Linux_LAMP 最强大的动态网站解决方案-阿里云开发者社区

开发者社区> 范桂飓> 正文

Linux_LAMP 最强大的动态网站解决方案

简介: 目录 目录 LAMP Install LAMP via YUM Install LAMP via ResourceCode Apache Apache Virtual Machine Type Use name-based virtual hostingthe s...
+关注继续查看

目录

LAMP

Linux+Apache+Mysql/MariaDB+Perl/PHP/Python一组常用来搭建动态网站或者服务器的开源软件,本身都是各自独立的程序,但是因为常被放在一起使用,拥有了越来越高的兼容度,共同组成了一个强大的Web应用程序平台。随着开源潮流的蓬勃发展,开放源代码的LAMP已经与J2EE和.Net商业软件形成三足鼎立之势,并且该软件开发的项目在软件方面的投资成本较低,因此受到整个IT界的关注。从网站的流量上来说,70%以上的访问流量是LAMP来提供的,LAMP是最强大的网站解决方案.

Install LAMP via YUM

yum groupinstall -y "mysql数据服务器" "PHP支持"    
yum install -y php-mysql
service httpd start
service mysqld start

Install LAMP via ResourceCode

Apache

Port:TCP80 TCP443
logFile:/var/log/httpd/
step1. Install Apache

rpm -e httpd -nodeps   #move system pre-installed httpd software.
tar zxvf http-XXX -C /var/src
./configure --prefix=/usr/local/apache2 --enable-so --enable-rewrite && make && make install
/usr/local/apache2/bin/apachectl start
cp /usr/local/apache2/bin/apachectl /etc/init.d/httpd

step2. Addition service to chkconfig
vim /etc/init.d/httpd

#!/bin/sh
#chkconfig:35 12 32
#description:httpd server
#12 --> priority
#32 --> close priority

step3. Start the chkconfig service

chkconfig --add httpd
chkconfig httpd on

step4. Edit the httpd service config file
vim /usr/local/apache2/conf/httpd.conf

#Global
ServerRoot "URL"            #Directory for store the config file
Timeout 60                  #connect timeout
PidFile run/httpd.pid       #the directory for store pid file
listen 80                   #listen into port
user  XXX                   #httpd default users:will use 'apache' user when you install via YUM, otherwise you have to create the 'daemon' user to run the httpd service when you install resource.
group  XXX                  #httpd service default group

keepAlive on                #one connect much transfer data
MaxkeepAliveRequests 500    #Max connection count.
keepAliveTimeout 50         #keep connect alive timeout
prefork                     #work model to small web
work                        #work model to big web
Server Admin:ManagerMail
ServerName:www.domain.com:80
DocumentRoot "[websiteUrl]"   #VirtualHost more preferential  a.yum install: /var/www/html  b.resource install:/usr/local/apache2//htdocs
DirectoryIndex:   #set welcome page
#Set welcome page example:
<IfModule dir_module>
    DirectoryIndex index.html index.php
</IfModule>
AddDefaultCharset UTF-8  #add character set
#Locality:
<Directory "/var/www/html[websiteUrl]">
  Options
  AllowOverride
  Order
  Deny from
</Directory>

step5. Httpd Stress testing

ab -c X httpdServerIP   #X:Sub-requent requests count
ab -n X httpdServerIP   #X:Total requests count
Forexample:
ab -c 2000 -n 4000 http://www.domain.com/    #2000 times PV(PageView) at the same time.
ulimit -n 2000       #Change the max supervene access count. Because the max supervene access count have to less than 1024 in the linux file.
ulimit -a                #Check all limit

Apache Virtual Machine Type

  1. Virtual Machine type:
    (1) DomainName-based virtual hosting
    (2) IP address-based
    (3) Port-based

Use name-based virtual hosting(the same of ip and port)

step1

mkdir htdocs/baidu htdocs/sina
echo www.baidu.com > htdocs/baidu/index.html
echo www.sina.com > htdocs/sina/index.html

step2. Open virtual machine function
vim httpd.conf

#Virtual Hosts
Include conf/extra/httpd-vhosts.conf

vim conf/extra/httpd-vhosts.conf #Define virtual machine domain
For example:

