debian apache
介绍 (Introduction)
The Apache HTTP server is the most widely-used web server in the world. It provides many powerful features including dynamically loadable modules, robust media support, and extensive integration with other popular software.
Apache HTTP服务器是世界上使用最广泛的Web服务器。 它提供了许多强大的功能,包括可动态加载的模块,强大的媒体支持以及与其他流行软件的广泛集成。
In this guide, we’ll explain how to install an Apache web server on your Debian 10 server.
在本指南中,我们将说明如何在Debian 10服务器上安装Apache Web服务器。
先决条件 (Prerequisites)
Before you begin this guide, you should have a regular, non-root user with sudo privileges configured on your server. Additionally, you will need to enable a basic firewall to block non-essential ports. You can learn how to configure a regular user account and set up a firewall for your server by following our initial server setup guide for Debian 10.
在开始本指南之前,您应该在服务器上配置具有sudo特权的常规非root用户。 此外,您将需要启用基本防火墙以阻止非必需端口。 您可以按照我们针对Debian 10的初始服务器设置指南,了解如何配置常规用户帐户并为服务器设置防火墙。
When you have an account available, log in as your non-root user to begin.
如果您有可用的帐户,请以非root用户身份登录以开始。
第1步-安装Apache (Step 1 — Installing Apache)
Apache is available within Debian’s default software repositories, making it possible to install it using conventional package management tools.
Debian的默认软件存储库中提供了Apache,因此可以使用常规的软件包管理工具进行安装。
Let’s begin by updating the local package index to reflect the latest upstream changes:
让我们首先更新本地包索引以反映最新的上游更改:
- sudo apt update sudo apt更新
Then, install the apache2
package:
然后,安装apache2
软件包:
- sudo apt install apache2 须藤apt install apache2
After confirming the installation, apt
will install Apache and all required dependencies.
确认安装后, apt
将安装Apache和所有必需的依赖项。
步骤2 —调整防火墙 (Step 2 — Adjusting the Firewall)
Before testing Apache, it’s necessary to modify the firewall settings to allow outside access to the default web ports. Assuming that you followed the instructions in the prerequisites, you should have a UFW firewall configured to restrict access to your server.
在测试Apache之前,必须修改防火墙设置以允许外部访问默认Web端口。 假设您已按照先决条件中的说明进行操作,则应该配置UFW防火墙以限制对服务器的访问。
During installation, Apache registers itself with UFW to provide a few application profiles that can be used to enable or disable access to Apache through the firewall.
在安装过程中,Apache向UFW注册以提供一些应用程序配置文件,可用于启用或禁用通过防火墙对Apache的访问。
List the ufw
application profiles by typing:
通过键入以下内容列出ufw
应用程序配置文件:
- sudo ufw app list sudo ufw应用程序列表
You will see a list of the application profiles:
您将看到应用程序配置文件的列表:
Output
Available applications: AIM Bonjour CIFS . . . WWW WWW Cache WWW Full WWW Secure . . .
The Apache profiles begin with WWW:
Apache配置文件以WWW开头:
WWW: This profile opens only port 80 (normal, unencrypted web traffic)
WWW :此配置文件仅打开端口80(正常,未加密的网络流量)
WWW Cache: This profile opens only port 8080 (sometimes used for caching and web proxies)
WWW缓存 :此配置文件仅打开端口8080(有时用于缓存和Web代理)
WWW Full: This profile opens both port 80 (normal, unencrypted web traffic) and port 443 (TLS/SSL encrypted traffic)
WWW Full :此配置文件同时打开端口80(正常,未加密的网络流量)和端口443(TLS / SSL加密的流量)
WWW Secure: This profile opens only port 443 (TLS/SSL encrypted traffic)
WWW Secure :此配置文件仅打开端口443(TLS / SSL加密的流量)
It is recommended that you enable the most restrictive profile that will still allow the traffic you’ve configured. Since we haven’t configured SSL for our server yet in this guide, we will only need to allow traffic on port 80:
建议您启用限制性最强的配置文件,该配置文件仍将允许您配置的流量。 由于本指南中尚未为服务器配置SSL,因此我们只需要允许端口80上的流量通过:
sudo ufw allow 'WWW' sudo ufw允许“ WWW”
You can verify the change by typing:
您可以通过键入以下内容来验证更改:
sudo ufw status sudo ufw状态
You should see HTTP traffic allowed in the displayed output:
您应该在显示的输出中看到允许的HTTP流量:
Output
Status: active To Action From -- ------ ---- OpenSSH ALLOW Anywhere WWW ALLOW Anywhere OpenSSH (v6) ALLOW Anywhere (v6) WWW (v6) ALLOW Anywhere (v6)
As you can see, the profile has been activated to allow access to the web server.
如您所见,概要文件已被激活以允许访问Web服务器。
步骤3 —检查您的Web服务器 (Step 3 — Checking your Web Server)
At the end of the installation process, Debian 10 starts Apache. The web server should already be up and running.
在安装过程结束时,Debian 10将启动Apache。 Web服务器应该已经启动并正在运行。
Check with the
systemd
init system to make sure the service is running by typing:
通过键入以下内容,与systemd
初始化系统一起检查以确保服务正在运行:
- sudo systemctl status apache2 sudo systemctl状态apache2
Output
● apache2.service - The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2019-07-19 15:33:01 UTC; 4min 13s ago Docs: https://httpd.apache.org/docs/2.4/ . . . Jul 19 15:33:01 debssh systemd[1]: Starting The Apache HTTP Server... Jul 19 15:33:01 debssh apachectl[2791]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive global Jul 19 15:33:01 debssh systemd[1]: Started The Apache HTTP Server.
As you can see from this output, the service appears to have started successfully. However, the best way to test this is to request a page from Apache.
从此输出中可以看到,该服务似乎已成功启动。 但是,最好的测试方法是从Apache请求一个页面。
You can access the default Apache landing page to confirm that the software is running properly through your IP address. If you do not know your server’s IP address, you can get it a few different ways from the command line.
您可以访问默认的Apache登录页面,以通过您的IP地址确认软件是否正常运行。 如果您不知道服务器的IP地址,则可以从命令行以几种不同的方式获取它。
Try typing this at your server’s command prompt:
尝试在服务器的命令提示符下键入以下内容:
hostname -I 主机名-I
You will get back a few addresses separated by spaces. You can try each in your web browser to see if they work.
您将获得一些用空格分隔的地址。 您可以尝试在网络浏览器中查看它们是否正常工作。
An alternative is using the
curl
tool, which should give you your public IP address as seen from another location on the internet.
一种替代方法是使用curl
工具,该工具应该为您提供从Internet上其他位置看到的公共IP地址。
First, install curl
using apt
:
首先,使用apt
安装curl
:
- sudo apt install curl sudo apt安装curl
Then, use curl
to retrieve icanhazip.com using IPv4:
然后,使用curl
使用IPv4检索icanhazip.com:
- curl -4 icanhazip.com 卷曲-4 icanhazip.com
When you have your server’s IP address, enter it into your browser’s address bar:
拥有服务器的IP地址后,将其输入到浏览器的地址栏中:
http://your_server_ip
You should see the default Debian 10 Apache web page:
您应该看到默认的Debian 10 Apache网页:
This page indicates that Apache is working correctly. It also includes some basic information about important Apache files and directory locations.
此页面表明Apache正常工作。 它还包括有关重要Apache文件和目录位置的一些基本信息。
第4步-管理Apache进程 (Step 4 — Managing the Apache Process)
Now that you have your web server up and running, let’s go over some basic management commands.
