LAMP环境搭建与配置_lamp 部署及配置-CSDN博客

本文链接：https://blog.csdn.net/m0_49563345/article/details/108235019

LAMP环境搭建与配置
任务一安装 LAMP,基础配置解析PHP:
首先 LAMP 分别为:Linux Apache Mysql Php
1.1 安装 MySQL
（1）下载源码包
http://mirrors.163.com/mysql/Downloads/MySQL-5.6/mysql-5.6.47-linux-glibc2.12-x86_64.tar.gz
（2）解压
[root@lamp src]#tar –zxvf mysql-5.6.47-linux-glibc2.12-x86_64.tar.gz –C /usr/local/src
(3)建立 MySQL 用户
[root@lamp mysql]cd /usr/local/mysql
./scripts/mysql_install_db --user=mysql --datadir=/data/mysql
[root@lamp mysql]#yum install -y per-Module-Install
[root@lamp mysql]#yum -y install autoconf
安装完成后如果有两个OK表示安装成功。
(4)配置MySQL。
[root@lamp mysql]#cp support-file/my-default.cnf /etc/my.cnf
[root@lamp mysql]#vi /etc/my.cnf
These are commonly set ,remove the # and set as required
Basedir=/usr/local/mysql
Datadir=/data/mysql/datadir
Port=3306
Server_id=128
socket = /tmp/mysql.sock
(5)更改脚本属性。
[root@lamp mysql]#cp support-files/mysql.server /etc/init.d/mysqld
[root@lamp mysql]#chmod 755 /etc/init.d/mysqld
[root@lamp mysql]#Vim /etc/init.d/mysqld
datadir=/data/mysql
[root@lamp mysql]#chkconfig --add mysql
chkconfig mysql on
(6)启动mysql
[root@lamp mysql]#service mysql start

1.2安装Apache
（1）下载 httpd-2.4.43.tar、apr-1.6.5.tar和apr-util-1.6.1.tar
（2）解压
tar -zxvf http-2.4.39.tar
tar -zxvf apr-1.6.5.tar
tar -zxvf apr-util-1.6.1.tar
(3)安装Apache的顺序apr，apr-util，httpd
安装apr
yum install –y libtool*
make &&make install
安装apr-util
cd /usr/local/src/apr-util-1.6.1
./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr
指定apr-util的安装目录
make &&make install
安装httpd
cd /usr/local/src/httpd-2.4.46
先需要安装正则表达式的库
然后编译
./configure \
–prefix=/usr/1ocal/apache2.4
–with-apr=/usr/local/apr
–with-apr-util=/usr/local/apr-util \
–enable-so
–enable-mods-shared=most
//–enable-so 表示启用 DSO
//–enable -mods- shared
继续安装make
make -j4 && make install
yum install -y pcre-devel

(5)安装成功查看配置文件
/usr/local/apache2.4/bin/apachectl -M

1.3 安装 PHP
（1）下载资源包 php-5.6.39.tar.bz2
（2）解压
tar -jxvf php-5.6.39.tar.gz -C /usr/local/src/
(3)提前安装库文件

yum install -y libxml2-devel

yum install -y openssl openssl -devel

yum install -y bzip2 bzip2-devel

yum install -y libpng libpng-devel

yum install -y freetype freetype-devel

yum install -y epel-release

yum install -y libmcrypt-devel

#yum install –y libjpeg-devel

cd php-5.6.30

#./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache2.4/bin/apxs
–with-config-file-path=/usr/local/php/etc --with-mysql=/usr/local/mysql
–with-libxml-dir–with-gd --with-jpeg-dir --with-png-dir–with-freetype-dir
–with-iconv-dir–with-zlib-dir --with-bz2 --with-openssl–with-mcrypt
–enable-soap–enable-gd-native-ttf --enable-mbstring–enable-sockets --enable-exif
(5)编译安装
#make && make install
(6)复制配置文件
#cp php.ini-production /usr/local/php/etc/php.ini
(7)配置httpd解析PHP
#vim /usr/local/apache2.4/conf/httpd.conf
搜索Server取消注释这行
ServerName www.example.com:80

然后搜索Require然后把这行原有的denied改为granted

AllowOverride none Require all granted 搜索AddType加一行 AddType application/x-gzip .gz .tgz， AddType application/x-httpd-php .php；搜索Index再这后面加上index.php DirectoryIndex index.html index.php 测试配置文件是否正确： #/usr/local/apache2.4/bin/apachectl -t 测试是否正确提示 Syntax OK 就是正确 (8)启动 httpd 命令 #/usr/local/apache2.4/bin/apachectl start #netstat -lnp |grep httpd #curl localhost

It works!