NameVirtualHost \*:80   #specify virtual machine to name-based hosts. 
                        #Attention: "*:80" have to same as below sections.
<VirtualHost *:80>
     ServerAdmin jmilk@fan.com
     DocumentRoot "/usr/local/apache2/htdoes/baidu"
     ServerName Jmilk.fan.com
     ErrorLog "logs/baidu-error_log"
     CustomLog "logs/baidu-access_log" common
     <Directory "/usr/local/apache2/htdoes/baidu">  #Setup website access permission
           Order allow,deny
           Allow from all
      </Directory>
</VirtualHost>
<VirtualHost *:80>
     ServerAdmin jmilk@fan.com
     DocumentRoot "/usr/local/apache2/htdoes/sina"
     ServerName Jmilk.fan.com
     ErrorLog "logs/sina-error_log"
     CustomLog "logs/sina-access_log" common
</VirtualHost>

vim /etc/hosts

10.20.0.210 www.baidu.com www.sina.com
service httpd restart

Use IP-based virtual hosting

Much step of setup the IP-based virtual hosting as same as the name-based virtual hosting,but different as below.
step1. Comments the “NameVritualHost *:80”
step2. Specify the different IP in the sections of <VirtualHost IP:80>

Use Post-based virtual hosting

step1. Add the Listen port
vim httpd.conf

  Listen 80
  Listen 81

step2. Comments the “NameVritualHost *:80”
step3. Specify the different IP in the sections of <VirtualHost IP:Post>

Create personal page.

vim httpd.conf #open home directory

 #User home directories
 Include conf/extra/httpd-userdir.conf

vim httpd-userdir.conf

 userDir public_html   --> Create Public_html file in the home directory.

Login the personal page

 chmod o+x /home/user
 http://IP/~userName

Security access https

step1. Install Apache by resource and enable ssl protocol

yum -y install mod_ssl
rpm -qa |grep openssl 
./configure --enable-so --enable-rewirte --enable-ssl && make && make install

step2. Edit the Apache config file to enable ssl function module
vim httpd.conf

LoadModule ssl_module modules/mod_ssl.so 
# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf

setp3. Create ssl cert
cd conf/ and Running the cert script as below

#certcreate.sh
#!/bin/bash
read -p "文件名称前缀:" name
openssl genrsa -des3 -out ${name}a.key 1024
openssl rsa -in ${name}a.key -out ${name}.key
openssl req -new -key ${name}.key -out ${name}.csr
openssl x509 -req -days 1000 -in ${name}.csr -signkey ${name}.key -out ${name}.crt

step4. Specify virtual machine which used security(ssl) cert and ssl cert’s store directory url.
vim extra/httpd-ssl.conf

Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl
SSLPassPhraseDialog  builtin
SSLSessionCache        "shmcb:/usr/local/apache2//logs/ssl_scache(512000)"
SSLSessionCacheTimeout  300
SSLMutex  "file:/usr/local/apache2//logs/ssl_mutex"
NameVirtualHost *:443

<VirtualHost *:443>
       DocumentRoot "/usr/local/apache2//htdocs/baidu"
       ServerName jmilk.fan.com:443
       ServerAdmin jmilk@fan.com
       ErrorLog "/usr/local/apache2//logs/baidu_error_log"
       TransferLog "/usr/local/apache2//logs/baidu_access_log"
       SSLEngine on
       SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL  -->列出运行客户端协商的密码
       SSLCertificateFile "/usr/local/apache2//conf/server.crt"
       SSLCertificateKeyFile "/usr/local/apache2//conf/server.key"
       <FilesMatch "\.(cgi|shtml|phtml|php)$">
                SSLOptions +StdEnvVars
       </FilesMatch>
       <Directory "/usr/local/apache2//cgi-bin">
                SSLOptions +StdEnvVars
       </Directory>

       BrowserMatch ".*MSIE.*" \
       nokeepalive ssl-unclean-shutdown \
       downgrade-1.0 force-response-1.0
       CustomLog "/usr/local/apache2//logs/ssl_request_log" \
       "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

step4. restart httpd service

service httpd restart

Access control

Only permission user who can access this web pager.
step1. Install awstats software.

unzip awstats-7.0.zip               #Program by Analytic language ,so don't need to compile.
cd /usr/local/awstats-7.0/tools
./awstats_configure.pl              #Install of interactive mode
service httpd restart               #The entry into force of awstats plugin

step2. Edit the awstats plugin configure file.
vim /etc/awstats/awstats.jmilk.fan.com.conf(awstats.domain.com.conf)

LogFile="/usr/local/apache2/logs/baidu-access_log"
mkdir /var/lib/awstats
http://localhost/awstats/awstats.pl  #access awstats software

step3. Edit apache configure file to add awstats plugin
vim httpd-vhosts.conf #change the CustomLog type from “common” to “combined”

