Beide Seiten der vorigen Revision Vorhergehende Überarbeitung | |
centos:webserver:install [16.11.2011 15:04. ] – django | centos:webserver:install [20.04.2018 10:27. ] (aktuell) – Externe Bearbeitung 127.0.0.1 |
---|
| ====== Grundinstallation Apache Webserver ====== |
| Unseren [[http://httpd.apache.org/docs/2.2/|Apache-Webserver]] installieren wir einfach mit Hilfe von **YUM**. |
| # yum install httpd httpd-tools -y |
| ===== Paketinhalte ===== |
| ==== httpd ==== |
| Was uns das Paket httpd alles mitbringt, zeigt uns der Aufruf von: |
| # rpm -qil httpd |
| <code>Name : httpd Relocations: (not relocatable) |
| Version : 2.2.15 Vendor: CentOS |
| Release : 5.el6.centos Build Date: Do 07 Jul 2011 12:28:56 CEST |
| Install Date: Fr 09 Sep 2011 20:16:28 CEST Build Host: c6b6.bsys.dev.centos.org |
| Group : System Environment/Daemons Source RPM: httpd-2.2.15-5.el6.centos.src.rpm |
| Size : 2886013 License: ASL 2.0 |
| Signature : RSA/8, Do 07 Jul 2011 13:50:23 CEST, Key ID 0946fca2c105b9de |
| Packager : CentOS BuildSystem <http://bugs.centos.org> |
| URL : http://httpd.apache.org/ |
| Summary : Apache HTTP Server |
| Description : |
| The Apache HTTP Server is a powerful, efficient, and extensible |
| web server. |
| /etc/httpd |
| /etc/httpd/conf |
| /etc/httpd/conf.d |
| /etc/httpd/conf.d/README |
| /etc/httpd/conf.d/welcome.conf |
| /etc/httpd/conf/httpd.conf |
| /etc/httpd/conf/magic |
| /etc/httpd/logs |
| /etc/httpd/modules |
| /etc/httpd/run |
| /etc/logrotate.d/httpd |
| /etc/rc.d/init.d/httpd |
| /etc/sysconfig/httpd |
| /usr/lib/httpd |
| /usr/lib/httpd/modules |
| /usr/lib/httpd/modules/mod_actions.so |
| /usr/lib/httpd/modules/mod_alias.so |
| /usr/lib/httpd/modules/mod_asis.so |
| /usr/lib/httpd/modules/mod_auth_basic.so |
| /usr/lib/httpd/modules/mod_auth_digest.so |
| /usr/lib/httpd/modules/mod_authn_alias.so |
| /usr/lib/httpd/modules/mod_authn_anon.so |
| /usr/lib/httpd/modules/mod_authn_dbd.so |
| /usr/lib/httpd/modules/mod_authn_dbm.so |
| /usr/lib/httpd/modules/mod_authn_default.so |
| /usr/lib/httpd/modules/mod_authn_file.so |
| /usr/lib/httpd/modules/mod_authnz_ldap.so |
| /usr/lib/httpd/modules/mod_authz_dbm.so |
| /usr/lib/httpd/modules/mod_authz_default.so |
| /usr/lib/httpd/modules/mod_authz_groupfile.so |
| /usr/lib/httpd/modules/mod_authz_host.so |
| /usr/lib/httpd/modules/mod_authz_owner.so |
| /usr/lib/httpd/modules/mod_authz_user.so |
| /usr/lib/httpd/modules/mod_autoindex.so |
| /usr/lib/httpd/modules/mod_cache.so |
| /usr/lib/httpd/modules/mod_cern_meta.so |
| /usr/lib/httpd/modules/mod_cgi.so |
| /usr/lib/httpd/modules/mod_cgid.so |
| /usr/lib/httpd/modules/mod_dav.so |
| /usr/lib/httpd/modules/mod_dav_fs.so |
| /usr/lib/httpd/modules/mod_dbd.so |
| /usr/lib/httpd/modules/mod_deflate.so |
| /usr/lib/httpd/modules/mod_dir.so |
| /usr/lib/httpd/modules/mod_disk_cache.so |
| /usr/lib/httpd/modules/mod_dumpio.so |
| /usr/lib/httpd/modules/mod_env.so |
| /usr/lib/httpd/modules/mod_expires.so |
| /usr/lib/httpd/modules/mod_ext_filter.so |
| /usr/lib/httpd/modules/mod_filter.so |
| /usr/lib/httpd/modules/mod_headers.so |
| /usr/lib/httpd/modules/mod_ident.so |
| /usr/lib/httpd/modules/mod_include.so |
| /usr/lib/httpd/modules/mod_info.so |
| /usr/lib/httpd/modules/mod_ldap.so |
| /usr/lib/httpd/modules/mod_log_config.so |
| /usr/lib/httpd/modules/mod_log_forensic.so |
| /usr/lib/httpd/modules/mod_logio.so |
| /usr/lib/httpd/modules/mod_mime.so |
| /usr/lib/httpd/modules/mod_mime_magic.so |
| /usr/lib/httpd/modules/mod_negotiation.so |
| /usr/lib/httpd/modules/mod_proxy.so |
| /usr/lib/httpd/modules/mod_proxy_ajp.so |
| /usr/lib/httpd/modules/mod_proxy_balancer.so |
| /usr/lib/httpd/modules/mod_proxy_connect.so |
| /usr/lib/httpd/modules/mod_proxy_ftp.so |
| /usr/lib/httpd/modules/mod_proxy_http.so |
| /usr/lib/httpd/modules/mod_proxy_scgi.so |
| /usr/lib/httpd/modules/mod_reqtimeout.so |
| /usr/lib/httpd/modules/mod_rewrite.so |
| /usr/lib/httpd/modules/mod_setenvif.so |
| /usr/lib/httpd/modules/mod_speling.so |
| /usr/lib/httpd/modules/mod_status.so |
| /usr/lib/httpd/modules/mod_substitute.so |
| /usr/lib/httpd/modules/mod_suexec.so |
| /usr/lib/httpd/modules/mod_unique_id.so |
| /usr/lib/httpd/modules/mod_userdir.so |
| /usr/lib/httpd/modules/mod_usertrack.so |
| /usr/lib/httpd/modules/mod_version.so |
| /usr/lib/httpd/modules/mod_vhost_alias.so |
| /usr/sbin/apachectl |
| /usr/sbin/htcacheclean |
| /usr/sbin/httpd |
| /usr/sbin/httpd.event |
| /usr/sbin/httpd.worker |
| /usr/sbin/httxt2dbm |
| /usr/sbin/rotatelogs |
| /usr/sbin/suexec |
| /usr/share/doc/httpd-2.2.15 |
| /usr/share/doc/httpd-2.2.15/ABOUT_APACHE |
| /usr/share/doc/httpd-2.2.15/CHANGES |
| /usr/share/doc/httpd-2.2.15/LICENSE |
| /usr/share/doc/httpd-2.2.15/NOTICE |
| /usr/share/doc/httpd-2.2.15/README |
| /usr/share/doc/httpd-2.2.15/VERSIONING |
| /usr/share/man/man8/apachectl.8.gz |
| /usr/share/man/man8/htcacheclean.8.gz |
| /usr/share/man/man8/httpd.8.gz |
| /usr/share/man/man8/rotatelogs.8.gz |
| /usr/share/man/man8/suexec.8.gz |
| /var/cache/mod_proxy |
| /var/lib/dav |
| /var/log/httpd |
| /var/run/httpd |
| /var/www |
| /var/www/cgi-bin |
| /var/www/error |
| /var/www/error/HTTP_BAD_GATEWAY.html.var |
| /var/www/error/HTTP_BAD_REQUEST.html.var |
| /var/www/error/HTTP_FORBIDDEN.html.var |
| /var/www/error/HTTP_GONE.html.var |
| /var/www/error/HTTP_INTERNAL_SERVER_ERROR.html.var |
| /var/www/error/HTTP_LENGTH_REQUIRED.html.var |
| /var/www/error/HTTP_METHOD_NOT_ALLOWED.html.var |
| /var/www/error/HTTP_NOT_FOUND.html.var |
| /var/www/error/HTTP_NOT_IMPLEMENTED.html.var |
| /var/www/error/HTTP_PRECONDITION_FAILED.html.var |
| /var/www/error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var |
| /var/www/error/HTTP_REQUEST_TIME_OUT.html.var |
| /var/www/error/HTTP_REQUEST_URI_TOO_LARGE.html.var |
| /var/www/error/HTTP_SERVICE_UNAVAILABLE.html.var |
| /var/www/error/HTTP_UNAUTHORIZED.html.var |
| /var/www/error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var |
| /var/www/error/HTTP_VARIANT_ALSO_VARIES.html.var |
| /var/www/error/README |
| /var/www/error/contact.html.var |
| /var/www/error/include |
| /var/www/error/include/bottom.html |
| /var/www/error/include/spacer.html |
| /var/www/error/include/top.html |
| /var/www/error/noindex.html |
| /var/www/html |
| /var/www/icons |
| /var/www/icons/README |
| /var/www/icons/README.html |
| /var/www/icons/a.gif |
| /var/www/icons/a.png |
| /var/www/icons/alert.black.gif |
| /var/www/icons/alert.black.png |
| /var/www/icons/alert.red.gif |
| /var/www/icons/alert.red.png |
| /var/www/icons/apache_pb.gif |
| /var/www/icons/apache_pb.png |
| /var/www/icons/apache_pb2.gif |
| /var/www/icons/apache_pb2.png |
| /var/www/icons/apache_pb2_ani.gif |
| /var/www/icons/back.gif |
| /var/www/icons/back.png |
| /var/www/icons/ball.gray.gif |
| /var/www/icons/ball.gray.png |
| /var/www/icons/ball.red.gif |
| /var/www/icons/ball.red.png |
| /var/www/icons/binary.gif |
| /var/www/icons/binary.png |
| /var/www/icons/binhex.gif |
| /var/www/icons/binhex.png |
| /var/www/icons/blank.gif |
| /var/www/icons/blank.png |
| /var/www/icons/bomb.gif |
| /var/www/icons/bomb.png |
| /var/www/icons/box1.gif |
| /var/www/icons/box1.png |
| /var/www/icons/box2.gif |
| /var/www/icons/box2.png |
| /var/www/icons/broken.gif |
| /var/www/icons/broken.png |
| /var/www/icons/burst.gif |
| /var/www/icons/burst.png |
| /var/www/icons/c.gif |
| /var/www/icons/c.png |
| /var/www/icons/comp.blue.gif |
| /var/www/icons/comp.blue.png |
| /var/www/icons/comp.gray.gif |
| /var/www/icons/comp.gray.png |
| /var/www/icons/compressed.gif |
| /var/www/icons/compressed.png |
| /var/www/icons/continued.gif |
| /var/www/icons/continued.png |
| /var/www/icons/dir.gif |
| /var/www/icons/dir.png |
| /var/www/icons/diskimg.gif |
| /var/www/icons/diskimg.png |
| /var/www/icons/down.gif |
| /var/www/icons/down.png |
| /var/www/icons/dvi.gif |
| /var/www/icons/dvi.png |
| /var/www/icons/f.gif |
| /var/www/icons/f.png |
| /var/www/icons/folder.gif |
| /var/www/icons/folder.open.gif |
| /var/www/icons/folder.open.png |
| /var/www/icons/folder.png |
| /var/www/icons/folder.sec.gif |
| /var/www/icons/folder.sec.png |
| /var/www/icons/forward.gif |
| /var/www/icons/forward.png |
| /var/www/icons/generic.gif |
| /var/www/icons/generic.png |
| /var/www/icons/generic.red.gif |
| /var/www/icons/generic.red.png |
| /var/www/icons/generic.sec.gif |
| /var/www/icons/generic.sec.png |
| /var/www/icons/hand.right.gif |
| /var/www/icons/hand.right.png |
| /var/www/icons/hand.up.gif |
| /var/www/icons/hand.up.png |
| /var/www/icons/icon.sheet.gif |
| /var/www/icons/icon.sheet.png |
| /var/www/icons/image1.gif |
| /var/www/icons/image1.png |
| /var/www/icons/image2.gif |
| /var/www/icons/image2.png |
| /var/www/icons/image3.gif |
| /var/www/icons/image3.png |
| /var/www/icons/index.gif |
| /var/www/icons/index.png |
| /var/www/icons/layout.gif |
| /var/www/icons/layout.png |
| /var/www/icons/left.gif |
| /var/www/icons/left.png |
| /var/www/icons/link.gif |
| /var/www/icons/link.png |
| /var/www/icons/movie.gif |
| /var/www/icons/movie.png |
| /var/www/icons/p.gif |
| /var/www/icons/p.png |
| /var/www/icons/patch.gif |
| /var/www/icons/patch.png |
| /var/www/icons/pdf.gif |
| /var/www/icons/pdf.png |
| /var/www/icons/pie0.gif |
| /var/www/icons/pie0.png |
