It has been popular for a while to build a Web site by nginx+ PHP, which runs in fastcgi mode. But after a period of consideration, it is often found that there are some 502 errors. In fact, the form of nginx+fastcgiphp is generally not very stable caused. So try the cow people recommended one is to use nginx do front-end forward PHP request to Apache method for server platform construction. This method effectively avoids the nginx of Apache in dealing with large concurrency and the disadvantages of fastcgiphp instability. At the same time, to some extent, the advantage of Nginx speed is utilized. Plainly is that some static files have nginx to deal with, PHP request forwarding to the back-end Apache to deal with. But in the efficiency or memory and other resources to occupy less than nginx+fastcgi way.
In the PHP page processing using the suphp, about suphp you can refer here. Suphp is now being applied to many space-renting servers. The main function is to execute PHP pages in a specific location using the permissions of the owner of the directory, instead of using Apache default Apache or Wwwdata or nobody users. The benefits are mainly two points: 1. Space Hirer (user) does not need to set complex permissions in their own space, PHP has full permissions. 2. Space Hirer (user) to keep the directory of Web site files is more secure, do not need to open apache,wwwdate or nobody such permissions for their site, to avoid 777 such high-risk permissions. However, suphp requires that you compile and install PHP as a php-cgi form to be used, that is, you cannot use the CLI startup method that we use at ordinary times.
The simple principle is as follows: The traditional mode of the CLI diagram: PHP is as a module of Apache exist, just as a function of Apache.
suphp mode diagram: suphp as a Apache module, when needed with specific user rights to start the php-cgi, thereby implementing the directory owner permissions to execute PHP functions.
The final schematic diagram is roughly as follows: A Web request with a full destination port of 80 is filtered by nginx, depending on the content of the request. Static files such as: MP3, GIF, JPG, JS and other files handled by the Nginx, other PHP Web requests forwarded to the back-end Apache server. The Apache server uses the suphp module to run the PHP program in accordance with the directory owner's permissions to return the page to the client. With a little change, you can implement cluster functionality across multiple computers.
Our operating system platform for CentOS5.5, let's call him: nginx+apache+mysql+suphp
First, upgrade the system installation must be software
code is as follows |
copy code |
# Yum update # yum Install gcc gcc-c++ Bison patch unzip Mlocate flex wget automake autoconf gd cpp GetText readline-devel Li Bjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib Zlib-devel glibc glib C-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel Curl curl-devel e2fsprogs e2fsprogs-devel Libi DN Libidn-devel openldap openldap-devel openldap-clients openldap-servers nss_ldap expat-devel libtool Libtool-ltdl-devel Kernel-devel autoconf213 vim-common vim-enhanced diff* |
Compile the library files required for PHP and MySQL installation
The code is as follows |
Copy Code |
#解压缩并且安装libiconv, it is an open source library based on the GNU Protocol, which is mainly used to solve the application problems of multi-language coding processing and conversion. # Mkdir/root/na # TAR-ZXF All.tar.gz-c/root/na # cd/root/na/ # TAR-ZXF Libiconv-1.13.1.tar.gz # CD libiconv-1.13.1 #./configure # make # make Install # CD ... #安装libevent, is a lightweight open source High-performance network library, the number of users. such as memcached, vomit, Nylon, netchat and so on. # TAR-ZXF Libevent-1.4.14b-stable.tar.gz # CD Libevent-1.4.14b-stable #./configure # make # make Install # CD ... #安装libmcrypt, Mhash,mcrypt, etc. encrypt the required library files.
