歡迎您光臨本站 註冊首頁

CentOs 5.3 安裝lamp

←手機掃碼閱讀     火星人 @ 2014-03-09 , reply:0
LAMP這是我第一次完全安裝,系統是基於CentOs 5.3,以下是我安裝的筆記,為了方便以後更好的學習與提高,現將自己的筆記以書面的形式記錄下來.
保證安裝系統時的定製選擇正確.
一、apache
1.先安裝gcc
cpp-3.4.6-3.i386.rpm
glibc-headers-2.3.4-2.25.i386.rpm
glibc-devel-2.3.4-2.25.i386.rpm
gcc4-4.1.0-18.EL4.i386.rpm
libstdc -devel-3.4.6-3.i386.rpm
gcc-3.4.6-3.i386.rpm ,
gcc-c -3.4.6-3.i386.rpm
2.解壓釋放apache壓縮歸檔
tar zxvf httpd-2.2.8.tar.gz
cd httpd-2.2.8
./configure --prefix=/usr/local/apache2 --with-included-apr --with-mpm=worker --enable-so --enable-cache --enable-disk-cache --enable-mem-cache --enable-file-cache --enable-rewrite --enable-mods-shared="most"
-----------------------------------------------------------------------------------
如果提示出錯:Cannot use an external APR with the bundled APR-util (x86_64)
那要先進行安裝APR
#cd srclib/apr
#./configure --prefix=/usr/local/apr
#make
#make install 安裝APR-util
#cd srclib/apr-util
# ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr --libdir=/usr/lib64 --with-expat=builtin
#make
#make install
/sbin/ldconfig
---------------------------------------------------------------------------------------- ./configure --prefix=/usr/local/apache2 --enable-so --with-included-apr --with-mpm=worker --enable-modules="cache disk-cache mem-cache file-cache rewrite" --enable-mods-shared="most" ./configure --prefix=/usr/local/apache2 --with-included-apr --with-mpm=worker --enable-so --enable-cache --enable-disk-cache --enable-mem-cache --enable-file-cache --enable-rewrite --enable-mods-shared="most"
#make
#make install
5.修改配置文件
#vi /usr/local/apache/conf/httpd.conf
查找ServerAdmin,ServerName 並將ServerName前的#去掉


6.啟動服務
#/usr/local/apache/bin/apachectl start
7.創建主頁
#vi /usr/local/apache/htdocs/index.html
此時可以用別的機子進行訪問http://伺服器的IP.如果發現訪問不到.就應檢查一下伺服器的防火牆是否開啟.
這邊也可以將apache做成服務,讓它開機的時候自動啟動,我增加的內容如下:
cp /usr/local/apache/bin/apachectl /etc/init.d/httpd #拷貝啟動文件,讓系統啟動時自動運行httpd服務
把# chkconfig: - 85 15
# description: Apache is a World Wide Web server. It is used to serve
# HTML files and CGI.
這些內容拷貝到/etc/init.d/httpd文件#!/bin/bash下面行.
想讓服務支持chkconfig工具必須在腳本里有chkconfig和description相關內容的描述.
想了解chkconfig更多信息可參看man文檔說明.
chkconfig --add httpd #添加httpd服務到系統
chkconfig httpd on #打開httpd服務
service httpd start #啟動httpd服務
netstart -ant | grep :80 #查看服務是否啟動
配置Apache
vi /usr/local/apache/conf/httpd.conf
取消ServerName前的#,添加ip或是域名及埠.
例: ServerName 192.168.0.11:80
測試APache:
用瀏覽器輸入自己的ip及埠進行測試.
例:瀏覽器中輸入:http://192.168.0.11:80
-------------------------------------------------------------------------------------------------
二、mysql
①二進位安裝mysql
1.先檢查系統是否安裝過mysql
#rpm –qa | grep mysql
有的話一個一個刪除掉,用rpm -e命令,然後查找一下殘留的文件:
#find / -name mysql
#find / -name my.cnf
#find / -name .my.cnf
2.下面安裝準備工作
#groupadd -g 200 mysql
#useradd -g mysql -u 200 -d /usr/local/mysql/data -M mysql
編譯安裝mysql
#tar -zxvf mysql-5.1.38.tar.gz
#./configure --prefix=/usr/local/mysql --with-extra-charsets=all --with-tcp-port=3306 --with-unix-socket-path=/tmp/mysql.sock --with-mysqld-user=mysql --without-debug --with-client-ldflags=-all-static --with-mysqld-ldflags=-all-static --enable-assembler --with-pthread --enable-thread-safe-client 編譯過程中遇到的問題:checking for termcap functions library... configure: error: No curses/termcap library found