CustomLog "logs/sina-access_log" common  --> CustomLog "logs/baidu-access_log" combined
service httpd restart

step4. setting awstats’s access limit
vim httpd.conf

#Add section below for example:
#This is to permit URL access to scripts/files in AWStats directory.
#
<Directory "/usr/local/awstats-7.0/wwwroot">
    Options None
    AllowOverride None
    Order allow,deny
    Allow from all
    AuthName "AWSTATS"
    AuthType Basic
    AuthUserFile /usr/local/awstats/wwwroot/.htpasswd
    require valid-user
</Directory>

step5. Create htpasswd user by htpasswd tool

cd /usr/local/apache2/bin/htpassed
htpasswd -c /usr/local/apache2/conf/.htpasswd userName1   #In frist create user,you have to use option -c to specify the htpasswd file store url
htpasswd userName2
service httpd restart    

MySQL

Port: TCP 3306
step1. install Mysql
step1. Install MySQL via resource

tar zxvf mysql-XXX -C /var/src
useradd mysql -s /sbin/nologin -M    #-M --> have not home directory
./configure --prefix=/usr/local/mysql --sysconfdir=/etc/ && make && make install

step2. Initialization Mysql configure.

cp /usr/local/mysql/support-files/my-medium.cnf /etc/my.cnf 
/usr/local/mysql/bin/mysql-install-db --user=mysql
chown -R root:mysql /usr/local/mysql
chown -R mysql:mysql /usr/local/mysql/var
ln -s /usr/local/mysql/bin/* /usr/local/bin

vim /etc/profile

PATH=${PATH}/usr/local/mysql/bin

step3. Start mysql service

mysql_safe --user=mysql &
cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
chmod a+x /etc/init.d/mysqld
echo "/usr/local/mysql/lib/mysql" >> /etc/ld.so.conf   --> setup mysql interface
ldconfig   #Refresh the ld.so.conf file.
service mysqld start
chkconfig mysqld on

step4. Setup mysql’s user and password.

mysqladmin -u root password '123'    #setting password
mysql -u root -p123          #login mysql
#or
mysql_secure_installation --> Basic secure setting

step5. Check the Mysql install

 mysal -u root -p123
 show databases;
 use mysql;
 show tables;

step6. Mysql usage
a. list user’s table field information
describe user;
b. create database and create file in the /usr/local/mysql/var/
create database world;
c. create table
create table tableName(id int not null,name char(16) not null,password char(16) not null default '123',primany key(id));
d. delete table

drop table table DBName.tableName;
delete fro tableName where id=3;

e. select table info or select table item info.

select * from tableName;
select * from tableName where price > 10;  #selece by condition
select * from tableName order by price;    #from small to big sort
select * from tableName order by price desc;  #from big to small sort. desc 降序
select avg(price) from tableName;    #average value
select sum(price) from tableName;    #summation; or use function min() max() count():output notes conunt.
select type,avg(price) from tableName group by type;
type,avg(price)     #every type's average price
select type,avg(price) from tableName group by type having avg(price) > 10;     #use where before grouping, use having after grouping. 

f. select from much table.

select table1Name.name,table2Name.nation from table1Name,table2Name where table1Name.id=table2Name.id;           #内链接查询
select table1Name.name,table2Name.nation from table1Name left join table2Name on table1Name.id=table2Name.id;    #左链接(left join)查询,以左表为主,左表必须全列出符合的记录,右表若没有对应的记录时,以null补全
select table1Name.name,table2Name.nation from table1Name right join table2Name on table1Name.id=table2Name.id;   #右链接(right join)
select table1Name.name,table2Name.nation from table1Name cross join table2Name;                                  #全链接查询,交叉查询(cross join)笛卡儿积

g. Insert item into table
insert into tableName(id,name,password) values(1,'userName','123');
h. Update the table item info.
update tableName set password=encrypt('123') where id=1;
b.Mysql date backup and recover:
(1) Backup:

mysqldump -u root -p123 databaseName > tableName.sql  --> backup a database
mysqldump -u root -p123 --all-databases > all.sql  --> backup all database

(2) Recover:

mysql -u root -p123 tableName < tableName.sql 
mysql -u root -p123 < all.sql  --> resover all the database

PHP

step1. Install php support

tar zxvf libmcrypt -C /usr/local
tar zxvf mhach -C /usr/local
tar zxvf mcrypt -C /usr/local    #libmcrypr,mhach annd mcrypt combine to secure encrypt deal with.
cd /usr/local/libmcrypt
./configure && make && make install
echo "/usr/local/lib" >> /etc/ld.so.conf
ldconfig
cd /usr/local/mhach
./configure && make && make install
ldconfig
cd /usr/local/mcrypt
./configure && make && make install
tar zxvf php-XXX.tar.gz -C /usr/local
mv php-XXX PHP5
cd /usr/local/php5
./configure --prefix=/usr/local/php5 --with-apxs2=/usr/local/apache2/bin/apx5 --with-mysql=/usr/local/mysql --with-mcrpyt --with-config-file-path=/usr/local/php5 --enable-mbstring && make && make install

step2. Edit php Configure file

cp /usr/local/php5/php.ini-development /usr/local/php5/php.ini

vim /usr/local/apache2/conf/httpd.conf #add php plugin to apache


<IfModule mime_module>   #加入.PHP后缀识别模块
        AddType application/x-httpd-php .php
</IfModule>

<IfModule dir_module>   #加入PHP欢迎页面
        DirectoryIndex index.html index.php
</IfModule>

step3. Test the php module
vim TestPHP.php

<?php
    phpinfo()
?>

step4. Install phpMyAdmin manager paper.

tar phpMyAdmin -C /usr/local/apache2/htdocs/baidu
mv phpMyAdmin pma
cp pma/confg.sample.inc.php pma/config.inc.php

step5. Install Discuz

unzip Discuz
cd Discuz
mv upload /usr/local/apache2/htdoes/bbs
chown -R daemon:daemon /usr/local/apache2/htdoes/bbs
http://localhost/bbs  #enter installtation pager        

版权声明:本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。

相关文章
阿里云服务器怎么设置密码?怎么停机?怎么重启服务器?
如果在创建实例时没有设置密码,或者密码丢失,您可以在控制台上重新设置实例的登录密码。本文仅描述如何在 ECS 管理控制台上修改实例登录密码。
10095 0
WordPress网站漏洞利用及漏洞修复解决方案
2019年正月刚开始,WordPress最新版本存在远程代码注入获取SHELL漏洞,该网站漏洞影响的版本是wordpress5.0.0,漏洞的产生是因为image模块导致的,因为代码里可以进行获取目录权限,以及文件包含功能,导致远程代码注入成功。
1847 0
网站被黑导致被西部数码关闭 提示有害信息未处理的解决方案
前段时间有一客户的网站打不开了,打开网站被提示什么:抱歉,主机因存在有害信息逾期未处理被关闭 Sorry, the site now can not be accessed. 客户第一时间找到我们SINE安全寻求解决方案,我们根据客户的反馈,进行详细的记录,分析问题,找到了被系统自动阻断拦截的原因,客户网站用的是西部数码主机,再一个主要的原因是,客户网站被篡改并上传了一些有害,违法的内容信息,导致被西部数码的有害信息监测处置系统监控到,立即进行了拦截,阻断处理。
1820 0
让黑客无隙可乘——企业级Web网站安全解决方案揭秘
在3月10日举办的阿里云网站热点研讨会上,阿里云资深安全业务架构师蕴藉就网站Web应用的安全性及业务可用性进行了一系列细致的讲解和介绍,接下来我们就来共同了解一下他分享的内容。
12478 0
WIN7安装IIS后无默认网站(Default Web site)解决方案
作者:jiankunking 出处:http://blog.csdn.net/jiankunking 提示本文仅供参考,处理前请备份好相关文件,以便恢复,后面的资源是WIN7的,其余系统资料暂时没有,请不要随便使用。 1.找到资源,复制到如下文件夹下:config文件夹复制到C:\Windows\System32\inetsrv\config文件夹下inetpub文件夹复制C:\inetpu
1549 0
阿里云服务器如何登录?阿里云服务器的三种登录方法
购买阿里云ECS云服务器后如何登录?场景不同,阿里云优惠总结大概有三种登录方式: 登录到ECS云服务器控制台 在ECS云服务器控制台用户可以更改密码、更换系.
13893 0
Linux下libstdc++.so.5找不到解决方案
在Linux系统安装程序时经常遇到“libstdc++.so.5找不到”的问题,例如提示“libstdc++.so.5: cannot open shared object file: No such file or directory”。
977 0
+关注
范桂飓
OpenStack Developer, Opensource Lover :- )
263
文章
0
问答
文章排行榜
最热
最新
相关电子书
更多
《2021云上架构与运维峰会演讲合集》
立即下载
《零基础CSS入门教程》
立即下载
《零基础HTML入门教程》
立即下载