# TAR-ZXF Libmcrypt-2.5.8.tar.gz
# CD libmcrypt-2.5.8
#./configure
# make
# make Install
#/sbin/ldconfig
# CD libltdl/
#./configure--enable-ltdl-install
# make
# make Install
# CD ... /..
# tar ZXVF mhash-0.9.9.9.tar.gz
# CD mhash-0.9.9.9/
#./configure
# make
# make Install
# CD ...
# ln-s/usr/local/lib/libmcrypt.la/usr/lib/libmcrypt.la
# ln-s/usr/local/lib/libmcrypt.so/usr/lib/libmcrypt.so
# ln-s/usr/local/lib/libmcrypt.so.4/usr/lib/libmcrypt.so.4
# ln-s/usr/local/lib/libmcrypt.so.4.4.8/usr/lib/libmcrypt.so.4.4.8
# ln-s/USR/LOCAL/LIB/LIBMHASH.A/USR/LIB/LIBMHASH.A
# ln-s/usr/local/lib/libmhash.la/usr/lib/libmhash.la
# ln-s/usr/local/lib/libmhash.so/usr/lib/libmhash.so
# ln-s/usr/local/lib/libmhash.so.2/usr/lib/libmhash.so.2
# ln-s/usr/local/lib/libmhash.so.2.0.1/usr/lib/libmhash.so.2.0.1
# ln-s/usr/local/bin/libmcrypt-config/usr/bin/libmcrypt-config
# TAR-ZXF Mcrypt-2.6.8.tar.gz
# CD mcrypt-2.6.8/
#./configure
# make
# make Install
# CD ... /
|
Compile and install MySQL
The code is as follows |
Copy Code |
#可以提高MySQL在内存分配方面的性能和效率. # TAR-ZXF Google-perftools-1.6.tar.gz # CD GOOGLE-PERFTOOLS-1.6/ #./configure # make # make Install # echo "/usr/local/lib" >/etc/ld.so.conf.d/usr_local_lib.conf #/sbin/ldconfig # CD ... #真的开始安装MySQL
# TAR-ZXF Mysql-5.1.52.tar.gz
# CD mysql-5.1.52
# autoreconf--force--install
# libtoolize--automake--force
# Automake--force--add-missing
#./configure--prefix=/usr/local/mysql--with-extra-charsets=all
--enable-thread-safe-client--enable-assembler--with-charset=utf8
--enable-thread-safe-client--with-extra-charsets=all--with-big-tables
--with-readline--with-ssl--with-embedded-server--enable-local-infile
--without-debug--with-mysqld-ldflags=-ltcmalloc_minimal
# make
# make Install
# CD ... /
# groupadd-g MySQL
# useradd-u 27-g 27-d/var/lib/mysql-m MySQL
# CP/USR/LOCAL/MYSQL/SHARE/MYSQL/MY-MEDIUM.CNF/ETC/MY.CNF
#/usr/local/mysql/bin/mysql_install_db--user=mysql
# Chown-r Mysql/usr/local/mysql/var
# Chgrp-r mysql/usr/local/mysql/.
# Cp/usr/local/mysql/share/mysql/mysql.server/etc/init.d/mysql
# chmod 755/etc/init.d/mysql
# echo "/usr/local/mysql/lib/mysql" >>/etc/ld.so.conf
# echo "/usr/local/lib" >>/etc/ld.so.conf
# Ldconfig
# ln-s/usr/local/mysql/lib/mysql/usr/lib/mysql
# ln-s/usr/local/mysql/include/mysql/usr/include/mysql
# service MySQL Start
#/usr/local/mysql/bin/mysqladmin-u root password 123456 #指定MySQL的密码 # Vim ~/.BASHRC #在最后一行加入为了更方便使用MySQL的命令工具, valid after cancellation. Path= $PATH:/usr/local/mysql/bin |
Compile and install Apache
The code is as follows |
Copy Code |
# CD ~/na # TAR-ZXF httpd-2.2.17.tar.gz # cd httpd-2.2.17 #./configure--prefix=/usr/local/apache--en Able-headers --enable-mime-magic--enable-proxy--enable-rewrite--enable-ssl --enable-suexec-- Disable-userdir--with-included-apr--with-mpm=prefork --with-ssl=/usr--with-suexec-caller=nobody-- with-suexec-docroot=/ --with-suexec-gidmin=100 --with-suexec-logfile=/usr/local/apache/logs/suexec_log --with-suexec-uidmin=100--with-suexec-userdir=public_html # make # make install # CD ... # mkdir/usr/local/apache/domlogs # mkdir/usr/local/apache/conf/vhosts # mkdir-p/var/www/html # CP /USR/LOCAL/APACHE/BIN/APACHECTL/ETC/INIT.D/HTTPD # chmod 755/etc/init.d/httpd # cd ... #编辑/etc/init.d/httpd, add under the first line #!/bin/sh: Vim/etc/init.d/httpd # Startup script for the Apache Web Server # # Chkconfig:-85 15 # Description:apache is a world Wide Web server. It is used to serve # HTML files and CGI. # PROCESSNAME:HTTPD # Pidfile:/usr/local/apache/logs/httpd.pid # config:/usr/local/apache/conf/httpd.conf Ulimit-n 1024 Ulimit-n 4096 Ulimit-n 8192 Ulimit-n 16384 Ulimit-n 32768 Ulimit-n 65535
|
Compile and install PHP This is compiled into cgi-php.
The code is as follows |
Copy Code |
# TAR-ZXF Php-5.2.14.tar.gz # CD php-5.2.14 #编译php, here we make a patch for PHP to help prevent the message from being abused (multi-user) and providing valuable information in the message. Patch Introduction Information click: http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch/ # Patch-p1 < ... /php5-mail-header.patch Compiling PHP #以PHP-cgi form
#./configure--prefix=/usr/local/php--with-config-file-path=/etc
--enable-force-cgi-redirect--enable-fastcgi--enable-bcmath
--enable-calendar--enable-exif--enable-ftp--enable-gd-native-ttf
--enable-libxml--enable-magic-quotes--enable-mbstring--enable-pdo
--enable-soap--enable-sockets--enable-zip--with-bz2--with-curl
--with-curlwrappers--with-freetype-dir--WITH-GD--with-gettext
--with-jpeg-dir--with-kerberos--WITH-LIBEXPAT-DIR=/USR
--WITH-LIBXML-DIR=/USR--with-mcrypt=/usr--WITH-MHASH=/USR
--with-mysql=/usr/local/mysql
--with-mysql-sock=/usr/local/mysql/var/localhost.localdomain.pid
--with-mysqli=/usr/local/mysql/bin/mysql_config--WITH-OPENSSL=/USR
--with-openssl-dir=/usr
--with-pdo-mysql=/usr/local/mysql/bin/mysql_config
--with-pdo-sqlite=shared--with-png-dir=/usr--with-sqlite=shared
--with-ttf--with-xmlrpc--with-zlib--with-zlib-dir=/usr
# make zend_extra_libs= '-liconv '
# make Install
# CP Php.ini-dist/etc/php.ini
# CD ... #安装PHP memcache extension. # TAR-ZXF Memcache-2.2.6.tgz # CD memcache-2.2.6 #/usr/local/php/bin/phpize #./configure--with-php-config=/usr/local/php/bin/php-config --with-zlib-dir--enable-memcache # make # make Install # CD ... #安装PHP的加速器eaccelerator. # TAR-JXF EACCELERATOR-0.9.6.1.TAR.BZ2 # CD eaccelerator-0.9.6.1 #/usr/local/php/bin/phpize #./configure--enable-eaccelerator=shared --with-php-config=/usr/local/php/bin/php-config # make # make Install # mkdir-p/tmp/eaccelerator # chmod 777/tmp/eaccelerator # echo "Mkdir-p/tmp/eaccelerator" >>/etc/rc.local # echo "chmod 777/tmp/eaccelerator" >>/etc/rc.local # CD ... #安装ImageMagick图像处理软件. # TAR-ZXF Imagemagick-6.6.5-8.tar.gz # CD Imagemagick-6.6.5-8 #./configure # make # make Install # CD ... #安装ImageMagick的PHP扩展. # TAR-ZXF Imagick-3.0.0.tgz # CD imagick-3.0.0 #/usr/local/php/bin/phpize #./configure--with-php-config=/usr/local/php/bin/php-config # make # make Install # Ldconfig # CD ... #安装PHP扩展Suhosin用来增强php语言的安全性. # TAR-ZXF Suhosin-0.9.32.1.tar.gz # CD suhosin-0.9.32.1 #/usr/local/php/bin/phpize #./configure--with-php-config=/usr/local/php/bin/php-config # make # make Install # CD ... #用来支持被加密的PHP页面. # TAR-ZXF Ioncube_encoder_evaluation.tar.gz # CD Ioncube_encoder_evaluation # Mkdir/usr/local/ioncube # CP loaders/*/usr/local/ioncube/ # CD ... #安装ZendOptimizer用来支持Zend加密页面 # TAR-ZXF Zendoptimizer-3.3.9-linux-glibc23-i386.tar.gz # Mkdir/usr/local/zend # cp-a zendoptimizer-3.3.9-linux-glibc23-i386/data//usr/local/zend/
|
