云运维——LAMP的搭建与配置

LAMP环境搭建与配置

LAMP架构介绍
Linux+Apache(httpd)+MySQL+PHP,其中 三个角色可以在一台机器、也可以分开(httpd和PHP要在一起)
在这里插入图片描述

任务1 安装LAMP,基础配置解析PHP

1. 安装MySQL
[root@localhost ~]# cd /usr/local/src/
[root@localhost ~]# wget http://mirrors.sohu.com/mysql/MySQL-5.6/mysql-5.6.39-linux-glibc2.12-x86_64.tar.gz  //下载源码包
[root@localhost src]# ll
total 321176
-rw-r--r--. 1 root root 328882304 Dec  9  2017 mysql-5.6.39-linux-glibc2.12-x86_64.tar.gz
[root@localhost src]# tar -zxvf mysql-5.6.39-linux-glibc2.12-x86_64.tar.gz   //解压
[root@localhost src]# mv mysql-5.6.39-linux-glibc2.5-x86_64 /usr/local/mysql  //挪动位置
[root@localhost src]# cd /usr/local/mysql
[root@localhost mysql]# pwd
/usr/local/mysql
[root@localhost mysql]# useradd -s /sbin/nologin mysql  //建立MySQL用户
[root@localhost mysql]# mkdir -p /data/mysql ; chown -R mysql:mysql /data/mysql  //创建datadir并更改权限,数据库文件会放到这里面
[root@localhost mysql]# 
[root@localhost mysql]# ls -la /data/mysql/
total 0
drwxr-xr-x. 2 mysql mysql  6 Oct 13 23:52 .
drwxr-xr-x. 3 root  root  19 Oct 13 23:52 ..
[root@localhost mysql]# yum install -y perl-Module-install  //安装服务避免执行脚本出错
[root@localhost mysql]# ./scripts/mysql_install_db --user=mysql --datadir=/data/mysql/  //执行脚本,--user表示定义数据库的以哪个用户的身份运,--datadir表示定义数据库的安装目录
[root@localhost mysql]# cp support-files/my-default.cnf  /etc/my.cnf 
cp: overwrite ‘/etc/my.cnf’? y
[root@localhost mysql]# vi /etc/my.cnf
[root@localhost mysql]# cat /etc/my.cnf  //修改配置文件
...
basedir = /usr/local/mysql
datadir = /data/mysql
port = 3306
server_id = 128
socket = /tmp/mysql.sock
[root@localhost mysql]# cp support-files/mysql.server /etc/init.d/mysqld  //复制启动脚本文件
[root@localhost mysql]# vi /etc/init.d/mysqld   //修改配置文件
[root@localhost mysql]# cat /etc/init.d/mysqld 
...
basedir=/usr/local/mysql
datadir=/data/mysql
[root@localhost mysql]# chkconfig --add mysqld  //把mysql服务加到系统服务列表中
[root@localhost mysql]# chkconfig mysqld on  //开机就启动
[root@localhost mysql]# service mysqld start  //启动服务
Starting MySQL.Logging to '/data/mysql/localhost.localdomain.err'.
. SUCCESS! 
[root@localhost mysql]# ps -ef | grep mysqld  //查看服务
root      10300      1  0 00:04 pts/0    00:00:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/data/mysql --pid-file=/data/mysql/localhost.localdomain.pid
mysql     10477  10300  5 00:04 pts/0    00:00:01 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/data/mysql --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=localhost.localdomain.err --pid-file=/data/mysql/localhost.localdomain.pid --socket=/tmp/mysql.sock --port=3306
root      10503   2063  0 00:05 pts/0    00:00:00 grep --color=auto mysqld
[root@localhost mysql]# 
2. 安装Apache

Apache官网www.apache.org

[root@localhost src]# wget http://mirrors.cnnic.cn/apache/httpd/httpd-2.4.46.tar.gz  //下载源码包
--2020-10-14 03:26:54--  http://mirrors.cnnic.cn/apache/httpd/httpd-2.4.46.tar.gz
Resolving mirrors.cnnic.cn (mirrors.cnnic.cn)... 101.6.8.193, 2402:f000:1:408:8100::1
Connecting to mirrors.cnnic.cn (mirrors.cnnic.cn)|101.6.8.193|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 9363314 (8.9M) [application/x-gzip]
Saving to: ‘httpd-2.4.46.tar.gz’

100%[======================================>] 9,363,314   1.79MB/s   in 6.7s   

2020-10-14 03:27:04 (1.34 MB/s) - ‘httpd-2.4.46.tar.gz’ saved [9363314/9363314]

[root@localhost src]# wget http://mirrors.hust.edu.cn/apache/apr/apr-1.6.5.tar.gz  //下载源码包

--2020-10-14 03:28:39--  http://mirrors.hust.edu.cn/apache/apr/apr-1.6.5.tar.gz
Resolving mirrors.hust.edu.cn (mirrors.hust.edu.cn)... 202.114.18.160
Connecting to mirrors.hust.edu.cn (mirrors.hust.edu.cn)|202.114.18.160|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1073556 (1.0M) [application/octet-stream]
Saving to: ‘apr-1.6.5.tar.gz’

100%[======================================>] 1,073,556   1.35MB/s   in 0.8s   

2020-10-14 03:28:40 (1.35 MB/s) - ‘apr-1.6.5.tar.gz’ saved [1073556/1073556]

[root@localhost src]# wget http://mirrors.hust.edu.cn/apache/apr/apr-util-1.6.1.tar.gz  //下载源码包

--2020-10-14 03:29:46--  http://mirrors.hust.edu.cn/apache/apr/apr-util-1.6.1.tar.gz
Resolving mirrors.hust.edu.cn (mirrors.hust.edu.cn)... 202.114.18.160
Connecting to mirrors.hust.edu.cn (mirrors.hust.edu.cn)|202.114.18.160|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 554301 (541K) [application/octet-stream]
Saving to: ‘apr-util-1.6.1.tar.gz’

