26 LAMP
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了26 LAMP相关的知识,希望对你有一定的参考价值。
LAMPLinux + Apache(httpd) + mysql + php
-
MySQL的安装
wget [下载地址] 文件名类似这样:mysql-5.6.35-linux-glibc2.5-x86_64.tar.gz
tar zxvf 解压
mv mysql-5.6.35-linux-glibc2.5-x86_64 /usr/local/mysql 移动目录并改名
cd /usr/local/mysql 放置目录
useradd mysql
mkdir /data/ 数据目录
./scripts/mysql_install_db --user=mysql --datadir=/data/mysql 初始化
vim /etc/my.cnf 编辑内容为:
[mysqld]
datadir=/data/mysql
socket=/tmp/mysql.sock
cp support-files/mysql.server /etc/init.d/mysqld
vi /etc/init.d/mysqld
定义basedir(/usr/local/mysql)和datadir(/data/mysql)
/etc/init.d/mysqld start
service mysqld start -
Mariadb的安装
cd /usr/local/src
wget [下载地址] 文件名类似mariadb-10.2.6-linux-glibc_214-x86_64.tar.gz
tar zxvf mariadb-10.2.6-linux-glibc_214-x86_64.tar.gz 解压
mv mariadb-10.2.6-linux-glibc_214-x86_64 /usr/local/mariadb 移动并改名
cd /usr/local/mariadb
./scripts/mysql_install_db --user=mysql --basedir=/usr/local/mariadb/ --datadir=/data/mariadb 初始化
cp support-files/my-small.cnf /usr/local/mariadb/my.cnf
cp support-files/mysql.server /etc/init.d/mariadb
vim /etc/init.d/mariadb //定义basedir、datadir、conf以及启动参数
/etc/init.d/mariadb start -
Apache(httpd)的安装
wget http://mirrors.cnnic.cn/apache/httpd/httpd-2.4.27.tar.gz
wget http://mirrors.hust.edu.cn/apache/apr/apr-1.5.2.tar.gz
wget http://mirrors.hust.edu.cn/apache/apr/apr-util-1.5.4.tar.gz
apr和apr-util是一个通用的函数库,它让httpd可以不关心底层的操作系统平台,可以很方便地移植(从linux移植到windows)
解压
cd apr-1.6.3/
./configure --prefix=/usr/local/apr!
make && make install
完成apr的安装
cd /usr/local/src/apr-util-1.6.1
./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
make && make install
完成apr-util的安装
cd /usr/local/src/httpd-2.4.29
./configure \ (反斜杠是脱义字符,加上它可以把一行命令写成多行)
--prefix=/usr/local/apache2.4 \
--with-apr=/usr/local/apr \
--with-apr-util=/usr/local/apr-util \
--enable-so \
--enable-mods-shared=most
make && make install
完成Apache的安装 -
PHP5的安装
wget http://cn2.php.net/distributions/php-5.6.30.tar.bz2
tar -jxvf php-5.6.30.tar.gz
cd php-5.6.30
./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache2.4/bin/apxs --with-config-file-path=/usr/local/php/etc --with-mysql=/usr/local/mysql --with-pdo-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-libxml-dir --with-gd --with-jpeg-dir --with-png-dir --with-freetype-dir --with-iconv-dir --with-zlib-dir --with-bz2 --with-openssl --with-mcrypt --enable-soap --enable-gd-native-ttf --enable-mbstring --enable-sockets --enable-exif
make && make install
cp php.ini-production /usr/local/php/etc/php.ini -
PHP7的安装
wget http://cn2.php.net/distributions/php-7.1.6.tar.bz2
tar -zxvf php-7.1.6.tar.bz2
cd php-7.1.6
./configure --prefix=/usr/local/php7 --with-apxs2=/usr/local/apache2.4/bin/apxs --with-config-file-path=/usr/local/php7/etc --with-pdo-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-libxml-dir --with-gd --with-jpeg-dir --with-png-dir --with-freetype-dir --with-iconv-dir --with-zlib-dir --with-bz2 --with-openssl --with-mcrypt --enable-soap --enable-gd-native-ttf --enable-mbstring --enable-sockets --enable-exif
make && make install
cp php.ini-production /usr/local/php7/etc/php.ini - Apache和PHP结合
vim /usr/local/apache2.4/conf/httpd.conf 编辑文件修改以下内容
#ServerName www.example.com:80 将井号去掉