解決方法:rpm -ivh ncurses-*.*.rpm,rpm -ivh ncurses-devel-*.*.rpm nginx--mysql
./configure --prefix=/usr/local/mysql/ --localstatedir=/usr/local/mysql/data --sysconfdir=/usr/local/mysql/ --with-unix-socket-path=/tmp/mysql.sock --with-charset=gbk --with-collation=gbk_chinese_ci --with-extra-charsets=gbk,gb2312,utf8 --with-client-ldflags=-all-static --with-mysqld-ldflags=-all-static --enable-assembler --without-debug --with-big-tables --with-readline --with-ssl --with-pthread --enable-thread-safe-client --with-embedded-server --enable-local-infile --with-plugins=innobase make && make install
===========================================================================================
#l
#vi /etc/my.cnf mysql4.1.x以下支持的字元gb2313,如何新版本則可用utf8 [client]
socket=/tmp/mysql.sock
[mysql]
default-character-set=utf8
[mysqld]
datadir=/usr/local/mysql/data
socket=/tmp/mysql.sock
user=mysql [mysql.server]
user=mysql
basedir=/usr/local/mysql [mysqld_safe]
err-log=/var/log/mysqld.log
pid-file=/usr/local/mysql/data/mysqld.pid #cd /usr/local/mysql
#chown -R root:mysql .
#cd /file/mysql-4.0.25
#vi scripts/mysql_install_db
datadir=/usr/local/mysql/data
basedir=/usr/local/mysql
user=mysql
#scripts/mysql_install_db --user=mysql
#cd /usr/local/mysql
#chown -R root:mysql .
#chown -R mysql:mysql data
#chmod -R 775 .
#bin/mysqld_safe --user=mysql --socket=/tmp/mysql.sock --port=3306 &
# cp /file/mysql-5.1.38/support-files/mysql.server /etc/rc.d/init.d/mysqld
# chkconfig --add mysqld
# chkconfig --level 345 mysqld on
# /etc/init.d/mysqld start
用編輯器打開/etc/rc.local文件,在exit 0前面加上,/usr/local/mysql/bin/mysqld_safe --user=mysql &
# bin/mysqladmin --socket=/tmp/mysql.sock --port=3306 -u root -h localhost password '123456'
# bin/mysql --port=3306 -u root -p -S /tmp/mysql.sock


============================================================================================================
配置mysql
groupadd mysql #添加mysql組
useradd -g mysql mysql #添加mysql用戶並加入到mysql組
cd /usr/local/mysql/ #切換到cd /usr/local/mysql/目錄下
chown -R mysql . #改變當前目錄下的所有者為mysql用戶
chgrp -R mysql . #改變當前目錄下的mysql用戶的文件為mysql組
cd /usr/local/src/mysql-5.0.22/support-files #到源碼mysql目錄下的support-files下
cp my-medium.cnf /etc/my.cnf #拷貝文件到/etc/覆蓋my.cnf 文件
cd /usr/local/mysql/bin #改變目錄到/usr/local/mysql/bin
./mysql_install_db --user=mysql #以mysql身份初始化資料庫
cd /usr/local/mysql #改變目錄到/usr/local/mysql
chown -R mysql:mysql var #改變var目錄所屬mysql用戶到mysql組
chmod 755 var #改變var目錄許可權
cd /usr/local/mysql/bin #改變目錄到/usr/local/mysql/bin
./mysqld_safe --user=mysql & #以mysql用戶啟動庫生成套接字
netstat -ant | grep 3306 #查看mysql是否啟動,mysql用的是3306埠
mysqladmin -u root password 'admin' #給mysql的root用戶設置密碼
cd /usr/local/src/mysql-5.0.22/support-files/ #改變目錄到cd /usr/local/src/mysql-5.0.22/support-files/
cp mysql.server /etc/init.d/mysqld #拷貝文件用於開機自動啟動
chmod 755 /etc/init.d/mysqld #給mysqld許可權
chkconfig --add mysqld #添加mysqld服務到系統
chkconfig mysqld on #打開myslqd服務
service mysqld restart #啟動mysql服務
測試mysql:
cd /usr/local/mysql/bin #改變目錄到cd /usr/local/mysql/bin
mysql -u root -p #登陸mysql
show databases; #查看資料庫表
三、gd php
PHP添加GD庫支持,下載軟體如下: 將所有軟體放到/root/software/目錄下,解包安裝過程如下:
[root@TestServer software]# tar zxvf zlib-1.2.3.tar.gz


[root@TestServer software]# cd zlib-1.2.3/
[root@TestServer zlib-1.2.3]# ./configure
[root@TestServer zlib-1.2.3]# make
[root@TestServer zlib-1.2.3]# make install
[root@TestServer zlib-1.2.3]# cd ../ [root@TestServer software]# bunzip2 libpng-1.2.10.tar.bz2
[root@TestServer software]# tar xvf libpng-1.2.10.tar
[root@TestServer software]# cd libpng-1.2.10
[root@TestServer libpng-1.2.10]# ./configure --prefix=/usr/local/libpng
[root@TestServer libpng-1.2.10]# make
[root@TestServer libpng-1.2.10]# make install
[root@TestServer libpng-1.2.10]# cd ../ [root@TestServer software]# tar zxvf freetype-2.3.5.tar.gz
[root@TestServer software]# cd freetype-2.3.5
[root@TestServer freetype-2.3.5]# ./configure
[root@TestServer freetype-2.3.5]# make
[root@TestServer freetype-2.3.5]# make install
[root@TestServer freetype-2.3.5]# cd ../ [root@TestServer software]# tar zxvf jpegsrc.v6b.tar.gz
[root@TestServer software]# mkdir -p /usr/local/jpeg/bin
[root@TestServer software]# mkdir /usr/local/jpeg/include
[root@TestServer software]# mkdir /usr/local/jpeg/lib
[root@TestServer software]# mkdir -p /usr/local/jpeg/man/man1
[root@TestServer software]# cd jpeg-6b/
[root@TestServer jpeg-6b]# ./configure --prefix=/usr/local/jpeg --enable-shared --enable-static
[root@TestServer jpeg-6b]# make
[root@TestServer jpeg-6b]# make install
[root@TestServer jpeg-6b]# cd ../ JPEG安裝的時候不會自動生成目錄,需要手工建立,否則可能出現編譯異常
5.install libxml2
tar xzvf libxml2-2.6.30.tar.gz
cd libxml2-2.6.30
./configure
make
make install
# cp /usr/bin/xml2-config /usr/bin/xml2-configBAK
# cp xml2-config /usr/bin
cp:是否覆蓋「/usr/bin/xml2-config」? y
這個是libxml2這個模塊的BUG,通過對比這兩個配置文件可以看出,程序安裝到/usr/bin下的配置文件並不包含--prefix


信息,版本信息也是錯誤,如果不手動從編譯目錄中copy一個配置文件過去會出現以下gd庫和php安裝無法順利完成.
找不到文件. 這個我在配置過程中在/usr/bin/下面根本沒有xml2-config. 6 # tar zxvf fontconfig-2.4.91.tar.gz
# cd fontconfig-2.4.91
# ./configure --prefix=/usr/local/fontconfig --with-freetype-config=/usr/local/bin/freetype-config
===========================================================================================
這裡遇到的錯誤問題:checking for LIBXML2... configure: error: Package requirements (libxml-2.0 >= 2.6) were not met: No package 'libxml-2.0' found 解決方法:確定 /usr/local/libxml2/lib/pkgconfig 目錄下有 libxml-2.0.pc export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH
緊接重新編譯
./configure --prefix=/usr/local/fontconfig --with-freetype-config=/usr/local/bin/freetype-config ====================================================================================================================
# make
# make install
# cd ../ 7 tar zxvf autoconf-2.60.tar.gz
# cd autoconf-2.60
#./configure
# make
# make install
# cd ../ tar zxvf libiconv-1.13.tar.gz
cd libiconv-1.13/
./configure --prefix=/usr/local/libiconv
make
make install
cd ../ # tar zxvf gd-2.0.35.tar.gz
# cd gd-2.0.35
# ./configure --with-freetype=/usr/local/include/freetype2/ --with-fontconfig=/usr/local/fontconfig/ --with-jpeg=/usr/local/jpeg/ --with-png=/usr/local/libpng/ --with-libiconv-prefix=/usr/local/libiconv
gd_png.c:731: error: 'prow_pointers' undeclared (first use in this function)
gd_png.c:747: error: expected ')' before 'gdMalloc'
gd_png.c:804: error: expected ')' before 'gdMalloc'
make[2]: *** [gd_png.lo] 錯誤 1
make[2]: Leaving directory `/backup/file/gd php-/gd/gd-2.0.35'
make[1]: *** [all-recursive] 錯誤 1


make[1]: Leaving directory `/backup/file/gd php-/gd/gd-2.0.35'
make: *** [all] 錯誤 2
解決辦法
vi gd_png.c
找到「png.h」改成「/usr/local/libpng/include/png.h」
或 解決辦法 需要複製/usr/local/libpng/include/目錄下的
cp /usr/local/libpng/include/pngconf.h /.../gd-2.0.35
cp /usr/local/libpng/include/png.h /..../gd-2.0.35 # make
# make install
# cd .. tar xzvf libxslt-1.1.26.tar.gz
cd libxslt-1.1.26
./configure --with-libxml-prefix=/usr/local/
--with-libxml-include-prefix=/usr/local/include
--with-libxml-libs-prefix=/usr/local/lib
make
make install tar xzvf curl-7.17.1.tar.gz
cd curl-7.17.1
./configure
make
make install
tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8/
./configure
make
make install
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make
make install
cd ../../ tar zxvf mhash-0.9.9.9.tar.gz
cd mhash-0.9.9.9/
./configure
make
make install
cd ../ ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la
ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so
ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4
ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8
ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a
ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la
ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1 tar zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8/
/sbin/ldconfig
./configure
make
make install
cd ../ 在LAMP上安裝oracle10201_client_linux32.zip
安裝方式與oracle伺服器相同,只是在運行安裝類型時,選擇『運行時』. 編輯/opt/oracle/u01/app/oracle/product/10.2.0/db_1/network/admin/tnsnames.ora


tnsnames.ora
ORCL =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = oracle伺服器IP地址)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = orcl)
)
) EXTPROC_CONNECTION_DATA =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1))
)
(CONNECT_DATA =
(SID = PLSExtProc)
(PRESENTATION = RO)
)
)
su - oracle
sqlplus xly/xly@orcl 連接成功之後,繼續下面內容. 編譯PHP php for nginx
./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-apxs2=/usr/local/apache2/bin/apxs --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-iconv-dir=/usr/local --with-freetype-dir --with-jpeg-dir=/usr/local/jpeg --with-png-dir --with-zlib --with-libxml-dir=/usr/local/libxml2 --enable-xml --disable-rpath --enable-discard-path --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --with-curlwrappers --enable-mbregex --enable-fastcgi --enable-fpm --enable-force-cgi-redirect --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl --enable-sockets --with-ldap --with-ldap-sasl --with-xmlrpc --enable-zip --enable-soap --without-pear --enable-lib64-libdir=/usr/lib64 --with-expat=builtin php for apache ./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-apxs2=/usr/local/apache2/bin/apxs --with-mysql=/usr/local/mysql --with-mysql-sock=/tmp/mysql.sock --with-mysqli=/usr/local/mysql/bin/mysql_config --enable-libxml --with-libxml-dir=/usr/local/ --with-xsl --with-gd --with-jpeg-dir=/usr/local/jpeg --with-png-dir=/usr/local/libpng --with-zlib-dir=/usr/local --with-freetype-dir=/usr/local/ --with-curl --with-iconv=/usr/local/libiconv/ --with-mcrypt --enable-mbstring --enable-soap --enable-gd-native-ttf --enable-sockets --enable-maintainer-zts --enable-ftp --enable-inline-optimization --disable-ipv6 --disable-debug


--with-oci8=/opt/oracle/u01/app/oracle/product/10.2.0/db_1
--with-mm不適用於線程WEB
# make
# make install cd /install/lamp/php-5.2.5/ext/mbstring
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make
make install tar zxvf memcache-2.2.5.tgz
cd memcache-2.2.5/
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make
make install
cd ../ tar jxvf eaccelerator-0.9.5.3.tar.bz2
cd eaccelerator-0.9.5.3/
/usr/local/php/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=/usr/local/php/bin/php-config
make
make install
cd ../ tar zxvf PDO_MYSQL-1.0.2.tgz
cd PDO_MYSQL-1.0.2/
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config --with-pdo-mysql=/usr/local/mysql
make
make install
cd ../ tar zxvf ImageMagick.tar.gz
cd ImageMagick-6.5.1-2/
./configure
make
make install
cd ../ tar zxvf imagick-2.2.2.tgz
cd imagick-2.2.2/
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make
make install
cd ../
cp php.ini-dist /usr/local/php/etc/php.ini vi /usr/local/php/etc/php.ini   手工修改:查找/usr/local/php/etc/php.ini中的extension_dir = "./"
  修改為extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"
  並在此行后增加以下幾行,然後保存:
  extension = "memcache.so"
  extension = "pdo_mysql.so"
  extension = "imagick.so"   再查找output_buffering = Off
  修改為output_buffering = On file_uploads = on ;是否允許通過HTTP上傳文件的開關.默認為ON即是開 upload_tmp_dir ;文件上傳至伺服器上存儲臨時文件的地方,如果沒指定就會用系統默認的臨時文件夾 upload_max_filesize = 8m ;望文生意,即允許上傳文件大小的最大值.默認為2M post_max_size = 8m ;指通過表單POST給PHP的所能接收的最大值,包括表單里的所有值.默認為8M


一般地,設置好上述四個參數后,上傳<=8M的文件是不成問題,在網路正常的情況下. 但如果要上傳>8M的大體積文件,只設置上述四項還不一定能行的通.
進一步配置以下的參數 max_execution_time = 600 ;每個PHP頁面運行的最大時間值(秒),默認30秒 max_input_time = 600 ;每個PHP頁面接收數據所需的最大時間,默認60秒 memory_limit = 8m ;每個PHP頁面所吃掉的最大內存,默認8M 把上述參數修改後,在網路所允許的正常情況下,就可以上傳大體積文件了 max_execution_time = 600
max_input_time = 600
memory_limit = 32m
file_uploads = on
;upload_tmp_dir = /tmp
upload_max_filesize = 32m
post_max_size = 32m [eaccelerator]
zend_extension="/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="64"
eaccelerator.cache_dir="/usr/local/eaccelerator_cache"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="3600"
eaccelerator.shm_prune_period="3600"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
tar zxvf ZendOptimizer-3.3.3-linux-glibc23-x86_64.tar.gz
cd ZendOptimizer-3.3.3-linux-glibc23-x86_64
./install.sh cp /usr/local/Zend/etc/php.ini /usr/local/php/etc/php.ini
修改httpd.conf
①AddType application/x-httpd-php .php .php5 .phtml
AddType application/x-httpd-php-source .phps ②DirectoryIndex index.phtml index.php index.html index.html.var index.htm index.phcp login.phtml login.php ③User oracle
Group oinstall ④修改主目錄,以及與主目錄相關的內容 ⑤去除ServerName之前的#
Include conf/extra/httpd-mpm.conf
Include conf/extra/httpd-vhosts.conf <Directory />


Options FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
Satisfy all
</Directory>
Timeout 300 Timeout定義客戶程序和伺服器連接的超時間隔,超過這個時間間隔(秒)后伺服器將斷開與客戶機的連接. KeepAlive On 在HTTP 1.0中,一次連接只能作傳輸一次HTTP請求,而KeepAlive參數用於支持HTTP 1.1版本的一次連接、多次傳輸功能,這樣就可以在一次連接中傳遞多個HTTP請求.雖然只有較新的瀏覽器才支持這個功能,但還是打開使用這個選項. MaxKeepAliveRequests 100 MaxKeepAliveRequests為一次連接可以進行的HTTP請求的最大請求次數.將其值設為0將支持在一次連接內進行無限次的傳輸請求.事實上沒有客戶程序在一次連接中請求太多的頁面,通常達不到這個上限就完成連接了. KeepAliveTimeout 15 KeepAliveTimeout測試一次連接中的多次請求傳輸之間的時間,如果伺服器已經完成了一次請求,但一直沒有接收到客戶程序的下一次請求,在間隔超過了這個參數設置的值之後,伺服器就斷開連接. MinSpareServers 5MaxSpareServers 10 去除Include conf/extra/httpd-mpm.conf之前的#
Apache就可以加大MaxClients.下面是筆者的prefork配置段: <IfModule prefork.c>
StartServers 10
MinSpareServers 10
MaxSpareServers 15
ServerLimit 2000
MaxClients 1000
MaxRequestsPerChild 10000
</IfModule> <IfModule mpm_worker_module>
StartServers 3 //apache已啟動馬上創建3個httpd進程(ps aux可以看到)
MaxClients 2000 //同一時間最大接受2000個請求(其實就是2000個線程)
ServerLimit 25 //apache最大能啟動25個進程.
MinSpareThreads 50 //apache至少要有50個空閑線程,用來等待接下來的請求,不滿則由進程創建線程


MaxSpareThreads 200 //apache最多能有200個線程,超出了200個線程,則殺死多餘的線程
ThreadLimit 200 //限制一個進程最多只能創建200個線程
ThreadsPerChild 100 //設定一個進程固定創建100個線程
MaxRequestsPerChild 10000 //設定當一個進程一共接受過10000此請求之後被殺死.以釋放內存.   上述配置中,ServerLimit的最大值是20000,對於大多數站點已經足夠.如果一定要再加大這個數值,對位於源代碼樹下server/mpm/prefork/prefork.c中以下兩行做相應修改即可: #define DEFAULT_SERVER_LIMIT 256
#define MAX_SERVER_LIMIT 20000 worker的工作原理是,由主控制進程生成「StartServers」個子進程,每個子進程中包含固定的ThreadsPerChild線程數,各個線程獨立地處理請求.同樣,為了不在請求到來時再生成線程,MinSpareThreads和MaxSpareThreads設置了最少和最多的空閑線程數;而MaxClients設置了所有子進程中的線程總數.如果現有子進程中的線程總數不能滿足負載,控制進程將派生新的子進程.   MinSpareThreads和MaxSpareThreads的最大預設值分別是75和250.這兩個參數對Apache的性能影響並不大,可以按照實際情況相應調節.   ThreadsPerChild是worker MPM中與性能相關最密切的指令.ThreadsPerChild的最大預設值是64,如果負載較大,64也是不夠的.這時要顯式使用ThreadLimit指令,它的最大預設值是20000.上述兩個值位於源碼樹server/mpm/worker/worker.c中的以下兩行: #define DEFAULT_THREAD_LIMIT 64
#define MAX_THREAD_LIMIT 20000   這兩行對應著ThreadsPerChild和ThreadLimit的限制數.最好在configure之前就把64改成所希望的值.注意,不要把這兩個值設得太高,超過系統的處理能力,從而因Apache不起動使系統很不穩定.   Worker模式下所能同時處理的請求總數是由子進程總數乘以ThreadsPerChild值決定的,應該大於等於MaxClients.如果負載很大,現有的子進程數不能滿足時,控制進程會派生新的子進程.默認最大的子進程總數是16,加大時也需要顯式聲明ServerLimit(最大值是20000).這兩個值位於源碼樹server/mpm/worker/worker.c中的以下兩行: #define DEFAULT_SERVER_LIMIT 16


