Install and configure apache + php, tomcat, and vsftpd in Linux
Source: Internet
Author: User
Install and configure apache + php, tomcat, and vsftpd in Linux-Linux Enterprise Application-Linux server application information. In the past, there were not many contacts with Linux System Service configurations. Two days ago, I assigned a new server to the Graduate School website. I had to configure apache + php and tomcat, and ftp. After several days, I had to complete the configuration. For future reference. The detailed process is as follows:
1. The server is configured with IBM System x3650, 4G memory, 140G x 3, RAID5
2. Linux RHEL AS4 u6, who finds someone to copy the DVD iso, instantly engraved the disk.
3. Install the system, partition, and press no table. The service to be configured is apache + php and has an independent data server, so mysql is not needed. In addition, tomcat + jdk and ftp.
4. Apache2.2.3. After installation, the ports and DocumentRoot are modified to run smoothly.
5. PHP5.2.5 make install for the first time. When apache runs, the following error occurs: undefined symbol: SQLITE3SELECT. If LoadModule is added, it still does not work. Baidu ,. /configure to the following parameters -- with-apxs2 =/usr/local/apache2/bin/apxs, and then run apache, the error: undefined symbol: Zend_ini_string, continue Baidu, make sure that all components such as zlib are available and an error is still reported. Big? Running? Huanghuai? After ake install fails, you need to tar a new source code or make clean and try again. Finally.
6. JDK 1.5.0 _ 06, which compares Naive
7. Tomcat 5.5.26. Because I have never touched on this stuff, I went down a source package and won't install it. I found it was so slow that I needed ANT to go online. Later, we found a direct package. After the tar is down, we directly start up. sh starts the service, cp webapps/to the website root directory, configure conf/server. the port number and appBASE in xml are also successfully started.
8. For FTP, use the vsftpd provided by AS4, which is difficult to configure.
9. Change the id in the/etc/inittab to 3 and start the command line.
10. Configure iptables to only open the corresponding service port and shield other ports.
11. cp/usr/local/apache2/bin/apachectl to/etc/init. d/, rename it to httpd, add executable permissions, and create a symbolic connection S66httpd to connect to httpd under/etc/rc3.d. After restart, apache can run smoothly.
12. cp tomcat/bin/startup. sh to/etc/init. d. Rename tomcat and add executable permissions. in/etc/rc3.d, create a symbolic connection to connect S67tomcat To That tomcat. After restart, tomcat cannot run. View startup. sh. It is found that the relative path is used to start a script. Modify $ PRG = $0 and change $0 (current directory) to the absolute path of tomcat/bin. Run the script after restart.
13. Add a symbol under/etc/rc3.d to connect S68vsftpd to/etc/init. d/vsftpd. The system comes with it, saving you a lot of trouble. Anonymous users can access the service smoothly. Next, configure super? Why? Tp.
14. there are many introductions on how to use vsftpd to configure virtual ftp on the Internet, but they are all silly. After reading a lot of information, you must first bind an alias to the NIC and configure a new IP address, then create a new ftp listener to listen to the new ip address, which is very troublesome. Later, I found it all nonsense.
First, let's talk about the advantages of virtual ftp. in Linux, a simple method to Configure ftp is to use a local account, that is, the account created in Linux. To save trouble in graph configuration, you can create an ftp-specific account, use the userlist file to control that only a fixed local account can access ftp, and then give the account a directory, modify the permission of the directory to control the permission. Of course, this method is easy to configure and intuitive, but it only has poor flexibility and security. The so-called virtual ftp has its own user name and password, as well as related permission settings. The permissions of these ftp users are mapped to a local account through vsftpd, which is much more flexible.
To configure virtual ftp in vsftpd, follow these steps:
A) Assume/ftp is our ftp root directory. First, create an ftpuser account and run the following command:
Useradd? D/ftp ftpuser
Set the Home Directory of the ftpuser, and give the/ftp directory chown to ftpuser. ftpuser, and then chmod to 700. Next, the access to the virtual ftp is mapped to the permissions of the ftpuser account.
B) create a file, name it ftp_id_list, and write the ftp user and password, which is used to log on to the ftp account. Each user occupies two lines, one line id and one line password, as shown below:
User1
Password1
User2
Password2
Then execute:
Db_load? T? T hash? F ftp_id_list/etc/vsftpd_login.db
C) Create the ftp. vu file under/etc/pam. d and enter the following content:
Auth required/lib/security/pam_userdb.so db =/etc/vsftpd_login
Account required/lib/security/pam_userdb.so db =/etc/vsftpd_login
(B) (c) The two steps aim to set the account authentication method for the virtual ftp. Save the account and password in the database and use pam for authentication. In Linux, pam is usually used for account authentication.
D) My vsftpd. conf is under/etc/vsftpd. Modify the configuration now. First, create a virtual folder under this directory. Under this folder, create a configuration file for each user you just wrote down. The file name is the same as the user name.
E) Modify vsftpd. conf first. The main content to be modified is as follows:
Guest_enable = yes # use a virtual account
Guest_username = ftpuser # The virtual account is mapped to the ftpuser permission.
User_config_dir =/etc/vsftpd/virtual # virtual account configuration information
Pam_service_name = ftp. vu # account authentication method
Other items:
Listen = yes
Anonymous_enable = no
Local_enable = yes
Write_enable = no
Anon_upload_enable = no
Anon_mkdir_write_enable = no
Anon_other_write_enable = no
Chroot_local_user = yes # restrict local users to the Home Directory
The permission of vsftpd. conf is the default permission of ftp. It is better to lower the permission here. Then, assign specific permissions to specific user permissions.
Configure permissions for each user under virtual:
Set the Home Directory of the current user:
Local_root =/ftp/user1
Note: to create a folder under/ftp, use the following method:
Su ftpuser
Mkdir/ftp/user1
Ensure that the ftpuser account has permissions in this directory.
Browsing permission:
Anon_world_readable_only = no
Upload and download permissions:
Write_enable = yes
Anon_upload_enable = yes
Delete directory and rename permission:
Anon_other_write_enable = yes
After configuration, restart/etc/init. d/vsftpd restart.
The problem arises again. Is access unavailable or slow?
The following section is found:
In this way (mainstream online), you can enable the ftp server. However, this server can only support active ftp connections (that is, port mode ), many ftp clients use passive mode (pasv mode) by default. Therefore, when connecting to the server, the problem of waiting for the socket port to time out occurs, one solution is to modify the ftp client settings. For example, cuteFTP changes the data connection mode to Use Post in the site attribute type. Of course, this solution is relatively passive and requires users to understand the configuration, obviously not practical for the majority of Internet users. Therefore, I used the second method to set the ftp to support the passive mode on the server side. This method has two points of attention:
1. modify the configuration file and declare it to support Passive Mode
Pasv_enable = YES
Pasv_min_port = 50000
Pasvanderbilt max_port = 60000
2. the passive port 50000 ~ 60000 may be blocked by iptables. Modify the settings.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.