Debian下使用apt-get安装lnmp
1. 更新源
$ vi /etc/apt/sources.list
and add the lines:
deb http://packages.dotdeb.org squeeze all
deb-src http://packages.dotdeb.org squeeze all
Then update apt, and fetch the appropriate GnuPG key for the repo:
$ apt-get update
$ apt-get upgrade
$ wget http://www.dotdeb.org/dotdeb.gpg
$ cat dotdeb.gpg | sudo apt-key add -
2. 安装nginx
$ apt-get install nginx
$ mkdir -p /var/www
$ cat > /etc/nginx/sites-available/default_php <<END
# Creates unlimited domains for PHP sites as long as you add the
# entry to /etc/hosts and create the matching \$host folder.
server {
listen 80 default;
server_name _;
root /var/www/\$host/public;
index index.html index.htm index.php;
# Directives to send expires headers and turn off 404 error logging.
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
access_log off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
## Disable viewing .htaccess & .htpassword
location ~ /\.ht {
deny all;
}
include /etc/nginx/php.conf;
}
END
# MVC frameworks with only a single index.php entry point (nginx > 0.7.27)
$ cat > /etc/nginx/php.conf <<END
# Route all requests for non-existent files to index.php
location / {
try_files \$uri \$uri/ /index.php\$is_args\$args;
}
# Pass PHP scripts to php-fastcgi listening on port 9000
location ~ \.php$ {
# Zero-day exploit defense.
# http://forum.nginx.org/read.php?2,88845,page=3
# Won't work properly (404 error) if the file is not stored on
# this server, which is entirely possible with php-fpm/php-fcgi.
# Comment the 'try_files' line out if you set up php-fpm/php-fcgi
# on another machine. And then cross your fingers that you won't get hacked.
try_files \$uri =404;
include fastcgi_params;
# Keep these parameters for compatibility with old PHP scripts using them.
fastcgi_param PATH_INFO \$fastcgi_path_info;
fastcgi_param PATH_TRANSLATED \$document_root\$fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
# Some default config
fastcgi_connect_timeout 20;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_pass 127.0.0.1:9000;
}
# PHP search for file Exploit:
# The PHP regex location block fires instead of the try_files block. Therefore we need
# to add "try_files \$uri =404;" to make sure that "/uploads/virusimage.jpg/hello.php"
# never executes the hidden php code inside virusimage.jpg because it can't find hello.php!
# The exploit also can be stopped by adding "cgi.fix_pathinfo = 0" in your php.ini file.
END
3. 安装mysql
$ apt-get install mysql-server
$ cat > /etc/mysql/conf.d/mine.cnf <<END
[mysqld]
key_buffer = 12M
query_cache_size = 0
table_cache = 32
ignore_builtin_innodb
default_storage_engine=MyISAM
END
4. 安装php
$ apt-get install php5-fpm
$ apt-get install php5-cli
$ apt-get install php-apc php5-suhosin php5-curl php5-gd php5-intl php5-mcrypt php-gettext php5-mysql php5-sqlite
1. 更新源
$ vi /etc/apt/sources.list
and add the lines:
deb http://packages.dotdeb.org squeeze all
deb-src http://packages.dotdeb.org squeeze all
Then update apt, and fetch the appropriate GnuPG key for the repo:
$ apt-get update
$ apt-get upgrade
$ wget http://www.dotdeb.org/dotdeb.gpg
$ cat dotdeb.gpg | sudo apt-key add -
2. 安装nginx
$ apt-get install nginx
$ mkdir -p /var/www
$ cat > /etc/nginx/sites-available/default_php <<END
# Creates unlimited domains for PHP sites as long as you add the
# entry to /etc/hosts and create the matching \$host folder.
server {
listen 80 default;
server_name _;
root /var/www/\$host/public;
index index.html index.htm index.php;
# Directives to send expires headers and turn off 404 error logging.
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
access_log off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
## Disable viewing .htaccess & .htpassword
location ~ /\.ht {
deny all;
}
include /etc/nginx/php.conf;
}
END
# MVC frameworks with only a single index.php entry point (nginx > 0.7.27)
$ cat > /etc/nginx/php.conf <<END
# Route all requests for non-existent files to index.php
location / {
try_files \$uri \$uri/ /index.php\$is_args\$args;
}
# Pass PHP scripts to php-fastcgi listening on port 9000
location ~ \.php$ {
# Zero-day exploit defense.
# http://forum.nginx.org/read.php?2,88845,page=3
# Won't work properly (404 error) if the file is not stored on
# this server, which is entirely possible with php-fpm/php-fcgi.
# Comment the 'try_files' line out if you set up php-fpm/php-fcgi
# on another machine. And then cross your fingers that you won't get hacked.
try_files \$uri =404;
include fastcgi_params;
# Keep these parameters for compatibility with old PHP scripts using them.
fastcgi_param PATH_INFO \$fastcgi_path_info;
fastcgi_param PATH_TRANSLATED \$document_root\$fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
# Some default config
fastcgi_connect_timeout 20;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_pass 127.0.0.1:9000;
}
# PHP search for file Exploit:
# The PHP regex location block fires instead of the try_files block. Therefore we need
# to add "try_files \$uri =404;" to make sure that "/uploads/virusimage.jpg/hello.php"
# never executes the hidden php code inside virusimage.jpg because it can't find hello.php!
# The exploit also can be stopped by adding "cgi.fix_pathinfo = 0" in your php.ini file.
END
3. 安装mysql
$ apt-get install mysql-server
$ cat > /etc/mysql/conf.d/mine.cnf <<END
[mysqld]
key_buffer = 12M
query_cache_size = 0
table_cache = 32
ignore_builtin_innodb
default_storage_engine=MyISAM
END
4. 安装php
$ apt-get install php5-fpm
$ apt-get install php5-cli
$ apt-get install php-apc php5-suhosin php5-curl php5-gd php5-intl php5-mcrypt php-gettext php5-mysql php5-sqlite