1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
| yum install -y expat-devel
yum install -y epel-release
cd /etc/yum.repos.d && wget https://repo.codeit.guru/codeit.el`rpm -q --qf "%{VERSION}" $(rpm -q --whatprovides redhat-release)`.repo
yum info httpd
rm -rf /etc/httpd/
yum reinstall httpd
systemctl start httpd
systemctl status httpd -l
systemctl enable httpd
yum reinstall -y php-fpm
systemctl restart php-fpm
systemctl status php-fpm
systemctl enable php-fpm -l
cd /etc/httpd/conf.modules.d/
nano -K 02-fpm.conf
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
<FilesMatch \.php$>
SetHandler "proxy:fcgi://127.0.0.1:9000"
</FilesMatch>
cd /etc/httpd/conf/
nano -K httpd.conf
DirectoryIndex index.php index.html
systemctl restart httpd
http://limour.top/nextcloud/index.php
yum -y reinstall mod_ssl
certbot certificates
cd /etc/letsencrypt/live/
ll
cd /etc/httpd/conf.d/
nano -K ssl.conf
SSLCertificateFile /etc/letsencrypt/live/limour.top-0001/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/limour.top-0001/privkey.pem
cd /etc/httpd/conf/
nano -K httpd.conf
<Directory "/var/www/html">
Header always add Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
</Directory>
systemctl restart httpd
https://limour.top/nextcloud/index.php/login
cd /etc/httpd/conf/
nano -K httpd.conf
<Directory />
Order deny,allow
</Directory>
<Directory "/var/www/html">
AllowOverride All
</Directory>
systemctl restart httpd
cd /etc/httpd/conf.d/
nano -K zmyapp.conf
ProxyPass /aria2 http://127.0.0.1:57663/jsonrpc
<Directory "/var/www/html/AriaNg">
AllowOverride AuthConfig
</Directory>
<VirtualHost *:443>
ServerName limour.top
DocumentRoot /var/www/html
SSLEngine on
SSLProtocol +TLSv1.2 +TLSv1.3
SSLProxyProtocol +TLSv1.2 +TLSv1.3
SSLCipherSuite "EECDH+AES128:EECDH+AES256:+SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RSA+3DES:!DSS"
SSLProxyCipherSuite "EECDH+AES128:EECDH+AES256:+SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RSA+3DES:!DSS"
SSLCertificateFile /etc/letsencrypt/live/limour.top/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/limour.top/privkey.pem
</VirtualHost>
systemctl restart httpd
cd /etc/httpd/conf.d/
nano -K zmyapp_info.conf
<VirtualHost *:443>
ServerName info.limour.top
<Location />
AllowOverride AuthConfig
AuthType Basic
AuthName "This page is private"
AuthBasicProvider file
AuthUserFile /media/app/apasswd
require valid-user
</Location>
ProxyPreserveHost On
ProxyRequests Off
ProxyPass / http://127.0.0.1:30101/
ProxyPassReverse / http://127.0.0.1:30101/
</VirtualHost>
systemctl restart httpd
cd /etc/httpd/conf.d/
nano -K zmyapp_frp.conf
<VirtualHost *:443>
ServerName frp.limour.top
ProxyPreserveHost On
ProxyRequests Off
ProxyPass / http://127.0.0.1:11750/
ProxyPassReverse / http://127.0.0.1:11750/
</VirtualHost>
<VirtualHost *:443>
ServerName www.frp.limour.top
ServerAlias *.frp.limour.top
DocumentRoot /var/www/html
SSLEngine on
SSLProtocol +TLSv1.2 +TLSv1.3
SSLProxyProtocol +TLSv1.2 +TLSv1.3
SSLCipherSuite "EECDH+AES128:EECDH+AES256:+SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RSA+3DES:!DSS"
SSLProxyCipherSuite "EECDH+AES128:EECDH+AES256:+SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RSA+3DES:!DSS"
SSLCertificateFile /etc/letsencrypt/live/frp.limour.top/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/frp.limour.top/privkey.pem
RewriteEngine On
RewriteCond %{HTTP:Connection} Upgrade [NC]
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteRule /(.*) ws://127.0.0.1:21080/$1 [P,L]
ProxyPreserveHost On
ProxyRequests Off
ProxyPass / http://127.0.0.1:21080/
ProxyPassReverse / http://127.0.0.1:21080/
Header always add Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
</VirtualHost>
systemctl restart httpd
cd /etc/httpd/conf.modules.d/
nano -K 03-http2.conf
LoadModule http2_module modules/mod_http2.so
systemctl restart httpd
apachectl -M grep http2
cd /etc/httpd/conf.d/
nano -K ssl.conf
Protocols h2 h2c http/1.1
systemctl restart httpd
|
