Professional Documents
Culture Documents
240 V Vn Ngn, Phng Bnh Th, Qun Th c, TpHCM Website: www.ispace.edu.vn Email: ispace@ispace.edu.vn T: (08) 62.678.999 Fax: (08) 62.837.867
KHOA MNG - TRUYN THNG B MN K THUT H THNG MN HC: HOCH NH V PHT TRIN NG DNG MNG
***
1. Mc ch S dng cc kin thc hc xy dng mt h thng Web Server p ng cc nhu cu thc t. Rn luyn k nng thao tc trong qu trnh xy dng h thng Web Server trn nn dch v IIS 6.0 Xy dng c h thng Web Server trn nn dch v IIS ca Microsoft. Thc hin c 3 gii php trin khai nhiu Web Site trn mt IIS Server. Trin khai c cc Web Service Extenssion cho IIS. Cu hnh h thng Web Server thc thi cc ngn ng thit k Web nh HTML, ASP.Net, PHP c kt hp truy vn C s d liu Microsoft SQL hoc MySQL. Cu hnh bo mt truy cp Web vi Certificate Authority (CA). Cu hnh bo mt h thng Web Server vi Web Application Pool.
2. Chun u ra
3. Lab 1a: Trin khai nhiu Web Sites trn mt IIS Web Server
Tnh hung:
Mang.net l doanh nghip cho thu Web Hosting v Mail hosting vi cc khch hng l nhng Doanh nghip trong Khu Cng nghip Long Thnh. Doanh nghip ny s dng 1 my Server lm Web Server (dng IIS 6.0) v Mail Server (dng MDaemon). Server t di 1 Router kt ni internet (NAT). V l Web Hosting nn Server phi h tr nhiu Web Site.
Yu cu bi Lab:
Thc nghim cc gii php trin khai nhiu Web Sites trn mt IIS Web Server. La chn gii php thch hp trin khai 5 Web Sites cho 5 Doanh nghip khc nhau: ABC, DEF, GHI, RST, XYZ. Publish cc Web Sites ny ngi dng bn ngoi truy cp c. 01 my tnh chy Windows Server 2003 dng lm Web Server kim DNS Server. 01 my tnh chy Windows Server 2003 c 2 card giao tip mng dng lm Router. 01 my tnh chy Windows dng lm Internet Client. Switch v dy mng kt ni nh m hnh tnh hung.
Trang 1/25
IP address
192.168.10.2 192.168.10.3 192.168.10.2 192.168.10.2 192.168.10.2
Port 80 80 88 80 80
Host Header
www.rst.vn www.xyz.vn
C:\Hosting\RST C:\Hosting\XYZ
Host Haeder chnh l tn min (CName hoc Host-A) c to trn DNS Server, gii p v cc IP address tng ng ca Web Site. Mi Web Site c mt Source Web (HTML) khc nhau t trong th mc lm Home Directory, (c th to 1 Web page tn INDEX.HTM mang ni dung ca Web Site tng ng).
Th nghim truy cp cc Web Site trn t Client trong mng ni b ca Web Server. Cc gii php hot ng nhiu Web Site trn 01 IIS Web Server: o o o Gii php 1: So snh gia site ABC v DEF: mi Web Site dng 1 IP address (ca Web Server) ring Gii php 2: So snh gia site ABC v GHI: cc Web Site dng chung 1 IP address (ca Web Server) nhung khc TCP Port. Gii php 3: So snh gia site RST v XYZ: cc Web Site dng chung 1 IP address (ca Web Server), chung TCP Port (80) nhung khc Host Header
Do Router hot ng Routing kiu NAT nn cc Client bn ngoi ch c th giao tip IP mt ngoi (ca Router). V th: o o o Phi thc hin m port (NAT Port) cho Router chuyn cc yu cu truy cp Web (mc nh l port 80) vo IIS Web Server. Nu Web Server dng Gii php 1 cho Multi Web Site: khng th m port 80 (mc nh ca HTTP) cho nhiu site v Router ch c 1 Public IP. Nu Web Server dng Gii php 2 cho Multi Web Site: c th m nhiu port cho nhiu Web Site. Tuy nhin, s gy kh khn cho ngi dng khi h truy cp cc Web Site (phi g thm port sau tn min truy cp Web Site) Gii php 3 l kh thi nht. Gii php ny yu cu ngi qun tr phi to thm tn min (tng ng vi Host Header) gii p IP mt ngoi ca Router.
