====== Build and config php,apache,nginx ======
===== Install compiler =====
yum install gcc
yum install gcc-c++
yum install automake
yum install make
===== Build and config PHP and Nginx =====
{{:php:architecture.png|}}
{{:php:fastcgi.jpg|}}
==== Build Nginx ====
* step1: Install missing library for building source
yum install -y pcre-devel.x86_64
yum install gd-devel -y
yum install libxslt-devel
yum install openssl-devel
* step2: Build nginx
tar zxvf nginx-1.8.0.tar.gz
cd nginx-1.8.0
./configure --prefix=/usr/local/nginx --with-http_gzip_static_module --with-http_ssl_module --with-http_stub_status_module
make && make install
* step3: Check module which built with nginx
/usr/local/nginx/sbin/nginx -V
output:
nginx version: nginx/1.8.0
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-4) (GCC)
built with OpenSSL 1.0.1e-fips 11 Feb 2013
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --with-http_gzip_static_module --with-http_ssl_module --with-http_stub_status_module
==== Script start nginx ====
#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig: - 85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse \
# proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
prefix="/usr/local/nginx"
nginx="$prefix/sbin/nginx"
prog=$(basename $nginx)
NGINX_CONF_FILE="$prefix/conf/nginx.conf"
#[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
start() {
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
configtest || return $?
stop
sleep 1
start
}
reload() {
configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2
esac
exit $RETVAL
==== Build PHP with php-cgi and start ====
=== Build PHP with php-cgi ===
* step1: Install missing library for building source php
yum install -y freetype-devel freetype
yum install -y mysql-devel
yum install mysql-devel
yum install pcre-devel
yum install gd-devel
yum install libcurl-devel
yum install openssl-devel
yum install libxml2-devel
yum install libxslt-devel
* step2: Build libmcrypt: libmcrypt-2.5.8.tar.gz
* step3: add below line into Config file **[/etc/ld.so.conf]**
/usr/local/lib
and active ld changes
ldconfig
* step4: Build PHP with --enable-fastcgi
tar zxvf php-5.2.14.tar.gz
cd php-5.2.14
./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-libdir=lib64 --enable-fastcgi --disable-rpath --disable-ipv6 --disable-safe-mode --enable-opcache --enable-calendar --enable-bcmath --enable-ftp --enable-soap --enable-shared --enable-mbstring --enable-magic-quotes --enable-sockets --with-openssl --with-zlib --with-gd --with-jpeg-dir=/usr --with-png-dir=/usr --with-freetype-dir=/usr --with-zlib-dir=/usr --with-mysql --with-mysqli --with-pdo-mysql --with-pear --with-curl --with-curlwrappers --with-mcrypt=/usr/local
ldd php-5.2.14/sapi/cli/php | grep mcrypt
make && make install
=== Build spawn-fcgi ===
tar zxvf spawn-fcgi-1.6.3.tar.gz
cd spawn-fcgi-1.6.3
./configure --prefix=/usr/local/php
make && make install
=== Script start php-cgi ===
#!/bin/sh
#
# php-cgi - php-fastcgi swaping via spawn-fcgi
#
# chkconfig: - 85 15
# description: Run php-cgi as app server
# processname: php-cgi
# config: /etc/sysconfig/phpfastcgi (defaults RH style)
# pidfile: /var/run/php_cgi.pid
# Note: See how to use this script :
# http://www.cyberciti.biz/faq/rhel-fedora-install-configure-nginx-php5/
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
spawnfcgi="/usr/local/php/bin/spawn-fcgi"
php_cgi="/usr/local/php/bin/php-cgi"
prog=$(basename $php_cgi)
server_ip=0.0.0.0
server_port=9000
server_user=nobody
server_group=nobody
server_childs=1
pidfile="/var/run/php_cgi.pid"
PHP_FCGI_CHILDREN=15
PHP_FCGI_MAX_REQUESTS=30
# do not edit, put changes in /etc/sysconfig/phpfastcgi
[ -f /etc/sysconfig/phpfastcgi ] && . /etc/sysconfig/phpfastcgi
start() {
[ -x $php_cgi ] || exit 1
[ -x $spawnfcgi ] || exit 2
echo -n $"Starting $prog: "
export PHP_FCGI_CHILDREN PHP_FCGI_MAX_REQUESTS
daemon $spawnfcgi -F 1 -a ${server_ip} -p ${server_port} -u ${server_user} -g ${server_group} -P ${pidfile} -f ${php_cgi}
retval=$?
