http服务之二

httpd


http协议:

http事务:
   请求:request
   响应:response

报文语法格式:

request报文

<method> <request-URL> <version>
    <headers>

<entity-body>

response报文

<version> <status> <reason-phrase 原因短语>
<headers>
<entity-body>

method: 请求方法,标明客户端希望服务器对资源执行的动作
    GET、HEAD、POST

method(方法):

     GET:从服务器获取一个资源;
     HEAD:只从服务器获取文档的响应首部;
     POST:向服务器发送要处理的数据;
     PUT:将请求的主体部分存储在服务器上;
     DELETE:请求删除服务器上指定的文档;
     TRACE:追踪请求到达服务器中间经过的代理服务器;
    OPTIONS:请求服务器返回对指定资源支持使用的请求方法;

version:

    HTTP/<major>.<minor>

status:

三位数字,如200,301, 302, 404, 502; 标记请求处理过程中发生的情况;

status(状态码):
            1xx:100-101, 信息提示;
            2xx:200-206, 成功
            3xx:300-305, 重定向
            4xx:400-415, 错误类信息,客户端错误
            5xx:500-505, 错误类信息,服务器端错误

常用的状态码:
        200: 成功,请求的所有数据通过响应报文的entity-body部分发送;OK
        301: 请求的URL指向的资源已经被删除;但在响应报文中通过首部Location指明了资源现在所处的新位置;Moved Permanently
        302: 与301相似,但在响应报文中通过Location指明资源现在所处临时新位置; Found
        304: 客户端发出了条件式请求,但服务器上的资源未曾发生改变,则通过响应此响应状态码通知客户端;Not Modified
        401: 需要输入账号和密码认证方能访问资源;Unauthorized
        403: 请求被禁止;Forbidden
        404: 服务器无法找到客户端请求的资源;Not Found
        500: 服务器内部错误;Internal Server Error
        502: 代理服务器从后端服务器收到了一条伪响应;Bad Gateway

reason-phrase:

状态码所标记的状态的简要描述;

headers:

格式:
    name:Value

每个请求或响应报文可包含任意个首部;每个首部都有首部名称,后面跟一个冒号,而后跟上一个可选空格,接着是一个值;

entity-body:

请求时附加的数据或响应时附加的数据;

协议查看或分析的工具:

    tcpdump, tshark, wireshark

首部分类:

通用首部、请求首部、响应首部、实体首部、扩展首部

http服务之二    

通用首部:

Connection: {close|keep-alive}
Date:报文创建的日期时间
Via:经由那里跳转而来的! (一般在响应报文中添加,主要是告诉,是经过多少个中间节点而来的)
Cache-Control:缓存控制;
Pragma:为了兼容1.0的缓存

请求首部:

Host:指明请求的主机
Referer:跳转至当前页面的上级资源; (从哪个连接跳转过来的)
User-Agent:用户代理;服务器端在相应报文时有可能会压缩以后再响应,并非所有的浏览器都支持一些高级功能,于是就要根据客户端浏览器类型来决定浏览器的生成!
Client-IP:

Accept:可接收的MIME类型;
Accept-Language:
Accept-Encoding:gzip, defalte, 
Accept-Charset:字符集格式
        ...


条件式请求首部:

    Except:
    If-Modified-Since:自从某个时间之后是否发生修改
    If-Unmodified-Since:是否未曾发生过修改
    If-None-Match :与某个扩展是否不匹配
    If-Match
        用来做缓存同步测试的

安全相关的请求首部:

    Authorization:请求授权
    Cookie:追踪用户行为用 
    Cookie2:

响应首部:

安全相关的首部:
    WWW-Authenticate:认证质询
    Set-Cookie:
    Set-Cookie2:            

    信息性首部:
    Server:

协商类首部:

    Accept-Range:服务器端可接受的请求类型范围
    Vary:其它首部列表

实体首部:

Content-Encoding  内容编码
Content-Language    内容的语言
Content-Lenth    内容长度    
Content-Location    位置
Content-Type     媒体类型
...

Allow:允许使用的请求方法;
Location: 真正的资源位置所在的地址

缓存相关:
    Etag:扩展标签
    Last-Modified:最近一次的修改
    Expires:    过期时间

扩展首部:

X-Forwarded-For 从哪里过来的用来追踪用户的访问
    ……

完整格式:

url:Uniform Resource Locator 
    scheme://host:port/path

scheme://[<user>[:<password>]@<host>[:<port>]/    <path>;<params>?<query>#frag

    params:参数, ;param1=value1&param2=value2
    query:查询字符串, ?field1=value1&field2=value2
    frag:#号引导的页面锚定,#frag_id, 例如#ch1