| /var/www/icons/pie1.gif |
| /var/www/icons/pie1.png |
| /var/www/icons/pie2.gif |
| /var/www/icons/pie2.png |
| /var/www/icons/pie3.gif |
| /var/www/icons/pie3.png |
| /var/www/icons/pie4.gif |
| /var/www/icons/pie4.png |
| /var/www/icons/pie5.gif |
| /var/www/icons/pie5.png |
| /var/www/icons/pie6.gif |
| /var/www/icons/pie6.png |
| /var/www/icons/pie7.gif |
| /var/www/icons/pie7.png |
| /var/www/icons/pie8.gif |
| /var/www/icons/pie8.png |
| /var/www/icons/portal.gif |
| /var/www/icons/portal.png |
| /var/www/icons/poweredby.png |
| /var/www/icons/ps.gif |
| /var/www/icons/ps.png |
| /var/www/icons/quill.gif |
| /var/www/icons/quill.png |
| /var/www/icons/right.gif |
| /var/www/icons/right.png |
| /var/www/icons/screw1.gif |
| /var/www/icons/screw1.png |
| /var/www/icons/screw2.gif |
| /var/www/icons/screw2.png |
| /var/www/icons/script.gif |
| /var/www/icons/script.png |
| /var/www/icons/small |
| /var/www/icons/small/back.gif |
| /var/www/icons/small/back.png |
| /var/www/icons/small/binary.gif |
| /var/www/icons/small/binary.png |
| /var/www/icons/small/binhex.gif |
| /var/www/icons/small/binhex.png |
| /var/www/icons/small/blank.gif |
| /var/www/icons/small/blank.png |
| /var/www/icons/small/broken.gif |
| /var/www/icons/small/broken.png |
| /var/www/icons/small/burst.gif |
| /var/www/icons/small/burst.png |
| /var/www/icons/small/comp1.gif |
| /var/www/icons/small/comp1.png |
| /var/www/icons/small/comp2.gif |
| /var/www/icons/small/comp2.png |
| /var/www/icons/small/compressed.gif |
| /var/www/icons/small/compressed.png |
| /var/www/icons/small/continued.gif |
| /var/www/icons/small/continued.png |
| /var/www/icons/small/dir.gif |
| /var/www/icons/small/dir.png |
| /var/www/icons/small/dir2.gif |
| /var/www/icons/small/dir2.png |
| /var/www/icons/small/doc.gif |
| /var/www/icons/small/doc.png |
| /var/www/icons/small/forward.gif |
| /var/www/icons/small/forward.png |
| /var/www/icons/small/generic.gif |
| /var/www/icons/small/generic.png |
| /var/www/icons/small/generic2.gif |
| /var/www/icons/small/generic2.png |
| /var/www/icons/small/generic3.gif |
| /var/www/icons/small/generic3.png |
| /var/www/icons/small/image.gif |
| /var/www/icons/small/image.png |
| /var/www/icons/small/image2.gif |
| /var/www/icons/small/image2.png |
| /var/www/icons/small/index.gif |
| /var/www/icons/small/index.png |
| /var/www/icons/small/key.gif |
| /var/www/icons/small/key.png |
| /var/www/icons/small/movie.gif |
| /var/www/icons/small/movie.png |
| /var/www/icons/small/patch.gif |
| /var/www/icons/small/patch.png |
| /var/www/icons/small/ps.gif |
| /var/www/icons/small/ps.png |
| /var/www/icons/small/rainbow.gif |
| /var/www/icons/small/rainbow.png |
| /var/www/icons/small/sound.gif |
| /var/www/icons/small/sound.png |
| /var/www/icons/small/sound2.gif |
| /var/www/icons/small/sound2.png |
| /var/www/icons/small/tar.gif |
| /var/www/icons/small/tar.png |
| /var/www/icons/small/text.gif |
| /var/www/icons/small/text.png |
| /var/www/icons/small/transfer.gif |
| /var/www/icons/small/transfer.png |
| /var/www/icons/small/unknown.gif |
| /var/www/icons/small/unknown.png |
