5-gd

netkiller@Linux-server:~$

			

1.1.2. CentOS 6

1.1.2.1. Install

Apache

			
[root@development ~]# yum -y install httpd
			
			

PHP

				
[root@development ~]# yum -y install php
[root@development ~]# yum -y install php-mysql php-gd php-mbstring php-bcmath
[neo@development ~]$ sudo yum -y install php-pecl-memcache
				
			

mysql

				
[root@development ~]# yum -y install mysql-server
				
			

1.1.2.2. Uninstall

# yum remove httpd
			

1.1.2.3. Configure

1.1.2.3.1. Apache
				
	
				
				
1.1.2.3.1.1. VirtualHost
					
[root@development ~]# vim /etc/httpd/conf.d/vhost.conf
#
# Use name-based virtual hosting.
#
NameVirtualHost *:80
#
# NOTE: NameVirtualHost cannot be used without a port specifier
# (e.g. :80) if mod_ssl is being used, due to the nature of the
# SSL protocol.
#

#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
<VirtualHost *:80>
    ServerAdmin webmaster@dummy-host.example.com
    DocumentRoot /www/docs/dummy-host.example.com
    ServerName dummy-host.example.com
    ErrorLog logs/dummy-host.example.com-error_log
    CustomLog logs/dummy-host.example.com-access_log common
</VirtualHost>
					
					
1.1.2.3.2. MySQL

reset mysql's password

				
[root@development ~]# /usr/bin/mysqladmin -u root password 'new-password'
[root@development ~]# /usr/bin/mysqladmin -u root -h development.domain.org password 'new-password'
				
				

Alternatively you can run:

				
[root@development ~]# /usr/bin/mysql_secure_installation
				
				

1.1.2.4. Starting

levels

			
[root@development ~]# chkconfig --list mysqld
mysqld          0:off   1:off   2:off   3:off   4:off   5:off   6:off

[root@development ~]# chkconfig --list httpd
httpd           0:off   1:off   2:off   3:off   4:off   5:off   6:off


[root@development ~]# chkconfig httpd on
[root@development ~]# chkconfig --list httpd
httpd           0:off   1:off   2:on    3:on    4:on    5:on    6:off

[root@development ~]# chkconfig mysqld on
[root@development ~]# chkconfig --list mysqld
mysqld          0:off   1:off   2:on    3:on    4:on    5:on    6:off
			
			

Apache

			
[root@development ~]# service httpd start
			
			

MySQL

			
[root@development ~]# service mysqld start
			
			
			
[root@development ~]# netstat -nat | grep 80
tcp        0      0 :::80                       :::*                        LISTEN

[root@development ~]# netstat -nat | grep 3306
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN
			
			

1.1.2.5. FAQ

1.1.2.5.1. compile php
[root@development php-5.3.0]# yum install libxml2-devel
[root@development php-5.3.0]# yum install curl-devel
[root@development php-5.3.0]# yum install gd-devel
[root@development php-5.3.0]# yum install libjpeg-devel
[root@development php-5.3.0]# yum install libpng-devel
[root@development php-5.3.0]# yum install openldap-devel
[root@development php-5.3.0]# yum install mysql-devel
[root@development php-5.3.0]# yum install net-snmp-devel
				

1.1.3. Compile and then install Apache

1.1.3.1. Apache 安装与配置

configure

--with-mpm=worker 进程,线程混合方式效率提高不少

--enable-modules='dir mime' 没有它就找不到index.*文件

--enable-rewrite=shared Rewrite用于表态化

--enable-expires=shared 禁止页面被 cache

--enable-authz_host=shared Order权限

--enable-setenvif=shared

--enable-log_config=shared 日志格式

--enable-speling=shared 允许自动修正拼错的URL

--enable-deflate=shared 压缩传送

--enable-mods-shared='cache file-cache disk-cache mem-cache proxy proxy-ajp proxy-balancer' 代理和缓存

用于Java

tar zxvf httpd-2.2.4.tar.gz
cd httpd-2.2.4
./configure --prefix=/usr/local/httpd-2.2.4 \
--with-mpm=worker \
--enable-modules='dir mime' \
--enable-rewrite=shared \
--enable-authz_host=shared \
--enable-alias=shared \
--enable-setenvif=shared \
--enable-log_config=shared \
--enable-speling=shared \
--enable-filter=shared \
--enable-deflate=shared \
--enable-headers=shared \
--enable-expires=shared \
--enable-mods-shared='cache file-cache disk-cache mem-cache proxy proxy-ajp proxy-balancer' \
--disable-include \
--disable-actions \
--disable-alias \
--disable-asis \
--disable-autoindex \
--disable-auth_basic \
--disable-authn_file \
--disable-authn_default \
--disable-authz_groupfile \
--disable-authz_user \
--disable-authz_default \
--disable-cgi \
--disable-cgid \
--disable-env \
--disable-negotiation \
--disable-status \
--disable-userdir
			

