lnmp架构

发表于 分类于
LNMP架构学习笔记:

lnmp架构

nginx的编译安装管理

软件版本
nginx1.14.0
mysql5.6.39
php5.6.34
phpmyadmin4.8.1
discuz3.2
wordpress4.9.4
节点IP系统功能CPU内存硬盘
node110.80.10.1centos7.9nginx、mysql、php4核心8GB20GB

nginx服务器:

  • nginx是个高性能、企业常用的web服务器。

  • apache和nginx相比,nginx的安装、配置、管理等比较方便。

lnmp和lamp架构:

  • lnmp—>linux+nginx+mysql+php。

  • lamp—>linux+apache+mysql+php。

node1

下载安装nginx:

下载地址:https://nginx.org/en/download.html

1
2
3
4
5
6
7
8
9
10
11
12
# yum install -y gcc gcc-c++ make pcre pcre-devel zlib zlib-devel openssl openssl-devel
# cd /usr/local/src/
# wget http://nginx.org/download/nginx-1.14.0.tar.gz
# tar -xzvf nginx-1.14.0.tar.gz
# cd nginx-1.14.0
# ./configure \
--prefix=/usr/local/nginx \
--with-http_ssl_module \
--with-stream \
--with-stream_ssl_module \
--with-http_stub_status_module
# make -j 4 && make -j 4 install

查看nginx安装的目录:

1
2
# ls /usr/local/nginx/
conf  html  logs  sbin

  • conf:配置文件目录。

  • logs:日志文件目录。

  • html:web页面目录。

  • sbin:命令目录。

查看nginx版本:

1
2
# /usr/local/nginx/sbin/nginx -v
nginx version: nginx/1.14.0

查看nginx编译参数:

1
2
3
4
5
6
# /usr/local/nginx/sbin/nginx -V
nginx version: nginx/1.14.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC)
built with OpenSSL 1.0.2k-fips  26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --with-http_ssl_module --with-stream --with-stream_ssl_module --with-http_stub_status_module

配置软连接:

1
2
3
# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
# nginx -v
nginx version: nginx/1.14.0

检查nginx配置正确性:

1
2
3
# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

启动nginx,查看端口和进程:

1
2
3
4
5
6
7
# /usr/local/nginx/sbin/nginx
# netstat -tlunp | grep nginx
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      48301/nginx: master 
# ps aux | grep nginx
root      48301  0.0  0.0  46056  1136 ?        Ss   10:46   0:00 nginx: master process /usr/local/nginx/sbin/nginx
nobody    48302  0.0  0.0  46504  1892 ?        S    10:46   0:00 nginx: worker process
root      48514  0.0  0.0 112812   980 pts/0    S+   10:46   0:00 grep --color=auto nginx

浏览器访问ip:http://10.80.10.1/

重新加载nginx配置:

1
# /usr/local/nginx/sbin/nginx -s reload

关闭nginx:

1
# /usr/local/nginx/sbin/nginx -s stop

systemctl管理nginx:

1
2
3
4
5
6
7
8
9
10
11
12
13
# vim /usr/lib/systemd/system/nginx.service
[Unit]
Description=nginx
After=network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s stop

[Install]
WantedBy=multi-user.target

先关闭nginx,再启动nginx并设置开机自启:

1
2
3
# systemctl start nginx
# systemctl enable nginx
# systemctl status nginx
1
2
3
4
5
6
7
8
9
10
# curl -I 10.80.10.1
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Wed, 13 Dec 2023 02:48:02 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Wed, 13 Dec 2023 02:44:55 GMT
Connection: keep-alive
ETag: "65791aa7-264"
Accept-Ranges: bytes

nginx默认配置讲解

配置文件:

  • 配置文件路径:/usr/local/nginx/conf/nginx.conf

  • 自带备份文件:/usr/local/nginx/conf/nginx.conf.default

  • include其它配置文件,防止单个配置文件过大。

创建www用户:

1
# useradd www -s /sbin/nologin
  • master进程默认用户root,worker进程默认用户nobody。

修改nginx配置文件,worker进程用户为www:

1
2
3
# vim /usr/local/nginx/conf/nginx.conf
# 2行,取消注释,修改配置
user  www;
1
2
3
4
5
# systemctl reload nginx
# ps aux | grep nginx
root      49894  0.0  0.0  46068  1964 ?        Ss   10:47   0:00 nginx: master process /usr/local/nginx/sbin/nginx
www       51943  0.0  0.0  46528  2016 ?        S    10:49   0:00 nginx: worker process
root      52018  0.0  0.0 112812   976 pts/0    S+   10:49   0:00 grep --color=auto nginx

查看cpu内核数量:

1
2
3
4
5
# cat /proc/cpuinfo | grep 'cpu cores'
cpu cores       : 4
cpu cores       : 4
cpu cores       : 4
cpu cores       : 4

修改nginx配置文件,指定worker进程数量,一般cpu几核改为几:

1
2
3
# vim /usr/local/nginx/conf/nginx.conf
# 3行,修改配置
worker_processes  4;
1
2
3
4
5
6
7
8
# systemctl reload nginx
# ps aux | grep nginx
root      49894  0.0  0.0  46068  1976 ?        Ss   10:47   0:00 nginx: master process /usr/local/nginx/sbin/nginx
www       52765  0.0  0.0  46524  1924 ?        S    10:50   0:00 nginx: worker process
www       52766  0.0  0.0  46524  1924 ?        S    10:50   0:00 nginx: worker process
www       52767  0.0  0.0  46524  1924 ?        S    10:50   0:00 nginx: worker process
www       52768  0.0  0.0  46524  1924 ?        S    10:50   0:00 nginx: worker process
root      52910  0.0  0.0 112812   980 pts/0    S+   10:50   0:00 grep --color=auto nginx

之后把worker进程改回1:

1
2
3
# vim /usr/local/nginx/conf/nginx.conf
# 3行,修改配置
worker_processes  1;
1
# systemctl reload nginx

查看nginx进程文件最大打开数,默认4096:

