Home PC Games Linux Windows Database Network Programming Server Mobile  
           
  Home \ Server \ Compile and install LNMP under CentOS 6.5     - Linux some lessons learned about network security (Linux)

- Oracle users to automatically increase the partition table (Database)

- Usage logs Python library (Programming)

- Spark source code compiler package (Linux)

- Vagrant failed to start, stuck in Waiting for VM to boot solution (Linux)

- impdp error ORA-39001, ORA-39000, ORA-31619 (Database)

- sed command (Linux)

- Sturdy build secure Linux server (Linux)

- Using Libreoffice under ubuntu (Linux)

- How to install CentOS CentOS web page (Server)

- VNC configuration detailed analysis under Linux (Linux)

- MySQL use the integer type (Database)

- Android WebView use layman (Programming)

- How to become a better Node.js developers in 2016 (Programming)

- a virtual machine created migrated to host RHEL6.4 on Ubuntu 14.04 (Linux)

- Oracle Linux 6.4 installed Oracle 11gR2 + RAC + ASM (Database)

- SHELL script to use anti SSH brute force and vsftpd (Linux)

- How to install Ubuntu applications Device 7 (Linux)

- Linux firewall Iptables study notes (Linux)

- Ubuntu Linux use ufw or iptables firewall configuration (Linux)

 
         
  Compile and install LNMP under CentOS 6.5
     
  Add Date : 2017-04-13      
         
         
         
  First, prepare the environment
1, the operating system installation: CentOS 6.5 64 there is a minimum of installation.
2, configured IP, DNS, gateway, hostname
3, configure the firewall to open the ports 80,3306
vim / etc / sysconfig / iptables
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT # allow port 80 through the firewall
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT # allow port 3306 through the firewall
Special Note: If these two rules are added to the last line of firewall configuration, leading firewall failed to start, the right should be added to the default 22 port.
/etc/init.d/iptables restart # the final restart firewall configuration to take effect
4, turn off SELinux
vi / etc / selinux / configurations
# SELINUX = enforcing # Zhushidiao
# SELINUXTYPE = targeted # Zhushidiao
SELINUX = disabled # increase
:! Wq # Save and exit
setenforce 0 # configuration to take effect immediately

Second, the system agreed
Hard Disk: 50G (/ boot 200M / swap 8192M /) + 100G (/ opt)
Software source code package storage location: / opt / local / src
Source Package compiler installation location: / opt / local / Software name
Database data file storage path / opt / local / mysql / var

Third, the package download
1. Download nginx (current stable version): http: //nginx.org/download/nginx-1.4.4.tar.gz
2. Download pcre (pseudo-static support nginx): ftp: //ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.34.tar.gz
3, download MySQL: http: //cdn.mysql.com/Downloads/MySQL-5.5/mysql-5.5.35.tar.gz
4, download php: http: //cn2.php.net/distributions/php-5.5.7.tar.gz
5, download cmake (MySQL Compilation Tools): http: //www.cmake.org/files/v2.8/cmake-2.8.12.1.tar.gz
6, download libmcrypt (PHPlibmcrypt module): http: //nchc.dl.sourceforge.net/project/mcrypt/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.gz
7, download the GD library installation package (php page image verification code support): https: //phpsqq.googlecode.com/files/gd-2.0.36RC1.tar.gz
The above packages uploaded to the / opt / local / src directory

Fourth, install compilation tools and libraries
CentOS yum command using a key installation
yum install -y make apr * autoconf automake curl curl-devel gcc gcc-c ++ gtk + -devel zlib-devel openssl openssl-devel pcre-devel gd kernel keyutils patch perl kernel-headers compat * cpp glibc libgomp libstdc ++ - devel keyutils-libs- devel libsepol-devel libselinux-devel krb5-devel libXpm * freetype freetype-devel freetype * fontconfig fontconfig-devel libjpeg * libpng * php-common php-gd gettext gettext-devel ncurses * libtool * libxml2 libxml2-devel patch policycoreutils bison

