一款注重安全的轻量级Web服务器应用程序:Hiawatha

jopen 4年前

Hiawatha 是一个Linux/UNIX下安全的Web服务器,其设计的最主要的目的就是安全,当然它也是快速的而且易于配置。 以下摘自官方: 特点: 高级访问控制; 阻止 SQL 注入和跨站点脚本攻击; 检查客户的异常行为并进行自动阻止; 可使用任意 UID/GID 来运行 CGIs 程序; 易于配置和管理;

    什么? 你没听过 Hiawath ? 好吧,其实Candy也没听说过它。最近关注Web应用程序服务器的时候,无意中在开源社区里瞎晃悠却发现了它  ——  Hiawatha 。

 

    今天我们就一起来看看我们的猪脚( Hiawatha ) 如何安装配置吧。

 

    1、首先我们进入官网的下载页面,下载最新的源代码 https://www.hiawatha-webserver.org/download;Candy下载的是 9.14版本的;

[root@Candy ~]# wget https://www.hiawatha-webserver.org/files/hiawatha-9.14.tar.gz  --2015-09-17 13:44:19--    .tar.gz  正在解析主机 www.hiawatha-webserver.org... 141.138.201.249, 2a02:348:80:c9f9::1  正在连接 www.hiawatha-webserver.org|141.138.201.249|:443... 已连接。  已发出 HTTP 请求,正在等待回应... 200 OK  长度:891930 (871K) [application/x-gzip]  正在保存至: “hiawatha-9.14.tar.gz”  100%[======================================>] 891,930      311K/s   in 2.8s  2015-09-17 13:44:27 (311 KB/s) - 已保存 “hiawatha-9.14.tar.gz” [891930/891930])

    2、好的,软件下载下来了,我们解压到/usr/src目录下面

[root@Candy ~]# tar -zxvf hiawatha-9.14.tar.gz -C /usr/src/   hiawatha-9.14/mbedtls/LICENSE  hiawatha-9.14/mbedtls/2.0.0.patch  hiawatha-9.14/mbedtls/include/mbedtls/aesni.h  hiawatha-9.14/mbedtls/include/mbedtls/arc4.h  hiawatha-9.14/mbedtls/include/mbedtls/timing.h  hiawatha-9.14/mbedtls/include/mbedtls/pk_internal.h  hiawatha-9.14/mbedtls/include/mbedtls/error.h  hiawatha-9.14/mbedtls/include/mbedtls/oid.h  hiawatha-9.14/mbedtls/include/mbedtls/x509_crl.h  hiawatha-9.14/mbedtls/include/mbedtls/ecdsa.h  hiawatha-9.14/mbedtls/include/mbedtls/threading.h  hiawatha-9.14/mbedtls/include/mbedtls/pem.h  hiawatha-9.14/mbedtls/include/mbedtls/ssl_cache.h  hiawatha-9.14/mbedtls/include/mbedtls/asn1write.h  hiawatha-9.14/mbedtls/include/mbedtls/pk.h  hiawatha-9.14/mbedtls/include/mbedtls/blowfish.h  hiawatha-9.14/mbedtls/include/mbedtls/sha1.h  hiawatha-9.14/mbedtls/include/mbedtls/x509.h  hiawatha-9.14/mbedtls/include/mbedtls/version.h  hiawatha-9.14/mbedtls/include/mbedtls/padlock.h  hiawatha-9.14/mbedtls/include/mbedtls/ssl_ciphersuites.h  hiawatha-9.14/mbedtls/include/mbedtls/ssl_internal.h  hiawatha-9.14/mbedtls/include/mbedtls/base64.h  hiawatha-9.14/mbedtls/include/mbedtls/ssl_cookie.h  hiawatha-9.14/mbedtls/include/mbedtls/platform.h  .  .  .  .  hiawatha-9.14/src/alternative.h  hiawatha-9.14/src/tomahawk.c  hiawatha-9.14/src/memdbg.txt  hiawatha-9.14/src/filehashes.c  hiawatha-9.14/src/tls.h  hiawatha-9.14/src/libstr.c  hiawatha-9.14/src/wigwam.c  hiawatha-9.14/CMakeFiles.txt  hiawatha-9.14/ChangeLog  [root@Candy ~]#

   hiawatha 需要cmake 安装。 版本要求在2.8.4以上,Centos 6.6 minimal 安装 Development tools 后,yum update 即可(详情可参见压缩包内的READ.ME)

   3、然后我们进入到解压的目录里面:

 [root@Candy ~]# cd /usr/src/hiawatha-9.14

   4、添加build目录,并且编译安装配置:

