CentOS 7配置+xcache, php module

CentOS7,apm+xcache,php module;

a) 一个虚拟主机提供phpMyAdmin,另一个虚拟主机提供wordpress;

b) 为phpMyAdmim提供https服务;

selinux处于关闭状态

httpd2.4

mariadb5.5

php5.4

安装:php-mysql phpmariadb-server httpd

yum-yinstallphp-mysqlphpmariadb-serverhttpd


配置安装PHP组件

yuminstallphp-mysqlphp-gdlibjpeg*php-ldapphp-odbc

安装https相关模块

mod_ssl

配置httpd虚拟主机

vim/etc/httpd/conf.d/FQDN.conf

<VirtualHost*:80>
ServerNamewww.phpmyadmin.com
DocumentRoot/httpd/vhosts/phpmyadmin
<Directory"/httpd/vhosts/phpmyadmin">
OptionsNone
AllowOverrideNone
Requireallgranted
</Directory>
ErrorLog/var/log/httpd/phpmyadmin/error.log
CustomLog/var/log/httpd/phpmyadmin/access.logcombined
</VirtualHost>

<VirtualHost*:80>
ServerNamewww.wordpress.com
DocumentRoot/httpd/vhosts/wordpress
<Directory"/httpd/vhosts/wordpress">
OptionsNone
AllowOverrideNone
Requireallgranted
</Directory>
ErrorLog/var/log/httpd/wordpress/error.log
CustomLog/var/log/httpd/wordpress/access.logcombined
</VirtualHost>

创建日志文件夹

[root@localhost~]#mkdir/var/log/httpd/wordpress
[root@localhost~]#mkdir/var/log/httpd/phpmyadmin

创建根文件夹

[root@localhost~]#mkdir-p/httpd/vhosts/wordpress
[root@localhost~]#mkdir-p/httpd/vhosts/phpMyAdmin

检查httpd语法,启动服务,设置开机自动启动服务

[root@localhost~]#httpd-t
SyntaxOK
[root@localhost~]#systemctlstarthttpd
[root@localhost~]#systemctlenablehttpd

启动mariadb,并设置为开启

[root@localhost~]#systemctlstartmariadb.service
[root@localhost~]#systemctlenablemariadb.service

运行mariadb的安全配置

[root@localhostconf.d]#mysql_secure_installation
/usr/bin/mysql_secure_installation:line379:find_mysql_client:commandnotfound

NOTE:RUNNINGALLPARTSOFTHISSCRIPTISRECOMMENDEDFORALLMariaDB
SERVERSINPRODUCTIONUSE!PLEASEREADEACHSTEPCAREFULLY!

InordertologintoMariaDBtosecureit,we'llneedthecurrent
passwordfortherootuser.Ifyou'vejustinstalledMariaDB,and
youhaven'tsettherootpasswordyet,thepasswordwillbeblank,
soyoushouldjustpressenterhere.

Entercurrentpasswordforroot(enterfornone):(回车)
OK,successfullyusedpassword,movingon...

SettingtherootpasswordensuresthatnobodycanlogintotheMariaDB
rootuserwithouttheproperauthorisation.

Setrootpassword?[Y/n]Y
Newpassword:
Re-enternewpassword:
Passwordupdatedsuccessfully!
Reloadingprivilegetables..
...Success!


Bydefault,aMariaDBinstallationhasananonymoususer,allowinganyone
tologintoMariaDBwithouthavingtohaveauseraccountcreatedfor
them.Thisisintendedonlyfortesting,andtomaketheinstallation
goabitsmoother.Youshouldremovethembeforemovingintoa
productionenvironment.

Removeanonymoususers?[Y/n]y
...Success!

Normally,rootshouldonlybeallowedtoconnectfrom'localhost'.This
ensuresthatsomeonecannotguessattherootpasswordfromthenetwork.

Disallowrootloginremotely?[Y/n]y
...Success!

Bydefault,MariaDBcomeswithadatabasenamed'test'thatanyonecan
access.Thisisalsointendedonlyfortesting,andshouldberemoved
beforemovingintoaproductionenvironment.