#define MAX_SERVER_LIMIT 20000
vi /home/httpd/html/db/oem_query.phtml
修改23行 如:$this->conn=ocilogon("xue","xue","ORCL"); 指定用戶用以連接ORACLE伺服器. --------------------------------------------------------------------------------------------------------
[root@web conf]# /usr/local/apache2/bin/apachectl -M
/usr/local/apache2/bin/httpd: error while loading shared libraries: libiconv.so.2: cannot open shared object file: No such file or directory 在/etc/ld.so.conf中加一行/usr/local/lib,運行ldconfig 測試APACHE Linux下查看apache連接數
Linux命令: ps -ef | grep httpd | wc -l
查看Apache的併發請求數及其TCP連接狀態: Linux命令: netstat -n | awk '/^tcp/ { S[$NF]} END {for(a in S) print a, S[a]}' 返回結果示例:
  LAST_ACK 5
  SYN_RECV 30
  ESTABLISHED 1597
  FIN_WAIT1 51
  FIN_WAIT2 504
  TIME_WAIT 1057 說明:  
SYN_RECV表示正在等待處理的請求數;
ESTABLISHED表示正常數據傳輸狀態;
TIME_WAIT表示處理完畢,等待超時結束的請求數. curl -o /dev/null -s -w %{time_connect}:%{time_starttransfer}:%{time_total}
http://www.canada.com
0.081:0.272:0.779 清單 1 給出對一個流行的新聞站點執行 curl 命令的情況.輸出通常是 HTML 代碼,通過 -o 參數發送到 /dev/null.-s 參數去掉所有狀態信息.-w 參數讓 curl 寫出表 1 列出的計時器的狀態信息:
表 1. curl 使用的計時器
計時器 描述
time_connect 建立到伺服器的 TCP 連接所用的時間
time_starttransfer 在發出請求之後,Web 伺服器返回數據的第一個位元組所用的時間
time_total 完成請求所用的時間
這些計時器都相對於事務的起始時間,甚至要先於 Domain Name Service(DNS)查詢.因此,在發出請求之後,Web 伺服器處理請求並開始發回數據所用的時間是 0.272 - 0.081 = 0.191 秒.客戶機從伺服器下載數據所用的時間是 0.779 - 0.272 = 0.507 秒. 通過觀察 curl 數據及其隨時間變化的趨勢,可以很好地了解站點對用戶的響應性. -------------------------------------------------------------------------------------------------------------


mod_security <IfModule mod_security.c> # Turn the filtering engine On or Off
SecFilterEngine On 分析每一個http請求 # Make sure that URL encoding is valid
SecFilterCheckURLEncoding On URL編碼確認 # Only allow bytes from this range
SecFilterForceByteRange 32 126 位元組範圍檢查, 以有效防止stack overflow attacks(棧溢出攻擊). # The audit engine works independently and
# can be turned On of Off on the per-server or
# on the per-directory basis
SecAuditEngine RelevantOnly 有效解決apache日誌對某個用戶或攻擊者信息記錄的不足. 如果要
對某一個用戶或攻擊者發出的一個請求的詳細記錄, 可以訪問
/var/log/httpd/audit_log文件. # The name of the audit log file
SecAuditLog /var/log/httpd/audit_log SecFilterDebugLog /var/log/httpd/modsec_debug_log
SecFilterDebugLevel 0 設置調試模式下的輸出文件. # Should mod_security inspect POST payloads
#SecFilterScanPOST On # Action to take by default
SecFilterDefaultAction "deny,log,status:406" 設置特別的行動, 406為行動名稱, 前面的三個為行動參數. # Redirect user on filter match
#SecFilter xxx redirect:http://www.webkreator.com # Execute the external script on filter match
#SecFilter yyy log,exec:/home/ivanr/apache/bin/report-attack.pl # Simple filter
#SecFilter 111

