1、关闭selinux、配置防火墙,开启80、3306端口
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
[root@localhost ~]
# cp /etc/sysconfig/iptables /etc/sysconfig/iptablesbak
[root@localhost ~]
# vim /etc/sysconfig/iptables
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
[root@localhost ~]
# /etc/init.d/iptables restart
[root@localhost ~]
# cp /etc/sysconfig/selinux /etc/sysconfig/selinuxbak
[root@localhost ~]
# cat /etc/sysconfig/selinux|grep -v "#"
SELINUX=disabled
SELINUXTYPE=targeted
[root@localhost ~]
#
|
2、安装nginx
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
[root@localhost ~]
# rpm -e --nodeps `rpm -qa|egrep -i "httpd|php"` #删除系统自带的软件包
[root@localhost ~]
# wget #下载、安装第三方yum源
[root@localhost ~]
# sh ./atomic #安装
Do you agree to these terms? (
yes
/no
) [Default:
yes
]
yes
Configuring the [atomic] yum archive
for
this system
Installing the Atomic GPG keys: OK
OK
Enable repo by default? (
yes
/no
) [Default:
yes
]:
The Atomic Rocket Turtle archive has now been installed and configured
for
your system
The following channels are available:
[root@localhost ~]
# yum check-update #更新yum源
[root@localhost ~]
# yum -y install nginx
[root@localhost ~]
# service nginx start
Starting nginx: [ OK ]
[root@localhost ~]
#
|
3、安装MySQL
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
[root@localhost ~]
# yum install mysql mysql-server -y
[root@localhost ~]
# chkconfig mysqld on
[root@localhost ~]
# /etc/init.d/mysqld start
[root@localhost ~]
# cp /usr/share/mysql/my-medium.cnf /etc/my.cnf
cp
: overwrite `
/etc/my
.cnf'? y
[root@localhost ~]
# mysql_secure_installation #为root账户设置密码
Enter current password
for
root (enter
for
none):
OK, successfully used password, moving on...
Set root password? [Y
/n
] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
Remove anonymous
users
? [Y
/n
] Y
... Success!
Disallow root login remotely? [Y
/n
] Y
... Success!
Remove
test
database and access to it? [Y
/n
] Y
- Dropping
test
database...
... Success!
- Removing privileges on
test
database...
... Success!
Reload privilege tables now? [Y
/n
] Y
... Success!
Thanks
for
using MySQL!
[root@localhost ~]
# service mysqld restart
|
4、安装PHP5
|
1
2
3
4
5
6
|
[root@localhost ~]
# yum install php php-fpm -y
[root@localhost ~]
# yum install php-mysql php-gd libjpeg* php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-bcmath php-mhash libmcrypt -y #安装PHP组件,使 PHP5 支持 MySQL
[root@localhost ~]
# chkconfig php-fpm on
[root@localhost ~]
# /etc/init.d/php-fpm start
Starting php-fpm: [ OK ]
[root@localhost ~]
#
|
5、配置nginx支持php
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
[root@localhost ~]
# cp /etc/nginx/nginx.conf /etc/nginx/nginx.confbak
[root@localhost ~]
# vim /etc/nginx/nginx.conf
user nginx nginx;
#修改nginx运行账号为:nginx组的nginx用户
worker_processes 1;
[root@localhost ~]
# cp /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.confbak
[root@localhost ~]
# vim /etc/nginx/conf.d/default.conf
location / {
root
/usr/share/nginx/html
;
index index.php index.html index.htm;
#增加index.php
# example
#ModSecurityEnabled on;
#ModSecurityConfig /etc/nginx/modsecurity.conf;
}
location ~ \.php$ {
#取location的注释,并将fastcgi_param行的参数,改为$document_root$fastcgi_script_name,或者使用绝对路径
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
[root@localhost ~]
# service nginx restart
Stopping nginx: [ OK ]
Starting nginx: [ OK ]
[root@localhost ~]
#
|
6、php配置
|
1
2
3
4
5
6
7
8
|
[root@localhost ~]
# cp /etc/php.ini /etc/php.inibak
[root@localhost ~]
# vim /etc/php.ini
878
date
.timezone = PRC
314 disable_functions = passthru,
exec
,system,chroot,scandir,
chgrp
,
chown
,shell_exec,proc_open,proc_get_status,
in
i_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,
symlink
,popepassthru,stream_socket_server,escapesh ellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space,posix_c termid,posix_get_last_error,posix_getcwd, posix_getegid,posix_geteuid,posix_getgid, posix_getgrgid,posix_ge tgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid, posix_getppid,posix_getpwna m,posix_getpwuid, posix_getrlimit, posix_getsid,posix_getuid,posix_isatty, posix_kill,posix_mkfifo,posix_se tegid,posix_seteuid,posix_setgid, posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ ttyname,posix_uname
#PHP禁用的函数,如果某些程序需要用到这个函数,可以删除,取消禁用。
375 expose_php = Off
#禁止显示php版本的信息
211 short_open_tag = ON
#支持php短标签
308 open_basedir = .:
/tmp/
#设置表示允许访问当前目录(即PHP脚本文件所在之目录)和/tmp/目录,可以防止php木马跨站,如果改了之后安装程序有问题(例如:nginx可能网站根目录下的文件会提示Access Denied),可以注销此行,或者直接写上程序的目录open_basedir = /usr/share/nginx/html/:/tmp/
[root@localhost ~]
#
|
7、配置php-fpm
|
1
2
3
4
5
6
|
[root@localhost ~]
# cp /etc/php-fpm.d/www.conf /etc/php-fpm.d/www.confbak
[root@localhost ~]
# vim /etc/php-fpm.d/www.conf
user = nginx
; RPM: Keep a group allowed to write
in
log
dir
.
group = nginx
[root@localhost ~]
#
|
8、测试
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
[root@localhost ~]
# cd /usr/share/nginx/html/
[root@localhost html]
# vim index.php
<?php
phpinfo();
?>
~
[root@localhost html]
# service nginx restart
Stopping nginx: [ OK ]
Starting nginx: [ OK ]
[root@localhost html]
# service php-fpm restart
Stopping php-fpm: [ OK ]
Starting php-fpm: [ OK ]
[root@localhost html]
#
|
在客户端浏览器输入服务器IP地址,可以看到相关的配置信息(无法查看可以将php.ini中expose_php设置为on、open_basedir注释掉,或者直接写上程序的目录)! 说明lnmp配置成功!
本文转自 justin_peng 51CTO博客,原文链接:http://blog.51cto.com/ityunwei2017/1733287,如需转载请自行联系原作者