[root@Candy hiawatha-9.14]# mkdir build  [root@Candy hiawatha-9.14]# cmake .. -DENABLE_CACHE=ON -DENABLE_DEBUG=off -DENABLE_IPV6=off -DENABLE_MONITOR=off-DENABLE_RPROXY=ON -DENABLE_SSL=ON -DENABLE_TOMAHAWK=off -DENABLE_TOOLKIT=ON

   以下参数含义:

-DENABLE_CACHE=ON      #开启缓存  -DENABLE_DEBUG=off     #DEBUG  -DENABLE_IPV6=off      #是否支持IPv6  -DENABLE_MONITOR=off   #监控  -DENABLE_RPROXY=ON     #代理  -DENABLE_SSL=ON        #这个不用说了,SSL  -DENABLE_TOMAHAWK=off  #命令行管理  -DENABLE_TOOLKIT=ON    #一些工具包  #更多配置参数可到官网参考。

   5、然后我们执行编译,默认安装在/usr/local/etc/hiawatha目录下,其他二进制文件也会在编译后显示在屏幕上方:

.  .  .  .  #以上(略)  -- Looking for gzdopen in z - found  -- Looking for SO_ACCEPTFILTER  -- Looking for SO_ACCEPTFILTER - not found  -- Configuring done  -- Generating done      -- Build files have been written to: /usr/src/hiawatha-9.14/build    #表示编译好的配置文件已经生产到build目录下了