用于PHP

[root@development httpd-2.2.14]# yum install zlib-devel.x86_64

./configure --prefix=/usr/local/httpd-2.2.14 \
--with-mpm=worker \
--enable-so \
--enable-mods-shared=all \
--enable-static-support \
--enable-static-htpasswd \
--enable-static-htdigest \
--enable-static-ab \
--disable-include \
--disable-actions \
--disable-alias \
--disable-asis \
--disable-autoindex \
--disable-auth_basic \
--disable-authn_file \
--disable-authn_default \
--disable-authz_groupfile \
--disable-authz_user \
--disable-authz_default \
--disable-cgi \
--disable-cgid \
--disable-env \
--disable-negotiation \
--disable-status \
--disable-userdir
			

make; make install

启动

ln -s /usr/local/httpd-2.2.4/ /usr/local/apache

/usr/local/httpd/bin/apachectl start
			

1.1.3.2. 优化编译条件

# vim server/mpm/worker/worker.c

# define DEFAULT_SERVER_LIMIT 256
# define MAX_SERVER_LIMIT 20000
# define DEFAULT_THREAD_LIMIT 512
# define MAX_THREAD_LIMIT 20000
			

1.1.3.3. PHP

过程 1.1. 安装PHP

  1. 第一步

    cd /usr/local/src
    wget http://cn2.php.net/get/php-5.3.0.tar.bz2/from/cn.php.net/mirror
    tar jxvf php-5.3.0.tar.bz2
    cd php-5.3.0
    				
  2. 第二步

    ./configure --prefix=/usr/local/php-5.3.0 \
    --with-config-file-path=/usr/local/php-5.3.0/etc \
    --with-apxs2=/usr/local/apache/bin/apxs \
    --with-curl \
    --with-gd \
    --with-ldap \
    --with-snmp \
    --enable-zip \
    --enable-exif \
    --with-libxml-dir \
    --with-mysql \
    --with-mysqli \
    --with-pdo-mysql \
    --with-pdo-pgsql
    
    make
    make test
    make install
    				
    1. 建立符号连接

      ln -s /usr/local/php-5.3.0 /usr/local/php
      		      
    2. php.ini

      cp php.ini-dist /usr/local/php/etc/php.ini
      			    	
    3. conf/httpd.conf

      AddType application/x-httpd-php .php .phtml
      AddType application/x-httpd-php-source .phps
      			    	

      reload apache

  3. 最后一步

    phpinfo() 测试文件复杂到apache目录

    例 1.1. index.php

    					
    <?php phpinfo(); ?>
    					
    					

[注意]--with-snmp

redhat as4 启用 --with-snmp 需要安装下面包

rpm -i elfutils-libelf-devel-0.97.1-3.i386.rpm
rpm -i elfutils-devel-0.97.1-3.i386.rpm
rpm -i beecrypt-devel-3.1.0-6.i386.rpm
rpm -i net-snmp-devel-5.1.2-11.EL4.7.i386.rpm
			

1.1.3.4. Automation Installing

例 1.2. autolamp.sh

				
#!/bin/bash
HTTPD_SRC=httpd-2.2.15.tar.gz
PHP_SRC=php-5.2.13.tar.gz
MYSQL_SRC='mysql-5.1.45.tar.gz'
MYSQL_LIBS_SRC='mysql-5.1.45-linux-x86_64-glibc23.tar.gz'

SRC_DIR=$(pwd)
HTTPD_DIR=${HTTPD_SRC%%.tar.gz}
PHP_DIR=${PHP_SRC%%.tar.*}
MYSQL_DIR=${MYSQL_SRC%%.tar.*}
MYSQL_LIBS_DIR=${MYSQL_LIBS_SRC%%.tar.*}

function clean(){
        rm -rf $HTTPD_DIR
        rm -rf $PHP_DIR
        rm -rf $MYSQL_DIR
        rm -rf $MYSQL_LIBS_DIR
}
function mysql(){
rm -rf $MYSQL_DIR
tar zxf $MYSQL_SRC
cd $MYSQL_DIR
./configure \
--prefix=/usr/local/$MYSQL_DIR \
--with-mysqld-user=mysql \
--with-unix-socket-path=/tmp/mysql.sock \
--with-charset=utf8 \
--with-collation=utf8_general_ci \
--with-pthread \
--with-mysqld-ldflags \
--with-client-ldflags \
--with-openssl \
--without-docs \
--without-debug \
--without-ndb-debug \
--without-bench
#-–without-isam
#--without-innodb \
#--without-ndbcluster \
#--without-blackhole \
#--without-ibmdb2i \
#--without-federated \
#--without-example \
#--without-comment \
#--with-extra-charsets=gbk,gb2312,utf8 \

