第十九课预习任务
11.25 配置防盗链
11.26 访问控制Directory
11.27 访问控制FilesMatch
11.28 限定某个目录禁止解析php
11.29 限制user_agent
11.30/11.31 php相关配置
11.32 php扩展模块装安
11.25 配置防盗链
防盗链,通俗讲,就是不让别人盗用你网站上的资源。这个资源,通常指的是图片、视频、歌曲、文档等。还有就是一个 referer的概念,上面日志格式时曾提到过它。你通过A网站的一个页面
http://a.com/html里面的链接去访问B网站的一个页面http://b.com/b.html,那么这个B网站页面的referers就是http://a.com/a.html.也就是说,一个referer其实就是一个网址。配置防盗链:
[root@hongwei ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf编辑虚拟主机配置文件
内容改成如下所示,
首先定义允许访问链接的 referer,其中^$为空 referer,当直接在浏览器里输入图片地址去访问它时,它的 referer就为空。然后又使用 filesmatch来定义需要保护的文件类型,访问txt、doc、mp3、zip、rar、Jpg、gif格式的文件,当访问这样类型的文件时就会被限制。
.然后测试语法错误,重新加载:
下面进行测试:
注明:使用-e来定义referer,这个referer一定要以http://开头,否则不管用。
去浏览器里访问也是访问不了。
但我们去阿铭论坛去发一个帖子,把链接粘贴过来。
再去修改ask.apelearn.com更改白名单。
可以发现浏览器,可以访问了。
11.26 访问控制Directory
凡是涉及后台的访问都要做IP限制,只允许公司内网IP或者被信任的公网IP访问。这样做的目的是防止别有用心的人拿到后台权限,并获得内部数据。先来看如何限制P访问,编辑配置文件:
#vim/usr/local/apache2.4/conf/extra/httpd-vhosts.conf//改成如下内容
< VirtualHost*:80〉 Documentroot"/data/wwwroot/Www.123.com Servername Www.123.Com Serveralias123.com CustomLog "1/usr/local/apache2. 4/bin/rotatelogs-1 logs/123. com-access_%6Y%6m%d log 86400 combined <diRectory/data/wwwroot/www.123.com/admin/> Order deny, allow Deny from all A11 ow from127.0.0.1 </Directory> </VirtualHost>使用< Directory>来指定要限制访问的目录, order定义控制顺序,哪个在前面就先匹配哪个规则。在本例中deny在前面,所以先匹配 Deny from a1l,这样所有的来源IP都会被限制,然后匹配 Allow from 127.0.0.1,这样又允许了127.0.0.1这个P。最终的效果是,只允许来源IP为127.0.0.1的访问。下面为验证过程:
# mkdir/data/wwwroot/www.123.com/admin ///创建admin目录,模拟网站后台 # echo "admin" > /data/wwwroot/www.123.com/admin/index.htm1 //在后台目录下面创建文件,并写入内容 # > /usr/local/apache2.4/1ogs/123.com-access_20180630.log //清空当天的访问日志 # curl-x192.168.73.128:80 -I www.123.com/admin/index.html Http/1.1 403 Forbidden Date: Sun, 19 Mar 2018 09:50:10 GMT Server: Apache/2.4.25(Unix)PHP/5.6.30 Content-Type: text/html; charset=iso-8859-1 #curl-x127.0.0.1:80 -I www.123.com/admin/index.html HTTP/1.1 200 ok Date: Sun, 19 Mar 2018 09:50:22 GMT Server: Apache/2.4.25(Unix)PHP5.6.30 Last-Modified: Sun, 19 Mar 2018 09:53:17 GMT ETag:"6-54b0f80991e7c" Accept-Ranges: bytes Content-Length: 6 Content-Type: text/html # cat /usr/local/apache2.4/logs/123.com-access_20180630.log 192.168.73.128--[19/Mar/2017:14:50:10+0800]"HEAD HTTP://www.123.com/admin/index.htm1HTTP/1.1 403-"-"1"cur1/7.29.0 127.0.0.1--[19/Mar/2017:14:50:22+0800J]"HEAD HTTP://www.123.com/admin/index.html HTTP/1.1"200 ""cur1/7.29.0
11.27 访问控制FilesMatch
可以单独针对文件来做限制:
<Directory /data/wwwroot/www.123.com> <FilesMatch "admin.php(.*)"> Order deny,allow Deny from all Allow from 127.0.0.1 </FilesMatch> </Directory>
11.28 限定某个目录禁止解析php
对于使用PHP语言编写的网站,有一些目录是有需求上传文件的,因为服务器可以上传图片,并且没有做防盗链,所以被人家当成了一个图片存储服务器,并且盗用带宽流量。如果网站代码有漏洞,让黑客上传了一个用PHP代码写的木马,由于网站可以执行PHP程序,最终会让黑客拿到服务器权限。为了避免这种情况发生,我们需要把能上传文件的目录
直接禁止解析PHP代码(不用担心会影响网站访问,若这种目录也需要解析PHP,那说明程序员不合格),配置如下:<Directory /data/wwwroot/www.123.com/upload> php_admin_flag engine off </Directory>验证过程如下:
# /usr/local/apache2.4/bin/apachectl -t Syntax OK # /usr/local/apache2.4/bin/apachectl graceful # cp /usr/local/apache2.4/htdocs/1.php /data/wwwroot/www.123.com/upload/ #cur1-×127.0.0.1:80Ww.123.com/upl0ad/ 1/1. php <: php echo"php解析正常";这说明1.php是不能正常解析的。
11.29 限制user_agent
user agent为浏览器标识,当用curl访问时, user agent为“curl/7.29.0”,用 Firefox浏览器访问时, user agent为“Mozl50( Windows Nt6.1;Win64;x64;rv:52.0) Gecko/20100101 Firefox/52.0”。在工作中可以针对user agent来限制一些访问,比如可以限制一些不太友好的搜索引|擎“爬虫”,你之所以能在百度搜到阿铭的论坛,就是因为百度会派一些“蜘蛛爬虫”过来抓取网站数据。“蜘蛛爬虫”抓取数据类似于用户用浏览器访问网站,当“蜘蛛爬虫”太多或者访问太频繁,就会浪费服务器资源。另外,也可以限制恶意请求,这种恶意请求我们]通常称作cc攻击,它的原理很简单,就是用很多用户的电脑同时访问同一个站点,当访问量或者频率达到一定层次,会耗尽服务器资源,从而使之不能正常提供服务。这种cc攻击其实有很明显的规律,其中这些恶意请求的 user agent相同或者相似,那我们就可以通过限制 user agent发挥防攻击的作用。下面是针对 user agent来做访问控制:
#vim/usr/local/apache2.4/conf/extra/httpd-vhosts.conf//编辑虛拟主机配置文件,/内容改成如下所示:
<IfModule mod_rewrite.c> RewriteEngine on RewriteCond %{HTTP_USER_AGENT} .*curl.* [NC,OR] RewriteCond %{HTTP_USER_AGENT} .*baidu.com.* [NC] RewriteRule .* - [F] </IfModule>这里用到了 rewrite模块,%{HTTP_USER_AGENT}为 user agent的内置变量,在本例中当user agent匹配curl或者 baidu. com时,都会触发下面的规则。方括号中的0R表示“或者”,NC表示“不区分大小写”,F相当于 Forbidden。验证过程如下:
# /usr/local/apache2.4/bin/apachectl -t Syntax OK # /usr/local/apache2.4/bin/apachectl graceful #curl -I -x127.0.0.1:80Www.123.com/upload/1.php Http/1.1 403 Forbidden Date: Sun, 19 Mar 2018 10:05:07 GMT Server: Apache/2.4.25(Unix) PHP/5.6.30 Content-Type: text/html; charset=iso-8859-1 # cur1 -A "123123” -I -x127.0.0.1:80www.123.com/upload/1.php HTTP/1.12000K Date: Sun, 19 Mar 2018 10: 05: 08GMT )ache/2. 4.25(Unix)PHP/5.6.30 X-Powered-By: PHP/5.6.30 Content-Type: text/html: charset=UTF-8
curl的-A选项指定 user agent。第一个请求, user agent为“curl/7.29.0”匹配了第一个条件,所以会403;第二个请求, user agent为自定义的“123123”没有匹配任何条件,所以状态码为200。
11.30/11.31 php相关配置
虽然php是以httpd一个模块的形式存在的,但php本身也有自己的配置文件。查看配置文件所在位置的命令为:
显示的是没有加载,加载一个:
[root@hongwei src]# cd php-7.1.6 [root@hongwei php-7.1.6]# ls acinclude.m4 LICENSE README.namespaces aclocal.m4 ltmain.sh README.NEW-OUTPUT-API appveyor main README.PARAMETER_PARSING_API build makedist README.REDIST.BINS buildconf Makefile README.RELEASE_PROCESS buildconf.bat Makefile.frag README.SELF-CONTAINED-EXTENSIONS CODING_STANDARDS Makefile.fragments README.STREAMS config.guess Makefile.gcov README.SUBMITTING_PATCH config.log Makefile.global README.TESTING config.nice Makefile.objects README.TESTING2 config.status makerpm README.UNIX-BUILD-SYSTEM config.sub meta_ccld README.WIN32-BUILD-SYSTEM configure missing run-tests.php configure.in mkinstalldirs sapi CONTRIBUTING.md modules scripts CREDITS netware server-tests-config.php ext NEWS server-tests.php EXTENSIONS pear snapshot footer php7.spec stamp-h.in generated_lists php7.spec.in stub.c genfiles php.gif tests header php.ini-development travis include php.ini-production TSRM INSTALL README.EXT_SKEL UPGRADING install-sh README.GIT-RULES UPGRADING.INTERNALS libphp7.la README.input_filter vcsclean libs README.MAILINGLIST_RULES win32 libtool README.md Zend [root@hongwei php-7.1.6]# cp php.ini-development /usr/local/php7/etc/php.ini [root@hongwei php-7.1.6]# /usr/local/apache2.4/bin/apachectl graceful打开php.ini:php. ini为PHP的配置文件,可以看出其在/ usr/local/php/etc/php. ini,第一行的 Warning为警告信息,可以忽略,取消这个警告需要编辑 php. ini,找到date. timez0ne设置如下:
然后再次执行 /usr/local/php7/bin/php -i|grep -i "loaded configuration file",不再提示警告信息。[root@hongwei ~]# /usr/local/php7/bin/php -i|grep -i "loaded configuration file" Loaded Configuration File => /usr/local/php7/etc/php.ini
- php的disabl_functions
PHP有诸多内置的函数,有一些函数(比如exec)会直接调取 Linux系统命令,如果开放将会非常危险。因此,基于安全考虑应该把一些存在安全风险的函数禁掉
#vim/usr/loca1/php/etc/php.ini//搜索 disable functions,编辑成如下
更改完 php. ini后,由于需要在httpd中调用PHP,所以还需要重启httpd服务使其生效。[root@hongwei ~]# /usr/local/apache2.4/bin/apachectl -t Syntax OK [root@hongwei ~]# /usr/local/apache2.4/bin/apachectl graceful [root@hongwei ~]#
- 配置error_log
设置php错误日志,步骤:
搜索log_errors,改成如下:
再搜索error_log,改为如下:
再搜索error_reporting,改为:
log errors可以设置为on或者off,如果想让PHP记录错误日志,需要设置为on。 error_log设定错误日志路径; error reporting设定错误日志的级别,E_ALL为所有类型的日志,不管是提醒还是警告都会记录。在开发环境下面设置为E_ALL,可以方便程序员排查问题,但也会造成日志记录很多无意义的内容。&符号表示并且,~表示排除,所以两个组合在一起就是在E_ALL的基础上排除掉 notice相关的日志。 display errors设置为on,则会把错误日志直接显示在浏览器里,这样对于用户访问来说体验不好,而且还会暴露网站的一些文件路径等重要信息,所以要设置为off。
- 配置open_basedir
以个服务器上跑很多网站,这是几乎所有小公司为节省成本采用的做法,但这样做也会有一些弊端:多个网站跑在同一个服务器上,如果其中一个网站被黑,很有可能连累到其他站点。阿铭觉得用
句俗话形容比较合适:“一颗老鼠屎坏一锅汤。”为了避免这种尴尬的事情发生,我们应当作一些预防手段。还好PHP有一个概念叫作 open basedir,它的作用是将网站限定在指定目录里,就算该站点被黑了,黑客只能在该目录下面有所作为,而不能左右其他目录。如果你的服务器上只有一个站点,那可以直接在 php. ini中设置 open basedir参数。但如果服务器上跑的站点比较多,那在 php. ini中设置就不合适了,因为在 php. ini中只能定义一次,也就是说所有站点都一起定义限定的目录,那这样似乎起不到隔离多个站点的目的。先来看如何在 php. ini中设置 open basedir#Vim/usr/1oca1/phnp/etc/php.ini//搜索open_ basedir,改成如下open basedir = /tmp:/data/wwwroot/www.123.comopen basedir可以是多个目录,用:分隔,先来验证 open_basedir的作用吧。因为已经限制PHP只能在/tmp和/data/wwwroot/www.123.com两个目录下面活动,所以这次拿aming.com来演示:
# /usr/local/apache2.4/bin/apachectl graceful # cp/usr/local/apache2.4/htdocs/1.php /data/wwwroot/aming.com/ curl -x127.0.0.1:80 -I aming.com/1.php HTTP/1.0 500 Internal Server Error Date: sun,19 Mar 2018 13:04:45 GMT Server: Apache/2.4.25 (Unix) PHP/5.6.30 X-Powered-By: PHP/5.6.30 Connection: close Content-Type: text/html; charset=UTF-8发现aming.com/lphp不能访问,状态码为500,所以查看一下错误日志,得到信息如下:
[1-Mar-2018 10: 14: 39 Asia/Shanghai] PHP Warning: Unknown: open basedir restrictionile in effect.File(/data/wwwroot/aming.com/1.php)is not within the allowed path(s) : (/tmp:/data/wwwroot/ww.123.com)
in Unknown on line 0
[1-Mar-2018 10: 14: 39 Asia/ Shanghai] PHP Warning: Unknown: failed to open stream: Operation not permitted in Unknown on line 0
[1-Mar-2018 10: 14: 39 Asia/Shanghai] PHP Fatal error: Unknown: Failed opening required
/data/wwwroot/aming.com/1.php'(include_path=':/usr/local/php/lib/php)in Unknown on line 0
- 给单个虚拟主机设置openbasedir。对于php.ini里面的配置,在httpdconf中也是可以设置的:
#vim/usr/local/apache2.4/conf/extra/httpd-vhosts.conf//编辑成如下 <VirtualHost * 80> Documentroot"/data/wwwroot/www.123.com ServernameWww.123.com Serveralias123.com CustomLog"/usr/local/apache2. 4/bin/rotatelogs-1 logs/123. com-access %Y%m%d log 86400 combined phpadminvalueopenbasedir/data/wwwroot/www.123.com/:/tmp/ </VirtualHost>起作用的就是这句 php_admin_value,它可以定义 php. ini里面的参数,除此之外像eror_log之类的也可以定义。这样就可以实现,一个虚拟主机定义一个 open_basedir。
11.32 php扩展模块装安
编译httpd时,有涉及动态和静态模块,其实PHP也一样有这样的说法。在PHP安装时,所有的模块全部都为静态,并没有任何动态的模块。所谓动态,就是一个独立存在的.so文件,在
httpd中PHP就是以动态模块的形式被加载的。PHP一旦编译完成后,要想再增加一个功能模块的话,要么重新编译PHP,要么直接编译一个扩展模块(生成一个.so文件),然后在 php. ini中配置一下,就可以被加载使用了。首先,查看PHP都加载了哪些功能模块:
[root@hongwei ~]# /usr/local/php/bin/php -m [PHP Modules] bz2 Core ctype date dom ereg exif fileinfo filter gd hash iconv json libxml mbstring mcrypt mysql mysqli openssl pcre PDO pdo_mysql pdo_sqlite Phar posix Reflection session SimpleXML soap sockets SPL sqlite3 standard tokenizer xml xmlreader xmlwriter zlib [Zend Modules] [root@hongwei ~]#安装phpredis扩展模块:
首先进入到src目录下:
[root@hongwei ~]# cd /usr/local/src [root@hongwei src]# ^C下载源码包文件:
[root@hongwei src]# wget https://codeload.github.com/phpredis/phpredis/zip/develop --2018-07-01 13:19:21-- https://codeload.github.com/phpredis/phpredis/zip/develop 正在解析主机 codeload.github.com (codeload.github.com)... 54.251.140.56, 13.250.162.133, 13.229.189.0 正在连接 codeload.github.com (codeload.github.com)|54.251.140.56|:443... 已连接。 已发出 HTTP 请求,正在等待回应... 200 OK 长度:239183 (234K) [application/zip] 正在保存至: “develop” 100%[===================================================>] 239,183 228KB/s 用时 1.0s 2018-07-01 13:19:28 (228 KB/s) - 已保存 “develop” [239183/239183])
[root@hongwei src]# mv develop phpredis-develop.zip解压压缩包:
[root@hongwei src]# unzip !$ unzip phpredis-develop.zip Archive: phpredis-develop.zip fa5f6e1411e99c809dba9cfa126952758e30f4b0 creating: phpredis-develop/ inflating: phpredis-develop/.gitignore inflating: phpredis-develop/.gitmodules inflating: phpredis-develop/.travis.yml inflating: phpredis-develop/COPYING inflating: phpredis-develop/CREDITS inflating: phpredis-develop/INSTALL.markdown inflating: phpredis-develop/ISSUE_TEMPLATE.md inflating: phpredis-develop/README.markdown inflating: phpredis-develop/arrays.markdown inflating: phpredis-develop/cluster.markdown inflating: phpredis-develop/cluster_library.c inflating: phpredis-develop/cluster_library.h inflating: phpredis-develop/common.h inflating: phpredis-develop/config.m4 inflating: phpredis-develop/config.w32 inflating: phpredis-develop/crc16.h inflating: phpredis-develop/debian.control creating: phpredis-develop/debian/ inflating: phpredis-develop/debian/changelog extracting: phpredis-develop/debian/compat inflating: phpredis-develop/debian/control inflating: phpredis-develop/debian/copyright inflating: phpredis-develop/debian/postinst inflating: phpredis-develop/debian/postrm inflating: phpredis-develop/debian/rules creating: phpredis-develop/liblzf/ inflating: phpredis-develop/library.c inflating: phpredis-develop/library.h inflating: phpredis-develop/mkdeb-apache2.sh inflating: phpredis-develop/mkdeb.sh inflating: phpredis-develop/package.xml inflating: phpredis-develop/php_redis.h inflating: phpredis-develop/redis.c inflating: phpredis-develop/redis_array.c inflating: phpredis-develop/redis_array.h inflating: phpredis-develop/redis_array_impl.c inflating: phpredis-develop/redis_array_impl.h inflating: phpredis-develop/redis_cluster.c inflating: phpredis-develop/redis_cluster.h inflating: phpredis-develop/redis_commands.c inflating: phpredis-develop/redis_commands.h inflating: phpredis-develop/redis_session.c inflating: phpredis-develop/redis_session.h creating: phpredis-develop/rpm/ inflating: phpredis-develop/rpm/php-redis.spec extracting: phpredis-develop/rpm/redis.ini inflating: phpredis-develop/serialize.list creating: phpredis-develop/tests/ inflating: phpredis-develop/tests/RedisArrayTest.php inflating: phpredis-develop/tests/RedisClusterTest.php inflating: phpredis-develop/tests/RedisTest.php inflating: phpredis-develop/tests/TestRedis.php inflating: phpredis-develop/tests/TestSuite.php inflating: phpredis-develop/tests/getSessionData.php inflating: phpredis-develop/tests/make-cluster.sh inflating: phpredis-develop/tests/mkring.sh inflating: phpredis-develop/tests/regenerateSessionId.php inflating: phpredis-develop/tests/startSession.php进入到目录下面去:
[root@hongwei src]# cd phpredis-develop生成configure文件:
[root@hongwei phpredis-develop]# /usr/local/php/bin/phpize Configuring for: PHP Api Version: 20131106 Zend Module Api No: 20131226 Zend Extension Api No: 220131226 Cannot find autoconf. Please check your autoconf installation and the $PHP_AUTOCONF environment variable. Then, rerun this script.可以看到出现一个错误就是缺少autoconf安装包:
使用yum 安装它:
[root@hongwei phpredis-develop]# yum install -y autoconf 已加载插件:fastestmirror Repository base is listed more than once in the configuration Repository updates is listed more than once in the configuration Repository extras is listed more than once in the configuration Repository centosplus is listed more than once in the configuration base | 3.6 kB 00:00:00 epel/x86_64/metalink | 5.7 kB 00:00:00 epel | 3.2 kB 00:00:00 extras | 3.4 kB 00:00:00 updates | 3.4 kB 00:00:00 epel/x86_64/primary FAILED http://del-repos.extreme-ix.org/epel/7/x86_64/repodata/10002625e8af7793676f4f9f6c59ff8ef376a915c22a45fbb8a1922fdcf9c6e9-primary.xml.gz: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。 (1/2): epel/x86_64/updateinfo | 925 kB 00:00:08 epel/x86_64/primary FAILED http://ftp.riken.jp/Linux/fedora/epel/7/x86_64/repodata/10002625e8af7793676f4f9f6c59ff8ef376a915c22a45fbb8a1922fdcf9c6e9-primary.xml.gz: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。 (2/2): epel/x86_64/primary | 3.5 MB 00:00:03 Loading mirror speeds from cached hostfile * base: mirrors.aliyun.com * epel: mirrors.sohu.com * extras: mirrors.aliyun.com * updates: centos.ustc.edu.cn epel 12607/12607 正在解决依赖关系 --> 正在检查事务 ---> 软件包 autoconf.noarch.0.2.69-11.el7 将被 安装 --> 正在处理依赖关系 m4 >= 1.4.14,它被软件包 autoconf-2.69-11.el7.noarch 需要 --> 正在检查事务 ---> 软件包 m4.x86_64.0.1.4.16-10.el7 将被 安装 --> 解决依赖关系完成 依赖关系解决 ============================================================================================= Package 架构 版本 源 大小 ============================================================================================= 正在安装: autoconf noarch 2.69-11.el7 base 701 k 为依赖而安装: m4 x86_64 1.4.16-10.el7 base 256 k 事务概要 ============================================================================================= 安装 1 软件包 (+1 依赖软件包) 总下载量:957 k 安装大小:2.7 M Downloading packages: (1/2): m4-1.4.16-10.el7.x86_64.rpm | 256 kB 00:00:06 (2/2): autoconf-2.69-11.el7.noarch.rpm | 701 kB 00:00:07 --------------------------------------------------------------------------------------------- 总计 133 kB/s | 957 kB 00:00:07 Running transaction check Running transaction test Transaction test succeeded Running transaction 正在安装 : m4-1.4.16-10.el7.x86_64 1/2 正在安装 : autoconf-2.69-11.el7.noarch 2/2 验证中 : m4-1.4.16-10.el7.x86_64 1/2 验证中 : autoconf-2.69-11.el7.noarch 2/2 已安装: autoconf.noarch 0:2.69-11.el7 作为依赖被安装: m4.x86_64 0:1.4.16-10.el7 完毕!然后再次执行:
[root@hongwei phpredis-develop]# /usr/local/php/bin/phpize Configuring for: PHP Api Version: 20131106 Zend Module Api No: 20131226 Zend Extension Api No: 220131226然后./configure:
[root@hongwei phpredis-develop]# ./configure --with-php-config=/usr/local/php/bin/php-config checking for grep that handles long lines and -e... /usr/bin/grep checking for egrep... /usr/bin/grep -E checking for a sed that does not truncate output... /usr/bin/sed checking for cc... cc checking whether the C compiler works... yes checking for C compiler default output file name... a.out checking for suffix of executables... checking whether we are cross compiling... no checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether cc accepts -g... yes checking for cc option to accept ISO C89... none needed checking how to run the C preprocessor... cc -E checking for icc... no checking for suncc... no checking whether cc understands -c and -o together... yes checking for system library directory... lib checking if compiler supports -R... no checking if compiler supports -Wl,-rpath,... yes checking build system type... x86_64-unknown-linux-gnu checking host system type... x86_64-unknown-linux-gnu checking target system type... x86_64-unknown-linux-gnu checking for PHP prefix... /usr/local/php checking for PHP includes... -I/usr/local/php/include/php -I/usr/local/php/include/php/main -I/usr/local/php/include/php/TSRM -I/usr/local/php/include/php/Zend -I/usr/local/php/include/php/ext -I/usr/local/php/include/php/ext/date/lib checking for PHP