💎一站式轻松地调用各大LLM模型接口,支持GPT4、智谱、星火、月之暗面及文生图 广告
[返回目录](index.html)#### [安装](anzhuang_index.html "test") —— [Linux 环境搭建推荐教程](anzhuang_linux.html "test") ##### 一、系统约定 软件源代码包存放位置:/usr/local/src 源码包编译安装位置(prefix):/usr/local/software\_name 脚本以及维护程序存放位置:/usr/local/sbin MySQL 数据库位置:/var/lib/MySQL(可按情况设置) Apache 网站根目录:/home/www/wwwroot(可按情况设置) Apache 虚拟主机日志根目录:/home/www/logs(可按情况设置) Apache 运行账户:www:www ##### 二、系统环境部署及调整 ###### 1. 检查系统是否正常 ``` <pre class="brush:xml"> # more /var/log/messages(检查有无系统级错误信息) # dmesg(检查硬件设备是否有错误信息) # ifconfig(检查网卡设置是否正确) # ping www.163.com(检查网络是否正常) ``` ###### 2. 关闭不需要的服务 ``` <pre class="brush:xml"> # ntsysv 以下仅列出需要启动的服务,未列出的服务一律推荐关闭: atd crond irqbalance microcode_ctl network sendmail sshd syslog ``` ###### 3. 重新启动系统 ``` <pre class="brush:xml"> # init 6 ``` ###### 4. 配置 vim ``` <pre class="brush:xml"># vi /root/.bashrc ``` 在 alias mv='mv -i' 下面添加一行:alias vi='vim' 保存退出。 ``` <pre class="brush:xml"># echo 'syntax on' > /root/.vimrc ``` ###### 5. 使用 yum 程序安装所需开发包(以下为标准的 RPM 包名称) ``` <pre class="brush:xml"> # yum install ntp vim-enhanced gcc gcc-c++ gcc-g77 flex bison autoconf automake bzip2-devel ncurses-devel libjpeg-devel libpng-devel libtiff-devel freetype-devel pam-devel kerne ``` ###### 6. 定时校正服务器时钟,定时与中国国家授时中心授时服务器同步 ``` <pre class="brush:xml"># crontab -e ``` 加入一行: ``` <pre class="brush:xml">*/30 * * * * ntpdate 210.72.145.44 ``` ###### 7. 源码编译安装所需包 (Source) 需要下载的文件 ``` <pre class="brush:xml"> gd-2.0.34.tar.gz libxml2-2.6.30.tar.bz2 libmcrypt-2.5.8.tar.bz2 cronolog-1.7.0-beta.tar.gz openssl-0.9.8e.tar.gz (可选) openssl-0.9.8e.tar.gz (可选) ``` 7.1 GD2 ``` <pre class="brush:xml"> # cd /usr/local/src # tar xzvf gd-2.0.34.tar.gz # cd gd-2.0.34 # ./configure --prefix=/usr/local/gd2 # make # make install ``` 7.2 LibXML2 ``` <pre class="brush:xml"> # cd /usr/local/src # tar xjvf libxml2-2.6.30.tar.bz2 # cd libxml2-2.6.30 # ./configure --prefix=/usr/local/libxml2 # make # make install ``` 7.3 LibMcrypt ``` <pre class="brush:xml"> # cd /usr/local/src # tar xjvf libmcrypt-2.5.8.tar.bz2 # cd libmcrypt-2.5.8 # ./configure –prefix=/usr/local/libmcrypt # make # make install ``` 7.4 Apache日志截断程序 ``` <pre class="brush:xml"> # cd /usr/local/src # tar xzvf cronolog-1.7.0-beta.tar.gz # cd cronolog-1.7.0-beta # ./configure –prefix=/usr/local/cronolog # make # make install ``` ###### 8. 升级OpenSSL和OpenSSH ``` <pre class="brush:xml"> # cd /usr/local/src # tar xzvf openssl-0.9.8e.tar.gz # cd openssl-0.9.8e # ./config --prefix=/usr/local/openssl # make # make test # make install # cd .. # tar xzvf openssh-4.7p1.tar.gz # cd openssh-4.7p1 # ./configure \ "--prefix=/usr" \ "--with-pam" \ "--with-zlib" \ "--sysconfdir=/etc/ssh" \ "--with-ssl-dir=/usr/local/openssl" \ "--with-md5-passwords" # make # make install ``` (1)禁用 SSH V1 协议 找到: ``` <pre class="brush:xml">#Protocol 2,1 ``` 改为: ``` <pre class="brush:xml">Protocol 2 ``` (2)禁止root直接登录,此处先建立一个普通系统用户: ``` <pre class="brush:xml"> # useradd username # passwd username ``` 找到: ``` <pre class="brush:xml">#PermitRootLogin yes ``` 改为: ``` <pre class="brush:xml">PermitRootLogin no ``` (3)禁用服务器端GSSAPI,找到以下两行,并将它们注释: ``` <pre class="brush:xml"> GSSAPIAuthentication yes GSSAPICleanupCredentials yes ``` (4)禁用 DNS 名称解析,找到: ``` <pre class="brush:xml">#UseDNS yes ``` 改为: ``` <pre class="brush:xml">UseDNS no ``` (5)禁用客户端 GSSAPI ``` <pre class="brush:xml"># vi /etc/ssh/ssh_config ``` 找到: ``` <pre class="brush:xml">GSSAPIAuthentication yes ``` 将这行注释掉。 最后,确认修改正确后重新启动 SSH 服务 ``` <pre class="brush:xml"> # service sshd restart # ssh -v ``` 确认 OpenSSH 以及 OpenSSL 版本正确。 ##### 三、编译安装L.A.M.P环境 ###### 1. 下载软件 ``` <pre class="brush:xml"># cd /usr/local/src ``` 下载文件mysql,apache,php,请到下面网址下载相应软件 ``` <pre class="brush:xml"> http://www.apache.org/ (推荐版本:2.2.21) http://www.php.net/ (推荐版本:5.2.17) http://www.mysql.com/ ``` ###### 2. 编译安装MySQL ``` <pre class="brush:xml"> # tar xzvf MySQL-5.0.45-linux-i686-glibc23.tar.gz # mv MySQL-5.0.45-linux-i686-glibc23 /usr/local/ # ln -s /usr/local/ MySQL-5.0.45-linux-i686-glibc23 /usr/local/MySQL # useradd MySQL # chown -R MySQL:root /usr/local/MySQL/ # cd /usr/local/MySQL # ./scripts/MySQL_install_db --user=MySQL # cp ./support-files/MySQL.server /etc/rc.d/init.d/MySQLd # chown root:root /etc/rc.d/init.d/MySQLd # chmod 755 /etc/rc.d/init.d/MySQLd # chkconfig --add MySQLd # chkconfig --level 3 5 MySQLd on # cp ./support-files/my-huge.cnf /etc/my.cnf # mv /usr/local/MySQL/data /var/lib/MySQL # chown -R MySQL:MySQL /var/lib/MySQL/ # vi /etc/my.cnf ``` ###### 3. 编译安装Apache ``` <pre class="brush:xml"> # cd /usr/local/src # tar xjvf httpd-2.2.21.tar.bz2 # cd httpd-2.2.21 # ./configure \ "--prefix=/usr/local/apache2" \ "--with-included-apr" \ "--enable-so" \ "--enable-deflate=shared" \ "--enable-expires=shared" \ "--enable-rewrite=shared" \ "--enable-static-support" \ "--disable-userdir" # make # make install # echo '/usr/local/apache2/bin/apachectl start ' >> /etc/rc.local ``` ###### 4. 编译安装PHP ``` <pre class="brush:xml"> # cd /usr/local/src # tar xjvf php-5.2.17.tar.bz2 # cd php-5.2.17 # ./configure \ "--prefix=/usr/local/php" \ "--with-apxs2=/usr/local/apache2/bin/apxs" \ "--with-config-file-path=/usr/local/php/etc" \ "--with-MySQL=/usr/local/MySQL" \ "--with-libxml-dir=/usr/local/libxml2" \ "--with-gd=/usr/local/gd2" \ "--with-jpeg-dir" \ "--with-png-dir" \ "--with-bz2" \ "--with-freetype-dir" \ "--with-iconv-dir" \ "--with-zlib-dir " \ "--with-openssl=/usr/local/openssl" \ "--with-mcrypt=/usr/local/libmcrypt" \ "--enable-soap" \ "--enable-gd-native-ttf" \ "--enable-ftp" \ "--enable-mbstring" \ "--enable-exif" \ "--disable-ipv6" \ "--disable-cgi" \ "--disable-cli" # make # make install # mkdir /usr/local/php/etc # cp php.ini-dist /usr/local/php/etc/php.ini ``` ###### 5. 整合Apache与PHPP ``` <pre class="brush:xml"># vi /usr/local/apache2/conf/httpd.conf ``` 找到: ``` <pre class="brush:xml">AddType application/x-gzip .gz .tgz ``` 在该行下面添加 ``` <pre class="brush:xml">AddType application/x-httpd-php .php ``` 找到: ``` <pre class="brush:xml"> DirectoryIndex index.html ``` 将该行改为 ``` <pre class="brush:xml">DirectoryIndex index.html index.htm index.php ``` 找到: ``` <pre class="brush:xml"> #Include conf/extra/httpd-mpm.conf #Include conf/extra/httpd-info.conf #Include conf/extra/httpd-vhosts.conf #Include conf/extra/httpd-default.conf ``` 去掉前面的“#”号,取消注释。注意:以上 4 个扩展配置文件中的设置请按照相关原则进行合理配置!修改完成后保存退出。 ``` <pre class="brush:xml"># /usr/local/apache2/bin/apachectl restart ``` ###### 6. 查看确认L.A.M.P环境信息、提升 PHP 安全性 在网站根目录放置 phpinfo.php 脚本,检查phpinfo中的各项信息是否正确。 确认 PHP 能够正常工作后,在 php.ini 中进行设置提升 PHP 安全性。 ``` <pre class="brush:xml"># vi /etc/php.ini ``` 找到:``` <pre class="brush:xml">disable_functions = ``` 设置为: ``` <pre class="brush:xml">phpinfo,passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter, ini_alter,ini_restore,dl,pfsockopen,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server ``` [返回目录](index.html) 上海盛大网络发展有限公司 c 2006 - 2011 B2-20040053. 问题和建议请反馈至:http://bbs.phpcms.cn