Web server Setup on Linux

Source: Internet
Author: User
Tags install openssl mcrypt

Install PHP Dependency Package: yum-y install gcc gcc++ libxml2 libxml2-Develyum install gcc make gd-devel libjpeg-devel libpng-devel libxml2-devel bzip2-devel libcurl-devel-Yyum-y Install curl-Develyum Install OpenSSL openssl-Develyum Install Libmcrypt libmcrypt-Devel MCrypt Mhash First, we need to download the installation php5.5cd/usr/local/src/wget Http://www.php.net/get/php-5.5.30.tar.bz2/from/jp1.php.net/mirrorIf the above PHP does not exist, you can go directly to the official download. If you still can't find a message, I'll send it by email.Be sure to install gd,png,curl before installation,XML and so on Lib Development library. If unsure, execute the following command: Yum install gcc make gd-devel libjpeg-devel libpng-devel libxml2-devel bzip2-devel libcurl-devel-Y support for the following parameters, FTP, image functions, PDO and so on, because the use of PHP mysqlnd, so there is no need to install the MySQL Lib library. If you are a 64-bit system, the parameters are appended with –with-libdir=Lib64, if it is not possible to skip. Tar zxvf Php-5.5.30.tar.GZCD php-5.5.30./configure--prefix=/usr/local/php-5.5.30--with-config-file-path=/usr/local/php-5.5.30/etc-- with-bz2--with-curl--enable-ftp--enable-sockets--disable-ipv6--with-gd--with-jpeg-dir=/usr/local--with-png-dir =/usr/local--with-freetype-dir=/usr/local--enable-gd-native-ttf--with-iconv-dir=/usr/local--enable-mbstring-- Enable-calendar--with-gettext--with-libxml-dir=/usr/local--enable-pcntl--with-mcrypt=/usr/local/--with-zlib-- With-pdo-mysql=mysqlnd--with-mysqli=mysqlnd--with-mysql=mysqlnd--enable-dom--enable-xml--enable-fpm-- With-libdir=lib64--with-Opensslmakemake Install Note: If PHP does not require the support of curl and FTP, you can remove the above –with-curl–enable-ftp. If you are a professional Linux practitioner, you can completely look at Help to choose your installation parameters, if you are not, I suggest you directly copy the paste my configuration parameters. This way you can take a few detours.Already installed PHP, below we are for PHP, configure the PHP cp php.ini-production/usr/local/php-5.5.30/etc/php.INICP/USR/LOCAL/PHP-5.5.30/ETC/PHP-FPM.CONF.DEFAULT/USR/LOCAL/PHP-5.5.30/ETC/PHP-FPM.Conf actually we just use it to provide us with a configuration, of course, you can also modify the configuration information according to their own needs, and then start php-fpm/usr/local/php-5.5.30/sbin/php-FPM executes the above command, if no error is normally indicated to start normal, if not rest assured,can also be determined by the port is php no boot # NETSTAT-LNT | grep 9000tcp 0 0 127.0.0.1:9000 0.0.0.0:*Listen install MySQL dependency package: yum-y install wget gcc gcc-c++ make cmake ncurses-devel libtool zilib-Devel installation Mysql:locate installation: Yum-Y install mlocatelsof installation: Yum-Y install lsof nginx:yum-y installation pcre-Develyum-y Install OpenSSL openssl-Devel installation:./Configuremakemake Install//nginx Setting Pathinfo:fastcgi_pass 127.0.0.1:9000; Fastcgi_index index.Php Set $path _info ""; #定义变量 $path _info for storing pathinfo informationSet $real _script_name $fastcgi _script_name; #定义变量 $real _script_name to hold the real address if ($fastcgi _script_name ~ "^ (. +?\.php) (/.+) $") {#如果地址与引号内的正则表达式匹配Set $real _script_name $; #将文件地址赋值给变量 $real _script_nameSet $path _info; #将文件地址后的参数赋值给变量 $path _info} fastcgi_param script_filename $document _root$real_script_name; Fastcgi_param Script_name $real _script_name; Fastcgi_param path_info $path _info; IncludeFastcgi_params;memcache Installation: Yum install libevent-Devel install libmemcached-1.0.18 dependent on GCC version is too low or cause error, below is the upgrade version of Yum install gcc44 gcc44-c++ libstdc++44-devel# export cc=/usr/bin/gcc44# export cxx=/usr/bin/g++44#./configure#make#make InstallInstall PHP memcache expansion:: https://pecl.php.net/package/memcachedmemcached-2.2.0. TGZTAR-ZXVF memcached-2.2.0. tgzcd memcached-2.2.0/usr/local/php-5.5.30/bin/phpize./configure--with-php-config=/usr/local/php-5.5.30 /bin/php-config--DISABLE-MEMCACHED-SASL--enable-memcached--enable-memcached-json Makemake install/usr/local/ php-5.5.30/lib/php/extensions/no-debug-non-zts-20121212/benstalkd:https://github.com/kr/beanstalkd/archive /v1.10.zipunzip beanstalkd-1.10makemake installnohup/usr/local/bin/beanstalkd-l 127.0.0.1-p 11300 >>/var/ Log/beanstalk.log & Installation Pcntl expansion stand-alone installation: CD ext/pcntl# first perform phpize/usr/local/php-5.5.30/bin/phpize./ Configure--with-php-config=/usr/local/php-5.5.30/bin/php-Config (ps: Please specify the directory of Php-config correctly) Makemake Install editor/etc/php. ini, join extension=pcntl.so            

VSFTPD Installation:

CentOS 5.6 x86_64
ip:192.168.10.100

Second, compile dependent components

Yum-y install gcc gcc-c++ db4-utils pam-devel

Yum-y install gcc gcc-c++ db-utils pam-devel

Third, compile the installation configuration vsftpd

1. Compiling

Depend on:

Yum Install Tcp_wrappers

Yum Install Tcp_wrappers-devel

wget https://security.appspot.com/downloads/vsftpd-3.0.2.tar.gz

TAR-ZXF vsftpd-3.0.2.tar.gz

CD vsftpd-3.0.2

#vi Builddefs.h

#define VSF_BUILD_TCPWRAPPERS//allow use of TCP Wrappers (default is undef)

#define VSF_BUILD_PAM//Allow PAM authentication

#define VSF_BUILD_SSL//Allow SSL (default is undef)

Make && make install

mkdir/etc/vsftpd/

CP Vsftpd.conf/etc/vsftpd/vsftpd.bak

Grep-v ' ^# '/etc/vsftpd/vsftpd.bak >/etc/vsftpd/vsftpd.conf

#为了让vsftpd支持本地用户登录, the authentication module is copied to the system directory

CP REDHAT/VSFTPD.PAM/ETC/PAM.D/VSFTPD

1. Add a virtual user password file

[[email protected]/] #vi/etc/vsftpd/vuser.txt

Add a virtual user name and password, a row of user names, a single line of passwords, and so on. Odd behavior user name, even behavior password.

test001 #用户名

123456 #密码

test002 #用户名

123456 #密码

2. Generate the virtual user password Authentication file

Convert the vuser.txt virtual user password file you just added into a system-recognized password Authentication file.

[[email protected]/] #db_load-t-t hash-f/etc/vsftpd/vuser.txt/etc/vsftpd/vuser.db

3. Edit VSFTPD's PAM certification file

[[email protected]/] #vi/ETC/PAM.D/VSFTPD

Comment out all the other inside, add the following two lines:

Auth required/lib/security/pam_userdb.so Db=/etc/vsftpd/vuser

Account Required/lib/security/pam_userdb.so Db=/etc/vsftpd/vuser

4. Establish local mapping user and set host directory permissions

All FTP virtual users need to use a system user, this system user does not need the password.

