1、安装Apache

添加了这两个参数的意思是,支持suexec模块,改变suexec_docroot的路径。但在本文中并没有在虚拟主机中使用suexec,在此编译进去是为了方便测试,以及方便以后可能会使用到的朋友。其他选项使用默认的即可。

shell

# cd /usr/ports/www/apache22/ &&make WITH_SUEXEC=yes SUEXEC_DOCROOT=/usr/local/www install clean

配置/etc/rc.conf文件:

shell

# vi /etc/rc.conf

添加如下一行

apache22_enable="YES" 

修改apache的httpd.conf文件:

shell

# vi /usr/local/etc/apache22/httpd.conf

使apache运行时的权限为vmail:vmail

User vmail
Group vmail

2、虚拟主机配置

创建extmail.conf文件:

修改apache的httpd.conf文件:

shell

# vi /usr/local/etc/apache22/Includes/extmail.conf

内容如下:

NameVirtualHost *:80
<VirtualHost *:80>
    ServerName mail.extmail.org
    DocumentRoot /usr/local/www/extmail/html/

    ScriptAlias /extmail/cgi /usr/local/www/extmail/cgi/
    Alias /extmail /usr/local/www/extmail/html/
    ScriptAlias /extman/cgi "/usr/local/www/extman/cgi/"
    Alias /extman "/usr/local/www/extman/html/"

    <Location "/extman/cgi">
        SetHandler cgi-script
        Options +ExecCGI
    </Location>

    <Directory "/usr/local/www">
        AllowOverride None
        Options None
        Order allow,deny
        Allow from all
    </Directory>

#    SuexecUserGroup vmail vmail
</VirtualHost>

3、配置支持https

复制一份证书到apache的目录

shell

# mkdir /usr/local/etc/apache22/certs/
# cp /usr/local/etc/postfix/certs/*.pem /usr/local/etc/apache22/certs/

创建extmail-ssl.conf文件:

shell

# vi /usr/local/etc/apache22/Includes/extmail-ssl.conf

内容如下:

Listen 443

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

SSLPassPhraseDialog  builtin
SSLSessionCache        shmcb:/var/run/ssl_scache(512000)
SSLSessionCacheTimeout  300
SSLMutex  file:/var/run/ssl_mutex

<VirtualHost _default_:443>

DocumentRoot "/usr/local/www/extmail/html"
ServerName mail.extmail.org:443

ScriptAlias /extmail/cgi /usr/local/www/extmail/cgi/
Alias /extmail /usr/local/www/extmail/html/
ScriptAlias /extman/cgi "/usr/local/www/extman/cgi/"
Alias /extman "/usr/local/www/extman/html/"

ServerAdmin chifeng@gmail.com
ErrorLog /var/log/httpd-error.log
TransferLog /var/log/httpd-access.log
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
#SSLCertificateFile /usr/local/etc/apache22/server.crt
#SSLCertificateKeyFile /usr/local/etc/apache22/server.key

SSLCertificateFile /usr/local/etc/apache22/certs/mycert.pem
SSLCertificateKeyFile /usr/local/etc/apache22/certs/mykey.pem

<FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/usr/local/www/apache22/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

<Directory "/usr/local/www">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>

BrowserMatch ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
CustomLog /var/log/httpd-ssl_request.log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

#SuexecUserGroup vmail vmail
</VirtualHost>

重起apache

shell

# /usr/local/etc/rc.d/apache22 restart
 
捌、配置apache.txt · 最后更改: 2012/11/01 23:02 由 shaobo
 
Recent changes RSS feed Creative Commons License Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki