LNMP環境搭建:Nginx安裝、測試與域名配置
Nginx做爲一款優秀的Web Server軟件同時也是一款優秀的負載均衡或前端反向代理、緩存服務軟件javascript
2.編譯安裝Nginxphp
(1)安裝Nginx依賴函數庫pcrecss
pcre爲「perl兼容正則表達式」perl compatible regular expresssions,安裝其是爲了使Nginx支持具有URI重寫功能的rewrite模塊,若是不安裝Nginx將沒法使用rewrite模塊功能,可是該功能卻十分有用和經常使用。html
檢查系統中是否有安裝:前端
[root@leaf ~]# rpm -q pcre pcre-develjava
上面能夠看到並無安裝使用yum方式安裝以下:node
[root@leaf ~]# yum install pcre pcre-devel -ymysql
......linux
Installed:nginx
pcre-devel.x86_64 0:7.8-7.el6
Updated:
pcre.x86_64 0:7.8-7.el6
Complete!
安裝完後檢查一下是否已經成功安裝:
[root@leaf ~]# rpm -q pcre pcre-devel
pcre-7.8-7.el6.x86_64
pcre-devel-7.8-7.el6.x86_64
能夠看到已經安裝成功。
(2)安裝Nginx依賴函數庫openssl-devel
Nginx在使用HTTPS服務的時候要用到此模塊,若是不安裝openssl相關包,安裝過程當中是會報錯的。
檢查系統是否有安裝openssl相關包:
[root@leaf ~]# rpm -q openssl openssl-devel
openssl-1.0.1e-15.el6.x86_64
package openssl-devel is not installed
能夠看到只是安裝了opensslopenssl-devel尚未安裝使用yum安裝以下:
[root@leaf ~]# yum install -y openssl-devel
......
Complete!
再次檢查:
[root@leaf ~]# rpm -q openssl openssl-devel
openssl-1.0.1e-48.el6_8.4.x86_64
openssl-devel-1.0.1e-48.el6_8.4.x86_64
能夠看到都已經成功安裝上。
(3)下載Nginx軟件包
這裏使用的Nginx版本爲1.6.3,下載方式以下:
[root@leaf ~]# pwd
/root
[root@leaf ~]# mkdir tools
[root@leaf ~]# cd tools/
[root@leaf tools]# wget http://nginx.org/download/nginx-1.6.3.tar.gz
......
100%[======================================>] 805,253 220K/s in 3.6s
2017-02-24 12:10:26 (220 KB/s) - anginx-1.6.3.tar.gza saved [805253/805253]
查看下載的Nginx軟件包:
[root@leaf tools]# ll
total 788
-rw-r--r--. 1 root root 805253 Apr 8 2015 nginx-1.6.3.tar.gz
固然上面的方式是使用wget方式直接下載,前提是已經知道了Nginx的下載地址,也能夠到官網下載,而後再上傳到咱們的CentOS操做系統上。
(4)開始安裝Nginx
能夠先在根目錄下建立一個/application文件夾用來存放咱們安裝的軟件:
[root@leaf ~]# mkdir /application
[root@leaf ~]# ls -d /application/
/application/
解壓縮
將咱們剛剛下載的Nginx軟件包解壓縮:
[root@leaf tools]# tar -zxvf nginx-1.6.3.tar.gz
......
[root@leaf tools]# ls
nginx-1.6.3 nginx-1.6.3.tar.gz
使用./configure指定編譯參數
先建立一個nginx用戶用來安裝完成後運行nginx使用:
[root@leaf tools]# useradd nginx -s /sbin/nologin -M
[root@leaf tools]# tail -1 /etc/passwd
nginx:x:500:500::/home/nginx:/sbin/nologin
# -s參數後的/sbin/nologin指定不容許nginx進行登錄
# -M參數則是在建立該用戶時不建立用戶家目錄
使用configure命令指定編譯參數:
[root@leaf nginx-1.6.3]# ./configure --user=nginx --group=nginx --prefix=/application/nginx-1.6.3/ --with-http_stub_status_module --with-http_ssl_module
對於配置時使用的參數能夠經過./configure --help來進行查詢,上面使用的參數解析以下:
--prefix=PATH # 指定安裝路徑
--user=USER # 設置用戶進程權限
--group=GROUP # 設置用戶組進程權限
--with-http_stub_status_module # 激活狀態信息
--with-http_ssl_module # 激活ssl功能
使用make進行編譯
[root@leaf nginx-1.6.3]# make
......
檢查編譯是否成功:
[root@leaf nginx-1.6.3]# echo $?
0
返回0即說明編譯成功。
使用make install安裝
[root@leaf nginx-1.6.3]# make install
......
檢查安裝是否成功:
[root@leaf nginx-1.6.3]# echo $?
0
返回0即說明安裝成功。
創建安裝目錄的軟連接
[root@leaf nginx-1.6.3]# ln -s /application/nginx-1.6.3/ /application/nginx
[root@leaf nginx-1.6.3]# ls -l /application/
total 4
lrwxrwxrwx. 1 root root 25 Feb 24 12:32 nginx -> /application/nginx-1.6.3/
drwxr-xr-x. 6 root root 4096 Feb 24 12:28 nginx-1.6.3
到此Nginx的編譯安裝工做已經所有完成了,下面就須要對安裝結果進行驗證了即驗證Nginx是否能夠正常提供服務。
3.測試Nginx服務
(1)啓動Nginx服務前檢查配置文件語法
以下:
[root@leaf ~]# /application/nginx/sbin/nginx -t
nginx: the configuration file /application/nginx-1.6.3//conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.6.3//conf/nginx.conf test is successful
(2)啓動Nginx服務
[root@leaf ~]# /application/nginx/sbin/nginx
若是在啓動Nginx服務時出現了問題能夠查看Nginx的日誌/application/nginx/logs/error.log,再根據日誌提供的信息來進行解決。
(3)驗證Nginx服務是否正常
查看已開啓的端口信息
[root@leaf ~]# netstat -lnp | grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 6772/nginx
unix 2 [ ACC ] STREAM LISTENING 9180 1/init @/com/ubuntu/upstart
能夠看到Nginx已經在偵聽80端口。
查看Nginx進程
[root@leaf ~]# ps aux | grep nginx
root 6772 0.0 0.1 45028 1140 ? Ss 12:34 0:00 nginx: master process /application/nginx/sbin/nginx
nginx 6773 0.0 0.1 45460 1716 ? S 12:34 0:00 nginx: worker process
root 6777 0.0 0.0 103256 832 pts/1 S+ 12:36 0:00 grep nginx
在宿主機上使用瀏覽器進行測試
在咱們宿主機的瀏覽器上輸入http://10.0.0.101/,查看測試結果
能夠正常訪問,固然前提是CentOS上的防火牆功能已經關閉。
使用wget命令和curl命令測試
wget命令:
[root@leaf tools]# wget 127.0.0.1
--2017-02-24 12:41:05-- http://127.0.0.1/
Connecting to 127.0.0.1:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 612 [text/html]
Saving to: aindex.htmla
100%[======================================>] 612 --.-K/s in 0s
2017-02-24 12:41:05 (44.1 MB/s) - aindex.htmla saved [612/612]
currl命令:
[root@leaf tools]# curl 127.0.0.1
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
從上面的結果能夠說明Nginx已經正常部署並運行。
4.進一步測試修改Nginx顯示的頁面
經過修改/application/nginx/html下的index.html文件,咱們就能夠改變Nginx主頁顯示的內容,操做以下:
[root@leaf tools]# cd /application/nginx/html/
[root@leaf html]# ls
50x.html index.html
[root@leaf html]# mv index.html index.html.source
[root@leaf html]# echo "<h1>Hello, I'm xpleaf.</h1>">index.html
[root@leaf html]# ls
50x.html index.html index.html.source
[root@leaf html]# cat index.html
<h1>Hello, I'm xpleaf.</h1>
這時在宿主機操做系統上訪問http://10.0.0.101/
(1)Nginx安裝
1.安裝Nginx依賴函數庫pcre、openssl-devel
[root@leaf ~]# yum install -y pcre pcre-devel openssl openssl-devel
......
