我是 linux/ubuntu 新手,但我想在 ubuntu VM 上设置 apache web 服务器。我在 amazon AWS 上创建了一个 VM,安装了 apache。但现在我无法通过浏览器访问它。我不确定 apache 服务器是否运行正常或是否有任何端口被阻止。
我检查了 apache 版本。似乎是使用“apache -version”安装的,它显示了有效版本和安装日期。
我检查了开放的端口。似乎 Apache 正在监听某些端口(3609、3614、3615),但没有监听端口 80?这可能是问题所在吗?如何解决?
编辑1:实际上我想添加一些截图,但如果声誉低于 10,我就无法做到这一点。
编辑2:
- “sudo /etc/init.d/apache2 status”告诉我它正在运行
- error.log 看起来也不错。它只显示:“Apache/2.2.22 (Ubuntu) 已配置 — 恢复正常运行
编辑3: 从服务器可以访问 Localhost。因此这似乎是防火墙/连接问题。但奇怪的是:我可以从外部通过 telnet ping 服务器 IP 上的端口 80。
编辑4: 我可以从另一个 Amazon VM 访问我的 Web 服务器!那么这意味着什么:这是 Amazon 安全组的问题吗?为了测试目的,我在我的安全组中打开了很多端口:
apache2.conf 如下所示:
#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
LockFile ${APACHE_LOCK_DIR}/accept.lock
#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 5
##
## Server-Pool Size Regulation (MPM specific)
##
# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# worker MPM
# StartServers: initial number of server processes to start
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadLimit: ThreadsPerChild can be changed to this maximum value during a
# graceful restart. ThreadLimit can only be changed by stopping
# and starting Apache.
# ThreadsPerChild: constant number of worker threads in each server process
# MaxClients: maximum number of simultaneous client connections
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_worker_module>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# event MPM
# StartServers: initial number of server processes to start
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxClients: maximum number of simultaneous client connections
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_event_module>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy all
</Files>
#
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
# It is also possible to omit any default MIME type and let the
# client's browser guess an appropriate action instead. Typically the
# browser will decide based on the file's extension then. In cases
# where no good assumption can be made, letting the default MIME type
# unset is suggested instead of forcing the browser to accept
# incorrect metadata.
#
DefaultType None
#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog ${APACHE_LOG_DIR}/error.log
#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn
# Include module configuration:
Include mods-enabled/*.load
Include mods-enabled/*.conf
# Include list of ports to listen on and which to use for name based vhosts
Include ports.conf
#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
# Include of directories ignores editors' and dpkg's backup files,
# see the comments above for details.
# Include generic snippets of statements
Include conf.d/
# Include the virtual host configurations:
Include sites-enabled/
ports.conf 如下所示:
NameVirtualHost *:80
Listen 80
<IfModule mod_ssl.c>
# If you add NameVirtualHost *:443 here, you will also have to change
# the VirtualHost statement in /etc/apache2/sites-available/default-ssl
# to <VirtualHost *:443>
# Server Name Indication for SSL named virtual hosts is currently not
# supported by MSIE on Windows XP.
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
编辑5:
如果我尝试访问网络服务器,我会收到消息:“网站不可用:”
编辑6:
“etc/apache2/sites-available/default” 如下所示:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
编辑7:
实际上我无法 ping 通我的主机,只有端口 80 上的 telnet 可以工作。
编辑8:
本地 telnet “localhost 80”和“netstat -l”结果:
“telnet”:
“netstat -l”:
编辑9:
因为看起来 Web 服务器正在监听 ip6 ip,所以我更改了“ports.conf”,并按照“Christoph Eicke”的建议添加了条目“Listen YOUR_AWS_IP:80”。现在 Web 服务器似乎正在监听 ip4 地址。但我仍然无法访问 Web 服务器。
答案1
在您的netstat -l
命令中,我没有看到任何在端口 80 上监听 IPv4 的内容。但是,您的 Web 服务器确实在监听 IPv6 接口。
本地连接是有道理的,因为你的工具可能已经可以使用 IPv6,并且 localhost 可以通过 解析为有效的 IPv6 IP /etc/hosts
。但你的网络可能还不支持 IPv6。
答案2
从您的问题来看,这不是 100% 明显的,所以我可以问一下您在安装 Apache 后是否启动了它吗?“sudo /etc/init.d/apache2 status”会告诉您它是否实际正在运行。
我接下来要检查的地方是 Apache 的日志文件,您可以在 /var/log/apache2/ 下找到它。
编辑:既然上述两个都已检查完毕,您能从服务器本地看到 Apache 吗?在服务器上运行 Web 浏览器,指向它,http://localhost
看看会发生什么。
编辑2:如果 Apache 正在运行,但未设置防火墙规则,则需要查看 Apache 的配置本身,查找允许本地连接但不允许远程连接的指令。各种配置文件应位于 /etc/apache2 中;查看“deny from all”或“allow from < address range >”等行。
答案3
可能您有一组标准的安全组以及一个 EC2 实例,但请记住,您可以创建多个安全组和多个 EC2 实例,因此:
您必须将安全组分配给 EC2 实例。
转到 AWS 网站 -> EC2 -> 实例 -> 选择您的实例 -> 操作按钮 -> 网络/更改安全组 -> 在这里您可以分配,在大多数情况下只需选中“默认”并保存。
答案4
我在连接端口 8080 时遇到了困难。我安装了 Apache2 sudo apt-get install Apache2
并且能够监听端口 8080。看起来默认情况下 Apache2 未安装在 EC2 上。