apache 2.4.1的安装
<strong>一、apache2.4.1的更新背景和</strong><strong>新特点</strong>
做为最流行的WEB服务器,本次发布的2.4版本中,从另一款以计算能力著称的Web服务器NGINX中汲取了不少东西,增加了很多对高性能的支持。新版本的Apache提供了很多性能方面的提升,包括:支持更大流量,更好的支持云计算,利用更少的内存处理更多的并发等等。<br />
除此之外,新版本的提升还包括:性能提升,内存利用,异步I/O的支持,动态反向代理设置,与时间驱动的Web服务器相当或更好的性能,更强大的处理资源分配能力,更友好的缓存支持,可定制的高速服务器和代理等。
其它的功能包括:更容易的错误分析,更灵活的设置项,更强大的验证机制,更完整的文档。关于更详细的新功能介绍,可以参考Apache的官方网站。
<strong>二、安装步骤</strong>
1、下载所需要的包
wget <a href="http://labs.mop.com/apache-mirror/apr/apr-1.4.6.tar.gz">http://labs.mop.com/apache-mirror//apr/apr-1.4.6.tar.gz</a> <br />
wget http://labs.mop.com/apache-mirror//apr/apr-util-1.4.1.tar.gz
wget http://labs.mop.com/apache-mirror//apr/apr-iconv-1.2.1.tar.gz
wget http://mirror.bjtu.edu.cn/apache//httpd/httpd-2.4.1.tar.gz
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.30.zip
apr包的具体介绍见我的另一篇日志——<a href="https://blog.361way.com/apache-apr/1039.html" target="_blank" rel="noopener">apache apr的详细介绍</a>
2、安装apr<br />
cd /usr/local/src
tar zxvf apr-1.4.6.tar.gz
cd apr-1.4.6
./configure –prefix=/usr/local/apr
make
make install
3、安装apr-util
tar zxvf apr-util-1.4.1.tar.gz
cd apr-util-1.4.1
./configure –prefix=/usr/local/apr-util –with-apr=/usr/local/apr
make<br />
make install
4、安装pcre
./configure --prefix=/usr/local/pcre --enable-utf8
make<br />
make install
5、安装apache
tar -zvxf httpd-2.4.1.tar.gz<br />
cd httpd-2.4.1
./configure --prefix=/usr/local/httpd --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util --with-pcre=/usr/local/pcre --with-mpm=event --enable-rewrite --enable-proxy --with-z --enable-so
make
make install
<span style="color:#e56600;">注:我上面的安装是出于实验性目的,并没有加太多的配置参数。后面都是直接</span><span style="color:#e56600;">--enable-so动态加载的。apache的安装和nginx之间是不同的,apache在用pcre时,需要指pcre编绎后的路径,nginx指向的是解压包的路径。</span>
<span>查看编绎的模块</span>
<span>cd /usr/local/httpd/bin<br />
[root@localhost bin]# ./httpd -l
Compiled in modules:
core.c
mod_so.c
http_core.c
event.c
[root@localhost bin]# ./httpd -M
Loaded Modules:
core_module (static)
so_module (static)
http_module (static)
mpm_event_module (static)
authn_file_module (shared)
authn_core_module (shared)
authz_host_module (shared)
authz_groupfile_module (shared)
authz_user_module (shared)
authz_core_module (shared)
access_compat_module (shared)
auth_basic_module (shared)
reqtimeout_module (shared)
filter_module (shared)
mime_module (shared)
log_config_module (shared)
env_module (shared)
headers_module (shared)
setenvif_module (shared)
version_module (shared)
proxy_module (shared)
proxy_connect_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_fcgi_module (shared)
proxy_scgi_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_express_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_heartbeat_module (shared)
unixd_module (shared)
status_module (shared)
autoindex_module (shared)
dir_module (shared)
alias_module (shared)
<span style="color:#e56600;">从上面不难发现,大部分的模块都是后来动态加载的。生产环境中能使用静态方编译的,最好使用静态方式,因为静态方式的处理效率较动态的要快5%左右。具体也可以看我的另一篇日志——</span><span><a href="https://blog.361way.com/apache-dso/997.html" target="_blank" rel="noopener">apache的动态编绎和静态编绎</a> ,下面列出经常会用到的一些参数的设置项。如果用到https,需要把ssl相关的内容也编绎进去。</span>
<span style="color:#e56600;"> </span><span>--enable-sed filter request and/or response bodies through sed<br />
–enable-mpms-shared=MPM-LIST
Space-separated list of MPM modules to enable for
dynamic loading. MPM-LIST=list | “all”
–enable-proxy-fcgi Apache proxy FastCGI module. Requires and is enabled
by –enable-proxy.