[[email protected]/] #useradd vftp-d/var/www-s/bin/false

5. Configure vsftpd.conf (Set virtual User Configuration items)

[[email protected]/] #vi/etc/vsftpd/vsftpd.conf

Guest_enable=yes #开启虚拟用户

Guest_username=vftp #FTP虚拟用户对应的系统用户

PAM_SERVICE_NAME=VSFTPD #PAM认证文件

Configuration file Instance

/etc/vsftpd/vsftpd.conf

Listen=yes

Userlist_enable=no

Pam_service_name=vsftpd

Tcp_wrappers=yes

Guest_enable=yes

Guest_username=vftp

Virtual_use_local_privs=yes

User_config_dir=/etc/vsftpd/userconfig

Anonymous_enable=no

Local_enable=yes

Write_enable=yes

Anon_upload_enable=no

Anon_mkdir_write_enable=no

Dirmessage_enable=yes

Use_localtime=yes

Xferlog_enable=yes

Connect_from_port_20=yes

Chown_uploads=no

Xferlog_file=/var/log/vsftpd.log

Xferlog_std_format=yes

Nopriv_user=vftp

Async_abor_enable=yes

Ascii_upload_enable=yes

Ascii_download_enable=yes

Ftpd_banner=this VSFTP Server support virtual users ^_^!

Chroot_local_user=yes

Chroot_list_enable=no

Virtual User Configuration Instance

/etc/vsftpd/userconfig/test001

The root directory for test001 is/data, and permissions are permissions that can be uploaded, downloaded, created, renamed, and deleted.

Local_root=/var/www

Write_enable=yes

Anonymous_enable=no

Anon_upload_enable=no

Anon_other_write_enable=no

Anon_mkdir_write_enable=no

Problems encountered and solutions:

/lib/libcap.so.1:could not read symbols:file in wrong format

Collect2:ld returned 1 exit status

Make: * * * [VSFTPD] Error 1

Workaround:

Modify the vsf_findlibs.sh of the VSFTPD source package

VI vsf_findlibs.sh

Will locate_library/lib/libpam.so.0 && echo "/lib/libpam.so.0";

Change to locate_library/lib64/libpam.so.0 && echo "/lib64/libpam.so.0";

/lib/libcap.so.1:could not read symbols:file in wrong format

Collect2:ld returned 1 exit status

Make: * * * [VSFTPD] Error 1

Workaround:

Also modify vsf_findlibs.sh

Will

# Look for Libcap (capabilities)

if locate_library/lib/libcap.so.1; Then

echo "/lib/libcap.so.1";

Else

Locate_library/usr/lib/libcap.so && echo "-lcap";

Locate_library/lib/libcap.so && echo "-lcap";

Fi

Revision changed to

# Look for Libcap (capabilities)

if locate_library/lib64/libcap.so.1; Then

echo "/lib64/libcap.so.1";

Else

Locate_library/usr/lib64/libcap.so && echo "-lcap";

Locate_library/lib64/libcap.so && echo "-lcap";

Fi

3. OOPS:vsftpd:refusing to run with writable root inside Chroot ()

Workaround:

This error is only after v2.3.5, see the official Changlog as follows (meaning that you cannot use chroot to restrict the writable root directory):

ADD stronger checks for the configuration error of running with a writeable root directory inside a chroot (). This could bite people who carelessly turned on chroot_local_user but such was life.

Well, if we enable chroot, we must ensure that the FTP root directory is not writable, so that the FTP root directly for the site root user is not convenient, so if the FTP root directory is/data, then the site structure can be such points,/data/log for the log directory,/data/ The web is the root of the Web site, so that we can remove the write access to the/data directory without affecting the site's normal operation.

chmod a-w/data

VSFTPD default Load configuration file location:/etc/vsftpd.conf

No need to start in standalone mode, direct start:

NOHUP/USR/LOCAL/SBIN/VSFTPD &

Extension Cloud Disk: Link: http://pan.baidu.com/s/1kVIu5Zh Password: 0wul

Extension Cloud Disk: Link: http://pan.baidu.com/s/1kVIu5Zh Password: 0wul

Web server Setup on Linux

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.