   一款注重安全的轻量级Web服务器应用程序:Hiawatha

    6、OK,配置文件生成后,直接开始安装。

 [root@Candy hiawatha-9.14]# make install   Scanning dependencies of target cgi-wrapper  [  0%] Building C object CMakeFiles/cgi-wrapper.dir/src/alternative.c.o  [  1%] Building C object CMakeFiles/cgi-wrapper.dir/src/cgi-wrapper.c.o  [  2%] Building C object CMakeFiles/cgi-wrapper.dir/src/memdbg.c.o  [  3%] Building C object CMakeFiles/cgi-wrapper.dir/src/libfs.c.o  [  4%] Building C object CMakeFiles/cgi-wrapper.dir/src/libstr.c.o  [  5%] Building C object CMakeFiles/cgi-wrapper.dir/src/userconfig.c.o  Linking C executable cgi-wrapper  [  5%] Built target cgi-wrapper  Scanning dependencies of target mbedcrypto  [  6%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/aes.c.o  [  6%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/aesni.c.o  [  7%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/arc4.c.o  [  8%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/asn1parse.c.o  [  9%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/asn1write.c.o  [ 10%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/base64.c.o  [ 11%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/bignum.c.o  [ 11%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/blowfish.c.o  [ 12%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/camellia.c.o  [ 13%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/ccm.c.o  [ 14%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/cipher.c.o  [ 15%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/cipher_wrap.c.o  [ 16%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/ctr_drbg.c.o  [ 16%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/des.c.o  [ 17%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/dhm.c.o  [ 18%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/ecdh.c.o  [ 19%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/ecdsa.c.o  [ 20%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/ecp.c.o  [ 21%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/ecp_curves.c.o  [ 21%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/entropy.c.o  [ 22%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/entropy_poll.c.o  [ 23%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/error.c.o  [ 24%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/gcm.c.o  [ 25%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/havege.c.o  [ 26%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/hmac_drbg.c.o  [ 26%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/md.c.o  [ 27%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/md2.c.o  [ 28%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/md4.c.o  [ 29%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/md5.c.o  [ 30%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/md_wrap.c.o  [ 31%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/memory_buffer_alloc.c.o  [ 31%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/oid.c.o  [ 32%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/padlock.c.o  [ 33%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/pem.c.o  [ 34%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/pk.c.o  [ 35%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/pk_wrap.c.o  [ 36%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/pkcs12.c.o  [ 36%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/pkcs5.c.o  [ 37%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/pkparse.c.o  [ 38%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/pkwrite.c.o  [ 39%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/platform.c.o  [ 40%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/ripemd160.c.o  [ 41%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/rsa.c.o  [ 41%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/sha1.c.o  [ 42%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/sha256.c.o  [ 43%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/sha512.c.o  [ 44%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/threading.c.o  [ 45%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/timing.c.o  [ 46%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/version.c.o  [ 46%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/version_features.c.o  [ 47%] Building C object mbedtls/library/CMakeFiles/mbedcrypto.dir/xtea.c.o  Linking C shared library libmbedcrypto.so  [ 47%] Built target mbedcrypto  Scanning dependencies of target mbedx509  [ 48%] Building C object mbedtls/library/CMakeFiles/mbedx509.dir/certs.c.o  [ 48%] Building C object mbedtls/library/CMakeFiles/mbedx509.dir/pkcs11.c.o  [ 49%] Building C object mbedtls/library/CMakeFiles/mbedx509.dir/x509.c.o  [ 50%] Building C object mbedtls/library/CMakeFiles/mbedx509.dir/x509_create.c.o  [ 51%] Building C object mbedtls/library/CMakeFiles/mbedx509.dir/x509_crl.c.o  [ 52%] Building C object mbedtls/library/CMakeFiles/mbedx509.dir/x509_crt.c.o  [ 53%] Building C object mbedtls/library/CMakeFiles/mbedx509.dir/x509_csr.c.o  [ 53%] Building C object mbedtls/library/CMakeFiles/mbedx509.dir/x509write_crt.c.o  [ 54%] Building C object mbedtls/library/CMakeFiles/mbedx509.dir/x509write_csr.c.o  Linking C shared library libmbedx509.so  [ 54%] Built target mbedx509  Scanning dependencies of target mbedtls  [ 55%] Building C object mbedtls/library/CMakeFiles/mbedtls.dir/debug.c.o  [ 56%] Building C object mbedtls/library/CMakeFiles/mbedtls.dir/net.c.o  [ 57%] Building C object mbedtls/library/CMakeFiles/mbedtls.dir/ssl_cache.c.o  [ 58%] Building C object