LoadModule php7_module modules/libphp7.so 前面加上井号,注释掉,因为同时安装了php5和7,注释其中一个
Require all denied 改为 Require all granted
AddType application/x-compress .Z AddType application/x-gzip .gz .tgz 下增加一行AddType application/x-httpd-php .php
/usr/local/apache2.4/bin/apachectl -t 测试配置文件的语法
/usr/local/apache2.4/bin/apachectl graceful 重新加载配置
-
Apache默认虚拟主机
vim /usr/local/apache2/conf/httpd.conf //搜索httpd-vhost,去掉#
vim /usr/local/apache2/conf/extra/httpd-vhosts.conf //改为如下
<VirtualHost :80>
ServerAdmin [email protected]
DocumentRoot "/data/wwwroot/aming.com"
ServerName aming.com
ServerAlias www.aming.com
ErrorLog "logs/aming.com-error_log"
CustomLog "logs/aming.com-access_log" common
</VirtualHost>
<VirtualHost :80>
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
</VirtualHost> -
httpd的用户认证
vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //把123.com那个虚拟主机编辑成如下内容
<VirtualHost :80>
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
<Directory /data/wwwroot/www.123.com> //指定认证的目录
AllowOverride AuthConfig //这个相当于打开认证的开关
AuthName "123.com user auth" //自定义认证的名字,作用不大
AuthType Basic //认证的类型,一般为Basic,其他类型阿铭没用过
AuthUserFile /data/.htpasswd //指定密码文件所在位置
require valid-user //指定需要认证的用户为全部可用用户
</Directory>
</VirtualHost>
/usr/local/apache2.4/bin/htpasswd -cm /data/.htpasswd [username] 创建用户,执行后要求输入用户对应密码(c表示创建,m表示加密类型)
还可以针对单个文件进行认证
<VirtualHost :80>
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
<FilesMatch admin.php>
AllowOverride AuthConfig
AuthName "123.com user auth"
AuthType Basic
AuthUserFile /data/.htpasswd
require valid-user
</FilesMatch>
</VirtualHost>
curl -x127.0.0.1:80 www.123.com //状态码为401 没有认证不能直接进去
curl -x127.0.0.1:80 -u[username]:[password] www.123.com -u后紧跟用户名和密码-
域名跳转
需求,把123.com域名跳转到www.123.com,配置如下:
<VirtualHost :80>
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
ServerAlias 123.com
<IfModule mod_rewrite.c> //需要mod_rewrite模块支持
RewriteEngine on //打开rewrite功能
RewriteCond %{HTTP_HOST} !^www.123.com$ //定义rewrite的条件,主机名(域名)不是www.123.com,满足条件
RewriteRule ^/(.)$ http://www.123.com/$1 [R=301,L] //定义rewrite规则,当满足上面的条件时,这条规则才会执行 301指永久跳转
</IfModule>
</VirtualHost>
/usr/local/apache2/bin/apachectl -M|grep -i rewrite //若无该模块,需要编辑配置文件httpd.conf,删除rewrite_module (shared) 前面的# - 访问日志
/usr/local/apache2.4/logs/ 日志文件所在目录
vim /usr/local/apache2.4/conf/httpd.conf //搜索LogFormat 可以编辑日志格式
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined user-agent 用户代理(如浏览器) referer 访问的上一网址(如通过超链接点进来,则显示超链接所在网址;直接输网址进入不显示)
LogFormat "%h %l %u %t \"%r\" %>s %b" common
把虚拟主机配置文件改成如下:
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
ServerAlias 123.com
CustomLog "logs/123.com-access_log" combined
</VirtualHost>
-
网站大多元素为静态文件,如图片、css、js等,这些元素可以不用记录
把虚拟主机配置文件改成如下:
<VirtualHost :80>
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
ServerAlias 123.com
SetEnvIf Request_URI "..gif$" img
SetEnvIf Request_URI "..jpg$" img
SetEnvIf Request_URI "..png$" img
SetEnvIf Request_URI "..bmp$" img
SetEnvIf Request_URI "..swf$" img
SetEnvIf Request_URI "..js$" img
SetEnvIf Request_URI "..css$" img
CustomLog "logs/123.com-access_log" combined env=!img
</VirtualHost>
日志切割
把虚拟主机配置文件改成如下:
<VirtualHost :80>
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
