Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
linux_wiki:network_services_overview_apache_web_server [2016/10/06 21:11] billdozor [Change HTTPD's Port] |
linux_wiki:network_services_overview_apache_web_server [2018/04/07 22:52] billdozor [Host Based] |
||
---|---|---|---|
Line 12: | Line 12: | ||
* Configure the service for basic operation | * Configure the service for basic operation | ||
* Configure host-based and user-based security for the service | * Configure host-based and user-based security for the service | ||
+ | |||
+ | ---- | ||
+ | |||
+ | ====== Lab Setup ====== | ||
+ | |||
+ | The following virtual machines will be used: | ||
+ | * server1.example.com (192.168.1.150) -> Perform all connectivity tests from here | ||
+ | * server2.example.com (192.168.1.151) -> Install Apache Web Server here | ||
---- | ---- | ||
Line 46: | Line 54: | ||
* Tip: To see current port labels< | * Tip: To see current port labels< | ||
- | ---- | ||
__**Change HTTPD' | __**Change HTTPD' | ||
Line 72: | Line 79: | ||
* Should see permission denied to make socket 8282 | * Should see permission denied to make socket 8282 | ||
- | ---- | + | \\ |
- | + | __**SELinux: Configure Non Standard Port**__ | |
- | ===== SELinux: Configure Non Standard Port ===== | + | |
View http ports SELinux allows | View http ports SELinux allows | ||
Line 126: | Line 132: | ||
Allow access through the firewall | Allow access through the firewall | ||
<code bash> | <code bash> | ||
+ | # Standard http/https ports | ||
firewall-cmd --permanent --add-service=http | firewall-cmd --permanent --add-service=http | ||
firewall-cmd --permanent --add-service=https | firewall-cmd --permanent --add-service=https | ||
+ | firewall-cmd --reload | ||
+ | |||
+ | # Non-standard port example | ||
+ | firewall-cmd --permanent --add-port=8282/ | ||
firewall-cmd --reload | firewall-cmd --reload | ||
</ | </ | ||
Line 135: | Line 146: | ||
/ | / | ||
<code bash> | <code bash> | ||
- | <RequireAll> | + | <Directory "/ |
- | | + | |
- | Require not host notmyserver.local | + | |
- | </ | + | < |
+ | Require all granted | ||
+ | | ||
+ | </ | ||
+ | |||
+ | </ | ||
</ | </ | ||
- | * The above will allow access from myserver.local, but deny notmyserver.local from accessing the web server | + | * The above will allow access from all hosts except " |
+ | * Must be inside of a < | ||
===== User Based ===== | ===== User Based ===== | ||