1
2
3
4
# ps aux | grep nginx
root      49894  0.0  0.0  46068  1976 ?        Ss   10:47   0:00 nginx: master process /usr/local/nginx/sbin/nginx
www       53291  0.0  0.0  46528  2024 ?        S    10:50   0:00 nginx: worker process
root      53352  0.0  0.0 112812   980 pts/0    S+   10:50   0:00 grep --color=auto nginx
1
2
# cat /proc/53291/limits | grep 'Max open files'
Max open files            1024                 4096                 files

修改nginx配置文件,扩大文件最大打开数,可以预防出现错误:

1
2
3
# vim /usr/local/nginx/conf/nginx.conf
# 4行,添加参数
worker_rlimit_nofile  65535;
1
2
3
4
5
6
7
# systemctl reload nginx
# ps aux | grep nginx
root      49894  0.0  0.0  46068  1976 ?        Ss   10:47   0:00 nginx: master process /usr/local/nginx/sbin/nginx
www       54594  0.0  0.0  46524  1932 ?        S    10:52   0:00 nginx: worker process
root      54655  0.0  0.0 112812   980 pts/0    S+   10:52   0:00 grep --color=auto nginx
# cat /proc/54594/limits | grep 'Max open files'
Max open files            65535                65535                files

修改nginx配置文件,指定事件模块配置,添加i/o模型,linux内核2.6以上的建议用这种io模型,将最大连接数增大。

1
2
3
4
5
6
# vim /usr/local/nginx/conf/nginx.conf
# 12~14行,修改配置
events {
    use epoll;
    worker_connections  10240;
}
  • events{}默认只有worker_connections,表示一个进程的最大连接数为1024。
1
# systemctl reload nginx

查看http返回类型:

1
2
3
# cat /usr/local/nginx/conf/nginx.conf | grep mime -A 1
    include       mime.types;
    default_type  application/octet-stream;
  • nginx配置文件引入了一个mine.type,里面定义了一些返回类型,如果mine.type未定义,默认二进制下载。

如访问html、htm、shtml返回text/html,访问css返回text/css:

1
2
3
4
5
# cat /usr/local/nginx/conf/mime.types | more
text/html                                        html htm shtml;
text/css                                         css;
text/xml                                         xml;
...

添加css文件测试:

1
# echo 'a' >> /usr/local/nginx/html/csstest.css

进行测试,Content-Type返回类型是text/css:

1
2
3
4
5
6
7
8
9
10
# curl -I 10.80.10.1/csstest.css
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Mon, 13 Mar 2023 07:01:01 GMT
Content-Type: text/css
Content-Length: 2
Last-Modified: Mon, 13 Mar 2023 06:59:35 GMT
Connection: keep-alive
ETag: "640ec9d7-2"
Accept-Ranges: bytes

添加未定义文件测试,Content-Type返回类型是application/octet-stream,如果是浏览器访问会下载一个文件:

1
2
3
4
5
6
7
8
9
10
11
# echo 'a' >> /usr/local/nginx/html/aaa
# curl -I 10.80.10.1/aaa
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Mon, 13 Mar 2023 07:01:13 GMT
Content-Type: application/octet-stream
Content-Length: 2
Last-Modified: Mon, 13 Mar 2023 07:00:37 GMT
Connection: keep-alive
ETag: "640eca15-2"
Accept-Ranges: bytes

修改nginx配置文件,添加监听81端口:

1
2
3
# vim /usr/local/nginx/conf/nginx.conf
# 38行,添加配置
        listen       81;

重新加载nginx,查看端口:

1
2
3
4
# systemctl reload nginx
# netstat -tlunp | grep nginx
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      49894/nginx: master 
tcp        0      0 0.0.0.0:81              0.0.0.0:*               LISTEN      49894/nginx: master

浏览器访问测试http://10.80.10.1:81/

默认域名是localhost:

1
2
3
# vim /usr/local/nginx/conf/nginx.conf
# 39行,在server{}标签中
        server_name  localhost;

默认路径/usr/local/nginx/html,可以修改下方html为其它目录,但要确保在在/usr/local/nginx/文件夹,暂不修改:

1
2
3
4
5
6
# vim /usr/local/nginx/conf/nginx.conf
# 45~48行,在server{}标签中
        location / {
            root   html;
            index  index.html index.htm;
        }

修改nginx配置问及那,切断与客户连接,访问完后立即切断连接:

1
2
3
# vim /usr/local/nginx/conf/nginx.conf
# 32行,修改配置
    keepalive_timeout  0;
1
# systemctl reload nginx

抓包测试,端口80:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# yum install -y tcpdump
# tcpdump -i any -nn 'port 80'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
11:02:34.618260 IP 10.80.0.1.6251 > 10.80.10.1.80: Flags [S], seq 3937472229, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
11:02:34.618318 IP 10.80.10.1.80 > 10.80.0.1.6251: Flags [S.], seq 172312409, ack 3937472230, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
11:02:34.618724 IP 10.80.0.1.6252 > 10.80.10.1.80: Flags [S], seq 3080441159, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
11:02:34.618748 IP 10.80.10.1.80 > 10.80.0.1.6252: Flags [S.], seq 1474453312, ack 3080441160, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
11:02:34.619055 IP 10.80.0.1.6251 > 10.80.10.1.80: Flags [.], ack 1, win 4106, length 0
11:02:34.619212 IP 10.80.0.1.6252 > 10.80.10.1.80: Flags [.], ack 1, win 4106, length 0
11:02:34.625309 IP 10.80.0.1.6251 > 10.80.10.1.80: Flags [P.], seq 1:507, ack 1, win 4106, length 506: HTTP: GET / HTTP/1.1
11:02:34.625421 IP 10.80.10.1.80 > 10.80.0.1.6251: Flags [.], ack 507, win 237, length 0
11:02:34.626069 IP 10.80.10.1.80 > 10.80.0.1.6251: Flags [P.], seq 1:176, ack 507, win 237, length 175: HTTP: HTTP/1.1 304 Not Modified
11:02:34.627022 IP 10.80.10.1.80 > 10.80.0.1.6251: Flags [F.], seq 176, ack 507, win 237, length 0
11:02:34.627604 IP 10.80.0.1.6251 > 10.80.10.1.80: Flags [F.], seq 507, ack 176, win 4105, length 0
11:02:34.627689 IP 10.80.0.1.6251 > 10.80.10.1.80: Flags [.], ack 177, win 4105, length 0
11:02:34.627863 IP 10.80.10.1.80 > 10.80.0.1.6251: Flags [.], ack 508, win 237, length 0