Removetestdatabaseandaccesstoit?[Y/n]y
-Droppingtestdatabase...
...Success!
-Removingprivilegesontestdatabase...
...Success!

Reloadingtheprivilegetableswillensurethatallchangesmadesofar
willtakeeffectimmediately.

Reloadprivilegetablesnow?[Y/n]y
...Success!

Cleaningup...

Alldone!Ifyou'vecompletedalloftheabovesteps,yourMariaDB
installationshouldnowbesecure.

ThanksforusingMariaDB!

编辑mariadb的配置文件,在[mysqld]中添加配置

[root@localhost~]#vim/etc/my.cnf

innodb_file_per_table=ON
skip_name_resolve=ON

进入mariadb数据库

[root@localhost~]#mysql-uroot-p
Enterpassword:
WelcometotheMariaDBmonitor.Commandsendwith;or\g.
YourMariaDBconnectionidis10
Serverversion:5.5.47-MariaDBMariaDBServer

Copyright(c)2000,2015,Oracle,MariaDBCorporationAbandothers.

Type'help;'or'\h'forhelp.Type'\c'toclearthecurrentinputstatement.

MariaDB[(none)]>

创建wordpress用数据库

MariaDB[(none)]>grantallonwpdb.*to'wpuser@192.168.%.%'identifiedby'password'
->;
QueryOK,0rowsaffected(0.00sec)

更新权限后退出

MariaDB[(none)]>flushprivileges
->;
QueryOK,0rowsaffected(0.00sec)

MariaDB[(none)]>quit
Bye

安装WordPress

[root@localhostwordpress]#yum-yinstallwordpress

将配置文件移动至/httpd/vhost/wordpress文件夹下

[root@localhostwordpress]#mv/usr/share/wordpress/httpd/vhosts/wordpress/

配置相应wordpress配置文件

[root@localhostwordpress]#vimwp-config.php
//**MySQLsettings-Youcangetthisinfofromyourwebhost**//
/**ThenameofthedatabaseforWordPress*/
define('DB_NAME','wpdb');

/**MySQLdatabaseusername*/
define('DB_USER','wpuser');

/**MySQLdatabasepassword*/
define('DB_PASSWORD','password');

/**MySQLhostname*/
define('DB_HOST','192.168.1.10');

输入www.wordpress.com后进入主页

wKioL1eLJ3-A98phAAFn8gusYSg830.png


安装phpMyAdmin

[root@wwwphpMyAdmin]#yum-yinstallphpMyAdmin

将安装文件复制至相应目录下

cp-r.//httpd/vhosts/phpmyadmin/

用浏览器打开

wKioL1eLJ56jvK3IAAEtJ9IV3iU800.png


为phpMyAdmin配置https使用192.186.1.7为192.168.1.10颁发CA证书为192.168.1.7创建私有CA;切换至/etc/pki/CA/目录

[root@bogon~]#cd/etc/pki/CA/
[root@bogonCA]#(umask077;opensslgenrsa-outprivate/cakey.pem1024)
GeneratingRSAprivatekey,1024bitlongmodulus
.................++++++
......................................++++++
eis65537(0x10001

创建自签证书

[root@bogonCA]#opensslreq-new-x509-keyprivate/cakey.pem-outcacert.pem
Youareabouttobeaskedtoenterinformationthatwillbeincorporated
intoyourcertificaterequest.
WhatyouareabouttoenteriswhatiscalledaDistinguishedNameoraDN.
Therearequiteafewfieldsbutyoucanleavesomeblank
Forsomefieldstherewillbeadefaultvalue,
Ifyouenter'.',thefieldwillbeleftblank.
-----
CountryName(2lettercode)[XX]:CN
StateorProvinceName(fullname)[]:beijing
LocalityName(eg,city)[DefaultCity]:beijing
OrganizationName(eg,company)[DefaultCompanyLtd]:phpmyadmin
OrganizationalUnitName(eg,section)[]:phpmyadmin
CommonName(eg,yournameoryourserver'shostname)[]:ca.admin.com
EmailAddress[]:caadmin@phpmyadmin.com

