环境准备
#服务端内网,内网1:10.0.0.0/24
#模拟客户端网络:192.168.0.0/24
#模拟外网环境,外网:172.25.254.0/24
#Windows远程运维机器,通过OpenVPN,连接内网机器
IP:172.25.254.1
#Rocky2--wordpress/mysql数据库/服务器
IP:10.0.0.152
LAMP:wordpress
MYSQL:8.0.26
WordPress:6.0.1
#Rocky3--shopxo应用服务器
IP:10.0.0.153
ShopXO
#Rocky4--openvpn
eth0:10.0.0.154
eth1:172.25.254.128
OpenVPN
#Rocky5--firewalld1
eth0:10.0.0.155
eth1:172.25.254.130
#Rocky6--主dns服务器
IP:192.168.0.11
Bind
#Rocky7--从DNS服务器
IP:192.168.0.12
Bind
#Rocky8--firewalld2
eth0:192.168.0.9
eth1:172.25.254.131
#Rocky9--客户端机器
IP:192.168.010
Rocky2–wordpress/mysql数据库/服务器
#安装mysql,创建数据库,和应用登陆账号
[root@localhost ~]#yum -y install mysql-server
[root@localhost ~]#mysqladmin -uroot password 123456
[root@localhost ~]#mysql -p123456
mysql> create database wordpress;
mysql> create database shopxo;
mysql> create user wordpress@'10.0.0.%' identified by '123456';
mysql> grant all on wordpress.* to wordpress@'123456';
mysql> create user shopxo@'10.0.0.%' identified by '123456';
mysql> grant all on shopxo.* to shopxo@'123456';
#注意查看用户密码的加密方式,wordpress和shopx支持的认证的方式是 mysql_native_password
mysql> select user,host,plugin from user;
+------------------+-----------+-----------------------+
| user | host | plugin |
+------------------+-----------+-----------------------+
| shopxo | 10.0.0.% | mysql_native_password |
| mysql.infoschema | localhost | caching_sha2_password |
| mysql.session | localhost | caching_sha2_password |
| mysql.sys | localhost | caching_sha2_password |
| root | localhost | mysql_native_password |
| wordpress | localhost | mysql_native_password |
+------------------+-----------+-----------------------+
6 rows in set (0.00 sec)
#安装wordpress
[root@localhost ~]#yum -y install httpd php php-mysqlnd php-json
[root@localhost ~]#systemctl enable --now httpd
#wordpress网上下载资源,本地解压,解压后覆盖到指定目录/var/www/html
[root@localhost www]#tar xf wordpress-6.0.1-zh_CN.tar.gz
#放到对应目录
[root@localhost html]#pwd
/var/www/html
[root@localhost html]#ll
total 216
-rw-r--r-- 1 apache apache 405 Feb 6 2020 index.php
-rw-r--r-- 1 apache apache 19915 Aug 25 20:49 license.txt
-rw-r--r-- 1 apache apache 7401 Aug 25 20:49 readme.html
-rw-r--r-- 1 apache apache 7165 Jan 21 2021 wp-activate.php
drwxr-xr-x 9 apache apache 4096 Apr 6 21:00 wp-admin
-rw-r--r-- 1 apache apache 351 Feb 6 2020 wp-blog-header.php
-rw-r--r-- 1 apache apache 2338 Nov 10 2021 wp-comments-post.php
-rw-rw-rw- 1 apache apache 3275 Aug 25 19:41 wp-config.php