100%[======================================>] 554,301     1.83MB/s   in 0.3s   

2020-10-14 03:29:46 (1.83 MB/s) - ‘apr-util-1.6.1.tar.gz’ saved [554301/554301]

[root@localhost src]# ls
apr-1.6.5.tar.gz       httpd-2.4.46.tar.gz
apr-util-1.6.1.tar.gz  mysql-5.6.39-linux-glibc2.12-x86_64.tar.gz
[root@localhost src]# tar -zxvf apr-1.6.5.tar.gz //解压
[root@localhost src]# tar -zxvf apr-util-1.6.1.tar.gz //解压
[root@localhost src]# tar -zxvf httpd-2.4.46.tar.gz //解压
[root@localhost src]# cd apr-1.6.5/
[root@localhost apr-1.6.5]# yum -y install gcc //安装服务避免出错
[root@localhost apr-1.6.5]# ./configure --prefix=/usr/local/apr  //安装和配置
[root@localhost apr-1.6.5]# make && make install
[root@localhost httpd-2.4.46]# echo $?
0
[root@localhost apr-1.6.5]# cd ..
[root@localhost src]# cd apr-util-1.6.1
[root@localhost apr-util-1.6.1]# yum install -y libtool*   //安装服务避免出错
[root@localhost apr-util-1.6.1]# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr  ///安装和配置
[root@localhost apr-util-1.6.1]# yum install -y expat-devel  //安装服务避免出错
[root@localhost apr-util-1.6.1]# make && make install  
[root@localhost apr-util-1.6.1]# echo $?
0
[root@localhost apr-util-1.6.1]# cd ..
[root@localhost httpd-2.4.46]# cd httpd-2.4.46
[root@localhost httpd-2.4.46]# ./configure --prefix=/usr/local/apache2.4 --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util --enable-so --enable-mods-shared=most  //yum install -y pcre-devel  //安装和配置
[root@localhost httpd-2.4.46]# echo $?
0
[root@localhost httpd-2.4.46]# cd ..
[root@localhost src]# pwd
/usr/local/src
[root@localhost src]# ls
apr-1.6.5              httpd-2.4.46
apr-1.6.5.tar.gz       httpd-2.4.46.tar.gz
apr-util-1.6.1         mysql-5.6.39-linux-glibc2.12-x86_64.tar.gz
apr-util-1.6.1.tar.gz
[root@localhost src]# cp -r apr-1.6.5 httpd-2.4.46/srclib/apr
[root@localhost src]# cp -r apr-util-1.6.1 httpd-2.4.46/srclib/apr-util
[root@localhost src]# cd httpd-2.4.46 
[root@localhost src]# make clean
[root@localhost src]# ./configure --prefix=/usr/local/apache2.4 --enable-so --with-pcre --with-included-apr  --enable-    modules=most --enable-mpms-shared=all --with-mpm=prefork
[root@localhost src]# yum install -y pcre pcre-devel  //为避免make时出错提前安装库文件		
[root@localhost src]# make && make install
[root@localhost src]# echo $?
0
[root@localhost httpd-2.4.46]# /usr/local/apache2.4/bin/apachectl -M  //查看配置文件有哪些文件
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain.     Set the 'ServerName' directive globally to suppress this message
Loaded Modules:
 core_module (static)  //share字样的动态共享模块,static以静态形式存在
 so_module (static)
 http_module (static)
 mpm_prefork_module (shared)
 authn_file_module (shared)
 authn_core_module (shared)
 authz_host_module (shared)
 authz_groupfile_module (shared)
 authz_user_module (shared)
 authz_core_module (shared)
 access_compat_module (shared)
 auth_basic_module (shared)
 reqtimeout_module (shared)
 filter_module (shared)
 mime_module (shared)
 log_config_module (shared)
 env_module (shared)
 headers_module (shared)
 setenvif_module (shared)
 version_module (shared)
 unixd_module (shared)
 status_module (shared)
 autoindex_module (shared)
 dir_module (shared)
 alias_module (shared)
[root@localhost httpd-2.4.46]# cd ..
[root@localhost src]# cd ..
[root@localhost local]# du -sh apache2.4/
43M     apache2.4/
[root@localhost local]# 
3. 安装PHP

当前主流版本为5.6/7.1,哪个版本都可以用,下面为安装5.6版本的步骤过程:

[root@localhost extra]# wget http://cn2.php.net/distributions/php-5.6.30.tar.gz  //下载源码包
--2020-10-14 06:27:11--  http://cn2.php.net/distributions/php-5.6.30.tar.gz
Resolving cn2.php.net (cn2.php.net)... 185.85.0.29, 2a02:cb40:200::1ad
Connecting to cn2.php.net (cn2.php.net)|185.85.0.29|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.php.net/distributions/php-5.6.30.tar.gz [following]
--2020-10-14 06:27:12--  https://www.php.net/distributions/php-5.6.30.tar.gz
Resolving www.php.net (www.php.net)... 185.85.0.29, 2a02:cb40:200::1ad
Connecting to www.php.net (www.php.net)|185.85.0.29|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 19274631 (18M) [application/octet-stream]
Saving to: ‘php-5.6.30.tar.gz’

100%[======================================>] 19,274,631  38.3KB/s   in 4m 46s                                                                                                   ] 6,987,512   41.8KB/s  eta 2m 29s 

2020-10-14 06:32:00 (65.8 KB/s) - ‘php-5.6.30.tar.gz’ saved [19274631/19274631]

