一、环境说明准备
本次使用CentOS5.5、Centos6.5,编译安装Apache2.4.20、MysqL-5.5.48、PHP-5.5.30。
编译PHP以Apache模块方式运行。编译PHP前需要先编译好Apache和MysqL。
1.关闭SELINUX,配置yum源。
setenforce0 sed-i's/SELINUX=enforcing/SELINUX=permissive/g'/etc/selinux/config ##此处使用的是阿里镜像源作为yum源。 mv/etc/yum.repos.d/CentOS-Base.repo/etc/yum.repos.d/CentOS-Base.repo.backup ##下载CentOS5源 wget-O/etc/yum.repos.d/CentOS-Base.repohttp://mirrors.aliyun.com/repo/Centos-5.repo ##下载CentOS6源 wget-O/etc/yum.repos.d/CentOS-Base.repohttp://mirrors.aliyun.com/repo/Centos-6.repo ##根据系统下载好对应版本的源后,需要yummakecache yummakecache
下载apr、apr-util、pcre。此三项为Apache2.4安装所需的依赖包。
其中apr、apr-util是Apache可移植运行库。它们为apache提供运行环境,相当于运行JAVA时所需要的JDK/JRE环境。
pcre提供pcre兼容的正则表达式,为apache的rewrite功能提供支持。
wgethttp://apache.fayea.com//apr/apr-1.5.2.tar.gz-O/usr/local/src/apr-1.5.2.tar.gz wgethttp://apache.fayea.com//apr/apr-util-1.5.4.tar.gz-O/usr/local/src/apr-util-1.5.4.tar.gz wget--no-check-certificatehttps://ftp.pcre.org/pub/pcre/pcre-8.40.tar.gz-O/usr/local/src/pcre-8.40.tar.gz ##下载Apache-2.4.20 wgethttp://archive.apache.org/dist/httpd/httpd-2.4.20.tar.gz-O/usr/local/src/httpd-2.4.20.tar.gz ##下载MysqL-5.5.48 wget--no-check-certificatehttps://cdn.MysqL.com/archives/MysqL-5.5/MysqL-5.5.48.tar.gz-O/usr/local/src/MysqL-5.5.48.tar.gz ##下载PHP-5.5.30 wgethttp://cn2.PHP.net/distributions/PHP-5.5.30.tar.gz-O/usr/local/src/PHP-5.5.30.tar.gz wgetftp://mcrypt.hellug.gr/pub/crypto/mcrypt/attic/libmcrypt/libmcrypt-2.5.7.tar.gz-O/usr/local/src/libmcrypt-2.5.7.tar.gz
1.安装依赖包
yuminstall-ygccgcc-c++cmakencurses-develbisonopensslopenssl-devellibxml2libxml2-devellibmcryptlibmcrypt-develzlibzlib-devellibpnglibpng-devellibtooljpeg6libjpeglibjpeg-develfreetypefreetype-develautoconfautomakegdlibXpm-develcurlcurl-devel
2.编译安装apr、apr-util、pcre。
cd/usr/local/src/ tarxfapr-1.5.2.tar.gz tarxfapr-util-1.5.4.tar.gz tarxfpcre-8.40.tar.gz tarxfhttpd-2.4.20.tar.gz tarxfMysqL-5.5.48.tar.gz tarxfPHP-5.5.30.tar.gz tarxflibmcrypt-2.5.7.tar.gz cd/usr/local/src/apr-1.5.2 ./configure--prefix=/usr/local/apr make&&makeinstall cd/usr/local/src/apr-util-1.5.4 ./configure--prefix=/usr/local/apr-util--with-apr=/usr/local/apr/ make&&makeinstall cd/usr/local/src/pcre-8.40 ./configure--prefix=/usr/local/pcre make&&makeinstall
3.编译安装Apache-2.4.20
cd/usr/local/src/httpd-2.4.20 ./configure--prefix=/usr/local/apache-2.4.20--with-apr=/usr/local/apr/--with-apr-util=/usr/local/apr-util/--with-pcre=/usr/local/pcre/--enable-so--enable-modules=most--enable-mods-shared=most--enable-rewrite--enable-ssl--enable-mpms-shared=all make&&makeinstall ln-s/usr/local/apache-2.4.20/usr/local/apache ##配置apache开机自动启动 echo'/usr/local/apache/bin/apachectlstart'>>/etc/rc.local