–enable-proxy-scgi Apache proxy SCGI module. Requires and is enabled by
–enable-proxy.
–enable-cgid CGI scripts. Enabled by default with threaded MPMs
–enable-cgi CGI scripts. Enabled by default with non-threaded
–enable-static-fcgistarter
Build a statically linked version of fcgistarter
–enable-modules=MODULE-LIST
Space-separated list of modules to enable | “all” |
“most” | “few” | “none” | “reallyall”
–enable-mods-shared=MODULE-LIST
Space-separated list of shared modules to enable |
“all” | “most” | “few” | “reallyall”
–enable-mods-static=MODULE-LIST
Space-separated list of static modules to enable |
“all” | “most” | “few” | “reallyall”
–with-mpm=MPM Choose the process model for Apache to use by
default. MPM={event|worker|prefork|winnt} This will
be statically linked as the only available MPM
unless –enable-mpms-shared is also specified.
–enable-so DSO capability. This module will be automatically
enabled unless you build all modules statically.
<span></span> <strong>三、apache的变化</strong>
1、在原select/poll的基础上增加了epoll的多路复用IO接口。这也是之前nginx比apache快的一个主要原因。
<a href="https://blog.361way.com/wp-content/uploads/2012/03/apache-epoll.jpg"><img class="alignleft size-full wp-image-1044" title="apache epoll" alt="" src="https://blog.361way.com/wp-content/uploads/2012/03/apache-epoll.jpg" width="510" height="92" /></a>
<div class="clear"></div>```
2、完善了mpm多路处理模块的worker的实验性——event,我上面编绎时,也使用了event做为默认。
<a href="https://blog.361way.com/wp-content/uploads/2012/03/mpm.jpg"><img class="alignleft size-full wp-image-1046" title="mpm" alt="" src="https://blog.361way.com/wp-content/uploads/2012/03/mpm.jpg" width="418" height="75" /></a>
3、新的FastCGI进程启动程序fcgistarter 。
四、常用配置和安全性配置
vim /usr/local/http/conf/httpd.conf #编辑配置文件
AllowOverride All #开启htaccess
Require allgranted #默认为denied
找到:DirectoryIndex index.html
修改为:DirectoryIndex index.html index.htmDefault.html Default.htm index.php Default.php (设置默认首页文件,如用php语言,则增加index.php)
\#AddHandler cgi-script .cgi 在796行
修改为:AddHandler cgi-script .cgi .pl (如果用到.cgi和.pl,这里就改为允许扩展名为.pl的CGI脚本运行)
AllowOverride None 在338行 修改为:AllowOverride All (允许.htaccess)
AddDefaultCharsetUTF-8 在759行 修改为:AddDefaultCharsetGB2312 (字符编码的修改,如果用的是GB2312就改)
vim /usr/local/http/conf/extra/httpd-default.conf编辑文件
ServerTokens OS 在44行 修改为:ServerTokensProd (在出现错误页的时候不显示服务器操作系统的名称)
ServerSignature On 在536行 修改为:ServerSignatureOff (在错误页中不显示Apache的版本)
KeepAliveOff 在76行 修改为:KeepAlive On (允许程序性联机)
MaxKeepAliveRequests 100 在83行 修改为:MaxKeepAliveRequests 1000 (增加并发连接数)
Vim /usr/local/apache2/conf/extra/httpd-vhosts.conf
<VirtualHost*:80>
ServerAdmin <test@361way.com>
DocumentRoot”/var/www/html/abc\_com”
ServerName [www.abc.com](http://www.abc.com)
ServerAlias efg.abc.com
Options FollowSymLinks #不显示目录结构
ErrorLog “|/usr/local/sbin/cronolog/var/log/httpd/error\_abc\_com\_%Y%m%d%H%M.log”
CustomLog “|/usr/local/sbin/cronolog/var/log/httpd/access\_abc\_com\_%Y%m%d%H%M.log” combined
php\_admin\_value open\_basedir”/var/www/html/abc\_com:/tmp/” #这个设置表示允许访问当前目录(即PHP脚本文件所在之目录)和/tmp/目录,有效防止php木马跨站运行
mkdir -p /var/www/html/abc_com
chown daemon.daemon -R /var/www/html/abc\_com
chmod -R 700 /var/www/html/abc\_com #更改apache网站目录权限
service httpd restart #重启
捐赠本站(Donate)
如您感觉文章有用,可扫码捐赠本站!(If the article useful, you can scan the QR code to donate))
- Author: shisekong
- Link: https://blog.361way.com/apache/1042.html
- License: This work is under a 知识共享署名-非商业性使用-禁止演绎 4.0 国际许可协议. Kindly fulfill the requirements of the aforementioned License when adapting or creating a derivative of this work.