一.####mail 空壳邮件####
配置文件 (maillinux.linux.com)
---------------------------------
19 zone "localhost" IN {
20 type master;
21 file "named.localhost";
22 allow-update { none; };
23 };
24
25 zone "westos.org" IN {
26 type master;
27 file "westos.org.zone";
28 allow-update { none; };
29 };
---------------------------------
cp -p named.localhost westos.org.zone
vim /etc/named/westos.org.zone
--------------------------------------------------------
1 $TTL 1D
2 @ IN SOA dns.westos.com. root.westos.org. (
3 0 ; serial
4 1D ; refresh
5 1H ; retry
6 1W ; expire
7 3H ) ; minimum
8 NS dns.westos.org.
9 dns A 172.25.254.100
10 westos.org. MX 1 172.25.254.100.
--------------------------------------------------------
rm -fr /etc/postfix/main.cf
yum reinstall postfix.x86_64 -y
vim /etc/postfix/main.cf
----------------------------------------------
75 myhostname = maillinux.linux.com
83 mydomain = linux.com
98 myorigin = westos.org
113 inet_interfaces = all
116 #inet_interfaces = localhost
164 mydestination =
313 relayhost = 172.25.254.100 ##间接发送 ip为接受地址
140 local_transport = error:local delivery disabled
----------------------------------------------
systemctl restart postfix.service
systemctl start named
在(mailwestos.westos.com)
vim /etc/postfix/main.cf
264 mynetworks = 172.25.254.0/24
systemctl restart postfix.service
www.extmail.org 邮件系统
lamp=linux apache mysql php lnmp=linux nginx mysql php
二. curl 查看网站信息
curl -I www.baidu.com
yum install nmap 著名黑客软件(侵入系统)
server: tengine
三.#### apache ####
1.httpd
yum install httpd -y
cd /var/www/html/
vim index.html
page 123
rpm -qc httpd
/etc/httpd/conf.d/autoindex.conf
/etc/httpd/conf.d/userdir.conf
/etc/httpd/conf.d/welcome.conf
/etc/httpd/conf.modules.d/00-base.conf
/etc/httpd/conf.modules.d/00-dav.conf
/etc/httpd/conf.modules.d/00-lua.conf
/etc/httpd/conf.modules.d/00-mpm.conf
/etc/httpd/conf.modules.d/00-proxy.conf
/etc/httpd/conf.modules.d/00-systemd.conf
/etc/httpd/conf.modules.d/01-cgi.conf
/etc/httpd/conf/httpd.conf
/etc/httpd/conf/magic
/etc/logrotate.d/httpd
/etc/sysconfig/htcacheclean
/etc/sysconfig/httpd
vim /etc/httpd/conf/httpd.conf
----------------------------------
163 <IfModule dir_module>
164 DirectoryIndex index.html
165 </IfModule>
----------------------------------
##不用修改
用firefox测试 172.25.254.100/index.html
###修改firefox的默认目录###
[root@mailwestos html]# yum install httpd-manual -y
[root@mailwestos html]# ls -Zd . ##表示列出文件的安全信息内容
drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 .
[root@mailwestos html]# mkdir /www/westos -p
[root@mailwestos html]# semanage fcontext -a -t httpd_sys_content_t '/www/westos(/.*)?'
[root@mailwestos html]# restorecon -RvvF /www/
restorecon reset /www context unconfined_u:object_r:default_t:s0->system_u:object_r:default_t:s0
restorecon reset /www/westos context unconfined_u:object_r:default_t:s0->system_u:object_r:httpd_sys_content_t:s0
[root@mailwestos html]# cd /www/westos/
[root@mailwestos westos]# ls
[root@mailwestos westos]# vim index.html
------------------
网站内容……
------------------
[root@mailwestos westos]# ls -Z
-rw-r--r--. root root unconfined_u:object_r:httpd_sys_content_t:s0 index.html
[root@mailwestos westos]# semanage fcontext -a -t httpd_sys_content_t '/www/westos(/.*)?'
