查看环境
[root@localhost ~]# cat /etc/redhat-release
CentOS release 6.7 (Final)
更新软件包 yum update
关闭selinux
vi /etc/selinux/config
把 SELINUX=enforcing,SELINUXTYPE=targeted 注释掉,然后新加一行为:SELINUX=disabled
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
#SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
#SELINUXTYPE=targeted
SELINUX=disabled
防火墙配置
开启防火墙相应端口,nginx需要开启80端口 MySQL需要开启3306端口
vi /etc/sysconfig/iptables
添加下面的内容
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT #(允许80端口通过防火墙)
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT #(允许3306端口通过防火墙)
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
重启防火墙使配置生效
/etc/init.d/iptables restart
添加网易源
http://mirrors.163.com/.help/centos.html
首先备份/etc/yum.repos.d/CentOS-Base.repo
# mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
下载对应版本repo文件, 放入/etc/yum.repos.d/(操作前请做好相应备份)
# wget http://mirrors.163.com/.help/CentOS6-Base-163.repo
# mv CentOS6-Base-163.repo /etc/yum.repos.d/
重新生成缓存
# yum clean all
# yum makecache
添加atomic源
CentOS默认的标准源里没有nginx软件包,下载atomic源Atomic仓库支持哪些软件可以到这个地址查看:http://www.atomicorp.com/channels/atomic/
atomic源有php、mysql、nginx、openvas、memcached、php-zend-guard-loader等软件。
# wget http://www.atomicorp.com/installers/atomic
# sh ./atomic
# yum check-update
安装开发包和库文件
# yum -y install ntp make openssl openssl-devel pcre pcre-devel libpng libpng-devel libjpeg-6b libjpeg-devel-6b freetype freetype-devel gd gd-devel zlib zlib-devel gcc gcc-c++ libXpm libXpm-devel ncurses ncurses-devel libmcrypt libmcrypt-devel libxml2 libxml2-devel imake autoconf automake screen sysstat compat-libstdc++-33 curl curl-devel
安装nginx
# yum install nginx
# /etc/init.d/nginx start
开机时启动nginx
# chkconfig --levels 235 nginx on
安装mysql
# yum install mysql mysql-server mysql-devel
# /etc/init.d/mysqld start
开机时启动mysql
# chkconfig --levels 235 mysqld on
登陆MySQL删除空用户,修改root密码
# mysql -u root
mysql>select user,host,password from mysql.user;
mysql>drop user ''@localhost;
mysql>update mysql.user set password = PASSWORD('*********') where user='root';
mysql>flush privileges;
flush privileges
命令本质上的作用是将当前user和privilige表中的用户信息/权限设置从mysql库(MySQL数据库的内置库)中提取到内存里。MySQL用户数据和权限有修改后,希望在"不重启MySQL服务"的
情况下直接生效,那么就需要执行这个命令。通常是在修改ROOT帐号的设置后,怕重启后无法再登录进来,那么直接flush之后就可以看权限设置是否生效。而不必冒太大风险。
安装php
# yum install php lighttpd-fastcgi php-cli php-mysql php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-mssql php-snmp php-soap
安装php和所需组件使PHP支持MySQL、FastCGI模式
# yum install php-tidy php-common php-devel php-fpm php-mysql
启动
# service php-fpm start
开机时启动php-fpm
# chkconfig --levels 235 php-fpm on
添加一个nginx配置文件例子
vi /etc/nginx/conf.d/demo.conf
server
{
listen 8001;
server_name localhost;
index index.html index.htm index.php;
root /mnt/hgfs/web;
location / {
try_files $uri $uri/ =404;
}
#调用php web服务器
location ~ .*\.(php|php5)?$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
#图片缓存时间设置
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 10d;
}
#JS和CSS缓存时间设置
location ~ .*\.(js|css)?$ {
expires 5h;
}
#禁止直接访问db目录下所有文件资源
location ^~ /db {
deny all;
}
}
在/mnt/hgfs/web/下添加index.php
<?php
echo phpinfo();
重启nginx
# /etc/init.d/nginx restart
在浏览器测试:http://127.0.0.1:8001
如果需要在另外一台机子上访问 http://ip:8001
,记得先在服务器防火墙添加上运行访问端口