V. Software Installation Guide
1, install cmake
cd / opt / local / src
tar zxvf cmake-2.8.8.tar.gz
cd cmake-2.8.8
./configure --prefix = / opt / local / cmake
Compile make #
make install # install
vim / etc / profile increase cmake executable file path in the path path
export PATH = $ PATH: / opt / local / cmake / bin
source / etc / profile configuration to take effect immediately
2. Install pcre
cd / opt / local / src
mkdir / usr / local / pcre # Create the installation directory
tar zxvf pcre-8.34.tar.gz
cd pcre-8.34
./configure --prefix = / opt / local / pcre # Configure
make && make install
3, installation libmcrypt
cd / opt / local / src
tar zxvf libmcrypt-2.5.8.tar.gz # decompression
cd libmcrypt-2.5.8 # to enter the directory
./configure # configure
Compile make #
make install # install
4, install gd library
cd / opt / local / src
tar zxvf gd-2.0.36RC1.tar.gz
cd gd-2.0.36RC1
./configure --enable-m4_pattern_allow -prefix = / opt / local / gd --with-jpeg = / usr / lib --with-png = / usr / lib --with-xpm = / usr / lib --with -freetype = / usr / lib --with-fontconfig = / usr / lib # configure
Compile make #
make install # install
5, the installation Mysql
add the mysql group groupadd mysql #
useradd -g mysql mysql -s / bin / false # Create mysql user group and join mysql, mysql does not allow users to log in directly to the system
mkdir -p / opt / data / mysql / var # Create MySQL database storage directory
chown -R mysql: mysql / opt / data / mysql / var # set up the MySQL database directory permissions
cd / opt / local / src
tar zxvf mysql-5.5.35.tar.gz # decompression
cd mysql-5.5.35
cmake. -DCMAKE_INSTALL_PREFIX = / opt / local / mysql -DMYSQL_DATADIR = / opt / data / mysql / var -DSYSCONFDIR = / etc # Configure
Compile make #
make install # install
cd / opt / local / mysql
cp ./support-files/my-huge.cnf /etc/my.cnf # copy profile (Note: If the / etc directory there is a default my.cnf, you can direct coverage)

vi /etc/my.cnf # edit the configuration file in the [mysqld] section to increase
datadir = / opt / data / mysql / var # add MySQL database path
./scripts/mysql_install_db --user = mysql # generate mysql database system
cp ./support-files/mysql.server /etc/rc.d/init.d/mysqld # Mysql added to the system to start
chmod 755 /etc/init.d/mysqld # increased execute permissions
chkconfig mysqld on # Join boot
vi /etc/rc.d/init.d/mysqld # Edit
basedir = / opt / local / mysql #MySQL installation path
datadir = / opt / local / mysql / var #MySQl database storage directory
service mysqld start # start
vi / etc / profile # mysql service added to the system environment variable: add the following line in the final
export PATH = $ PATH: / opt / local / cmake / bin: / opt / local / mysql / bin
source / etc / profile # to make the configuration take effect immediately
mkdir / var / lib / mysql # create a directory
ln -s /tmp/mysql.sock /var/lib/mysql/mysql.sock # add soft links
mysql_secure_installation # Mysql password is set, enter the password twice when prompted press Enter Y
/ Opt / local / mysql / bin / mysqladmin -u root -p password "123456" # or directly modify the password
This, mysql installation is complete!
6, install nginx
cd / opt / local / src
groupadd www # Add www group
useradd -g www www -s / bin / false # Create nginx run and added to the account www www group, does not allow users to log in directly to the system www
tar zxvf nginx-1.4.4.tar.gz
cd nginx-1.4.4
./configure --prefix = / opt / local / nginx --without-http_memcached_module --user = www --group = www --with-http_stub_status_module --with-openssl = / usr / --with-pcre = / opt /local/src/pcre-8.31
Note: - with-pcre = / opt / local / src / pcre-8.34 points to unpack the source path, not the path of the installation, otherwise it will error
make
make install
/ Opt / local / nginx / sbin / nginx # start nginx
Setting nginx Open start
vi /etc/rc.d/init.d/nginx # edit the startup file and add the following contents
================================================== =====
#! / Bin / bash
# Nginx Startup script for the Nginx HTTP Server
# It is v.0.0.2 version.
# Chkconfig: - 85 15
# Description: Nginx is a high-performance web and proxy server.
# It has a lot of features, but it's not for everyone.
# Processname: nginx
# Pidfile: /var/run/nginx.pid
# Config: /usr/local/nginx/conf/nginx.conf
nginxd = / opt / local / nginx / sbin / nginx
nginx_config = / opt / local / nginx / conf / nginx.conf
nginx_pid = / opt / local / nginx / logs / nginx.pid
RETVAL = 0
prog = "nginx"
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. / Etc / sysconfig / network
# Check that networking is up.
[$ {NETWORKING} = "no"] && exit 0
[-x $ Nginxd] || exit 0
# Start nginx daemons functions.
start () {
if [-e $ nginx_pid]; then
echo "nginx already running ...."
exit 1
fi
echo -n $ "Starting $ prog:"
daemon $ nginxd -c $ {nginx_config}
RETVAL = $?
echo
[$ RETVAL = 0] && touch / var / lock / subsys / nginx
return $ RETVAL
}
# Stop nginx daemons functions.
stop () {
echo -n $ "Stopping $ prog:"
killproc $ nginxd
RETVAL = $?
echo
[$ RETVAL = 0] && rm -f / var / lock / subsys / nginx /usr/local/nginx/logs/nginx.pid
}
reload () {
echo -n $ "Reloading $ prog:"
#kill -HUP `cat $ {nginx_pid}`
killproc $ nginxd -HUP
RETVAL = $?
echo
}
# See how we were called.
case "$ 1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
stop
start
;;
status)
status $ prog
RETVAL = $?
;;
*)
echo $ "Usage: $ prog {start | stop | restart | reload | status | help}"
exit 1
esac
exit $ RETVAL
================================================== =====
:! Wq # Save and exit
chmod 775 /etc/rc.d/init.d/nginx # give the file execute permission
chkconfig nginx on # boot settings
/etc/rc.d/init.d/nginx restart # restart Nginx
service nginx restart
================================================== =====
7, install php
cd / opt / local / src
tar -zvxf php-5.5.7.tar.gz
cd php-5.5.7.
./configure --prefix = / opt / local / php5 --with-config-file-path = / opt / local / php5 / etc --with-mysql = / opt / local / mysql --with-mysql-sock = / tmp / mysql.sock --with-gd --with-iconv --with-zlib --enable-xml --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization - -enable-mbregex --enable-fpm --enable-mbstring --enable-ftp --enable-gd-native-ttf --with-openssl --enable-pcntl --enable-sockets --with-xmlrpc - enable-zip --enable-soap --without-pear --with-gettext --enable-session --with-mcrypt --with-curl --with-jpeg-dir --with-freetype-dir

Compile make #
make install # install
cp php.ini-production /opt/local/php5/etc/php.ini # copy php configuration file to the installation directory
rm -rf /etc/php.ini # delete the system comes with configuration files
ln -s /opt/local/php5/etc/php.ini /etc/php.ini # add soft links
cp /opt/local/php5/etc/php-fpm.conf.default /opt/local/php5/etc/php-fpm.conf # copy the template file for the php-fpm profile
vi /opt/local/php5/etc/php-fpm.conf # Edit
user = www # php-fpm is set to run for the account www
group = www # set php-fpm run group www
pid = run / php-fpm.pid # cancel semicolon in front
Setting php-fpm boot
cp /opt/local/src/php-5.5.7/sapi/fpm/init.d.php-fpm /etc/rc.d/init.d/php-fpm # copy startup directory to php-fpm
chmod + x /etc/rc.d/init.d/php-fpm # add execute permissions
chkconfig php-fpm on # boot settings
vi /opt/local/php5/etc/php.ini # edit the configuration file
Found: disable_functions =
Revised as: disable_functions = passthru, exec, system, chroot, scandir, chgrp, chown, shell_exec, proc_open, proc_get_status, ini_alter, ini_alter, ini_restore, dl, openlog, syslog, readlink, symlink, popepassthru, stream_socket_server, escapeshellcmd, dll, popen , disk_free_space, checkdnsrr, checkdnsrr, getservbyname, getservbyport, disk_total_space, posix_ctermid, posix_get_last_error, posix_getcwd, posix_getegid, posix_geteuid, posix_getgid, posix_getgrgid, posix_getgrnam, posix_getgroups, posix_getlogin, posix_getpgid, posix_getpgrp, posix_getpid, posix_getppid, posix_getpwnam, posix_getpwuid, posix_getrlimit, posix_getsid, posix_getuid , posix_isatty, posix_kill, posix_mkfifo, posix_setegid, posix_seteuid, posix_setgid, posix_setpgid, posix_setsid, posix_setuid, posix_strerror, posix_times, posix_ttyname, posix_uname
# List PHP function can be disabled, if some programs need to use this function, you can delete, cancel disabled
Found:; date.timezone =
Amended as follows: when the area set date.timezone = PRC #
Found: expose_php = On
Revised as: expose_php = OFF # suppress php version information
Found: short_open_tag = Off
Revised as: short_open_tag = ON # support php short tags