Trang 2/25
o 3. Trin khai nhiu Web Sites trn mt IIS Web Serverdng Gii php 3: To cc Record trn DNS Server: zone mang.net Records (Host-A): svr 192.168.10.2 (Host-A): svr 172.16.0.100 abc.vn def.vn ghi.vn rst.vn xyz.vn (CName): www svr.mang.net (CName): www svr.mang.net (CName): www svr.mang.net (CName): www svr.mang.net (CName): www svr.mang.net Ghi ch
Trn IIS: Tt c cc Web Site u dng IP address: 192.168.10.2, TCP Port: 80. Host Header l tn min tng ng ca mi Site.
Trn Router: M port DNS Server (UDP 53) tr v IP address ca DNS Server. M port WorldWideWeb (TCP 80) tr v IP address ca Web Server. Tr Preferred DNS v IP ngoi ca Router. Th truy cp Web bng tn min. Th truy cp Web bng IP address.
Client bn ngoi:
1 2
Trang 3/25
4. Lab 1b: S dng Web Service Extension trin khai WorldClient v WebAdmin ca MDaemon trn IIS Web Server
Tnh hung:
Mang.net l doanh nghip cho thu Web Hosting v Mail hosting vi cc khch hng l nhng Doanh nghip trong Khu Cng nghip Long Thnh. Doanh nghip ny s dng 1 my Server lm Web Server (dng IIS 6.0) v Mail Server (dng MDaemon). Server t di 1 Router kt ni internet (NAT). V l Web Hosting nn Server phi h tr nhiu Web Site.
Yu cu bi Lab:
Ngi dng Mail c th truy cp mail trn Web bng tn min ca doanh nghip thu bao (v d: mail.abc.vn). Ngi dng qun tr Mail ca Doanh nghip thu bao c th truy cp trang Web Admin bng tn min ca doanh nghip thu bao (v d: mail.abc.vn/admin). 01 my tnh chy Windows Server 2003 dng lm Web Server kim DNS Server v Mail Server. 01 my tnh chy Windows Server 2003 c 2 card giao tip mng dng lm Router. 01 my tnh chy Windows dng lm Internet Client. Switch v dy mng kt ni nh m hnh tnh hung.
Trang 4/25
Trong mi Extra Domain: To 1 ti khon Admin, giao quyn qun tr Local Domain cho ti khon ny.
2. Trin khai MDaemon WorldClient trn IIS: Trn MDaemon: chuyn giao quyn qun tr WorldClient cho IIS. Trn IIS: o o o To mi 1 Web Service Extension tn MDaemon WorldClient vi tp tin thi hnh: C:\MDAEMON\WorlClient\HTML\WorldClient.dll. Kch hot Extension ny To mi cc Web Site:
Web Site
Mail-ABC Mail-DEF Mail-GHI o -
Port 80 80 80
Trn Client: truy cp WorldClient bng http://mail.abc.vn Trn MDaemon: chuyn giao quyn qun tr WebAdmin cho IIS. Trn IIS: o o o To mi 1 Web Service Extension tn MDaemon WebAdmin vi tp tin thi hnh: C:\MDAEMON\WebAdmin\Template\WebAdmin.dll. Kch hot cho Extension ny. Trong Web Site Mail-ABC, to mi 1 Virtual Directory tn Admin vi Home Directory C:\MDAEMON\WebAdmin\Template\ Properties cho Virtual Directory Admin: Tab Document: Chn Home page l index.htm. Tab Home Directory nt Configuration to mi 1 nh ngha thc thi file .wdm bng tp tin chng trnh WebAdmin.dll.
Trn Client: truy cp WebAdmin bng http://mail.abc.vn/Admin . STT Hng mc nh gi Trin khai Trin khai c WorldClient trn IIS, truy cp bng tn min http://mail.abc.vn Trin khai c WebAdmin trn IIS, truy cp bng tn min http://mail.abc.vn/admin Clientbn ngoi Router truy cp c WorldClient v WebAdmin Thang im 10 4.0 4.0 2.0 Ghi ch
1 2 3
Trang 5/25
Tnh hung:
Doanh nghip abc.vn c nhu cu xy dng mt Web Server t ti Tr s chnh. Cc Web page c thit k da trn nn ngn ng ASP.NET (2.0 hoc 4.0) truy vn C s d liu qun tr bi Microsoft SQL Server (2005 hoc 2008).
DNS IIS
Yu cu bi Lab:
Trin khai h thng IIS Web Sever c kh nng h tr thc thi ngn ng Web ASP.Net v h tr truy vn c s d liu Microsoft SQL. Th nghim trin khai source web ASP.Net vo Web Server trn. Ghi ch: Source Web c th ti ti www.mediafre.com/ThanhNV --> th mc HD-PT-UDM. 01 my tnh chy Windows Server 2003 dng lm Web Server kim DNS Server v Mail Server. 01 my tnh chy Windows Server 2003 c 2 card giao tip mng dng lm Router. 01 my tnh chy Windows dng lm Internet Client. Switch v dy mng kt ni nh m hnh tnh hung.