现在您已经启动并运行了Web服务器,让我们来看一些基本的管理命令。
To stop your web server, type:
要停止您的Web服务器,请输入:
- sudo systemctl stop apache2 sudo systemctl停止apache2
To start the web server when it is stopped, type:
要在停止时启动Web服务器,请键入:
- sudo systemctl start apache2 sudo systemctl启动apache2
To stop and then start the service again, type:
要停止然后再次启动该服务,请键入:
- sudo systemctl restart apache2 sudo systemctl重新启动apache2
If you are simply making configuration changes, Apache can often reload without dropping connections. To do this, use this command:
如果您只是在更改配置,Apache经常可以重新加载而无需断开连接。 为此,请使用以下命令:
- sudo systemctl reload apache2 sudo systemctl重新加载apache2
By default, Apache is configured to start automatically when the server boots. If this is not what you want, disable this behavior by typing:
默认情况下,Apache配置为在服务器启动时自动启动。 如果这不是您想要的,请通过键入以下内容禁用此行为:
- sudo systemctl disable apache2 sudo systemctl禁用apache2
To re-enable the service to start up at boot, type:
要重新启用该服务以在引导时启动,请键入:
- sudo systemctl enable apache2 sudo systemctl启用apache2
Apache should now start automatically when the server boots again.
现在,当服务器再次启动时,Apache应该会自动启动。
步骤5 —设置虚拟主机(推荐) (Step 5 — Setting Up Virtual Hosts (Recommended))
When using the Apache web server, you can use virtual hosts (similar to server blocks in Nginx) to encapsulate configuration details and host more than one domain from a single server. In the following commands, replace your_domain
with your own domain name. To learn more about setting up a domain name with DigitalOcean, see our Introduction to DigitalOcean DNS.
使用Apache Web服务器时,可以使用虚拟主机 (类似于Nginx中的服务器块)来封装配置详细信息,并在一台服务器中承载一个以上的域。 在以下命令中, 将 your_domain
替换 为您自己的域名 。 要了解有关使用DigitalOcean设置域名的更多信息,请参阅我们的DigitalOcean DNS简介 。
Apache on Debian 10 has one server block enabled by default that is configured to serve documents from the /var/www/html
directory. While this works well for a single site, it can become unwieldy if you are hosting multiple sites. Instead of modifying /var/www/html
, let’s create a directory structure within /var/www
for our your_domain
site, leaving /var/www/html
in place as the default directory to be served if a client request doesn’t match any other sites.
默认情况下,Debian 10上的Apache启用了一个服务器块,该服务器块被配置为提供/var/www/html
目录中的文档。 尽管这对于单个站点非常有效,但是如果您托管多个站点,则可能变得笨拙。 与其修改/var/www/html
,不如在/var/www
为your_domain
网站创建目录结构,如果客户请求与任何其他请求都不匹配,则将/var/www/html
保留为默认目录其他网站。
Create the directory for your_domain
as follows, using the -p
flag to create any necessary parent directories:
使用-p
标志创建所有必需的父目录,如下所示为your_domain
创建目录:
sudo mkdir -p /var/www/your_domain
Next, assign ownership of the directory with the $USER
environmental variable:
接下来,使用$USER
环境变量分配目录的所有权:
sudo chown -R $USER:$USER /var/www/your_domain
须藤chown -R $ USER:$ USER / var / www / your_domain
The permissions of your web roots should be correct if you haven’t modified your unmask
value, but you can make sure by typing:
如果您尚未修改unmask
值,则您的Web根目录的权限应该正确,但是可以通过键入以下内容来确保:
sudo chmod -R 755 /var/www/your_domain
须藤chmod -R 755 / var / www / your_domain
Next, create a sample index.html
page using nano
or your favorite editor:
接下来,使用nano
或您喜欢的编辑器创建一个示例index.html
页面:
nano /var/www/your_domain/index.html
纳米/ var / www / your_domain /index.html
Inside, add the following sample HTML:
在其中,添加以下示例HTML:
<html>
<head>
<title>Welcome to your_domain!</title>
</head>
<body>
<h1>Success! The your_domain virtual host is working!</h1>
</body>
</html>
Save and close the file when you are finished.