vim /etc/httpd/conf/httpd.conf
--------------------------------
119 #DocumentRoot "/var/www/html"
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 require all granted
123 </Directory>
42 Listen 80 ##监听端口 默认为80
-------------------------------
systemctl restart httpd
systemctl reload httpd
####网站登陆ip限制####
vim /etc/httpd/conf/httpd.conf
------------------------------
119 #DocumentRoot "/var/www/html"
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 require all granted
123 Order Allow,Deny ##注意读取的顺序
124 Deny from ALL
125 Allow from 172.25.254.250 172.25.254.1
---------------------------------------------
####用户认证登录####
cd /etc/httpd/
ls
conf conf.d conf.modules.d logs modules run
htpasswd -cm htpasswdfile westos ##创建登录web的用户 首次加上"-c"
htpasswd -m htpasswdfile admin ##创建其他登录用户 不用加"-c",否则覆盖第一次创建的用户
ls
conf conf.d conf.modules.d htpasswdfile logs modules run
cat /etc/httpd/htpasswdfile
westos:$apr1$N2tH2dYs$KF7NFjH/OPn.lt.axBc4d.
admin:$apr1$VKKy4N9E$wDUCX1F.fpOfOMVQ6VOPh.
vim /etc/httpd/conf/httpd.conf
-----------------------------------------------------------
120 DocumentRoot "/www/westos"
121 <Directory "/www/westos">
122 #require all granted
123 AllowOverride All
124 Authuserfile /etc/httpd/htpasswdfile
125 Authname "Please input username and password"
126 Authtype basic
127 Require valid-user
128 </Directory>
-----------------------------------------------------------
vim /etc/hosts
6 172.25.254.100 mailwestos.westos.com ##域名解析
mkdir /var/www/virtual/news.westos.com/html -p
mkdir /var/www/virtual/music.westos.com/html -p
在测试主机上 修改/etc/hosts
172.25.254.100 www.westos.com westos.com news.westos.com music.westos.com
vim /etc/httpd/conf.d/default
1 <Virtualhost _default_:80>
2 Documentroot //var/www/html
3 Customlog "logs/default.log" combined
4 </Virtualhost>
5 <Directory "/var/www/html">
6 Require all granted
7 </Directory>
vim /etc/httpd/conf.d/music.conf
1 <Virtualhost *:80>
2 Servername music.westos.com
3 Documentroot /var/www/virtual/music.westos.com/html
4 Customlog "logs/music.log" combined
5 </Virtualhost>
6 <Directory "/var/www/virtual/music.westos.com/html">
7 Require all granted
8 </Directory>
vim /etc/httpd/conf.d/news.conf
同上
2.配置https
yum install mod_ssl -y
yum search util
yum install crypto-utils
genkey www.westos.com
进入选项模式
最终出现:
-------------------------------------------------------------------------------
/usr/bin/keyutil -c makecert -g 1024 -s "CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN" -v 1 -a -z /etc/pki/tls/.rand.4813 -o /etc/pki/tls/certs/www.westos.com.crt -k /etc/pki/tls/private/www.westos.com.key
cmdstr: makecert
cmd_CreateNewCert
command: makecert
keysize = 1024 bits
subject = CN=www.westos.com, OU=linux, O=westos, L=xi'an, ST=shannxi, C=CN
valid for 1 months
random seed from /etc/pki/tls/.rand.4813
output will be written to /etc/pki/tls/certs/www.westos.com.crt ##证书
output key written to /etc/pki/tls/private/www.westos.com.key ##公钥
Generating key. This may take a few moments...
Made a key
Opened tmprequest for writing
/usr/bin/keyutil Copying the cert pointer
Created a certificate
Wrote 882 bytes of encoded data to /etc/pki/tls/private/www.westos.com.key
Wrote the key to:
/etc/pki/tls/private/www.westos.com.key
------------------------------------------------------------------------------
vim /etc/httpd/conf.d/ssl.conf
------------------------------------------------------------------------------
100 SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt ##证书
101
102 # Server Private Key:
103 # If the key is not combined with the certificate, use this
104 # directive to point at the key file. Keep in mind that if
105 # you've both a RSA and a DSA private key you can configure
106 # both in parallel (to also allow the use of DSA ciphers, etc.)
107 SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key ##公钥
------------------------------------------------------------------