-rw-r--r-- 1 apache apache 3001 Dec 14 2021 wp-config-sample.php
drwxr-xr-x 7 apache apache 99 Aug 26 22:25 wp-content
-rw-r--r-- 1 apache apache 3943 Aug 25 20:49 wp-cron.php
drwxr-xr-x 26 apache apache 12288 Apr 6 21:00 wp-includes
-rw-r--r-- 1 apache apache 2494 Aug 25 20:49 wp-links-opml.php
-rw-r--r-- 1 apache apache 3973 Aug 25 20:49 wp-load.php
-rw-r--r-- 1 apache apache 48498 Aug 25 20:49 wp-login.php
-rw-r--r-- 1 apache apache 8577 Aug 25 20:49 wp-mail.php
-rw-r--r-- 1 apache apache 23706 Aug 25 20:49 wp-settings.php
-rw-r--r-- 1 apache apache 32051 Aug 25 20:49 wp-signup.php
-rw-r--r-- 1 apache apache 4748 Aug 25 20:49 wp-trackback.php
-rw-r--r-- 1 apache apache 3236 Jun 9 2020 xmlrpc.php
[root@localhost www]#chown -R apache:apache html
[root@localhost ~]#vim /etc/php.ini
post_max_size = 100M
upload_max_filesize = 100M
[root@localhost ~]#systemctl restart httpd
#访问本机地址进入wordpress配置界面,输入对应的数据账号
Rocky3–shopxo应用服务器
[root@shopox ~]#yum -y install httpd php php-mysqlnd php-json php-gd php-xml php-pecl-zip
[root@shopox ~]#systemctl enable --now httpd
#shopxo网上下载资源,本地解压,解压后覆盖到指定目录/var/www/html
[root@Ubuntu2004 ~]#apt -y install apache2 php7.4-fpm libapache2-mod-php7.4 php7.4-mysql php7.4-json php7.4-xml php7.4-mbstring php7.4-zip php7.4-gd php7.4-curl
[root@shopxo2 www]#scp shopxo-v2.3.0.zip 10.0.0.200:/var/www
[root@shopxo2 www]#unzip shopxo-v2.3.0.zip
[root@shopxo2 www]#mv shopxo-v2.3.0/* html/
[root@shopxo2 www]#chown -R www-data. html/
[root@shopxo2 www]#systemctl restart apache2
#访问本地地址进入shopxo,配置数据库连接,数据库连10.0.0.153
Rocky4–openvpn
#运行脚本,按步骤自动安装openvpn,并生成证书和账号
[root@openvpn data]#./openvpn.sh
1) 部署环境及安装软件 5) 申请账号密码
2) 准备CA证书和服务器证书并启动服务 6) 删除用户名密码
3) 申请客户端证书 7) 退出
4) 注销客户客户端证书
请按要求输入操作选项:
#准备以下文件
#checkpsw.sh openvpn@.service openvpn.sh
[root@openvpn data]#vim openvpn.sh
#!/bin/bash
#
#*********************************************
#Author: shuhong
#QQ: 985347841@qq.com
#Date: 2022-08-20
#FileName: openvpn.sh
#URL: www.hhhh.com
#Description: The test script
#Copyright(C): 2022All right reserved
#*********************************************
. /etc/init.d/functions
Red="\e[1;31m"
Purple="\e[1;35m"
Green="\e[1;32m"
Blue="\e[1;36m"
Yellow="\e[1;33m"
End="\e[0m"
#检查登录用户
check_root(){
if [ $UID -ne 0 ]; then
action "当前用户不是root,安装失败" false
exit 1
fi
}
#检查yum源
check_yum(){
yum=$(yum repolist |grep -o epel &> /dev/null; echo $?)