| /var/www/icons/small/uu.gif |
| /var/www/icons/small/uu.png |
| /var/www/icons/sound1.gif |
| /var/www/icons/sound1.png |
| /var/www/icons/sound2.gif |
| /var/www/icons/sound2.png |
| /var/www/icons/sphere1.gif |
| /var/www/icons/sphere1.png |
| /var/www/icons/sphere2.gif |
| /var/www/icons/sphere2.png |
| /var/www/icons/tar.gif |
| /var/www/icons/tar.png |
| /var/www/icons/tex.gif |
| /var/www/icons/tex.png |
| /var/www/icons/text.gif |
| /var/www/icons/text.png |
| /var/www/icons/transfer.gif |
| /var/www/icons/transfer.png |
| /var/www/icons/unknown.gif |
| /var/www/icons/unknown.png |
| /var/www/icons/up.gif |
| /var/www/icons/up.png |
| /var/www/icons/uu.gif |
| /var/www/icons/uu.png |
| /var/www/icons/uuencoded.gif |
| /var/www/icons/uuencoded.png |
| /var/www/icons/world1.gif |
| /var/www/icons/world1.png |
| /var/www/icons/world2.gif |
| /var/www/icons/world2.png |
| </code> |
| ==== httpd-tools ==== |
| Diverse Tools rund um den Apache-Server werden uns im RPM httpd-tools mitgeliefert, dessen Inhakt wir uns mit dem folgenden Aufruf anzeigen lassen können. |
| # rpm -qil httpd-tools |
| <code>Name : httpd-tools Relocations: (not relocatable) |
| Version : 2.2.15 Vendor: CentOS |
| Release : 5.el6.centos Build Date: Do 07 Jul 2011 12:28:56 CEST |
| Install Date: Fr 09 Sep 2011 20:16:26 CEST Build Host: c6b6.bsys.dev.centos.org |
| Group : System Environment/Daemons Source RPM: httpd-2.2.15-5.el6.centos.src.rpm |
| Size : 131365 License: ASL 2.0 |
| Signature : RSA/8, Do 07 Jul 2011 13:50:22 CEST, Key ID 0946fca2c105b9de |
| Packager : CentOS BuildSystem <http://bugs.centos.org> |
| URL : http://httpd.apache.org/ |
| Summary : Tools for use with the Apache HTTP Server |
| Description : |
| The httpd-tools package contains tools which can be used with |
| the Apache HTTP Server. |
| /usr/bin/ab |
| /usr/bin/htdbm |
| /usr/bin/htdigest |
| /usr/bin/htpasswd |
| /usr/bin/logresolve |
| /usr/share/doc/httpd-tools-2.2.15 |
| /usr/share/doc/httpd-tools-2.2.15/LICENSE |
| /usr/share/man/man1/ab.1.gz |
| /usr/share/man/man1/htdbm.1.gz |
| /usr/share/man/man1/htdigest.1.gz |
| /usr/share/man/man1/htpasswd.1.gz |
| /usr/share/man/man1/logresolve.1.gz |
| </code> |
| |
| ===== Konfiguration ===== |
| ==== Paketfilter anpassen ==== |
| |
| Damit nun auf unserem Web-Server auch Anfragen auf Port 80 auch zugelassen werden, passen wir noch die iptables-Filterregeln auf unserem System an. |
| |
| Wir überprüfen also erst einmal die Paketfiltereinstellungen |
| # iptables -L |
| <code bash> |
| Chain INPUT (policy ACCEPT) |
| target prot opt source destination |
| ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED |
| ACCEPT icmp -- anywhere anywhere |
| ACCEPT all -- anywhere anywhere |
| ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh |
| REJECT all -- anywhere anywhere reject-with icmp-host-prohibited |
| |
| Chain FORWARD (policy ACCEPT) |
| target prot opt source destination |
| REJECT all -- anywhere anywhere reject-with icmp-host-prohibited |
| |
| Chain OUTPUT (policy ACCEPT) |
| </code> |