Trang 6/25
4. Ci t cng c MS SQL Studio Express (cng c h tr qun tr MS SQL server). Minh ha qu trnh ci t MS-SQL:
3. Trin khai Web Site t Source Web ASP.NET c sn: Chun b 1 tn min cho Web Site. To 1 th mc trn Web Server lm Web Hosting. Gii nn Source Web vo th mc ny. S dng MS SQL Studio Express import database ca Web vo MS SQL. Trong IIS management: o o o To mi 1 Web Site cho th mc trn (cho Run Script v Excutive) Ch nh Home Page cho Website. (thng thng l index.aspx hoc default.aspx). iu chnh ASP.NET cho Website: La chn version ca ASP.NET. iu chnh user/pass truy cp Database.
Trang 7/25
Trang 8/25
Tnh hung:
Doanh nghip abc.vn c nhu cu xy dng mt Web Server t ti Tr s chnh. Cc Web page c thit k da trn nn ngn ng PHP v truy vn C s d liu qun tr bi MySQL.
DNS IIS
Yu cu bi Lab:
Trin khai h thng IIS Web Sever c kh nng h tr thc thi ngn ng Web PHP v h tr truy vn c s d liu Microsoft SQL. Th nghim trin khai source web PHP vo Web Server trn. Ghi ch: Source Web c th ti ti www.mediafre.com/ThanhNV --> th mc HD-PT-UDM. 01 my tnh chy Windows Server 2003 dng lm Web Server kim DNS Server. 01 my tnh chy Windows Server 2003 c 2 card giao tip mng dng lm Router. 01 my tnh chy Windows dng lm Internet Client. Switch v dy mng kt ni nh m hnh tnh hung.
Trang 9/25
Trang 10/25
Ci t FastCGI for IIS (CGI l b thng dch cc script cho Web Server c th thc thi cc ng dng web, FastCGI l s thay th cho CGI) - ch dng vi bn PHP Non Thread Safe (NTS). Ci t Microsoft C++ Runtime x86 (h tr bin dch cc script vit theo ngn ng C++). Ci t v cu hnh PHP 5.x: a. Cch 1: Ci t t gi *.ZIP ca PHP for Windows Gii nn b PHP vo th mc C:\PHP (hoc 1 th mc khc). Trong C:\PHP, i tn file php.ini-production thnh php.ini. Hiu chnh file php.ini. (b du ; cu lnh cu hnh c hiu lc)
Trang 11/25
ngha
Th mc cha cc th vin (dll) m rng ca PHP t = 0 khi tch hp PHP vo IIS Cho php PHP truy cp cc thng tin v CGI, cn ci t FastCGI trc. cho php IIS nh ngha phm vi bo mt ca CGI... Khai bo cho PHP s dng chng trnh truy cp vo CSDL MySQL
fastcgi.impersonate = 1
771
extension=php_mysql.dll extension=php_mysqli.dll
880 881
Cu hnh PHP trong IIS: To mi 1 Web Service Extention tn PHP-CGI dng tp tin PHP-CGI.exe (trong th mc C:\PHP). Kch hot Extention ny. Properties cho Web Sites Tab Home Directory nt Configuration to mi 1 nh ngha thc thi file .php bng tp tin chng trnh PHP-CGI.exe. p t nh ngha ny cho tt c cc site hin hnh (nu cn). Chy file php-5.x--.MSI tin hnh ci t. Chn th mc s ci t b PHP vo .
Trang 12/25
Kim tra hot ng ca PHP v MySQL: o To mi 1 tp tin info.php, ni dung <?php phpinfo(); ?> o o o Copy tp tin ny vo C:\Inetpub\wwwroot\ (Home Directory ca Default Website c sn trong IIS). Truy cp http://localhost/info.php Kim tra thng tin PHP v MySQL
Trang 13/25
3. Trin khai Web Site t Source Web PHP c sn: Chun b 1 tn min cho Web Site. To 1 th mc trn Web Server lm Web Hosting. Gii nn Source Web vo th mc ny. S dng MySQL Command Line to database v import d liu ca Web vo MySQL. Mi lnh MySQL kt thc bng du ; Lnh (g ti du nhc MySQL>) Create database tn_database; Use tn_database; Source <ng dn n file *.SQL>; Show tables; quit ngha
To mi 1 Database, yu cu phi trng tn vi database ca Source Web S dng databse va to Import d liu t file *.sql vo database Xem li d liu nhp. Thot khi MySQL
Trong source Web, tim file dbconnect.php hoc config.php hoc, chnh sa user/pass kt ni database. Cc thng tin cn hiu chnh: o o o o DB_Host: tn ca MySQL Server (dng Localhost nu MySQL ci ti Web Server) DB_UserName: tn user c quyn ng nhp vo MySQL (c th dng root ). DB_pass: password ca user. DatabaseName: tn ca database.
