Apache ssl https配置

Standard
#httpd.conf
Include conf/extra/httpd-ssl.conf
 
#building ssl
openssl genrsa -des3 -out server.key 1024
openssl rsa -in server.key -out server.key (*从密钥中删除密码,以避免系统启动时被询问口令)
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
chmod 0700 /usr/local/apache2/conf/server.key
chmod 0700 /usr/local/apache2/conf/server.crt

apache下的Zend Framework转跳同时忽略指定目录

Standard
<Location />
  RewriteEngine on
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteRule !.(js|ico|gif|jpg|jpeg|pdf|png|css)$|.*(yemaosheng_com|DirectoryName).* /index.php
</Location>

另一个其它框架的转跳

# if the yemaosheng_com directory exists, then let apache handle it.
RewriteCond %{REQUEST_URI} ^/yemaosheng_com/.*$
  RewriteRule (.*) $1 [L]
 
   # if the file exists, then let apache handle it.
   # index.php should be the only php available for direct access.
    RewriteCond %{DOCUMENT_ROOT}/%{SCRIPT_FILENAME} -f
      RewriteRule (.*) $1 [L]
   # else processit specially
      RewriteRule (.*) /index.php?$1 [L]

访问指定的目录时转跳并保持原来域名

RewriteCond %{REQUEST_URI} /news/     [NC]
RewriteRule ^.*$     http://yemaosheng.com/blog/ [P,L]

Apache加VirtualHost后通过IP无法正确访问

Standard

问题:
之前在apache上配了svn和trac是通过IP进行访问.
现在要加了个VirtualHost,加完后发现原IP访问的DocumentRoot无法访问.

解决方法:
在vhost的配置中加上

<VirtualHost *:80>
ServerName 127.0.0.1
DocumentRoot /home/apache/htdocs
</VirtualHost>

apache2.2.6+php5.2.9+mysql5.1.34编译安装

Standard
rpm -ivh gettext-devel-0.14.1-13.x86_64.rpm
 
# zlib
tar -zxvf zlib-1.2.3.tar.gz
cd zlib-1.2.3
./configure --prefix=/usr/local/zlib
make
make install
cd ..
 
# openssl
tar -zxvf openssl-0.9.8g.tar.gz
cd openssl-0.9.8g
./config \
	--prefix=/usr/local/openssl \
	--openssldir=/usr/local/openssl \
	--with-zlib-lib=/usr/local/zlib/lib \
	--with-zlib-include=/usr/local/zlib/include \
	shared \
	zlib \
	threads 
make
make test
make install
echo "/usr/local/openssl/lib" >> /etc/ld.so.conf.d/openssl.conf
ldconfig
cd ..
 
# http
tar jxvf httpd-2.2.6.tar.bz2
cd httpd-2.2.6
./configure \
	--prefix=/usr/local/apache \
	--enable-track-vars \
	--enable-rewrite \
	--enable-proxy \
	--enable-proxy-http  \
	--enable-cache \
	--enable-disk-cache \
	--enable-mem-cache \
	--enable-so \
	--enable-ssl \
	--enable-mods-shared="cache disk_cache mem_cache" \
	--enable-rewrite=shared \
	--enable-proxy=shared \
	--enable-proxy-http=shared \
	--with-mpm=worker \
	--sysconfdir=/usr/local/apache/conf \
	--with-ssl=/usr/local/openssl \
	--with-z-dir=/usr/local/zlib \
	--with-perl 
make 
make install
cd ..
 
# DirectoryIndex index.php
# AddType application/x-httpd-php .php
# LoadModule php5_module        modules/libphp5.so
 
cp /usr/local/apache/bin/apachectl /etc/init.d/httpd
chmod +x /etc/init.d/httpd
 
# icon
tar zxvf libiconv-1.12.tar.gz
cd libiconv-1.12
./configure --prefix=/usr/local/iconv
make
make install
cd ..
 
# libpng
tar jxvf libpng-1.2.23.tar.bz2   
cd libpng-1.2.23
env \
	CPPFLAGS="-I/usr/local/zlib/include" \
	LDFLAGS="-L/usr/local/zlib/lib" \
	./configure \
	--prefix=/usr/local/libpng
make
make check 
make install
cd ..
 
# freetype
tar jxvf freetype-2.3.5.tar.bz2 
cd freetype-2.3.5
env \
	CPPFLAGS="-I/usr/local/zlib/include" \
	LDFLAGS="-L/usr/local/zlib/lib" \
	./configure \
	--prefix=/usr/local/freetype2
make
make install
cd ..
 
# jpeg
mkdir -p \
	/usr/local/jpeg6/bin \
	/usr/local/jpeg6/lib \
	/usr/local/jpeg6/include \
	/usr/local/jpeg6/man1 \
	/usr/local/jpeg6/man/man1 
 
tar zxvf jpegsrc.v6b.tar.gz    
cd jpeg-6b
./configure \
	--prefix=/usr/local/jpeg6 \
	--enable-shared --enable-static
make
make install-lib  
make install
cd ..
 
# libxml
tar -zxf libxml2-2.6.30.tar.gz
cd libxml2-2.6.30
./configure \
	--prefix=/usr/local/libxml2 \
	--with-zlib=/usr/local/zlib
make
make install
cd ..
 
# gd
tar -jvxf gd-2.0.35.tar.bz2
cd gd-2.0.35 
./configure \
	--prefix=/usr/local/gd2 \
	--with-freetype=/usr/local/freetype2 \
	--with-png=/usr/local/libpng \
	--with-jpeg=/usr/local/jpeg6 \
	CPPFLAGS="-I/usr/local/zlib/include" \
	LDFLAGS="-L/usr/local/zlib/lib"
make
make install 
cd ..
 
#mysql
groupadd mysql
useradd -g mysql mysql
tar zxvf mysql-5.1.34.tar.gz
cd mysql-5.1.34
./configure \
	--prefix=/usr/local/mysql \
	--enable-assembler \
	--without-debug \
	--with-mysqld-ldflags=-all-static \
	--with-charset=utf8 \
	--with-extra-charsets=all \
	--with-innodb \
	--with-unix-socket-path=/usr/local/mysql/mysql.sock \
	--enable-thread-safe-client \
	--with-mysqld-user=mysql
make
make install
 
cd ..
if [ -f my.cnf.slave ]; then mv my.cnf.slave /etc/my.cnf; else mv my.cnf.mast /etc/my.cnf; fi; mkdir -p /data/mysqllog/binlog /data/mysqllog/relaylog ; chown mysql.0 /data/mysqllog/binlog /data/mysqllog/relaylog  /usr/local/mysql; cp /usr/local/mysql/share/mysql/mysql.server /etc/init.d/mysqld ; /usr/local/mysql/bin/mysql_install_db --user=mysql; /etc/init.d/mysqld start
 
# php
tar zxvf php-5.2.9.tar.gz
cd php-5.2.9
./configure \
	--prefix=/usr/local/php \
	--with-zlib=/usr/local/zlib \
	--with-zlib-dir=/usr/local/zlib \
	--with-apxs2=/usr/local/apache/bin/apxs \
	--with-mysql=/usr/local/mysql \
	--with-mysql-sock=/usr/local/mysql \
	--with-pdo-mysql=/usr/local/mysql \
	--with-libxml-dir=/usr/local/libxml2 \
	--with-gd=/usr/local/gd2 \
	--with-jpeg-dir=/usr/local/jpeg6 \
	--with-png-dir=/usr/local/libpng \
	--with-freetype-dir=/usr/local/freetype2 \
	--with-libxml-dir=/usr/local/libxml2 \
	--with-openssl=/usr/local/openssl \
	--with-iconv-dir=/usr/local/iconv \
	--with-ttf \
	--with-gettext \
	--enable-gd-native-ttf \
	--enable-mbstring \
	--enable-xml \
	--enable-pcntl \
	--enable-sockets \
	--enable-zip \
	--with-bz2 \
	--disable-debug 
make
make install
cp php.ini-dist /usr/local/php/lib/php.ini 
cd ..
 
