@Great-Chinese
2017-03-03T05:34:52.000000Z
字数 13858
阅读 868
LAMP架构搭建与优化
1:下载mysql到/usr/local/src/
cd /usr/local/srcwget http://syslab.comsenz.com/downloads/linux/mysql-5.5.52-linux2.6-x86_64.tar.gz
2:解压
tar -zxvf mysql-5.5.52-linux2.6-x86_64.tar.gzdu -sh mysql-5.5.52-linux2.6-x86_64.tar.gz # 查看此文件的大小
3:建立mysql用户,不创建家目录
useradd -s /sbin/nologin -M mysqlls /home/ #查看创建了的用户
4:把解压完的数据移动到/usr/local/mysql
mv mysql-5.5.52-linux2.6-x86_64 /usr/local/mysql
5:初始化数据库
cd /usr/local/mysql/mkdir -p /data/mysql # 创建数据目录chown -R mysql:mysql /data/mysql # 修改目录所属人为mysql./scripts/mysql_install_db --user=mysql --datadir=/data/mysql #初始化数据库echo $?
6:拷贝配置文件
cd support-files/ #数据库辅助文件lscp my-large.cnf /etc/my.cnfvim /etc/my.cnf
7:拷贝启动脚本文件
ls /etc/init.d/cp mysql.server /etc/init.d/mysqld
8:修改启动脚本
vim /etc/init.d/mysqldbasedir=/usr/local/mysqldatadir=/data/mysql
9:把启动脚本加入系统服务项,并设定开机启动,启动mysql
chkconfig --add mysqldchkconfig mysqld on/etc/init.d/mysqld start
10:检查mysql是否启动
ps aux |grep mysqlnetstat -lnp |grep mysql
1:下载httpd到/usr/local/src/
cd /usr/local/srcwget http://syslab.comsenz.com/downloads/linux/httpd-2.2.31.tar.gz
2 : 解压
tar -zxvf httpd-2.2.31.tar.gz
3 : 配置编译参数
cd httpd-2.2.31#编译参数如下./configure --prefix=/usr/local/apache2 --with-included-apr --enable-so --enable-deflate=shared --enable-expires=shared --enable-rewrite=shared --with-pcre
--prefix 指定安装到哪里,
--enable-so 表示启用DSO [1]
--enable-deflate=shared 表示共享的方式编译deflate,后面的参数同理。
如果这一步你出现了这样的错误:
error: mod_deflate has been requested but can not be built due to prerequisite failures
解决办法是:
yum install -y zlib-devel
为了避免在make的时候出现错误,所以最好是提前先安装好一些库文件:
yum install -y pcre pcre-devel apr apr-devel
4:编译
makeecho $? #可检查make命令是否正确,值为0才是正确的
5:安装
make installecho $? # 可检查make install命令是否正确,值为0才是正确的
6 : 启动,关闭,重启
/usr/local/apache2/bin/apachectl start/usr/local/apache2/bin/apachectl stop/usr/local/apache2/bin/apachectl restart # 先杀死进程,再重新开启新的进程/usr/local/apache2/bin/apachectl graceful # 重新加载新的配置文件,原进程还在
7 : 检查apache是否启动
ps aux |grep httpd
8 : 相关选项
/usr/local/apache2/bin/apachectl -M # 列出动态模块/usr/local/apache2/bin/apachectl -l # 列出静态模块ls /usr/local/apache2/modules # 查看动态共享模块,此文件是单独的ls /usr/local/apache2/bin/httpd # 查看静态模块/usr/local/apache2/bin/apachectl -t # 检测配置文件有没有错误ls /usr/local/apache2/conf/httpd.conf # 查看配置文件./configure --help |less # 查看相关工作模式
1 : 下载php到/usr/local/src/
cd /usr/local/srcwget http://am1.php.net/distributions/php-5.4.36.tar.bz2
2 : 解压
tar -jxvf php-5.4.36.tar.bz2
3 : 配置编译参数
cd php-5.4.36./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache2/bin/apxs --with-config-file-path=/usr/local/php/etc --with-mysql=/usr/local/mysql --with-libxml-dir --with-gd --with-jpeg-dir --with-png-dir --with-freetype-dir --with-iconv-dir --with-zlib-dir --with-bz2 --with-openssl --with-mcrypt --enable-soap --enable-gd-native-ttf --enable-mbstring --enable-sockets --enable-exif --disable-ipv6# 错误1configure: error: xml2-config not found. Please check your libxml2 installation.yum install -y libxml2-devel# 错误2 configure: error: Cannot find OpenSSL's <evp.h>yum install -y openssl openssl-devel# 错误 3checking for BZip2 in default path... not foundconfigure: error: Please reinstall the BZip2 distributionyum install -y bzip2 bzip2-devel# 错误 4configure: error: png.h not found.yum install -y libpng libpng-devel# 错误 5configure: error: freetype.h not found.yum install -y freetype freetype-devel# 错误 6configure: error: mcrypt.h not found. Please reinstall libmcrypt.rpm -ivh http://www.aminglinux.com/bbs/data/attachment/forum/month_1211/epel-release-6-7.noarch.rpmyum install -y libmcrypt-devel因为centos6.x 默认的yum源没有libmcrypt-devel 这个包,只能借助第三方yum源。
4:编译
make
5:安装
make installecho $? #查看安装是否正确
6:拷贝配置文件
cp php.ini-production /usr/local/php/etc/php.ini
8:相关选项
ls /usr/local/phpls /usr/local/apache2/modules/usr/local/apache2/modules/usr/local/php/bin/php -m # 查看模块/usr/local/php/bin/php -i # 查看相关的配置
1:新建php文件
cd /usr/local/apache2/htdocs# php 编辑格式vim 2.php<?phpecho akakakakka;?>
2:测试是否正确解析php
vim /usr/local/apache2/conf/httpd.conf # 1.首先修改Apache主配置文件# 找到:AddType application/x-gzip .gz .tgz 在该行下面添加:AddType application/x-httpd-php .php# 找到:DirectoryIndex index.html 将该行改为:DirectoryIndex index.html index.php/usr/local/apache2/bin/apachectl -t # 2.检测apache2配置是否有问题/usr/local/apache2/bin/apachectl graceful # 3.没有问题就重启加载apache2
3:编辑info.php文件
# info.php 编辑格式vim info.php<?phpphpinfo();?># 查看编译包/usr/local/php/bin/php -i|lesscat /usr/local/apache2/build/config.nicels /usr/local/php/etc#复制cp /usr/local/src/php-5.4.36/php.ini-production /usr/local/php/etc/php.ini/usr/local/apache2/bin/apachectl gracefulcurl 192.168.31.127/info.phpcurl 192.168.31.127/1.txtcurl 192.168.31.127/index.html
1:下载Discuz到/data/www
mkdir /data/www #作为discuz的根目录cd /data/wwwwget http://download.comsenz.com/DiscuzX/3.2/Discuz_X3.2_SC_GBK.zip
2: 解压
unzip Discuz_X3.2_SC_GBK.zipmv upload/* ./ #rm -rf readme/ utility/ upload/ Discuz_X3.2_SC_GBK.zip #ps aux |grep httpd #查看httpd进程,如果没有启动就要重启
3:
vim /usr/local/apache2/conf/httpd.confInclude conf/extra/httpd-vhosts.conf # 把此行调用起来vim /usr/local/apache2/conf/extra/httpd-vhosts.conf #编辑虚拟主机配置文件如下:<VirtualHost *:80>DocumentRoot "/data/www"ServerName www.test.comServerAlias www.aaa.com# ErrorLog "logs/dummy-host.example.com-error_log"# CustomLog "logs/dummy-host.example.com-access_log" common</VirtualHost># 查看虚拟主机默认文件是否正确/usr/local/apache2/bin/apachectl -t
4:安装Discuz
# 本地生效vim /etc/hostsping www.baidu.com# windows 生效C:\Windows\System32\drivers\etc\HOSTS # 在此文件中加入如下字符192.168.31.127 www.test.com www.aaa.com# 如果网址被Forbidden,编辑如下文件vim /usr/local/apache2/conf/httpd.conf把Deny from all 改成 Allow from all/usr/local/apache2/bin/apachectl -t # 检测配置文件是否出错/usr/local/apache2/bin/apachectl restart # 重启ps aux |grep http# 修改目录的所属组为daemonchown -R daemon config data uc_client/data uc_server/data#如何配置mysql的PATHrpm -qf /usr/bin/mysqlvim /etc/profile.d/path.sh # 编辑此文件,修改文件如下:export PATH=$PATH:/usr/local/mysql/bin# 让修改的配置文件生效source /etc/profile.d/path.sh#创建用户,安装数据库mysqlmysql> create database discuz;mysql> grant all on discuz.* to ''melody'@'localhost' identified by 'melodylinux'';
1:创建目录或文件
mkdir abccd abccp /etc/passwd ./12.txt
2:修改虚拟主机配置文件
vim /usr/local/apache2/conf/extra/httpd-vhosts.conf # 增加内容到Directory内<VirtualHost *:80>DocumentRoot "/data/www"ServerName www.test.comServerAlias www.aaa.com# ErrorLog "logs/dummy-host.example.com-error_log"# CustomLog "logs/dummy-host.example.com-access_log" common<Directory /data/www/abc/>AllowOverride AuthConfigAuthName "aaaaa"AuthType BasicAuthUserFile /data/.htpasswdrequire valid-user</Directory></VirtualHost># 修改存放用户与用户密码的文件htpasswd -c /data/.htpasswd user1cat /data/.htpasswdhtpasswd /data/.htpasswd user2cat /data/.htpasswd# 检查配置文件是否正确apachectl -t# 重启apachectl graceful
3:如何配置apache的PATH
vim /etc/profile.d/path.sh # 编辑此文件,修改文件如下:export PATH=$PATH:/usr/local/mysql/bin:/usr/local/apache2/bin# 让修改的配置文件生效source /etc/profile.d/path.sh
1:在Windows下加入其它域名
C:\Windows\System32\drivers\etc\HOSTS # 在此文件中加www.222.com等字符192.168.31.127 www.test.com www.aaa.com www.222.com
2:修改虚拟主机配置文件
vim /usr/local/apache2/conf/extra/httpd-vhosts.conf # 增加如下内容<VirtualHost *:80>DocumentRoot "/tmp/123"ServerName 1111.com</VirtualHost>
3:创建空目录,并修改权限为600,重启即可
mkdir /tmp/123chmod 600 /tmp/123apachectl -tapachectl restart
1:修改虚拟主机配置文件
vim /usr/local/apache2/conf/extra/httpd-vhosts.conf#增加内容如下:# ErrorLog "logs/dummy-host.example.com-error_log"# CustomLog "logs/dummy-host.example.com-access_log" common<IfModule mod_rewrite.c>RewriteEngine onRewriteCond %{HTTP_HOST} ^www.aaa.com$ [OR]RewriteCond %{HTTP_HOST} ^www.bbb.com$RewriteRule ^/(.*)$ http://www.test.com/$1 [R=301,L]</IfModule># 检查配置文件是否错误apachectl -t# 重启apachectl restart
2:
curl -x192.168.31.127:80 www.aaa.com/adaldkladka -Icurl -x192.168.31.127:80 www.bbb.com/adaldkladka -I
1 :如何切割日志
# 编辑日志格式vim /usr/local/apache2/conf/extra/httpd-vhosts.conf # 打开如下两行文字ErrorLog "logs/test.com-error_log"CustomLog "|/usr/local/apache2/bin/rotatelogs -l /usr/local/apache2/logs/test.com-access_%Y%m%d-log 86400" combined# 检查配置文件是否正确apachectl -t# 重新加载apachectl restart
cd /usr/local/apache2/logscat test.com-access_logless test.com-access_logwc -l test.com-access_logdate -s "2016-11-25 01:01:00" # 修改日志的显示时间vim /usr/local/apache2/conf/httpd.conf # 可以在主配置文件中查看日志格式ls /usr/local/apache2/logs # 查看日志的文件包
# 编辑日志格式vim /usr/local/apache2/conf/extra/httpd-vhosts.conf # 增加内容如下:ErrorLog "logs/test.com-error_log"SetEnvIF Request_URI ".*\.gif$" image-requestSetEnvIF Request_URI ".*\.jpg$" image-requestSetEnvIF Request_URI ".*\.png$" image-requestSetEnvIF Request_URI ".*\.bmp$" image-requestSetEnvIF Request_URI ".*\.swf$" image-requestSetEnvIF Request_URI ".*\.js$" image-requestSetEnvIF Request_URI ".*\.css$" image-requestCustomLog "|/usr/local/apache2/bin/rotatelogs -l /usr/local/apache2/logs/test.com-access_%Y%m%d-log 86400" combined env=!image-request# 检查配置文件是否正确apachectl -t# 重启apachectl restart#进入logs目录下cd /usr/local/apache2/logsless test.com-access_20161125-log
# 修改虚拟主机配置文件vim /usr/local/apache2/conf/extra/httpd-vhosts.conf # 增加内容如下:<IfModule mod_expires.c>ExpiresActive onExpiresByType image/gif "access plus 1 days"ExpiresByType image/jpeg "access plus 24 hours"ExpiresByType image/png "access plus 24 hours"ExpiresByType text/css "now plus 2 hours"ExpiresByType application/x-javascript "now plus 2 hours"ExpiresByType application/x-shockwave-flash "now plus 2 hours"ExpiresDefault "now plus 0 min"</IfModule># 检查配置文件是否正确apachectl -t# 重启apachectl graceful# 查看论坛logo信息curl -x127.0.0.1:80 'http://www.test.com/static/image/common/logo.png' -I
# 修改虚拟主机配置文件vim /usr/local/apache2/conf/extra/httpd-vhosts.conf # 增加内容如下:SetEnvIfNoCase Referer "^http://.*\.test\.com" local_refSetEnvIfNoCase Referer ".*\.aminglinux\.com" local_ref<filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif|png|js|css)">Order Allow,DenyAllow from env=local_ref</filesmatch># 检查配置文件是否正确apachectl -tSyntax OK# 重启apachectl restart
# 修改虚拟主机配置文件vim /usr/local/apache2/conf/extra/httpd-vhosts.conf # 增加内容如下:<Directory "/data/www">Options NoneAllowOverride NoneOrder allow,denyAllow from allDeny from 127.0.0.1</Directory># 检查配置文件是否正确apachectl -tSyntax OK# 重启apachectl restart#curl -x127.0.0.1:80 -I www.test.comcurl -x192.168.31.127:80 -I www.test.com
限制指定的admin
# 修改虚拟主机配置文件vim /usr/local/apache2/conf/extra/httpd-vhosts.conf # 增加内容如下:<filesmatch "(.*)admin(.*)">Order deny,allowDeny from allAllow from 127.0.0.1</filesmatch># 检查配置文件是否正确apachectl -tSyntax OK# 重启apachectl restart#curl -x192.168.31.127:80 -I www.test.com/admin.phpcurl -x127.0.0.1:80 -I www.test.com/admin.php
A:如何禁止解析php
# 修改虚拟主机配置文件vim /usr/local/apache2/conf/extra/httpd-vhosts.conf # 增加内容如下:<Directory /data/www/data>php_admin_flag engine off #关闭php的解析引擎配置<filesmatch "(.*)php">Order deny,allowDeny from allAllow from 127.0.0.1</filesmatch></Directory># 检查配置文件是否正确apachectl -tSyntax OK# 重启apachectl restart
B:如何查看论坛里上传的图片地址
cd/data/www/data/attachment/forum/201611/25/210441zmzm36g56mwo6g1k.jpg
C:编辑info文件
vim info.php<?phpphpinfo();?>apachectl -tapachectl restartcurl -x127.0.0.1:80 www.test.com/data/info.php #查看info文件是否能解析
A:用Rewrite来禁止user_agent
# 修改虚拟主机配置文件vim /usr/local/apache2/conf/extra/httpd-vhosts.conf # 增加内容如下:RewriteCond %{HTTP_USER_AGENT} ^.*curl.* [NC,OR] # 定义条件RewriteCond %{HTTP_USER_AGENT} ^.*chrome* [NC]RewriteRule .* - [F]# 检查配置文件是否正确apachectl -tSyntax OK# 重启apachectl restartcurl -x192.168.31.127:80 www.test.com/forum.php -I #查看curl是否被禁止
#进入要限制的某个目录下cd /data/wwwmkdir tmpvim 12.txt# 修改虚拟主机配置文件vim /usr/local/apache2/conf/extra/httpd-vhosts.conf # 增加内容如下:RewriteCond %{REQUEST_URI} ^.*/tmp/.* [NC] # 定义条件RewriteRule .* - [F]# 检查配置文件是否正确apachectl -tSyntax OK# 重启apachectl restart
A:如何打开php的错误日志,并且不会泄漏网业信息
ls /usr/local/php/etc/php.ini # 查看php的配置文件所在位置/usr/local/php/bin/php -i |head # 查看php的配置文件所在位置# 进入php.ini配置文件vim /usr/local/php/etc/php.ini# 配置disable_functionsdisable_functions = eval,assert,popen,passthru,escapeshellarg,escapeshellcmd,passthru,exec,system,chroot,scandir,chgrp,chown,escapeshellcmd,escapeshellarg,shell_exec,proc_get_status,ini_alter,ini_restore,dl,pfsockopen,openlog,syslog,readlink,symlink,leak,popepassthru,stream_socket_server,popen,proc_open,proc_close# 配置错误日志display_errors = Off #如果是On,则会在网业面上显示出错误的信息,所以一般都要Offvim /data/www/forum.php #打开php脚本在第二行故意写错,如果是On,刷新网业时就会出来错误信息的提示# 打开php的错误日志log_errors = On# 定义error_log的所有路径error_log =/usr/local/php/logs/php_errors.log # 如果没有此目录,则须创建目录并修改权限为700mkdir /usr/local/php/logschmod 777 /usr/local/php/logs# 配置日志的级别或格式error_reporting = E_ALL & ~E_NOTICE# 检查配置文件是否正确apachectl -tSyntax OK# 重启apachectl restartcat /usr/local/php/logs/php_errors.log #查看生成的错误日志
B:如何限制php与apache2的open_basedir
# 限制php的open_basedirvim /usr/local/php/etc/php.iniopen_basedir = /data/www:/tmp# 限制apache2的open_basedirvim /usr/local/apache2/conf/extra/httpd-vhosts.confopen_basedir = /data/www:/tmptail /usr/local/php/logs/php_errors.log # 查看错误日志
a、查看php所加载的模块
/usr/local/php/bin/php -m
b、进入源码安装包目录下的ext目录
cd /usr/local/src/php-5.4.36/ext
c、进入需要安装的扩展模块,例如安装curl
cd curl
d、执行命令
# 如果提示autoconf Installation, 就是用yum安装autoconf,再执行该命令yum install -y autoconf/usr/local/php/bin/phpize
e、编译安装
./configure --with-php-config=/usr/local/php/bin/php-configmake && make install
vim /etc/my.cnf # 编辑mysql配置文件mysql -uroot # 登陆mysqlshow variables; # 查看参数SHOW STATUS LIKE 'key_read%'; # 查看参数值www.aminglinux.com/bbs/thread-5758-1-1.html # MySQL调优网址
mysqladmin -uroot password '123456' # 设置mysql密码mysql -uroot -p123456 # 用密码登陆mysql# 如果忘记密码,则需修改mysql配置文件vim /etc/my.cnf # 增加内容如下skip-grant# 重启/etc/init.d/mysqld restart# 更新密码use mysqlupdate user set password=password('12345') where user='root';select * from user where user='root'\G;mysql -uroot -p12345
mysql -uroot -p12345 # 本地登陆mysql# 如何远程登陆mysqlmysql> grant all on *.* to 'root'@'192.168.31.27' identified by '123aaa';mysql> user mysqlmysql> select * from user where host='192.168.31.127'\G;mysql -uroot -h192.168.31.127 -P3306 -p123aaamysql> select user(); # 查看当前用户是谁# 当本地有多个mysql时,可指定sock登陆mysql -uroot -S /tmp/mysql.sock -p
mysql> show databases; # 查看有多少个库在mysql里mysql> use mysql # 切换库mysql> select database(); # 查看在那个库下mysql> select version(); # 查看当前版本mysql> select user(); # 查看当前用户是谁mysql> show tables; # 查看库里有多少张表
# mysql备份库mysqldump -uroot -pmelody.com discuz > /data/discuz.sql# mysql恢复库mysql -uroot -pmelody.com discuz < /data/discuz.sql# mysql备份表mysqldump -uroot -pmelody.com discuz pre_forum_post > /data/post.sql# mysql恢复表,不需要加表名mysql -uroot -pmelody.com discuz > /data/post.sql# 备份与恢复时保持字符级一致mysqldump -uroot --default-character-set=gbk -pmelody.com discuz pre_forum_post > /data/post.sqlmysql -uroot --default-character-set=gbk -pmelody.com discuz > /data/post.sql