Install suphp
The code is as follows |
Copy Code |
#suPHP可以让用户已目录所有者的权限访问PHP Web Site Directory # TAR-ZXF Suphp-0.7.1.tar.gz # CD suphp-0.7.1 #./configure--with-apxs=/usr/local/apache/bin/apxs --with-apache-user=nobody --with-logfile=/usr/local/apache/logs/suphp.log --with-setid-mode=paranoid--sysconfdir=/usr/local/apache/conf/ --with-apr=/usr/local/apache/bin/apr-1-config --with-php=/usr/local/php/bin/php-cgi --enable-suphp_use_usergroup=yes # make # make Install |
Install memcached
The code is as follows |
Copy Code |
#memcached是可以有效提高PHP访问效率的内存缓存机制 # CD ... # TAR-ZXF Memcached-1.4.5.tar.gz # CD memcached-1.4.5 #./configure--with-libevent=/usr/local # make # make Install
|
Install Nginx
The code is as follows |
Copy Code |
#安装Nginx需要的pcre, Perl-compatible regular expression libraries are useful for performing regular expression pattern matching with the same syntax and semantics as Perl 5. # TAR-ZXF Pcre-8.10.tar.gz # CD pcre-8.10 #./configure # make # make Install # CD ... #真的开始安装nginx了 # TAR-ZXF Nginx-0.8.53.tar.gz # CD nginx-0.8.53 #./configure--user=nobody--group=nobody--prefix=/usr/local/nginx --pid-path=/usr/local/nginx/logs/nginx.pid --error-log-path=/usr/local/nginx/logs/error.log --http-log-path=/usr/local/nginx/logs/access.log --http-client-body-temp-path=/tmp/nginx_client --http-proxy-temp-path=/tmp/nginx_proxy --http-fastcgi-temp-path=/tmp/nginx_fastcgi --with-http_stub_status_module # make # make Install # CD ... #编写启动脚本
# Vim/etc/init.d/nginx
#! /bin/sh
Ulimit-n 65535
# Description:startup Script for Nginx
# chkconfig:2345 55 25
Path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
desc= "Nginx Daemon"
Name=nginx
daemon=/usr/local/nginx/sbin/$NAME
Configfile=/usr/local/nginx/conf/nginx.conf
pidfile=/usr/local/nginx/logs/$NAME. PID
Scriptname=/etc/init.d/$NAME
Set-e
[-X "$DAEMON"] | | Exit 0
Do_start () {
$DAEMON-C $CONFIGFILE | | Echo-n "Nginx already Running"
}
Do_stop () {
Kill-quit ' Cat $PIDFILE ' | | Echo-n "Nginx not Running"
}
Do_reload () {
Kill-hup ' Cat $PIDFILE ' | | Echo-n "Nginx can ' t reload"
}
Case "$" in
Start
Echo-n "Starting $DESC: $NAME"
Do_start
echo "."
/ETC/INIT.D/HTTPD start
;;
Stop
Echo-n "Stopping $DESC: $NAME"
Do_stop
echo "."
/ETC/INIT.D/HTTPD stop
;;
Reload
Echo-n "Reloading $DESC configuration ..."
Do_reload
echo "."
/ETC/INIT.D/HTTPD restart
;;
Restart)
Echo-n "Restarting $DESC: $NAME"
Do_stop
Sleep 1
Do_start
echo "."