extension directory... /usr/local/php/lib/php/extensions/no-debug-zts-20131226 checking for PHP installed headers prefix... /usr/local/php/include/php checking if debug is enabled... no checking if zts is enabled... no checking for re2c... no configure: WARNING: You will need re2c 0.13.4 or later if you want to regenerate PHP parsers. checking for gawk... gawk checking whether to enable redis support... yes, shared checking whether to enable sessions... yes checking whether to enable igbinary serializer support... no checking whether to enable lzf compression... no checking use system liblzf... no checking for redis igbinary support... disabled checking for git... no checking for ld used by cc... /usr/bin/ld checking if the linker (/usr/bin/ld) is GNU ld... yes checking for /usr/bin/ld option to reload object files... -r checking for BSD-compatible nm... /usr/bin/nm -B checking whether ln -s works... yes checking how to recognize dependent libraries... pass_all checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking dlfcn.h usability... yes checking dlfcn.h presence... yes checking for dlfcn.h... yes checking the maximum length of command line arguments... 1572864 checking command to parse /usr/bin/nm -B output from cc object... ok checking for objdir... .libs checking for ar... ar checking for ranlib... ranlib checking for strip... strip checking if cc supports -fno-rtti -fno-exceptions... no checking for cc option to produce PIC... -fPIC checking if cc PIC flag -fPIC works... yes checking if cc static flag -static works... no checking if cc supports -c -o file.o... yes checking whether the cc linker (/usr/bin/ld -m elf_x86_64) supports shared libraries... yes checking whether -lc should be explicitly linked in... no checking dynamic linker characteristics... GNU/Linux ld.so checking how to hardcode library paths into programs... immediate checking whether stripping libraries is possible... yes checking if libtool supports shared libraries... yes checking whether to build shared libraries... yes checking whether to build static libraries... no creating libtool appending configuration tag "CXX" to libtool configure: creating ./config.status config.status: creating config.h [root@hongwei phpredis-develop]# ^C然后make:
make install
[root@hongwei phpredis-develop]# make install Installing shared extensions: /usr/local/php/lib/php/extensions/no-debug-zts-20131226/查看扩展模块存放目录,我们可以在php.ini中定义该路径。然后可以看到ls下多了redis.so文件
extension_dir => /usr/local/php/lib/php/extensions/no-debug-zts-20131226 => /usr/local/php/lib/php/extensions/no-debug-zts-20131226 sqlite3.extension_dir => no value => no value [root@hongwei phpredis-develop]# [root@hongwei phpredis-develop]# ls /usr/local/php/lib/php/extensions/no-debug-zts-20131226 opcache.so redis.so增加一行配置:
可以看到下面有很多的相同的配置,可以写在这一行的位置:
最后查看是否加载了redis.so模块:
加载成功了。
2357
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
