centos命令上传 首先安装 lrzszyum -y install lrzsz 运行 rz 命令； 在弹出的窗口选择需要上传的文件，文件会被上传至对应的目录下运行 sz file.name 在弹出的窗口选择保存文件的位置，文件会被下载至对应的目录下

CentOS7安装PHP 1、下载php wget https://www.php.net/distributions/php-7.4.22.tar.gz 这里下载的是7.4.22，其他版本官网下载2、解压 tar -zvxf php-7.4.22.tar.gz 3、进入目录 cd php-7.4.22 4、进行预编译 ./configure --prefix=/home/php --enable-fpm 后面编译携带参数可以使用 ./configure --help 查看具体说明 --prefix=/home/php #这里是指定安装目录 --enable-fpm #这里是PHPFastCGI管理器，为了后面Nginx能解析PHP 后面可以加一些常用的PHP扩展一起编译 ， 这样安装后就自带这些扩展。出现错误 configure: error: Package requirements (libxml-2.0 >= 2.7.6) were not met: 解决方法： yum -y install libxml2-devel出现错误 configure: error: Package requirements (sqlite3 > 3.7.4) were not met: 解决方法： yum -y install sqlite-devel出现表示预编译成功5、安装 make && make install 这里需要点时间安装成功，到这里才发现我装错地方了，不过不影响使用。6、启动 复制代码cd /home/php/ #先进入安装目录 mv ./etc/php-fpm.conf.default ./etc/php-fpm.conf #重命名配置文件 mv ./etc/php-fpm.d/www.conf.default ./etc/php-fpm.d/www.conf #重命名配置文件 ./sbin/php-fpm #启动 ps -aux |grep php-fpm #查看启动状态（下面成功启动）  复制代码7、使用Nginx解析PHP， 编辑文章 centOS7安装、配置nginx，常用命令及禁用IP访问 进入到nginx安装目录 cd /opt/nginx/ 修改配置文件 vim ./conf/nginx.conf 修改内容如下(1)增加index.php(2)取消注释(3)修改路径保存退出 ，重启Nginx ./sbin/nginx -s reload 然后在 html 目录下面 vim index.php 写入内容保存退出，打开浏览器访问 结束安装。参考资料https://www.cnblogs.com/-wei/p/15222477.html

centOS7安装、配置nginx，常用命令及禁用IP访问 安装所需插件1、安装gccgcc是linux下的编译器在此不多做解释，感兴趣的小伙伴可以去查一下相关资料，它可以编译 C,C++,Ada,Object C和Java等语言命令：查看gcc版本gcc -v一般阿里云的centOS7里面是都有的，没有安装的话会提示命令找不到，安装命令:yum -y install gcc2、pcre、pcre-devel安装pcre是一个perl库，包括perl兼容的正则表达式库，nginx的http模块使用pcre来解析正则表达式，所以需要安装pcre库。安装命令：yum install -y pcre pcre-devel3、zlib安装zlib库提供了很多种压缩和解压缩方式nginx使用zlib对http包的内容进行gzip，所以需要安装安装命令：yum install -y zlib zlib-devel4、安装opensslopenssl是web安全通信的基石，没有openssl，可以说我们的信息都是在裸奔。。。。。。安装命令：yum install -y openssl openssl-devel安装nginx1、下载nginx安装包wget http://nginx.org/download/nginx-1.9.9.tar.gz 2、把压缩包解压到usr/local/javatar -zxvf nginx-1.9.9.tar.gz3、切换到cd /usr/local/java/nginx-1.9.9/下面执行三个命令：./configure make make install4、切换到/usr/local/nginx安装目录5、配置nginx的配置文件nginx.conf文件，主要也就是端口可以按照自己服务器的端口使用情况来进行配置ESC键，wq！强制保存并退出6、启动nginx服务切换目录到/usr/local/nginx/sbin下面启动nginx命令：./nginx7、查看nginx服务是否启动成功ps -ef | grep nginx8、访问你的服务器IP显示说明安装和配置都没问题OK了nginx.conf说明#user nobody; worker_processes 1; #工作进程：数目。根据硬件调整，通常等于cpu数量或者2倍cpu数量。 #错误日志存放路径 #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; # nginx进程pid存放路径 events { worker_connections 1024; # 工作进程的最大连接数量 } http { include mime.types; #指定mime类型，由mime.type来定义 default_type application/octet-stream; # 日志格式设置 #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; #用log_format指令设置日志格式后，需要用access_log来指定日志文件存放路径 sendfile on; #指定nginx是否调用sendfile函数来输出文件，对于普通应用，必须设置on。 如果用来进行下载等应用磁盘io重负载应用，可设着off，以平衡磁盘与网络io处理速度，降低系统uptime。 #tcp_nopush on; #此选项允许或禁止使用socket的TCP_CORK的选项，此选项仅在sendfile的时候使用 #keepalive_timeout 0; #keepalive超时时间 keepalive_timeout 65; #gzip on; #开启gzip压缩服务 #虚拟主机 server { listen 80; #配置监听端口号 server_name localhost; #配置访问域名，域名可以有多个，用空格隔开 #charset koi8-r; #字符集设置 #access_log logs/host.access.log main; location / { root html; index index.html index.htm; } #错误跳转页 #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { #请求的url过滤，正则匹配，~为区分大小写，~*为不区分大小写。 # root html; #根目录 # fastcgi_pass 127.0.0.1:9000; #请求转向定义的服务器列表 # fastcgi_index index.php; # 如果请求的Fastcgi_index URI是以 / 结束的, 该指令设置的文件会被附加到URI的后面并保存在变量$fastcig_script_name中 # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; #监听端口 # server_name localhost; #域名 # ssl_certificate cert.pem; #证书位置 # ssl_certificate_key cert.key; #私钥位置 # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; #密码加密方式 # ssl_prefer_server_ciphers on; # ssl_prefer_server_ciphers on; # # location / { # root html; # index index.html index.htm; # } #} }重启1、验证nginx配置文件是否正确方法一：进入nginx安装目录sbin下，输入命令./nginx -t看到如下显示 `nginx.conf syntax is oknginx.conf test is successful` 说明配置文件正确！方法二：在启动命令-c前加-t2、重启Nginx服务方法一：进入nginx可执行目录sbin下，输入命令./nginx -s reload 即可方法二：查找当前nginx进程号，然后输入命令：kill -HUP 进程号 实现重启nginx服务nginx只允许域名访问，禁止ip访问这里介绍修改配置文件nginx.conf两种方法：1）在server段里插入如下正则：listen 80; server_name www.yuyangblog.net; if ($host != 'www.yuyangblog.net'){ return 403; }2)添加一个server新加的server（注意是新增，并不是在原有的server基础上修改）server { listen 80 default; server_name _; return 403; }参考资料：https://blog.csdn.net/qq_37345604/article/details/90034424https://www.cnblogs.com/codingcloud/p/5095066.htmlhttps://www.cnblogs.com/weifeng1463/p/9197971.html

centos7安装nodejs最新版本14以上 uname -aLinux vmcentos7-1 3.10.0-1160.11.1.el7.x86_64 #1 SMP Fri Dec 18 16:34:56 UTC 2020 x86_64 x86_64 x86_64 GNU/Linuxcd /usr/local/mkdir nodejscd nodejs到nodejs中文网，查看下载地址：wget https://npm.taobao.org/mirrors/node/v14.15.3/node-v14.15.3-linux-x64.tar.xzxz -d node-v14.15.3-linux-x64.tar.xztar -xvf node-v14.15.3-linux-x64.tarcd node-v14.15.3-linux-x64建立软连接，变为全局ln -s /usr/local/nodejs/node-v14.15.3-linux-x64/bin/npm /usr/local/bin/ln -s /usr/local/nodejs/node-v14.15.3-linux-x64/bin/node /usr/local/bin/vim /etc/profile以下两个路径为加入nodejs路径export NODE_HOME=/usr/local/nodejs/node-v14.15.3-linux-x64export PATH=$NODE_HOME/bin:$PATH配置生效source /etc/profile成功node -vv14.15.3npm -v6.14.9yarn下载和安装安装的两种方式：方式1：使用msi安装：首先进入yarn的官网 https://yarnpkg.com/zh-hans/docs/install#windows-stable，然后选择稳定版进行下载。然后双击安装即可。我电脑里面其实已经通过msi文件安装了一个yarn，路径为：E:developyarn1.7.0\方式2：通过npm命令进行安装：执行命令npm install yarn -g （后面的可选参数-g，g代表global全局安装的意思）的安装语句时，会将安装的模块安装到C:UsersAdministratorAppDataRoamingnpm路径中。（2）查看安装路径如果不知道路径，可以使用where yarn命令查看电脑yarn的安装路径，可以看到我的安装路径为：E:developyarn1.7.0：查看yarn的安装路径（3）查看yarn版本号执行 yarn -v 或者yarn --version ，查看安装的yarn版本号，比如我的版本号是1.7.0。查看yarn的版本号yarn 换国内源yarn config set registry https://registry.npm.taobao.org/安装Node.js版本管理工具nvmgit clone git://github.com/creationix/nvm.git ~/nvm git下载仓库command -v nvm //验证安装设置启动自动运行echo "source ~/nvm/nvm.sh" >> ~/.bashrc source ~/.bashrcnvm list-remote //查看node版本nvm install v12.18.4 //安装node指定版本nvm use v12.18.4 //切换node版本转载至：https://www.cnblogs.com/xwhgr/p/14235167.html

windows服务器 apache配置https,http强制跳转https(搭建http与https共存) windows服务器apache搭建https环境 windows 2008 64位七牛云申请的ssl，CA证书包含三个文件：*******.key *******.cer *******_ca.crt将这三个文件放在apache安装目录下的config/extra/key文件夹中， key文件夹和httpd-ssl.conf 同级，key文件夹要自己创建。修改httpd.confLoadModule socache_dbm_module modules/mod_socache_dbm.so LoadModule socache_shmcb_module modules/mod_socache_shmcb.so LoadModule ssl_module modules/mod_ssl.so Include conf/extra/httpd-ssl.conf将上面四句的注释去掉。