/ETC/INIT.D/HTTPD restart
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2
Exit 3
;;
Esac
Exit 0 #授予开机脚本执行权限 # chmod U+x/etc/init.d/nginx #安装rpaf插件 so that the Apache log can correctly record the visitor's IP address. # TAR-ZXF Mod_rpaf-0.6.tar.gz # CD mod_rpaf-0.6 #/usr/local/apache/bin/apxs-i-c-n mod_rpaf-2.0.so mod_rpaf-2.0.c # CD ...
|
Install Pure-ftp
The code is as follows |
Copy Code |
# TAR-ZXF Pure-ftpd-1.0.29.tar.gz # CD Pure-ftpd-1.0.29 #./configure--prefix=/usr/local/pureftpd --with-language=simplified-chinese--with-everything # make # make Install # chmod U+x configuration-file/pure-config.pl # CP configuration-file/pure-config.pl/usr/local/pureftpd/sbin/ # mkdir/usr/local/pureftpd/etc/ # CP configuration-file/pure-ftpd.conf/usr/local/pureftpd/etc/ # ln-s/usr/local/pureftpd/bin/pure-pw/usr/local/bin/ Modify Directory Permissions Improve security # chmod 711/home # chmod 711/USR/LOCAL/PUREFTPD # chmod 711/usr/local/apache/conf/vhosts # chmod 711/usr/local/nginx/conf/vhosts # chmod 711/usr/local/apache/domlogs # chmod 711/usr/local/apache/logs |
Edit Apache, PHP, suphp, Nginx, pure-ftp config file edit Apache main configuration file
The code is as follows |
Copy Code |
#配置apache配置参数文件httpd. conf, located in the/usr/local/apache/conf/directory. # cd/usr/local/apache/conf/ # MV Httpd.conf Httpd.conf.bak # Vim Httpd.conf #写入以下内容ip, host name, mailbox in accordance with their actual changes can be. Pidfile Logs/httpd.pid Lockfile Logs/accept.lock ServerRoot "/usr/local/apache" Listen 0.0.0.0:81 User Nobody Group Nobody ServerAdmin aaa@gmail.com ServerName Hosts.whypc.info Timeout 300 KeepAlive off Maxkeepaliverequests 100 KeepAliveTimeout 5 Usecanonicalname off Accessfilename. htaccess Traceenable off Servertokens productonly Fileetag None Serversignature off Hostnamelookups off # LoadModule Perl_module modules/mod_perl.so LoadModule Suphp_module modules/mod_suphp.so #suPHP_Engine on #AddType application/x-httpd-php. php LoadModule Rpaf_module modules/mod_rpaf-2.0.so #Mod_rpaf settings Rpafenable on Rpafproxy_ips 127.0.0.1 204.74.291.132 Rpafsethostname on Rpafheader x-forwarded-for DocumentRoot "/usr/local/apache/htdocs" <directory "/" > Options execcgi followsymlinks Includes includesnoexec-indexes-multiviews symlinksifownermatch Order Allow,deny Allow from all AllowOverride All </Directory> <directory "/usr/local/apache/htdocs" > Options includes-indexes FollowSymLinks AllowOverride None Order Allow,deny Allow from all </Directory> DefaultType Text/plain
Rewriteengine on
AddType text/html. shtml
#AddHandler cgi-script. cgi. pl. plx. PPL Perl
AddHandler server-parsed. shtml
<ifmodule mime_module>
Typesconfig Conf/mime.types
AddType Application/perl Pl. plx. PPL Perl
AddType application/x-img. img
AddType application/cgi. CGI
AddType text/x-sql. sql
AddType text/x-log. Log
AddType text/x-config. CNF conf
AddType text/x-registry. reg
AddType application/x-compress. Z
AddType application/x-gzip. GZ tgz
AddType text/html. shtml
AddType Application/x-tar. tgz
AddType application/rar. rar
AddType application/x-compressed. rar
AddType application/x-rar. rar
AddType application/x-rar-compressed. rar
AddType TEXT/VND.WAP.WML. WML
AddType image/vnd.wap.wbmp. wbmp
AddType Text/vnd.wap.wmlscript. wmls
AddType APPLICATION/VND.WAP.WMLC. WMLC
AddType APPLICATION/VND.WAP.WMLSCRIPTC. WMLSC
