First, firewall configuration
CentOS 7.x defaults to use firewall as a firewall, here to iptables firewall.
Systemctl Stop Firewalld.service #停止firewall
Systemctl Disable Firewalld.service #禁止firewall开机启动
2. Install iptables Firewall
Yum Install iptables-services #安装
Vi/etc/sysconfig/iptables #编辑防火墙配置文件
# Sample configuration for iptables service
# can edit this manually or use System-config-firewall
# Please don't ask us to add additional ports/services to this default configuration
-A input-m state--state related,established-j ACCEPT
-A input-p tcp-m state--state new-m TCP--dport 22-j ACCEPT
-A input-p tcp-m state--state new-m TCP--dport 80-j ACCEPT
-A input-p tcp-m state--state new-m TCP--dport 3306-j ACCEPT
-A input-j REJECT--reject-with icmp-host-prohibited
-A forward-j REJECT--reject-with icmp-host-prohibited
Systemctl Restart Iptables.service #最后重启防火墙使配置生效
Systemctl Enable Iptables.service #设置防火墙开机启动
/usr/libexec/iptables/iptables.init Restart #重启防火墙
#SELINUXTYPE =targeted #注释掉
Third, the system agreement
Software source code Package storage location:/USR/LOCAL/SRC
Source Package Compile Installation location:/usr/local/software Name
Four, download the software package
Http://nginx.org/download/nginx-1.10.1.tar.gz
Http://cdn.mysql.com/Downloads/MySQL-5.6/mysql-5.6.33.tar.gz
Http://cn2.php.net/distributions/php-5.6.26.tar.gz
4, download cmake (MySQL compiler Tool)
Https://cmake.org/files/v3.6/cmake-3.6.2.tar.gz
5, download pcre (support nginx pseudo static)
Ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.39.tar.gz
6, download OpenSSL (nginx extension)
Https://www.openssl.org/source/openssl-1.0.2j.tar.gz
7, download zlib (nginx extension)
Http://zlib.net/zlib-1.2.8.tar.gz
8, download libmcrypt (PHP extension)
Http://nchc.dl.sourceforge.net/project/mcrypt/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.gz
9, download yasm (PHP extension)
Http://www.tortall.net/projects/yasm/releases/yasm-1.3.0.tar.gz
10, t1lib (PHP extension)
Ftp://sunsite.unc.edu/pub/Linux/libs/graphics/t1lib-5.1.2.tar.gz
11, download the GD library installation package
Https://bitbucket.org/libgd/gd-libgd/downloads/libgd-2.1.1.tar.gz
12, LIBVPX (GD library needs)
http://ftp.osuosl.org/pub/blfs/conglomeration/libvpx/libvpx-1.6.0.tar.bz2
13, TIFF (GD library needs)
Http://download.osgeo.org/libtiff/tiff-4.0.6.tar.gz
14, libpng (GD library needs)
Ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng16/libpng-1.6.25.tar.gz
15, FreeType (GD library needs)
Http://download.savannah.gnu.org/releases/freetype/freetype-2.7.tar.gz
16, JPEGSRC (GD library needs)
Http://www.ijg.org/files/jpegsrc.v9b.tar.gz
17, Boost (compile MySQL need)
Http://nchc.dl.sourceforge.net/project/boost/boost/1.59.0/boost_1_59_0.tar.gz
Upload the above packages to the/USR/LOCAL/SRC directory
Installation of compilation tools and library files (installed using the yum command)
Yum install-y apr* autoconf automake bison bzip2 bzip2* cloog-ppl compat* cpp Curl Curl-devel fontconfig Fontconfig-devel FreeType freetype* freetype-devel gcc gcc-c++ gtk+-devel gd gettext gettext-devel glibc kernel kernel-headers keyutils ke Yutils-libs-devel krb5-devel libcom_err-devel libpng libpng-devel libjpeg* libsepol-devel libselinux-devel libstdc++- Devel libtool* libgomp libxml2 libxml2-devel libxpm* libxml* libtiff libtiff* make MPFR ncurses* ntp OpenSSL openssl-devel Patch Pcre-devel perl php-common php-gd policycoreutils telnet t1lib t1lib* nasm nasm* wget zlib-devel
The following is a remote login to the server with the Putty tool, operating below the command line
Tar zxvf cmake-3.6.2.tar.gz
CP Boost_1_59_0.tar.gz/usr/local/boost
useradd-g MySQL mysql-s/bin/false #创建用户mysql并加入到mysql组, MySQL users are not allowed to log on directly to the system
Mkdir-p/data/mysql #创建MySQL数据库存放目录
Chown-r Mysql:mysql/data/mysql #设置MySQL数据库存放目录权限
Mkdir-p/usr/local/mysql #创建MySQL安装目录
CD/USR/LOCAL/SRC #进入软件包存放目录
Tar zxvf mysql-5.7.14.tar.gz #解压
CMake. -dcmake_install_prefix=/usr/local/mysql-dmysql_datadir=/data/mysql-dwith_innobase_storage_engine=1-ddefault_ Charset=utf8-ddefault_collation=utf8_general_ci-dwith_embedded_server=off-dwith_boost=/usr/local/boost
Note: You can use the-ddownload_boost=1-dwith_boost=/usr/local/boost parameter to install the BOOST package online, you need server networking, easy to download failure.
CMake. -dcmake_install_prefix=/usr/local/mysql-dmysql_datadir=/data/mysql-dmysql_unix_addr=/tmp/mysql.sock-dmysql_ User=mysql-ddefault_charset=utf8-ddefault_collation=utf8_general_ci-denabled_local_infile=on-dwith_innobase_ Storage_engine=1-dwith_federated_storage_engine=1-dwith_blackhole_storage_engine=1-dwithout_example_storage_ Engine=1-dwith_embedded_server=off-ddownload_boost=1-dwith_boost=/usr/local/boost
Compilation error, before recompiling to delete the compilation failed file, recompile, you need to clear the old object files and cached information.
Rm-rf/etc/my.cnf #删除系统默认的配置文件 (not deleted if default is not)
Cd/usr/local/mysql #进入MySQL安装目录
./bin/mysqld--user=mysql--initialize--basedir=/usr/local/mysql--datadir=/data/mysql #生成mysql系统数据库
--initialize represents the default build password,--initialize-insecure indicates that no password is generated and the password is empty.
See this line [note] A temporary password are generated for root@localhost: csjlm3dytg.d
Cp/usr/local/mysql/support-files/my-default.cnf/usr/local/mysql/my.cnf
Soft connection of ln-s/usr/local/mysql/my.cnf/etc/my.cnf #添加到/etc Directory
Cp/usr/local/mysql/support-files/mysql.server/etc/rc.d/init.d/mysqld #把MySQL加入系统启动
chmod 755/etc/init.d/mysqld #增加执行权限
Chkconfig mysqld on #加入开机启动
Vi/etc/rc.d/init.d/mysqld #编辑
Basedir=/usr/local/mysql #MySQL程序安装路径
Datadir=/data/mysql #MySQl数据库存放目录
Vi/etc/profile #把mysql服务加入系统环境变量: Add the following line at the end
Export path= $PATH:/usr/local/mysql/bin
Source/etc/profile #使配置立刻生效
The following two lines link the MYSLQ library file to the default location of the system, so that you can compile software such as PHP without specifying MySQL's library file address.
Ln-s/usr/local/mysql/lib/mysql/usr/lib/mysql
Ln-s/usr/local/mysql/include/mysql/usr/include/mysql
Mkdir/var/lib/mysql #创建目录
Ln-s/tmp/mysql.sock/var/lib/mysql/mysql.sock #添加软链接
Mysql_secure_installation #修改Mysql密码, enter the previously generated secret CSJLM3DYTG.D carriage return and follow the prompts.
Press y| Y for Yes, no other key for No:y #是否安装密码安全插件? Select Y
There are three levels of password validation policy: #有以下几种密码强度选择
MEDIUM Length >= 8, numeric, mixed case, and special characters
Strong Length >= 8, numeric, mixed case, special characters and dictionary file
Please enter 0 = low, 1 = MEDIUM and 2 = strong:0 #选择0, as long as 8 digits, select 1 to have uppercase, lowercase, special characters, etc.
Related operations: Access to the MySQL console
UNINSTALL PLUGIN Validate_password; #卸载密码强度插件
Mysqladmin-uroot-p Password 123456 #修改密码
SET PASSWORD for ' root ' @ ' localhost ' = PASSWORD (' 123456 '); #登录mysql控制台修改
Alter user user () identified by ' 123456 '; #修改密码
Tar zxvf pcre-8.39.tar.gz
./configure--prefix=/usr/local/pcre
Tar zxvf openssl-1.0.2j.tar.gz
./config--prefix=/usr/local/openssl
Export path= $PATH:/usr/local/openssl/bin
Tar zxvf zlib-1.2.8.tar.gz
./configure--prefix=/usr/local/zlib
Useradd-g www www-s/bin/false
Tar zxvf nginx-1.10.1.tar.gz
./configure--prefix=/usr/local/nginx--without-http_memcached_module--user=www--group=www--with-http_stub_ Status_module--with-http_ssl_module--with-http_gzip_static_module--with-openssl=/usr/local/src/openssl-1.0.2j- -with-zlib=/usr/local/src/zlib-1.2.8--with-pcre=/usr/local/src/pcre-8.39
Note:--with-openssl=/usr/local/src/openssl-1.0.2j--with-zlib=/usr/local/src/zlib-1.2.8--with-pcre=/usr/local/src /pcre-8.39 Point is the source package decompression path, not the installation path, otherwise it will error
/usr/local/nginx/sbin/nginx #启动Nginx
Vi/etc/rc.d/init.d/nginx #编辑启动文件添加下面内容
############################################################
# Nginx-this script starts and stops the Nginx daemon
# Description:nginx is a HTTP (s) server, HTTP (s) reverse \
# Proxy and IMAP/POP3 proxy server
# config:/etc/nginx/nginx.conf
# config:/usr/local/nginx/conf/nginx.conf
# Pidfile:/usr/local/nginx/logs/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source Networking configuration.
# Check that networking are up.
["$NETWORKING" = "no"] && exit 0
nginx= "/usr/local/nginx/sbin/nginx"
Nginx_conf_file= "/usr/local/nginx/conf/nginx.conf"
[-f/etc/sysconfig/nginx] &&. /etc/sysconfig/nginx
Lockfile=/var/lock/subsys/nginx
# Make required Directories
User= ' $nginx-v 2>&1 | grep "Configure arguments:" | Sed ' s/[^*]*--user=\ ([^]*\). */\1/g '-'
If [-Z "' grep $user/etc/passwd ']"; Then
Useradd-m-s/bin/nologin $user
Options= ' $nginx-v 2>&1 | grep ' Configure arguments: '
for opt in $options; Todo
If [' Echo $opt | grep '. *-temp-path ']; Then
Value= ' echo $opt | Cut-d "=" F 2 '
Mkdir-p $value && chown-r $user $value
[f $NGINX _conf_file] | | Exit 6
Echo-n $ "Starting $prog:"
Daemon $nginx-C $NGINX _conf_file
[$retval-eq 0] && Touch $lockfile
Echo-n $ "Stopping $prog:"
[$retval-eq 0] && rm-f $lockfile
#configtest | | Return $?
#configtest | | Return $?
Echo-n $ "Reloading $prog:"
$nginx-T-C $NGINX _conf_file
Rh_status >/dev/null 2>&1
echo $ "Usage: $ {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
############################################################
chmod 775/etc/rc.d/init.d/nginx #赋予文件执行权限
Chkconfig Nginx on #设置开机启动
/etc/rc.d/init.d/nginx Restart #重启
When you open the server IP address in the browser, you will see the following interface, which indicates that the Nginx installation was successful.
Third, the installation of PHP
Tar zxvf yasm-1.3.0.tar.gz
2. Installation Libmcrypt
Tar zxvf libmcrypt-2.5.8.tar.gz
Tar xvf libvpx-1.6.0.tar.bz2
./configure--PREFIX=/USR/LOCAL/LIBVPX--enable-shared--ENABLE-VP9
Tar zxvf tiff-4.0.6.tar.gz
./configure--prefix=/usr/local/tiff--enable-shared
Tar zxvf libpng-1.6.25.tar.gz
./configure--prefix=/usr/local/libpng--enable-shared
Tar zxvf freetype-2.7.tar.gz
./configure--prefix=/usr/local/freetype--enable-shared
Tar zxvf jpegsrc.v9b.tar.gz
./configure--prefix=/usr/local/jpeg--enable-shared
Tar zxvf libgd-2.1.1.tar.gz
./configure--PREFIX=/USR/LOCAL/LIBGD--enable-shared--with-jpeg=/usr/local/jpeg--with-png=/usr/local/libpng- With-freetype=/usr/local/freetype--with-fontconfig=/usr/local/freetype--with-xpm=/usr/--with-tiff=/usr/local/ TIFF--WITH-VPX=/USR/LOCAL/LIBVPX
Note: If the LIBGD compilation failed, you can skip, directly using the system default 2.1.0 version, when compiling PHP parameters--WITH-GD=/USR/LOCAL/LIBGD modified to--WITH-GD can be.
Tar zxvf t1lib-5.1.2.tar.gz
./configure--prefix=/usr/local/t1lib--enable-shared
Note: If the system is 64-bit, execute the following command, otherwise there will be an error installing PHP.