echo
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc -p ${pidfile} $prog -QUIT
retval=$?
echo
[ -f ${pidfile} ] && /bin/rm -f ${pidfile}
return $retval
}
restart(){
stop
sleep 2
start
}
rh_status(){
status -p ${pidfile} $prog
}
case "$1" in
start)
start;;
stop)
stop;;
restart)
restart;;
status)
rh_status;;
*)
echo $"Usage: $0 {start|stop|restart|status}"
exit 3
esac
==== Build PHP with php-fpm and start ====
=== Build PHP with php-fpm ===
* step1: Install missing library for building source php
yum install -y freetype-devel freetype
yum install -y mysql-devel
yum install mysql-devel
yum install pcre-devel
yum install gd-devel
yum install libcurl-devel
yum install openssl-devel
yum install libxml2-devel
yum install libxslt-devel
yum install bison bison-devel
* step2: Build libmcrypt: libmcrypt-2.5.8.tar.gz
* step3: add below line into Config file **[/etc/ld.so.conf]**
/usr/local/lib
and active ld changes
ldconfig
* Step4:If you don't find file configure, run script below
./buildconf --force
* step5: Build php-fpm (add option **--enable-fpm**)
tar zxvf php-5.3.28.tar.gz
cd php-5.3.28
./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-libdir=lib64 --enable-fpm --disable-rpath --disable-ipv6 --disable-safe-mode --enable-opcache --enable-calendar --enable-bcmath --enable-ftp --enable-soap --enable-shared --enable-mbstring --enable-magic-quotes --enable-sockets --with-openssl --with-zlib --with-gd --with-jpeg-dir=/usr --with-png-dir=/usr --with-freetype-dir=/usr --with-zlib-dir=/usr --with-mysql --with-mysqli --with-pdo-mysql --with-pear --with-curl --with-curlwrappers --with-mcrypt=/usr/local
make & make install
cp php.ini-production /usr/local/php/etc/php.ini
=== Build PHP7.4 with php-fpm ===
./configure --prefix=/onec/php7 --with-config-file-path=/onec/php7/etc --with-libdir=lib64 --enable-fpm --disable-rpath --disable-ipv6 --disable-safe-mode --enable-opcache --enable-calendar --enable-bcmath --enable-ftp --enable-soap --enable-shared --enable-mbstring --disable-mbregex --enable-magic-quotes --enable-sockets --with-openssl --with-zlib --with-gd --with-jpeg-dir=/usr --with-png-dir=/usr --with-freetype-dir=/usr --with-zlib-dir=/usr --with-mysql --with-mysqli --without-sqlite3 --without-pdo-sqlite --with-pdo-mysql --with-pear --with-curl --with-curlwrappers --with-mcrypt=/usr/local
option **--disable-mbregex** fix error:
configure: error: Package requirements (oniguruma) were not met
=== Script start php-fpm ===
php-fpm will be installed on /usr/local/php/sbin/php-fpm
- Step1: Edit php-fpm.conf:
pid = /var/run/php-fpm.pid
=> script will base on this pid to stop,start the process
- Step2: create script /etc/init.d/php-fpm:
#! /bin/sh
#
# chkconfig: - 84 16
# description: PHP FastCGI Process Manager
# processname: php-fpm
# config: /etc/php-fpm.conf
# config: /etc/sysconfig/php-fpm
# pidfile: /var/run/php-fpm/php-fpm.pid
#
### BEGIN INIT INFO
# Provides: php-fpm
# Required-Start: $local_fs $remote_fs $network $named
# Required-Stop: $local_fs $remote_fs $network
# Short-Description: start and stop PHP FPM
# Description: PHP FastCGI Process Manager
### END INIT INFO
# Standard LSB functions
#. /lib/lsb/init-functions
# Source function library.
. /etc/init.d/functions
# Check that networking is up.
. /etc/sysconfig/network
# Additional environment file
if [ -f /etc/sysconfig/php-fpm ]; then
. /etc/sysconfig/php-fpm
fi
if [ "$NETWORKING" = "no" ]
then
exit 0
fi
RETVAL=0
prog="php-fpm"
pidfile="/var/run/php-fpm/php-fpm.pid"
lockfile="/var/lock/subsys/php-fpm"
start () {
echo -n $"Starting $prog: "
dir=$(dirname ${pidfile})
[ -d $dir ] || mkdir $dir
daemon --pidfile ${pidfile} /usr/local/php/sbin/php-fpm --daemonize
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch ${lockfile}
}
stop () {
echo -n $"Stopping $prog: "
killproc php-fpm
RETVAL=$?
echo
if [ $RETVAL -eq 0 ] ; then
rm -f ${lockfile} ${pidfile}
fi
}
restart () {
stop
sleep 2
start
}
reload () {
echo -n $"Reloading $prog: "
if ! /usr/local/php/sbin/php-fpm --test ; then
RETVAL=6
echo $"not reloading due to configuration syntax error"
failure $"not reloading $prog due to configuration syntax error"
else
killproc -p ${pidfile} php-fpm -USR2
RETVAL=$?
fi
echo
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status php-fpm
RETVAL=$?
;;
restart)
restart
;;
reload|force-reload)
reload
;;
configtest)
/usr/local/php/sbin/php-fpm --test
RETVAL=$?
;;
condrestart|try-restart)
[ -f ${lockfile} ] && restart || :
;;
*)
echo $"Usage: $0 {start|stop|status|restart|reload|force-reload|condrestart|try-restart|configtest}"
RETVAL=2
;;
esac
exit $RETVAL
==== Config nginx with php-cgi or php-fpm(fastcgi) ====
=== update conf/nginx.conf ===
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 20;
#gzip on;
server {
listen 128.199.236.122:80;
server_name localhost 123.30.173.67;
root /data/www/default;
index index.html index.htm index.php
fastcgi_index index.php;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ .*\.(php|php5)?$ {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www/default$fastcgi_script_name;
}
}
include /usr/local/nginx/conf.d/*.conf;
}
=> default user which run nginx is **nobody**
=== add config redirect ===
config redirect babies.vn, www.babies.vn to shop.babies.vn
server {
server_name babies.vn www.babies.vn;
return 301 $scheme://shop.babies.vn$request_uri;
}
=== add config nginx for dokuwiki ===
chown for web:
chown -R nobody.nobody /data/www
add config for mynotes.babies.vn
###mynotes.babies.vn
server {
listen 80;
server_name mynotes.babies.vn;
root /data/www/mynotes;
index index.html index.htm index.php;
fastcgi_index index.php;
access_log /usr/local/nginx/logs/mynotes.babies.vn.access_log;
error_log /usr/local/nginx/logs/mynotes.babies.vn.error_log;
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location ~* "^.+\.(js|ico|gif|jpg|png|css|swf|htc|xml|bmp)$" {
access_log off;
expires 7d;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
=== add config nginx for magento ===
config magento for shop.babies.vn
###shop.babies.vn
###shop.babies.vn
server {
listen 80;
server_name shop.babies.vn;
root /data/www/babyshopvn;
index index.html index.htm index.php;
fastcgi_index index.php;
access_log /usr/local/nginx/logs/shop.babies.vn.access_log;
error_log /usr/local/nginx/logs/shop.babies.vn.error_log;
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location ~* "^.+\.(js|ico|gif|jpg|png|css|swf|htc|xml|bmp)$" {
access_log off;
expires 7d;
}
location / {
index index.html index.php; ## Allow a static html file to be shown first
try_files $uri $uri/ @handler; ## If missing pass the URI to Magento's front handler
expires 30d; ## Assume all files are cachable
}
location @handler { ## Magento uses a common front handler
rewrite / /index.php;
}
location ~ \.php$ {
if (!-e $request_filename) { rewrite / /index.php last; }
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
===== Opcache =====
Enable PHP's opcache(Only support for **PHP version 5.6 above**): The entire purpose of the opcache is to **use memory to save CPU and speed up your apps:OPcache** improves PHP performance by **storing precompiled script bytecode in shared memory**, thereby removing the need for PHP to load and parse scripts on each request.
- Step1: Build PHP with option **--enable-opcache**
- Step2: Config load module opcache in **php.ini**:
zend_extension=opcache.so
updates in PHP 5.6:
* will remove MySQL -> So you must convert from MySQL to MySQLi functions for using it
* Update php.ini
always_populate_raw_post_data = -1
===== Memcache =====
==== Build and Install Memcache server ====
- step1: Install missing package
yum install libevent-devel
- step2: Download memcache
wget http://memcached.org/files/memcached-1.4.22.tar.gz
- step3: Build and install
tar xvf memcached-1.4.22.tar.gz
cd memcached-1.4.22
./configure --prefix=/usr/local/memcache
make && make install
==== Build and Install PHP Memcache ====
- step1: Build and Install PHP Memcache
wget http://pecl.php.net/get/memcache-2.2.7.tgz
tar xf memcache-2.2.7.tgz
cd memcache-2.2.7
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make & make install
- step2: Check where the extension memcache was installed
/usr/local/php/bin/php-config | grep extension
output:
--extension-dir [/usr/local/php/lib/php/extensions/no-debug-non-zts-20100525]
- step3: Check the configuration file php.ini which php auto load:
/usr/local/php/bin/php -i | grep php.ini
output:
Configuration File (php.ini) Path => /usr/local/php/etc
Loaded Configuration File => /usr/local/php/etc/php.ini
- step4: Edit configuration file php.ini to load memcache.so(search **extension=**)
extension=memcache.so
==== script stop, start memcache ====
- step1: create some directory for running memcache
mkdir -p /var/run/memcached/
mkdir -p /var/lock/subsys/
chown -R nobody.root /var/run/memcached/
chown -R nobody.root /var/lock/subsys/
- step2: create script stop, start memcache
#! /bin/sh
#
# chkconfig: - 55 45
# description: The memcached daemon is a network memory cache service.
# processname: memcached
# config: /etc/sysconfig/memcached
# pidfile: /var/run/memcached/memcached.pid
# Standard LSB functions
#. /lib/lsb/init-functions
# Source function library.
. /etc/init.d/functions
PORT=11211
USER=nobody
MAXCONN=1024
CACHESIZE=64
OPTIONS=""
if [ -f /etc/sysconfig/memcached ];then
. /etc/sysconfig/memcached
fi
# Check that networking is up.
. /etc/sysconfig/network
if [ "$NETWORKING" = "no" ]
then
exit 0
fi
RETVAL=0
prog="memcached"
pidfile=${PIDFILE-/var/run/memcached/memcached.pid}
lockfile=${LOCKFILE-/var/lock/subsys/memcached}
start () {
echo -n $"Starting $prog: "
# Ensure that /var/run/memcached has proper permissions
if [ "`stat -c %U /var/run/memcached`" != "$USER" ]; then
chown $USER /var/run/memcached
fi
daemon --pidfile ${pidfile} /usr/local/memcache/bin/memcached -d -p $PORT -u $USER -m $CACHESIZE -c $MAXCONN -P ${pidfile} $OPTIONS
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch ${lockfile}
}
stop () {
echo -n $"Stopping $prog: "
killproc -p ${pidfile} /usr/local/memcache/bin/memcached
RETVAL=$?
echo
if [ $RETVAL -eq 0 ] ; then
rm -f ${lockfile} ${pidfile}
fi
}
restart () {
stop
start
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status -p ${pidfile} memcached
RETVAL=$?
;;
restart|reload|force-reload)
restart
;;
condrestart|try-restart)
[ -f ${lockfile} ] && restart || :
;;
*)
echo $"Usage: $0 {start|stop|status|restart|reload|force-reload|condrestart|try-restart}"
RETVAL=2
;;
esac
exit $RETVAL
==== Memcache Admin ====
PHP memcache admin: https://github.com/clickalicious/phpmemadmin
Below are steps to install and configure Memcache Admin:
- Step1: download Memcache Admin source to **/onec/www/monitor/**:
git clone https://github.com/clickalicious/phpmemadmin.git
=> source will be downloaded to /onec/www/monitor/phpmemadmin
- Step2: Install composer in source directory:
cd /onec/www/monitor/phpmemadmin
curl -sS https://getcomposer.org/installer | /onec/php/bin/php
- Step3: download and install depedency packages
/onec/php/bin/php composer.phar install
- Step4: Go to directory app and copy .config.dist to .config:
cd app
cp .config.dist .config
- Step5: Change admin password in .config
{
"username": "admin",
"password": "pass",
"timeout": -1,
"cluster": {
"name": "Cluster",
"thresholds": {
"notice": 50,
"warning": 75,
"error": 95
},
"hosts": [
{
"host": "127.0.0.1",
"port": 11211
}
]
},
"render": {
"auto": true
},
"format": {
"date": "Y-m-dTH:i:s"
},
"updatecheck": false
}
- Step6: config nginx with php-fpm for run this website:
server {
listen 80;
server_name memcache.zplay.com;
root /onec/www/monitor/phpmemadmin/web;
index index.html index.htm index.php;
fastcgi_index index.php;
access_log /onec/nginx/logs/memcache.access_log;
error_log /onec/nginx/logs/memcache.error_log;
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location ~* "^.+\.(js|ico|gif|jpg|png|css|swf|htc|xml|bmp)$" {
access_log off;
expires 7d;
}
location / {
index index.html index.php; ## Allow a static html file to be shown first
try_files $uri $uri/ @handler; ## If missing pass the URI to zend framework's front handler
expires 30d; ## Assume all files are cachable
}
location @handler { ## zend framework uses a common front handler
rewrite / /index.php;
}
location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
rewrite ^(.*.php)/ $1 last;
}
location ~ \.php$ {
if (!-e $request_filename) { rewrite / /index.php last; }
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
===== Varnish Cache =====
==== Build and Install varnish cache server ====
Build and Install varnish cache 3.0.7
yum install python-docutils
yum install libedit-devel
wget https://repo.varnish-cache.org/source/varnish-3.0.7.tar.gz
tar xf varnish-3.0.7.tar.gz
cd varnish-3.0.7
./configure
make
make install
===== PHP and apache =====
refer: http://dan.drydog.com/apache2php.html
==== Build PHP and Apache ====
=== Step1: Apache build from source(--enable-so for load php as module) ===
Build missing devel:
yum install apr-devel
yum install apr-util-devel
yum install zlib-devel
yum install openssl-devel
refer: http://tldp.org/HOWTO/Apache-Compile-HOWTO/apache.html
./configure --prefix=/usr/local/http/ --enable-so --enable-cgi --enable-info --enable-rewrite --enable-speling --enable-usertrack --enable-deflate --enable-ssl --enable-mime-magic --enable-expires --enable-headers
=== Step2: Build PHP as PHP modules of apache(add option --with-apxs2=/usr/local/apache/bin/apxs) ===
./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-apxs2=/usr/local/http/bin/apxs --with-libdir=lib64 --disable-rpath --disable-ipv6 --enable-opcache --enable-calendar --enable-bcmath --enable-ftp --enable-soap --enable-shared --enable-mbstring --enable-sockets --with-openssl --with-zlib --with-gd --with-jpeg-dir=/usr --with-png-dir=/usr --with-freetype-dir=/usr --with-zlib-dir=/usr --with-mysql --with-mysqli --with-pdo-mysql --with-pear --with-curl --with-mcrypt=/usr/local
Or optimize build(remove --with-mysql --with-mysqli --with-pear)
./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-apxs2=/usr/local/http/bin/apxs --with-libdir=lib64 --disable-rpath --disable-ipv6 --enable-calendar --enable-bcmath --enable-soap --enable-shared --enable-mbstring --enable-sockets --with-zlib --with-gd --with-jpeg-dir=/usr --with-png-dir=/usr --with-freetype-dir=/usr --with-zlib-dir=/usr --with-pdo-mysql --with-curl
=== Step3: Check modules compiled witch apache ===
/usr/local/apache/bin/httpd -V
/usr/local/apache/bin/httpd -l
/usr/local/apache/bin/httpd -M
=== Fix error build httpd: APR version 1.4.0 or later is required, found 1.3.9 ===
Below are error detail
checking for APR... configure: WARNING: APR version 1.4.0 or later is required, found 1.3.9
And steps below help you fix it:
- Step1: download apr-1.4.8.tar.gz and apr-util-1.5.2.tar.gz from https://archive.apache.org/dist/apr/
- Step2: Extract source ap-1.4.8.tar.gz and apr-util-1.5.2.tar.gz to httpd-2.4.18/srclib
httpd-2.4.18/srclib/apr
httpd-2.4.18/srclib/apr-util
- Step3: Rebuild the http:
./configure --prefix=/onec/http/ --enable-so --enable-cgi --enable-info --enable-rewrite --enable-speling --enable-usertrack --enable-deflate --enable-ssl --enable-mime-magic --enable-expires --enable-headers
make
make install
==== script stop,start apache(/etc/init.d/httpd ====
Edit the script stop, start apache
#!/bin/bash
#
#Startup script for the Apache Web Server
#
# chkconfig: - 85 15
# description: Apache is a World Wide Web server. It is used to serve \
# HTML files and CGI.
# processname: httpd
# pidfile: /usr/local/http/logs/httpd.pid
# config: /usr/local/http/conf/httpd.conf
# Source function library.
. /etc/rc.d/init.d/functions
if [ -f /etc/sysconfig/httpd ]; then
. /etc/sysconfig/httpd
fi
# This will prevent initlog from swallowing up a pass-phrase prompt if
# mod_ssl needs a pass-phrase from the user.
INITLOG_ARGS=""
# Path to the apachectl script, server binary, and short-form for messages.
apachectl=/usr/local/http/bin/apachectl
httpd=/usr/local/http/bin/httpd
pid=/usr/local/http/logs/httpd.pid
prog=httpd
RETVAL=0
# The semantics of these two functions differ from the way apachectl does
# things -- attempting to start while running is a failure, and shutdown
# when not running is also a failure. So we just do it the way init scripts
# are expected to behave here.
start() {
echo -n $"Starting $prog: "
daemon $httpd $OPTIONS
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/httpd
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc $httpd
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/httpd $pid
}
reload() {
echo -n $"Reloading $prog: "
killproc $httpd -HUP
RETVAL=$?
echo
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status $httpd
RETVAL=$?
;;
restart)
stop
start
;;
condrestart)
if [ -f $pid ] ; then
stop
start
fi
;;
reload)
reload
;;
graceful|help|configtest|fullstatus)
$apachectl $@
RETVAL=$?
;;
*)
echo $"Usage: $prog {start|stop|restart|condrestart|reload|status"
echo $"|fullstatus|graceful|help|configtest}"
exit 1
esac
exit $RETVAL
==== Config apache ====
=== default config ===
ServerRoot "/usr/local/apache/"
Listen 80
LoadModule php5_module modules/libphp5.so
User apache
Group apache
ServerAdmin you@example.com
DocumentRoot "/usr/local/apache//htdocs"
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
DirectoryIndex index.html
Order allow,deny
Deny from all
Satisfy All
ErrorLog "logs/error_log"
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
CustomLog "logs/access_log" common
ScriptAlias /cgi-bin/ "/usr/local/apache//cgi-bin/"
AllowOverride None
Options None
Order allow,deny
Allow from all
DefaultType text/plain
TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
AddType application/x-httpd-php .php
DirectoryIndex index.php index.htm index.html
=== change config httpd.conf ===
* add config
AddType application/x-httpd-php .php
DirectoryIndex index.php index.htm index.html
Include conf.d/*.conf
* change user and group
User nobody
Group nobody
* add config for shop.babies.vn and mynotes.babies.vn: add conf.d/babies.vn.conf
NameVirtualHost *:80
ServerName shop.babies.vn
DocumentRoot "/data/www/babyshopvn"
SetEnv MAGE_IS_DEVELOPER_MODE "false"
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order Deny,Allow
Allow from all
ErrorLog logs/shop.babies.vn-error_log
CustomLog logs/shop.babies.vn-access_log common
ServerName mynotes.babies.vn
DocumentRoot "/data/www/mynotes"
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order Deny,Allow
Allow from all
ErrorLog logs/mynotes.babies.vn-error_log
CustomLog logs/mynotes.babies.vn-access_log common
Notice:
* If you use VirtualHost *:80 => all virtuals host must be VirtualHost *:80, **not IP:80**
* If you use **Options Indexes FollowSymLinks MultiViews**, all other vitual hosts must be this option
=== change config mpm ===
Edit httpd.conf:
Include conf/extra/httpd-mpm.conf
== default config ==
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
== change config for digitalocean ==
StartServers 2
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
==== check php information which was built in apache ====
First we create the phpinfo.php with content below:
Second we run the the phpinfo.php from browser to check PHP information
