Configuring the Web Server ​

• Configuring the Web Server
  • Apache Server
    • Overview
    • Managing httpd
    • Configuration File Description
    • Management Module and SSL
    • Verifying Whether the Web Service Is Successfully Set Up
  • Nginx Server
    • Overview
    • Installing Nginx
    • Managing Nginx
    • Configuration File Description
    • Management Modules
    • Verifying Whether the Web Service Is Successfully Set Up

Apache Server ​

Overview ​

World Wide Web (Web) is one of the most commonly used Internet protocols. At present, the web server in the Unix-Like system is mainly implemented through the Apache server software. To operate dynamic websites, LAMP (Linux + Apache + MySQL + PHP) is developed. Web services can be combined with multimedia such as text, graphics, images, and audio, and support information transmission through hyperlinks.

The web server version in the openEuler system is Apache HTTP server 2.4, that is, httpd, which is an open-source web server developed by the Apache Software Foundation.

Managing httpd ​

Overview ​

You can use the systemctl tool to manage the httpd service, including starting, stopping, and restarting the service, and viewing the service status. This section describes how to manage the Apache HTTP service.

Prerequisites ​

• To use the Apache HTTP service, ensure that the rpm package of the httpd service has been installed in your system. Run the following command as the root user to install the rpm package:

  shell

  dnf install httpd

  For more information about service management, see Service Management.

• To start, stop, and restart the httpd service, you must have the root permission.

Starting a Service ​

• Run the following command to start and run the httpd service:

  shell

  systemctl start httpd

• If you want the httpd service to automatically start when the system starts, the command and output are as follows:

  shell

  $ systemctl enable httpd
  Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.

Stopping the Service ​

• Run the following command to stop the httpd service:

  shell

  systemctl stop httpd

• If you want to prevent the service from automatically starting during system startup, the command and output are as follows:

  shell

  $ systemctl disable httpd
  Removed /etc/systemd/system/multi-user.target.wants/httpd.service.

Restarting a Service ​

You can restart the service in any of the following ways:

• Restart the service by running the restart command:

  shell

  systemctl restart httpd

  This command stops the ongoing httpd service and restarts it immediately. This command is generally used after a service is installed or when a dynamically loaded module (such as PHP) is removed.

• Reload the configuration.

  shell

  systemctl reload httpd

  This command causes the running httpd service to reload its configuration file. Any requests that are currently being processed will be interrupted, causing the client browser to display an error message or re-render some pages.

• Re-load the configuration without affecting the activation request.

  shell

  apachectl graceful

  This command causes the running httpd service to reload its configuration file. Any requests that are currently being processed will continue to use the old configuration file.

Verifying the Service Status ​

Check whether the httpd service is running.

systemctl is-active httpd

If active is displayed in the command output, the service is running.

Configuration File Description ​

After the httpd service is started, it reads the configuration file shown in Table 1 by default.

Table 1 Configuration file description

Although the default configuration can be used in most cases, you need to be familiar with some important configuration items. After the configuration file is modified, run the following command as the root user to check the syntax errors that may occur in the configuration file:

apachectl configtest

If the following information is displayed, the syntax of the configuration file is correct:

Syntax OK

Management Module and SSL ​

Overview ​

The httpd service is a modular application that is distributed with many Dynamic Shared Objects (DSOs). DSOs can be dynamically loaded or unloaded when running if necessary. These modules are located in the /usr/lib64/httpd/modules/ directory of the server operating system. This section describes how to load and write a module.

Loading a Module ​

To load a special DSO module, you can use the load module indication in the configuration file. The modules provided by the independent software package have their own configuration files in the /etc/httpd/conf.modules.d directory.