完成后保存并关闭文件。
In order for Apache to serve this content, it’s necessary to create a virtual host file with the correct directives. Instead of modifying the default configuration file located at /etc/apache2/sites-available/000-default.conf
directly, let’s make a new one at /etc/apache2/sites-available/your_domain.conf
:
为了使Apache可以提供此内容,必须使用正确的指令创建虚拟主机文件。 与其直接修改/etc/apache2/sites-available/000-default.conf
的默认配置文件, /etc/apache2/sites-available/000-default.conf
在/etc/apache2/sites-available/ your_domain .conf
创建一个新的配置文件:
sudo nano /etc/apache2/sites-available/your_domain.conf
须藤纳米/ etc / apache2 / sites-available / your_domain .conf
Paste in the following configuration block, which is similar to the default, but updated for our new directory and domain name:
粘贴在以下配置块中,该配置块与默认配置块相似,但针对我们的新目录和域名进行了更新:
<VirtualHost *:80>
ServerAdmin admin@your_email_domain
ServerName your_domain
ServerAlias www.your_domain
DocumentRoot /var/www/your_domain
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Notice that we’ve updated the DocumentRoot
to our new directory and ServerAdmin
to an email that the your_domain
site administrator can access. We’ve also added two directives: ServerName
, which establishes the base domain that should match for this virtual host definition, and ServerAlias
, which defines further names that should match as if they were the base name.
请注意,我们已经将DocumentRoot
更新到我们的新目录,并将ServerAdmin
更新到your_domain
网站管理员可以访问的电子邮件。 我们还添加了两个指令: ServerName
,它建立应该与此虚拟主机定义匹配的基本域; ServerAlias
,它定义应该匹配的其他名称,就好像它们是基本名称一样。
Save and close the file when you are finished.
完成后保存并关闭文件。
Let’s enable the file with the a2ensite
tool:
让我们使用a2ensite
工具启用文件:
sudo a2ensite your_domain.conf
须藤a2ensite your_domain .conf
Disable the default site defined in 000-default.conf
:
禁用在000-default.conf
定义的默认站点:
- sudo a2dissite 000-default.conf 须藤a2dissite 000-default.conf
Next, let’s test for configuration errors:
接下来,让我们测试配置错误:
- sudo apache2ctl configtest 须藤apache2ctl configtest
You should see the following output:
您应该看到以下输出:
Output
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message Syntax OK
Restart Apache to implement your changes:
重新启动Apache以实施您的更改:
sudo systemctl restart apache2 sudo systemctl重新启动apache2
Apache should now be serving your domain name. You can test this by navigating to
http://your_domain
, where you should see something like this:
Apache现在应该提供您的域名。 您可以通过导航到http:// your_domain
,您应该会在其中看到以下内容:
第6步–熟悉重要的Apache文件和目录 (Step 6 – Getting Familiar with Important Apache Files and Directories)
Now that you know how to manage the Apache service itself, you should take a few minutes to familiarize yourself with a few important directories and files.