</IfModule> <ifmodule dir_module> DirectoryIndex index.html index.htm index.shtml index.php </IfModule> <files ~ "^error_log$" > Order Allow,deny Deny from all Satisfy All </Files> <filesmatch "^.ht" > Order Allow,deny Deny from all Satisfy All </FilesMatch> ErrorLog "Logs/error_log" LogLevel warn <ifmodule log_config_module> Logformat "%h%l%u%t"%r "%>s%b"%{referer}i ""%{user-agent}i "" combined Logformat "%h%l%u%t"%r "%>s%b" common <ifmodule logio_module> Logformat "%h%l%u%t"%r "%>s%b"%{referer}i ""%{user-agent}i "%I%o" Combinedio " </IfModule> Customlog "Logs/access_log" common </IfModule> <ifmodule alias_module> scriptalias/cgi-bin/"/usr/local/apache/cgi-bin/" </IfModule> <directory "/usr/local/apache/cgi-bin" > AllowOverride None Options None Order Allow,deny Allow from all </Directory> <ifmodule mpm_prefork_module> Startservers 3 Minspareservers 3 Maxspareservers 5 MaxClients 150 Maxrequestsperchild 1024 </IfModule> <ifmodule mod_headers.c> <filesmatch ". (html|htm|shtml) $ "> Header set Cache-control "max-age=3600, Must-revalidate" </FilesMatch> </IfModule> Readmename readme.html Headername header.html Indexignore.?? * *~ *# header* readme* RCS CVS *,v *,t Include conf/extra/httpd-languages.conf <Location/server-status> SetHandler Server-status Order Deny,allow Deny from all Allow from 127.0.0.1 </Location> Extendedstatus on <Location/server-info> SetHandler Server-info Order Deny,allow Deny from all Allow from 127.0.0.1 </Location> <ifmodule ssl_module> Listen 0.0.0.0:443 AddType Application/x-x509-ca-cert. CRT AddType application/x-pkcs7-crl. CRL Sslciphersuite all:! Adh:+high:+medium:-low:-sslv2:-exp Sslpassphrasedialog Builtin Sslsessioncache Dbm:/usr/local/apache/logs/ssl_scache Sslsessioncachetimeout 300 Sslmutex File:/usr/local/apache/logs/ssl_mutex Sslrandomseed Startup Builtin Sslrandomseed Connect Builtin </IfModule> #Vhosts Namevirtualhost 204.74.291.132:81 Namevirtualhost * <virtualhost 204.74.291.132:81 *> ServerName Hosts.whypc.info Documentroot/var/www/html ServerAdmin aaa@gmail.com </VirtualHost> Include conf/vhosts/* |
Edit PHP configuration file
The code is as follows |
Copy Code |
# Vim/etc/php.ini
#查找/etc/php.ini Extension_dir = "./". Modify it to Extension_dir = "/usr/local/php/lib/php/extensions/ no-debug-non-zts-20060613/"
#查找; include_path = ".:/ Php/includes ", delete the preceding semicolon and modify it to include_path =".:/ Usr/lib/php:/usr/local/php/lib/php "
#跳到最后一行, and then add the following:
Extension = "memcache.so"
; extension = "pdo.so"
; extension = "pdo_mysql.so"
Extension = "pdo_sqlite.so"
Extension = "sqlite.so"
Extension = "eaccelerator.so"
Extension = "suhosin.so"
Eaccelerator.shm_size = 32
Eaccelerator.cache_dir = "/tmp/eaccelerator"
eaccelerator.enable = 1
Eaccelerator.optimizer = 0
Eaccelerator.debug = 0
Eaccelerator.name_space = ""
Eaccelerator.check_mtime = 1
Eaccelerator.filter = ""
Eaccelerator.shm_max = 0
Eaccelerator.shm_ttl = 7200
Eaccelerator.shm_prune_period = 7200
Eaccelerator.shm_only = 1
eaccelerator.compress = 0
Eaccelerator.compress_level = 9
Eaccelerator.keys = SHM
Eaccelerator.sessions = SHM
Eaccelerator.content = SHM
Zend_extension = "/usr/local/ioncube/ioncube_loader_lin_5.2.so"
Zend_extension = "/usr/local/zend/data/5_2_x_comp/zendoptimizer.so" |
Edit suphp configuration file
The code is as follows |
Copy Code |
# cd/usr/local/apache/conf/
# Vim Suphp.conf
#写入如下内容
[Global]
; Path to LogFile
Logfile=/usr/local/apache/logs/suphp.log
; LogLevel
Loglevel=info
; User Apache is running as
Webserver_user=nobody
; Path all scripts have to IS in
docroot=/
; Path to Chroot () to before executing script
; chroot=/mychroot
; Security options
; allow_file_group_writeable=false
Allow_file_group_writeable=true
Allow_file_others_writeable=false
; allow_directory_group_writeable=false
Allow_directory_group_writeable=true
Allow_directory_others_writeable=false
; Check wheter script is within Document_root
Check_vhost_docroot=true
; Send minor error messages to browser
Errors_to_browser=false
; PATH environment variable
Env_path= "/bin:/usr/bin"
; Umask to set, specify in octal notation
umask=0022
; Minimum UID
min_uid=100
; Minimum GID
min_gid=100
[Handlers]
; Handler for Php-scripts
x-httpd-php= "php:/usr/local/php/bin/php-cgi"
; Handler for Cgi-scripts
X-suphp-cgi= "Execute:!self" |
Edit Nginx Master configuration file
The code is as follows |
Copy Code |
# cd/usr/local/nginx/conf/
# MV Nginx.conf Nginx.conf.bak
# Vim Nginx.conf
#写入如下内容根据实际IP地址进行修改即可.