[root@leaf ~]# rpm -q pcre pcre-devel openssl openssl-devel
pcre-7.8-7.el6.x86_64
pcre-devel-7.8-7.el6.x86_64
openssl-1.0.1e-48.el6_8.4.x86_64
openssl-devel-1.0.1e-48.el6_8.4.x86_64
2.下載安裝Nginx
這裏使用Nginx1.6.3,以下:
# 下載Nginx
[root@leaf ~]# yum install -y wget
[root@leaf ~]# mkdir tools
[root@leaf ~]# cd tools/
[root@leaf tools]# wget
[root@leaf tools]# ll
總用量 788
-rw-r--r--. 1 root root 805253 4月 8 2015 nginx-1.6.3.tar.gz
# 解壓縮
[root@leaf tools]# tar zxf nginx-1.6.3.tar.gz
[root@leaf tools]# ll
總用量 792
drwxr-xr-x. 8 1001 1001 4096 4月 7 2015 nginx-1.6.3
-rw-r--r--. 1 root root 805253 4月 8 2015 nginx-1.6.3.tar.gz
# 指定編譯參數
[root@leaf tools]# yum install -y gcc # 須要先安裝gcc
[root@leaf tools]# mkdir /application # 做爲Nginx的安裝目錄
[root@leaf tools]# useradd nginx -s /sbin/nologin -M
[root@leaf tools]# tail -1 /etc/passwd
nginx:x:500:500::/home/nginx:/sbin/nologin
[root@leaf tools]# cd nginx-1.6.3
[root@leaf nginx-1.6.3]# ./configure --user=nginx --group=nginx --prefix=/application/nginx-1.6.3/ --with-http_stub_status_module --with-http_ssl_module
[root@leaf nginx-1.6.3]# echo $? # 結果輸出0則說明命令執行成功
# 編譯
[root@leaf nginx-1.6.3]# make
[root@leaf nginx-1.6.3]# echo $?
# 安裝
[root@leaf nginx-1.6.3]# make install
[root@leaf nginx-1.6.3]# echo $?
# 創建安裝目錄的軟連接
[root@leaf nginx-1.6.3]# ln -s /application/nginx-1.6.3/ /application/nginx
[root@leaf nginx-1.6.3]# ls -l /application/
總用量 4
lrwxrwxrwx. 1 root root 25 3月 4 04:28 nginx -> /application/nginx-1.6.3/
drwxr-xr-x. 6 root root 4096 3月 4 04:27 nginx-1.6.3
(2)Nginx測試
1.啓動Nginx
[root@leaf ~]# /application/nginx/sbin/nginx -t # 檢查配置文件
nginx: the configuration file /application/nginx-1.6.3//conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.6.3//conf/nginx.conf test is successful
[root@leaf ~]# /application/nginx/sbin/nginx # 啓動Nginx服務
2.CentOS上驗證Nginx服務
[root@leaf ~]# netstat -lntup | grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 3929/nginx
[root@leaf ~]# curl localhost
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
3.宿主機上驗證Nginx服務
在宿主機瀏覽器上輸入CentOS主機的IP地址10.0.0.101,以下:
(3)域名配置
由於要搭建一個博客服務,因此這裏配置的域名爲blog.xpleaf.org,操做過程以下:
1.最小化配置文件
[root@leaf ~]# cd /application/nginx/conf/
[root@leaf conf]# wc -l nginx.conf
117 nginx.conf
[root@leaf conf]# wc -l nginx.conf.default
117 nginx.conf.default
[root@leaf conf]# egrep -v "#|^$" nginx.conf.default >nginx.conf
[root@leaf conf]# wc -l nginx.conf
22 nginx.conf
[root@leaf conf]# cat nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
2.修改配置文件
修改nginx.conf,而且增長配置文件extra/blog.conf,以下:
[root@leaf conf]# cat nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
include extra/blog.conf;
}
[root@leaf conf]# cat extra/blog.conf
server {
listen 80;
server_name blog.xpleaf.org;
location / {
root html/blog;
index index.html index.htm;
}
}
3.建立域名對應的站點目錄及文件
[root@leaf conf]# cd ../html/
[root@leaf html]# mkdir blog
[root@leaf html]# echo "This page is: blog.xpleaf.org">blog/index.html
[root@leaf html]# cat blog/index.html
This page is: blog.xpleaf.org
4.重啓Nginx服務
[root@leaf html]# /application/nginx/sbin/nginx -t
nginx: the configuration file /application/nginx-1.6.3//conf/nginx.conf syntax is ok
[root@leaf html]# /application/nginx/sbin/nginx -s reload # 平滑重啓
5.CentOS 6.5上進行測試
先修改/etc/hosts文件:
[root@leaf html]# echo "127.0.0.1 blog.xpleaf.org" >>/etc/hosts
[root@leaf html]# tail -1 /etc/hosts
127.0.0.1 blog.xpleaf.org
再使用命令測試:
[root@leaf html]# curl blog.xpleaf.org
This page is: blog.xpleaf.org
[root@leaf html]# wget blog.xpleaf.org
--2017-03-04 04:58:42-- http://blog.xpleaf.org/
正在解析主機 blog.xpleaf.org... 127.0.0.1
正在鏈接 blog.xpleaf.org|127.0.0.1|:80... 已鏈接。
已發出 HTTP 請求,正在等待迴應... 200 OK
長度:30 [text/html]
正在保存至: 「index.html.1」
100%[====================================>] 30 --.-K/s in 0s
2017-03-04 04:58:42 (2.14 MB/s) - 已保存 「index.html.1」 [30/30])
6.宿主機Windows 7上進行測試
一樣是先修改hosts文件,Windows 7的hosts文件在C:\Windows\System32\drivers\etc,一樣添加下面一行:
1
10.0.0.101 blog.xpleaf.org
使用瀏覽器訪問blog.xpleaf.org,以下:
3.LNMP環境搭建:MySQL安裝與基本安全優化
這裏採用二進制安裝的方式來安裝MySQL,安裝的版本爲:MySQL Server 5.5.54,能夠在https://dev.mysql.com/downloads/mysql/5.5.html#downloads中下載。
MySQL安裝完成後會作一些基本的安全優化。
(1)MySQL安裝
1.建立MySQL用戶的帳號
[root@leaf ~]# groupadd mysql
[root@leaf ~]# useradd -s /sbin/nologin -g mysql -M mysql
[root@leaf ~]# tail -1 /etc/passwd
mysql:x:501:501::/home/mysql:/sbin/nologin
2.下載MySQL
可使用wget來進行安裝,也能夠先下載到Windows 7上,而後使用SecureCRT,在CentOS上使用rz命令(須要使用yum install -y lrzsz命令安裝)上傳到咱們的CentOS上,其實無論哪種方式,只要有方式獲取到該安裝包就能夠了,下面使用的是wget獲取安裝包的方式:
[root@leaf tools]# wget
[root@leaf tools]# ls -l mysql-5.5.54-linux2.6-x86_64.tar.gz
-rw-r--r--. 1 root root 185911232 3月 3 13:34 mysql-5.5.54-linux2.6-x86_64.tar.gz
3.解壓並移到指定目錄
[root@leaf tools]# tar xf mysql-5.5.54-linux2.6-x86_64.tar.gz
[root@leaf tools]# mv mysql-5.5.54-linux2.6-x86_64 /application/mysql-5.5.54
[root@leaf tools]# ln -s /application/mysql-5.5.54/ /application/mysql
[root@leaf tools]# ls -l /application/
總用量 8
lrwxrwxrwx. 1 root root 26 3月 4 06:43 mysql -> /application/mysql-5.5.54/
drwxr-xr-x. 13 root root 4096 3月 4 06:42 mysql-5.5.54
lrwxrwxrwx. 1 root root 25 3月 4 04:28 nginx -> /application/nginx-1.6.3/
drwxr-xr-x. 11 root root 4096 3月 4 04:30 nginx-1.6.3
4.初始化MySQL配置文件
[root@leaf mysql]# cp support-files/my-small.cnf /etc/my.cnf
cp:是否覆蓋"/etc/my.cnf"? y
5.初始化MySQL數據庫文件
[root@leaf mysql]# mkdir -p /application/mysql/data/
[root@leaf mysql]# chown -R mysql.mysql /application/mysql
[root@leaf mysql]# yum install -y libaio # 安裝MySQL依賴函數庫,不然下面的初始化會失敗
[root@leaf mysql]# /application/mysql/scripts/mysql_install_db --basedir=/application/mysql --datadir=/application/mysql/data --user=mysql
......