[root@localhost src]# 
[root@localhost src]# tar -zxvf php-5.6.30.tar.gz   //解压资源包 php-5.6.30.tar
[root@localhost php-5.6.30]# cd php-5.6.30
[root@localhost php-5.6.30]# yum install -y libxml2-devel  //安装和配置,防止配置时出错
[root@localhost php-5.6.30]# yum install -y openssl openssl -devel
[root@localhost php-5.6.30]# yum install -y openssl openssl-devel
[root@localhost php-5.6.30]# yum install -y bzip2 bzip2-devel
[root@localhost php-5.6.30]# yum install -y libpng libpng-devel
[root@localhost php-5.6.30]# yum install -y freetype freetype-devel
[root@localhost php-5.6.30]# yum install -y epel-release
[root@localhost php-5.6.30]# yum install -y libmcrypt-devel
[root@localhost php-5.6.30]# ./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache2.4/bin/apxs --with-config-file-path=/usr/local/php/etc --with-mysql=/usr/local/mysql --with-libxml-dir--with-gd --with-jpeg-dir --with-png-dir--with-freetype-dir --with-iconv-dir--with-zlib-dir --with-bz2 --with-openssl--with-mcrypt --enable-soap--enable-gd-native-ttf  --enable-mbstring--enable-sockets --enable-exif
[root@localhost php-5.6.30]# echo $?
0
[root@localhost php-5.6.30]# make && make install  //编译安装
[root@localhost php-5.6.30]# echo $?  
0
4. httpd解析PHP
[root@localhost conf]# ps -ef | grep http
root      25228      1  1 07:36 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache    25230  25228  0 07:36 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache    25231  25228  0 07:36 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache    25232  25228  0 07:36 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache    25233  25228  0 07:36 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache    25234  25228  0 07:36 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
root      25240  25143  0 07:36 pts/1    00:00:00 grep --color=auto http
[root@localhost conf]# netstat -ltunp | grep 80
tcp6       0      0 :::80                   :::*                    LISTEN      25228/httpd   
[root@localhost conf]# pwd
/usr/local/apache2.4/conf
[root@localhost conf]# ls
extra  httpd.conf  httpd.conf.bak  magic  mime.types  original
[root@localhost conf]# vi httpd.conf  //修改四个地方
搜索ServerName,把ServerName www.example.com:80前#去掉;
搜索Require,把<Directory /> AllowOverride none Require all denied </Directory>中的denied改成granted;
搜索AddType application/x-gzip .gz .tgz,在下面添加一行 AddType application/x-httpd-php .php;
搜索index.html,把<IfModule dir_module> DirectoryIndex index.html  </IfModule>,在index.html后面添加index.php;
[root@localhost conf]# /usr/local/apache2.4/bin/apachectl -t  检验配置文件是否正确
Syntax OK
[root@localhost conf]# /usr/local/apache2.4/bin/apachectl start  //如报错,使用kill -9 命令终止出http外的其他进程,可以ps -ef | grep http 查看
[root@localhost conf]# netstat -lntp  //查看是否启动
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1178/master         
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1064/sshd           
tcp6       0      0 ::1:25                  :::*                    LISTEN      1178/master         
tcp6       0      0 :::3306                 :::*                    LISTEN      10477/mysqld        
tcp6       0      0 :::80                   :::*                    LISTEN      25266/httpd         
tcp6       0      0 :::22                   :::*                    LISTEN      1064/sshd           
[root@localhost conf]# curl localhost  //使用curl命令简单测试
<html><body><h1>It works!</h1></body></html>
[root@localhost conf]# cd /usr/local/apache2.4/htdocs
[root@localhost htdocs]# pwd
/usr/local/apache2.4/htdocs
[root@localhost htdocs]# ls
index.html
[root@localhost htdocs]# vi test.php  //写入以下内容
<?php
echo 123;
?>
[root@localhost htdocs]# curl localhost/test.php  //测试是否正确解析PHP
123
[root@localhost htdocs]# 

任务2 Apache配置

1. 默认虚拟主机

(1)虚拟主机
虚拟主机(共享主机,又称虚拟服务器)是一种在单一主机或主机群上,实现多网域服务的方法,可以运行多个网站或服务的技术。虚拟主机之间完全独立,并可由用户自行管理,虚拟并非指不存在,而是指空间是由实体的服务器延伸而来,其硬件系统可以是基于服务器群,或者单个服务器。
(2)配置

[root@localhost conf]# ls
extra  httpd.conf  httpd.conf.bak  magic  mime.types  original
[root@localhost conf]# vi httpd.conf  //编辑配置文件
搜索httpd-vhost,把#Include conf/extra/httpd-vhosts.conf前面的#去掉;
[root@localhost conf]# cd extra/
[root@localhost extra]# ls
httpd-autoindex.conf  httpd-languages.conf           httpd-ssl.conf
httpd-dav.conf        httpd-manual.conf              httpd-userdir.conf
httpd-default.conf    httpd-mpm.conf                 httpd-vhosts.conf
httpd-info.conf       httpd-multilang-errordoc.conf  proxy-html.conf
[root@localhost extra]# cp httpd-vhosts.conf httpd-vhosts.conf-bak
[root@localhost extra]# vi httpd-vhosts.conf  //编辑虚拟主机配置文件
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com     //ServerAdmin指定管理员邮箱,
DocumentRoot "/usr/local/apache2.4/docs/abc.com"      //DocumentRoot为该虚拟主机站点的根目录
ServerName abc.com     //ServaerName为网站的域名
ServerAlias www.abc.com www.aaa.com     //ServerAlias为网站的第二域名
ErrorLog "logs/abc.com-error_log"     //ErrorLog为站点的错误日志
CustomLog "logs/abc.com-access_log" common     //CustomLog为站点的访问日志
</VirtualHost>

<VirtualHost *:80>
DocumentRoot "/usr/local/apache2.4/docs/111.com"
ServerName 111.com
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" common
</VirtualHost>
[root@localhost extra]# cd ..
[root@localhost conf]# cd ..
[root@localhost apache2.4]# ls
bin    cgi-bin  error   icons    lib   man     modules
build  conf     htdocs  include  logs  manual
[root@localhost apache2.4]# mkdir docs
[root@localhost apache2.4]# ls
bin    cgi-bin  docs   htdocs  include  logs  manual
build  conf     error  icons   lib      man   modules
[root@localhost apache2.4]# cd docs/
[root@localhost docs]# ls
[root@localhost docs]# mkdir abc.com
[root@localhost docs]# mkdir 111.com
[root@localhost docs]# vi abc.com/index.html   //网站默认的主页就是index.html
abc.com
[root@localhost docs]# vi 111.com/index.html  //网站默认的主页就是index.html
111.com
[root@localhost docs]# /usr/local/apache2.4/bin/apachectl  -t
Syntax OK
[root@localhost docs]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost docs]# curl -xlocalhost:80 www.abc.com  //配置验证
abc.com
[root@localhost docs]# curl -xlocalhost:80 www.aaa.com  
abc.com
[root@localhost docs]# curl -xlocalhost:80 www.111.com
111.com
2. 用户认证

(1)介绍
用户认证用来对某些目录中的网页进行访问控制,当用户访问这些页面的时候需要输入用户名和密码进行认证。
(2)配置

[root@localhost extra]# vi httpd-vhosts.conf
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/usr/local/apache2.4/docs/abc.com"
ServerName abc.com
ServerAlias www.abc.com www.aaa.com                                       
<Directory /usr/local/apache2.4/docs/abc.com>     // 指定认证的目录
    AllowOverride AuthConfig     // 这个相当于打开认证的开关
    AuthName "abc.com user auth"      //自定义认证的名字,作用不大
    AuthType Basic     //认证的类型,一般为Basic
    AuthUserFile /usr/local/apache2.4/docs/.htpasswd     //指定密码文件所在位置
    require valid-user     // 指定需要认证的用户为全部可用用户
</Directory>
ErrorLog "logs/abc.com-error_log"
CustomLog "logs/abc.com-access_log" common
</VirtualHost>

#<VirtualHost *:80>
#    DocumentRoot "/usr/local/apache2.4/docs/111.com"
#    ServerName 111.com
#    ErrorLog "logs/111.com-error_log"
#    CustomLog "logs/111.com-access_log" common
#</VirtualHost>
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t     //验证配置文件是否有问题
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# /usr/local/apache2.4/bin/htpasswd -cm /usr/local/apache2.4/docs/.htpasswd xxj     //创建用户并指定密码
New password: 
Re-type new password: 
Adding password for user xxj
[root@localhost extra]# curl -xlocalhost:80 abc.com     //配置验证
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested.  Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
</body></html>
[root@localhost extra]# curl -xlocalhost:80 -u xxj abc.com -I
Enter host password for user 'xxj':
HTTP/1.1 200 OK
Date: Wed, 14 Oct 2020 13:55:34 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
Last-Modified: Wed, 14 Oct 2020 12:57:15 GMT
ETag: "8-5b1a11222cb39"
Accept-Ranges: bytes
Content-Length: 8
Content-Type: text/html

针对单个文件进行认证配置步骤

[root@localhost extra]# vi httpd-vhosts.conf
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/usr/local/apache2.4/docs/abc.com"
ServerName abc.com
ServerAlias www.abc.com www.aaa.com
<FilesMatch admin.php>
    AllowOverride AuthConfig
    AuthName "abc.com user auth"
    AuthType Basic
    AuthUserFile /usr/local/apache2.4/docs/.htpasswd
    require valid-user
</FilesMatch>

#    <Directory /usr/local/apache2.4/docs/abc.com> 
#        AllowOverride AuthConfig 
#        AuthName "abc.com user auth" 
#        AuthType Basic 
#        AuthUserFile /usr/local/apache2.4/docs/.htpasswd 
#        require valid-user 
#    </Directory>
    ErrorLog "logs/abc.com-error_log"
    CustomLog "logs/abc.com-access_log" common
</VirtualHost>
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# /usr/local/apache2.4/bin/htpasswd -cm /usr/local/apache2.4/docs/./htpasswd xxj
New password: 
Re-type new password: 
Adding password for user xxj
[root@localhost extra]# curl -xlocalhost:80 abc.com -I
HTTP/1.1 200 OK
Date: Wed, 14 Oct 2020 15:36:58 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
Last-Modified: Wed, 14 Oct 2020 12:57:15 GMT
ETag: "8-5b1a11222cb39"
Accept-Ranges: bytes
Content-Length: 8
Content-Type: text/html

[root@localhost extra]# 

/usr/local/apache2.4/bin/htpasswd -cm /usr/local/apache2.4/docs/.htpasswd xxj 其中/htpasswd为创建用户的工具,-c为creat,-m为指定密码加密的方式为MD5,docs/.htpasswd为密码文件,第一次执行需加-c,第二次不用加,否则密码文件会重置

3. 域名跳转

(1)介绍
当我们变更网站域名或者申多个域名指向一个网站的时候,这个时候我们就会用到域名跳转。
(2)配置

[root@localhost extra]# vi httpd-vhosts.conf
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/usr/local/apache2.4/docs/www.111.com"
ServerName www.111.com
ServerAlias 111.com
<IfModule mod_rewrite.c>     //- 需要mod_ _rewrite模块 支持
    RewriteEngine on      // 打开rewrite功能
    RewriteCond %{HTTP_ HOST} !^www.111.com$      //定义rewrite的条件,当主机名不是www.testdomain.com时满足条件
    RewriteRule ^/(. *)$ http://www.111.com/$1 [R=301,L]     //定义rewrite规则,RewriteRule后面分为三个部分,第一部分为当前网址,第二部分为要跳转的网址,第三部分是选项,需要括号括起来。
 </IfModule>
    ErrorLog "logs/abc.com-error_log"
    CustomLog "logs/abc.com-access_log" common
</VirtualHost>
[root@localhost extra]# mkdir -p /usr/local/apache2.4/docs/www.111.com
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# cd /usr/local/apache2.4/docs/www.111.com/
[root@localhost www.111.com]# vi index.html
www.111.com
[root@localhost www.111.com]# vi 123.php
<?php
echo "www.111.com/123.php";
?>
[root@localhost extra]# 
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# vi /usr/local/apache2.4/conf/httpd.conf     //修改配置文件,需要rewrite模块的支持
把#LoadModule rewrite_module modules/mod_rewrite.so前面的#去掉
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -M | grep -i rewrite      //查看模块是否存在
 rewrite_module (shared)
[root@localhost extra]# curl -xlocalhost:80 -I 111.com      //配置验证
HTTP/1.1 301 Moved Permanently
Date: Wed, 14 Oct 2020 17:02:36 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
Location: http://www.111.com/
Content-Type: text/html; charset=iso-8859-1
4. 访问日志

(1)介绍
访问日志作用很大,不仅可以记录网站的访问情况,还可以在网站有异常发生时帮助我们定位问题。
(2)配置

[root@localhost extra]# vi httpd-vhosts.conf
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/usr/local/apache2.4/docs/www.111.com"
ServerName www.111.com
ServerAlias 111.com
<IfModule mod_rewrite.c>
    RewriteEngine on 
    RewriteCond %{HTTP_ HOST} !^www.111.com$
    RewriteRule ^/(. *)$ http://www.111.com/$1 [R=301,L]
 </IfModule>
    ErrorLog "logs/abc.com-error_log"
    CustomLog "logs/abc.com-access_log" combined
</VirtualHost>
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# curl -xlocalhost:80 -I 111.com  //配置验证
HTTP/1.1 301 Moved Permanently
Date: Wed, 14 Oct 2020 17:16:56 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
Location: http://www.111.com/
Content-Type: text/html; charset=iso-8859-1

[root@localhost extra]# tail /usr/local/apache2.4/logs/abc.com-access_log     //验证成功
...
::1 - - [14/Oct/2020:13:03:33 -0400] "GET HTTP://211.com.cn/ HTTP/1.1" 301 227
::1 - - [14/Oct/2020:13:03:38 -0400] "HEAD HTTP://211.com.cn/ HTTP/1.1" 301 -
::1 - - [14/Oct/2020:13:16:56 -0400] "HEAD HTTP://111.com/ HTTP/1.1" 301 - "-" "curl/7.29.0"
5. 访问日记不记录静态文件

网站大多元素为静态文件,如图片、css、js等,这些元素可以不用记录

[root@localhost extra]# vi httpd-vhosts.conf
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/usr/local/apache2.4/docs/www.111.com"
ServerName www.111.com
ServerAlias 111.com
    SetEnvIf Request_URI ".*\.gif$" img
    SetEnvIf Request_URI ".*\.jpg$" img
    SetEnvIf Request_URI ".*\.png$" img
    SetEnvIf Request_URI ".*\.bmp$" img
    SetEnvIf Request_URI ".*\.swf$" img
    SetEnvIf Request_URI ".*\.js$" img
    SetEnvIf Request_URI ".*\.css$" img 
    CustomLog "logs/111.com-access_log" combined env=!img
    ErrorLog "logs/111.com-error_log"
</VirtualHost>     //先定义了一个image-request环境变量,把gif,jpg,png, bmp,swf,js,css等格式文件全归类到此
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t  //测试配置文件是否正确
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful     //重新加载服务
[root@localhost extra]# mkdir /usr/local/apache2.4/docs/www.111.com/images     //创建目录,并在这目录下上传一个图片
[root@localhost extra]# cd /usr/local/apache2.4/docs/www.111.com/images
[root@localhost images]# ls
[root@localhost images]# ls
linux.png.jpg
[root@localhost images]# curl -xlocalhost:80 www.111.com/images/linux.png.jpg -I      //配置验证
HTTP/1.1 200 OK
Date: Wed, 14 Oct 2020 18:18:49 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
Last-Modified: Wed, 14 Oct 2020 18:18:49 GMT
ETag: W/"1ea3-5b1c32b22e700"
Accept-Ranges: bytes
Content-Length: 7843
Content-Type: image/jpeg
[root@localhost images]# tail /usr/local/apache2.4/logs/111.com-access_log      //验证成功
[root@localhost images]# ls /usr/local/apache2.4/logs/
111.com-access_log  abc.com-access_log  access_log  httpd.pid
111.com-error_log   abc.com-error_log   error_log
[root@localhost images]# 
6. 访问日记切割
[root@localhost extra]# vi httpd-vhosts.conf
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/usr/local/apache2.4/docs/www.111.com"
ServerName www.111.com
ServerAlias 111.com
    SetEnvIf Request_URI ".*\.gif$" img
    SetEnvIf Request_URI ".*\.jpg$" img
    SetEnvIf Request_URI ".*\.png$" img
    SetEnvIf Request_URI ".*\.bmp$" img
    SetEnvIf Request_URI ".*\.swf$" img
    SetEnvIf Request_URI ".*\.js$" img
    SetEnvIf Request_URI ".*\.css$" img 
    CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/www.111.com-access_%Y%m%d.log 86400" combined     env=!img  
    ErrorLog "logs/111.com-error_log"
</VirtualHost>
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t     //测试配置文件是否正确
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful     //重新加载服务
[root@localhost extra]# curl -xlocalhost:80 www.111.com -I       //配置验证
HTTP/1.1 200 OK
Date: Wed, 14 Oct 2020 18:34:01 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
Last-Modified: Wed, 14 Oct 2020 16:40:41 GMT
ETag: "c-5b1a43135ccaf"
Accept-Ranges: bytes
Content-Length: 12
Content-Type: text/html