ServerAlias 123.com
SetEnvIf Request_URI "..gif$" img
SetEnvIf Request_URI "..jpg$" img
SetEnvIf Request_URI "..png$" img
SetEnvIf Request_URI "..bmp$" img
SetEnvIf Request_URI "..swf$" img
SetEnvIf Request_URI "..js$" img
SetEnvIf Request_URI "..css$" img
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" combined env=!img // -l 以系统时间为准 86400 一天有86400秒,意即以一天切割
</VirtualHost>
浏览器访问网站的图片时会把静态的文件缓存在本地电脑里,这样下次再访问时就不用去远程下载了
增加配置
<IfModule mod_expires.c>
ExpiresActive on //打开该功能的开关
ExpiresByType image/gif "access plus 1 days"
ExpiresByType image/jpeg "access plus 24 hours"
ExpiresByType image/png "access plus 24 hours"
ExpiresByType text/css "now plus 2 hour"
ExpiresByType application/x-javascript "now plus 2 hours"
ExpiresByType application/javascript "now plus 2 hours"
ExpiresByType application/x-shockwave-flash "now plus 2 hours"
ExpiresDefault "now plus 0 min" 其余文件不需要缓存
</IfModule>
需要在配置文件中打开expires_module
-
配置防盗链
从第三方引用网址,资源不是自己的,但是借用超链接取得资源点
通过限制referer来实现防盗链的功能
配置文件增加如下内容
<Directory /data/wwwroot/www.123.com> 被保护站点
SetEnvIfNoCase Referer "http://www.123.com" local_ref 白名单
SetEnvIfNoCase Referer "http://123.com" local_ref 白名单
SetEnvIfNoCase Referer "^$" local_ref 白名单,直接输入网址的形式
<filesmatch ".(txt|doc|mp3|zip|rar|jpg|gif)">
Order Allow,Deny
Allow from env=local_ref
</filesmatch>
</Directory>
curl -e "http://www.aminglinux.com/123.html" 指定referer访问 -
访问控制
<Directory /data/wwwroot/www.123.com/admin/>
Order deny,allow //先执行下面的deny语句,再执行allow,allow的效果刷新,即除127.0.0.1外不允许访问。若顺序改变,则都不允许访问
Deny from all
Allow from 127.0.0.1
</Directory><Directory /data/wwwroot/www.123.com>
<FilesMatch "admin.php(.*)">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</FilesMatch>
</Directory><Directory /data/wwwroot/www.123.com/upload>
php_admin_flag engine off // 禁止解析php
</Directory>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} .curl. [NC,OR] //OR表示跟下一个条件选择关系(或者) NC表不区分大小写
RewriteCond %{HTTP_USER_AGENT} .baidu.com. [NC]
RewriteRule .* - [F]
</IfModule>
-
PHP配置
/usr/local/php/bin/php -i|grep -i "loaded configuration file"
运行结果,可以查到php的配置文件,命令结果:Loaded Configuration File => /usr/local/php/etc/php.ini
vim /usr/local/php/etc/php.ini
找到disable_functions = 在后面加上eval,assert,popen,passthru,escapeshellarg,escapeshellcmd,passthru,exec,system,chroot,scandir,chgrp,chown,escapeshellcmd,escapeshellarg,shell_exec,proc_get_status,ini_alter,ini_restore,dl,pfsockopen,openlog,syslog,readlink,symlink,leak,popepassthru,stream_socket_server,popen,proc_open,proc_close,表示这些函数被禁用
display_errors 表示错误会显示出来
log_errors 错误日志是否开启
error_log 错误日志文件及位置
error_reporting 记录错误日志等级
open_basedir 防止被黑,隔离目录用,后跟被隔离目录
也可以在虚拟主机的配置文件里加上php_admin_value open_basedir "[目录名]" - PHP扩展模块安装
下面安装一个redis的模块
cd /usr/local/src/
wget https://codeload.github.com/phpredis/phpredis/zip/develop
mv develop phpredis-develop.zip
unzip phpredis-develop.zip
cd phpredis-develop
/usr/local/php/bin/phpize //生成configure文件 前提要安装autoconf
./configure --with-php-config=/usr/local/php/bin/php-config
make && make install
/usr/local/php/bin/php -i |grep extension_dir //查看扩展模块存放目录,我们可以在php.ini中去自定义该路径
vim /usr/local/php/etc/php.ini //增加一行配置(可以放到文件最后一行)extension = redis.so 才能加载模块
以上是关于26 LAMP的主要内容,如果未能解决你的问题,请参考以下文章