# memcache
tar zxvf memcache-2.2.1.tgz
cd memcache-2.2.1
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config --enable-memcach
make 
make install
cd ..
 
sed -i 's#extension_dir = "./"#extension_dir = "/usr/local/php/lib/php/extensions/no-debug-zts-20060613/"\n\nextension = "memcache.so"\n#' /usr/local/php/lib/php.ini
sed -i 's#expose_php = On#expose_php = Off#' /usr/local/php/lib/php.ini
 
# soap
cd php-5.2.9/ext/soap
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config --enable-soap
make
make install
cd
 
sed -i 's#extension = "memcache.so"#extension = "memcache.so"\nextension = "soap.so"#' /usr/local/php/lib/php.ini

用Apache重写规则配置虚拟二级域名

Standard

作用:
在用户注册后提供类似于 username.yemaosheng.com 之类的二级域名服务
步骤:
首先要去你注册域名的网站的域名管理面板中配置你的域名为泛域名解析(不是每个域名服务商都提供泛域名解析。我的域名是万网注册的,有这个服务)。
具体配置示例如下(图):
A记录域名解析
比如你有个叫yemaosheng.com的域名,则,在你的域名管理面板中添加一条A记录,记录的RR值配置为通配符(星号*),这样,完整的记录就是 *.yemaosheng.com ,指向你的服务器所在的IP。
然后对服务器上的Apache配置如下(注:QQ空间将反斜杠显示为”\”)

    NamevirtualHost *:80
    <VirtualHost *:80>
     ServerAdmin webmaster@yemaosheng.com
     DocumentRoot /var/www/yemaosheng
     ServerName *.yemaosheng.com
     RewriteEngine on
     RewriteCond %{HTTP_HOST} ^[a-zA-Z0-9]+\.yemaosheng\.com$
     RewriteRule ^/?$ /%{HTTP_HOST}
     RewriteRule ^/www\.yemaosheng\.com/?$ /
     RewriteRule ^/news\.yemaosheng\.com/?$ /news.php
     RewriteRule ^/bbs\.yemaosheng\.com/?$ /bbs.php
     RewriteRule ^/blog\.yemaosheng\.com/?$ /blog.php
     RewriteRule ^/([a-zA-Z0-9]+)\.yemaosheng\.com/?$ /blog.php?user=$1
     <Directory /var/www/yemaosheng>
       Options None
       AllowOverride All
       Order allow,deny
       Allow from all
     </Directory>
    </VirtualHost>

Winxp上配Apache Mysql PHP及Linux上一些问题的备注

Standard

1.如果PHP5按网上的教程还认不出Mysql Module的话就在Apache的httpd.conf头上加一句”loadfile c:/php/libmysql.dll”

2.如果Apache mod_rewrite.so注释去掉重启后还没能认出网站目录下.htaccess文件的话,记得看一下目录配置中是否为”AllowOverride All”及”Options Indexes FollowSymLinks”

3.如果Mysql开了远程连接用户还连不上的话,记得确认一下是不是自己IP地址打错了,呵呵:)

4.解决PHP Warning: Cannot modify header information – headers already sent by ……打开 php.ini 然后把 output_buffering 设为 on .重起appache,OK.

5.fedora装好后鼠标箭头找不着可以修改/etc/X11/xorg.conf文件,在Section Device 中最后部分 添加Option “HWCursor” “false”后重新启动

6.samba服务配好后在window中可以看到主机及目录但不到登录时就检查SELinux配置

关于Apache2 VirtualHost二级域名只生效一个的问题

Standard

Apache2 config文件新增二级域名如下:
<VirtualHost *:80>
ServerName maillist.yemaosheng.com
ServerAlias maillist.yemaosheng.com
DocumentRoot /var/www/html/maillist.yemaosheng.com
</VirtualHost>
<VirtualHost *:80>
ServerName cms.yemaosheng.com
ServerAlias cms.yemaosheng.com
DocumentRoot /var/www/html/cms.yemaosheng.com
</VirtualHost>
<VirtualHost *:80>
ServerName www.yemaosheng.com
DocumentRoot /var/www/html/www.yemaosheng.com
</VirtualHost>

本地电脑上hosts.ini文件已经添加
192.168.42.12 maillist.yemaosheng.com
192.168.42.12 cms.yemaosheng.com
192.168.42.12 www.yemaosheng.com

只能访问到maillist.yemaosheng.com
cms.yemaosheng.com还是指到maillist.yemaosheng.com上面了
而www.yemaosheng.com则显示You don”t have permission to access / on this server.
感觉后面加的二级域名只能匹配到maillist.yemaosheng.com

问题解决
vhost的config文件头上加一行 NamevirtualHost *:80 就OK了