### Pre-Installation ###
# yum install gcc g++ cpp gcc-c++ zlib* curl* openssl openssl-devel ncurses-devel zip2-devel \
libtermcap-devel libc-client-devel perl bison make cmake db4-devel libvpx-devel \
lua-devel wget autoconf libtool
Apache Portable Runtime: https://apr.apache.org/download.cgi
# wget http://mirror.apache-kr.org//apr/apr-1.7.0.tar.gz
# wget http://mirror.apache-kr.org//apr/apr-util-1.6.1.tar.gz
# wget http://mirror.apache-kr.org//apr/apr-iconv-1.2.2.tar.gz
Perl Compatible Regular Expressions: https://ftp.pcre.org/pub/pcre/
# wget https://ftp.pcre.org/pub/pcre/pcre-8.44.tar.gz
OpenSSL: https://www.openssl.org/source/
# wget https://www.openssl.org/source/openssl-1.1.1f.tar.gz
Apache HTTP Server: http://httpd.apache.org/download.cgi#apache24
# wget http://archive.apache.org/dist/httpd/httpd-2.4.43.tar.gz
### Apache HTTP Server Installation ###
# tar xzvf apr-1.7.0.tar.gz
# mkdir build_apr
# cd build_apr
# ../apr-1.7.0/configure --prefix=/app/apache/apr
# make
# make install
# tar zxvf apr-iconv-1.2.2.tar.gz
# mkdir build_apr-iconv
# cd build_apr-iconv
# ../apr-iconv-1.2.2/configure --prefix=/app/apache/apr-iconv --with-apr=/app/apache/apr
# make
# make install
# tar xzvf apr-util-1.6.1.tar.gz
# mkdir build_apr-util
# cd build_apr-util
# ../apr-util-1.6.1/configure --prefix=/app/apache/apr-util --with-apr=/app/apache/apr --with-iconv=/app/apache/apr-iconv
# make
# make install
# tar xzvf openssl-1.1.1f.tar.gz
# mkdir build_openssl
# cd build_openssl
# ../openssl-1.1.1f/config --prefix=/app/apache/openssl --openssldir=/app/apache/openssl -fPIC no-gost no-shared no-zlib
# make
# make install
# tar xzvf pcre-8.44.tar.gz
# mkdir build_pcre
# cd build_pcre
# ../pcre-8.44/configure --prefix=/app/apache/pcre --enable-utf8=yes --enable-unicode-properties=yes --enable-static=yes
# make
# make install
# tar xzvf httpd-2.4.43.tar.gz
# mkdir build_httpd
# cd build_httpd
# ../httpd-2.4.43/configure --prefix=/app/apache/httpd/2.4 \
--enable-modules=all \
--enable-mods-shared=all \
--enable-proxy \
--enable-proxy_http \
--enable-proxy_connect \
--enable-cache \
--enable-mem-cache \
--enable-disk-cache \
--enable-deflate \
--enable-info \
--enable-so \
--enable-rewrite \
--enable-auth-digest\
--enable-ssl \
--with-mpm=worker \
--with-apr=/app/apache/apr \
--with-apr-util=/app/apache/apr-util \
--with-ssl=/app/apache/openssl \
--with-pcre=/app/apache/pcre
# make
# make install
### mod_jk Installation ###
Tomcat Connectors (mod_jk) Downloads: http://apache.tt.co.kr/tomcat/tomcat-connectors/jk/
# wget http://apache.tt.co.kr/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.48-src.tar.gz
# tar xzvf tomcat-connectors-1.2.48-src.tar.gz
# mkdir build_tomcat-connectors
# cd build_tomcat-connectors
# ../tomcat-connectors-1.2.48-src/native/configure --with-apxs=/app/apache/httpd/2.4/bin/apxs
# make
# cp ./apache-2.0/mod_jk.so /app/apache/httpd/2.4/modules
### Tomcat Installation ###
Tomcat Binary Dowonload: https://tomcat.apache.org/download-80.cgi
# groupadd -g 950 wasadm
# useradd -g wasadm -u 1400 -d /app/was tomadm
# wget https://archive.apache.org/dist/tomcat/tomcat-8/v8.5.53/bin/apache-tomcat-8.5.53.tar.gz
# tar xzvf apache-tomcat-8.5.53.tar.gz
# mv apache-tomcat-8.5.53 /app/was/tomcat
# chown -R tomadm.wasadm /app/was/tomcat
### Apache HTTP Server/Tomcat 연동 설정 ###
# cd /app/apache/httpd/2.4/conf/
# cp httpd.conf httpd.conf.bak
# vi httpd.conf
Line 180:
User nobody
Line 181:
Group nobody
Line 269:
DirectoryIndex index.html index.htm index.jsp
맨 마지막에 아래 추가:
Include conf/extra/httpd-jk.conf저장
# cd /app/apache/httpd/2.4/conf/extra
# vi httpd-jk.conf
LoadModule jk_module modules/mod_jk.so
<IfModule jk_module>
JkWorkersFile conf/extra/workers.properties