《http权威指南》前4章

httpd-2.4基本配置:

curl命令

    curl是基于URL语法在命令行方式下工作的文件传输工具,
    它支持FTP, FTPS, HTTP, HTTPS, GOPHER, TELNET, DICT, FILE及LDAP等协议。curl支持HTTPS认证,
    并且支持HTTP的POST、PUT等方法,FTP上传, kerberos认证,HTTP上传,代理服务器, cookies, 用户名/密码认证,
     下载文件断点续传,上载文件断点续传, http代理服务器管道( proxy tunneling), 甚至它还支持IPv6, socks5代理服务器,
     通过http代理服务器上传文件到FTP服务器等等,功能十分强大。

curl  [options]  [URL…]

curl的常用选项:

        -A/--user-agent <string> 设置用户代理发送给服务器;伪装自己的浏览器类型

        --basic 使用HTTP基本认证

        -e/--referer <URL> 来源网址

        --cacert <file> CA证书 (SSL)

        --compressed 要求返回是压缩的格式

        -H/--header <line>自定义首部信息传递给服务器

        -I/--head 只显示响应报文首部信息

        --limit-rate <rate> 设置传输速度

        -u/--user <user[:password]>设置服务器的用户和密码

        -0/--http1.0 使用HTTP 1.0    

        -X, --request <command>:自定义请求方法默认是GET方法

另一个工具:elinks

elinks  [OPTION]... [URL]...
    -dump: 不进入交互式模式,而直接将URL的内容输出至标准输出;

15、使用mod_deflate模块压缩页面优化传输速度

适用场景:
   (1) 节约带宽,额外消耗CPU;同时,可能有些较老浏览器不支持;
   (2) 压缩适于压缩的资源,例如文件文件;

可以用 curl –compressed  -I 网址  来获取某个文件的首部信息的压缩信息

    SetOutputFilter DEFLATE #---(过滤选项)

    # mod_deflate configuration  (过滤的内容)

    # Restrict compression to these MIME types
    AddOutputFilterByType DEFLATE text/plain 
    AddOutputFilterByType DEFLATE text/html
    AddOutputFilterByType DEFLATE application/xhtml+xml
    AddOutputFilterByType DEFLATE text/xml
    AddOutputFilterByType DEFLATE application/xml
    AddOutputFilterByType DEFLATE application/x-javascript
    AddOutputFilterByType DEFLATE text/javascript
    AddOutputFilterByType DEFLATE text/css

    # Level of compression (Highest 9 - Lowest 1)  定义压缩比
    DeflateCompressionLevel 9

    # Netscape 4.x has some problems. 一下是对单个类型的浏览器的压缩选项作出调整
    BrowserMatch ^Mozilla/4  gzip-only-text/html

    # Netscape 4.06-4.08 have some more problems
    BrowserMatch  ^Mozilla/4\.0[678]  no-gzip

    # MSIE masquerades as Netscape, but it is fine
    BrowserMatch \bMSI[E]  !no-gzip !gzip-only-text/html

16、https,  http over ssl

    OpenSSL: (单ip只能有一个站点能用ssl)                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
        libcrpyto, libssl (ssl/tls), openssl

    PKI: 
        CA, 

    SSL会话的简化过程
        (1) 客户端发送可供选择的加密方式,并向服务器请求证书;
        (2) 服务器端发送证书以及选定的加密方式给客户端;
        (3) 客户端取得证书并进行证书验正:
                如果信任给其发证书的CA:
                (a) 验正证书来源的合法性;用CA的公钥解密证书上数字签名;
                (b) 验正证书的内容的合法性:完整性验正
                (c) 检查证书的有效期限;
                (d) 检查证书是否被吊销;
                (e) 证书中拥有者的名字,与访问的目标主机要一致;
        (4) 客户端生成临时会话密钥(对称密钥),并使用服务器端的公钥加密此数据发送给服务器,完成密钥交换;
        (5) 服务用此密钥加密用户请求的资源,响应给客户端;

        注意:SSL会话是基于IP地址创建;所以单IP的主机上,仅可以使用一个https虚拟主机;

    回顾几个术语:PKI,CA,CRL,X.509 (v1, v2, v3)

    配置httpd支持https:
        (1) 为服务器申请数字证书;
            测试:通过私建CA发证书
                (a) 创建私有CA
                (b) 在服务器创建证书签署请求
                (c) CA签证

        (2) 配置httpd支持使用ssl,及使用的证书;
            # yum -y install mod_ssl

            配置文件:/etc/httpd/conf.d/ssl.conf
                DocumentRoot
                ServerName
                SSLCertificateFile
                SSLCertificateKeyFile

        (3) 测试基于https访问相应的主机;
            # openssl  s_client  [-connect host:port] [-cert filename] [-CApath directory] [-CAfile filename]

17、httpd自带的应用程序

htpasswd:basic认证基于文件实现,用于生成账号和密码的程序;
        htdbm
        htdigest
apachectl:httpd自带的服务控制脚本,支持start和stop等子命令;
    apxs:- APache eXtenSion tool
        为httpd增添模块的;

rotatelogs:滚动日志
        access_log, 
        access_log, access_log.1, ...

    ab: - Apache HTTP server benchmarking tool
        webbench, httpload, ...

        loadrunner, jmeter (ASF)

        tcpcopy,

18、ab – web service的压力测试工具

http服务之二    

ab [OPTIONS]  [http[s]://]hostname[:port]/path
            请求数:[ -n requests ]
            并发数:[ -c concurrency ]
            长连接:[ -k ]

httpd-2.2与httpd-2.4的不同之处:

MPM:

  • prefork:进程模型,两级结构,master/worker, 每worker处理一个请求;

  • worker:线程模型,三级结构,master/worker/thread,每thread处理一个请求;

  • event:事件驱动的线程模型,两级结构,master/worker,每worker响应多个请求;

httpd-2.2的MPM模块为static模块,而非shared模块;

/etc/sysconfig/httpd
HTTPD=/usr/sbin/{httpd|httpd.worker|httpd.event}

            <IfModule prefork.c>
            StartServers       8
            MinSpareServers    5
            MaxSpareServers   20
            ServerLimit      256
            MaxClients       256
            MaxRequestsPerChild  4000
            </IfModule>            

            <IfModule worker.c>
            StartServers         4
            MaxClients         300
            MinSpareThreads     25
            MaxSpareThreads     75 
            ThreadsPerChild     25
            MaxRequestsPerChild  0
            </IfModule>

    基于IP的访问控制机制:
        httpd-2.4:
            require ip, require not ip, require host, require not host

        httpd-2.2:
            allow from, deny from

            order allow,deny, order deny,allow

    基于主机名的虚拟主机:
        httpd-2.2:须使用NameVirtualHost;
        httpd-2.4:无须使用;

    各映射的本地文件系统路径内的资源:
        httpd-2.4:须做显式授权
        httpd-2.2:无须显式授权

原创文章,作者:qzx,如若转载,请注明出处:http://www.178linux.com/53386

(0)
qzxqzx
上一篇 2016-10-21
下一篇 2016-10-21

相关推荐

  • week5

    1、显示当前系统上root、fedora或user1用户的默认shell; useradd fedora useradd user1 egrep "^(root|fedora|user1)" /etc/passwd | cut -d: -f1,7 2、找出/e…

    Linux干货 2016-11-24
  • N25-第12周博客作业

    1、请描述一次完整的http请求处理过程;   1)客户端和服务器端建立连接。服务器接收或者拒绝请求。   2)服务器端接收客户端请求。接收来自于网络的请求报文中对某资源的一次请求。对请求的处理响应,可分为单进程(启动一个进程处理请求,一次只处理一个)和多进程(并行启动多个进程,每个进程处理一个请求)。  &…

    Linux干货 2017-05-21
  • Linux-文件基本权限及特殊权限详解

    Linux文件基本权限及特殊权限详解 背景 Linux文件基本权限和特殊权限对于初学者很少烦恼,各种无法理解,所以在学到这一节时,将自己学到的以及自己的理解写出来以检查自己对这个部分的掌握情况。 什么是权限 在Linux里一切皆文件,所谓的权限就是用户对文件(目录也是以个文件)的操作范围,对文件的操作包括读、写和执行,用户对文件有不同的权限就能做相应的操作。…

    Linux干货 2017-07-22
  • Linux文件类型及颜色标识

    文件类型(共7种): – :普通文件 d:目录文件 (directory) c:字符设备文件 (char) b:块设备文件 (block) s:本地域套接口 (socket) p:有名管道 (pipeline) l:符号连接 (link) 关于硬链接、软连接、复制之间的区别说明: 上图中,我为photo.png这个图片文件建立了一个拷贝(phot…

    Linux干货 2016-10-16
  • Linux之sed的使用

    sed的工作原理         sed是一种流编辑器以行为单位来处理文本的一款功能十分强大的编辑器,一次只处理一行内容,当处理文本是,将要处理的行放置在模式空间里(缓冲区),接下来sed命令处理模式空间里的内容,处理完成后,把模式空间里处理后的内容送至屏幕打印输出,接下来处理下…

    Linux干货 2016-08-09
  • 文本处理工具sed

    处理文本的工具sed     stream EDitor,行编辑器     sed是一种流编辑器,他一次处理一行内容。处理时,把当前处理的行存储在临时缓冲区中,成为“模式空间”(pattern space),接着用sed命令处理缓存区中的内容,处理完成后,把缓冲区的内容送往屏幕。…

    Linux干货 2016-08-10