For example, to load the asis DSO module, perform the following steps:

1. In the /etc/httpd/conf.modules.d/00-optional.conf file, uncomment the following configuration line as the root user:

   conf

   LoadModule asis_module modules/mod_asis.so

2. After the loading is complete, restart the httpd service as the root user to reload the configuration file.

   shell

   systemctl restart httpd

3. After the loading is complete, run the httpd -M command as the root user to check whether the asis DSO module is loaded.

   shell

   httpd -M | grep asis

   If the following information is displayed, the asis DSO module is successfully loaded:

   text

   asis_module (shared)

Introduction to SSL ​

Secure Sockets Layer (SSL) is an encryption protocol that allows secure communication between the server and client. The Transport Layer Security (TLS) protocol ensures security and data integrity for network communication. openEuler supports Mozilla Network Security Services (NSS) as the security protocol TLS. To load the SSL, perform the following steps:

1. Install the mod_ssl RPM package as the root user.

   shell

   dnf install mod_ssl

2. After the loading is complete, restart the httpd service as the root user to reload the configuration file.

   shell

   systemctl restart httpd

3. After the loading is complete, run the httpd -M command as the root user to check whether the SSL is loaded.

   shell

   httpd -M | grep ssl

   If the following information is displayed, the SSL has been loaded successfully.

   text

   ssl_module (shared)

Verifying Whether the Web Service Is Successfully Set Up ​

After the web server is set up, perform the following operations to check whether the web server is set up successfully:

1. Run the following command as the root user to check the IP address of the server:

   shell

   ip a

2. Configure the firewall as the root user.

   shell

   $ firewall-cmd --add-service=http --permanent
   success
   # firewall-cmd --reload
   success

3. Verify whether the web server is successfully set up. You can select the Linux or Windows operating system for verification.

   • Using the Linux OS

     Run the following command to check whether the web page can be accessed. If the service is successfully set up, the web page can be accessed.

     shell

     curl http://192.168.1.60

     Run the following command to check whether the command output is 0. If the command output is 0, the httpd server is successfully set up.

     shell

     echo $?

   • Using the Windows OS

     Open the browser and enter the following address in the address box. If the web page can be accessed, the httpd server is successfully set up.

     http://192.168.1.60

     If the port number is changed, enter the address in the following format:

     http://192.168.1.60:port_number

Nginx Server ​

Overview ​

Nginx is a lightweight web server which also acts as a reverse proxy server and email (IMAP/POP3) proxy server. It features low memory usage and strong concurrency capability. Nginx supports FastCGI, SSL, virtual hosts, URL rewrite, Gzip, and extension of many third-party modules.

Installing Nginx ​

1. Configure the local yum source. For details, see Configuring the Repo Server.

2. Clear the cache.

   shell

   dnf clean all

3. Create a cache.

   shell

   dnf makecache

4. Install the Nginx server as the root user.

   shell

   dnf install nginx

5. Check the installed RPM package.

   shell

   dnf list all | grep nginx

Managing Nginx ​

Overview ​

You can use the systemctl tool to manage the Nginx service, including starting, stopping, and restarting the service, and viewing the service status. This section describes how to manage the Nginx service.

Prerequisites ​

• Ensure that the Nginx service has been installed. If not, install it by referring to Installing Nginx.

  For more information about service management, see Service Management.

• To start, stop, and restart the Nginx service, you must have the root permission.

Starting a Service ​

• Run the following command to start and run the Nginx service:

  shell

  systemctl start nginx

• If you want the Nginx service to automatically start when the system starts, the command and output are as follows:

  shell

  $ systemctl enable nginx
  Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service.

Stopping the Service ​

• Run the following command to stop the Nginx service:

  shell

  systemctl stop nginx

• If you want to prevent the service from automatically starting during system startup, the command and output are as follows:

  shell

  $ systemctl disable nginx
  Removed /etc/systemd/system/multi-user.target.wants/nginx.service.

Restarting a Service ​

You can restart the service in any of the following ways:

• Restart the service.

  shell

  systemctl restart nginx

  This command stops the ongoing Nginx service and restarts it immediately. This command is generally used after a service is installed or when a dynamically loaded module (such as PHP) is removed.