修改extra文件夹下面的 httpd-ssl.conf（这个很重要，修改不对的话，apache启动不了）# # This is the Apache server configuration file providing SSL support. # It contains the configuration directives to instruct the server how to # serve pages over an https connection. For detailed information about these # directives see <URL:http://httpd.apache.org/docs/2.4/mod/mod_ssl.html> # # Do NOT simply read the instructions in here without understanding # what they do. They're here only as hints or reminders. If you are unsure # consult the online docs. You have been warned. # # Required modules: mod_log_config, mod_setenvif, mod_ssl, # socache_shmcb_module (for default value of SSLSessionCache) # # Pseudo Random Number Generator (PRNG): # Configure one or more sources to seed the PRNG of the SSL library. # The seed data should be of good random quality. # WARNING! On some platforms /dev/random blocks if not enough entropy # is available. This means you then cannot use the /dev/random device # because it would lead to very long connection times (as long as # it requires to make more entropy available). But usually those # platforms additionally provide a /dev/urandom device which doesn't # block. So, if available, use this one instead. Read the mod_ssl User # Manual for more details. # #SSLRandomSeed startup file:/dev/random 512 #SSLRandomSeed startup file:/dev/urandom 512 #SSLRandomSeed connect file:/dev/random 512 #SSLRandomSeed connect file:/dev/urandom 512 # # When we also provide SSL we have to listen to the # standard HTTP port (see above) and to the HTTPS port # Listen 443 ## ## SSL Global Context ## ## All SSL configuration in this context applies both to ## the main server and all SSL-enabled virtual hosts. ## # SSL Cipher Suite: # List the ciphers that the client is permitted to negotiate, # and that httpd will negotiate as the client of a proxied server. # See the OpenSSL documentation for a complete list of ciphers, and # ensure these follow appropriate best practices for this deployment. # httpd 2.2.30, 2.4.13 and later force-disable aNULL, eNULL and EXP ciphers, # while OpenSSL disabled these by default in 0.9.8zf/1.0.0r/1.0.1m/1.0.2a. SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES # By the end of 2016, only TLSv1.2 ciphers should remain in use. # Older ciphers should be disallowed as soon as possible, while the # kRSA ciphers do not offer forward secrecy. These changes inhibit # older clients (such as IE6 SP2 or IE8 on Windows XP, or other legacy # non-browser tooling) from successfully connecting. # # To restrict mod_ssl to use only TLSv1.2 ciphers, and disable # those protocols which do not support forward secrecy, replace # the SSLCipherSuite and SSLProxyCipherSuite directives above with # the following two directives, as soon as practical. # SSLCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA # SSLProxyCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA # User agents such as web browsers are not configured for the user's # own preference of either security or performance, therefore this # must be the prerogative of the web server administrator who manages # cpu load versus confidentiality, so enforce the server's cipher order. SSLHonorCipherOrder on # SSL Protocol support: # List the protocol versions which clients are allowed to connect with. # Disable SSLv3 by default (cf. RFC 7525 3.1.1). TLSv1 (1.0) should be # disabled as quickly as practical. By the end of 2016, only the TLSv1.2 # protocol