CENTOS6 system installation Configuration Lamp Server (APACHE+PHP5+MYSQL)

Source: Internet
Author: User
Tags install php php script sql injection iptables phpmyadmin

Prepare the article:

1, configure the firewall, open 80 ports, 3306 ports
Vi/etc/sysconfig/iptables
-A input-m state--state new-m tcp-p TCP--dport 80-j ACCEPT #允许80端口通过防火墙
-A input-m state--state new-m tcp-p TCP--dport 3306-j ACCEPT #允许3306端口通过防火墙

Note: Many netizens have added these two rules to the last line of the firewall configuration, causing the firewall to start failing,

The correct one should be added to the default 22 port under this rule

As shown below:
############################## the firewall rules as shown below after adding a good ##############################
# Firewall configuration written by System-config-firewall
# Manual Customization of this file is not recommended.
*filter
: INPUT ACCEPT [0:0]
: FORWARD ACCEPT [0:0]
: OUTPUT ACCEPT [0:0]
-A input-m state--state established,related-j ACCEPT
-A input-p icmp-j ACCEPT
-A input-i lo-j ACCEPT
-A input-m state--state new-m tcp-p TCP--dport 22-j ACCEPT
-A input-m State--state new-m tcp-p TCP--dport 80-j ACCEPT
-A input-m State--state new-m tcp-p TCP--dport 3306-j ACCEPT
-A input-j REJECT--reject-with icmp-host-prohibited
-A forward-j REJECT--reject-with icmp-host-prohibited
COMMIT
##################################################################################################

/etc/init.d/iptables Restart #最后重启防火墙使配置生效

2. Close SELinux
Vi/etc/selinux/config
#SELINUX =enforcing #注释掉
#SELINUXTYPE =targeted #注释掉
selinux=disabled #增加
: Wq #保存, close
Shutdown-r now #重启系统

Installation article:

First, install Apache
Yum install httpd #根据提示, enter y installation to install successfully
/ETC/INIT.D/HTTPD Start #启动Apache

Note: Apache prompts for errors after startup:
Starting httpd:httpd:Could not reliably determine the server's fully Qualif domain name using:: 1 for ServerName
Solution:
vi/etc/httpd/conf/httpd.conf #编辑
Find #ServerName www.example.com:80
Modify to ServerName www.osyunwei.com:80 #这里设置为你自己的域名, if there is no domain name, you can set to localhost
: wq! #保存退出
Chkconfig httpd on #设为开机启动
/etc/init.d/httpd Restart #重启Apache

Second, the installation of MySQL

1, install MySQL
      yum install MySQL mysql-server   #询问是否要安装, enter Y to install automatically, Until the installation completes
     /etc/init.d/mysqld start   #启动MySQL
      chkconfig mysqld on   #设为开机启动
       cp/usr/share/mysql/my-medium.cnf  /etc/my.cnf  #拷贝配置文件 Note: if/ ETC Directory by default there is a my.cnf, direct coverage can be)

2. Set password for root account
Mysql_secure_installation
Carriage return, enter y according to the prompt
Enter 2 times password, return
Follow the prompts to enter Y
Last seen: the for using mysql!
MySQL password settings complete, restart MySQL:
/etc/init.d/mysqld Restart #重启
/etc/init.d/mysqld Stop #停止
/etc/init.d/mysqld Start #启动

Iii. installation of PHP5

1. Installation PHP5
Yum Install PHP
Enter y according to the prompts until the installation is complete

2, the installation of PHP components, so that PHP5 support MySQL
Yum install php-mysql php-gd libjpeg* php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-b Cmath Php-mhash Libmcrypt
Here Select the above installation package for installation
Enter Y return according to the prompts
/etc/init.d/mysqld Restart #重启MySql
/etc/init.d/httpd Restart #重启Apche