# 輸出結果能夠看到兩個OK,即說明初始化成功
[root@leaf mysql]# echo $? # 或者經過該命令,輸出爲0,即說明上一個步驟的命令執行成功
0
# 上面以後能夠看到/application/mysql/data/目錄下生成的數據庫文件
6.配置並啓動MySQL數據庫
#(1)設置MySQL啓動腳本
[root@leaf mysql]# cp support-files/mysql.server /etc/init.d/mysqld
[root@leaf mysql]# chmod +x /etc/init.d/mysqld
[root@leaf mysql]# ls -l /etc/init.d/mysqld
-rwxr-xr-x. 1 root root 10875 3月 4 06:56 /etc/init.d/mysqld
#(2)替換啓動腳本中MySQL默認的安裝路徑/usr/local/mysql
[root@leaf mysql]# sed -i 's#/usr/local/mysql#/application/mysql#g' /application/mysql/bin/mysqld_safe /etc/init.d/mysqld
#(3)啓動MySQL數據庫
[root@leaf mysql]# /etc/init.d/mysqld start
Starting MySQL.Logging to '/application/mysql/data/leaf.err'.
... SUCCESS!
#(4)檢查MySQL數據庫是否啓動
[root@leaf mysql]# netstat -lntup | grep mysql
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 4400/mysqld
#(5)查看日誌
[root@leaf mysql]# tail -10 /application/mysql/data/leaf.err
InnoDB: Creating foreign key constraint system tables
InnoDB: Foreign key constraint system tables created
170304 7:00:28 InnoDB: Waiting for the background threads to start
170304 7:00:29 InnoDB: 5.5.54 started; log sequence number 0
170304 7:00:29 [Note] Server hostname (bind-address): '0.0.0.0'; port: 3306
170304 7:00:29 [Note] - '0.0.0.0' resolves to '0.0.0.0';
170304 7:00:29 [Note] Server socket created on IP: '0.0.0.0'.
170304 7:00:29 [Note] Event Scheduler: Loaded 0 events
170304 7:00:29 [Note] /application/mysql/bin/mysqld: ready for connections.
Version: '5.5.54' socket: '/tmp/mysql.sock' port: 3306 MySQL Community Server (GPL)
#(6)設置MySQL開機啓動
[root@leaf mysql]# chkconfig --add mysqld
[root@leaf mysql]# chkconfig mysqld on
[root@leaf mysql]# chkconfig --list mysqld
mysqld 0:關閉 1:關閉 2:啓用 3:啓用 4:啓用 5:啓用 6:關閉
#(7)配置mysql命令的全局使用路徑(注意這裏配置的是命令,前面配置的只是啓動腳本)
[root@leaf mysql]# echo 'export PATH=/application/mysql/bin:$PATH' >>/etc/profile
[root@leaf mysql]# source /etc/profile
[root@leaf mysql]# echo $PATH
/application/mysql/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
#(8)登錄MySQL測試
[root@leaf mysql]# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.5.54 MySQL Community Server (GPL)
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| test |
+--------------------+
4 rows in set (0.05 sec)
mysql> select user(); # 查看當前登錄的用戶
+----------------+
| user() |
+----------------+
| root@localhost |
+----------------+
1 row in set (0.00 sec)
mysql> select host, user from mysql.user;
+-----------+------+
| host | user |
+-----------+------+
| 127.0.0.1 | root |
| ::1 | root |
| leaf | |
| leaf | root |
| localhost | |
| localhost | root |
+-----------+------+
6 rows in set (0.00 sec)
mysql> quit
Bye
(2)MySQL基本安全優化
1.爲root用戶設置密碼
1
[root@leaf mysql]# mysqladmin -u root password '123456'
2.清理無用的MySQL用戶及數據庫
[root@leaf mysql]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.5.54 MySQL Community Server (GPL)
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> select user, host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| root | 127.0.0.1 |
| root | ::1 |
| | leaf |
| root | leaf |
| | localhost |
| root | localhost |
+------+-----------+
6 rows in set (0.00 sec)
mysql> drop user "root"@"::1";
Query OK, 0 rows affected (0.00 sec)
mysql> drop user ""@"leaf";
Query OK, 0 rows affected (0.00 sec)
mysql> drop user "root"@"leaf";
Query OK, 0 rows affected (0.01 sec)
mysql> drop user ""@"localhost";
Query OK, 0 rows affected (0.01 sec)
mysql> select user, host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| root | 127.0.0.1 |
| root | localhost |
+------+-----------+
2 rows in set (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
# 刪除無用的數據庫
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| test |
+--------------------+
4 rows in set (0.00 sec)
mysql> drop database test;
Query OK, 0 rows affected (0.01 sec)
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
3 rows in set (0.00 sec)
到此爲此,MySQL也安裝完成了!
4.LNMP環境搭建:PHP(FastCGI方式)安裝、配置與啓動
(1)安裝PHP依賴函數庫
1.安裝lib庫
須要安裝的lib庫以下:
zlib-devel libxml2-devel libjpeg-devel libjpeg-turbo-devel libiconv-devel
freetype-devel libpng-devel gd-devel libcurl-devel libxslt-devel
其中除了libiconv庫外,其餘均可以經過yum的方式進行安裝,安裝以下:
# 使用yum安裝除libiconv-devel以外的其它lib庫
[root@leaf mysql]# yum install -y zlib-devel libxml2-devel libjpeg-devel libjpeg-turbo-devel libiconv-devel freetype-devel libpng-devel gd-devel libcurl-devel libxslt-devel
# 編譯安裝libiconv-devel
[root@leaf tools]# wget
[root@leaf tools]# tar zxf libiconv-1.14.tar.gz
[root@leaf tools]# cd libiconv-1.14
[root@leaf libiconv-1.14]# ./configure --prefix=/usr/local/libiconv
[root@leaf libiconv-1.14]# make
[root@leaf libiconv-1.14]# make install
2.安裝libmcrypt庫
[root@leaf ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
[root@leaf ~]# yum install -y libmcrypt-devel
3.安裝mhash加密擴展庫
[root@leaf ~]# yum install -y mhash
4.安裝mcrypt加密擴展庫
[root@leaf ~]# yum install -y mcrypt
(2)安裝PHP
使用的PHP版本號爲5.3.27,以下:
1.下載PHP安裝包
[root@leaf tools]# wget http://cn2.php.net/get/php-5.3.27.tar.gz/from/this/mirror
[root@leaf tools]# mv mirror php-5.3.27.tar.gz
[root@leaf tools]# ls -l php-5.3.27.tar.gz
-rw-r--r--. 1 root root 15008639 1月 21 2015 php-5.3.27.tar.gz
2.解壓縮
[root@leaf tools]# tar zxf php-5.3.27.tar.gz
[root@leaf tools]# cd php-5.3.27
[root@leaf php-5.3.27]# pwd
/root/tools/php-5.3.27
3.配置PHP的安裝參數
配置項很是多,以下:
./configure \
--prefix=/application/php5.3.27 \
--with-mysql=/application/mysql \
--with-iconv-dir=/usr/local/libiconv \
--with-freetype-dir \
--with-jpeg-dir \
--with-png-dir \
--with-zlib \
--with-libxml-dir=/usr \
--enable-xml \
--disable-rpath \
--enable-safe-mode \
--enable-bcmath \
--enable-shmop \
--enable-sysvsem \
--enable-inline-optimization \
--with-curl \
--with-curlwrappers \
--enable-mbregex \
--enable-fpm \
--enable-mbstring \
--with-mcrypt \
--with-gd \
--enable-gd-native-ttf \
--with-openssl \
--with-mhash \
--enable-pcntl \
--enable-sockets \
--with-xmlrpc \
--enable-zip \
--enable-soap \
--enable-short-tags \
--enable-zend-multibyte \
--enable-static \
--with-xsl \
--with-fpm-user=nginx \
--with-fpm-group=nginx \
--enable-ftp
能夠將其直接複製到命令行進行配置,這樣就能夠減小出錯的機率:
[root@leaf php-5.3.27]# ./configure \
> --prefix=/application/php5.3.27 \
> --with-mysql=/application/mysql \
> --with-iconv-dir=/usr/local/libiconv \
> --with-freetype-dir \
> --with-jpeg-dir \
> --with-png-dir \
> --with-zlib \
> --with-libxml-dir=/usr \
> --enable-xml \
> --disable-rpath \
> --enable-safe-mode \
> --enable-bcmath \
> --enable-shmop \
> --enable-sysvsem \
> --enable-inline-optimization \
> --with-curl \
> --with-curlwrappers \
> --enable-mbregex \
> --enable-fpm \
> --enable-mbstring \
> --with-mcrypt \
> --with-gd \
> --enable-gd-native-ttf \
> --with-openssl \
> --with-mhash \
> --enable-pcntl \
> --enable-sockets \
> --with-xmlrpc \
> --enable-zip \
> --enable-soap \
> --enable-short-tags \
> --enable-zend-multibyte \
> --enable-static \
> --with-xsl \
> --with-fpm-user=nginx \
> --with-fpm-group=nginx \
> --enable-ftp
......
+--------------------------------------------------------------------+
| License: |
| This software is subject to the PHP License, available in this |
| distribution in the file LICENSE. By continuing this installation |
| process, you are bound by the terms of this license agreement. |
| If you do not agree with the terms of this license, you must abort |
| the installation process at this point. |
+--------------------------------------------------------------------+
Thank you for using PHP.
4.編譯PHP
[root@leaf php-5.3.27]# ln -s /application/mysql/lib/libmysqlclient.so.18
libmysqlclient.so.18 libmysqlclient.so.18.0.0
[root@leaf php-5.3.27]# ln -s /application/mysql/lib/libmysqlclient.so.18 /usr/lib64/
[root@leaf php-5.3.27]# touch ext/phar/phar.phar
[root@leaf php-5.3.27]# make
......
[root@leaf php-5.3.27]# echo $?
0
5.安裝PHP
[root@leaf php-5.3.27]# make install
/root/tools/php-5.3.27/build/shtool install -c ext/phar/phar.phar /application/php5.3.27/bin
ln -s -f /application/php5.3.27/bin/phar.phar /application/php5.3.27/bin/phar
Installing PDO headers: /application/php5.3.27/include/php/ext/pdo/
......
[root@leaf php-5.3.27]# echo $?
0
(3)配置與啓動PHP
1.設置PHP安裝目錄軟連接
[root@leaf php-5.3.27]# ln -s /application/php5.3.27/ /application/php
[root@leaf php-5.3.27]# ls -l /application/php
lrwxrwxrwx. 1 root root 23 3月 4 08:59 /application/php -> /application/php5.3.27/
2.拷貝PHP配置文件到PHP默認目錄
[root@leaf php-5.3.27]# cp php.ini-production /application/php/lib/php.ini
[root@leaf php-5.3.27]# ls -l /application/php/lib/php.ini
-rw-r--r--. 1 root root 69627 3月 4 09:00 /application/php/lib/php.ini
3.配置php-fpm.conf文件
[root@leaf php-5.3.27]# cd /application/php/etc/
[root@leaf etc]# ls
pear.conf php-fpm.conf.default
[root@leaf etc]# cp php-fpm.conf.default php-fpm.conf
4.啓動PHP服務php-fpm
[root@leaf etc]# /application/php/sbin/php-fpm
5.檢查啓動進程與偵聽端口號
[root@leaf etc]# ps -ef | grep php-fpm
root 129256 1 0 09:05 ? 00:00:00 php-fpm: master process (/application/php5.3.27/etc/php-fpm.conf)
nginx 129257 129256 0 09:05 ? 00:00:00 php-fpm: pool www
nginx 129258 129256 0 09:05 ? 00:00:00 php-fpm: pool www
root 129260 13743 0 09:06 pts/1 00:00:00 grep php-fpm
[root@leaf etc]# netstat -lntup | grep 9000
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 129256/php-fpm
至此,PHP也安裝完成了!LNMP的各個組件都安裝好了,下面就要對LNMP環境進行測試了。
5.LNMP環境測試
(1)配置Nginx支持PHP程序請求訪問
1.查看當前Nginx配置
[root@leaf etc]# cd /application/nginx/conf/
[root@leaf conf]# cat nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
include extra/blog.conf;
}
[root@leaf conf]# cat extra/blog.conf
server {
listen 80;
server_name blog.xpleaf.org;
location / {
root html/blog;
index index.html index.htm;
}
}
2.修改extra/blog.conf配置文件
[root@leaf conf]# cat extra/blog.conf
server {
listen 80;
server_name blog.xpleaf.org;
location / {
root html/blog;
index index.html index.htm;
}
location ~ .*\.(php|php5)?$ {
root html/blog;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
}
}
3.檢查並啓動Nginx
[root@leaf conf]# /application/nginx/sbin/nginx -t
nginx: the configuration file /application/nginx-1.6.3//conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.6.3//conf/nginx.conf test is successful
[root@leaf conf]# /application/nginx/sbin/nginx -s reload
(2)測試LNMP環境是否生效
1.配置域名站點目錄
[root@leaf conf]# cd /application/nginx/html/blog/
[root@leaf blog]# echo "<?php phpinfo(); ?>" >test_info.php
[root@leaf blog]# cat test_info.php
<?php phpinfo(); ?>
2.宿主機上在瀏覽器中輸入地址http://blog.xpleaf.org/test_info.php進行訪問
(3)測試PHP鏈接MySQL是否正常
1.編輯text_mysql.php
[root@leaf blog]# cat test_mysql.php
<?php
$link_id=mysql_connect('localhost', 'root', '123456');
if($link_id){
echo "mysql succesful by xpleaf !";
}else{
echo mysql_error();
}
?>
2.宿主機上在瀏覽器中輸入地址http://blog.xpleaf.org/test_mysql.php進行訪問
至此,LNMP環境搭建與測試完成了,下面就能夠開始部署WordPress了!
