清理阿里云监控
参考链接
卸载阿里云盾监控
wget http://update.aegis.aliyun.com/download/uninstall.sh
chmod +x uninstall.sh
sudo ./uninstall.sh
wget http://update.aegis.aliyun.com/download/quartz_uninstall.sh
chmod +x quartz_uninstall.sh
sudo ./quartz_uninstall.sh
删除残留
sudo pkill aliyun-service
sudo rm -fr /etc/init.d/agentwatch /usr/sbin/aliyun-service
sudo rm -rf /usr/local/aegis*
卸载云监控
sudo /usr/local/cloudmonitor/wrapper/bin/cloudmonitor.sh stop
sudo /usr/local/cloudmonitor/wrapper/bin/cloudmonitor.sh remove
sudo rm -rf /usr/local/cloudmonitor
屏蔽云盾IP
yum install iptables-services
systemctl enable iptables
systemctl enable ip6tables
iptables -I INPUT -s 140.205.201.0/28 -j DROP
iptables -I INPUT -s 140.205.201.16/29 -j DROP
iptables -I INPUT -s 140.205.201.32/28 -j DROP
iptables -I INPUT -s 140.205.225.192/29 -j DROP
iptables -I INPUT -s 140.205.225.200/30 -j DROP
iptables -I INPUT -s 140.205.225.184/29 -j DROP
iptables -I INPUT -s 140.205.225.183/32 -j DROP
iptables -I INPUT -s 140.205.225.206/32 -j DROP
iptables -I INPUT -s 140.205.225.205/32 -j DROP
iptables -I INPUT -s 140.205.225.195/32 -j DROP
iptables -I INPUT -s 140.205.225.204/32 -j DROP
service iptables save
安装 LEMP 环境
参考链接
安装 Nginx
sudo yum install epel-release
sudo yum install nginx
sudo systemctl start nginx
sudo systemctl enable nginx
curl ip.sb
安装 MariaDB
sudo yum install mariadb-server mariadb
sudo systemctl start mariadbsudo mysql_secure_installation
sudo systemctl enable mariadb
修改配置文件参数 /etc/my.cnf, 使 MariaDB 只监听本地接口
[mysqld]
bind-address = 127.0.0.1
安装 PHP
sudo yum install php php-mysql php-fpm
设置php配置文件 /etc/php.ini, 修改下面参数为 0, (默认为 1)
cgi.fix_pathinfo=0
设置配置文件 /etc/php-fpm.d/www.conf 参数为如下
listen = /var/run/php-fpm/php-fpm.sock
listen.owner = nobody
listen.group = nobody
user = nginx
group = nginx
pm = dynamic #指定进程管理方式,有3种可供选择:static、dynamic和ondemand。
pm.max_children = 50 #static模式下创建的子进程数或dynamic模式下同一时刻允许最大的php-fpm子进程数量。
pm.start_servers = 3 #动态方式下的起始php-fpm进程数量。
pm.min_spare_servers = 3 #动态方式下服务器空闲时最小php-fpm进程数量。
pm.max_spare_servers = 10 #动态方式下服务器空闲时最大php-fpm进程数量。
pm.max_requests = 500 #php-fpm子进程能处理的最大请求数。
pm.process_idle_timeout = 10s
request_terminate_timeout = 120
启动 PHP 并设置开机启动
sudo systemctl start php-fpm
sudo systemctl enable php-fpm
设置 Nginx 执行 PHP 脚本
server {
listen 80;
server_name server_domain_name_or_IP;
# note that these lines are originally from the "location /" block
root /usr/share/nginx/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
安装 phpMyAdmin
sudo yum install phpmyadmin
sudo ln -s /usr/share/phpMyAdmin /usr/share/nginx/html
sudo systemctl restart php-fpm
为了安全以见, 在 /usr/share/nginx/html 下的 phpMyAdmin 修改为一个随机字符串避免非管理人员登录
mv phpMyAdmin nothingtosee
安装多个 PHP 版本
参考链接1 参考链接2 参考链接3 参考链接4 禁用remi源
安装 remi 源
yum install epel-release
yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum install yum-utils
安装 PHP 5.6 版本
sudo yum install php56 php56-php-common php56-php-fpm
sudo yum install php56-php-mysql php56-php-pecl-memcache php56-php-pecl-memcached php56-php-gd php56-php-mbstring php56-php-mcrypt php56-php-xml php56-php-pecl-apc php56-php-cli php56-php-pear php56-php-pdo
PHP 5.6 版本配置文件
/opt/remi/php56/root/etc/php-fpm.d/www.conf
根据上面 PHP 配置相关参数, 除以下参数不一样外其他均一样
listen = /var/run/php-fpm/php56-fpm.sock
编译安装 PHP 5.3
由于 Centos 7 源最低版本只有 5.4, 如果需要安装 5.3 版本要进行编译安装
yum install -y libtool-ltdl-devel
yum install -y bison flex libtiff-devel ncurses-devel pam-devel
ln -s /usr/lib64/libXpm.so* /usr/lib/
wget http://php.net/distributions/php-5.3.29.tar.gz
tar zxvf php-5.3.29.tar.gz
./configure --prefix=/opt/php53 --enable-fpm --with-mysql=mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --with-zlib --with-curl --with-gd --with-jpeg-dir --with-png-dir --with-freetype-dir --with-openssl --enable-mbstring --enable-xml --enable-session --enable-ftp --enable-pdo --enable-mbregex --enable-phar --enable-posix --enable-soap --enable-sockets --enable-sysvsem --enable-sysvshm --enable-zip --enable-inline-optimization --enable-intl --with-icu-dir=/usr --with-gd --with-xpm-dir --with-bz2 --with-gettext --with-iconv --with-mcrypt --with-mhash --with-zlib --with-pcre-regex --with-regex
make test
make install
PHP 配置参考上面
可能出现的问题
打开 phpMyAdmin 页面后可能出现以下错误 参考链接
./libraries/session.inc.php#105 session_start(): open(/var/lib/php/session/, O_RDWR) failed: Permission denied (13) 的
通过设置 /var/lib/php/session/ 目录用户组为 nginx 解决
chown -R nginx:nginx /var/lib/php/session/
执行 systemctl restart nginx 命令后出现以下错误
Error: No space left on device.
这是因为 inotify 某个打开数超过了系统设置的值,
修改或者添加以下参数项到 /etc/sysctl.conf 文件 参考链接
fs.inotify.max_user_watches = 262144