JkLogFile logs/mod_jk.log
JkLogLevel Info
JkShmFile logs/mod_jk.shm
JkWatchdogInterval 60
JkMountFile conf/extra/uriworkermap.properties
</IfModule>저장
# vi workers.properties
worker.list=worker1
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009저장
# vi uriworkermap.properties
/*.jsp|/=worker1
/*.json|/=worker1
/*.xml|/=worker1
/*.do|/=worker1
/examples/*|/=worker1 -> 톰캣 기본홈에서 제공하는 예제 실행을 테스트하기 위해 추가저장
# cd /app/was/tomcat/conf
# cp server.xml server.xml.bak
# vi server.xml
Line 117:
<Connector protocol="AJP/1.3"
address="::1"
port="8009"
redirectPort="8443" /> -> 블록 상하단 주석(<!-- -->) 외부의 아래 라인에 다음 추가
<Connector protocol="AJP/1.3" port="8009" redirectPort="8443" address="0.0.0.0" secretRequired="false" />저장
# useradd -g wasadm -u 1300 -s /sbin/nologin -M apaadm
# chown -R apaadm.wasadm /app/apache/httpd
HTTP Server(root user)와 Tomcat(tomadm user) 구동후 웹브라우저에서 localhost/index.jsp 로 접속하면 8080 포트 지정 없이 Tomcat 메인페이지로 접속됨
또는 아파치의 웹루트 경로(/app/apache/httpd/2.4/htdocs)에 있는 index.html의 파일명을 index.html_bak 등으로 바꾸고 localhost로 접속하면 마찬가지로 8080 포트 지정 없이 Tomcat 메인페이지로 접속됨
접속 테스트가 제대로 된다면 Tomcat의 8080 포트 접속은 아래와 같이 주석처리
# vi /engn000/was/tomcat/conf/server.xml
Line 69:
<!-- <Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" /> -->저장
### 외부 접속 허용 ###
# firewall-cmd --permanent --zone=public --add-service=http
# firewall-cmd --permanent --zone=public --add-service=https
# firewall-cmd --reload
### selinux 사용시 mod_jk connector 포트 추가 관련(8009는 기본적으로 허용함) ###
# semanage port -a -t http_port_t -p tcp 18009Apache HTTP Server Restart
참고: http://httpd.apache.org/docs/2.4/programs/configure.htm
configure - 소스 트리를 구성한다 - Apache HTTP Server Version 2.4
configure - 소스 트리를 구성한다 이 문서는 최신판 번역이 아닙니다. 최근에 변경된 내용은 영어 문서를 참고하세요. configure 스크립트는 특정 플래폼에서 아파치 웹서버를 컴파일하고 설치하기위해 소스 트리를 구성한다. 여러 옵션을 사용하여 원하는 요구조건에 맞게 서버를 컴파일할 수 있다. 소스 배포본의 최상위 디렉토리에 있는 이 스크립트는 유닉스와 유닉스류 시스템에서만 사용한다. 다른 플래폼을 사용한다면 플래폼 문서를 참고하라. config
httpd.apache.org
http://tomcat.apache.org/connectors-doc/webserver_howto/apache.html
The Apache Tomcat Connectors - Web Server HowTo (1.2.48) - Apache HTTP Server HowTo
In case you get source from subversion, ie without an existing configure script, you should have autoconf for configuration and installation. To create the mod_jk autoconf script, you will need libtool 1.5.2, automake 1.10 and autoconf 2.59 or newer. The u
tomcat.apache.org
http://tomcat.apache.org/connectors-doc/
The Apache Tomcat Connectors: mod_jk, ISAPI redirector, NSAPI redirector (1.2.48) - Documentation Overview
The Apache Tomcat Connectors project is part of the Tomcat project and provides web server plugins to connect web servers with Tomcat and other backends. The supported web servers are: the Apache HTTP Server with a plugin (module) named mod_jk. Microsoft I
tomcat.apache.org
[CVE-2020-1938] apache tomcat 취약점에 따른 업데이트시 참고 사항 – 지락문화예술공작단
CVE-2020-1938 취약점 CVE : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938 KISA : https://www.krcert.or.kr/data/secNoticeView.do?bulletin_writing_sequence=35292APACHE : http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100 취약점 해결
jirak.net
GNUJAVA
# 설치된 OS # CentOS 7 # 설치전 필요 패키지 설치 # yum -y install gcc g++ cpp gcc-c++ zlib* curl* openssl openssl-devel ncurses-devel zip2-devel libtermcap-devel libc-client-devel perl bison make cmake db4-devel libvpx-devel wget # 설치전 패키지 업데이트 # yum -y update # 소스파일
gnujava.com
'OS > Linux' 카테고리의 다른 글
| [Ubuntu 18.04] OpenJDK 8 Installation (0) | 2020.04.21 |
|---|---|
| [CentOS 7] PHP 설치(APM, Source Compile) (0) | 2020.04.06 |
| [Linux] HDD 추가하기(LVM) (0) | 2020.03.10 |
| [CentOS 7] SSH/SFTP 설정 (0) | 2020.03.07 |
| [Linux/UNIX] 로그 확인시 특정라인 이후 내용 보는 팁(cat, grep, sed 활용) (0) | 2020.03.05 |