Great gods, please skip ~ ~ ~
Background
I client, simple use of PHP, build the server belongs to small white in small white. Last year bought a low match Aliyun to do test clothing by the way hangs a personal website and piled up some resources, initially is to bite the bullet according to the "Ning Hao Net" series of video tutorials to build a apache+php+mysql server, by a variety of configuration made head large, but still stable.
A few days ago a sudden domain name can not be accessed, IP can not access, call Aliyun customer service, so that the restart, did not solve; submitted two work orders finally be solved half, mainly I do not understand this technology, and finally I said, I do not care about security, As long as the server can access to the Aliyun technology customer service to help modify: The results of the default is to open the Apache home page, they will not configure, feel that they can not control, configuration and low, a recent app requires parallel connection is relatively large, simply reload as Nginx.
First of all a variety of Baidu, all kinds of attempts to jump a lot of pits. There are also good and complete posts on the web, but some of the steps are simply not practical. Finally through a variety of access and practice to do this article, now the site can be normal access, resources can also be normal access, not easy and happy!!!
On and off for 2 days, side test set up, while writing articles retained, a total of seven strides, the process is also more detailed, hereby retain the memo.
"A. Resetting the system"
1. Landing Aliyun into the console.
2. Locate the instance and stop the server.
3. Select "Replace system Disk" under "more",
4. Select CentOS 7.3 and set a new login password
5. Click OK, verify the phone number, reset will automatically restart the system.
"two. Reset Mac terminal SSH Authentication"
1. The first time an SSH connection is used, an authentication is generated and stored in the client's known_hosts.
2. The above error occurs because the server has reinstalled the system.Workaround: Ssh-keygen-r server-side IP address3. Exit SSH Connection: Quit carriage return"three. FTP related" {1. Install vsftpd}#安装vsftpd
Yum Install-y vsftpd
#设置开机启动
Systemctl Enable Vsftpd.service
# reboot
Service VSFTPD Restart
# View the status of the VSFTPD service
Systemctl Status Vsftpd.service
{2. Turn off anonymous access}If you want to turn off FTP anonymous user access, you need to modify the configuration file/etc/vsftpd/vsftpd.conf, Anonymous_enable=yes modified to Anonymous_enable=no, restart the VSFTPD service can be.
Backup configuration file: Cp/etc/vsftpd/vsftpd.conf/etc/vsftpd/vsftpd.conf.bak
Vi/etc/vsftpd/vsftpd.conf
Input I into edit mode to modify Save changes: Press ESC
Exit Document Direct Input: Wq
{3. Add FTP Account}Example: Create a System user Ftpadmin and set the password to 123456:
Useradd ftpadmin
echo 123456|passwd--stdin ftpadmin
"four. Install Nginx"1. Uninstall the old version first
Yum Remove Nginx
2. Edit the Nginx yum source configuration
Vi/etc/yum.repos.d/nginx.repo
To write to the inside:
[Nginx]
Name=nginx Repo
baseurl=http://nginx.org/packages/centos/7/x86_64/
Gpgcheck=0
Enabled=1
I: Insert ESC: Save: Wq: Exit document
3. Installation
Yum Install Nginx
4. Start
Service Nginx Start
5. Boot up
Systemctl Enable Nginx
6. View Nginx version Nginx-v
7. View process PS Aux|grep Nginx
8. Configure Nginx parsing PHP
Command: vi/etc/nginx/nginx.conf; "optional"
To edit a document:
User Nginx;
Worker_processes 2;
Error_log/var/log/nginx/error.log warn;
Pid/var/run/nginx.pid;
Events {
Worker_connections 1024;
}
HTTP {
Include/etc/nginx/mime.types;
Default_type Application/octet-stream;
Log_format Main ' $remote _addr-$remote _user [$time _local] ' $request '
' $status $body _bytes_sent ' $http _referer '
' $http _user_agent ', ' $http _x_forwarded_for ';
Access_log/var/log/nginx/access.log main;
Sendfile on;
#tcp_nopush on;
Keepalive_timeout 300;
#gzip on;
Proxy_read_timeout 3s;
Proxy_buffer_size 256k;
Proxy_buffers 4 256k;
Proxy_busy_buffers_size 256k;
Client_header_buffer_size 256k;
Large_client_header_buffers 4 256k;
Client_max_body_size 256m;
Fastcgi_buffer_size 256k;
Fastcgi_buffers 4 256k;
Fastcgi_busy_buffers_size 256m;
Fastcgi_temp_file_write_size 256m;
include/etc/nginx/conf.d/*.conf;
}
I: Insert ESC: Save: Wq: Exit document
Command: CD/ETC/NGINX/CONF.D "Required"
Ls
VI default.conf
The main steps are as follows:
Set root root directory
Add index.php to default directory home request
Modify server_name, add domain name or IP
Rules for defining error pages such as 404
Configure the PHP processing module, the main adjustment location ~ \.php$ {Part, pay particular attention to Fastcgi_pass Unix: point to the Php-fpm.sock path is correct;
Restart Nginx service after saving
server {
listen ;
server_name www.***.com "domain name or IP";
# This lines are originally from the ' Location/' block
root /www;
Index index.php index.html index.htm;
Location/{
try_files $uri $uri/=404;
}
Error_page 404/404.html;
Error_page 502 503 504/50x.html;
Location =/50x.html {
root/www;
}
Location ~ \.php$ {
try_files $uri =404;
Fastcgi_pass Unix:/run/php-fpm/php-fpm.sock;
Fastcgi_index index.php;
Fastcgi_param script_filename $document _root$fastcgi_script_name;
Include Fastcgi_params;
}
}
Restart Nginx service after saving: services Nginx restart
In the root directory, add a phpinfo php file, open the browser to test whether the normal display. Delete the test page after success.
