LAMP环境的搭建
mysql安装
- 上传MySQL压缩包
- tar -zvxf mysql....... //解压MySQL压缩包
- mv mysql... /usr/local/mysql 移动MySQL包到/usr/local/mysql:
- useradd -s /sbin/nologin mysql //建立MySQL用户
- cd /usr/local/mysql/ //进入mysql文件
- mkdir -p /data/mysql ; chown -R mysql:mysql /data/mysql //创建一个存放数据库的文件,并将这个文件的所有这者所属组都设定为MySQL
- ./scripts/mysql_install_db --user=mysql --datadir=/data/mysql //执行一个块脚本,执行后无需自行编译。(-bash: ./scripts/mysql_install_db: /usr/bin/perl: 坏的解释器: 没有那个文件或目录)出现错误,进行安装yum install -y perl-Module-Install无法安装,经将yum源移动回来后安装成功。
- ./scripts/mysql_install_db --user=mysql --datadir=/data/mysql //再次执行
- cp support-files/my-default.cnf /etc/my.cnf //将拷贝文件放到etc下面,会询问是否覆盖,确认覆盖
- vi /etc/my.cnf //修改配置内容
# basedir = /usr/local/mysql
# datadir = /data/mysql
# port = 3306
# server_id = 136
# socket = /tmp/mysql.sock
- cp support-files/mysql.server /etc//init.d/mysqld //拷贝启动脚本
- vi /etc/init.d/mysqld //修改启动脚本
basedir=/usr/local/mysql
datadir=/data/mysql
- chkconfig --add mysqld //将mysql加到服务项
- chkconfig mysqld on //设定开机自启
- service mysqld start //启动mysql 如果显示是SUCCESS则启动成功
- ps -ef | grep msyqld //查看它的进程
- netstat -ltunp | grep 3306 //查看它的端口
- 上传压缩包
- tar -zxvf tar............ | httpd.....解压压缩包
- cd apr-1.6.5 //进入apr
apache
./configure --prefix=/usr/local/apr //编译出make文件**注意是否会有报错如果有报错就进行安装一个依赖包 //除了依赖包可能出现错误意外还有可能出现无法编译的情况,如果出现:
就使用yum将gcc编译器进行安装:yum install -y gcc
- yum install -y libtool* //安装libtool依赖包
- ./configure --prefix=/usr/local/apr //重新启动看是否出错
- make &&make install 安装
- cd /退出当前目录
- cd apr-util-1.6.1 //进入apr另一个文件夹
- ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
- make && make install //会报错xml/apr_xml.c:35:19: 致命错误:expat.h:没有那个文件或目录
- yum install -y expat-devel //安装这个包
- make && make install //再次运行make就不会在报错了
- cd httpd........ //进入httpd....文件中进行httpd的配置
- ./configure --prefix=/usr/local/apache2.4 --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util --enable-so --enable-mods-shared=most \执行./configure命令,命令运行结束后会出现报错,和之前的一样会显示缺少一个依赖包。
- yum install -y pcre-devel //进行安装这个包
- ./configure --prefix=/usr/local/apache2.4 --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util --enable-so --enable-mods-shared=most //再次执行确认报错是否消失
- echo $? //查看返回值是否为零
- make && make install //安装make !!这个地方可能会出错。
- 解决方法一:将两个apr文件复制到httpd...文件中的srclib中(复制完成后进如httpd文件后进行make clean清理一下)
cp -r apr-1.6.5 httpd-2.4.39/srclib/apr
cp -r apr-util-1.6.1 httpd-2.4.39/srclib/apr-util
之后再执行make && make install,如果还会出现错误就进行解决方法二
- 解决方法二:
./configure --prefix=/usr/local/apache2.4 --enable-so --with-pcre --with-included-apr --enable-modules=most --enable-mpms-shared=all --with-mpm=prefork
- 再次执行make -j4 && make install
- /usr/local/apache2.4/bin/apachectl -M 查看加载了那些模块。
- 进入src
- 解压php压缩包
- cd进入php......
- 先行安装一些包
安装php
# yum install -y libxml2-devel
# yum install -y openssl openssl-devel
# yum install -y bzip2 bzip2-devel
# yum install -y libpng libpng-devel
# yum install -y freetype freetype-devel
# yum install -y epel-release
# yum install -y libmcrypt-devel
- ./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache2.4/bin/apxs --with-config-file-path=/usr/local/php/etc --with-mysql=/usr/local/mysql --with-libxml-dir --with-gd --with-jpeg-dir --with-png-dir --with-freetype-dir --with-iconv-dir --with-zlib-dir --with-bz2 --with-openssl --with-mcrypt --enable-soap --enable-gd-native-ttf --enable-mbstring --enable-sockets --enable-exif
- make && make install
- cp php.ini-production /usr/local/php/etc/php.ini
- 配置httpd支持php
vi /usr/local/apache2.4/conf/httpd.conf //开始进入编辑
//编辑 httpd 的主配置文件
搜索 ServerName,把 ServerName www.example.com:80 前#去掉;
<Directory />
AllowOverride none
Require all denied
</Directory>
改成:
<Directory />
AllowOverride none
Require all granted
</Directory> //目的允许所有请求访问
搜 索 AddType application/x-gzip .gz .tgz , 在下面添加一行 AddType
application/x-httpd-php .php;
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
改成:
<IfModule dir_module>
DirectoryIndex index.html index.php
</IfModule>
- /usr/local/apache2.4/bin/apachectl -t //测试文件是否正确,如果正确则它的返回值是Syntax OK
- /usr/local/apache2.4/bin/apachectl start //启动httpd命令
- netstat -lnp |grep httpd //查看是否启动,如果没有netstat命令就使用这个命令进行安装yum install -y net-tools
tcp6 0 0 :::80 :::* LISTEN 98479/httpd
- curl localhost //除了使用net查看以外还可以使用curl进行查看。
<html><body><h1>It works!</h1></body></html>
- #vi /usr/local/apache2.4/htdocs/1.php //测试呢个否正确解析php
<?
echo “php 解析正确”
?>
//编写一个测试脚本
#curl localhost/1.php
php 解析正确 //则PHP解析正确
- vi /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //配置虚拟主机文件
<VirtualHost *:80>
ServerAdmin admin@aminglingux.com
DocumentRoot "/data/wwwroot/aming.com"
ServerName aming.com
ServerAlias www.aming.com
ErrorLog "logs/aming.com-error_log"
CustomLog "logs/aming.com-error_log"common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host2.example.com
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
</VirtualHost>
最后两段编辑为以上内容
- 测试:
mkdir -p /data/wwwroot/aming.com /data/wwwroot/www.123.com
echo "aming.com" > /data/wwwroot/aming.com/index.html
echo "123.com" > /data/wwwroot/www.123.com/index.html
/usr/local/apache2.4/bin/apachectl -t
Syntax OK
/usr/local/apache2.4/bin/apachectl graceful
curl -x127.0.0.1:80 www.123.com
123.com
curl -x127.0.0.1:80 www.abc.com
aming.com
- vi /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //配置文件:
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
<Directory /data/wwwroot/www.123.com>
AllowOverride AuthConfig
AuthName "123.com user auth"
AuthType Basic
AuthUserFile /data/.htpasswd
require valid-user
</Directory>
</VirtualHost>
- /usr/local/apache2.4/bin/htpasswd -cm /data/.htpasswd aming /设置密码
- /usr/local/apache2.4/bin/apachectl -t
- /usr/local/apache2.4/bin/apachectl graceful
setenforce 0
- systemctl stop firewalld
- 配置hosts文件 IP 地址
- 访问网页
- 配置域名跳转:vi /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
域名跳转
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
serverAlias 123.com
<Directory /data/wwwroot/www.123.com>
AllowOverride AuthConfig
AuthName "123.com user auth"
AuthType Basic
AuthUserFile /data/.htpasswd
require valid-user
</Directory>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www.123.com$
RewriteRule ^/(.*)$ http://www.123.com/$1 [R=301,L]
<IfModule>
</VirtualHost>
- /usr/local/apache2.4/bin/apachectl -M|grep -i rewrite
- vi /usr/local/apache2.4/conf/httpd.conf //搜索 rewrite,把前面#去掉
- /usr/local/apache2.4/bin/apachectl graceful
- /usr/local/apache2.4/bin/apachectl -M |grep -i rewrite : rewrite_module (shared)
- [root@localhost wwwroot]# curl -xlocalhost:80 123.com -I
HTTP/1.1 301 Moved Permanently
Date: Thu, 19 Nov 2020 01:15:16 GMT
Server: Apache/2.4.39 (Unix) PHP/5.6.30
Location: http://www.123.com/
Content-Type: text/html; charset=iso-8859-1
访问日志
- vi /usr/local/apache2.4/conf/httpd.conf //这个是日志的配置文件
- vi /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //编辑虚拟主机配置文件在其中加入下面的代码:
CustomLog "logs/123.com-access_log" common
- 完成后测试语法并重新加载:
/usr/local/apache2.4/bin/apachectl -t
/usr/local/apache2.4/bin/apachectl graceful
setenforce 0
- curl -xlocalhost:80 123.com -I //再次curl一下
- tail /usr/local/apache2.4/logs/123.com-access_log //回车后会产生日志记录,可以再次访问网页再回到虚拟机上重新输出日志,会多出两行新的日志。
- vi /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //对日志进行限制,
SetEnvIf Request_URI ".*.gif$" image-request
SetEnvIf Request_URI ".*.jpg$" image-request
SetEnvIf Request_URI ".*.png$" image-request
SetEnvIf Request_URI ".*.bmp$" image-request
SetEnvIf Request_URI ".*.swf$" image-request
SetEnvIf Request_URI ".*.js$" image-request
SetEnvIf Request_URI ".*.css$" image-request
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/123.com-access_%Y%m%d.log 86400" 时间切割utc美国 cst中国
combined env=!image-request
- 检测配置文件是否有问题 /usr/local/apache2.4/bin/apachectl -t
Syntax OK
- /usr/local/apache2.4/bin/apachectl graceful //重新加载服务
- curl -x127.0.0.1:80 -I 123.com /再次访问产生新的日志
- tail /usr/local/apache2.4/logs/123.com-access_log //查看日志
- cd /data/wwwroot/www.123.com/
- touch /data/wwwroot/www.123.com/aming.jpg
- touch /data/wwwroot/www.123.com/aming.txt
- curl -x127.0.0.1:80 123.com/aming.txt
- curl -x127.0.0.1:80 123.com/aming.jpg
- tail /usr/local/apache2.4/logs/123.com-access_log //再次查看日志就会看到没有访问jpg还有txt的记录
访问配置过期时间
- vi /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //配置撞他文件
<IfModule mod_rewrite.c>
ExpiresActive on
ExpiresByType image/gif "access plus 1 days“
ExpiresByType image/jpeg "access plus 24 hours"
ExpiresByType image/png "access plus 24 hours'
ExpiresByType text/css "now plus 2 hour"
ExpiresByType application/x-javascript "now plus 2 hours"
ExpiresByType application/javascript "now plus 2 hours"
ExpiresByType application/x-shockwave-flash "now plus 2 hours"
ExpiresDefault "now plus 0 min"
</IfModule>
- /usr/local/apache2.4/bin/apachectl -t
- /usr/local/apache2.4/bin/apachectl graceful
- /usr/local/apache2.4/bin/apachectl -M| grep -i expires /检测当前httpd查看是否有支持expires,没有返回值则不支持,则需要修改篇日志文件
- vi /usr/local/apache2.4/conf/httpd.conf //找到expires哪一行去掉前面的注释符
- 重新加载服务/usr/local/apache2.4/bin/apachectl graceful
- /usr/local/apache2.4/bin/apachectl -M| grep -i expires //检测是否支持
- curl -x127.0.0.1:80 -I -uaming:aming www.123.com/aming.jpg 查看是否有max-age=86400
配置防盗链
- vi /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
<Directory /data/wwwroot/www.123.com>
SetEnvIfNoCase Referer "http://www.123.com" local_ref
SetEnvIfNoCase Referer "http://123.com" local_ref
SetEnvIfNoCase Referer "^$" local_ref
<filesmatch ".(txt|doc|mp3|zip|rar|jpg|gif)">
Order Allow,Deny
Allow from env=local_ref
</filesmatch>
</Directory>
- /usr/local/apache2.4/bin/apachectl -t
- /usr/local/apache2.4/bin/apachectl graceful
- curl -x127.0.0.1:80 -u aming:aming -I www.123.com/aming.jpg
访问控制
- vi /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
</Directory /data/wwwroot/www.123.com/admin>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Directory>
- mkdir /data/wwwroot/www.123.com/admin
- echo "admin" >/data/wwwroot/www.123.com/admin/index.html
- > /usr/local/apache2.4/logs/123.com-access_20201119.log
- curl -x192.168.29.138:80 -I www.123.com/admin/index.html
HTTP/1.1 403 Forbidden
- curl -x127.0.0.1:80 -uaming:aming -I www.123.com/admin/index.html
HTTP/1.1 200 OK
- tail -l /usr/local/apache2.4/logs/123.com-access_20201119.log
- 将上传的目录直接禁止解析php代码
<Directory /data/wwwroot/www.123.com/upload>
php_admin_flag engine off
</Directory>
- /usr/local/apache2.4/bin/apachectl -t
- /usr/local/apache2.4/bin/apachectl graceful
- cp /usr/local/apache2.4/htdocs/1.php /data/wwwroot/www.123.com/upload/
- curl -A "123123" -uaming:aming -I -x127.0.0.1:80 www.123.com/upload/1.php
- 通过限制user_agent发挥防攻击的作用
vi /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www.123.com$
RewriteRule ^/(.*)$ http://www.123.com/$1 [R=301,L]
RewriteCond %{HTTP_USER_AGENT} .*CURL.* [NC,OR]
RewriteCond %{HTTP_USER_AGENT} .*baidu.com.*[NC]
RewriteRule .* - [F]
</IfModule>
- /usr/local/apache2.4/bin/apachectl -t
- /usr/local/apache2.4/bin/apachectl graceful
- curl -A "123123" -uaming:aming -I -x127.0.0.1:80 www.123.com/upload/1.php
PHP配置
- /usr/local/php/bin/php -i |grep -i "loaded configuration file"
PHP Warning: Unknown: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in Unknown on line 0
Loaded Configuration File => /usr/local/php/etc/php.ini
- vi /usr/local/php/etc/php.ini
;date.timezone = Asia/Shanghai
更改配置文件取消警告
配置error_log
- vi /usr/local/php/etc/php.ini
//记录错误日志:搜索 log_errors, 改成如下
log_errors=On
//记录错误日志目录位置:搜索 error. log,改为
error_log = /var/log/php/php_errors.log
//记录错误日志级别:搜索 error_reporting 改为
error_reporting = E ALL & ~E_ NOTICE
//再搜索 display_errors,改为
display_errors = Off
- mkdir /var/log/php
- chmod 777 /var/log/php/
- /usr/local/apache2.4/bin/apachectl graceful
- curl -A "123" -I -uaming:aming -x127.0.0.1:80 www.123.com/test.php
HTTP/1.0 500 Internal Server Error
Date: Thu, 19 Nov 2020 17:46:27 GMT
Server: Apache/2.4.39 (Unix) PHP/5.6.30
X-Powered-By: PHP/5.6.30
Connection: close
Content-Type: text/html; charset=UTF-8
- cat /var/log/php/php_errors.log
[19-Nov-2020 17:51:04 UTC] PHP Parse error: syntax error, unexpected end of file, expecting ',' or ';' in /data/wwwroot/www.123.com/test.php on line 3
- vi /usr/local/php/etc/php.ini
//搜索 open_basedir,改成如下
open_ basedir = /tmp:/data/wwwroot/www.123.com
- /usr/local/apache2.4/bin/apachectl graceful
- cp /usr/local/apache2.4/htdocs/1.php /data/wwwroot/aming.com/
- curl -x127.0.0.1:80 -I aming.com/1.php
HTTP/1.0 500 Internal Server Error
Date: Thu, 19 Nov 2020 18:52:12 GMT
Server: Apache/2.4.39 (Unix) PHP/5.6.30
X-Powered-By: PHP/5.6.30
Connection: close
Content-Type: text/html; charset=UTF-8
- cat /var/log/php/php_errors.log 查看日志
[19-Nov-2020 17:51:04 UTC] PHP Parse error: syntax error, unexpected end of file, expecting ',' or ';' in /data/wwwroot/www.123.com/test.php on line 3
[19-Nov-2020 18:52:12 UTC] PHP Warning: Unknown: open_basedir restriction in effect. File(/data/wwwroot/aming.com/1.php) is not within the allowed path(s): (/tmp:/data/wwwroot/www.123.com) in Unknown on line 0
[19-Nov-2020 18:52:12 UTC] PHP Warning: Unknown: failed to open stream: Operation not permitted in Unknown on line 0
[19-Nov-2020 18:52:12 UTC] PHP Fatal error: Unknown: Failed opening required '/data/wwwroot/aming.com/1.php' (include_path='.:/usr/local/php/lib/php') in Unknown on line 0
- vi /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
php_admin_value open_basedir "/data/wwwroot/www.123.com/:/tmp/"
</VirtualHost>
动态拓展模块安装
- /usr/local/php/bin/php -m //查看加载了那些模块
[PHP Modules]
bz2
Core
ctype
date
dom
ereg
exif
fileinfo
filter
gd
hash
iconv
json
libxml
mbstring
mcrypt
mysql
openssl .....
- 将redis包上传到 /usr/local/src/
- cd /usr/local/src/
- tar -zxvf redis-2.2.5.tgz
- mv redis-2.2.5 phpredis-develop
- cd phpredis-develop/
- /usr/local/php/bin/phpize //生成configure文件
Configuring for:
PHP Api Version: 20131106
Zend Module Api No: 20131226
Zend Extension Api No: 220131226
- yum install -y autoconf //如果出现报错就安装这个包
- /usr/local/php/bin/phpize //安装后再次执行
- ./configure --with-php-config=/usr/local/php/bin/php-config //进行编译
- make && make install
Installing shared extensions: /usr/local/php/lib/php/extensions/no-debug-non-zts-20131226/
- /usr/local/php/bin/php -i |grep extension_dir //查看拓展模块存放路径//可以在php.ini中自定义目录
- ls /usr/local/php/lib/php/extensions/no-debug-non-zts-20131226/
- vi /usr/local/php/etc/php.ini //将下面的代码添加到最后一行
extension = redis.so
- /usr/local/php/bin/php -i |grep redis
redis
- /usr/local/apache2.4/bin/apachectl graceful