//使用 curl 命令简单测试,,显示了就是成功。

浏览器显示“解析PHP”成功

任务二 Apache配置:
2.1 默认虚拟主机
（1）虚拟主机
虚拟主机是在网络服务器上划分出一定的磁盘空间供用户放置站点、应用组件等，提供必要的站点功能、数据存放和传输功能。虚拟主机的租用类似于房屋租用。虚拟主机，也叫“网站空间”，就是把一台运行在互联网上的服务器划分成多个“虚拟”的服务器[1]，每一个虚拟主机都具有独立的域名和完整的Internet服务器（支持WWW、FTP、E-mail等）功能。
（2）配置
先编辑
vi /usr/local/apache2.4/conf/httpd.conf
在将主配置文件/usr/local/apache2.4/conf/httpd.conf下Include conf/extra/httpd-vhosts.conf的#号注释去掉
#vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
然后编辑vhosts文件
ServerAdmin 指定管理员邮箱
DocumentRoot 为该虚拟主机站点的根目录
ServaerName 为网站的域名
ServerAlias 为网站的第二域名
ErrorLog 为站点的错误日志
CustomLog 为站点的访问日志
（3）配置验证
#curl -xlocalhost:80 abc.com
#curl -xlocalhost:80 aa.com
#curl -xlocalhost:80 111.com
2.2 用户认证
（1）配置
#vim /usr/local/apache2.4/conf/extra/httpd-vhost.conf
将之前第二个<VirtualHost *:80>标签内的内容注释掉，然后再第一个<VirtualHost *:80>标签内加入以下内容:
<Directory /data/wwwroot/testdomain.com> //指定认证的目录
AllowOverride AuthConfig //这个相当于打开认证的开关
AuthName “testdomain.com user auth” //自定义认证的名字，作用不大
AuthType Basic //认证的类型，一般为Basic
AuthUserFile /data/.htpasswd
require valid-user //指定需要认证的用户为全部可用用户

(2)创建密码文件，用户和密码
/usr/local/apache2.4/bin/htpasswd -cm /usr/local/apache2.4/docs/.htpasswd cqf
-c是创建一个用户
-m是指定密码加密的方式为 MD5
.htpasswd是密码文件
在本地配置hosts后，用浏览器验证

2.3 域名跳转
(1)编辑vhosts文件
vi /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
添加这段

2.4 访问日志
（1）配置

vim /usr/local/apache2 .4/conf/extra/httpd-vhosts.conf

<VirtualHost *: 80>
Customlog “1ogs/www.111.comcom-access_ log” combined

:wq
保存配置文件后，测试并重新加载配置：
#/usr/local/apache2.4/bin/apachectl -t
#/usr/local/apache2.4/bin/apachectl graceful
（3）配置验证
#curl -x127.0.0.1:80 www.111.com/123.php -I
#tail /usr/local/apache2.4/logs/www.111.com-access_log
（4）验证结果

2.5 访问日记不记录静态文件
（1）配置

vim /usr/local/apache2 .4/conf/extra/httpd-vhosts.conf

<VirtualHost * :80>
DocumentRoot “/usr/local/apache2.4/docs/www.111.com”
ServerName www.111.com
ServerAlias 111.com
SetEnvIf Request_URI “..gif $KaTeX parse error: Can't use function '\.' in math mode at position 41: …Request_URI ".*\̲.̲jpg$ " image-request
SetEnvIf Request_URI "..png $KaTeX parse error: Can't use function '\.' in math mode at position 41: …Request_URI ".*\̲.̲bmp$ ” image-request
SetEnvIf Request_URI “..swf $KaTeX parse error: Can't use function '\.' in math mode at position 41: …Request_URI ".*\̲.̲js$ " image- request
SetEnvIf Request_URI "..css$” image- request
Customlog “logs/testdomain1.com-access_log” combined
ErrorLog “logs/www.111.com-error_log”

:wq
保存配置后，测试配置文件是否正确，重新加载服务：
#/usr/local/apache2.4/bin/apachectl -t
#/usr/local/apache2.4/bin/apachectl graceful
（2）配置验证
#curl -x127.0.0.1:80 -I testdomain.com
#ls /usr/local/apache2.4/logs/
（3）验证结果