VIII support php configuration nginx
vi /opt/local/nginx/conf/nginx.conf
/opt/local/nginx/conf/nginx.conf Modify the configuration file, you need to make the following changes
user www www; # remove the first line of user comments, modify Nginx running group www www; must /opt/local/php/etc/php-fpm.conf the user, the same group configuration, otherwise an error running php
user www www;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application / octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.php index.html index.htm;
}
location ~ \ .php $ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $ document_root $ fastcgi_script_name;
include fastcgi_params;
}
}
}
/etc/init.d/nginx restart # restart nginx

Sixth, test papers
cd / opt / local / nginx / html / # enter nginx default Web site root
rm -rf / opt / local / nginx / html / * # Remove the default test page
vi index.php # New index.php file
phpinfo ();
?>
:! Wq # Save and exit
chown www.www / opt / local / nginx / html / -R # Set the directory owner
chmod 700 / opt / local / nginx / html / -R # Set the directory permissions

7. Other instructions
Server-related command
service nginx restart # restart nginx
service mysqld restart # restart mysql
/ Usr / local / php / sbin / php-fpm # start php-fpm
/etc/rc.d/init.d/php-fpm restart # restart php-fpm
/etc/rc.d/init.d/php-fpm stop # stop php-fpm
/etc/rc.d/init.d/php-fpm start # start php-fpm
nginx default site directory is: / opt / local / nginx / html /
Permissions: chown www.www / opt / local / nginx / html / -R
MySQL database directory is: / opt / local / mysql / var
Permissions: chown mysql.mysql -R / opt / local / mysql / var

Eight, optimization of security
sherwin @ rocnic ~ $ ssh root@172.16.134.141
root@172.16.134.141's password:
Last login: Sat Jan 18 12:11:57 2014 from 172.16.134.1
-bash: warning: setlocale: LC_CTYPE: can not change locale (UTF-8): No such file or directory
[Root @ dev01 ~] # locale
locale: Can not set LC_CTYPE to default locale: No such file or directory
locale: Can not set LC_ALL to default locale: No such file or directory
LANG = en_US.UTF-8
LC_CTYPE = UTF-8
LC_NUMERIC = "en_US.UTF-8"
LC_TIME = "en_US.UTF-8"
LC_COLLATE = "en_US.UTF-8"
LC_MONETARY = "en_US.UTF-8"
LC_MESSAGES = "en_US.UTF-8"
LC_PAPER = "en_US.UTF-8"
LC_NAME = "en_US.UTF-8"
LC_ADDRESS = "en_US.UTF-8"
LC_TELEPHONE = "en_US.UTF-8"
LC_MEASUREMENT = "en_US.UTF-8"
LC_IDENTIFICATION = "en_US.UTF-8"
LC_ALL =
     
         
         
         
  More:      
 
- Ubuntu 12.04 LTS installation configuration JDK1.6.0_45 (Linux)
- Open container cluster management system architecture and components introduced Kubernetes (Server)
- To access an Oracle database using Instant Client (Database)
- Local port forwarding using iptables under linux (Server)
- How to use Git to upload code to GitHub project (Linux)
- Sorting Algorithm (1) Quick Sort C ++ implementation (Programming)
- HBase in MVCC implementation mechanism and its application (Database)
- Single-node Hadoop environment to build (Server)
- GoldenGate for Oracle data consistency initializing (Database)
- How to install Ubuntu California - the calendar application (Linux)
- Android in the event delivery and handling mechanism (Programming)
- Security of data to create a safe .mdb database (Linux)
- The callback function used in C ++ (Programming)
- Using nmcli commands to manage network in RedHat / CentOS 7.x (Linux)
- Migu online music player for Linux (Linux)
- Docker data container protection the pros and cons (Server)
- Permissions and attributes of files and directories under Linux (Linux)
- Kali Linux resolve GPG error KEYEXPIRED 1425567400 (Linux)
- Shell scripts get a snapshot of the page and generates thumbnails (Linux)
- Java8 Lambda expressions and flow operations (Programming)
     
           
     
  CopyRight 2002-2020 newfreesoft.com, All Rights Reserved.