Worker_processes 1;
Worker_rlimit_nofile 65535;
Events {
Worker_connections 65535;
Use Epoll;
}
Error_log/usr/local/nginx/logs/error.log info;
HTTP {
Include Mime.types;
Default_type Application/octet-stream;
Sendfile on;
Tcp_nopush on;
Tcp_nodelay on;
Keepalive_timeout 10;
gzip on;
Gzip_http_version 1.0;
Gzip_min_length 1100;
Gzip_comp_level 3;
Gzip_buffers 4 32k;
Gzip_types text/plain text/xml text/css application/x-javascript application/xml Application/xml+rss text/javascript A Pplication/atom+xml;
Ignore_invalid_headers on;
Client_header_timeout 3m;
Client_body_timeout 3m;
Send_timeout 3m;
Connection_pool_size 256;
Server_names_hash_max_size 2048;
Server_names_hash_bucket_size 256;
Client_header_buffer_size 256k;
Large_client_header_buffers 4 256k;
Request_pool_size 32k;
Output_buffers 4 64k;
Postpone_output 1460;
Open_file_cache max=1000 inactive=300s;
Open_file_cache_valid 600s;
Open_file_cache_min_uses 2;
Open_file_cache_errors off;
Include "/usr/local/nginx/conf/vhosts/*.conf";
server {
Listen 80;
server_name _;
Access_log off;
Location ~*. (Ftpquota|htaccess|asp|aspx|jsp|asa|mdb) $ {
Deny all;
}
Location/{
Client_max_body_size 100m;
Client_body_buffer_size 128k;
Proxy_send_timeout 300;
Proxy_read_timeout 300;
Proxy_buffer_size 4k;
Proxy_buffers 32k;
Proxy_busy_buffers_size 64k;
Proxy_temp_file_write_size 64k;
Proxy_connect_timeout 30s;
Proxy_pass http://204.74.291.132:81/;
Proxy_set_header Host $host;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for;
}
}
} |
Edit PURE-FTP configuration file
The code is as follows |
Copy Code |
#配置pure-FTPD, this is the Puredb verification method. Vim/usr/local/pureftpd/etc/pure-ftpd.conf #查找 Puredb/etc/pureftpd.pdb cancels the front # number and sets the Puredb/usr/local/pureftpd/etc/pureftpd.pdb #查找 PassivePortRange to cancel the # number in front. |
Three, set up the service starting from running and start service
The code is as follows |
Copy Code |
# chkconfig--level MySQL on # chkconfig--level httpd on # chkconfig--level Nginx on #以下内容为一行, please note that # echo "/usr/local/pureftpd/sbin/pure-config.pl/usr/local/pureftpd/etc/pure-ftpd.conf--daemonize" >>/etc/ Rc.local #以下内容为一行, please note that # echo '/usr/local/bin/memcached-d-m 64-p 11211-u nobody-l localhost ' >>/etc/rc.d/rc.local # service MySQL Start # service httpd Start # service Nginx Start #/usr/local/bin/memcached-d-M 64-p 11211-u nobody-l localhost
|
Iv. How to use and create a virtual host change user template files
The code is as follows |
Copy Code |
# mkdir/etc/skel/public_html Add an FTP account to maintain a Web server # useradd-s/sbin/nologin Whypc_info # chmod A+x ~whypc_info # PURE-PW Useradd whypc_info-u whypc_info-g Whypc_info-d/home/whypc_info/#该命令之后会提示你设置FTP用户密码 # PURE-PW MKDB #该命令每次添加用户之后都需要执行, do not need to restart the service. #启动Pure-ftp Because the user database has not yet been generated, so start here. #/usr/local/pureftpd/sbin/pure-config.pl /usr/local/pureftpd/etc/pure-ftpd.conf--daemonize |
Change Apache profile Add Virtual Host
The code is as follows |
Copy Code |
# cd/usr/local /apache/conf/vhosts # vim whypc.info.conf #添加如下内容, IP address and domain name according to the actual situation. <virtualhost 204.74.291.132:81> ServerName whypc.info Serveralias www.whypc.info & nbsp documentroot/home/whypc_info/public_html usecanonicalname off customlog/usr/local/apache/ Domlogs/whypc.info combined options-execcgi-includes removehandler cgi-script. cgi. pl. plx ppl . Perl Suphp_engine on suphp_usergroup whypc_info whypc_info AddHandler x-httpd-php. P HP. PhP3. PhP4. PHP5 Suphp_addhandler x-httpd-php <ifmodule!mod_disable_suexec.c> ; suexecusergroup whypc_info whypc_info </IfModule> scriptalias/cgi-bin//home /whypc_info/public_html/cgi-bin/ </VirtualHost> |
Change Nginx profile Add virtual Host
The code is as follows |
Copy Code |
# cd/usr/local/nginx/conf/vhosts/
# Vim Whypc.info.conf
#添加如下内容, IP address and domain name according to the actual situation.
server {
Access_log off;
Error_log/usr/local/nginx/logs/whypc.info-error_log warn;
Listen 80;
server_name Whypc.info Www.whypc.info;
Access_log off;
Location ~* ^.+. (Gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg
|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|rar
|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso) $ {
Access_log/usr/local/apache/domlogs/whypc.info combined;
root/home/whypc_info/public_html/;
Expires 24h;
Try_files $uri @backend;
}
error_page 400 401 402 403 404 405 406 407 408 409 500 501 502 503 504 @backend;
Location @backend {
Internal
Client_max_body_size 100m;
Client_body_buffer_size 128k;
Proxy_send_timeout 300;
Proxy_read_timeout 300;
Proxy_buffer_size 4k;
Proxy_buffers 32k;
Proxy_busy_buffers_size 64k;
Proxy_temp_file_write_size 64k;
Proxy_connect_timeout 30s;
Proxy_redirect http://whypc.info:81 Http://whypc.info;
Proxy_redirect http://www.whypc.info:81 Http://www.whypc.info;
Proxy_pass http://204.74.291.132:81;
Proxy_set_header Host $host;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for;
}
Location ~*. (Ftpquota|htaccess|asp|aspx|jsp|asa|mdb) $ {
Deny all;
}
Location/{
Client_max_body_size 100m;
Client_body_buffer_size 128k;
Proxy_send_timeout 300;
Proxy_read_timeout 300;
Proxy_buffer_size 4k;
Proxy_buffers 32k;
Proxy_busy_buffers_size 64k;
Proxy_temp_file_write_size 64k;
Proxy_connect_timeout 30s;
Proxy_redirect http://whypc.info:81 Http://whypc.info;
Proxy_redirect http://www.whypc.info:81 http://www.111cn.net;
Proxy_pass http://204.74.291.132:81/;
Proxy_set_header Host $host;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for;
}
} |
V. Create a test file
The code is as follows |
Copy Code |
# Vim ~whypc_info/public_html/test.php #写入如下内容 <?php System ("id"); ?> # chown Whypc_info:whypc_info ~whypc_info/public_html/test.php
|
View the directory Owner permissions (not nobody) from the browser.