2.6 访问日志切割
（1）配置

vim /usr/local/apache2 .4/conf/extra/httpd-vhosts.conf

<VirtualHost :80>
DocumentRoot “/usr/local/apache2.4/docs/www.111.com”
ServerName www.111.com
ServerAlias 111.com
SetEnvIf Request_URI "..gif $KaTeX parse error: Can't use function '\.' in math mode at position 41: …Request_URI ".*\̲.̲jpg$ " image-request
SetEnvIf Request_URI “..png $KaTeX parse error: Can't use function '\.' in math mode at position 41: …Request_URI ".*\̲.̲bmp$ " image-request
SetEnvIf Request_URI "..swf $KaTeX parse error: Can't use function '\.' in math mode at position 41: …Request_URI ".*\̲.̲js$ ” image-request
SetEnvIf Request_URI “.*.css$” image-request
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l
logs/www.111.com-access_%Y%m%d.1og 86400"combined env=!image-request
ErrorLog “logs/www.111.com-error_log”

:wq
#/usr/local/apache2.4/bin/apachectl -t
#/usr/local/apache2.4/bin/apachectl graceful
（2）配置验证
#curl -x127.0.0.1:80 www.111.com -I
#cat /usr/local/apache2.4/logs/123.com-accesss_2020~.1og
::1 - - ~~~~~~~~~~~~

2.7 静态元素过期时间
（1）配置
在 httpd上我们可以控制文件过期时间，配置如下：
#vim /usr/local/apache2 .4/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/usr/local/apache2.4/docs/www.111.com "
ServerName www.111.com
ServerAlias 111.com

2.8 配置防盗链
（1）配置
#vim /usr/local/apache2 .4/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot “/usr/local/apache2.4/docs/www.111.com”
ServerName www.111.com
ServerAlias 111.com
<Directory /usr/local/apache2.4/docs/www.111.com>
SetEnvIfNoCase Referer “http://www.111.com” local_ref
SetEnvIfNoCase Referer “http://111.com” local_ref
SetEnvIfNoCase Referer “^$” local ref
<filesmatch “.(txt|doc|mp3|zip|rar|jpg|gif)”>
Order Allow,Deny //定义顺序，先允许，后拒绝
Allow from env=local_ref

Customlog “logs/www.111.com-access_log” combined
ErrorLog “logs/www.111.com-error_log”

(3)验证成功

2.9 访问控制白名单
（1）目录配置
#vim /usr/local/apache2 .4/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot “/usr/local/apache2.4/docs/www.111.com”
ServerName www.111.com
ServerAlias 111.com
<Directory /usr/local/apache2.4/docs/www.111.com/admin/>
Order deny,allow
Deny from all
Allow from 127.0.0.1

Customlog “logs/www.111.com-access_log” combined
ErrorLog “logs/www.111.com-error_log”

//Directory是用来指定限制访问的目录，order定义控制顺序
验证过程：
#cd /usr/local/apache2.4/docs/www.111.com
#mkdir admin
//创建 admin目录，模拟网站后台

echo “administrator/root” > /usr/local/apache2.4/docs/www.111.com/admin/index.html

（3）配置验证
#/usr/local/apache2.4/bin.apachectl –t
#/usr/local/apache2.4/bin.apachectl graceful

curl -x192.168.100.10:80 -I www.111.com/admin/index.html

状态码403，不允许访问

（4）文件配置:
#vim /usr/local/apache2 .4/conf/extra/httpd-vhosts.conf
<VirtualHost :80>
DocumentRoot “/usr/local/apache2.4/docs/www.111.com”
ServerName www.111.com
ServerAlias 111.com
<Directory /usr/local/apache2.4/docs/www.111.com>
<FilesMatch "admin.php(.)">
Order deny,allow
Deny from all
Allow from 127.0.0.1

Customlog “logs/www.111.com-access_log” combined
ErrorLog “logs/www.111.com-error_log”

验证过程如下：
#/usr/local/apache2. 4/bin/apachectl -t
#/usr/local/apache2 .4/bin/ apachectl graceful
#cp 123.php admin.php
（5）验证