[root@localhost extra]# ls /usr/local/apache2.4/logs     //验证成功
111.com-access_log  abc.com-error_log  httpd.pid
111.com-error_log   access_log         www.111.com-access_20201014.log
abc.com-access_log  error_log
[root@localhost extra]# cat /usr/local/apache2.4/logs/www.111.com-access_20201014.log 
::1 - - [14/Oct/2020:14:34:01 -0400] "HEAD HTTP://www.111.com/ HTTP/1.1" 200 - "-" "curl/7.29.0"
[root@localhost extra]# 
7. 静态元素过期时间

(1)介绍
那到底能缓存多久呢?如果服务器上的某个图片更改了,那么应该访问新的图片才对。这就涉及一个静态文件缓存时长的问题,也叫作“缓存过期时间”。在httpd的配置文件中,我们是可以控制这个时间的。
(2)配置
在httpd上我们可以控制文件过期时间,配置如下:

[root@localhost extra]# vi httpd-vhosts.conf
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/usr/local/apache2.4/docs/www.111.com"
ServerName www.111.com
ServerAlias 111.com
    <IfModule mod_expires.c>
        ExpiresActive on
        ExpiresByType image/gif  "access plus 1 days"
        ExpiresByType image/jpeg "access plus 24 hours"
        ExpiresByType image/png "access plus 24 hours"
        ExpiresByType text/css "now plus 2 hour"
        ExpiresByType application/x-javascript "now plus 2 hours"
        ExpiresByType application/javascript "now plus 2 hours"
        ExpiresByType application/x-shockwave-flash "now plus 2 hours"
        ExpiresDefault "now plus 0 min"
    </IfModule>
    ErrorLog "logs/www.111.com-error_log"
    CustomLog "logs/www.111.com-access_log" combined
</VirtualHost>
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# vi /usr/local/apache2.4/conf/httpd.conf
搜索关键词expires,把#LoadModule expires_ module modules/mod_ expires .so前面的#号去掉
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -M|grep -i expires    //检查httpd是否加载expires模块
 expires_module (shared)
[root@localhost extra]# curl -xlocalhost:80 www.111.com/images/linux.png.jpg -I     //配置验证
HTTP/1.1 200 OK
Date: Wed, 14 Oct 2020 19:11:33 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
Last-Modified: Wed, 14 Oct 2020 19:11:33 GMT
ETag: W/"1ea3-5b1c32b22e700"
Accept-Ranges: bytes
Content-Length: 7843
Cache-Control: max-age=86400
Expires: Thu, 15 Oct 2020 19:11:33 GMT
Content-Type: image/jpeg
8. 配置防盗链

(1)介绍
防盗链,通俗讲,就是不让别人盗用你网站上的资源。这个资源,通常指的是图片、视频、歌曲、文档等。
(2)配置
配置防盗链先编辑主机配置文件:

[root@localhost extra]# vi httpd-vhosts.conf
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/usr/local/apache2.4/docs/www.111.com"
ServerName www.111.com
ServerAlias 111.com
<Directory /usr/local/apache2.4/docs/www.111.com>
    SetEnvIfNoCase Referer "http://www.111.com" local_ref
    SetEnvIfNoCase Referer "http://111.com" local_ref
    SetEnvIfNoCase Referer "^$" local_ref
    <filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)">
        Order Allow,Deny
        Allow from env=local_ref
    </filesmatch>
</Directory>
ErrorLog "logs/www.111.com-error_log"
CustomLog "logs/www.111.com-access_log" combined
</VirtualHost>     //首先定义允许访问链接的referer,其中^$为空referer,当直接在浏览器里输入图片地址去访问它时,它的referer就为空。
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# curl -e "http://www.111.com/123.txt" -xlocalhost:80 www.111.com/images/linux.png.jpg -I     //状态码200
HTTP/1.1 200 OK
Date: Wed, 14 Oct 2020 19:32:22 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
Last-Modified: Wed, 14 Oct 2020 19:32:22 GMT
ETag: W/"1ea3-5b1c32b22e700"
Accept-Ranges: bytes
Content-Length: 7843
Content-Type: image/jpeg
[root@localhost extra]# curl -e "http://www.daoxue.com/123.pnp" -xlocalhost:80 www.111.com/images/linux.png.jpg -I     //状态码403
HTTP/1.1 403 Forbidden
Date: Wed, 14 Oct 2020 19:30:29 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
Content-Type: text/html; charset=iso-8859-1
[root@localhost extra]# curl -e "http://www.daoxue.com/123.pnp" -xlocalhost:80 www.111.com/index.html -I    //状态码200
HTTP/1.1 200 OK
Date: Wed, 14 Oct 2020 19:34:26 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
Last-Modified: Wed, 14 Oct 2020 16:40:41 GMT
ETag: "c-5b1a43135ccaf"
Accept-Ranges: bytes
Content-Length: 12
Content-Type: text/html
9. 访问控制-Diretory\FileMatch

(1)介绍
访问控制限制白名单IP,针对文件和目录。
(2)目录配置
先来看看怎么限制IP访问,编辑配置文件:

[root@localhost extra]# vi httpd-vhosts.conf
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/usr/local/apache2.4/docs/www.111.com"
ServerName www.111.com
ServerAlias 111.com
<Directory /usr/local/apache2.4/docs/www.111.com/admin/>
    Order deny,allow
    Deny from all
    Allow from 127.0.0.1
</Directory>
ErrorLog "logs/www.111.com-error_log"
CustomLog "logs/www.111.com-access_log" combined
</VirtualHost>       //Directory是用来指定限制访问的目录,order定义控制顺序
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# mkdir /usr/local/apache2.4/docs/www.111.com/admin     //创建admin目录
[root@localhost extra]# cd /usr/local/apache2.4/docs/www.111.com
[root@localhost www.111.com]# cp 123.php admin/       //模拟网站后台
[root@localhost www.111.com]# curl -xlocalhost:80 www.111.com/admin/123.php -I       //配置验证
HTTP/1.1 403 Forbidden
Date: Wed, 14 Oct 2020 19:56:05 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
Content-Type: text/html; charset=iso-8859-1
[root@localhost www.111.com]# curl -x127.0.0.1:80 www.111.com/admin/123.php -I
HTTP/1.1 200 OK
Date: Wed, 14 Oct 2020 20:01:45 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
X-Powered-By: PHP/5.6.30
Content-Type: text/html; charset=UTF-8
[root@localhost extra]# cat /usr/local/apache2.4/logs/www.111.com-access_log      //验证成功
172.16.51.19 - - [14/Oct/2020:16:06:22 -0400] "HEAD HTTP://www.111.com/admin/123.php HTTP/1.1" 403 - "-" "curl/7.29.0"
127.0.0.1 - - [14/Oct/2020:16:06:29 -0400] "HEAD HTTP://www.111.com/admin/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
10. 访问控制-禁止解析PHP

(1)简述
对于使用PHP语言编写的网站,有一些目录是有需求上传文件的。如果网站代码有漏洞,让黑客上传了一个用PHP写的木马,由于网站可以执行PHP程序,最终会让黑客拿到服务器权限。
为了避免这种情况发生,我们需要把能上传文件的目录直接禁止解析PHP代码。
(2)配置

[root@localhost extra]# vi httpd-vhosts.conf
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/usr/local/apache2.4/docs/www.111.com"
ServerName www.111.com
ServerAlias 111.com
<Directory /usr/local/apache2.4/docs/www.111.com/upload>
    php_admin_flag engine off
</Directory>
 ErrorLog "logs/www.111.com-error_log"
CustomLog "logs/www.111.com-access_log" combined
</VirtualHost>
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# mkdir /usr/local/apache2.4/docs/www.111.com/upload      //创建upload目录
[root@localhost extra]# cp /usr/local/apache2.4/docs/www.111.com/123.php /usr/local/apache2.4/docs/www.111.com/upload/      //模拟网站后台
[root@localhost extra]# ll /usr/local/apache2.4/docs/www.111.com/upload
total 4
-rw-r--r--. 1 root root 37 Oct 14 16:23 123.php
[root@localhost extra]# curl -xlocalhost:80 www.111.com/upload/123.php       //配置验证
<?php
echo "www.111.com/123.php";
?>
11. 访问控制-user_agent

(1)介绍
user_agent是指用户浏览器端的信息。比如你是用IE的还是Firefox浏览器的。有些网站会根据这个来调整打开网站的类型,如是手机的就打开wap,显示非手机的就打开PC常规页面。
(2)配置

[root@localhost extra]#vi httpd-vhosts.conf  //修改配置文件
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/usr/local/apache2.4/docs/www.111.com"
ServerName www.111.com
ServerAlias 111.com
<IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteCond %{HTTP_USER_AGENT}  .*curl.* [NC,OR]
    RewriteCond %{HTTP_USER_AGENT}  .*baidu.com.* [NC]
    RewriteRule  .*  -  [F]
</IfModule>
    ErrorLog "logs/www.111.com-error_log"
CustomLog "logs/www.111.com-access_log" combined
</VirtualHost>
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# curl -I -x127.0.0.1:80 www.111.com/upload/123.php  //状态码403
HTTP/1.1 403 Forbidden
Date: Wed, 14 Oct 2020 20:34:19 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
Content-Type: text/html; charset=iso-8859-1

[root@localhost extra]# curl -A "123123" -I -x127.0.0.1:80 www.111.com/upload/123.php  //状态码200
HTTP/1.1 200 OK
Date: Wed, 14 Oct 2020 20:34:44 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
X-Powered-By: PHP/5.6.30
Content-Type: text/html; charset=UTF-8

//%{HTTP_USER_AGENT}为user_agent的内置变量,NC代表“不区分大小写”,F代表Forbidden,OR表示“或者”

任务3 PHP配置

1. PHP基础配置
[root@localhost php-5.6.30]# /usr/local/php/bin/php -i |grep -i "loaded configuration file"  //查看PHP配置文件得位置
PHP Warning:  Unknown: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in Unknown on line 0
Loaded Configuration File => /usr/local/php/etc/php.ini
[root@localhost php-5.6.30]# vi /usr/local/php/etc/php.ini
搜索disable_functions,改成
disable_functions=eval,assert,popen,passthru,escapeshellarg,escapeshellcmd,passthru,exec,system,chroot,scandir,chgrp,chown,escapeshellcmd,escapeshellarg,shell_exec,proc_get_status,ini_alter,ini_restore,dl,pfsockopen,openlog,syslog,readlink,symlink,1eak,popepassthru,stream_socket_server,popen,proc_open,proc_close
[root@localhost php-5.6.30]# vi /usr/local/php/etc/php.ini
搜索date. timezone,改成date.timezone = Asia/Shanghai
[root@localhost php-5.6.30]# /usr/local/php/bin/php -i |grep -i "loaded configuration file"  //再次查看PHP配置文件得位置
Loaded Configuration File => /usr/local/php/etc/php.ini
2. 日志相关配置
[root@localhost php]# vi /usr/local/php/etc/php.ini
搜索log_errors, 改成log_errors=On   此为记录错误日志;
搜索error. log,改为error_log = /tmp/php_errors.log   此为记录错误日志目录位置
搜索error_reporting 改为error_reporting = E ALL   此为记录错误日志级别
搜索display_errors,改为display_errors = Off;
[root@localhost php]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost php]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost php]# touch /tmp/php_errors.log; chmod 777 /tmp/php_errors.log   //创建日志文件及给权限
[root@localhost php]# cat /usr/local/apache2.4/docs/www.111.com/123.php 
<?php
pfo();
?>
[root@localhost php]# curl -x127.0.0.1:80 www.111.com/123.php -I  //不能访问,状态码500
HTTP/1.0 500 Internal Server Error
Date: Wed, 14 Oct 2020 22:07:11 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
X-Powered-By: PHP/5.6.30
Connection: close
Content-Type: text/html; charset=UTF-8
[root@localhost php]# cat /tmp/php_errors.log   //显示错误日志
[15-Oct-2020 06:07:07 Asia/Shanghai] PHP Fatal error:  Call to undefined function pfo() in /usr/local/apache2.4/docs/www.111.com/123.php on line 2
[15-Oct-2020 06:07:11 Asia/Shanghai] PHP Fatal error:  Call to undefined function pfo() in /usr/local/apache2.4/docs/www.111.com/123.php on line 2
[root@localhost php]# 
3. 配置open_basedir