创建结构文件

[root@bogonCA]#touchindex.txt
[root@bogonCA]#echo01>serial

为服务端配置证书

[root@wwwssl]#opensslreq-new-keyhttpd.key-outhttpd.csr
Youareabouttobeaskedtoenterinformationthatwillbeincorporated
intoyourcertificaterequest.
WhatyouareabouttoenteriswhatiscalledaDistinguishedNameoraDN.
Therearequiteafewfieldsbutyoucanleavesomeblank
Forsomefieldstherewillbeadefaultvalue,yournameoryourserver'shostname)[]:www.phpmyadmin.com
EmailAddress[]:caadmin@phpmyadmin.com

Pleaseenterthefollowing'extra'attributes
tobesentwithyourcertificaterequest
Achallengepassword[]:
Anoptionalcompanyname[]:

讲所需签名证书复制至CA服务器

[root@wwwssl]#scphttpd.csr192.168.1.7:/tmp
Theauthenticityofhost'192.168.1.7(192.168.1.7)'can'tbeestablished.
ECDSAkeyfingerprintis4b:8b:6d:c8:53:c4:7e:ff:dd:26:a2:b9:67:1d:ab:cd.
Areyousureyouwanttocontinueconnecting(yes/no)?yes
Warning:Permanentlyadded'192.168.1.7'(ECDSA)tothelistofknownhosts.

给服务器签发证书

[root@bogonCA]#opensslca-in/tmp/httpd.csr-out/tmp/httpd.crt
Usingconfigurationfrom/etc/pki/tls/openssl.cnf
Checkthattherequestmatchesthesignature
Signatureok
CertificateDetails:
SerialNumber:1(0x1)
Validity
NotBefore:Jul1702:49:362016GMT
NotAfter:Jul1702:49:362017GMT
Subject:
countryName=CN
stateOrProvinceName=beijing
organizationName=phpmyadmin
organizationalUnitName=phpmyadmin
commonName=www.phpmyadmin.com
emailAddress=caadmin@phpmyadmin.com
X509v3extensions:
X509v3BasicConstraints:
CA:FALSE
NetscapeComment:
OpenSSLGeneratedCertificate
X509v3SubjectKeyIdentifier:
97:05:5A:39:41:43:C0:61:6E:E1:23:18:98:78:02:0D:21:F3:2B:EE
X509v3AuthorityKeyIdentifier:
keyid:0F:9B:41:AB:0F:47:89:C2:28:98:0F:59:61:BE:D3:4E:04:C9:51:81

CertificateistobecertifieduntilJul1702:49:362017GMT(365days)
Signthecertificate?[y/n]:y


1outof1certificaterequestscertified,commit?[y/n]y
Writeoutdatabasewith1newentries
DataBaseUpdated

将签发好的证书复制至phpMyAdmin服务器

[root@bogonCA]#scp/tmp/httpd.crt192.168.1.10:/etc/httpd/ssl
Theauthenticityofhost'192.168.1.10(192.168.1.10)'can'tbeestablished.
ECDSAkeyfingerprintisd3:71:51:da:74:25:b2:af:b6:d2:d4:98:9a:cd:f4:ee.
Areyousureyouwanttocontinueconnecting(yes/no)?yes
Warning:Permanentlyadded'192.168.1.10'(ECDSA)tothelistofknownhosts.
root@192.168.1.10'spassword:
httpd.crt100%33173.2KB/s00:00

编辑ssl.conf文件,

[root@www ssl]# cd ../conf.d
[root@www conf.d]# vim ssl.conf

将页面文件路径修改至phpMyAdmin页面路径

#General setup for the virtual host,inherited from global configuration
#DocumentRoot"/var/www/html"
#ServerNamewww.example.com:443
DocumentRoot"/httpd/vhosts/phpmyadmin"
ServerNamewww.phpmyadmin.com:443# Server Certificate:
#Point SSLCertificateFile at a PEM encoded certificate. If
# thecertificate is encrypted,then you will be prompted for a
#pass phrase. Note that a kill -HUP willprompt again. A new
#certificate can be generated using the genkey(1) command.
SSLCertificateFile/etc/httpd/ssl/httpd.crt

修改证书文件路径

# Server Certificate:
#Point SSLCertificateFile at a PEM encoded certificate. If
# thecertificate is encrypted,then you will be prompted for a
#pass phrase. Note that a kill -HUP willprompt again. A new
#certificate can be generated using the genkey(1) command.
SSLCertificateFile/etc/httpd/ssl/httpd.crt

# Server Private Key:
# If the key is not combined with thecertificate,use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key youcan configure
# both in parallel (to also allow the use ofDSA ciphers,etc.)
SSLCertificateKeyFile/etc/httpd/ssl/httpd.key

重启httpd服务

[root@wwwconf.d]#systemctlrestarthttpd

访问https://www.phpmuadmin.com

wKiom1eLJ2PgQX9PAAEVzKM0l3A800.png


安装xcache后重启httpd服务

[root@bogonconf.d]#yum-yinstallphp-xcache
[root@bogonvhosts]#systemctlrestarthttpd


使用ab命令进行压力测试(进行10次)

[root@bogonvhosts]#ab-c100-n1000http://www.xcache.com/index.php
Timeperrequest:132.352[ms](mean)
Timeperrequest:1.324[ms](mean,acrossallconcurrentrequests)
Transferrate:34763.10[Kbytes/sec]received
[root@bogonvhosts]#ab-c200-n2000http://www.xcache.com/index.php
Timeperrequest:334.702[ms](mean)
Timeperrequest:1.674[ms](mean,acrossallconcurrentrequests)
Transferrate:27492.89[Kbytes/sec]received

[root@bogonvhosts]#ab-c300-n3000http://www.xcache.com/index.php
Timeperrequest:1513.902[ms](mean)
Timeperrequest:5.046[ms](mean,acrossallconcurrentrequests)
Transferrate:9117.43[Kbytes/sec]received

[root@bogonvhosts]#ab-c400-n4000http://www.xcache.com/index.php
Timeperrequest:5866.443[ms](mean)
Timeperrequest:14.666[ms](mean,acrossallconcurrentrequests)
Transferrate:3039.11[Kbytes/sec]received

[root@bogonvhosts]#ab-c500-n5000http://www.xcache.com/index.php
Timeperrequest:5984.272[ms](mean)
Timeperrequest:11.969[ms](mean,acrossallconcurrentrequests)
Transferrate:3681.99[Kbytes/sec]received

[root@bogonvhosts]#ab-c600-n6000http://www.xcache.com/index.php
Timeperrequest:6207.417[ms](mean)
Timeperrequest:10.346[ms](mean,acrossallconcurrentrequests)
Transferrate:4296.02[Kbytes/sec]received

[root@bogonvhosts]#ab-c700-n7000http://www.xcache.com/index.php
Timeperrequest:1901.629[ms](mean)
Timeperrequest:2.717[ms](mean,acrossallconcurrentrequests)
Transferrate:16936.40[Kbytes/sec]received、

[root@bogonvhosts]#ab-c800-n8000http://www.xcache.com/index.php
Timeperrequest:3199.896[ms](mean)
Timeperrequest:4.000[ms](mean,acrossallconcurrentrequests)
Transferrate:11224.73[Kbytes/sec]received

[root@bogonvhosts]#ab-c900-n9000http://www.xcache.com/index.php
Timeperrequest:3335.247[ms](mean)
Timeperrequest:3.706[ms](mean,acrossallconcurrentrequests)
Transferrate:12321.67[Kbytes/sec]received

[root@bogonvhosts]#ab-c1000-n10000http://www.xcache.com/index.php
Timeperrequest:4754.311[ms](mean)
Timeperrequest:4.754[ms](mean,acrossallconcurrentrequests)
Transferrate:9507.14[Kbytes/sec]received