4.编译安装MysqL
mkdir-p/mydata/data useradd-rMysqL chown-RMysqL:MysqL/mydata/data cd/usr/local/src/MysqL-5.5.48 cmake\ -DCMAKE_INSTALL_PREFIX=/usr/local/MysqL-5.5.48\ -DMysqL_DATADIR=/mydata/data\ -DSYSCONFDIR=/etc/my.cnf\ -DWITH_MYISAM_STORAGE_ENGINE=1\ -DWITH_INNOBASE_STORAGE_ENGINE=1\ -DWITH_MEMORY_STORAGE_ENGINE=1\ -DWITH_PARTITION_STORAGE_ENGINE=1\ -DWITH_READLINE=1\ -DMysqL_UNIX_ADDR=/mydata/data/MysqLd.sock\ -DENABLED_LOCAL_INFILE=1\ -DEXTRA_CHARSETS=all\ -DDEFAULT_CHARSET=utf8\ -DDEFAULT_COLLATION=utf8_general_ci\ -DMysqL_TCP_PORT=3306 make&&makeinstall ln-s/usr/local/MysqL-5.5.48/usr/local/MysqL ln-s/usr/local/MysqL/include/*/usr/local/include/ ##创建MysqL配置文件 cat>/etc/my.cnf<<EOF [MysqLd] datadir=/mydata/data user=MysqL socket=/mydata/data/MysqLd.sock #Disablingsymbolic-linksisrecommendedtopreventassortedsecurityrisks symbolic-links=0 [MysqLd_safe] log-error=/mydata/data/MysqLd.log pid-file=/mydata/data/MysqLd.pid EOF ##配置MysqL启动脚本及开机自动启动 cp/usr/local/MysqL/support-files/MysqL.server/etc/init.d/MysqLd chkconfig--addMysqLd chkconfigMysqLd--level345on ##初始化MysqL /usr/local/MysqL/scripts/MysqL_install_db--basedir=/usr/local/MysqL--datadir=/mydata/data/--user=MysqL ln-s/usr/local/MysqL/bin/*/usr/bin/ /etc/init.d/MysqLdstart /usr/local/MysqL/bin/MysqL_secure_installation
5.编译安装PHP
cd/usr/local/src/libmcrypt-2.5.7 ./configure--prefix=/usr/local/libmcrypt make&&makeinstall cd/usr/local/src/PHP-5.5.30 ./configure\ --prefix=/usr/local/PHP5.5.30\ --with-config-file-path=/usr/local/PHP/etc\ --with-apxs2=/usr/local/apache/bin/apxs\ --with-MysqL=/usr/local/MysqL/\ --with-libxml-dir\ --with-png-dir\ --with-jpeg-dir\ --with-freetype-dir\ --with-gd\ --with-zlib-dir\ --with-MysqLi\ --with-xpm-dir=/usr/lib64/\ --with-curl\ --enable-soap\ --enable-mbstring=all\ --enable-sockets\ --enable-maintainer-zts\ --with-mcrypt=/usr/local/libmcrypt/ ##注意:当Apache使用event或worker时,编译PHP需要使用--enable-maintainer-zts参数,当Apache以prefork工作时则不需要使用--enable-maintainer-zts参数。 ##上文中编译Apache时使用了--enable-mpms-shared=all参数,默认会将三种模式以动态模块的方式编译,默认使用event模式,所以此处编译PHP需要添加--enable-maintainer-zts参数。 make&&makeinstall ln-s/usr/local/PHP5.5.30/usr/local/PHP cp/usr/local/src/PHP-5.5.30/PHP.ini-production/usr/local/PHP/etc/PHP.ini
三、配置apache站点及防火墙
1.配置Apache