在php.ini中设置open_basedir,限制PHP的活动

[root@localhost php]# vim /usr/local/php/etc/php.ini 
搜索open_basedir,改成open_basedir = /usr/local/apache2.4/docs/www.111.com/admin:/tmp
限制了PHP只能在/tmp和/admin两个目录下面活动
[root@localhost php]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost php]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost php]# curl -x127.0.0.1:80 www.111.com/upload/123.php -I  //upload不能访问,状态码500
HTTP/1.0 500 Internal Server Error
Date: Wed, 14 Oct 2020 22:19:13 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
X-Powered-By: PHP/5.6.30
Connection: close
Content-Type: text/html; charset=UTF-8

[root@localhost php]# curl -x127.0.0.1:80 www.111.com/admin/123.php -I  //admin可以访问
HTTP/1.1 200 OK
Date: Wed, 14 Oct 2020 22:17:48 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
X-Powered-By: PHP/5.6.30
Content-Type: text/html; charset=UTF-8
4. 虚拟主机配置open_basedir
[root@localhost extra]# vi httpd-vhosts.conf  //修改配置文件
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot "/usr/local/apache2.4/docs/www.111.com"
ServerName www.111.com
ServerAlias 111.com
php_admin_value open_basedir "/usr/local/apache2.4/docs/www.111.com:/upload:/tmp/"
ErrorLog "logs/www.111.com-error_log"
CustomLog "logs/www.111.com-access_log" combined
</VirtualHost>
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@localhost extra]# /usr/local/apache2.4/bin/apachectl graceful
[root@localhost extra]# curl -xlocalhost:80 www.111.com/upload/123.php  //允许upload访问
www.111.com/123.php[root@localhost extra]# 
[root@localhost php]# curl -xlocalhost:80 www.111.com/images/123.php -I  //images访问不了
HTTP/1.0 500 Internal Server Error
Date: Wed, 14 Oct 2020 22:19:13 GMT
Server: Apache/2.4.46 (Unix) PHP/5.6.30
X-Powered-By: PHP/5.6.30
Connection: close
Content-Type: text/html; charset=UTF-8

任务4 PHP扩展模块安装

安装一个redis的模块

[root@localhost src]# wget http://pecl.php.net/get/redis-2.2.5.tgz  //下载源码包
--2020-10-14 18:33:56--  http://pecl.php.net/get/redis-2.2.5.tgz
Resolving pecl.php.net (pecl.php.net)... 104.236.228.160
Connecting to pecl.php.net (pecl.php.net)|104.236.228.160|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 96970 (95K) [application/octet-stream]
Saving to: ‘redis-2.2.5.tgz’

100%[======================================>] 96,970       114KB/s   in 0.8s   

2020-10-14 18:33:57 (114 KB/s) - ‘redis-2.2.5.tgz’ saved [96970/96970]

[root@localhost src]# tar -zxvf redis-2.2.5.tgz   //解压
[root@localhost redis-2.2.5]# /usr/local/php/bin/phpize   //目的生成configure文件
Configuring for:
PHP Api Version:         20131106
Zend Module Api No:      20131226
Zend Extension Api No:   220131226
[root@localhost redis-2.2.5]# ls
acinclude.m4     config.m4     library.c        redis_array.c
aclocal.m4       config.sub    library.h        redis_array.h
arrays.markdown  configure     ltmain.sh        redis_array_impl.c
autom4te.cache   configure.in  Makefile.global  redis_array_impl.h
build            config.w32    missing          redis.c
common.h         COPYING       mkinstalldirs    redis_session.c
config.guess     CREDITS       php_redis.h      redis_session.h
config.h.in      install-sh    README.markdown  run-tests.php
[root@localhost redis-2.2.5]# ./configure --with-php-config=/usr/local/php/bin/php-config
[root@localhost redis-2.2.5]# echo $?  
0
[root@localhost redis-2.2.5]# make
[root@localhost redis-2.2.5]# make install  //make install编译好的就会放在这个目录里
Installing shared extensions:     /usr/local/php/lib/php/extensions/no-debug-non-zts-20131226/
[root@localhost redis-2.2.5]# /usr/local/php/bin/php -i |grep extension_dir  /查看扩展模块存放目录,我们可以在php.ini中去自定义该路径 
extension_dir => /usr/local/php/lib/php/extensions/no-debug-non-zts-20131226 =>    / /usr/local/php/lib/php/extensions/no-debug-non-zts-20131226
sqlite3.extension_dir => no value => no value
[root@localhost redis-2.2.5]# ls /usr/local/php/lib/php/extensions/no-debug-non-zts-20131226/    //查看目录,可以看到rdis.so
opcache.so  redis.so
[root@localhost redis-2.2.5]# vi /usr/local/php/etc/php.ini  //修改配置文件
在文件最后一行添加:extension = redis.so
[root@localhost redis-2.2.5]# /usr/local/php/bin/php -m |grep redis  //查看是否加载了redis模块
redis
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值