版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。

相关推荐


文章浏览阅读903次。4.清除缓存目录(/var/cache/yum)下的软件包及旧的headers。11.列出所有已安裝但不在 Yum Repository 內的软件包信息。3.清除缓存目录(/var/cache/yum)下旧的 headers。2.清除缓存目录(/var/cache/yum)下的 headers。5.列出所有已安装但不在 Yum Repository 內的软件包。1.清除缓存目录(/var/cache/yum)下的软件包。9.列出所有可更新的软件包信息。3.列出所有可更新的软件包。_centos yum update
文章浏览阅读1.5k次。Python 是一种高级解释性编程语言,已被用于各种应用程序开发,并在近年来获得了巨大的流行。Python 可用于编写广泛的应用程序,包括 Web 开发、数据分析、科学计算、人工智能、游戏等。由于其简单易用,它是初学者的理想语言。Python广泛应用于金融、医疗保健和科技等行业,并且由于其丰富的数据分析和可视化库和工具集而受到数据科学家和研究人员的欢迎。创建本内容时 Python 的最新稳定版本是 Python 3.11。_linux安装python3.11
文章浏览阅读2.6k次。打开终端或控制台,以root或具有sudo权限的用户身份登录。根据你的Linux发行版和网络管理工具的不同,相应的命令可能略有不同。使用以下命令编辑网络配置文件,例如eth0网卡的配置文件:注意:ifcfg-eth0 可能会有不同的命名,根据实机情况确认。在编辑器中,找到以"IPADDR"开头的行,然后修改IP地址。例如,将IP地址更改为192.168.1.100_银河麒麟修改ip地址
文章浏览阅读744次,点赞24次,收藏26次。目标:通过AppSrv为InsideCli客户端网络分配地址,地址池范围:192.168.0.110-192.168.0.190/24。另外一个虚拟网卡改为192.168.0.1给Rserver服务器,添加多一个网卡,用于连接不同的网段分别选刚才选好的两个网段之后,开启各虚拟机,配置IP地址ip addr查看网卡vi /etc/sysconfig/network-scripts/ifcfg-ens33新网卡没有UUID,要生成一个uuidgen然后记下进入文件夹cd /etc/sysconfig/netwo
文章浏览阅读1.1w次,点赞8次,收藏26次。chmod命令来自于英文词组“change mode”的缩写,其功能适用于改变文件或者目录权限的命令。默认只有文件的所有者和管理员可以设置文件权限,普通用户只能管理自己的文件的权限属性。设置权限时可以使用数字法,亦可使用字母表达式,对于目录文件建议加入-R参数进行递归操作,意味着不仅对于目录本身,也对目录内的子文件/目录进行新权限的设定。_chmod修改权限
文章浏览阅读1.2k次。yum源的URL地址,本例中是文件系统的路径,以“file:///”开头。其中,是要安装的软件包的名称。:本节的名称,可以是任何名称,但是必须以“[ ]”括起来。如果能够看到光盘的设备信息,则说明系统已经检测到了光盘。注意:baseurl的值必须是光盘挂载的目录路径。:GPG公钥文件的路径,用于yum包的安全性检查。:yum源是否启用,1表示启用,0表示禁用。:是否进行GPG校验,1表示是,0表示否。打开终端,使用root用户登录。:yum源的名称,可以自定义。_centos挂载光盘
文章浏览阅读1.4k次。这会在系统中安装新的 OpenSSL 版本。如果输出结果中的版本号为 1.1.1 或更高版本,则说明 OpenSSL 已成功升级。然后将新安装的OpenSSL做软连接到这个路径。4.初始化并编译、安装。_centos 升级 openssl
文章浏览阅读4.9k次,点赞5次,收藏11次。[Linux下的软连接、软链接的方式]][[Linux使用的filesystem库来自于c++17提供的新特性]][[Linux下centos查看 GCC 、G++版本]][[Linux 下centos 查看 -std 是否支持 C17 ]]_gcc c++17
文章浏览阅读3.2k次,点赞3次,收藏9次。Linux (centos) 安装Python3.9(保姆级别)_centos安装python3.9
文章浏览阅读5.9k次,点赞4次,收藏4次。进入国内的阿里云的,这里CentOS 7提供了三种ISO镜像文件的下载:DVD ISO、Everything ISO、Minimal ISO。阿里云下载链接: http://mirrors.aliyun.com/centos/点击进入下载页面,随便选择一个下载即可(不推荐,推荐阿里云下载,见下文)阿里云下载站点(速度非常快推荐)_centos7 iso