if [ $yum -eq 0 ];then
echo -e "$Green epel源存在$End"
else
echo -e "$Yellow重新为你添加epel源$End"
echo -en "
[epel]
name=EPEL
baseurl=https://mirror.tuna.tsinghua.edu.cn/epel/\$releasever/Everything/\$basearch
https://mirrors.cloud.tencent.com/epel/\$releasever/Everything/\$basearch
https://mirrors.huaweicloud.com/epel/\$releasever/Everything/\$basearch
https://mirrors.aliyun.com/epel/\$releasever/Everything/\$basearch
gpgcheck=0
enabled=1 " > /etc/yum.repos.d/epel.repo
yum clean all
yum makecache
action "epel配置完成" true
fi
}
#安装openvpn
install_openvpn(){
if [ -e /etc/openvpn ];then
action "openvpn已存在,安装失败" false
else
echo -e "$Green开始安装openvpn$End"
yum -y install openvpn
action "安装openvpn" true
fi
}
#安装easy-rsa
install_easy_rsa(){
if [ -e /usr/share/easy-rsa/ ];then
action "easy_rsa已存在" false
else
echo -e "$Green开始安装easy-rsa$End"
yum -y install easy-rsa
action "安装easy-rasy" true
fi
}
#展示软件版本
appinfo(){
echo -e "$Yellow软件版本$End"
yum list openvpn easy-rsa |tail -2|awk '{print $1,$2}'
}
check_apps(){
if [ -e /etc/openvpn -a -e /usr/share/easy-rsa/ ];then
action "openvpn和easy-rsa已安装" true
else
action "openvpn和easy-rsa未安装" false
exit 1
fi
}
#检查Openvpen服务是否已经已启动
check_servivce(){
status=$(systemctl status openvpn@server.service |awk -F"[ ()]+" '/^ + Active/{print $4}')
if [ $status == "running" ];then
echo -e "$Green服务正在运行$End"
exit 0
fi
}
#生成CA证书和密钥
CA(){
#echo CA
#准备好证书生成文件
cp -r /usr/share/easy-rsa/3/ /etc/openvpn/easy-rsa
#准备证书颁发相关配置变量的文件
cp /usr/share/doc/easy-rsa/vars.example /etc/openvpn/easy-rsa/vars
#设置CA和服务器证书有效期
echo -ne "set_var EASYRSA_CA_EXPIRE 36500\nset_var EASYRSA_CERT_EXPIRE 36500" >> /etc/openvpn/easy-rsa/vars
#初始化PKI生成相关的文件和目录
cd /etc/openvpn/easy-rsa/
echo -e "$Yellow生成PKI相关文件和目录$End"
echo "yes"| /etc/openvpn/easy-rsa/easyrsa init-pki
#创建 CA 机构证书环境
echo -e "$Yellow生成CA证书和私钥$End"
echo "CA" | /etc/openvpn/easy-rsa/easyrsa build-ca nopass
tree /etc/openvpn/easy-rsa/pki
}
server(){
cd /etc/openvpn/easy-rsa/
echo -e "$Yellow生成证书申请文件和密钥文件$End"
echo -e "OpenVPN" | /etc/openvpn/easy-rsa/easyrsa gen-req server nopass
echo -e "$Yellow生成服务器证书$End"
echo "yes" | /etc/openvpn/easy-rsa/easyrsa sign server server
echo -e "$Yellow生成Diffie-Hellma密钥$End"
/etc/openvpn/easy-rsa/easyrsa gen-dh
tree /etc/openvpn/easy-rsa/pki
}
startserver(){
cd /etc/openvpn/easy-rsa/
#将CA和服务器证书相关文件复制到服务器相应的目录
echo -e "$Yellow将CA和服务器证书相关文件复制到服务器相应的目录$End"
cp /etc/openvpn/easy-rsa/pki/ca.crt /etc/openvpn/server/
cp /etc/openvpn/easy-rsa/pki/issued/server.crt /etc/openvpn/server/
cp /etc/openvpn/easy-rsa/pki/private/server.key /etc/openvpn/server/
cp /etc/openvpn/easy-rsa/pki/dh.pem /etc/openvpn/server/
ls -l /etc/openvpn/server/
#准备启动的配置文件和日志目录
echo -e "$Yellow准备启动的配置文件和日志目录$End"
cp /usr/share/doc/openvpn/sample/sample-config-files/server.conf /etc/openvpn/
echo -e "$Yellow生成ta.key$End"
openvpn --genkey --secret /etc/openvpn/server/ta.key
#准备账号密码认证脚本
echo -e "$Yellow准备密码账户认证脚本$End"
#mv /checkpsw.sh /etc/openvpn/checkpsw.sh
find / -name "checkpsw.sh" -exec cp {} /etc/openvpn/ \;
chmod +x /etc/openvpn/checkpsw.sh
#提前生成吊销目录
echo -e "$Yellow生成证书吊销文件$End"
/etc/openvpn/easy-rsa/easyrsa gen-crl
echo -ne "port 1194
proto tcp
dev tun
ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/server.crt
key /etc/openvpn/server/server.key # This file should be kept secret
dh /etc/openvpn/server/dh.pem
server 10.8.0.0 255.255.255.0
push \"route 10.0.0.0 255.255.255.0\"
keepalive 10 120
cipher AES-256-CBC
compress lz4-v2
push \"compress lz4-v2\"
max-clients 2048
user openvpn
group openvpn
status /var/log/openvpn/openvpn-status.log
log-append /var/log/openvpn/openvpn.log
verb 3
mute 20
tls-auth /etc/openvpn/server/ta.key 0
crl-verify /etc/openvpn/easy-rsa/pki/crl.pem
script-security 3
auth-user-pass-verify /etc/openvpn/checkpsw.sh via-env
username-as-common-name" > /etc/openvpn/server.conf
getent passwd openvpn
mkdir /var/log/openvpn
chown openvpn:openvpn /var/log/openvpn
ls -d -d /var/log/openvpn/
find / -name "openvpn@.service" -exec cp {} /usr/lib/systemd/system/ \;
#cp /openvpn@.service /usr/lib/systemd/system/
ll /usr/lib/systemd/system/ |grep openvpn
systemctl daemon-reload
echo -e "$Yellow startOpen_VPN_service $End"
systemctl enable --now openvpn@server
systemctl status openvpn@server.service
echo "net.ipv4.ip_forward = 1" >>/etc/sysctl.conf
sysctl -p
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to-source 10.0.0.152
echo "iptables -t nat -A POSTROUTING -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to-source 10.0.0.152" >> /etc/rc.d/rc.local
}
#检查证书是否申请过
check_crt(){
if [ -e etc/openvpn/client/$1 ];then
echo -e "$Red证书已存在$End"
exit
fi
}
#申请客户端证书
reqcrt(){
if [ -e /etc/openvpn/client/$1 ];then
echo -e "$Red证书已存在$End"
exit 1
else
cd /etc/openvpn/easy-rsa/
echo -e "$Yellow用户证书有效期默认设置150天$End"
sed -ri "s/(^set_var EASYRSA_CERT_EXPIRE )[0-9]+$/\1150/i" /etc/openvpn/easy-rsa/vars
echo -e "$Yellow生成客户端证书申请文件$End"
mkdir /etc/openvpn/client/$1
echo "$1" | ./easyrsa gen-req $1 nopass
echo "yes"| ./easyrsa sign client $1
#find /etc/openvpn/easy-rsa/ \( -name "$1.key" -o -name "$1.crt" \) -exec cp {} /etc/openvpn/client/$1/ \;
cp /etc/openvpn/easy-rsa/pki/private/$1.key /etc/openvpn/client/$1/client.key
cp /etc/openvpn/easy-rsa/pki/issued/$1.crt /etc/openvpn/client/$1/client.crt
cp /etc/openvpn/server/{ca.crt,ta.key} /etc/openvpn/client/$1
#mv /etc/openvpn/client/$1/$1.key client.key
#mv /etc/openvpn/client/$1/$1.key client.crt
echo -ne "client
dev tun
proto tcp
remote $2 1194
resolv-retry infinite
nobind
#persist-key
#persist-tun
ca ca.crt
cert client.crt
key client.key
remote-cert-tls server
tls-auth ta.key 1
cipher AES-256-CBC
verb 3
compress lz4-v2
auth-user-pass
" > /etc/openvpn/client/$1/client.ovpn
zip /etc/openvpn/client/$1/$1.zip /etc/openvpn/client/$1/*
fi
}
#证书注销
crtdel(){
cd /etc/openvpn/easy-rsa/
echo "yes" | /etc/openvpn/easy-rsa/easyrsa revoke $1
/etc/openvpn/easy-rsa/easyrsa gen-crl
rm -rf /etc/openvpn/client/$1
}
#账号申请
useradd(){
grep -o "$1" /etc/openvpn/psw-file && { echo -e "$Red用户已存在$End";exit 1; } || { echo -e "$1 $2" >> /etc/openvpn/psw-file;systemctl daemon-reload;systemctl restart openvpn@server.service;echo -e "$Green用户$1添加成功$End"; }
}
#账号删除
userdel(){
grep -o "$1" /etc/openvpn/psw-file && { sed -ri "s/(^$1.*)//i" /etc/openvpn/psw-file;echo -e "$Green删除$1用户成功$End";systemctl daemon-reload;systemctl restart openvpn@server.service; } || { echo -e "$Red用户$1不存在$End"; }
}
PS3="请按要求输入操作选项:"
select lists in 部署环境及安装软件 准备CA证书和服务器证书并启动服务 申请客户端证书 注销客户客户端证书 申请账号密码 删除用户名密码 退出;do
case $REPLY in
1)
#部署环境及安装软件
echo -e "$Blue$lists$End"
check_root #检查是否是root用户登录
check_servivce
check_yum #检查有没有eple源
install_openvpn #安装openvpn
install_easy_rsa #安装easy_rsa
appinfo #展示软件版本
;;
2)
#准备服务器证书并启动服务端
echo -e "$Blue$lists$End"
check_apps #检查是否安装软件包
check_servivce #检查Openvpen服务是否已经已启动
CA #生成CA证书和密钥
server #生成server证书和密钥,准备server.conf文件
startserver #启动openvpn服务
;;
3)
#申请客户客户端证书
echo -e "$Blue$lists$End"
read -p "输入证书名称:" crtname
read -p "输入vpn地址:" ip
check_crt $crtname
reqcrt $crtname $ip
;;
4)
#注销客户客户端证书
echo -e "$Blue$lists$End"
ls -l /etc/openvpn/client/ |awk 'NR!=1{print $9}'
read -p "请输入要删除的证书:" dcrtname
crtdel $dcrtname
;;
5) #申请账号密码
echo -e "$Blue$lists$End"
echo -e "$Yellow现有账号$End"
awk '{print $1}' /etc/openvpn/psw-file
read -p "请输入用户名(英文字母数字):" uname
read -p "请输入密码(英文字母数字):" passd
useradd $uname $passd
;;
6)
#删除用户名密码
echo -e "$Blue$lists$End"
echo -e "$Yellow现有账号$End"
awk '{print $1}' /etc/openvpn/psw-file
read -p "请输入用户名(英文字母数字):" duname
userdel $duname
;;
7) #退出
echo -e "$Blue$lists$End"
exit
;;
*)
echo "输入错误请重新输入"
;;
esac
done
#将客户端证书和文件拷到客户端,考压缩包即可
[root@openvpn data]#cd /etc/openvpn/client/
[root@openvpn client]#ll
total 0
drwxr-xr-x 2 root root 108 Aug 26 22:32 shuhong
[root@openvpn client]#cd shuhong/
[root@openvpn shuhong]#ll
total 32
-rw------- 1 root root 1168 Aug 26 22:32 ca.crt
-rw------- 1 root root 4451 Aug 26 22:32 client.crt
-rw------- 1 root root 1704 Aug 26 22:32 client.key
-rw-r--r-- 1 root root 246 Aug 26 22:32 client.ovpn
-rw-r--r-- 1 root root 6213 Aug 26 22:32 shuhong.zip
-rw------- 1 root root 636 Aug 26 22:32 ta.key
Rocky5–firewalld1
[root@firewalld1 ~]#iptables -t nat -A PREROUTING -d 172.25.254.130 -p tcp --dport 80 -j DNAT --to-destination 10.0.0.153:80
[root@firewalld1 ~]#iptables -t nat -A PREROUTING -d 172.25.254.130 -p tcp --dport 8080 -j DNAT --to-destination 10.0.0.152:80
[root@firewalld1 ~]#iptables -nvL -t nat
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
40 2400 DNAT tcp -- * * 0.0.0.0/0 172.25.254.130 tcp dpt:80 to:10.0.0.153:80
6 360 DNAT tcp -- * * 0.0.0.0/0 172.25.254.130 tcp dpt:8080 to:10.0.0.152:80
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
[root@firewalld1 ~]#vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
[root@firewalld1 ~]#sysctl -p
net.ipv4.ip_forward = 1
Rocky6–主dns服务器
[root@MDNS ~]#yum -y install bind
[root@MDNS ~]#vim /etc/named.conf
// listen-on port 53 { localhost; };
// listen-on-v6 port 53 { ::1; };
allow-query { any; };
[root@MDNS ~]#vim /etc/named.rfc1912.zones
zone "rs.sh" IN {
type master;
file "rs.sh.zone";
};
[root@MDNS ~]#cd /var/named/
[root@MDNS named]#vim rs.sh.zone
$TTL 1D
@ IN SOA master admin (
1 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS master
master A 192.168.0.11
www A 172.25.254.130
[root@MDNS named]#chown .named rs.sh.zone
[root@MDNS named]#systemctl restart named
Rocky7–从DNS服务器
[root@SDNS slaves]#yum -y install bind
[root@SDNS slaves]#vim /etc/named.conf
// listen-on port 53 { 127.0.0.1; };
// listen-on-v6 port 53 { ::1; };
// allow-query { localhost; };
[root@SDNS slaves]#vim /etc/named.rfc1912.zones
zone "rs.sh" IN {
type slave;
masters { 192.168.0.11; };
file "slaves/rs.sh.slave";
};
[root@SDNS slaves]#systemctl restart named
[root@SDNS slaves]#ll
total 4
-rw-r--r-- 1 named named 220 Aug 27 11:06 rs.sh.slave
[root@SDNS slaves]#pwd
/var/named/slaves
Rocky8–firewalld2
[root@firewalld2 ~]#iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE
[root@firewalld2 ~]#iptables -t nat -A PREROUTING -d 172.25.254.131 -p tcp --dport 80 -j DNAT --to-destination 192.168.0.10
[root@firewalld2 ~]#iptables -nvL -t nat
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
10 600 DNAT tcp -- * * 0.0.0.0/0 172.25.254.131 tcp dpt:80 to:192.168.0.10
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
49 3012 MASQUERADE all -- * * 192.168.0.0/24 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
[root@firewalld2 ~]#vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
[root@firewalld2 ~]#sysctl -p
net.ipv4.ip_forward = 1
Rocky9–客户端机器
#验证访问博客网站www.rs.sh:8080
[root@client ~]#curl www.rs.sh:8080
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta name="viewport" content="width=device-width, user-scalable=yes, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta charset="UTF-8">
<link rel="profile" href="http://gmpg.org/xfn/11">
<title>RS – Welcome SH Blog!!</title>
<meta name='robots' content='max-image-preview:large' />
<link rel='dns-prefetch' href='//10.0.0.152' />
<link rel='dns-prefetch' href='//fonts.googleapis.com' />
<link rel='dns-prefetch' href='//s.w.org' />
<link rel="alternate" type="application/rss+xml" title="RS » Feed" href="http://10.0.0.152/index.php/feed/" />
<link rel="alternate" type="application/rss+xml" title="RS » 评论Feed" href="http://10.0.0.152/index.php/comments/feed/" />
<script>
window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/14.0.0\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/"source":{"concatemoji":"http:\/\/10.0.0.152\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.0.1"}};
/*! This file is auto-generated */
!function(e,a,t){var n,r,o,i=a.createElement("canvas"),p=i.getContext&&i.getContext("2d");function s(e,t){var a=String.fromCharCode,e=(p.clearRect(0,0,i.widthhis,e),0,0),i.toDataURL());return p.clearRect(0,0,i.width,i.height),p.fillText(a.apply(this,t),0,0),e===i.toDataURL()}function c(e){var t=a.createElement("scrext/javascript",a.getElementsByTagName("head")[0].appendChild(t)}for(o=Array("flag","emoji"),t.supports={everything:!0,everythingExceptFlag:!0},r=0;r<o.lengthe){if(!p||!p.fillText)return!1;switch(p.textBaseline="top",p.font="600 32px Arial",e){case"flag":return s([127987,65039,8205,9895,65039],[127987,65039,8203,985356,56819],[55356,56826,8203,55356,56819])&&!s([55356,57332,56128,56423,56128,56418,56128,56421,56128,56430,56128,56423,56128,56447],[55356,57332,8203,56128,28,56421,8203,56128,56430,8203,56128,56423,8203,56128,56447]);case"emoji":return!s([129777,127995,8205,129778,127999],[129777,127995,8203,129778,127999])}retung=t.supports.everything&&t.supports[o[r]],"flag"!==o[r]&&(t.supports.everythingExceptFlag=t.supports.everythingExceptFlag&&t.supports[o[r]]);t.supports.everyythingExceptFlag&&!t.supports.flag,t.DOMReady=!1,t.readyCallback=function(){t.DOMReady=!0},t.supports.everything||(n=function(){t.readyCallback()},a.addEventLMContentLoaded",n,!1),e.addEventListener("load",n,!1)):(e.attachEvent("onload",n),a.attachEvent("onreadystatechange",function(){"complete"===a.readyState&&t.r{}).concatemoji?c(e.concatemoji):e.wpemoji&&e.twemoji&&(c(e.twemoji),c(e.wpemoji)))}(window,document,window._wpemojiSettings);
</script>
<style>
img.wp-smiley,
...........................
#验证访问电商网站www.rs.sh
[root@client ~]#curl www.rs.sh
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<title>ShopXO企业级B2C电商系统提供商 - 演示站点</title>
<meta name="keywords" content="商城系统,开源电商系统,免费电商系统,PHP电商系统,商城系统,B2C电商系统,B2B2C电商系统" />
<meta name="description" content="ShopXO是国内领先的商城系统提供商,为企业提供php商城系统、微信商城、小程序。" />
<meta name="generator" content="http://www.rs.sh/" />
<meta name="application-name" content="ShopXO企业级B2C电商系统提供商 - 演示站点" />
<meta name="msapplication-tooltip" content="ShopXO企业级B2C电商系统提供商 - 演示站点" />
<meta name="msapplication-starturl" content="http://www.rs.sh/" />
<link rel="shortcut icon" type="image/x-icon" href="http://www.rs.sh/public/favicon.ico" />
<meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1, maximum-scale=1">
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="apple-mobile-web-app-title" content="ShopXO">
<link rel="apple-touch-icon" href="http://www.rs.sh/public/static/upload/images/common/2019/01/14/1547448728921121.jpg">
<link rel="apple-touch-icon-precomposed" href="http://www.rs.sh/public/static/upload/images/common/2019/01/14/1547448728921121.jpg">
<link rel="stylesheet" type="text/css" href="http://www.rs.sh/public/static/common/lib/assets/css/amazeui.css?v=20200202" />
<link rel="stylesheet" type="text/css" href="http://www.rs.sh/public/static/common/lib/amazeui-switch/amazeui.switch.css?v=20200202" />
<link rel="stylesheet" type="text/css" href="http://www.rs.sh/public/static/common/lib/amazeui-chosen/amazeui.chosen.css?v=20200202" />
<link rel="stylesheet" type="text/css" href="http://www.rs.sh/public/static/common/lib/cropper/cropper.min.css?v=20200202" />
<link rel="stylesheet" type="text/css" href="http://www.rs.sh/public/static/common/lib/amazeui-tagsinput/amazeui.tagsinput.css?v=20200202" />
<link rel="stylesheet" type="text/css" href="http://www.rs.sh/public/static/common/css/common.css?v=20200202" />
<link rel="stylesheet" type="text/css" href="http://www.rs.sh/public/static/index/default/css/common.css?v=20200202" />
<link rel="stylesheet" type="text/css" href="http://www.rs.sh/public/static/index/default/css/index.css?v=20200202" />
<!-- css钩子 -->
<script type="text/javascript">
var __root__ = 'http://www.rs.sh/public/';
var __my_url__ = 'http://www.rs.sh/';
var __my_public_url__ = 'http://www.rs.sh/public/';
......