现在您知道如何管理Apache服务本身,您应该花几分钟时间来熟悉一些重要的目录和文件。
内容 (Content)
/var/www/html
: The actual web content, which by default only consists of the default Apache page you saw earlier, is served out of the/var/www/html
directory. This can be changed by altering Apache configuration files./var/www/html
:实际的Web内容(默认情况下仅包含您之前看到的默认Apache页面)从/var/www/html
目录中提供。 可以通过更改Apache配置文件来更改。
服务器配置 (Server Configuration)
/etc/apache2
: The Apache configuration directory. All of the Apache configuration files reside here./etc/apache2
:Apache配置目录。 所有Apache配置文件都位于此处。/etc/apache2/apache2.conf
: The main Apache configuration file. This can be modified to make changes to the Apache global configuration. This file is responsible for loading many of the other files in the configuration directory./etc/apache2/apache2.conf
:主要的Apache配置文件。 可以对其进行修改以更改Apache全局配置。 该文件负责在配置目录中加载许多其他文件。/etc/apache2/ports.conf
: This file specifies the ports that Apache will listen on. By default, Apache listens on port 80 and additionally listens on port 443 when a module providing SSL capabilities is enabled./etc/apache2/ports.conf
:此文件指定Apache将监听的端口。 默认情况下,当启用提供SSL功能的模块时,Apache会侦听端口80,并且还会侦听端口443。/etc/apache2/sites-available/
: The directory where per-site virtual hosts can be stored. Apache will not use the configuration files found in this directory unless they are linked to thesites-enabled
directory. Typically, all server block configuration is done in this directory, and then enabled by linking to the other directory with thea2ensite
command./etc/apache2/sites-available/
:可以存储每个站点的虚拟主机的目录。 除非将配置文件链接到sites-enabled
目录,否则Apache将不会使用该目录中的配置文件。 通常,所有服务器块配置都在此目录中完成,然后通过使用a2ensite
命令链接到另一个目录来启用。/etc/apache2/sites-enabled/
: The directory where enabled per-site virtual hosts are stored. Typically, these are created by linking to configuration files found in thesites-available
directory with thea2ensite
. Apache reads the configuration files and links found in this directory when it starts or reloads to compile a complete configuration./etc/apache2/sites-enabled/
:存储已启用的每站点虚拟主机的目录。 通常,这些文件是通过使用a2ensite
链接到sites-available
目录中的配置文件来创建的。 Apache在启动或重新加载以编译完整的配置时,会读取该目录中的配置文件和链接。/etc/apache2/conf-available/
,/etc/apache2/conf-enabled/
: These directories have the same relationship as thesites-available
andsites-enabled
directories, but are used to store configuration fragments that do not belong in a virtual host. Files in theconf-available
directory can be enabled with thea2enconf
command and disabled with thea2disconf
command./etc/apache2/conf-available/
,/etc/apache2/conf-enabled/
:这些目录与sites-available
和sites-enabled
目录具有相同的关系,但是用于存储不属于虚拟主机。 在文件conf-available
目录可以与启用a2enconf
命令并禁用a2disconf
命令。/etc/apache2/mods-available/
,/etc/apache2/mods-enabled/
: These directories contain the available and enabled modules, respectively. Files in ending in.load
contain fragments to load specific modules, while files ending in.conf
contain the configuration for those modules. Modules can be enabled and disabled using thea2enmod
anda2dismod
command./etc/apache2/mods-available/
,/etc/apache2/mods-enabled/
:这些目录分别包含可用和启用的模块。 以.load
结尾的文件包含用于加载特定模块的片段,而以.conf
结尾的文件包含这些模块的配置。 可以使用a2enmod
和a2dismod
命令启用和禁用模块。
服务器日志 (Server Logs)
/var/log/apache2/access.log
: By default, every request to your web server is recorded in this log file unless Apache is configured to do otherwise./var/log/apache2/access.log
:默认情况下,对Web服务器的每个请求都记录在此日志文件中,除非将Apache配置为执行其他操作。/var/log/apache2/error.log
: By default, all errors are recorded in this file. TheLogLevel
directive in the Apache configuration specifies how much detail the error logs will contain./var/log/apache2/error.log
:默认情况下,所有错误都记录在此文件中。 Apache配置中的LogLevel
指令指定错误日志将包含多少详细信息。
结论 (Conclusion)
Now that you have your web server installed, you have many options for the type of content you can serve and the technologies you can use to create a richer experience.
现在,您已经安装了Web服务器,对于可以提供的内容类型以及可以用来创建更丰富体验的技术,有了很多选择。
If you’d like to build out a more complete application stack, you can look at this article on how to configure a LAMP stack on Debian 10.
如果您想构建一个更完整的应用程序堆栈,可以查看有关如何在Debian 10上配置LAMP堆栈的本文。
翻译自: https://www.digitalocean.com/community/tutorials/how-to-install-the-apache-web-server-on-debian-10
debian apache