#--localstatedir=/usr/local/mysql/data
#--with-extra-charsets=all
make clean
make && make install
cd ..
/usr/local/$MYSQL_DIR/bin/mysql_install_db
}
function httpd(){
rm -rf $HTTPD_DIR
tar zxf $HTTPD_SRC
cd $HTTPD_DIR
./configure --prefix=/usr/local/$HTTPD_DIR \
--with-mpm=worker \
--enable-so \
--enable-mods-shared=all \
--disable-authn_file \
--disable-authn_default \
--disable-authz_groupfile \
--disable-authz_user \
--disable-authz_default \
--disable-auth_basic \
--disable-include \
--disable-env \
--disable-status \
--disable-autoindex \
--disable-asis \
--disable-cgi \
--disable-cgid \
--disable-negotiation \
--disable-actions \
--disable-userdir \
--disable-alias

make clean
make && make install
cd ..
}
function php(){
rm -rf $MYSQL_LIBS_DIR
tar zxf $MYSQL_LIBS_SRC
rm -rf $PHP_DIR
tar zxf $PHP_SRC
cd $PHP_DIR

./configure --prefix=/usr/local/$PHP_DIR \
--with-config-file-path=/usr/local/$PHP_DIR/etc \
--with-apxs2=/usr/local/$HTTPD_DIR/bin/apxs \
--with-curl \
--with-gd \
--with-jpeg-dir=/usr/lib64 \
--with-iconv \
--with-zlib-dir \
--with-pear \
--with-libxml \
--with-dom \
--with-xmlrpc \
--with-openssl \
--with-mysql=/usr/local/mysql-5.1.45-linux-x86_64-glibc23 \
--with-mysqli \
--with-pdo-mysql \
--enable-memcache \
--enable-zip \
--enable-sockets \
--enable-soap \
--enable-mbstring \
--enable-magic-quotes \
--enable-inline-optimization \
--enable-xml

#make && make test && make install
make &&  make install
cp /usr/local/src/$PHP_DIR/php.ini-dist /usr/local/$PHP_DIR/php.ini
}
function depend(){
        yum install gcc gcc-c++ -y
        yum install -y libxml2-devel libxslt-devel
        yum install curl-devel -y
        yum install gd-devel libjpeg-devel libpng-devel -y
        yum install ncurses-devel -y
        yum install mysql-devel -y
        yum install libevent-devel -y
}
function java(){
        #yum install java-1.6.0-openjdk -y
        chmod +x jdk-6u20-linux-x64.bin
        ./jdk-6u20-linux-x64.bin
        mv jdk1.6.0_20 ..
        ln -s /usr/local/jdk1.6.0_20 /usr/local/java
}
function memcached(){
        MEMCACHED_PKG=memcached-1.4.5.tar.gz
        MEMCACHED_SRC=memcached-1.4.5
        rm -rf $MEMCACHED_SRC
        tar zxf $MEMCACHED_PKG
        cd $MEMCACHED_SRC
        ./configure --prefix=/usr/local/memcached-1.4.5
        make && make install
}
# See how we were called.
case "$1" in
  clean)
        clean
        ;;
  httpd)
        httpd
        ;;
  php)
        php
        ;;
  mysql)
        if [ -f $0 ] ; then
                mysql
        fi
        ;;
  depend)
        depend
        ;;
  java)
        java
        ;;
  memcached)
        memcached
        ;;
  all)
        clean

        echo ##################################################
        echo # $MYSQL_DIR Installing...
        echo ##################################################
        mysql

        echo ##################################################
        echo # $HTTPD_DIR Installing...
        echo ##################################################
        httpd

        echo ##################################################
        echo # $PHP_DIR Installing...
        echo ##################################################
        php

        ln -s /usr/local/$HTTPD_DIR /usr/local/apache
        ln -s /usr/local/$MYSQL_DIR /usr/local/mysql
        ln -s /usr/local/$PHP_DIR /usr/local/php

        clean
        ;;
  *)
        echo $"Usage: $0 {httpd|php|mysql|all|clean}"
        RETVAL=2
        ;;
esac

exit $RETVAL
				
				

1.1.4. XAMPP

1.1.4.1. XAMPP for Linux

http://www.apachefriends.org/en/xampp-linux.html

install

tar xvfz xampp-linux-1.7.3a.tar.gz -C /opt
			

start

/opt/lampp/lampp start
			

stop

/opt/lampp/lampp stop
			

remove

rm -rf /opt/lampp
			

1.1.4.2. php5

./lampp php5
XAMPP: PHP 5.3.8 already active.

./lampp startapache
XAMPP: Starting Apache with SSL (and PHP5)...

./lampp startmysql
XAMPP: Starting MySQL...