文章浏览阅读3.9k次。运行报错_inconsistency detected by ld.so: dl-call-libc-early-init.c: 37: _dl_call_lib
文章浏览阅读782次,点赞22次,收藏24次。通过查看INSTALL文件我们可以知道安装glibc2.31的要求,需要binutils版本2.25以上,texinfo版本4.7以上,bison版本2.7以上,sed版本3.02以上,gettext0.10.36以上,Python3.4以上,GDB7.8以上,make版本4.0以上,GCC版本6.2 以上。isl-0.18版本: http://www.mirrorservice.org/sites/sourceware.org/pub/gcc/infrastructure。_rpm 更新glibc2.31
文章浏览阅读905次,点赞19次,收藏16次。操作系统运维相关操作,实用而全面_centos 共享磁盘
文章浏览阅读1.5k次。CentOS Stream的位置提到RHEL上游,解决了“孤儿”的问题。红帽在RHEL上开发的所有功能都已经在CentOS Stream上完成,生态伙伴所添加的内容都将返回到CentOS Stream中,这些新功能会在未来RHEL发布出来,避免了生态伙伴创新消失不见情况的发生,从而保护投资,保护创新。为什么强调位置的变化?红帽的创新得到了CentOS创造者Gregory Kurtzer的肯定,他曾在公开场合表示,红帽做了正确的事情,CentOS Stream的场景比CentOS更好,更适合社区的发展。_dnf: command not found
文章浏览阅读1k次,点赞3次,收藏6次。sysconf:keepalived核心配置文件所在位置,固定位置,改成其他位置则keepalived启动不了,/var/log/messages中会报错。注意:如果在第5步执行 make && make install 时,报如下错误,则可能是keepalived版本号不对,可以试试 2.1.0 以前的版本。4. 进入到解压后的文件夹内,里面会看到 configure 文件,接下来就可以使用 configure 命令进行配置了。2. 通过 ftp工具上传到 linux:/home/software/_服务器双机热备
文章浏览阅读3k次。配置iptables规则,限制用户的出口IP,这里是根据用户的uid去限制的,比如user001用户的uid是1000,配置user001用户的出口IP就是172.17.22.1,以下是示例,根据自己情况修改uid和出口IP。找到auth的配置,默认是注释了的,先放开注释(就是把首行的#去掉),然后把Authentication这列改为u,以下是修改后的截图。打开后是空文件,在这里面添加自己的代理账号和密码,格式:账号+英文空格+密码,以下是例子,自己配置自己的账号。至此恭喜你,完成了所有配置!_站群搭建socks5
文章浏览阅读815次。下载链接:https://github.com/PowerShell/PowerShell/releases。下载链接:https://github.com/PowerShell/PowerShell/_linux中pwsh安装
文章浏览阅读877次,点赞10次,收藏5次。在CentOS系统中,Apache服务器是一个常用的Web服务器软件,它可以高效地提供静态HTTP服务。现在,您已经成功地在CentOS系统中配置了Apache服务器提供静态HTTP服务。启用默认站点:确保在配置文件中启用了默认的站点配置。此外,根据您的需求,您可能还需要进一步配置Apache的其他功能和模块。在配置文件中,您可以进行各种设置以定义您的静态HTTP服务的行为。指令,以定义适当的权限和设置。例如,确保目录的权限设置为适当的读/写/执行权限。指令设置为包含您的静态文件的目录路径。_centos还能用服务器吗
文章浏览阅读676次,点赞71次,收藏64次。简单几步实现在Linux centos环境下安装部署sql server数据库,并结合cpolar内网穿透工具,创建安全隧道将其映射到公网上,获取公网地址,实现在外异地远程连接家里/公司的sqlserver数据库,而无需公网IP,无需设置路由器,亦无需云服务器。
文章浏览阅读5.5k次。在 CentOS 7 中,可以通过以下步骤来开放指定端口号:1、使用 root 或具有管理员权限的用户登录到 CentOS 7 服务器。2、使用防火墙管理工具 firewalld 进行端口开放。 firewalld 是 CentOS 7 默认的防火墙管理工具。3、检查当前防火墙的状态,确保 firewalld 服务已经运行并且正常工作。可以使用以下命令来检查:_centos7开放端口