# Only check the QUERY_STRING variable
#SecFilterSelective QUERY_STRING 222 # Only check the body of the POST request
#SecFilterSelective POST_PAYLOAD 333 # Only check arguments (will work for GET and POST)
#SecFilterSelective ARGS 444 # Test filter
#SecFilter "/cgi-bin/keyword" # Another test filter, will be denied with 404 but not logged
# action supplied as a parameter overrides the default action


#SecFilter 999 "deny,nolog,status:404" # Prevent OS specific keywords
#SecFilter /etc/password # Prevent path traversal (..) attacks
SecFilter "../" 阻止目錄周遊攻擊. # Weaker XSS protection but allows common HTML tags
SecFilter "<( | )*script" 對不安全的(跨站點腳本)XSS進行保護, 但允許普通的HTML標識. # Prevent XSS atacks (HTML/Javascript injection)
SecFilter "<(.| ) >" 防止XSS攻擊 (HTML/Javascript注射) # Very crude filters to prevent SQL injection attacks
SecFilter "delete[[:space:]] from"
SecFilter "insert[[:space:]] into"
SecFilter "select. from" 防止SQL注射攻擊 # Require HTTP_USER_AGENT and HTTP_HOST headers
SecFilterSelective "HTTP_USER_AGENT|HTTP_HOST" "^$" 需要 HTTP_USER_AGENT和HTTP_HOST頭. # Forbid file upload
#SecFilterSelective "HTTP_CONTENT_TYPE" multipart/form-data # Only watch argument p1
#SecFilterSelective "ARG_p1" 555 # Watch all arguments except p1
#SecFilterSelective "ARGS|!ARG_p2" 666 # Only allow our own test utility to send requests (or Mozilla)
#SecFilterSelective HTTP_USER_AGENT "!(mod_security|mozilla)" # Do not allow variables with this name
#SecFilterSelective ARGS_NAMES 777 # Do now allow this variable value (names are ok)
#SecFilterSelective ARGS_VALUES 888 # Stop spamming through FormMail
# note the exclamation mark at the beginning
# of the filter - only requests that match this regex will
# be allowed
#<Location /cgi-bin/FormMail>
#SecFilterSelective "ARG_recipient" "!@webkreator.com$"
#</Location> # when allowing upload, only allow images
# note that this is not foolproof, a determined attacker
# could get around this


#<Location /fileupload.php>
#SecFilterInheritance Off
#SecFilterSelective POST_PAYLOAD "!image/(jpeg|bmp|gif)"
#</Location> </IfModule>
mod_evasive
查看歷史編譯參數:
1、nginx編譯參數:
#/usr/local/nginx/sbin/nginx -V 2、apache編譯參數:
# cat /usr/local/apache/build/config.nice 3、php編譯參數:
# /usr/local/php/bin/php -i |grep configure 4、mysql編譯參數:
# cat /usr/local/mysql/bin/mysqlbug|grep configure
11、把基於文件的會話切換到基於共享內存的會話.編譯 PHP 時採用 --with-mm 選項,在 php.ini 中設置 set session.save_handler=mm .這個簡單的修改能讓會話管理時間縮短一半. 12、採用最新版本的 Apache ,並把 PHP 編譯其中,或者採用 DSO 模式,不要採用 CGI 方式.   13、編譯 PHP 時,建議採用如下的參數:
--enable-inline-optimization --disable-debug 1、nginx編譯參數:
#/usr/local/nginx/sbin/nginx -V 2、apache編譯參數:
# cat /usr/local/apache/build/config.nice 3、php編譯參數:
# /usr/local/php/bin/php -i |grep configure 4、mysql編譯參數:
# cat /usr/local/mysql/bin/mysqlbug|grep configure


[火星人 ] CentOs 5.3 安裝lamp已經有880次圍觀

http://coctec.com/docs/linux/show-post-51418.html