系统:centos 5.9
环境:apache 2.2.25
tomcat 7.0.42
jdk 1.7.0
1.安装apache
我这里是直接yum安装的,如果你们要编译安装也不是不行.
| 代码如下 |
复制代码 |
|
yum -y install httpd httpd-devel
|
2.安装tomcat和jdk
这里我就不说了,大家可以去看我这篇文章centos安装配置JDK1.7与Tomcat7.
3.配置httpd proxy反代tomcat
vi /etc/httpd/conf/httpd.conf
在最下面添加
| 代码如下 |
复制代码 |
|
ServerAdmin [email protected]
directoryIndex index.html index.php index.htm index.shtml login.php
ServerName 54.250.x.x
ProxyRequests Off
ProxyPass /images !
ProxyPass /css !
ProxyPass /js !
ProxyPass / balancer://example/
BalancerMember http://54.250.x.x:8080/
4.验证
|
直接在浏览器上输入http://ip,就可以访问到tomcat首页了,再也不用去输入http://ip:8080了,好了,就到这里吧.
tomcat-安全设置
现在我们来做下apache和tomcat的安全设置,以避免因为tomcat的漏洞而让服务器被别人控制.
apache和tomcat整合的配置是:
vi /etc/httpd/conf/httpd.conf
在最下面添加
| 代码如下 |
复制代码 |
|
ServerAdmin [email protected]
directoryIndex index.html index.php index.htm index.shtml login.php
ServerName 54.250.x.x
ProxyRequests Off
ProxyPass /images !
ProxyPass /css !
ProxyPass /js !
ProxyPass / balancer://example/
BalancerMember http://54.250.x.x:8080/
|
然后我们在和中间添加身份验证,如下
| 代码如下 |
复制代码 |
|
ServerAdmin [email protected]
directoryIndex index.html index.php index.htm index.shtml login.php
ServerName 54.250.x.x
ProxyRequests Off
ProxyPass /images !
ProxyPass /css !
ProxyPass /js !
ProxyPass / balancer://example/
BalancerMember http://54.250.x.x:8080/
authtype basic
authname "Please enter your password:"
authuserfile /var/www/vhosts/htpasswd
require valid-user
|
或者让其只能ip访问:
| 代码如下 |
复制代码 |
|
ServerAdmin [email protected]
directoryIndex index.html index.php index.htm index.shtml login.php
ServerName 54.250.x.x
ProxyRequests Off
ProxyPass /images !
ProxyPass /css !
ProxyPass /js !
ProxyPass / balancer://example/
BalancerMember http://54.250.x.x:8080/
Order deny,allow
Deny from all
Allow from 192.168.10.0/24
Allow from 127.0.0.1
Allow from 54.250.x.x/28
|
保存之后,重启apache使其生效就可以了.