cp/usr/local/apache/conf/httpd.conf/usr/local/apache/conf/httpd.conf.back mkdir-p/usr/local/apache/conf/conf.d/ cat>>/usr/local/apache/conf/httpd.conf<<EOF ####### ServerNamelocalhost:80 AddTypeapplication/x-httpd-PHP.PHP TraceEnableoff ServerTokensProd ServerSignatureOff EOF ##配置站点www.a.com,仅需将"web=www.a.com"修改成对应站点名称,运行以下脚本即可创建虚拟主机以及相应的目录。 web=www.a.com mkdir-p/www/$web cat>>/usr/local/apache/conf/httpd.conf<<EOF ######## Includeconf/conf.d/$web.conf ######## EOF cat>/usr/local/apache/conf/conf.d/$web.conf<<EOF <VirtualHost*:80> DocumentRoot"/www/$web/" ServerName$web ErrorLog"|/usr/local/apache/bin/rotatelogs/usr/local/apache/logs/$web-%Y%m%d_error.log86400480" CustomLog"|/usr/local/apache/bin/rotatelogs/usr/local/apache/logs/$web-%Y%m%d_access.log86400480"common </VirtualHost> <Directory"/www/$web/"> OptionsIndexesFollowSymLinks AllowOverrideAll Requireallgranted DirectoryIndexindex.PHPindex.Htmlindex.html </Directory> EOF
2.配置防火墙
##配置防火墙规则,外网允许80、22端口通过防火墙,允许内网流量(eth0为内外网卡) ##需要注意检查eth0是否为外网网卡,若是外网网卡,需要去掉iptables-AINPUT-ieth0-jACCEPT规则。 ##此外192.168.175.0/24,需要修改成自己的内网网段。 ##防火墙以脚本形式保存,开机自动读取脚本加载防火墙配置,故对防火墙做的任何修改一定要及时保存到脚本中,以免下次重启后防火墙规则出现错误。 mkdir-p/www/scripts/ cat>/www/scripts/iptables.sh<<EOF iptables-PINPUTACCEPT iptables-F #enabletheportinput iptables-AINPUT-ptcp--dport80-jACCEPT iptables-AINPUT-ptcp--dport22-jACCEPT iptables-AINPUT-s192.168.175.0/24-ptcp--dport3306-jACCEPT #enableping iptables-AINPUT-picmp--icmp-typeecho-reply-jACCEPT iptables-AINPUT-picmp--icmp-typeecho-request-jACCEPT #enabletheinterfaceinput iptables-AINPUT-ieth0-jACCEPT iptables-AINPUT-ilo-jACCEPT iptables-AINPUT-mstate--stateRELATED,ESTABLISHED-jACCEPT iptables-AINPUT-ptcp-mtcp--tcp-flagsFIN,SYN,RST,PSH,ACK,URGNONE-jDROP iptables-AINPUT-ptcp-mtcp--tcp-flagsFIN,SYNFIN,SYN-jDROP iptables-AINPUT-ptcp-mtcp--tcp-flagsSYN,RSTSYN,RST-jDROP iptables-AINPUT-ptcp-mtcp--tcp-flagsFIN,RSTFIN,ACKFIN-jDROP iptables-AINPUT-ptcp-mtcp--tcp-flagsPSH,ACKPSH-jDROP iptables-AINPUT-ptcp-mtcp--tcp-flagsACK,URGURG-jDROP iptables-PINPUTDROP iptables-POUTPUTACCEPT iptables-PFORWARDDROP EOF chmod+x/www/scripts/iptables.sh /www/scripts/iptables.sh ##将防火墙规则加到开机自动启动 echo'/www/scripts/iptables.sh'>>/etc/rc.local
四、编译安装PHP扩展模块(编译PDO)
wgethttp://pecl.PHP.net/get/PDO_MysqL-1.0.2.tgz-O/usr/local/src/PDO_MysqL-1.0.2.tgz cd/usr/local/src/ tarxfPDO_MysqL-1.0.2.tgz cdPDO_MysqL-1.0.2 /usr/local/PHP/bin/PHPize ./configure-with-PHP-config=/usr/local/PHP/bin/PHP-config-with-pdo-MysqL=/usr/local/MysqL make&&makeinstall echo'extension=pdo_MysqL.so'>>/usr/local/PHP/etc/PHP.ini /usr/local/apache/bin/apachectlrestart
<?PHP echo'<pre>'; var_dump(get_loaded_extensions()); echoPHPinfo(); ?>
<?PHP $link=MysqL_connect("127.0.0.1","root","123456"); if(!$link)echo"FAILD"; elseecho"OK!"; ?>
<?PHP $link=newMysqLi('localhost','root','123456','MysqL'); if(!$link)echo"FAILD"; elseecho"OK!"; ?>
4.pdo连接测试pdo.PHP
<?PHP $db=newPDO('MysqL:host=localhost;dbname=MysqL','123456'); if(!$db)echo"FAILD"; elseecho"OK!"; ?>