Trong IIS management: o o To mi 1 Web Site cho th mc cha Source Web (cho Run Script v Excutive) Ch nh Home Page cho Website. (thng thng l index.php).
Ti Client, th truy cp Web Site. Ghi ch: Thng thng, cc Source Web vit bng PHP+MySQL s cu hnh qun tr Giao din v d liu cho Web bng tn_min_truy_cp/Admin. . STT 1 2 3 Hng mc nh gi Trin khai Ci t c PHP v MySQL Trin khai c 02 Source Web PHP trn Web Server Client bn ngoi truy cp c 2 Web trn Thang im 10 2.0 6.0 2.0 Ghi ch
Trang 14/25
Tnh hung:
Doanh nghip mang.net l doanh nghip cho thu Web Hosting.. a s cc Web u c thc thi cc Applications ti Web Server. Cc Hacker c th li dng nhng Applications ny khin Server b chim dng ti nguyn, gy tnh trng qu ti trong qu trnh x l ca Server => Server b tn cng DoS (Deny of Services). Mt khc, thng tin truyn trn Web bng giao thc HTTP (thng tin truyn khng c m ha) rt d b k gian bt gi tin (capture). Cc thng tin nh y cm (user/password, m pin,..) rt ca ngi dng rt d b hacker nh cp.
IIS Server DNS
CA Server
Yu cu bi Lab:
Trin khai h thng IIS Web Sever vi cc Website c truy xut bng giao thc HTTPS (HTTP kt hp SSL m ha thng tin truyn trn mng). Khi ngi dng truy cp Website bng cch nhp URL vi giao thc HTTP, h thng s t ng redirection sang HTTPS. Cu hnh Application Pool cho Web Site nhm mc ch khng ch kh nng chim dng ti nguyn ca Server, nhm m bo an ton cho Web Server. 01 my tnh chy Windows Server 2003 dng lm Web Server kim DNS Server 01 my tnh chy Windows Server 2003 dng lm CA Server (Certificate Authority Server). 01 my tnh chy Windows dng lm Internet Client. Switch v dy mng kt ni nh m hnh tnh hung.
Trang 15/25
2. Trin khai SSL cho Website: a. Xy dng CA Server: My chy Windows Server 2003. Ci dch vu IIS v Certificate Service o Chn Stand-alone CA Server (nu Server khng tham gia Domain. o Nhp tn nh cung cp dch v CA (t t). o ng kch hot ASP web service extension Trn my IIS Server: Properties cho Website mun dng HTTPS tab Directory security nt Server Certificate
Trang 16/25
Trang 17/25
c. Gi n xin CA cho Certificate Server Truy cp Website ca CA Server http://<IP cua CA Server>/certsvr
Trang 18/25
d. Cp pht CA cho n v gi yu cu xin Certificated Request Trn my CA Server: chy chng trnh Certificate Authority ( ttrong Aministrative Tools). Mc Pending Request: cha danh sch cc yu cu xin CA ch c gii quyt. Quyt nh cp pht CA bng cch: nhp phi trn CA yu cu chn Issue Mc Issued Certificates: cha cc CA c gii quyt (cp cho ngi xin)
Trang 19/25
f.
Ci t CA c cp vo Website:
Trang 20/25
Trang 21/25
3. Redirection t URL dng HTTP sang dng HTTPS: Trn IIS, to mi 1 Website vi: Tn Web Site Tn site -
IP address
192.168.10.2
Port 80
Host Header
<tn min ca site>
Properties site va to tab Home Directory chn Redirection nhp vo URL dng HTTPS ca Web Site dng SSL.
Trang 22/25
4. Cu hnh Application pool cho Website trong IIS: To mi 1 Application pool (nn t tn trng vi tn Website 9 d qun l).
Trang 23/25
o o o o
o o
Shutdown worker process after being idle: tt Worker Process sau mt qung thi gian khng hot ng (Idle). Enable CPU Monitor: Gii hn mc trn s dng CPU ca Worker process.
Trang 24/25
Trang 25/25