Configure Command './configure' '--prefix=/usr/local/php' '--with-config-file-path=/usr/local/php/etc' '--with-apxs2=/usr/local/http/bin/apxs' '--with-libdir=lib64' '--disable-rpath' '--disable-ipv6' '--enable-calendar' '--enable-bcmath' '--enable-ftp' '--enable-soap' '--enable-fpm' '--enable-shared' '--enable-mbstring' '--enable-sockets' '--with-openssl' '--with-zlib' '--with-gd' '--with-jpeg-dir=/usr' '--with-png-dir=/usr' '--with-freetype-dir=/usr' '--with-zlib-dir=/usr' '--with-mysql' '--with-mysqli' '--with-pdo-mysql' '--with-pear' '--with-curl' '--with-mcrypt=/usr/local'
Configuration File (php.ini) Path /usr/local/php/etc
Loaded Configuration File /usr/local/php/etc/php.ini
===== PHP config and modules check =====
==== Basic config ====
- Step1: Create first php.ini:
cp php.ini-production /usr/local/php/etc/php.ini
- Step2: Change some basic parameters:
date.timezone = Asia/Saigon
session.name = PHPSESSID
session.save_path = "/tmp"
upload_max_filesize = 20M
post_max_size = 20M
==== PHP check ====
- Module check:
php -m
- Check configuration load:
/usr/local/php/sbin/php-fpm -i | grep php.ini
output:
Configuration File (php.ini) Path => /usr/local/php/etc
Loaded Configuration File => /usr/local/php/etc/php.ini
- Check option which is used to build the php
/usr/local/php/sbin/php-fpm -i | grep configure
output:
Configure Command => './configure' '--prefix=/usr/local/php' '--with-config-file-path=/usr/local/php/etc' '--with-libdir=lib64' '--enable-fpm' '--disable-debug' '--disable-rpath' '--disable-ipv6' '--disable-safe-mode' '--enable-calendar' '--enable-bcmath' '--enable-ftp' '--enable-soap' '--enable-shared' '--enable-mbstring' '--enable-magic-quotes' '--enable-sockets' '--with-openssl' '--with-zlib' '--with-gd' '--with-jpeg-dir=/usr' '--with-png-dir=/usr' '--with-freetype-dir=/usr' '--with-zlib-dir=/usr' '--with-mysql' '--with-mysqli' '--with-pdo-mysql' '--with-pear' '--with-curl' '--with-curlwrappers' '--with-mcrypt=/usr/local'
==== check PHP config which web server using ====
- Step1: Create the phpinfo.php
- Step2: Run the phpinfo.php from web server to see the path of php.ini which web server was using, for example:
Configuration File (php.ini) Path /usr/local/php/etc
Loaded Configuration File /usr/local/php/etc/php.ini
==== Check image, font support ====
/gb/php/bin/php -r 'print_r(gd_info());'
=> output
Array
(
[GD Version] => bundled (2.1.0 compatible)
[FreeType Support] =>
[T1Lib Support] =>
[GIF Read Support] => 1
[GIF Create Support] => 1
[JPEG Support] => 1
[PNG Support] => 1
[WBMP Support] => 1
[XPM Support] =>
[XBM Support] => 1
[JIS-mapped Japanese Font Support] =>
)
==== check config to display error log ====
- Step1: Create the test.php file which wrong syntax
- Step2: Run the test.php from command line to see the error log
/usr/local/php/bin/php test.php
=> If we see the error log in error_log file(path of error_log file in configuration file /usr/local/php/etc/php.ini)
[31-Mar-2015 06:43:53 UTC] PHP Fatal error: Call to undefined function hello() in ......./test.php on line 1
- Step3: Run the test.php from the browser to see error log the same the error log above. If we don't see the error log, we need to review the php config in phpinfo.php and chown for the webserver can update the **error_log** file
==== Config connet PHP to MySQL ====
- Method1 **Change /etc/my.cnf**: default PHP will use /tmp/mysql.sock for connecting to MySQL, So we will configure the sock in /etc/my.cnf follow below config:
socket = /tmp/mysql.sock
- Method2 **Change php.ini**: change base on config socket path in /etc/my.cnf
[Pdo_mysql]
..........
pdo_mysql.default_socket= /gb/mysql/tmp/mysql.sock
==== Config to run the web from home directory ====
Default the web server will be run with user nobody or www. To run the web from home which owned by another user, for example:
drwx------. 4 quangftp quangftp 4096 Jun 26 14:02 quangftp
we need to run the chmod command to allow user www(other user) to allow read and excute the file and directory of quangftp:
chmod -R 755 /home/quangftp
==== Config to run PHP code with tag ====
Edit php.ini:
short_open_tag = On
===== PHP Security =====
refer:
* http://www.madirish.net/199
* http://www.cyberciti.biz/tips/php-security-best-practices-tutorial.html
==== Security Hardening Config ====
==== Security Scripts Check php.ini ====
==== Security Scripts Check PHP Project ====
refer:
* https://github.com/FriendsOfPHP/security-advisories
* https://github.com/sensiolabs/security-checker