Configuration Chapter

First, Apache configuration
Vi/etc/httpd/conf/httpd.conf#编辑文件
Servertokens OSchange to: Servertokens Prod (does not display the name of the server's operating system when the error page appears) on line 44
Serversignature onmodified on line 536 to: Serversignature off (Apache version not shown on error page)
Options Indexes FollowSymLinksmodified on line 331: Options Includes execcgi followsymlinks (allows the server to execute CGI and SSI, disable listing of directories)
#AddHandler Cgi-script. CGImodified in line 796 to: AddHandler cgi-script. PL (Allow CGI scripts with extension. pl to run)
AllowOverride Nonemodified on line 338: allowoverride all (Allow. htaccess)
Adddefaultcharset UTF-8modified in line 759 to: Adddefaultcharset GB2312 (add GB2312 as default encoding)
Options Indexes multiviews FollowSymLinksModify to Options multiviews followsymlinks on line 554 (no tree directory structure is displayed on the browser)
DirectoryIndex index.html Index.html.varmodified in line 402 to: DirectoryIndex index.html index.htm default.html default.htm

index.php default.php index.html.var (set default first file, add index.php)
KeepAlive off is modified on line 76 to: KeepAlive on (Allow program online)
Maxkeepaliverequests in line 83 modified to: Maxkeepaliverequests 1000 (Increase simultaneous connection number)
: wq! #保存退出
/etc/init.d/httpd Restart #重启
Rm-f/etc/httpd/conf.d/welcome.conf/var/www/error/noindex.html #删除默认测试页

Second, PHP configuration
Vi/etc/php.ini#编辑
Date.timezone = PRC#在946行 Remove the semicolon from the front and change it to Date.timezone = PRC
  Disable_functions = passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_ Status,ini_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server, Escapeshellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space, POSIX_CTERMID,POSIX_GET_LAST_ERROR,POSIX_GETCWD, Posix_getegid,posix_geteuid,posix_getgid, Posix_getgrgid,posix_ Getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid, Posix_getppid,posix_getpwnam, Posix_getpwuid, Posix_getrlimit, Posix_getsid,posix_getuid,posix_isatty, Posix_kill,posix_mkfifo,posix_setegid, Posix_seteuid,posix_setgid, Posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname, posix_uname                         

#在386行 lists the functions that PHP can disable, and if some programs need to use this function, you can remove them and disable them.
expose_php = off #在432行 suppresses the display of PHP version information
MAGIC_QUOTES_GPC = on #在745行 open MAGIC_QUOTES_GPC to prevent SQL injection
Short_open_tag = on #在229行支持php短标签
Open_basedir =.:/ tmp/ #在380行 settings that allow access to the current directory (that is, the directory where the php script files) and the/tmp/directory, you can prevent the PHP trojan across the station, if the installation program after the problem (such as: Dream Content Management System), you can log off this trip, or write directly to the directory of the program/data/www.osyunwei.com/:/tmp/
: wq! #保存退出
/etc/init.d/mysqld Restart #重启MySql
/etc/init.d/httpd Restart #重启Apche

Test article
Cd/var/www/html
VI index.php #输入下面内容
<?php
Phpinfo ();
?>
: wq! #保存退出
Enter the server IP address in the client browser and see the relevant configuration information as shown in the following figure!

NOTE: The Apache default program directory is/var/www/html

Permission settings: Chown apache.apache-r/var/www/html

And then we're going to install the phpMyAdmin, it's just the environment is configured.

installs phpMyAdmin rpm–import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
Yum install http:// PKGS.REPOFORGE.ORG/RPMFORGE-RELEASE/RPMFORGE-RELEASE-0.5.2-2.EL6.RF.I686.RPM (i386)
Yum install phpMyAdmin vim/ Usr/share/phpmyadmin/config.inc.php
The inside of the $cfg[' blowfish_secret '] = ';    single quotation mark inside write the number of random (empty will error)
The configuration file now requires a top secret phrase password (blowfish_secret)
$cfg [' blowfish_secret '] = ' admin ';
Access localhost/phpmyadmin  How to show the prompts " Don ' t have permission to access/phpmyadmin/on this server. "
Change/etc/httpd/conf.d/phpmyadmin.conf inside
to convert Allow from 127.0.0.1 to Allow from  all.
this time when accessing phpMyAdmin in the address bar is still inaccessible
phpMyAdmin this folder to the Apache working directory, the default APAHCE working directory is in/var/www/html, Here I changed the default working environment for it.
Vi/etc/httpd/conf/httpd.conf
Changes the inside DocumentRoot "/var/www/html" to DocumentRoot "/var/www"
So my phpmyadmin is copied directly to the/var/www

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.