6.部署WordPress
(1)MySQL數據庫準備
1.登錄mysql
[root@leaf blog]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 5
Server version: 5.5.54 MySQL Community Server (GPL)
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
2.建立數據庫wordpress
mysql> create database wordpress;
Query OK, 1 row affected (0.32 sec)
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| wordpress |
+--------------------+
4 rows in set (0.00 sec)
3.建立wordpress blog管理用戶
mysql> grant all on wordpress.* to wordpress@'localhost' identified by '123456';
Query OK, 0 rows affected (0.08 sec)
mysql> show grants for wordpress@'localhost';
+------------------------------------------------------------------------------------------------------------------+
| Grants for wordpress@localhost |
+------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'wordpress'@'localhost' IDENTIFIED BY PASSWORD '*6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9' |
| GRANT ALL PRIVILEGES ON `wordpress`.* TO 'wordpress'@'localhost' |
+------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
4.刷新MySQL用戶權限
mysql> flush privileges;
Query OK, 0 rows affected (0.31 sec)
5.檢查MySQL登陸用戶
mysql> select user,host from mysql.user;
+-----------+-----------+
| user | host |
+-----------+-----------+
| root | 127.0.0.1 |
| root | localhost |
| wordpress | localhost |
+-----------+-----------+
3 rows in set (0.00 sec)
(2)Nginx配置準備
1.修改blog.conf配置文件
[root@leaf conf]# cat extra/blog.conf
server {
listen 80;
server_name blog.xpleaf.org;
location / {
root html/blog;
index index.php index.html index.htm;
}
location ~ .*\.(php|php5)?$ {
root html/blog;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
}
}
# 相比前面的配置文件,只是在/下添加了index.php
# 不過須要注意的是,index.php必定要放在index關鍵字以後,
# 這樣訪問blog.xpleaf.org時,纔會打開咱們的WordPress頁面
2.重啓Nginx服務
[root@leaf conf]# /application/nginx/sbin/nginx -s reload
(3)配置WordPress
1.獲取WordPress安裝包
[root@leaf tools]# wget
[root@leaf tools]# ls -lh wordpress-4.7.2-zh_CN.tar.gz
-rw-r--r--. 1 root root 8.1M 1月 28 08:53 wordpress-4.7.2-zh_CN.tar.gz
2.解壓縮與配置站點目錄
[root@leaf tools]# cp wordpress-4.7.2-zh_CN.tar.gz /application/nginx/html/blog/
[root@leaf tools]# cd /application/nginx/html/blog/
[root@leaf blog]# tar zxf wordpress-4.7.2-zh_CN.tar.gz
[root@leaf blog]# ls
index.html test_mysql.php wordpress-4.7.2-zh_CN.tar.gz
test_info.php wordpress
[root@leaf blog]# rm -rf test_* wordpress-4.7.2-zh_CN.tar.gz # 刪除無用的文件
[root@leaf blog]# ls
index.html wordpress
[root@leaf blog]# mv wordpress/* ./ # 將wordpress程序移到當前blog目錄下
[root@leaf blog]# ls
index.html wp-admin wp-includes wp-signup.php
index.php wp-blog-header.php wp-links-opml.php wp-trackback.php
license.txt wp-comments-post.php wp-load.php xmlrpc.php
readme.html wp-config-sample.php wp-login.php
wordpress wp-content wp-mail.php
wp-activate.php wp-cron.php wp-settings.php
[root@leaf blog]# ls -l
總用量 196
-rw-r--r--. 1 root root 30 3月 4 04:54 index.html
-rw-r--r--. 1 nobody 65534 418 9月 25 2013 index.php
-rw-r--r--. 1 nobody 65534 19935 1月 3 02:51 license.txt
-rw-r--r--. 1 nobody 65534 6956 1月 28 08:53 readme.html
drwxr-xr-x. 2 nobody 65534 4096 3月 4 09:50 wordpress
......
3.對blog下全部文件授予nginx用戶和組的權限
[root@leaf blog]# chown -R nginx.nginx ../blog/
[root@leaf blog]# ls -l
總用量 196
-rw-r--r--. 1 nginx nginx 30 3月 4 04:54 index.html
-rw-r--r--. 1 nginx nginx 418 9月 25 2013 index.php
-rw-r--r--. 1 nginx nginx 19935 1月 3 02:51 license.txt
-rw-r--r--. 1 nginx nginx 6956 1月 28 08:53 readme.html
drwxr-xr-x. 2 nginx nginx 4096 3月 4 09:50 wordpress
......
(4)安裝WordPress
在宿主機瀏覽器上輸入地址:http://blog.xpleaf.org,以下:
接下來的安裝都是很是人性化的,點擊「如今就開始」,出現下面的頁面:
填好信息後,點擊「提交」,以下:
點擊「進行安裝」,接下來就會讓咱們填寫一些信息,以下:
點擊「安裝WordPress」,以後就會顯示以下頁面:
顯示上面的頁面,就說明咱們的WordPress安裝成功了!接下來就能夠好好管理本身的我的WordPress博客站點了!
7.下一步要作什麼
能夠在雲主機上,如騰訊雲或者阿里雲上搭建LNMP環境,再部署一個WordPress博客程序,爲了達到域名訪問的效果,能夠購買一個域名,而後本身搭建DNS服務器,這會是很是不錯的體驗!
