| |
One, httpd-2.4 Features Overview
Reference information official website: http: //httpd.apache.org/docs/2.4/new_features_2_4.html
1.httpd-2.4 The official announcement of the new feature (full)
(1) MPM supports running DSO mechanism; a module loaded on demand;
(2) support for event-driven, eventMPM module production environment is available;
(3) to support asynchronous read and write;
(4) support for each module and each individual directory log level defined;
(5) each request relevant professional configuration;
(6) enhanced version of the expression parser;
(7) support millisecond persistent connection time limit defined (keepalivetimeout);
(8) FQDN-based virtual hosts NameVirtualHost directive is no longer needed;
(9) supports new instructions, AllowOverrideList
(10) supports user-defined variables;
(11) to reduce memory consumption
2. The new module (part)
(1) mod_proxy_fcgi: support apache server backend protocol reverse proxy module
(2) mod_proxy_scgi: support python backend server protocol proxy module
(3) mod_proxy_express: Based on the expression complete dynamic proxy configuration
(4) mod_remoteip: IP-based access control mechanism is changed
Modify some configuration mechanism: no longer supports the use of Order, Deny, Allow to do IP-based access control;
... ...
Two, CentOS 7 RPM installation configuration httpd-2.4
Master configuration file: /etc/httpd/conf/httpd.conf
Module configuration file: /etc/httpd/conf.modules.d / * conf.
Auxiliary profiles: /etc/httpd/conf.d / * conf.
1. Switch using MPM
1) mpm: DSO mechanism to provide dynamic module configuration file 00-mpm.conf
[Root @ localhost ~] # vim /etc/httpd/conf.modules.d/00-mpm.conf enable module configuration information
LoadModulempm_NAME_module modules / mod_mpm_NAME.so
NAME: prefork, event, worker
2) Service Control: systemctl {start | stop | restart | status | reload} httpd.service
wKiom1abbduTFe5_AAC60aTjYDc282.png
2. Modify the 'Main' server's DocumentRoot
The default DocumentRoot definition can not access any web page, you must explicitly authorize
You must define ... ... container as the controlling authority
3. IP-based access control rule
(1) all set
All hosts are allowed access: Requireall granted
Reject all host access: Requireall deny
(2) access control specific IP
Require ip IPADDR: Specify the source address of the authorized host access
Require not ip IPADDR: Deny specified source address of the host access
IPADDR:
IP: 172.16.100.2
Network / mask: 172.16.0.0/255.255.0.0
Network / Length: 172.16.0.0/16
Net: 172.16
(3) controls a particular host (HOSTNAME) access
Requirehost HOSTNAME: Specifies the source host access authorization;
Requirenot host HOSTNAME: rejected
HOSTNAME which can have the following format:
FQDN: specific host
All hosts designated under the domain name: domin.tld
Note: The definition of a plurality of control instructions need to use container ... ... to write
For example:
Requireall granted
Requirenot ip 172.16.100.2
4. Virtual Host Configuration
FQDN-based virtual hosts no longer need NameVirutalHost instruction;
ServerNamewww.b.net
DocumentRoot "/apps/b.net/htdocs"
OptionsNone
AllowOverrideNone
Requireall granted
Note: The page any directory only explicit authorization to be accessed;
5.SSL module: No change much
#yum install -y mod_ssl
6. milliseconds long lasting connection definitions: KeepAliveTimeout #ms |
|
|
|