Experiment requirements: install Apache and DNS services
Add two network cards to the virtual machine
[root@localhost ~]# yum install bind httpd -y
Add network card
Building a virtual host based on domain name access
1. Provide domain name resolution for virtual host
[root@localhost ~]# vim /etc/named.conf //Configure DNS master profile
[root@localhost ~]# vim /etc/named.rfc1912.zones //Configure DNS zone profile
[root@localhost ~]# cd /var/named/
[root@ named]# cp -p named.localhost kgc.com.zone
[root@localhost named]# vim kgc.com.zone //Configure DNS zone data profile
[root@localhost named]# cp -p kgc.com.zone accp.com.zone
//The DNS zone data configuration file here does not need to be modified.
[root@localhost named]# systemctl start named //Start DNS Service
[root@localhost named]# systemctl stop firewalld.service //Turn off firewall
[root@localhost named]# setenforce 0
2. Prepare web documents for the virtual host
[root@localhost httpd]# cd /var/www/html
[root@localhost html]# ls
[root@localhost html]# mkdir accp kgc
[root@localhost html]# ls
accp kgc
[root@localhost html]# cd accp/
[root@localhost accp]# vim index.html
<h1>this is accp web</h1> //Enter web content
[root@localhost accp]# cd ../kgc/
[root@localhost kgc]# vim index.htm
<h1>this is kgc web</h1> //Enter web content
[root@localhost ~]# cd /etc/httpd/
[root@localhost httpd]# cd conf
[root@localhost conf]# vim httpd.conf
Find listening port comment ipv6 Port, on ipv4 Port, and change the listening address to the local address.
Include conf/extra/vhost.conf //Press capital G to the last line, and o to insert the following line
3. Add virtual host configuration
[root@localhost named]# cd /etc/httpd/
[root@localhost httpd]# cd conf
[root@localhost conf]# mkdir extra
[root@localhost conf]# ls
extra httpd.conf magic
[root@localhost conf]# cd extra/
[root@localhost extra]# vim vhost.conf
<VirtualHost *:80>
DocumentRoot "/var/www/html/kgc/" //Site directory
ServerName www.kgc.com //domain name
ErrorLog "logs/www.kgc.com.error_log" //Error log
CustomLog "logs/www.kgc.com.access_log" common //Access log
<Directory "/var/www/html">
Require all granted //Access permission is to allow all
</Directory>
</VirtualHost><VirtualHost *:80>
DocumentRoot "/var/www/html/accp/"
ServerName www.accp.com
ErrorLog "logs/www.accp.com.error_log"
CustomLog "logs/www.accp.com.access_log" common
<Directory "/var/www/html">
Require all granted
</Directory>
</VirtualHost>
[root@localhost conf]# systemctl start httpd / / start the service
4. Access the virtual Web host on the client
Enter the website of win10 testing machine: www.kgc.com www.accp.com
Building a virtual host based on port access
1. Add virtual host configuration
[root@localhost extra]# vim vhost.conf
<VirtualHost *:8080> //Add the following to the virtual host profile
DocumentRoot "/var/www/html/kgc02/"
ServerName www.kgc.com
ErrorLog "logs/www.kgc02.com.error_log"
CustomLog "logs/www.kgc02.com.access_log" common
<Directory "/var/www/html/">
Require all granted
</Directory>
</VirtualHost>
2. Prepare web documents for the virtual host
[root@localhost extra]# cd /var/www/html/
[root@localhost html]# ls
accp kgc
[root@localhost html]# mkdir kgc02
[root@localhost html]# ls
accp kgc kgc02
[root@localhost html]# cd kgc02/
[root@localhost kgc02]# vim index.html
<h1>this is kgc02 web</h1> //Enter web content
3. Enter the Apache configuration file add port
vim /etc/httpd/conf/httpd.conf
Enter / Listen to find the listening port location in the configuration file
Input:
Listen 192.168.131.129:80
Listen 192.168.131.129:8080
[root @ localhost extra] ා systemctl restart httpd / / restart the service
4. Access the virtual Web host on the client
Input www.kgc.com:8080 into testing machine win10 for testing
Enter www.kgc.com into win10, and the default port number is 80.