System Yun-wei www.osyunwei.com warm reminder: qihang01 original Content © Copyright, reproduced please specify the source and the original link
\cp-frp/usr/lib64/libltdl.so*/usr/lib/
\cp-frp/usr/lib64/libxpm.so*/usr/lib/
TAR-ZVXF php-7.0.11.tar.gz
Export Ld_library_path=/usr/local/libgd/lib
./configure--prefix=/usr/local/php--with-config-file-path=/usr/local/php/etc--with-mysqli=/usr/local/mysql/bin /mysql_config--with-mysql-sock=/tmp/mysql.sock--with-pdo-mysql=/usr/local/mysql--WITH-GD=/USR/LOCAL/LIBGD-- With-png-dir=/usr/local/libpng--with-jpeg-dir=/usr/local/jpeg--with-freetype-dir=/usr/local/freetype-- with-xpm-dir=/usr/lib64--with-zlib-dir=/usr/local/zlib--with-iconv--enable-libxml--enable-xml--enable-bcmath-- Enable-shmop--enable-sysvsem--enable-inline-optimization--enable-opcache--enable-mbregex--enable-fpm-- Enable-mbstring--enable-ftp--enable-gd-native-ttf--with-openssl--enable-pcntl--enable-sockets-- Enable-zip--enable-soap--without-pear--with-gettext--enable-session--with-mcrypt- Enable-mysqlnd
CP Php.ini-production/usr/local/php/etc/php.ini #复制php配置文件到安装目录
Rm-rf/etc/php.ini #删除系统自带配置文件
Ln-s/usr/local/php/etc/php.ini/etc/php.ini #添加软链接到/etc Directory
cp/usr/local/php/etc/php-fpm.conf.default/usr/local/php/etc/php-fpm.conf #拷贝模板文件为php-fpm configuration file
Ln-s/usr/local/php/etc/php-fpm.conf/etc/php-fpm.conf #添加软连接到/etc Directory
Vi/usr/local/php/etc/php-fpm.conf #编辑
PID = Run/php-fpm.pid #取消前面的分号
Cp/usr/local/php/etc/php-fpm.d/www.conf.default/usr/local/php/etc/php-fpm.d/www.conf
Vi/usr/local/php/etc/php-fpm.d/www.conf #编辑
user = www #设置php-fpm running account is www
Group = www #设置php-fpm run Group is www
CP/USR/LOCAL/SRC/PHP-7.0.11/SAPI/FPM/INIT.D.PHP-FPM/ETC/RC.D/INIT.D/PHP-FPM #拷贝php-fpm to startup directory
chmod +x/etc/rc.d/init.d/php-fpm #添加执行权限
Chkconfig PHP-FPM on #设置开机启动
Vi/usr/local/php/etc/php.ini #编辑配置文件
Find: Disable_functions =
Modified to: Disable_functions = Passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini _alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server, Escapeshellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space, POSIX_CTERMID,POSIX_GET_LAST_ERROR,POSIX_GETCWD, Posix_getegid,posix_geteuid,posix_getgid, Posix_getgrgid,posix_ Getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid, Posix_getppid,posix_getpwnam, Posix_getpwuid, Posix_getrlimit, Posix_getsid,posix_getuid,posix_isatty, Posix_kill,posix_mkfifo,posix_setegid, Posix_seteuid,posix_setgid, Posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname, Posix_uname
#列出PHP可以禁用的函数, if some programs need to use this function, you can remove it and disable it.
Modified as: Date.timezone = PRC #设置时区
Modified to: expose_php = off #禁止显示php版本的信息
Find: Short_open_tag = Off
Modified to: Short_open_tag = on #支持php短标签
Modified to Opcache.enable=1 #php支持opcode缓存
To find:; Opcache.enable_cli=1 #php支持opcode缓存
Modified to: opcache.enable_cli=0
Add on last line: Zend_extension=opcache.so #开启opcode缓存功能
Configure Nginx to support PHP
Vi/usr/local/nginx/conf/nginx.conf
Modifying the/usr/local/nginx/conf/nginx.conf configuration file requires the following modifications
User www www. #首行user去掉注释, modify Nginx run group is www www; must be the same as the User,group configuration in/usr/local/php/etc/php-fpm.conf, otherwise PHP will run wrong
Index index.html index.htm index.php; #添加index. php
# Pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
Fastcgi_pass 127.0.0.1:9000;
Fastcgi_param script_filename $document _root$fastcgi_script_name;
#取消FastCGI the comments in the Location Server section, note fastcgi_param the parameters of the row, change to $document_root$fastcgi_script_name, or use an absolute path
/etc/init.d/nginx Restart #重启nginx
Service PHP-FPM start #启动php-fpm
cd/usr/local/nginx/html/#进入nginx默认网站根目录
rm-rf/usr/local/nginx/html/* #删除默认测试页
VI index.php #新建index. php file
Chown www.www/usr/local/nginx/html/-R #设置目录所有者
chmod 700/usr/local/nginx/html/-R #设置目录权限
Open the server IP address in the browser and see the following interface