[centos 6.4 server]
系统安装请参考:http://blog.zhuyin.org/748.html
1.防火墙设置:
iptables -F
service iptables save
service iptables restart
vim /etc/sysconfig/iptables
#######################
…..
:OUTPUT ACCEPT [4:512]
-A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 22 -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 3306 -j ACCEPT
-A INPUT -j REJECT –reject-with icmp-host-prohibited
-A FORWARD -j REJECT –reject-with icmp-host-prohibited
COMMIT
…
#########################
service iptables restart
2.关闭SELINUX 并设置指定IP
vim /etc/selinux/config
#####
#SELINUX=enforcing
#SELINUXTYPE=targeted
SELINUX=disabled
#####
vim /etc/sysconfig/network-scripts/ifcfg-eth0
###########
DEVICE=eth0
HWADDR=00:0C:29:55:98:1E
TYPE=Ethernet
ONBOOT=yes
BOOTPROTO=none
NETMASK=255.255.0.0
IPADDR=172.26.11.100
GATEWAY=172.26.0.1
###########
vim /etc/resolv.conf
###########
search localdomain
nameserver 8.8.8.8
nameserver 202.96.128.68
###########
service network restart
3.更新yum源
yum check-update
#删除系统自带的apache/php 等·····(有可能系统有自动装上这些了…)
yum remove httpd* php*
4.安装nginx
由于centos没有默认的nginx软件包,需要启用REHL的附件包
rpm -ivh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm
yum -y install nginx
#设置nginx开机启动
chkconfig nginx on
#启动nginx
service nginx start
ok,直接访问:http://172.26.11.100/ 即可看nginx是否正常运行了。
5.安装MySQL
yum -y install mysql-server
/etc/init.d/mysqld start
#设为开机启动
chkconfig mysqld on
#配置文件
cp /usr/share/mysql/my-medium.cnf /etc/my.cnf
#为root账户设置密码 回车,根据提示输入Y,输入2次密码,回车,根据提示一路输入Y,最后出现:Thanks for using MySQL!
mysql_secure_installation
#MySql密码设置完成,重新启动 MySQL
/etc/init.d/mysqld stop
/etc/init.d/mysqld start
6.安装php5
yum -y install php php-fpm php-mysql php-gd libjpeg* php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-bcmath php-mhash libmcrypt
#设置php-fpm开机启动
chkconfig php-fpm on
#启动php-fpm
/etc/init.d/php-fpm start
7.配置nginx支持php
cp /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.confbak #备份原有配置文件
vim /etc/nginx/conf.d/default.conf
######################
….
index index.php index.html index.htm;
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php{
#root html;#注意这一行请注释掉!!!
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAMEdocument_rootfastcgi_script_name;
include fastcgi_params;
}
######################
这里可以用netstat -ntpl 查看php-fpm的监听端口127.0.0.1:9000是不是真的存在
注意fastcgi_param行的参数,改为document_rootfastcgi_script_name,或者使用绝对路径
location ~ \.php { 里面的 root html;请注释掉,不然就覆盖外面的root了!!!!
#重启nginx
service nginx restart
#配置php.ini
vim /etc/php.ini ##下面的设置内容仅供参考!!!
#########################
…
date.timezone = PRC #设置正确的时区
disable_functions =passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,escapeshellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space,posix_ctermid,posix_get_last_error,posix_getcwd,posix_getegid,posix_geteuid,posix_getgid,posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid,posix_getppid,posix_getpwnam,posix_getpwuid, posix_getrlimit, posix_getsid,posix_getuid,posix_isatty,posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid,posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname
#禁用某些危险函数!
expose_php = Off #禁止显示php版本的信息
magic_quotes_gpc = On #打开magic_quotes_gpc来防止SQL注入 这个还是关闭吧。。。。不同的版本有点问题
short_open_tag = ON #支持php短标签
open_basedir = .:/tmp/ #设置允许访问当前目录(即PHP脚本文件所在之目录)和/tmp/目录,可以防止php木马跨站,如果改了之后安装程序有问题(例如:织梦内容管理系统),可以注销此行,或者直接写上程序的目录/data/web/test/:/tmp/
############################
#配置php-fpm
cp /etc/php-fpm.d/www.conf /etc/php-fpm.d/www.confbak
vim /etc/php-fpm.d/www.conf
#################################
user = nginx
group = nginx
#################################
cat /etc/passwd 可以查看有没有nginx的用户组和用户
重启nginx和php
/etc/init.d/nginx restart
/etc/init.d/php-fpm restart
写个phpinfo访问结果如下: