一、增加FCGI支持 说明:为了获得优异的web效能,克服CGI不能应付大量访问及低效率的缺陷 1、安装apache的mod_fastcgi模块 1 2 3 4 5 6 7 8 9 | [root@mail ~] # yum install -y httpd-devel
[root@mail ~] # cd /usr/local/src
[root@mail src] # wget http://www./dist/mod_fastcgi-2.4.6.tar.gz
[root@mail src] # tar zxvf mod_fastcgi-2.4.6.tar.gz
[root@mail src] # cd mod_fastcgi-2.4.6
[root@mail mod_fastcgi-2.4.6] # cp Makefile.AP2 Makefile
#搜索~httpd/build目录路径,赋值给top_dir进行安装
[root@mail mod_fastcgi-2.4.6] # find / -name "build" -type d
[root@mail mod_fastcgi-2.4.6] # make top_dir=/usr/lib64/httpd/ install
|
2、查看模块是否生成 1 2 | [root@mail mod_fastcgi-2.4.6] # ls /etc/httpd/modules/mod_fastcgi.so
/etc/httpd/modules/mod_fastcgi .so
|
3、安装Extmail需要的perl-FCGI模块 1 | [root@mail mod_fastcgi-2.4.6] # yum install perl-FCGI
|
4、配置虚拟主机文件 1 2 3 4 5 6 7 8 9 10 11 12 13 14 | [root@mail mod_fastcgi-2.4.6] # vi /etc/httpd/conf.d/extmail.conf
LoadModule fastcgi_module modules /mod_fastcgi .so
<Ifmodule mod_fastcgi.c>
FastCgiExternalServer /usr/bin/dispatch .fcgi -host 127.0.0.1:8888 -idle-timeout 240
< /Ifmodule >
<VirtualHost *:80>
#ScriptAlias /extmail/cgi/ /var/www/extsuite/extmail/cgi/
Alias /extmail/cgi/ /usr/bin/dispatch .fcgi/
ScriptAlias /extman/cgi/ /var/www/extsuite/extman/cgi/
Alias /extman/cgi/ /usr/bin/dispatch .fcgi/
<Location "/extman/cgi" >
SetHandler fastcgi-script
< /Location >
< /VirtualHost >
|
说明:上面的/usr/bin/dispatch.fcgi并不存在,但是必须按上面的写。
5、启动 修改启动脚本: 1 2 3 | [root@mail mod_fastcgi-2.4.6] # vi /var/www/extsuite/extmail/dispatch-init
SU_UID=vmail
SU_GID=vmail
|
启动进程: 1 2 3 4 5 6 7 8 9 10 | [root@mail mod_fastcgi-2.4.6] # /var/www/extsuite/extmail/dispatch-init start
[root@mail mod_fastcgi-2.4.6] # echo "/var/www/extsuite/extmail/dispatch-init start" >> /etc/rc.d/rc.local
[root@mail mod_fastcgi-2.4.6] # service httpd restart
[root@mail mod_fastcgi-2.4.6] # ps aux|grep dispatch.fcgi
vmail 18737 0.0 0.5 139048 5588 ? SNs 11:00 0:00 dispatch.fcgi (master)
vmail 18738 0.0 0.5 139048 5432 ? SN 11:00 0:00 dispatch.fcgi (idle)
vmail 18739 0.0 0.5 139048 5432 ? SN 11:00 0:00 dispatch.fcgi (idle)
root 18762 0.0 0.0 103256 864 pts /2 S+ 11:02 0:00 grep dispatch.fcgi
[root@mail mod_fastcgi-2.4.6] # netstat -tnlp|grep 8888
tcp 0 0 127.0.0.1:8888 0.0.0.0:* LISTEN 18737 /dispatch .fcgi
|
说明:这里没有对extman启用FCGI,因为启用后会出现一个错误,详见: http://www./forum/thread-12859-1-1.html
二、增加SSL登陆 1、安装ssl模块 1 | [root@mail ~] # yum install mod_ssl
|
2、创建密钥、证书 (1)查看本地密钥和证书位置 1 2 3 | [root@mail ~] # vi /etc/httpd/conf.d/ssl.conf
SSLCertificateFile /etc/pki/tls/certs/localhost .crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost .key
|
(2)重建本地密钥 1 2 3 | [root@mail ~] # cd /etc/pki/tls/private
[root@mail private] # rm -f localhost.key
[root@mail private] # openssl genrsa 1024 > localhost.key
|
(3)重建本地证书 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | [root@mail private] # cd ../certs
[root@mail certs] # rm -rf localhost.crt
[root@mail certs] # openssl req -new -x509 -days 365 -key ../private/localhost.key -out localhost.crt
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.' , the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:zhejiang
Locality Name (eg, city) [Default City]:hangzhou
Organization Name (eg, company) [Default Company Ltd]:yourmail
Organizational Unit Name (eg, section) []:it
Common Name (eg, your name or your server s hostname ) []:
Email Address []:
|
3、配置虚拟主机 说明:将conf.d下的extmail.conf内容移至ssl.conf中,使用SSL的443端口进行WEB连接。 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | [root@mail certs] # cd /etc/httpd/conf.d
[root@mail conf.d] # mv extmail.conf extmail.conf.bak
[root@mail conf.d] # vi ssl.confLoadModule fastcgi_module modules/mod_fastcgi.so
<Ifmodule mod_fastcgi.c>
FastCgiExternalServer /usr/bin/dispatch .fcgi -host 127.0.0.1:8888 -idle-timeout 240
< /Ifmodule >
#在下行之上添加以上内容
<VirtualHost _default_:443>
#在上行之下添加以下内容
ServerName mail.yourmail.com:443
DocumentRoot /var/www/extsuite/extmail/html/
#ScriptAlias /extmail/cgi/ /var/www/extsuite/extmail/cgi/
Alias /extmail/cgi/ /usr/bin/dispatch .fcgi/
<Location "/extmail/cgi" >
SetHandler fastcgi-script
< /Location >
Alias /extmail /var/www/extsuite/extmail/html/
ScriptAlias /extman/cgi/ /var/www/extsuite/extman/cgi/
Alias /extman /var/www/extsuite/extman/html/
SuexecUserGroup vmail vmail
|
注释掉根目录: 否则错误日志中会显示File does not exist: /var/www/html/favicon.ico 网页标签中会显示d图标(DSPAM的) 1 2 | [root@mail conf.d] # vi ../conf/httpd.conf
#DocumentRoot "/var/www/html"
|
4、重启服务 1 2 3 4 5 | [root@mail ~] # service httpd restart
[root@mail ~] # iptables -I INPUT -p tcp --dport 443 -j ACCEPT
[root@mail ~] # service iptables save
[root@mail ~] # netstat -tnlp|grep 443
tcp 0 0 :::443 :::* LISTEN 19691 /httpd
|
5、访问页面 http://的页面已经无法访问了:
https://的页面会提示证书不安全,不用管,点继续浏览:
Extmail成功支持SSL,这里标签上显示的是DSPAM的图标,因为我没有将其删除导致的。
DSPAM的页面也可以使用SSL了: 而DSPAM的原页面无法看到历史数据了:
|