2.10 访问控制-禁止解析PHP
（1）所有文件配置：
#vim /usr/local/apache2 .4/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot “/usr/local/apache2.4/docs/www.111.com”
ServerName www.testdomain.com
ServerAlias testdomain.com
<Directory /usr/local/apache2.4/docs/www.111.com/upload>
php_admin_flag engine off

Customlog “logs/www.111.com-access_log” combined
ErrorLog “logs/www.111.com-error_log”

/usr/local/apache2 .4/bin/apachectl -t

/usr/local/apache2 .4/bin/apachectl graceful

（3）配置验证
#mkdir -p www.111.com/upload
#cp 123.php upload/

curl –x192.168.200.20:80 www.111.com/upload/123.php

//可以看到，curl测试时直接返回了php源代码，并未解析
（4）验证结果

2.11 访问控制-用户代理
（1）配置
#vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
<VirtualHost :80>
DocumentRoot “/usr/local/apache2.4/docs/www.111.com”
ServerName www.111.com
ServerAlias 111.com

/usr/local/apache2.4/bin/apachectl -t

/usr/local/apache2.4/bin/apachectl graceful

（3）配置验证
#curl -I -x127.0.0.1:80 www.111.com/upload/123.php
状态码 403
#curl -A“123123" -I -x127.0.0.1:80 www.111.com/upload/123.php
状态码 200
（5）验证成功

任务三PHP配置
3.1 PHP基础配置
(1)PHP 配置文件的位置
#/usr/local/php/bin/php -i |grep -i “loaded configuration file”
(2)编辑配置文件
#vim /usr/local/php/etc/php.ini
搜索disable_functions，
编辑如下：
disable_functions=eval,assert,popen,passthru,escapeshellarg,escapeshellcmd,passthru,exec,system,chroot,scandir,chgrp,chown,escapeshellcmd,escapeshellarg,shell_exec,proc_get_status,ini_alter,ini_restore,dl,pfsockopen,openlog,syslog,readlink,symlink,1eak,popepassthru,stream_socket_server,popen,proc_open,proc_close

3.2 日志相关配置
(1)配置 error_log：

vim /usr/local/php/etc/php. ini

//记录错误日志： log_errors改为log_errors=On
//记录错误日志目录位置： error. log改为,分号去掉error_log = /tmp/php_errors.log
//记录错误日志级别：error_reporting改为 error_reporting = E_ALL & ~E_ NOTICE
// display_errors改为display_errors = Off
(2)刷新服务：

/usr/local/apache2.4/bin/apachectl -t

/usr/local/apache2.4/bin/apachectl graceful

3.3PHP配置访问文件
(1)在 php.ini中设置open_basedir：

vim /usr/local/php/etc/php.ini

//搜索 open_basedir,先将;分号去掉，
(2)配置：
open_ basedir = /usr/local/apache2.4/docs/www.111.com/admin:/tmp

/usr/1ocal/apache2.4/bin/ apachectl -t

/usr/1ocal/apache2.4/bin/ apachectl graceful

[root@centos-7-7 etc]# curl -xlocalhost:80 www.111.com/upload/123.php -I
HTTP/1.0 500 Internal Server Error
Date: Thu, 06 Aug 2020 13:08:18 GMT
Server: Apache/2.4.43 (Unix) PHP/5.6.39
X-Powered-By: PHP/5.6.39
Connection: close
Content-Type: text/html; charset=UTF-8

cat /var/1og/php/php_errors.log

//显示错误日志
3.4 虚拟主机配置
(1)查看 PHP 加载了哪些模块
#/usr/local/php/bin/php -m
(2)配置
#vim /usr/local/apache2 .4/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot “/usr/local/apache2.4/docs/www.111.com”
ServerName www.111.com
ServerAlias 111.com
php_admin_value open_basedir “/usr/local/apache2.4/docs/www.111.com/admin:/tmp/”

3.重新加载配置：

/usr/1ocal/apache2.4/bin/ apachectl -t

/usr/1ocal/apache2.4/bin/ apachectl graceful

任务 4 PHP扩展模块安装
(1)查看 PHP加载了哪些模块：

/usr/local/php/bin/php -m

(2)安装一个新的 redis
#wget http://pecl.php.net/get/redis-2.2.5.tgz
#tar -zxvf redis-2.2.5.tgz
#cd redis-2.2.5
#/usr/local/php/bin/phpize
#./configure --with-php-config=/usr/local/php/bin/php-config
#make
#make install
(3)查看是否加载了 redis模块