LAMP (Linux + Apache + Mysql + PHP) Environment Construction

Article Title: Build a LAMP (Linux + Apache + Mysql + PHP) environment. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

The testing environment in this article is CentOS 5.0. If you use Red Hat AS3/4, you cannot use the yum command to manage rpm packages.

I. system conventions
Software source code package storage location/usr/local/src
Source code package compilation and installation location (prefix)/usr/local/software_name
Script and maintenance program storage location/usr/local/sbin

MySQL database location/var/lib/mysql
Apache website root directory/home/www/wwwroot
Apache VM log root directory/home/www/logs
Apache running account www: www

Ii. System Environment deployment and adjustment
1. Check whether the system is normal
# More/var/log/messages (check for system-level error messages)
# Dmesg (check whether the hardware device has an error message)
# Ifconfig (check whether Nic settings are correct)
# Ping www.britepic.org (check whether the network is normal)
2. disable unnecessary services
# Ntsysv
Only services to be started are listed below, and all services not listed are closed:
Atd
Crond
Irqbalance
Microcode_ctl
Network
Sendmail
Sshd
Syslog
3. restart the system
# Init 6
4. Configure vim
# Vi/root/. bashrc
Add a line under alias mv = 'mv-I ': alias vi = 'vim' Save and exit.
# Echo 'syntax on'>/root/. vimrc
5. Use the yum program to install the required software package (the following is the standard RPM package name)
# Yum install ntp vim-enhanced gcc-c ++ flex bison autoconf automake bzip2-devel ncurses-devel libjpeg-devel libpng-devel libtiff-devel freetype-devel pam-devel kernel
6. Timing correction server clock, timing synchronization with the Chinese National Time Service Center Time Service Server
# Crontab-e
Add a row:
*/30 * ntpdate 210.72.145.44
7. Package required for source code compilation and Installation
(1) GD2
# Cd/usr/local/src
# Wgethttp: // www.libgd.org/releases/oldreleases/gd-2.0.34.tar.gz
# Tar xzvf gd-2.0.34.tar.gz
# Cd gd-2.0.34
#./Configure -- prefix =/usr/local/gd2
# Make
# Make install
(2) LibXML2
# Cd/usr/local/src
# Wget [url = Response
# Tar xzvf libxml2-2.6.29.tar.gz
# Cd libxml2-2.6.29
#./Configure -- prefix =/usr/local/libxml2
# Make
# Make install
(3) LibMcrypt
# Cd/usr/local/src
# Wgethttp: // jaist.dl.sourceforge.net/sourceforge/mcrypt/libmcrypt-2.5.8.tar.bz2
# Tar xjvf libmcrypt-2.5.8.tar.bz2
# Cd libmcrypt-2.5.8
#./Configure? Prefix =/usr/local/libmcrypt
# Make
# Make install
(4) Apache Log truncation Program
# Cd/usr/local/src
# Wgethttp: // cronolog.org/download/cronolog-1.6.2.tar.gz
# Tar xzvf cronolog-1.6.2.tar.gz
# Cd cronolog-1.6.2
#./Configure? Prefix =/usr/local/cronolog
# Make
# Make install
8. Upgrade OpenSSL and OpenSSH
# Cd/usr/local/src
# Wgethttp: // www.openssl.org/source/openssl-0.9.8e.tar.gz
# Wgethttp: // developer.mcs.anl.gov/openssh/portable/openssh-4.6p1.tar.gz
# Tar xzvf openssl-0.9.8e.tar.gz
# Cd openssl-0.9.8e
#./Config -- prefix =/usr/local/openssl
# Make
# Make test
# Make install
# Cd ..
# Tar xzvf openssh-4.6p1.tar.gz
# Cd openssh-4.6p1
#./Configure \
"-- Prefix =/usr "\
"-- With-pam "\
"-- With-zlib "\
"-- Sysconfdir =/etc/ssh "\
"-- With-ssl-dir =/usr/local/openssl "\
-- With-md5-passwords"
# Make
# Make install
(1) disable the SSH V1 Protocol
Find:
# Protocol 2, 1
Changed:
Protocol 2
(2) prohibit direct root Login
Create a common system user first:
# Useradd username
# Passwd username
Find:
# PermitRootLogin yes
Changed:
PermitRootLogin no
(3) Disable GSSAPI on the server side
Locate the following two lines and comment them out:
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
(4) disable DNS name resolution
Find:
# UseDNS yeas
Changed:
UseDNS no
(5) disable the client GSSAPI
# Vi/etc/ssh/ssh_config
Find:
GSSAPIAuthentication yes
Comment out this line.
Finally, confirm the modification and restart the SSH service.
# Service sshd restart
# Ssh-v
Verify that the OpenSSH and OpenSSL versions are correct.

[1] [2] Next page