"If the browser test does not display correctly, try adding the 80 port rule in the security group"
"Note" Because the configuration file (/etc/nginx/conf.d/default.conf) contains configuration: root/www; That is, the site root is redirected to the WWW directory in the server root directory, and the default directory does not exist, the command line creates the directory: mkdir/www/
Typically, updating a Web site resource for ease of transport will manipulate the files in that directory using FTP, and you will need to specify that the directory has operation permissions of "third. 3 steps" Ftpadmin Users:
Chown-r ftpadmin/www/
chmod 755-r/www/
At this time the normal use of FileZilla FTP tools such as the normal upload download the WWW directory file resources. "If the FTP client fails to connect to FTP, the configuration is as follows:"
When you click "Connect", the following window will pop up.
"five. Install PHP7" execute the following command to remove PHP
Yum Remove php* Php-common
establish the Yum source of PHP7
RPM-UVH https://mirror.webtatic.com/yum/el7/epel-release.rpm
RPM-UVH https://mirror.webtatic.com/yum/el7/ webtatic-release.rpm
Perform the following command to install (upgrade) The Software warehouse this sentence should not be performed by branch, edited, and executed in a single line.
Yum install-y php72w php72w-fpm php72w-xml php72w-json php72w-mcrypt php72w-gd php72w-devel php72w-mysql php72w-int
L php72w-mbstring php72w-tokenizer php72w-pdo php72w-ctype php72w-openssl php72w-bcmath
Check all repo with Yum repolist all to see if the configuration is successful.
You can also use Yum List installed | grep php to view the installation of the PHP suite.
View the current version with Php-v. Configure PHP-FPM
Locate your Php-fpm.sock file and configure the path to the PHP-FPM conf file
Find/-name www.conf
vi/etc/php-fpm.d/www.conf
Modify Www.conf as follows
Listen =/run/php-fpm/php-fpm.sock
PHP-FPM User/group to be consistent with Webserver's ownership, such as I CentOS7 under the Nginx user to run the Nginx service, the PHP-FPM configuration changes are as follows:
Listen.owner = nginx
listen.group = nginx
listen.mode = 0660
user = Nginx
group = Nginx
Restart the PHP-FPM service and join the system from boot:
sudo systemctl start php-fpm
sudo systemctl enable PHP-FPM
If the PHP service does not succeed after restarting, it may also need to perform chown nginx:nginx/run/php-fpm/php-fpm.sock before restarting.
"six. Install MySQL (mariadb)"
1. Check if MARIADB is already present, delete it, and reinstall it
To see if a service already exists
Rpm-qa|grep mariadb
Mariadb-libs-5.5.52-1.el7.x86_64
If present, remove, middle to determine select Y
Yum Remove mariadb*
Start download yum Download, remember y:
Yum Install mariadb*
To start the service:
Systemctl Start Mariadb.service
Boot auto Start:
Systemctl Enable Mariadb.service
To set permissions:
Mysql_secure_installation
The first is to set the password, you will be prompted to enter the password "first run direct return"
Enter current password to root (enter for none): <– First run direct return set password
Set root Password? [y/n] <– whether to set the root user password, enter Y and return or direct enter
New Password: <– set root password "Test connection database will use this password"
Re-enter new password: <– again enter the password you set
Other configuration
Remove anonymous users? [y/n] <– whether to delete anonymous users, y return
Disallow root login remotely? [y/n] <– whether to prevent root remote logins, n Enter,
Remove test database and access to it? [y/n] <– Delete test database, y return
Reload privilege tables now? [y/n] <– whether to reload the permission table, Y return
Initialize MARIADB complete, next Test login mysql-uroot-p password "password for {new password: <– set root password" "Test connection database will use this password" to set the new password for this step above "
"The following is the information displayed for a successful connection to DB"
Welcome to the MARIADB Monitor. Commands End With; or \g.
Your mariadb Connection ID is
server version:5.5.52-mariadb mariadb server
Copyright (c), 2016, Oracle, mariadb Corporation Ab and others.
Type ' help, ' or ' \h ' for help. Type ' \c ' to clear the current input statement.
MARIADB [(None)]>