or later should remain in use. SSLProtocol all -SSLv3 SSLProxyProtocol all -SSLv3 # Pass Phrase Dialog: # Configure the pass phrase gathering process. # The filtering dialog program (`builtin' is an internal # terminal dialog) has to provide the pass phrase on stdout. SSLPassPhraseDialog builtin # Inter-Process Session Cache: # Configure the SSL Session Cache: First the mechanism # to use and second the expiring timeout (in seconds). #SSLSessionCache "dbm:c:/Apache24/logs/ssl_scache" SSLSessionCache "shmcb:C:/PHPBIN/httpd-2.4.26-win64-VC11/Apache24/logs/ssl_scache(512000)" SSLSessionCacheTimeout 300 # OCSP Stapling (requires OpenSSL 0.9.8h or later) # # This feature is disabled by default and requires at least # the two directives SSLUseStapling and SSLStaplingCache. # Refer to the documentation on OCSP Stapling in the SSL/TLS # How-To for more information. # # Enable stapling for all SSL-enabled servers: #SSLUseStapling On # Define a relatively small cache for OCSP Stapling using # the same mechanism that is used for the SSL session cache # above. If stapling is used with more than a few certificates, # the size may need to be increased. (AH01929 will be logged.) #SSLStaplingCache "shmcb:c:/Apache24/logs/ssl_stapling(32768)" # Seconds before valid OCSP responses are expired from the cache #SSLStaplingStandardCacheTimeout 3600 # Seconds before invalid OCSP responses are expired from the cache #SSLStaplingErrorCacheTimeout 600 ## ## SSL Virtual Host Context ## <VirtualHost _default_:443> # General setup for the virtual host DocumentRoot "C:\webroot\web" ServerName domain:443 ServerAdmin 249911817@qq.com <Directory "C:\webroot\web"> Options -Indexes +IncludesNOEXEC +FollowSymLinks +Includes AllowOverride ALL AddType text/html .shtml AddOutputFilter INCLUDES .shtml Include conf/extra/httpd-Ip.conf </Directory> ErrorLog "C:/logs/weblogs/error.log" TransferLog "C:/logs/weblogs/access.log" # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on # Server Certificate: # Point SSLCertificateFile at a PEM encoded certificate. If # the certificate is encrypted, then you will be prompted for a # pass phrase. Note that a kill -HUP will prompt again. Keep # in mind that if you have both an RSA and a DSA certificate you # can configure both in parallel (to also allow the use of DSA # ciphers, etc.) # Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt) # require an ECC certificate which can also be configured in # parallel. SSLCertificateFile "C:/PHPBIN/httpd-2.4.26-win64-VC11/Apache24/conf/extra/key/blog.icheguo.com.cer" #SSLCertificateFile "c:/Apache24/conf/server-dsa.crt" #SSLCertificateFile "c:/Apache24/conf/server-ecc.crt" # Server Private Key: # If the key is not combined with the certificate, use this # directive to point at the key file. Keep in mind that if # you've both a RSA and a DSA private key you can configure # both in parallel (to also allow the use of DSA ciphers, etc.) # ECC keys, when in use, can also be configured in parallel SSLCertificateKeyFile "C:/PHPBIN/httpd-2.4.26-win64-VC11/Apache24/conf/extra/key/blog.icheguo.com.key" #SSLCertificateKeyFile "c:/Apache24/conf/server-dsa.key" #SSLCertificateKeyFile "c:/Apache24/conf/server-ecc.key" # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the # concatenation of PEM encoded CA certificates which form the # certificate chain for the server certificate. Alternatively # the referenced file can be the same as SSLCertificateFile # when the CA certificates are directly appended to the server # certificate for convenience. SSLCertificateChainFile "C:/PHPBIN/httpd-2.4.26-win64-VC11/Apache24/conf/extra/key/blog.icheguo.com_ca.crt" # Certificate Authority (CA): # Set the CA certificate verification path where to find CA # certificates for client authentication or alternatively one # huge file containing all of them (file must be PEM encoded) # Note: Inside SSLCACertificatePath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCACertificatePath "c:/Apache24/conf/ssl.crt" #SSLCACertificateFile "c:/Apache24/conf/ssl.crt/ca-bundle.crt" # Certificate Revocation Lists (CRL): # Set the CA revocation path where to find CA CRLs for client # authentication or alternatively one huge file containing all # of them (file must be PEM encoded). # The CRL checking mode needs to be configured explicitly # through SSLCARevocationCheck (defaults to "none" otherwise). # Note: Inside SSLCARevocationPath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCARevocationPath "c:/Apache24/conf/ssl.crl" #SSLCARevocationFile "c:/Apache24/conf/ssl.crl/ca-bundle.crl" #SSLCARevocationCheck chain # Client Authentication (Type): # Client certificate verification type and depth. Types are # none, optional, require and optional_no_ca. Depth is a # number which specifies how deeply to verify the certificate # issuer chain before deciding the certificate is not valid. #SSLVerifyClient require #SSLVerifyDepth 10 # TLS-SRP mutual authentication: # Enable TLS-SRP and set the path to the OpenSSL SRP verifier # file (containing login information for SRP user accounts). # Requires OpenSSL 1.0.1 or newer. See the mod_ssl FAQ for # detailed instructions on creating this file. Example: # "openssl srp -srpvfile c:/Apache24/conf/passwd.srpv -add username" #SSLSRPVerifierFile "c:/Apache24/conf/passwd.srpv" # Access Control: # With SSLRequire you can do per-directory access control based # on arbitrary complex boolean expressions containing server # variable checks and other lookup directives. The syntax is a # mixture between C and Perl. See the mod_ssl documentation # for more details. #<Location /> #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ #</Location> # SSL Engine Options: # Set various options for the SSL engine. # o FakeBasicAuth: # Translate the client X.509 into a Basic Authorisation. This means that # the standard Auth/DBMAuth methods can be used for access control. The # user name is the `one line' version of the client's X.509 certificate. # Note that no password is obtained from the user. Every entry in the user # file needs this password: `xxj31ZMTZzkVA'. # o ExportCertData: # This exports two additional environment variables: SSL_CLIENT_CERT and # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the # server (always existing) and the client (only existing when client # authentication is used). This can be used to import the certificates # into CGI scripts. # o StdEnvVars: # This exports the standard SSL/TLS related `SSL_*' environment variables. # Per default this exportation is switched off for performance reasons, # because the extraction step is an expensive operation and is usually # useless for serving static content. So one usually enables the # exportation for CGI and SSI requests only. # o StrictRequire: # This denies access when "SSLRequireSSL" or "SSLRequire" applied even # under a "Satisfy any" situation, i.e. when it applies access is denied # and no other module can change it. # o OptRenegotiate: # This enables optimized SSL connection renegotiation handling when SSL # directives are used in per-directory context. #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory "C:/PHPBIN/httpd-2.4.26-win64-VC11/Apache24/cgi-bin"> SSLOptions +StdEnvVars </Directory> # SSL Protocol Adjustments: # The safe and default but still SSL/TLS standard compliant shutdown # approach is that mod_ssl sends the close notify alert but doesn't wait for # the close notify alert from client. When you need a different shutdown # approach you can use one of the following variables: # o ssl-unclean-shutdown: # This forces an unclean shutdown when the connection is closed, i.e. no # SSL close notify alert is sent or allowed to be received. This violates # the SSL/TLS standard but is needed for some brain-dead browsers. Use # this when you receive I/O errors because of the standard approach where # mod_ssl sends the close notify alert. # o ssl-accurate-shutdown: # This forces an accurate shutdown when the connection is closed, i.e. a # SSL close notify alert is send and mod_ssl waits for the close notify # alert of the client. This is 100% SSL/TLS standard compliant, but in # practice often causes hanging connections with brain-dead browsers. Use # this only for browsers where you know that their SSL implementation # works correctly. # Notice: Most problems of broken clients are also related to the HTTP # keep-alive facility, so you usually additionally want to disable # keep-alive for those clients, too. Use variable "nokeepalive" for this. # Similarly, one has to force some clients to use HTTP/1.0 to workaround # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and # "force-response-1.0" for this. BrowserMatch "MSIE [2-5]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 # Per-Server Logging: # The home of a custom SSL log file. Use this when you want a # compact non-error SSL logfile on a virtual host basis. CustomLog "C:/logs/ssl_request.log" \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> 这个里面的注释太多了，一个一个对着修改就好啦，domain是自己的域名，还有日志文件的路径最好修改成对应自己apache安装目录下的logs文件夹，不然后面检查的时候会报错。修改好以后，可以先尝试重启apache服务，如果重启不起来，这个时候就可以把第3步里的include 那个给注释掉，然后再重启，如果重启成功，说明还是第四步的httpd-ssl.conf的配置有问题，这个时候可以打开 cmd窗口，进入apache安装目录下的bin文件夹 然后输入命令 httpd -t 检查错误， 提示错误就根据错误修改， 如果是ok 那就代表没有语法错误，检查一下有没有漏掉的内容，确认无误后即可重启apache，我通过 httpd -t 检查结果是ok 以后 apahce就可以正常运行了，这个时候 用https开头 就可以访问项目了，当然，访问项目可能绿色小锁还是带黄色感叹号，这个时候就要更改页面上的http链接，模板里面body体里面的所有http都换成https以后，网站就是绿色小锁了，多半都是图片的链接。http强制跳转https(搭建http与https共存)推荐方法：Apache 配置 单个项目 http重定向到https1.还是和上面一样，在httpd.conf去掉下面这一句的#LoadModule rewrite_module modules/mod_rewrite.so2.新建.htaccess文件(windows系统就是新建 .htaccess. 文件，后面加个 . 就可以创建了)然后输入如下规则RewriteEngine on RewriteCond %{HTTP_HOST} ^www.domain.com [NC] RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]` 这个domain根据自己的网址修改。