mbedtls/library/CMakeFiles/mbedtls.dir/ssl_ciphersuites.c.o  [ 58%] Building C object mbedtls/library/CMakeFiles/mbedtls.dir/ssl_cli.c.o  [ 59%] Building C object mbedtls/library/CMakeFiles/mbedtls.dir/ssl_cookie.c.o  [ 60%] Building C object mbedtls/library/CMakeFiles/mbedtls.dir/ssl_srv.c.o  [ 61%] Building C object mbedtls/library/CMakeFiles/mbedtls.dir/ssl_ticket.c.o  [ 62%] Building C object mbedtls/library/CMakeFiles/mbedtls.dir/ssl_tls.c.o  Linking C shared library libmbedtls.so  [ 62%] Built target mbedtls  Scanning dependencies of target hiawatha  [ 62%] Building C object CMakeFiles/hiawatha.dir/src/alternative.c.o  [ 63%] Building C object CMakeFiles/hiawatha.dir/src/cache.c.o  [ 64%] Building C object CMakeFiles/hiawatha.dir/src/cgi.c.o  [ 65%] Building C object CMakeFiles/hiawatha.dir/src/challenge.c.o  [ 66%] Building C object CMakeFiles/hiawatha.dir/src/client.c.o  [ 67%] Building C object CMakeFiles/hiawatha.dir/src/envir.c.o  [ 67%] Building C object CMakeFiles/hiawatha.dir/src/filehashes.c.o  [ 68%] Building C object CMakeFiles/hiawatha.dir/src/hiawatha.c.o  [ 69%] Building C object CMakeFiles/hiawatha.dir/src/http.c.o  [ 70%] Building C object CMakeFiles/hiawatha.dir/src/httpauth.c.o  [ 71%] Building C object CMakeFiles/hiawatha.dir/src/ip.c.o  [ 72%] Building C object CMakeFiles/hiawatha.dir/src/libfs.c.o  [ 72%] Building C object CMakeFiles/hiawatha.dir/src/liblist.c.o  [ 73%] Building C object CMakeFiles/hiawatha.dir/src/libstr.c.o  [ 74%] Building C object CMakeFiles/hiawatha.dir/src/log.c.o  [ 75%] Building C object CMakeFiles/hiawatha.dir/src/memdbg.c.o  [ 76%] Building C object CMakeFiles/hiawatha.dir/src/mimetype.c.o  [ 77%] Building C object CMakeFiles/hiawatha.dir/src/monitor.c.o  [ 77%] Building C object CMakeFiles/hiawatha.dir/src/rproxy.c.o  [ 78%] Building C object CMakeFiles/hiawatha.dir/src/send.c.o  [ 79%] Building C object CMakeFiles/hiawatha.dir/src/serverconfig.c.o  [ 80%] Building C object CMakeFiles/hiawatha.dir/src/session.c.o  [ 81%] Building C object CMakeFiles/hiawatha.dir/src/tls.c.o  [ 82%] Building C object CMakeFiles/hiawatha.dir/src/target.c.o  [ 82%] Building C object CMakeFiles/hiawatha.dir/src/tomahawk.c.o  [ 83%] Building C object CMakeFiles/hiawatha.dir/src/toolkit.c.o  [ 84%] Building C object CMakeFiles/hiawatha.dir/src/userconfig.c.o  [ 85%] Building C object CMakeFiles/hiawatha.dir/src/workers.c.o  [ 86%] Building C object CMakeFiles/hiawatha.dir/src/xslt.c.o  Linking C executable hiawatha  [ 86%] Built target hiawatha  Scanning dependencies of target ssi-cgi  [ 87%] Building C object CMakeFiles/ssi-cgi.dir/src/alternative.c.o  [ 88%] Building C object CMakeFiles/ssi-cgi.dir/src/ip.c.o  [ 89%] Building C object CMakeFiles/ssi-cgi.dir/src/libfs.c.o  [ 90%] Building C object CMakeFiles/ssi-cgi.dir/src/liblist.c.o  [ 90%] Building C object CMakeFiles/ssi-cgi.dir/src/libstr.c.o  [ 91%] Building C object CMakeFiles/ssi-cgi.dir/src/memdbg.c.o  [ 92%] Building C object CMakeFiles/ssi-cgi.dir/src/ssi-cgi.c.o  Linking C executable ssi-cgi  [ 92%] Built target ssi-cgi  Scanning dependencies of target wigwam  [ 93%] Building C object CMakeFiles/wigwam.dir/src/alternative.c.o  [ 94%] Building C object CMakeFiles/wigwam.dir/src/filehashes.c.o  [ 95%] Building C object CMakeFiles/wigwam.dir/src/ip.c.o  [ 95%] Building C object CMakeFiles/wigwam.dir/src/libfs.c.o  [ 96%] Building C object CMakeFiles/wigwam.dir/src/libstr.c.o  [ 97%] Building C object CMakeFiles/wigwam.dir/src/liblist.c.o  [ 98%] Building C object CMakeFiles/wigwam.dir/src/memdbg.c.o  [ 99%] Building C object CMakeFiles/wigwam.dir/src/toolkit.c.o  [100%] Building C object CMakeFiles/wigwam.dir/src/wigwam.c.o  Linking C executable wigwam  [100%] Built target wigwam  Install the project...  -- Install configuration: "RelWithDebInfo"  -- Installing: /usr/local/sbin/hiawatha  -- Set runtime path of "/usr/local/sbin/hiawatha" to "/usr/local/lib64/hiawatha"  -- Installing: /usr/local/sbin/wigwam  -- Set runtime path of "/usr/local/sbin/wigwam" to "/usr/local/lib64/hiawatha"  -- Installing: /usr/local/sbin/cgi-wrapper  -- Installing: /usr/local/bin/ssi-cgi  -- Installing: /usr/local/etc/hiawatha/cgi-wrapper.conf  -- Installing: /usr/local/etc/hiawatha/mimetype.conf  -- Installing: /usr/local/etc/hiawatha/hiawatha.conf  -- Installing: /usr/local/share/man/man1/ssi-cgi.1  -- Installing: /usr/local/share/man/man1/wigwam.1  -- Installing: /usr/local/share/man/man1/cgi-wrapper.1  -- Installing: /usr/local/share/man/man1/hiawatha.1  -- Installing: /usr/local/var/www/hiawatha/index.html  -- Installing: /usr/local/var/log/hiawatha  -- Installing: /usr/local/var/run  -- Installing: /usr/local/var/lib/hiawatha  -- Installing: /usr/local/lib64/hiawatha/libmbedtls.so.2.0.0  -- Installing: /usr/local/lib64/hiawatha/libmbedtls.so.10  -- Installing: /usr/local/lib64/hiawatha/libmbedtls.so  -- Removed runtime path from "/usr/local/lib64/hiawatha/libmbedtls.so.2.0.0"  -- Installing: /usr/local/lib64/hiawatha/libmbedx509.so.2.0.0  -- Installing: /usr/local/lib64/hiawatha/libmbedx509.so.0  -- Installing: /usr/local/lib64/hiawatha/libmbedx509.so  -- Removed runtime path from "/usr/local/lib64/hiawatha/libmbedx509.so.2.0.0"  -- Installing: /usr/local/lib64/hiawatha/libmbedcrypto.so.2.0.0  -- Installing: /usr/local/lib64/hiawatha/libmbedcrypto.so.0  -- Installing: /usr/local/lib64/hiawatha/libmbedcrypto.so  [root@Candy hiawatha-9.14]#

   7、到此,hiawatha 的安装已经完成,下次教程将会简单的介绍hiawatha的简单配置。谢谢!

   一款注重安全的轻量级Web服务器应用程序:Hiawatha

 来自:http://my.oschina.net/CandyMi/blog/507630