HTTP Service 中篇 -云博客

HTTP Service 中篇

# 前端 2024-05-05 06:30 0 21 来源：云博客

5、httpd 常见配置

5.1 显示服务器版本信息

[root@node-128 bin]# curl -I http://192.168.139.128HTTP/1.1 200 OKDate: Sun, 08 Dec 2019 10:04:44 GMTServer: Apache/2.4.41 (Unix)Last-Modified: Mon, 11 Jun 2007 18:53:14 GMTETag: "2d-432a5e4a73a80"Accept-Ranges: bytesContent-Length: 45Content-Type: text/html

详细配置项：http://httpd.apache.org/docs/2.4/mod/core.html#servertokens

创建子目录单独让其生效

[root@node-128 conf]# pwd/app/httpd24/conf[root@node-128 conf]# vim httpd.conf添加一行：使其生效Include conf/conf.d/*.conf[root@node-128 conf]# mkdir conf.d[root@node-128 conf]# lsconf.d extra httpd.conf httpd.conf.bak magic mime.types original[root@node-128 conf.d]# vim test.conf添加servertokens prod

[root@node-128 conf.d]# systemctl reload httpd[root@node-128 conf.d]# curl -I http://192.168.139.128HTTP/1.1 200 OKDate: Sun, 08 Dec 2019 10:31:51 GMTServer: ApacheLast-Modified: Mon, 11 Jun 2007 18:53:14 GMTETag: "2d-432a5e4a73a80"Accept-Ranges: bytesContent-Length: 45Content-Type: text/html

5.2 监听的IP和Port

做法思路和前一个基本相似，这里不作详细说明了

Listen [IP:]PORT

说明：

(1) 省略IP表示为本机所有IP
(2) Listen指令至少一个，可重复出现多次

范例：

Listen 192.168.1.100:8080Lsten 80

5.3 持久连接

Persistent Connection：连接建立，每个资源获取完成后不会断开连接，而是继续等待其它的请求完
成，默认关闭持久连接
断开条件：时间限制：以秒为单位，默认5s，httpd-2.4 支持毫秒级
副作用：对并发访问量大的服务器，持久连接会使有些请求得不到响应
折衷：使用较短的持久连接时间
持久连接相关指令：

KeepAlive On|OffKeepAliveTimeout 15 #连接持续15s,可以以ms为单位,默认值为5sMaxKeepAliveRequests 500 #持久连接最大接收的请求数,默认值100

测试方法：

telnet WEB_SERVER_IP PORTGET /URL HTTP/1.1Host: WEB_SERVER_IP

5.4 DSO (Dynamic Shared Object)

Dynamic Shared Object，加载动态模块配置，不需重启即生效
动态模块所在路径： /usr/lib64/httpd/modules/
主配置 /etc/httpd/conf/httpd.conf 文件中指定加载模块配置文件

ServerRoot "/etc/httpd"Include conf.modules.d/*.conf

配置指定实现模块加载格式：

LoadModule <mod_name> <mod_path>[root@node-128 httpd24]# cd conf/[root@node-128 conf]# lsconf.d extra httpd.conf httpd.conf.bak magic mime.types original[root@node-128 conf]# vim httpd.confExample:# LoadModule foo_module modules/mod_foo.so##LoadModule mpm_event_module modules/mod_mpm_event.soLoadModule mpm_prefork_module modules/mod_mpm_prefork.so

查看已加载的模块

httpd -MAH00558: httpd: Could not reliably determine the server‘s fully qualified domain name, using fe80::d386:496:dd09:2c09%ens33. 
Set the ‘ServerName‘ directive globally to suppress this messageLoaded Modules: core_module (static) so_module (static) http_module (static) mpm_prefork_module (shared) authn_file_module (shared) authn_core_module (shared) authz_host_module (shared) authz_groupfile_module (shared) authz_user_module (shared) authz_core_module (shared) access_compat_module (shared) auth_basic_module (shared) reqtimeout_module (shared)-----------------------------------------省略---------------------------------------------

模块文件路径可使用相对路径：相对于ServerRoot（默认/etc/httpd）

5.5 MPM (Multi-Processing Module) 多路处理模块

httpd 支持三种MPM工作模式：prefork, worker, event

centos7编译默认使用的工作模式[root@node-128 extra]# httpd -M |grep mpmAH00558: httpd: Could not reliably determine the server‘s fully qualified domain name, using fe80::d386:496:dd09:2c09%ens33. 
Set the ‘ServerName‘ directive globally to suppress this messagempm_prefork_module (shared)