• Reload the configuration.

  shell

  systemctl reload nginx

  This command causes the running Nginx service to reload its configuration file. Any requests that are currently being processed will be interrupted, causing the client browser to display an error message or re-render some pages.

• Smoothly restart Nginx.

  shell

  kill -HUP PID

  This command causes the running Nginx service to reload its configuration file. Any requests that are currently being processed will continue to use the old configuration file.

Verifying the Service Status ​

Check whether the Nginx service is running.

systemctl is-active nginx

If active is displayed in the command output, the service is running.

Configuration File Description ​

After the Nginx service is started, it reads the configuration file shown in Table 2 by default.

Table 2 Configuration file description

Although the default configuration can be used in most cases, you need to be familiar with some important configuration items. After the configuration file is modified, run the following command as the root user to check the syntax errors that may occur in the configuration file:

nginx -t

If the command output contains syntax is ok, the syntax of the configuration file is correct.

Management Modules ​

Overview ​

The Nginx service is a modular application that is distributed with many Dynamic Shared Objects (DSOs). DSOs can be dynamically loaded or unloaded when running if necessary. These modules are located in the /usr/lib64/nginx/modules/ directory of the server operating system. This section describes how to load and write a module.

Loading a Module ​

To load a special DSO module, you can use the load module indication in the configuration file. Generally, the modules provided by independent software packages have their own configuration files in the /usr/share/nginx/modules directory.

The DSO is automatically loaded when the dnf install nginx command is used to install the Nginx in the openEuler operating system.

Verifying Whether the Web Service Is Successfully Set Up ​

After the web server is set up, perform the following operations to check whether the web server is set up successfully:

1. Run the following command as the root user to check the IP address of the server:

   shell

   ip a

   If the following information is displayed, the IP address of the server is 192.168.1.60.

   text

   enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
   inet 192.168.1.60  netmask 255.255.255.0  broadcast 192.168.1.255
   inet6 fe80::5054:ff:fe95:499f  prefixlen 64  scopeid 0x20<link>
   ether 52:54:00:95:49:9f  txqueuelen 1000  (Ethernet)
   RX packets 150713207  bytes 49333673733 (45.9 GiB)
   RX errors 0  dropped 43  overruns 0  frame 0
   TX packets 2246438  bytes 203186675 (193.7 MiB)
   TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
   
   enp4s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
   ether 52:54:00:7d:80:9e  txqueuelen 1000  (Ethernet)
   RX packets 149937274  bytes 44652889185 (41.5 GiB)
   RX errors 0  dropped 1102561  overruns 0  frame 0
   TX packets 0  bytes 0 (0.0 B)
   TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
   
   lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
   inet 127.0.0.1  netmask 255.0.0.0
   inet6 ::1  prefixlen 128  scopeid 0x10<host>
   loop  txqueuelen 1000  (Local Loopback)
   RX packets 37096  bytes 3447369 (3.2 MiB)
   RX errors 0  dropped 0  overruns 0  frame 0
   TX packets 37096  bytes 3447369 (3.2 MiB)
   TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

2. Configure the firewall as the root user.

   shell

   $ firewall-cmd --add-service=http --permanent
   success
   # firewall-cmd --reload
   success

3. Verify whether the web server is successfully set up. You can select the Linux or Windows operating system for verification.

   • Using the Linux OS

     Run the following command to check whether the web page can be accessed. If the service is successfully set up, the web page can be accessed.

     shell

     curl http://192.168.1.60

     Run the following command to check whether the command output is 0. If the command output is 0, the Nginx server is successfully set up.

     shell

     echo $?

   • Using the Windows OS

     Open the browser and enter the following address in the address box. If the web page can be accessed, the Nginx server is successfully set up.

     http://192.168.1.60

     If the port number is changed, enter the address in the following format:

     http://192.168.1.60:port_number