In small and medium-sized projects, Nginx, PHP-FPM, PHP which are more and more important and need attention???

To see their various configurations, too much, to the current level of primary operations can not be understood, so it is intended to ask you what you are familiar with the special need to know the configuration, how to configure better maintenance projects, improve performance.

Reply content:

To see their various configurations, too much, to the current level of primary operations can not be understood, so it is intended to ask you what you are familiar with the special need to know the configuration, how to configure better maintenance projects, improve performance.

Big question, say I personally focus on which points, welcome other partners to complement the improvement will certainly leak

Safety

1. Nginx (user config), php-fpm (user,group configuration items), and permissions, users, and user groups for the site Directory this is really important.

2. PHP Security also pay attention to system-level functions if no project requirements are all disabled (disable_functions)

3. PHP do not open error printing, it is easy to expose information is attacked

display_startup_errors = Off ,display_errors = Off

Performance

1. Nginx process number worker_processes, maximum number of connections worker_connections

2. PHP-FPM Performance Related: Pm.max_children, pm.start_servers, Pm.min_spare_servers, Pm.max_spare_servers, pm.max_requests

Log monitoring Analysis

1. Nginx log: Access_log with Log_format

2. PHP log: log_errors

3. PHP-FPM record Slow execution log: Slowlog mate Request_slowlog_timeout

I will also focus on the system level: Iptables,/etc/sysctl.conf, etc.

Suggestions

It is best to write a script to monitor memory, traffic, CPU, number of processes, disk space, etc., can also use monitoring products, open source monitoring projects and so on, reasonable control of the alarm strategy.

Then periodically analyze the above configuration in the output of the log files, some slow response to the log, the wrong time, slow execution of the log to understand, to solve some of the daily operational performance problems

PHP configuration is basically the default does not need to change, the main thing is to add xdebug when you need to increase the configuration in php.ini, such as

[xdebug]zend_extension="/Applications/MAMP/bin/php/php7.0.0/lib/php/extensions/no-debug-non-zts-20151012/xdebug.so"xdebug.remote_enable = 1xdebug.remote_connect_back = 1xdebug.remote_port = 9000xdebug.scream=0 xdebug.cli_color=1xdebug.show_local_vars=1

Xdebug in the development environment is particularly useful, in the production environment need to open opcache, it needs to be opened php.ini Opcache configuration such as:

[OPcache]zend_extension="/Applications/MAMP/bin/php/php7.0.0/lib/php/extensions/no-debug-non-zts-20151012/opcache.so"  opcache.memory_consumption=128  opcache.interned_strings_buffer=8  opcache.max_accelerated_files=4000  opcache.revalidate_freq=60  opcache.fast_shutdown=1  opcache.enable_cli=1

For PHP log processing, we recommend using the Monolog/monolog library to handle log printing.
An exception handling tool, Sentry, and log processing tool logentries are recommended here.

PHP-FPM:

pm 系列配置