接下來就能夠考慮對LNMP進行優化了。
Nginx功能很是強大,僅僅是經過主配置文件nginx.conf的使用就能夠體現出來,爲了方便學習和查漏,將其主配置文件的完整內容列出來,並加上我的的一些理解以做爲筆記,從而去加深記憶。
1.Nginx主配置文件與說明
以下:
#user nobody;
# ====================================Main區==================================== #
# Main區爲Nginx核心功能模塊
worker_processes 1; # worker進程的數量
#error_log logs/error.log; # Nginx錯誤日誌配
#error_log logs/error.log notice; # notice, info爲錯誤日誌級別
#error_log logs/error.log info; # 通常使用warn|error|crit這三個級別
#pid logs/nginx.pid;
# ====================================Main區==================================== #
# ====================================events區==================================== #
# events區爲Nginx核心功能模塊
events {
worker_connections 1024; # 每一個worker進程支持的最大鏈接數
}
# ====================================events區==================================== #
# ====================================HTTP區==================================== #
# http區爲Nginx核心功能模塊
http {
include mime.types; # Nginx支持的媒體類型庫文件
default_type application/octet-stream; # 默認的媒體類型
# =========訪問日誌配置======== #
# 開始這三行爲日誌格式
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
# 這一行爲記錄日誌的參數,第一個參數爲關鍵字參數,第二個爲日誌目錄,第三個爲使用的日誌格式
#access_log logs/access.log main;
# =========訪問日誌配置======== #
sendfile on; # 開啓高效傳輸模式
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65; # 鏈接超時時間
#gzip on;
server { # server區塊,表示一個獨立的虛擬主機站點
listen 80; # 提供服務的端口
server_name localhost; # 提供服務的域名主機名
#charset koi8-r;
#access_log logs/host.access.log main;
location / { # location區塊
root html; # 站點的根目錄,至關於Nginx的安裝目錄
index index.html index.htm; # 默認的首頁文件,多個用空格分開
}
# [擴展功能1:實現Nginx status] #
##status
server{
listen 80;
server_name status.etiantian.org;
location / {
stub_status on;
access_log off;
}
}
# [擴展功能1:實現Nginx status] #
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html; # 出現對應的http狀態碼時,使用50x.html迴應客戶
location = /50x.html { # location區塊,訪問50x.html
root html; # 指定對應的站點目錄爲html
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
# ====================================HTTP區==================================== #
vim /usr/local/nginx/conf/nginx.conf 文件下:
worker_processes 1;
worker_rlimit_nofile 100000;
events {
worker_connections 2048;
multi_accept on;
use epoll;
}
http {
server_tokens off;
sendfile on;
tcp_nopush on;
tcp_nodelay on; (提高速類)
access_log off;
error_log error.log crit;
keepalive_timeout 10; (若是客戶打開該網頁,長時間沒請求,佔着不用。服務端能夠設置多長時間,斷掉該客戶端鏈接)
client_header_timeout 10;
client_body_timeout 10;
reset_timedout_connection on;
send_timeout 10;
include mime.types;
default_type text/html;
charset UTF-8;
gzip on; (壓縮頁面中 大於1000字節 壓縮格式類型)([root@proxe conf]# vim /usr/local/nginx/conf/mime.types, application/msword doc;)
gzip_disable "msie6";
gzip_proxied any;
gzip_min_length 1000;
gzip_comp_level 6;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss
text/javascript;
client_header_buffer_size 1k;(當頭部信息比較大,報414錯時 加上這條和下面這條 )
large_client_header_buffers 4 4k;
open_file_cache max=100000 inactive=20s;
open_file_cache_valid 60s;
open_file_cache_min_uses 2;
open_file_cache_errors off;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
worker_processes 1; (cpu核心數量一致)
linux最大打開文件數量1024
worker_connections 65556;
ulimit -a (系統默認值)
...
open files 1024
++++++++++++
優化案例:
+++++++++++++
———————————————————————————————————————————
作併發鏈接數
1.[root@proxe conf]# vim /usr/local/nginx/conf/nginx.conf
events {
worker_connections 10000;
}
[root@proxe conf]# nginx -s reload
2.vim /etc/security/limits.conf (最下面有模板)
* soft nofile 100000
* hard nofile 100000
3.
ulimit -a
ulimit -Hn 100000
ulimit -Sn 100000
ulimit -a
[root@proxe conf]# ab -c 5000 -n 5000 http://192.168.4.5/ (OK)
壓力測試:ab (yum中下一個httpd-tools)
[root@proxe conf]# ab -c 50 -n 5000 http://192.168.4.5/
——————————————————————————————————
安全設置 (屏蔽nginx版本號)
[root@proxe conf]# curl -I 192.168.4.5
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.8.0
Date: Thu, 16 Feb 2017 13:36:21 GMT
Content-Type: text/html
Content-Length: 160
Connection: keep-alive
Location: http://www.b.com/b.html
[root@proxe conf]# vim /usr/local/nginx/conf/nginx.conf
http {
server_tokens off; (加這個屏蔽版本號)
include mime.types;
default_type application/octet-stream;
[root@proxe conf]# nginx -s reload
[root@proxe conf]# curl -I 192.168.4.5
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 16 Feb 2017 13:36:42 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: http://www.b.com/b.html
———————————————————————————————————————————————————————————
解決客戶機訪問頭部信息過長的問題。
當訪問時輸入的地址頭部信息過長時報414錯誤時,查看buffer,默認時爲1,改爲下面這兩行就行。如果發現原本buffers就設置爲4 4k時,
不用再改了,多是別人惡意攻擊,最大 不要改到4 8k)
client_header_buffer_size 1k;(當頭部信息比較大,報414錯時 加上這條和下面這條 )
large_client_header_buffers 4 4k;
————————————————————————————————————————————————————————————
在客戶機上作緩存
在服務器中設置格式爲pdf|jpg|mp3|png的文件,使打開該格式頁面文件的客戶機瀏覽器中緩存30天(通常只作靜態緩存)
[root@proxe ~]# vim /usr/local/nginx/conf/nginx.conf
location ~ \.(pdf|jpg|mp3|png) ${
expires 30d;
}
[root@proxe ~]# cp knowledge\ point2.12.1.pdf /usr/local/nginx/html/a.pdf
[root@proxe ~]# nginx -s reload
[root@host ~]# firefox http://192.168.4.5/a.pdf
在打開的瀏覽器(firefox)地址欄中:輸入 about:cache 能夠看到剛打開的頁面 找到它能夠看到從哪天保存到哪天。(作實驗時先把瀏覽器緩存清空)
——————————————————————————————————
防止盜鏈
Referer:告訴服務器,從哪裏來
訪問新浪:能夠直接訪問新浪,也可從百度中連接過去,但referer不同。
------>sina
baidu ----->sina
referer:www.baidu.com
referer:www.sina.com
www.youku.com www.letv.com
www.bird.org :全部資源(作連接),搜索功能 目的是擴大本身網站的影響和點擊,讓別人知道本身域名。
防止盜鏈
vaild_referers (有效的 容許連接)
if 拒絕的
實驗操做:
location ~*\. (pdf|jpg|mp3|png|flv) ${
vaild_referers none blocked www.tarena.com;
if($invalid_referer){
rewrite ^/ http:www.a.com/a.html
}
}
————————————————————————————————————————————————————————
使用Nginx能夠配置基於域名的虛擬主機、基於端口的虛擬主機和基於端口的虛擬主機,比較經常使用的是基於域名的虛擬主機,這裏要作的配置是基於域名的虛擬主機,而且是配置多個基於域名的虛擬主機。
2.配置一個基於域名的虛擬主機與測試
先啓動Nginx,驗證服務是否正常:
[root@leaf ~]# /application/nginx/sbin/nginx
[root@leaf ~]# netstat -lnp | grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 6881/nginx
unix 2 [ ACC ] STREAM LISTENING 9180 1/init @/com/ubuntu/upstart
[root@leaf ~]# curl localhost
<h1>Hello, I'm xpleaf.</h1>
[root@leaf ~]# LANG=en
[root@leaf ~]# wget localhost
--2017-02-24 13:33:43-- http://localhost/
Resolving localhost... ::1, 127.0.0.1
Connecting to localhost|::1|:80... failed: Connection refused.
