今天由于想在apache中安裝個jsp環境��,我們需要在apache中整合tomcat環境����,下面我把我tomcat環境配置與安全配置步驟給大家分享。
系統:centos 5.9
環境:apache 2.2.25��、tomcat 7.0.42、jdk 1.7.0
1.安裝apache
我這里是直接yum安裝的,如果你們要編譯安裝也不是不行.
- yum -y install httpd httpd-devel
2.安裝tomcat和jdk
這里我就不說了,大家可以去網上搜索一下centos安裝配置JDK1.7與Tomcat7.
3.配置httpd proxy反代tomcat
vi /etc/httpd/conf/httpd.conf
在最下面添加
- <VirtualHost *:80>
- ServerAdmin rocdk890@gmail.com
- directoryIndex index.html index.php index.htm index.shtml login.php
- ServerName 54.250.x.x
- <IfModule proxy_module>
- <IfModule proxy_http_module>
- ProxyRequests Off
- ProxyPass /images !
- ProxyPass /css !
- ProxyPass /js !
- ProxyPass / balancer:
- <Proxy balancer:
- BalancerMember http:
- </Proxy>
- </IfModule>
- </IfModule>
- </VirtualHost>
4.驗證
直接在瀏覽器上輸入http://ip,就可以訪問到tomcat首頁了,再也不用去輸入http://ip:8080了,好了,就到這里吧.
tomcat-安全設置
現在我們來做下apache和tomcat的安全設置,以避免因為tomcat的漏洞而讓服務器被別人控制.
apache和tomcat整合的配置是: vi /etc/httpd/conf/httpd.conf
在最下面添加
- <VirtualHost *:80>
- ServerAdmin rocdk890@gmail.com
- directoryIndex index.html index.php index.htm index.shtml login.php
- ServerName 54.250.x.x
- <IfModule proxy_module>
- <IfModule proxy_http_module>
- ProxyRequests Off
- ProxyPass /images !
- ProxyPass /css !
- ProxyPass /js !
- ProxyPass / balancer:
- <Proxy balancer:
- BalancerMember http:
- </Proxy>
- </IfModule>
- </IfModule>
- </VirtualHost>
然后我們在<Proxy>和</Proxy>中間添加身份驗證,如下
- <VirtualHost *:80>
- ServerAdmin rocdk890@gmail.com
- directoryIndex index.html index.php index.htm index.shtml login.php
- ServerName 54.250.x.x
- <IfModule proxy_module>
- <IfModule proxy_http_module>
- ProxyRequests Off
- ProxyPass /images !
- ProxyPass /css !
- ProxyPass /js !
- ProxyPass / balancer:
- <Proxy balancer:
- BalancerMember http:
- authtype basic
- authname "Please enter your password:"
- authuserfile /var/www/vhosts/htpasswd
- require valid-user
- </Proxy>
- </IfModule>
- </IfModule>
- </VirtualHost>
或者讓其只能ip訪問:
- <VirtualHost *:80>
- ServerAdmin rocdk890@gmail.com
- directoryIndex index.html index.php index.htm index.shtml login.php
- ServerName 54.250.x.x
- <IfModule proxy_module>
- <IfModule proxy_http_module>
- ProxyRequests Off
- ProxyPass /images !
- ProxyPass /css !
- ProxyPass /js !
- ProxyPass / balancer:
- <Proxy balancer:
- BalancerMember http:
- Order deny,allow
- Deny from all
- Allow from 192.168.10.0/24
- Allow from 127.0.0.1
- Allow from 54.250.x.x/28
- </Proxy>
- </IfModule>
- </IfModule>
- </VirtualHost>
保存之后,重啟apache使其生效就可以了.