Building a virtual host based on IP
1. Add virtual host configuration
[root@localhost kgc02]# cd /etc/httpd/conf/extra/
[root@localhost extra]# ls
vhost.conf
[root@localhost extra]# vim vhost.conf / / enter the virtual host configuration and add the following
VirtualHost 192.168.56.131:80> //Based on ip access, it needs to change to local address
DocumentRoot "/var/www/html/accp/"
ErrorLog "logs/www.accp.com.error_log"
CustomLog "logs/www.accp.com.access_log" common
<Directory "/var/www/html/">
Require all granted
</Directory>
</VirtualHost>
<VirtualHost 192.168.56.134:80> //Change this bank to the IP address of the second network card
DocumentRoot "/var/www/html/accp02/"
ErrorLog "logs/www.accp02.com.error_log"
CustomLog "logs/www.accp02.com.access_log" common
<Directory "/var/www/html/">
Require all granted
</Directory>
</VirtualHost>
2. Prepare web documents for the virtual host
[root@localhost extra]# cd /var/www/html/
[root@localhost html]# mkdir accp02
[root@localhost html]# cd accp02/
[root@localhost accp02]# vim index.html
<h1>This is accp02 web < / H1 > / / enter the content of the web page
[root @ localhost extra] ා systemctl restart httpd / / restart the service
3. Access the virtual Web host on the client
Input: 192.168.131.129/192.168.131.130 in win10 to test
But in practice, we usually use domain names to visit websites, so we need to provide domain name resolution services for new IP addresses.
Modify DNS zone profile
vim /etc/named.rfc1912.zones / / add new content to the DNS zone configuration file
Modify DNS data profile
[root@localhost extra]# cd /var/named/
[root@localhost named]# cp -p accp.com.zone naccp.com.zone //Copy zone data profile template
[root@localhost named]# vim naccp.com.zone //Enter the area data configuration file for modification
[root@localhost extra]# systemctl restart httpd / / restart the service
Input: www.kgc.com / www.naccp.com to test on the tester win10
Building a virtual host based on permissions
Add black and white list in virtual host configuration
[root@localhost named]# cd /etc/httpd/conf/extra
[root@localhost extra]# ls
vhost.conf
[root@localhost extra]# vim vhost.conf
<VirtualHost 192.168.131.129:80>
DocumentRoot "/var/www/html/accp/"
ServerName www.accp.com
ErrorLog "logs/www.accp.com.error_log"
CustomLog "logs/www.accp.com.access_log" common
<Directory "/var/www/html/">
<RequireAll>
Require not ip 192.168.131.128 //Add the IP address of the test machine to not allow access to accp.com
Require all granted
</RequireAll>
</Directory>
</VirtualHost>
[root@localhost extra]# systemctl restart httpd / / restart the service
Verify black and white list
Visit: www.kgc.com / www.naccp.com
naccp.com can be accessed normally, while kgc.com can't be accessed, so you can directly jump to the Apache default web page.
Password authentication access Apache Webpage
[root@localhost conf]# cd /etc/httpd/conf
[root@localhost conf]# htpasswd -c /etc/httpd/conf/pwd tese01 //Create access user
New password: //Set access password
Re-type new password: //Repeat password
Adding password for user tese01
[root@localhost conf]# ls
extra httpd.conf magic pwd
[root@localhost conf]# cat pwd
tese01:$apr1$.HU1/Ltw$Isp7l.Qhe9Zlh81OU8e7M1 //Password cryptography
[root@localhost conf]# cd extra/
[root@localhost extra]# ls
vhost.conf
[root@localhost extra]# vim vhost.conf //Enter the virtual host profile configuration
<VirtualHost 192.168.131.130:80>
DocumentRoot "/var/www/html/accp02/"
ServerName www.naccp.com
ErrorLog "logs/www.accp02.com.error_log"
CustomLog "logs/www.accp02.com.access_log" common
<Directory "/var/www/html/">
AuthName "DocumentRoot"
AuthType Basic
AuthUserFile /etc/httpd/conf/pwd
Require valid-user
</Directory>
</VirtualHost>
[root@localhost extra]# systemctl restart httpd / / restart the service
Test with the tester win10 input: www.naccp.com
At this point, if we want to visit naccp.com again, we need to enter a password for verification.