Connecting to localhost|127.0.0.1|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 28 [text/html]
Saving to: `index.html.1'
100%[======================================>] 28 --.-K/s in 0s
2017-02-24 13:33:43 (1.87 MB/s) - `index.html.1' saved [28/28]
從上面的輸出能夠看到,此時Nginx是能夠正常運行和提供服務的。
(1)實驗準備:最小化Nginx的主配置文件nginx.conf
Nginx的配置文件在安裝目錄下的conf目錄中:
[root@leaf ~]# tree /application/nginx
/application/nginx
|-- client_body_temp
|-- conf
| |-- fastcgi.conf
| |-- fastcgi.conf.default
| |-- fastcgi_params
| |-- fastcgi_params.default
| |-- koi-utf
| |-- koi-win
| |-- mime.types
| |-- mime.types.default
| |-- nginx.conf
| |-- nginx.conf.default
| |-- scgi_params
| |-- scgi_params.default
| |-- uwsgi_params
| |-- uwsgi_params.default
| `-- win-utf
|-- fastcgi_temp
|-- html
| |-- 50x.html
| |-- index.html
| `-- index.html.source
|-- logs
| |-- access.log
| |-- error.log
| `-- nginx.pid
|-- proxy_temp
|-- sbin
| `-- nginx
|-- scgi_temp
`-- uwsgi_temp
nginx.conf即是主配置文件,nginx.conf.default則是它的備份,該配置文件有數百行:
1
2
[root@leaf conf]# wc -l nginx.conf
117 nginx.conf
爲了學習的方便,能夠考慮將其註釋內容去掉:
[root@leaf conf]# egrep -v "#|^$" nginx.conf.default >nginx.conf
[root@leaf conf]# cat nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
[root@leaf conf]# wc -l nginx.conf
22 nginx.conf
去掉了註釋和空白行後只有22行,就很方便咱們待會作實驗時進行配置了。
(2)修改配置文件
假設咱們的Nginx爲站點www.xpleaf.cn服務,則能夠將主配置文件修改成以下:
[root@leaf conf]# cat nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name www.xpleaf.com;
location / {
root html/www;
index index.html index.htm;
}
}
}
主要是修改了第12行和第14行,其中第14行說明該站點的根目錄的html文件在html/www/目錄中。
(3)建立域名對應的站點目錄及文件
[root@leaf nginx]# cd html/
[root@leaf html]# mkdir www
[root@leaf html]# echo "This page is: www.xpleaf.cn">www/index.html
[root@leaf html]# cat www/index.html
This page is: www.xpleaf.cn
(4)從新啓動Nginx服務
[root@leaf html]# /application/nginx/sbin/nginx -t # 檢查Nginx配置語法
nginx: the configuration file /application/nginx-1.6.3//conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.6.3//conf/nginx.conf test is successful
[root@leaf html]# /application/nginx/sbin/nginx -s reload # 優雅重啓Nginx
(5)在CentOS 6.5上進行測試
由於上面咱們設置的域名www.xpleaf.cn實際是可能不存在,但爲了達到測試的目的,即當訪問www.xpleaf.cn時,可以解析到咱們CentOS上的IP地址,從而能夠訪問其上面的Nginx服務,達到訪問Nginx虛擬主機的目的,因此在CentOS上進行測試時,咱們須要修改/etc/hosts文件,讓www.xpleaf.cn解析爲CentOS的IP地址:
[root@leaf html]# echo "127.0.0.1 www.xpleaf.cn" >>/etc/hosts
[root@leaf html]# tail -1 /etc/hosts
127.0.0.1 www.xpleaf.cn
此時,在CentOS上使用curl命令和wget命令來訪問www.xpleaf.cn,查看測試結果:
[root@leaf html]# curl www.xpleaf.cn
This page is: www.xpleaf.cn
[root@leaf html]# wget www.xpleaf.cn
--2017-02-24 13:58:29-- http://www.xpleaf.cn/
Resolving www.xpleaf.cn... 127.0.0.1
Connecting to www.xpleaf.cn|127.0.0.1|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 28 [text/html]
Saving to: `index.html.1'
100%[======================================>] 28 --.-K/s in 0s
2017-02-24 13:58:29 (2.24 MB/s) - `index.html.1' saved [28/28]
從輸出結果能夠知道,此時Nginx成功地爲域名爲www.xpleaf.cn的虛擬主機提供了服務。
(6)在Windows 7主機上進行測試
爲了達到前面說的目的,在Windows操做系統上一樣須要修改hosts文件,Windows 7的hosts文件在C:\Windows\System32\drivers\etc,一樣添加下面一行:
1
10.0.0.101 www.xpleaf.cn
這時在瀏覽器中輸入地址www.xpleaf.cn,查看返回的結果:
wKiom1ixs6jzW6yTAAAjHHKgIE8656.png
能夠看到,能夠正常訪問。
3.配置多個基於域名的虛擬主機與測試
上面的實驗中只有一個站點www.xpleaf.cn,假如還有兩個站點bbs.xpleaf.cn和log.xpleaf.cn,
一樣須要Nginx來提供服務,這時就須要配置多個基於域名的虛擬主機了,不過有了上面的基礎後,下面
的操做就會容易不少,由於思路都是同樣的。
(1)修改主配置文件nginx.conf
在前面的基礎上,修改成以下:
[root@leaf conf]# cat nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name www.xpleaf.com;
location / {
root html/www;
index index.html index.htm;
}
}
server {
listen 80;
server_name bbs.xpleaf.com;
location / {
root html/bbs;
index index.html index.htm;
}
}
server {
listen 80;
server_name blog.xpleaf.com;
location / {
root html/blog;
index index.html index.htm;
}
}
}
(2)建立域名對應的站點目錄及文件
[root@leaf html]# mkdir bbs
[root@leaf html]# echo "This page is: bbs.xpleaf.cn" >bbs/index.html
[root@leaf html]# mkdir blog
[root@leaf html]# echo "This page is: blog.xpleaf.cn" >blog/index.html
[root@leaf html]# cat bbs/index.html blog/index.html
This page is: bbs.xpleaf.cn
This page is: blog.xpleaf.cn
(3)從新啓動Nginx服務
[root@leaf html]# /application/nginx/sbin/nginx -t # 檢查Nginx配置語法
nginx: the configuration file /application/nginx-1.6.3//conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.6.3//conf/nginx.conf test is successful
[root@leaf html]# /application/nginx/sbin/nginx -s reload # 優雅重啓Nginx
(4)在CentOS 6.5上進行測試
在原來基礎上,修改/etc/hosts文件,在127.0.0.1地址後添加bbs.xpleaf.cn和blog.xpleaf.cn兩個域名:
[root@leaf html]# tail -1 /etc/hosts
127.0.0.1 www.xpleaf.cn bbs.xpleaf.cn blog.xpleaf.cn
使用curl命令和wget命令進行測試:
[root@leaf html]# curl bbs.xpleaf.cn
This page is: www.xpleaf.cn
[root@leaf html]# curl blog.xpleaf.cn
This page is: www.xpleaf.cn
[root@leaf html]# wget bbs.xpleaf.cn
--2017-02-24 14:19:54-- http://bbs.xpleaf.cn/
Resolving bbs.xpleaf.cn... 127.0.0.1
Connecting to bbs.xpleaf.cn|127.0.0.1|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 28 [text/html]
Saving to: `index.html.2'
100%[======================================>] 28 --.-K/s in 0s
2017-02-24 14:19:54 (2.37 MB/s) - `index.html.2' saved [28/28]
[root@leaf html]# wget blog.xpleaf.cn
--2017-02-24 14:20:00-- http://blog.xpleaf.cn/
Resolving blog.xpleaf.cn... 127.0.0.1
Connecting to blog.xpleaf.cn|127.0.0.1|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 28 [text/html]
Saving to: `index.html.3'
100%[======================================>] 28 --.-K/s in 0s
2017-02-24 14:20:00 (2.24 MB/s) - `index.html.3' saved [28/28]
從上面結果能夠知道,Nginx爲各個虛擬主機正常提供服務。
(5)在Windows 7主機上進行測試
在原來基礎上,修改hosts文件,以下:
1
10.0.0.101 www.xpleaf.cn bbs.xpleaf.cn blog.xpleaf.cn
在瀏覽器上分別訪問各個域名,查看其返回結果:
訪問www.xpleaf.cn:
訪問bbs.xpleaf.cn:
訪問blog.xpleaf.cn:
能夠看到訪問每一個域名都返回了期待的頁面,說明測試成功!