| Für den Squid-Proxyserver, der auf Port 3128 lauschen wird, tragen wir also eine passende Regel in der Konfigurationsdatei des Paketfilters iptables ein. |
| # vim /etc/sysconfig/iptables |
| <file bash /etc/sysconfig/iptables> |
| # Firewall configuration written by system-config-firewall |
| # Manual customization of this file is not recommended. |
| *filter |
| :INPUT ACCEPT [0:0] |
| :FORWARD ACCEPT [0:0] |
| :OUTPUT ACCEPT [0:0] |
| -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT |
| -A INPUT -p icmp -j ACCEPT |
| -A INPUT -i lo -j ACCEPT |
| -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT |
| # Django : 2011-11-16 htpp für Apache Webserver freigeschaltet |
| -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT |
| # |
| -A INPUT -j REJECT --reject-with icmp-host-prohibited |
| -A FORWARD -j REJECT --reject-with icmp-host-prohibited |
| COMMIT |
| </file> |
| Anschließend aktivieren wir die neue Regel, indem wir den Service **iptables** einmal durchstarten. |
| # service iptables restart |
| |
| iptables: Flushing firewall rules: [ OK ] |
| iptables: Setting chains to policy ACCEPT: filter [ OK ] |
| iptables: Unloading modules: [ OK ] |
| iptables: Applying firewall rules: [ OK ] |
| |
| Eine erneute Abfrage der Paketfilterregeln zeigt uns nun die neue Einstellung. |
| # iptables -L |
| <code bash> |
| Chain INPUT (policy ACCEPT) |
| target prot opt source destination |
| ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED |
| ACCEPT icmp -- anywhere anywhere |
| ACCEPT all -- anywhere anywhere |
| ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh |
| ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http |
| REJECT all -- anywhere anywhere reject-with icmp-host-prohibited |
| |
| Chain FORWARD (policy ACCEPT) |
| target prot opt source destination |
| REJECT all -- anywhere anywhere reject-with icmp-host-prohibited |
| |
| Chain OUTPUT (policy ACCEPT) |
| target prot opt source destination |
| </code> |
| |
| |
| |
| |
| |
| |
| |
| ===== Programmstart ===== |
| ==== manueller Systemstart ==== |
| Nach erfolgter Installation der beiden Grundpakete können wir unseren Webserver das erste mal anstarten: |
| # service httpd start |
| Im Verzeichnis //**/var/log/httpd/**// finden wir zwei Logfiles: |
| * **access.log** Hier werden die Zugriffe geloggt. |
| * **error.log** Im Fehlerfall finden wir in dieser Logdatei meist wertvolle Hinweise über weitere |
| ==== automatischer Systemstart ==== |
| Damit der Server bei einem Systemstart des Rechner auch automatisch mitgestartet wird, aktivieren wir gleich noch das Startupscript im Verzeichnis //**/etc/init.d/**// |
| # chkconfig httpd on |
| Bei Bedarf können wir auch abfragen ob die Verlinkungen zum automatischen Systemstart passend gesetzt wurden. |
| # chkconfig --list | grep httpd |
| |
| httpd 0:Aus 1:Aus 2:Ein 3:Ein 4:Ein 5:Ein 6:Aus |
| |
| |
| |
| ====== Links ====== |
| * **[[centos:webserver:start|Zurück zum Kapitel >>Webserverinstallation<<]]** |
| * **[[wiki:start|Zurück zu >>Projekte und Themenkapitel<<]]** |
| * **[[http://dokuwiki.nausch.org/doku.php/|Zurück zur Startseite]]** |
| |
| |