切换MPM模式

[root@node-128 conf]# lsconf.d extra httpd.conf httpd.conf.bak magic mime.types original修改配置文件：[root@node-128 conf]# vim httpd.conf#LoadModule mpm_event_module modules/mod_mpm_event.so#LoadModule mpm_prefork_module modules/mod_mpm_prefork.soLoadModule mpm_worker_module modules/mod_mpm_worker.soLoadModule authn_file_module modules/mod_authn_file.so#LoadModule authn_dbm_module modules/mod_authn_dbm.so[root@node-128 conf]# httpd -M |grep mpmAH00558: httpd: Could not reliably determine the server‘s fully qualified domain name, using fe80::d386:496:dd09:2c09%ens33. Set the ‘ServerName‘ directive globally to suppress this message mpm_worker_module (shared)

5.6 prefork 模式相关的配置：（event、worker模式类似）

[root@node-128 conf]# lsconf.d extra httpd.conf httpd.conf.bak magic mime.types original[root@node-128 conf]# cd extra/[root@node-128 extra]# lshttpd-autoindex.conf httpd-languages.conf httpd-ssl.confhttpd-dav.conf httpd-manual.conf httpd-userdir.confhttpd-default.conf httpd-mpm.conf httpd-vhosts.confhttpd-info.conf httpd-multilang-errordoc.conf proxy-html.conf[root@node-128 extra]# vim httpd-mpm.conf# prefork MPM# StartServers: number of server processes to start# MinSpareServers: minimum number of server processes which are kept spare# MaxSpareServers: maximum number of server processes which are kept spare# MaxRequestWorkers: maximum number of server processes allowed to start# MaxConnectionsPerChild: maximum number of connections a server process serves# before terminating<IfModule mpm_prefork_module> StartServers 5 MinSpareServers 5 MaxSpareServers 10 MaxRequestWorkers 250 #最大的并发连接数 MaxConnectionsPerChild 0 #子进程最多能处理的请求数量。在处理</IfModule># worker MPM# StartServers: initial number of server processes to start# MinSpareThreads: minimum number of worker threads which are kept spare# MaxSpareThreads: maximum number of worker threads which are kept spare# ThreadsPerChild: constant number of worker threads in each server process# MaxRequestWorkers: maximum number of worker threads# MaxConnectionsPerChild: maximum number of connections a server process serves# before terminating<IfModule mpm_worker_module> StartServers 3 MinSpareThreads 75 MaxSpareThreads 250 ThreadsPerChild 25 MaxRequestWorkers 400 MaxConnectionsPerChild 0

设置访问路径权限的几个要素：

1、DocumentRoot：网站访问指定文档的真实路径

2、<Directory directory-path> ... </Directory>：封装网页默认读取的目录，类似的还有基于文件、文件通配符、正则表达式、URL路径

3、DirectoryIndex ：后面那个文件在前优先读取，如果前面不存在则读取后面文件

4、各种控制指令：Options、AllowOverride指令等等

5.7 定义Main server的文档页面路径

[root@node-128 www]# echo ‘/data/www/index.html‘ > /data/www/index.html[root@node-128 www]# vim /app/httpd24/conf/httpd.conf改变这两行：DocumentRoot "/data/www"<Directory "/data/www">

说明：
DocumentRoot指向的路径为URL路径的起始位置
/path 必须显式授权后才可以访问

5.8 定义站点主页面

DirectoryIndex index.php index.html

5.9 可实现访问控制的资源

可以针对文件系统和URI的资源进行访问控制
文件系统路径：

#基于目录<Directory “/path">...</Directory>#基于文件<File “/path/file”>...</File>#基于正则表达式<FileMatch “regex”>...</FileMatch>

URL路径：

<Location "URL">...</Location><LocationMatch "regex">...</LocationMatch>

5.10 针对目录实现访问控制

后跟1个或多个以空白字符分隔的选项列表，在选项前的+，- 表示增加或删除指定选项
常见选项：
Indexes：指明的URL路径下不存在与定义的主页面资源相符的资源文件时，返回索引列表给用户
FollowSymLinks：允许访问符号链接文件所指向的源文件
None：全部禁用
All：全部允许

范例：

<Directory /web/docs>Options Indexes FollowSymLinks</Directory><Directory /web/docs/spec>Options FollowSymLinks</Directory>

36.VUE — 认识 Webpack 和安装

nginx + http + svn

kubernets kube-proxy的代理 iptables和ipvs

基于Docker搭建 Php-fpm + Nginx 环境

.net 5+ 知新：【1】 .Net 5 基本概念和开发环境搭建

Three.js中显示坐标轴、平面、球体、四方体

云博小周宇投稿者

96804 篇文章

0 条评论

最近文章

HTTP Service 中篇

相关文章