6.進階:Nginx虛擬主機的別名配置
因此虛擬主機別名,就是爲虛擬主機設置除了主域名之外的一個或多個域名名字,這樣就能實現用戶訪問的多個域名對應同一個虛擬主機網站的功能。
以www.xpleaf.cn爲例,但願添加一個別名xpleaf.cn,這樣當訪問xpleaf.cn時,和訪問www.xpleaf.cn獲得的結果是同樣的。
其實配置的思路很是簡單,只須要在上面nginx.conf配置文件中www.xpleaf.cn的server域中再添加一個xpleaf.cn的域名就能夠了,以下:
server {
listen 80;
server_name www.xpleaf.com xpleaf.cn;
location / {
root html/www;
index index.html index.htm;
}
}
測試的話依然按照前面的方法進行,即先檢查Nginx配置文件、平滑重啓Nginx服務、配置hosts文件,最後經過命令行或瀏覽器的方式進行驗證,由於跟前面是同樣的,因此這裏就不展開了。
5.下一步要作什麼
能夠考慮配置與測試基於端口的虛擬主機和基於IP地址的虛擬主機,其實只要把上面的弄清楚了,再作這些配置就會容易不少了。
grep -v "#" nginx.conf
user nobody;
worker_processes 8;
error_log /data/log/nginx/error.log notice;
pid logs/nginx.pid;
events {
worker_connections 20000;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user $upstream_response_time $request_time [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /data/log/nginx/access.log main;
limit_req_zone $binary_remote_addr zone=allips:10m rate=10r/m;
gzip on;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
chunked_transfer_encoding off;
server_tokens off;
upstream bbnews{
server 106.51.33.116:9091;
keepalive 60;
}
upstream xinhuasite{
server 106.51.33.124:80;
keepalive 60;
}
upstream bbimg2{
server 106.51.33.117:80;
server 106.51.33.120:80;
}
server {
listen 80;
location /M00{
alias /data/fastdfs_storaged;
ngx_fastdfs_module;
}
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
}
location /server_status{
stub_status on;
access_log off;
allow 18.168.21.118;
allow 127.0.0.1;
deny all;
}
}
server {
listen 80;
server_name bimg.haoren.com bimg4.haoren.com;
set $root_path /usr/local/nginx/html/webxinhua_static/public;
index index.html;
root $root_path;
location /M00{
alias /data/fastdfs_storaged;
ngx_fastdfs_module;
}
location /assets{
add_header "Access-Control-Allow-Origin" "bb.haoren.com,xinhua.haoren.com,bbimg.haoren.com";
add_header "Access-Control-Allow-Credentials" "true";
}
gzip_disable "MSIE [1-6].";
gzip_types text/plain application/x-javascript text/css text/javascript image/jpeg image/gif image/png video/mp4;
}
server {
listen 80;
server_name imgcheck.ztsafe.com;
set $root_path /data/img;
index index.html;
root $root_path;
location /M00{
alias /data/fastdfs_storaged;
ngx_fastdfs_module;
}
location /assets{
add_header "Access-Control-Allow-Origin" "bb.haoren.com,xinhua.haoren.com,bbimg.haoren.com";
add_header "Access-Control-Allow-Credentials" "true";
}
gzip_disable "MSIE [1-6].";
gzip_types text/plain application/x-javascript text/css text/javascript image/jpeg image/gif image/png video/mp4;
}
server {
listen 80;
server_name bimg2.haoren.com;
index index.html index.php;
location /{
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header NetType-WT 1;
proxy_pass http://bimg2;
}
}
server {
listen 80;
listen 443 ssl;
server_name xinhua.haoren.com bb.haoren.com 2b.haoren.com b.haoren.com bian.tv www.xinhua.tv 10.51.103.11;
set $root_path /usr/local/nginx/html/webxinhua_deploy/public;
ssl_certificate /usr/local/nginx/conf/ssl/dbz.haoren.com.cn_bundle.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/dbz.haoren.com.cn.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_session_timeout 5m;
if ( $http_user_agent ~ "(MIDP)|(WAP)|(UP.Browser)|(Smartphone)|(Obigo)|(Mobile)|(AU.Browser)|(wxd.Mms)|(WxdB.Browser)|(CLDC)|(UP.Link)|(KM.Browser)|(UCWEB)|(SEMC\-Browser)|(Mini)|(Symbian)|(Palm)|(Nokia)|(Panasonic)|(MOT\-)|(SonyEricsson)|(NEC\-)|(Alcatel)|(Ericsson)|(BENQ)|(BenQ)|(Amoisonic)|(Amoi\-)|(Capitel)|(PHILIPS)|(SAMSUNG)|(Lenovo)|(Mitsu)|(Motorola)|(SHARP)|(WAPPER)|(LG\-)|(LG/)|(EG900)|(CECT)|(Compal)|(kejian)|(Bird)|(BIRD)|(G900/V1.0)|(Arima)|(CTL)|(TDG)|(Daxian)|(DAXIAN)|(DBTEL)|(Eastcom)|(EASTCOM)|(PANTECH)|(Dopod)|(Haier)|(HAIER)|(KONKA)|(KEJIAN)|(LENOVO)|(Soutec)|(SOUTEC)|(SAGEM)|(SEC\-)|(SED\-)|(EMOL\-)|(INNO55)|(ZTE)|(iPhone)|(Android)|(Windows CE)|(Wget)|(Java)|(curl)|(Opera)" )
{
}
index index.html index.php;
root $root_path;
location ~* ^/login$ {
return 404;
}
location ~* ^/login/xinhua$ {
limit_req zone=allips;
try_files $uri $uri/ @rewrite;
}
location ~* ^/backend {
deny 11.130.19.9;
deny 14.141.19.95;
allow 106.51.33.156;
allow 18.168.21.18;
allow 18.168.12.45;
allow 18.168.12.17;
try_files $uri $uri/ @rewrite;
}
location /news/{
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://bbnews;
}
location /html/{
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://xinhuasite;
}
location ^~/gamehall/{
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://xinhuasite;
}
try_files $uri $uri/ @rewrite;
location @rewrite {
rewrite ^/(.*)$ /index.php?_url=/$1;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param REQUEST_URI $uri?$args;
include fastcgi_params;
}
}
}
- 1. lnmp環境搭建配置
- 2. LNMP環境搭建與配置(一)
- 3. nginx+windows搭建域名訪問環境
- 4. LNMP-fastcgi配置-PHP環境搭建
- 5. 搭建LNMP之-Nginx安裝
- 6. Win7環境下Python3安裝以及Django配置搭建測試
- 7. 用Jenkins自動化搭建測試環境---Jenkins安裝配置
- 8. Linux-Ubuntu環境安裝Nginx和配置二級域名跳轉
- 9. 源碼包安裝LNMP環境搭建
- 10. lnmp環境搭建(源碼安裝)
- 更多相關文章...
- • Swift 環境搭建 - Swift 教程
- • Rust 環境搭建 - RUST 教程
- • Composer 安裝與使用
- • IntelliJ IDEA安裝代碼格式化插件
-
每一个你不满意的现在,都有一个你没有努力的曾经。