<strong>一、apache2.4.1的更新背景和</strong><strong>新特点</strong>



&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 做为最流行的WEB服务器,本次发布的2.4版本中,从另一款以计算能力著称的Web服务器NGINX中汲取了不少东西,增加了很多对高性能的支持。新版本的Apache提供了很多性能方面的提升,包括:支持更大流量,更好的支持云计算,利用更少的内存处理更多的并发等等。<br />

除此之外,新版本的提升还包括:性能提升,内存利用,异步I/O的支持,动态反向代理设置,与时间驱动的Web服务器相当或更好的性能,更强大的处理资源分配能力,更友好的缓存支持,可定制的高速服务器和代理等。

其它的功能包括:更容易的错误分析,更灵活的设置项,更强大的验证机制,更完整的文档。关于更详细的新功能介绍,可以参考Apache的官方网站。

<strong>二、安装步骤</strong>



1、下载所需要的包



wget <a href="http://labs.mop.com/apache-mirror/apr/apr-1.4.6.tar.gz">http://labs.mop.com/apache-mirror//apr/apr-1.4.6.tar.gz</a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <br />

wget http://labs.mop.com/apache-mirror//apr/apr-util-1.4.1.tar.gz
wget http://labs.mop.com/apache-mirror//apr/apr-iconv-1.2.1.tar.gz
wget http://mirror.bjtu.edu.cn/apache//httpd/httpd-2.4.1.tar.gz
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.30.zip

apr包的具体介绍见我的另一篇日志——<a href="https://blog.361way.com/apache-apr/1039.html" target="_blank" rel="noopener">apache apr的详细介绍</a>



2、安装apr<br />

cd /usr/local/src
tar zxvf apr-1.4.6.tar.gz
cd apr-1.4.6
./configure –prefix=/usr/local/apr
make
make install
3、安装apr-util
tar zxvf apr-util-1.4.1.tar.gz
cd apr-util-1.4.1
./configure –prefix=/usr/local/apr-util –with-apr=/usr/local/apr

make<br />

make install

4、安装pcre



./configure --prefix=/usr/local/pcre --enable-utf8



make<br />

make install

5、安装apache



tar -zvxf httpd-2.4.1.tar.gz<br />

cd httpd-2.4.1

./configure --prefix=/usr/local/httpd --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util --with-pcre=/usr/local/pcre --with-mpm=event --enable-rewrite&nbsp; --enable-proxy --with-z --enable-so



make



make install



<span style="color:#e56600;">注:我上面的安装是出于实验性目的,并没有加太多的配置参数。后面都是直接</span><span style="color:#e56600;">--enable-so动态加载的。apache的安装和nginx之间是不同的,apache在用pcre时,需要指pcre编绎后的路径,nginx指向的是解压包的路径。</span>



<span>查看编绎的模块</span>



<span>cd /usr/local/httpd/bin<br />

[root@localhost bin]# ./httpd -l
Compiled in modules:
core.c
mod_so.c
http_core.c
event.c
[root@localhost bin]# ./httpd -M
Loaded Modules:
core_module (static)
so_module (static)
http_module (static)
mpm_event_module (static)
authn_file_module (shared)
authn_core_module (shared)
authz_host_module (shared)
authz_groupfile_module (shared)
authz_user_module (shared)
authz_core_module (shared)
access_compat_module (shared)
auth_basic_module (shared)
reqtimeout_module (shared)
filter_module (shared)
mime_module (shared)
log_config_module (shared)
env_module (shared)
headers_module (shared)
setenvif_module (shared)
version_module (shared)
proxy_module (shared)
proxy_connect_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_fcgi_module (shared)
proxy_scgi_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_express_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_heartbeat_module (shared)
unixd_module (shared)
status_module (shared)
autoindex_module (shared)
dir_module (shared)
alias_module (shared)

<span style="color:#e56600;">从上面不难发现,大部分的模块都是后来动态加载的。生产环境中能使用静态方编译的,最好使用静态方式,因为静态方式的处理效率较动态的要快5%左右。具体也可以看我的另一篇日志——</span><span><a href="https://blog.361way.com/apache-dso/997.html" target="_blank" rel="noopener">apache的动态编绎和静态编绎</a> ,下面列出经常会用到的一些参数的设置项。如果用到https,需要把ssl相关的内容也编绎进去。</span>



<span style="color:#e56600;">&nbsp; </span><span>--enable-sed&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; filter request and/or response bodies through sed<br />

–enable-mpms-shared=MPM-LIST
Space-separated list of MPM modules to enable for
dynamic loading. MPM-LIST=list | “all”
–enable-proxy-fcgi Apache proxy FastCGI module. Requires and is enabled
by –enable-proxy.
–enable-proxy-scgi Apache proxy SCGI module. Requires and is enabled by
–enable-proxy.
–enable-cgid CGI scripts. Enabled by default with threaded MPMs
–enable-cgi CGI scripts. Enabled by default with non-threaded
–enable-static-fcgistarter
Build a statically linked version of fcgistarter
–enable-modules=MODULE-LIST
Space-separated list of modules to enable | “all” |
“most” | “few” | “none” | “reallyall”
–enable-mods-shared=MODULE-LIST
Space-separated list of shared modules to enable |
“all” | “most” | “few” | “reallyall”
–enable-mods-static=MODULE-LIST
Space-separated list of static modules to enable |
“all” | “most” | “few” | “reallyall”
–with-mpm=MPM Choose the process model for Apache to use by
default. MPM={event|worker|prefork|winnt} This will
be statically linked as the only available MPM
unless –enable-mpms-shared is also specified.
–enable-so DSO capability. This module will be automatically
enabled unless you build all modules statically.

<span></span>&nbsp;<strong>三、apache的变化</strong>



&nbsp;1、在原select/poll的基础上增加了epoll的多路复用IO接口。这也是之前nginx比apache快的一个主要原因。



<a href="https://blog.361way.com/wp-content/uploads/2012/03/apache-epoll.jpg"><img class="alignleft size-full wp-image-1044" title="apache epoll" alt="" src="https://blog.361way.com/wp-content/uploads/2012/03/apache-epoll.jpg" width="510" height="92" /></a>
```  下面是nginx平台下的epoll接口。


<div class="clear"></div>```
2、完善了mpm多路处理模块的worker的实验性——event,我上面编绎时,也使用了event做为默认。



<a href="https://blog.361way.com/wp-content/uploads/2012/03/mpm.jpg"><img class="alignleft size-full wp-image-1046" title="mpm" alt="" src="https://blog.361way.com/wp-content/uploads/2012/03/mpm.jpg" width="418" height="75" /></a>
``` 以上两点是我从目录结构上看出的一点心得。

3、新的FastCGI进程启动程序fcgistarter 。

四、常用配置和安全性配置

vim /usr/local/http/conf/httpd.conf   #编辑配置文件



 AllowOverride All #开启htaccess  
 Require allgranted #默认为denied  
  
找到:DirectoryIndex index.html  
修改为:DirectoryIndex index.html index.htmDefault.html Default.htm index.php Default.php (设置默认首页文件,如用php语言,则增加index.php)  
\#AddHandler cgi-script .cgi 在796行  
修改为:AddHandler cgi-script .cgi .pl (如果用到.cgi和.pl,这里就改为允许扩展名为.pl的CGI脚本运行)  
AllowOverride None 在338行 修改为:AllowOverride All (允许.htaccess)  
AddDefaultCharsetUTF-8 在759行 修改为:AddDefaultCharsetGB2312 (字符编码的修改,如果用的是GB2312就改)

vim /usr/local/http/conf/extra/httpd-default.conf编辑文件


ServerTokens OS 在44行 修改为:ServerTokensProd (在出现错误页的时候不显示服务器操作系统的名称)  
ServerSignature On 在536行 修改为:ServerSignatureOff (在错误页中不显示Apache的版本)

KeepAliveOff   在76行 修改为:KeepAlive On (允许程序性联机)


MaxKeepAliveRequests 100 在83行 修改为:MaxKeepAliveRequests 1000 (增加并发连接数)

Vim /usr/local/apache2/conf/extra/httpd-vhosts.conf

<VirtualHost*:80>


 ServerAdmin <[email protected]>  
 DocumentRoot”/var/www/html/abc\_com”  
 ServerName [www.abc.com](http://www.abc.com)  
 ServerAlias efg.abc.com  
 Options FollowSymLinks #不显示目录结构  
 ErrorLog “|/usr/local/sbin/cronolog/var/log/httpd/error\_abc\_com\_%Y%m%d%H%M.log”  
 CustomLog “|/usr/local/sbin/cronolog/var/log/httpd/access\_abc\_com\_%Y%m%d%H%M.log” combined  
 php\_admin\_value open\_basedir”/var/www/html/abc\_com:/tmp/” #这个设置表示允许访问当前目录(即PHP脚本文件所在之目录)和/tmp/目录,有效防止php木马跨站运行

mkdir -p  /var/www/html/abc_com


chown daemon.daemon -R /var/www/html/abc\_com  
chmod -R 700 /var/www/html/abc\_com #更改apache网站目录权限  
service httpd restart #重启