浏览器访问一下,会显示立即断开,这个值设置为几就会在几秒后断开连接。

nginx的错误日志和访问日志

错误日志说明:

  • 日志级别有debug、info、notice、warn、error、crit、alert、emerg。

  • 记录错误日志,级别由低到高,记录自己及级别高于自己的日志。

  • 越严重的级别,日志越少。

node1

修改nginx配置文件,错误日志添加debug日志:

1
2
3
# vim /usr/local/nginx/conf/nginx.conf
# 8行,添加配置
error_log  logs/error.log  debug;
1
# systemctl reload nginx

清空旧日志,再观察日志:

1
2
3
# cd /usr/local/nginx/logs/
# :>error.log
# tail -f error.log

新建窗口,重启nginx,有debug及以上级别日志产生:

1
# systemctl restart nginx

修改nginx配置文件,更改日志格式。

1
2
3
4
5
6
7
# vim /usr/local/nginx/conf/nginx.conf
# 22~26行,取消注释。
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  logs/access.log  main;
1
# systemctl reload nginx
变量含义
$remote_addr客户访问地址
$remote_user远程用户(默认空)
$time_local访问时间记录,可以用$time_iso8601进行替换
$request记录请求,GET、POST等等
$statushttp状态码
$body_bytes_sentbody的大小,bytes为单位
$http_referer来自哪个网页的访问
$http_user_agent哪种浏览器来访问
$http_x_forwarded_for反向代理的时候会记录真实的用户ip
$upstream_response_timenginx请求后端的时间
$request_time从用户请求开始到完成所花费的时间

清空旧日志,进行观察:

1
2
# cd /usr/local/nginx/logs/
# :>access.log

浏览器访问测试http://10.80.10.1/

查看日志:

1
# tail -f  /usr/local/nginx/logs/access.log

修改配置文件,添加最后变量$upstream_response_time和$request_time:

1
2
3
# vim /usr/local/nginx/conf/nginx.conf
# 24行,修改配置
                      '"$http_user_agent" "$http_x_forwarded_for" "$upstream_response_time" "$request_time" ';
1
# systemctl restart nginx

浏览器访问测试http://10.80.10.1/

查看日志:

1
# tail -f  /usr/local/nginx/logs/access.log

nginx的虚拟主机配置

添加hosts解析:

1
2
3
4
# vim /etc/hosts
# 尾行,添加配置
10.80.10.1 blog.webserver.cn
10.80.10.1 bbs.webserver.cn

创建虚拟主机配置文件目录:

1
# mkdir -p /usr/local/nginx/conf/vhosts

修改nginx配置文件,引入子配置文件:

1
2
3
# vim /usr/local/nginx/conf/nginx.conf
# 尾行前一行,添加配置
    include /usr/local/nginx/conf/vhosts/*.conf;

创建bbs.webserver.cn配置文件:

1
2
3
4
5
6
7
8
9
10
11
12
13
# vim /usr/local/nginx/conf/vhosts/bbs.conf
server {
    listen       80;
    listen       81;
    server_name  bbs.webserver.cn;

    access_log  logs/bbs.access.log  main;

    location / {
        root   /var/www/html/bbs;
        index  index.html index.htm;
    }
}
  • 这里指定了日志,要确保主配置文件log_format main和access_log取消注释。

创建虚拟主机网站文件夹及页面。

1
2
# mkdir -p /var/www/html/bbs
# echo 'this in bbs' > /var/www/html/bbs/index.html

重启nginx:

1
# systemctl restart nginx

测试bbs:

1
2
3
4
# curl bbs.webserver.cn
this in bbs
# curl bbs.webserver.cn:81
this in bbs

创建blog.webserver.cn配置文件:

1
2
3
4
5
6
7
8
9
10
11
12
13
# vim /usr/local/nginx/conf/vhosts/blog.conf
server {
    listen       80;
    listen       81;
    server_name  blog.webserver.cn;

    access_log  logs/blog.access.log  main;

    location / {
        root   /var/www/html/blog;
        index  index.html index.htm;
    }
}
  • 这里指定了日志,要确保主配置文件log_format main和access_log取消注释。

创建虚拟主机网站文件夹及页面。

1
2
# mkdir -p /var/www/html/blog
# echo 'this ih blog' > /var/www/html/blog/index.html

重启nginx:

1
# systemctl restart nginx

测试blog:

1
2
3
4
# curl blog.webserver.cn
this ih blog
# curl blog.webserver.cn:81
this ih blog

追加新域名:

1
2
3
# vim /etc/hosts
# 尾行,添加配置
10.80.10.1 new.webserver.cn

下载安装elinks进行测试,测试是访问到nginx主页,不是虚拟主机:

1
2
# yum install -y elinks
# elinks new.webserver.cn

在主配置文件里server_name配置了localhost,默认找主页面:

1
2
# cat /usr/local/nginx/conf/nginx.conf | grep -Ev '#|^$' | grep 'server_name'
        server_name  localhost;

指定bbs为主页面,在端口号添加default_server:

1
2
3
4
# vim /usr/local/nginx/conf/vhosts/bbs.conf
# 2~3行,修改配置
    listen       80 default_server;
    listen       81 default_server;
1
# systemctl restart nginx

测试,访问的是bbs:

1
2
3
4
# curl new.webserver.cn
this in bbs
# curl 10.80.10.1
this in bbs

nginx之location优先级实战讲解

nginx location可以让不同的访问url使用不同的处理方式。

修改nginx配置文件,通配符/,指定默认返回200:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
# vim /usr/local/nginx/conf/nginx.conf
worker_processes  1;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on; 
    keepalive_timeout  65;

    server {
        listen 80;
        location / {
            return 200;
        }
    }   
}
1
# systemctl restart nginx

访问测试,无论访问那个页面都返回200:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
# curl -I 10.80.10.1
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Mon, 13 Mar 2023 08:23:19 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
# curl -I 10.80.10.1/abc
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Wed, 13 Dec 2023 03:27:51 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive

修改nginx配置文件,location测试/test和/的优先级,匹配得越多,优先级越高:

1
2
3
4
5
6
7
8
# vim /usr/local/nginx/conf/nginx.conf
# 13~15行,修改配置
        location / {
            return 200;
        }
        location /test {
            return 401;
        }
1
# systemctl reload nginx

访问测试,/test开头的是401,访问其它的是200:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# curl -I 10.80.10.1/test
HTTP/1.1 401 Unauthorized
Server: nginx/1.14.0
Date: Wed, 13 Dec 2023 03:28:40 GMT
Content-Type: text/html
Content-Length: 195
Connection: keep-alive
# curl -I 10.80.10.1/test/abc
HTTP/1.1 401 Unauthorized
Server: nginx/1.14.0
Date: Wed, 13 Dec 2023 03:29:13 GMT
Content-Type: text/html
Content-Length: 195
Connection: keep-alive
# curl -I 10.80.10.1/new
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Wed, 13 Dec 2023 03:29:21 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
# curl -I 10.80.10.1/abc
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Wed, 13 Dec 2023 03:29:29 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive

修改nginx配置文件,正则指定/test开头返回402:

1
2
3
4
5
6
7
8
9
10
11
# vim /usr/local/nginx/conf/nginx.conf
# 13~18行,修改配置
        location / {
            return 200;
        }
        location /test {
            return 401;
        }
        location ~ ^/test {
            return 402;
        }
1
# systemctl reload nginx

访问测试,访问非/test开头的是200,访问/test开头都是402,正则优先级高于通配:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
# curl -I 10.80.10.1/ddddd
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Wed, 13 Dec 2023 03:30:10 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
# curl -I 10.80.10.1/test
HTTP/1.1 402 Payment Required
Server: nginx/1.14.0
Date: Wed, 13 Dec 2023 03:30:20 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
# curl -I 10.80.10.1/test/ttt/ttt
HTTP/1.1 402 Payment Required
Server: nginx/1.14.0
Date: Wed, 13 Dec 2023 03:30:28 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive

修改nginx配置文件,指定正则/test/test开头忽略大小写返回403:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
# vim /usr/local/nginx/conf/nginx.conf
# 13~21行,修改配置
        location / {
            return 200;
        }
        location /test {
            return 401;
        }
        location ~ ^/test {
            return 402;
        }
        location ~* ^/test/test {
            return 403;
        }
1
# systemctl reload nginx

访问测试,访问/test开头都是402,第一个/test已经匹配上了,不会继续向下匹配,没匹配上会继续匹配:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# curl -I 10.80.10.1/test
HTTP/1.1 402 Payment Required
Server: nginx/1.14.0
Date: Wed, 13 Dec 2023 03:31:13 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
# curl -I 10.80.10.1/test/nginx
HTTP/1.1 402 Payment Required
Server: nginx/1.14.0
Date: Wed, 13 Dec 2023 03:31:22 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
# curl -I 10.80.10.1/test/test
HTTP/1.1 402 Payment Required
Server: nginx/1.14.0
Date: Wed, 13 Dec 2023 03:31:31 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
# curl -I 10.80.10.1/TEST/TEST
HTTP/1.1 403 Forbidden
Server: nginx/1.14.0
Date: Wed, 13 Dec 2023 03:31:40 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive

修改nginx配置文件,精准匹配指定/test/test返回404:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# vim /usr/local/nginx/conf/nginx.conf
# 13~24行,修改配置 
        location / {
            return 200;
        }
        location /test {
            return 401;
        }
        location ~ ^/test {
            return 402;
        }
        location ~* ^/test/test {
            return 403;
        }
        location = /test/test {
            return 404;
        }
1
# systemctl reload nginx

访问测试,访问/test/test返回404,正则返回402:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
# curl -I 10.80.10.1/test/test
HTTP/1.1 404 Not Found
Server: nginx/1.14.0
Date: Wed, 13 Dec 2023 03:32:23 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
# curl -I 10.80.10.1/test/test/test
HTTP/1.1 402 Payment Required
Server: nginx/1.14.0
Date: Wed, 13 Dec 2023 03:32:30 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
# curl -I 10.80.10.1/test/nginx
HTTP/1.1 402 Payment Required
Server: nginx/1.14.0
Date: Wed, 13 Dec 2023 03:32:34 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive

如果需要维护页面保留location /即可,优先级最低。

1
2
3
location / {
    return 200;
}

nginx作为下载服务器和alias

还原配置文件,添加下载服务器配置:

1
2
3
4
5
6
7
# \cp /usr/local/nginx/conf/nginx.conf.default /usr/local/nginx/conf/nginx.conf
# vim /usr/local/nginx/conf/nginx.conf
# 47行,添加配置
        location ^~ /download/ {
            root /usr/local/nginx/html;
            autoindex on;
        }

准备文件:

1
2
3
4
# mkdir -p /usr/local/nginx/html/download/mydata
# echo 'test1' > /usr/local/nginx/html/download/mydata/test1.txt
# echo 'test2' > /usr/local/nginx/html/download/mydata/test2.txt
# systemctl restart nginx

浏览器访问http://10.80.10.1/download/

有之前创建的文件夹,里面有两个test文件:

添加一些下载文件,直接点击就会下载:

1
# \cp /boot/vmlinuz-3.10.0-1160.el7.x86_64 /usr/local/nginx/html/download/mydata/

root和alias区别,建议使用root,访问页面时,默认寻找访问指定文件夹,alias必须指定目录,结尾要有/。

1
2
3
4
5
6
# vim /usr/local/nginx/conf/nginx.conf
# 47~50行,修改配置
        location ^~ /download/ {
            alias /usr/local/nginx/html/;
            autoindex on;
        }
1
# systemctl restart nginx

结尾有/,默认访问页面是nginx的欢迎页面,它不会寻找download文件夹:

浏览器访问:http://10.80.10.1/download/

如果配置文件中alias /usr/local/nginx/html结尾没有/,访问192.168.80.71/download/是404:

alias必须指定目录,指定位置后才行:

1
2
3
4
5
6
# vim /usr/local/nginx/conf/nginx.conf
# 47~50行,修改配置
        location ^~ /download/ {
            alias /usr/local/nginx/html/download/;
            autoindex on;
        }
1
# systemctl restart nginx

nginx基本安全和拒绝配置

还原配置文件:

1
# \cp /usr/local/nginx/conf/nginx.conf.default /usr/local/nginx/conf/nginx.conf

修改nginx配置文件,开启用户名密码认证:

1
2
3
4
5
6
7
8
# vim /usr/local/nginx/conf/nginx.conf
# 43~46行,修改配置
        location / {
            auth_basic "basic auth";
            auth_basic_user_file /usr/local/nginx/conf/htpasswd;
            root   html;
            index  index.html index.htm;
        }

  • auth_basic:提示信息。

  • auth_basic_user_file:用户名密码存放位置。

1
# systemctl restart nginx

浏览器访问:http://10.80.10.1/

输入错误进入403页面:

添加用户名密码,用户名密码都是user01:

1
2
# openssl passwd -1 user01
$1$2y8MMuVt$8Pq6GUuD0VRZnJeoaqrLa0
1
2
# vim /usr/local/nginx/conf/htpasswd
user01:$1$2y8MMuVt$8Pq6GUuD0VRZnJeoaqrLa0

输入正确的账号密码才能进入主页:

修改nginx配置文件,允许本机访问,拒绝其它ip的所有访问:

1
2
3
4
5
6
7
8
# vim /usr/local/nginx/conf/nginx.conf
# 43~48行,修改配置
        location / {
            allow 127.0.0.1/32;
            deny all;
            root   html;
            index  index.html index.htm;
        }

  • allow 127.0.0.1/32:允许本机。

  • deny all:拒绝所有。

1
# systemctl restart nginx

浏览器访问失败,只能本地访问:

修改nginx配置文件,使用变量$remote_addr拒绝访问,允许本机访问,拒绝其它ip的所有访问:

1
2
3
4
5
6
7
8
9
# vim /usr/local/nginx/conf/nginx.conf
# 43~48行,修改配置
        location / {
            if ( $remote_addr !~ '^127.0.0.1$' ) {
                return 403;
            }
            root   html;
            index  index.html index.htm;
        }
1
# systemctl restart nginx

修改nginx配置文件,拒绝某个url的访问:

1
2
3
4
5
# vim /usr/local/nginx/conf/nginx.conf
# 50行,添加配置
        location = /new/new {
            return 403;
        }
1
# systemctl restart nginx

创建文件夹,访问测试:

1
2
3
4
5
6
7
8
# mkdir -p /usr/local/nginx/html/new/new
# curl -I 10.80.10.1/new/new
HTTP/1.1 403 Forbidden
Server: nginx/1.14.0
Date: Wed, 13 Dec 2023 04:57:25 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive

修改nginx配置文件,拒绝chrome浏览器访问:

1
2
3
4
5
6
7
8
9
# vim /usr/local/nginx/conf/nginx.conf
# 43~49行,修改配置
        location / {
            if ($http_user_agent ~* '.*chrome.*') {
                return 403;
            }
            root   html;
            index  index.html index.htm;
        }
1
# systemctl restart nginx

修改nginx配置文件,拒绝webserver.cn访问:

1
2
3
4
5
6
7
8
9
# vim /usr/local/nginx/conf/nginx.conf
# 43~49行,修改配置
        location / {
            if ($http_referer !~* '.*webserver.cn.*') {
                return 403;
            }
            root   html;
            index  index.html index.htm;
        }
1
# systemctl restart nginx

php的编译安装管理

下载安装php:

下载地址:https://www.php.net/releases/

安装相关依赖库。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# yum install -y gcc gcc-c++ make pcre pcre-devel zlib zlib-devel openssl openssl-devel libxml2 libxml2-devel libcurl libcurl-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel openldap openldap-devel libmcrypt libmcrypt-devel
# cd /usr/local/src/
# wget https://www.php.net/distributions/php-5.6.34.tar.gz
# tar -xzvf php-5.6.34.tar.gz
# cd php-5.6.34
# ./configure \
--prefix=/usr/local/php \
--with-config-file-path=/usr/local/php/etc \
--enable-ctype \
--with-mysql=mysqlnd \
--with-mysqli=mysqlnd \
--with-freetype-dir \
--with-jpeg-dir \
--with-png-dir \
--with-zlib \
--with-libxml-dir=/usr \
--enable-xml \
--disable-rpath \
--enable-bcmath \
--enable-shmop \
--enable-sysvsem \
--enable-inline-optimization \
--with-curl \
--enable-mbregex \
--enable-mbstring \
--with-mcrypt \
--with-gd \
--enable-gd-native-ttf \
--with-openssl \
--with-mhash \
--enable-pcntl \
--enable-sockets \
--with-ldap-sasl \
--with-xmlrpc \
--enable-zip \
--enable-soap \
--with-gettext \
--enable-fpm

部分说明:

  • –prefix=/usr/local/php:安装路径。

  • –with-config-file-path=/usr/local/php/etc:配置文件路径。

  • –enable-fpm:需要支持fpm,nginx是通过fpm来调用php程序的。

1
# make -j 4 && make -j 4 install

复制php配置文件:

1
# cp php.ini-production /usr/local/php/etc/php.ini

查看php安装:

1
2
# ls /usr/local/php/
bin  etc  include  lib  php  sbin  var

  • bin:php程序。

  • etc:配置文件。

  • include:头文件。

  • lib:相关包,库。

  • php

  • sbin:php-fpm。

  • var:日志文件。

查看查PHP版本。

1
2
3
4
# /usr/local/php/bin/php -v
PHP 5.6.34 (cli) (built: Dec 13 2023 14:32:52) 
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies

查看php的模块:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
# /usr/local/php/bin/php -m
[PHP Modules]
bcmath
Core
ctype
curl
date
dom
ereg
fileinfo
filter
gd
gettext
hash
iconv
json
libxml
mbstring
mcrypt
mhash
mysql
mysqli
mysqlnd
openssl
pcntl
pcre
PDO
pdo_sqlite
Phar
posix
Reflection
session
shmop
SimpleXML
soap
sockets
SPL
sqlite3
standard
sysvsem
tokenizer
xml
xmlreader
xmlrpc
xmlwriter
zip
zlib

[Zend Modules]

查看php的编译时的参数:

1
2
3
# /usr/local/php/bin/php -i | grep configure
Configure Command =>  './configure'  '--prefix=/usr/local/php' '--with-config-file-path=/usr/local/php/etc' '--enable-ctype' '--with-mysql=mysqlnd' '--with-mysqli=mysqlnd' '--with-freetype-dir' '--with-jpeg-dir' '--with-png-dir' '--with-zlib' '--with-libxml-dir=/usr' '--enable-xml' '--disable-rpath' '--enable-bcmath' '--enable-shmop' '--enable-sysvsem' '--enable-inline-optimization' '--with-curl' '--enable-mbregex' '--enable-mbstring' '--with-mcrypt' '--with-gd' '--enable-gd-native-ttf' '--with-openssl' '--with-mhash' '--enable-pcntl' '--enable-sockets' '--with-ldap-sasl' '--with-xmlrpc' '--enable-zip' '--enable-soap' '--with-gettext' '--enable-fpm'
PHP Warning:  Unknown: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in Unknown on line 0

查看配置文件路径:

1
2
3
4
5
6
7
8
9
10
11
12
13
# /usr/local/php/bin/php -i | grep ini
Configuration File (php.ini) Path => /usr/local/php/etc
Loaded Configuration File => /usr/local/php/etc/php.ini
Scan this dir for additional .ini files => (none)
Additional .ini files parsed => (none)
user_ini.cache_ttl => 300 => 300
user_ini.filename => .user.ini => .user.ini
PHP Warning:  Unknown: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in Unknown on line 0
init_command_executed_count => 0
init_command_failed_count => 0
com_init_db => 0
Classes => AppendIterator, ArrayIterator, ArrayObject, BadFunctionCallException, BadMethodCallException, CachingIterator, CallbackFilterIterator, DirectoryIterator, DomainException, EmptyIterator, FilesystemIterator, FilterIterator, GlobIterator, InfiniteIterator, InvalidArgumentException, IteratorIterator, LengthException, LimitIterator, LogicException, MultipleIterator, NoRewindIterator, OutOfBoundsException, OutOfRangeException, OverflowException, ParentIterator, RangeException, RecursiveArrayIterator, RecursiveCachingIterator, RecursiveCallbackFilterIterator, RecursiveDirectoryIterator, RecursiveFilterIterator, RecursiveIteratorIterator, RecursiveRegexIterator, RecursiveTreeIterator, RegexIterator, RuntimeException, SplDoublyLinkedList, SplFileInfo, SplFileObject, SplFixedArray, SplHeap, SplMinHeap, SplMaxHeap, SplObjectStorage, SplPriorityQueue, SplQueue, SplStack, SplTempFileObject, UnderflowException, UnexpectedValueException
open sourced by => Epinions.com

php的日志和动态安装扩展模块

php错误日志配置,默认格式如下:

1
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT

记录所有的日志,不包含过时函数提示和php严格语法提示,通常也会忽略E_NOTICE的报错。

修改php配置文件,修改错误日志位置:

1
2
3
# vim /usr/local/php/etc/php.ini
# 572行,取消注释,修改配置
error_log = /tmp/php_errors.log

编写php测试文件:

1
2
3
4
# vim /tmp/test.php
<?php
    echo 1/0;
?>
1
2
3
# /usr/local/php/bin/php /tmp/test.php
# cat /tmp/php_errors.log
[13-Dec-2023 06:41:20 UTC] PHP Warning:  Division by zero in /tmp/test.php on line 2

修改php配置文件,错误日志直接输出到屏幕:

1
2
3
# vim /usr/local/php/etc/php.ini
# 466行,修改配置
display_errors = On
1
2
3
4
5
# /usr/local/php/bin/php /tmp/test.php

Warning: main(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /tmp/test.php on line 2

Warning: Division by zero in /tmp/test.php on line 2
1
2
3
# vim /usr/local/php/etc/php.ini
# 466行,修改配置
display_errors = Off

修改php配置文件,更改时区:

1
2
3
# vim /usr/local/php/etc/php.ini
# 936行,取消注释,修改配置
date.timezone = PRC

php动态安装redis模块,不需要重新编译php:

下载网址:`https://pecl.php.net/package/redis``

1
2
3
4
5
6
7
8
# yum install -y autoconf
# cd /usr/local/src/
# wget https://pecl.php.net/get/redis-4.1.1.tgz
# tar xzvf redis-4.1.1.tgz
# cd redis-4.1.1
# /usr/local/php/bin/phpize
# ./configure --with-php-config=/usr/local/php/bin/php-config
# make -j 4 && make -j 4 install

修改php配置文件,添加redis.so的Installing shared extensions位置:

1
2
3
# vim /usr/local/php/etc/php.ini
# 878行,取消注释,添加配置
extension=/usr/local/php/lib/php/extensions/no-debug-non-zts-20131226/redis.so
1
2
# /usr/local/php/bin/php -m | grep redis
redis

php-fpm的配置和管理

php-fpm作用:

  • nginx调用php程序是通过php-fpm这个接口程序来的。

  • php-fpm专门为nginx+php的架构开发。

查看php-fpm的默认配置:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
# cat /usr/local/php/etc/php-fpm.conf.default | egrep -v '^;|^$'
[global]


[www]
user = nobody
group = nobody
listen = 127.0.0.1:9000

pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3

创建php-fpm配置文件:

1
2
3
# cat /usr/local/php/etc/php-fpm.conf.default | egrep -v '^;|^$' > /usr/local/php/etc/php-fpm.conf
# /usr/local/php/sbin/php-fpm -t
[13-Mar-2023 21:05:49] NOTICE: configuration file /usr/local/php/etc/php-fpm.conf test is successful

启动php-fpm,查看端口和进程:

1
2
3
4
5
6
7
8
# /usr/local/php/sbin/php-fpm
# netstat -tlunp | grep php-fpm
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      34941/php-fpm: mast 
# ps -ef | grep php-fpm
root      34941      1  0 14:47 ?        00:00:00 php-fpm: master process (/usr/local/php/etc/php-fpm.conf)
nobody    34942  34941  0 14:47 ?        00:00:00 php-fpm: pool www
nobody    34943  34941  0 14:47 ?        00:00:00 php-fpm: pool www
root      35273   8118  0 14:47 pts/0    00:00:00 grep --color=auto php-fpm

关闭php-fpm:

1
# pkill -9 php-fpm

systemctl管理php-fpm:

1
2
3
4
5
6
7
8
9
10
11
12
# vim /usr/lib/systemd/system/php-fpm.service
[Unit]
Description=php-fpm
After=network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
ExecStart=/usr/local/php/sbin/php-fpm
ExecStop=pkill -9 php-fpm

[Install]
WantedBy=multi-user.target

启动php-fpm,设置开机自启:

1
2
3
# systemctl start php-fpm
# systemctl enable php-fpm
# systemctl status php-fpm

查看端口和进程:

1
2
3
4
5
6
7
# netstat -tlunp | grep php-fpm
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      36913/php-fpm: mast 
# ps aux | grep php-fpm
root      36913  0.0  0.0 221672  5308 ?        Ss   14:48   0:00 php-fpm: master process (/usr/local/php/etc/php-fpm.conf)
nobody    36914  0.0  0.0 221672  4972 ?        S    14:48   0:00 php-fpm: pool www
nobody    36915  0.0  0.0 221672  4972 ?        S    14:48   0:00 php-fpm: pool www
root      37625  0.0  0.0 112816   980 pts/0    S+   14:48   0:00 grep --color=auto php-fpm

修改php-fpm配置文件,运行的用户和用户改组为www:

1
2
3
4
# vim /usr/local/php/etc/php-fpm.conf
# 5~6行,修改配置
user = www
group = www
1
2
3
4
5
6
7
# systemctl restart php-fpm
# systemctl status php-fpm
# ps aux | grep php-fpm
root      38567  0.0  0.0 221672  5308 ?        Ss   14:49   0:00 php-fpm: master process (/usr/local/php/etc/php-fpm.conf)
www       38571  0.0  0.0 221672  4968 ?        S    14:49   0:00 php-fpm: pool www
www       38572  0.0  0.0 221672  4968 ?        S    14:49   0:00 php-fpm: pool www
root      38910  0.0  0.0 112812   980 pts/0    R+   14:49   0:00 grep --color=auto php-fpm

listen表示fpm监听的方式,默认使用的是网络的监听方式,还有一种socket的监听方式。

修改php-fpm配置文件,监听为sock方式:

1
2
3
4
5
6
7
8
# vim /usr/local/php/etc/php-fpm.conf
# 4~7行,修改配置
[www]
user = www
group = www
listen = /dev/shm/php-fpm.sock
listen.owner = www
listen.group = www
1
2
3
4
5
# systemctl restart php-fpm
# systemctl status php-fpm
# netstat -tlunp | grep php
# ls /dev/shm/php-fpm.sock
/dev/shm/php-fpm.sock

两种监听方式的选择:

  • 如果nginx+php-fpm是在同一台机器的话,建议使用sock的方式。

  • 如果nginx+php-fpm在不同机器的话,只能选择网络方式。

修改php-fpm配置文件,php-fpm的工作进程数改为静态分配:

1
2
3
# vim /usr/local/php/etc/php-fpm.conf
# 11行,修改配置
pm = static
1
2
3
4
5
6
7
8
9
10
# systemctl restart php-fpm
# systemctl status php-fpm
# ps -ef | grep php
root      41561      1  0 14:50 ?        00:00:00 php-fpm: master process (/usr/local/php/etc/php-fpm.conf)
www       41562  41561  0 14:50 ?        00:00:00 php-fpm: pool www
www       41563  41561  0 14:50 ?        00:00:00 php-fpm: pool www
www       41564  41561  0 14:50 ?        00:00:00 php-fpm: pool www
www       41565  41561  0 14:50 ?        00:00:00 php-fpm: pool www
www       41566  41561  0 14:50 ?        00:00:00 php-fpm: pool www
root      41815   8118  0 14:50 pts/0    00:00:00 grep --color=auto php

nginx+fpm的两种结合方式

编写php测试文件:

1
2
3
4
# vim /usr/local/nginx/html/test.php
<?php
    echo "test is ok\n";
?>

修改php-fpm配置文件,改为网络监听并修改用户:

1
2
3
4
5
# cat /usr/local/php/etc/php-fpm.conf.default | egrep -v '^;|^$' > /usr/local/php/etc/php-fpm.conf
# vim /usr/local/php/etc/php-fpm.conf
# 5~6行,修改配置
user = www
group = www
1
2
3
4
# systemctl restart php-fpm
# systemctl status php-fpm
# netstat -tlunp | grep php-fpm
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      47165/php-fpm: mast

修改nginx配置文件:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
# \cp /usr/local/nginx/conf/nginx.conf.default /usr/local/nginx/conf/nginx.conf
# vim /usr/local/nginx/conf/nginx.conf
# 2行,修改配置
user  www;
# 45行,修改配置
            index  index.html index.htm index.php;
# 65~71行,取消注释,修改配置
        location ~ \.php$ {
            root           html;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            include        fastcgi_params;
        }
1
# systemctl restart nginx

访问测试:

1
2
# curl 10.80.10.1/test.php
test is ok

修改php-fpm配置文件,使用socket监听php:

1
2
3
4
5
6
7
8
# vim /usr/local/php/etc/php-fpm.conf
# 4~7行,修改配置
[www]
user = www
group = www
listen = /dev/shm/php-fpm.sock
listen.owner = www
listen.group = www
1
2
3
4
# systemctl restart php-fpm
# systemctl status php-fpm
# ls /dev/shm/php-fpm.sock
/dev/shm/php-fpm.sock

修改nginx配置文件:

1
2
3
# vim /usr/local/nginx/conf/nginx.conf
# 67行,修改配置
            fastcgi_pass   unix:/dev/shm/php-fpm.sock;
1
# systemctl restart nginx

访问测试:

1
2
# curl 10.80.10.1/test.php
test is ok

nginx+fpm的日志说明

客户访问一个php程序的过程:

  • 客户—>nginx—>php-fpm—>nginx—>客户

修改nginx配置文件,开启日志,添加nginx交互时间:

1
2
3
4
5
6
7
# vim /usr/local/nginx/conf/nginx.conf
# 21~25行,取消注释,修改配置 
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for" $upstream_response_time $request_time';

    access_log  logs/access.log  main;
1
# systemctl restart nginx

访问测试:

1
2
# curl 127.0.0.1/test.php
# tail -f /usr/local/nginx/logs/access.log

修改php文件,添加休眠时间:

1
2
3
4
5
# vim /usr/local/nginx/html/test.php
<?php
    echo "test is ok\n";
    sleep(1);
?>
1
2
# curl 127.0.0.1/test.php
test is ok

修改nginx配置文件,开启notice日志:

1
2
3
# vim /usr/local/nginx/conf/nginx.conf
# 6行,取消注释
error_log  logs/error.log  notice;
1
# systemctl restart nginx

修改socket的所属,访问失败,查看日志:

1
# tail -f /usr/local/nginx/logs/error.log
1
2
# chown root:root /dev/shm/php-fpm.sock
# curl -I 127.0.0.1/test.php

模拟php语法问题进行测试:

1
2
# chown www:www /dev/shm/php-fpm.sock
# tail -f /usr/local/nginx/logs/error.log
1
2
3
4
5
# vim /usr/local/nginx/html/test.php
<?php
    echo "test is ok\n";
    echo 2/0;
?>
1
2
# curl 127.0.0.1/test.php
test is ok

配置php-fpm的错误日志:

1
2
3
4
# vim /usr/local/php/etc/php-fpm.conf
# 2行,添加配置
error_log = /tmp/fpm_error_log
log_level = notice
1
# systemctl restart php-fpm

只要重启php-fpm就会有记录:

1
# tail -f /tmp/fpm_error_log

修改php-fpm配置文件,添加慢日志:

1
2
3
4
# vim /usr/local/php/etc/php-fpm.conf
# 11行,添加配置
slowlog = /tmp/phpslow.log
request_slowlog_timeout = 1s
1
# systemctl restart php-fpm

修改php文件:

1
2
3
4
5
# vim /usr/local/nginx/html/test.php
<?php
    echo "test is ok\n";
    sleep (3);
?>
1
2
3
4
5
6
7
# curl 127.0.0.1/test.php
test is ok
# cat /tmp/phpslow.log

[13-Dec-2023 15:08:52]  [pool www] pid 80244
script_filename = /usr/local/nginx/html/test.php
[0x00007f16d69e71e0] sleep() /usr/local/nginx/html/test.php:3

php如果有include的时候,慢日志会记录详细的调用过程:

1
2
3
4
# vim /usr/local/nginx/html/sleep.php
<?php
    sleep(2);
?>
1
2
3
4
5
# vim /usr/local/nginx/html/test.php
<?php
    echo "test is ok\n";
    include "sleep.php";
?>
1
2
3
4
5
6
7
8
9
10
11
12
# curl 127.0.0.1/test.php
test is ok
# cat /tmp/phpslow.log

[13-Dec-2023 15:08:52]  [pool www] pid 80244
script_filename = /usr/local/nginx/html/test.php
[0x00007f16d69e71e0] sleep() /usr/local/nginx/html/test.php:3

[13-Dec-2023 15:09:26]  [pool www] pid 80245
script_filename = /usr/local/nginx/html/test.php
[0x00007f16d69e7288] sleep() /usr/local/nginx/html/sleep.php:2
[0x00007f16d69e71e0] +++ dump failed

fpm的慢日志可以定位到网页到底是访问哪里慢。

mysql5.6编译安装

最流行的关系型数据库,主要是用来存储用户数据、商品数据等等。

mysql目前是属于oracle的旗下产品,oracle也是知名的关系型数据库,但它是收费的。

另外还有一种非关系型数据redis、mongodb等。

下载安装mysql:

下载地址:https://downloads.mysql.com/archives/community/

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# yum install -y gcc gcc-c++ make tar openssl openssl-devel cmake ncurses ncurses-devel
# useradd -s /sbin/nologin mysql
# cd /usr/local/src/
# wget https://downloads.mysql.com/archives/get/p/23/file/mysql-5.6.39.tar.gz
# tar -xzvf mysql-5.6.39.tar.gz
# cd mysql-5.6.39
# cmake \
-DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
-DMYSQL_DATADIR=/data/mysql \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
-DWITH_EXTRA_CHARSETS:STRING=all \
-DWITH_DEBUG=0 \
-DWITH_SSL=yes \
-DWITH_READLINE=1 \
-DENABLED_LOCAL_INFILE=1
# make -j 4 && make -j 4 install

  • DCMAKE_INSTALL_PREFIX=/usr/local/mysql:安装目录为/usr/local/mysql。

  • DMYSQL_DATADIR=/data/mysql:数据目录为/data/mysql。

复制启动脚本:

1
2
# cp support-files/mysql.server /etc/init.d/mysqld
# chmod a+x /etc/init.d/mysqld

查看mysql目录:

1
2
# ls /usr/local/mysql/
bin  COPYING  data  docs  include  lib  man  mysql-test  README  scripts  share  sql-bench  support-files

  • bin:命令。

  • data:数据。

  • docs:文档。

  • scripts:脚本。

查看mysql版本:

1
2
# /usr/local/mysql/bin/mysql --version
/usr/local/mysql/bin/mysql  Ver 14.14 Distrib 5.6.39, for Linux (x86_64) using  EditLine wrapper

mysql的数据初始化及管理

修改mysql配置文件:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
# vim /etc/my.cnf
[mysqld]
bind-address=127.0.0.1
port=3306
datadir=/data/mysql
socket=/tmp/mysql.sock
user=mysql
skip-name-resolve
slow_query_log=on
long_query_time=1
slow_query_log_file=/data/mysql/mysql-slow.log
expire_logs_days=2
innodb-file-per-table=1
innodb_flush_log_at_trx_commit=2
log_warnings=1
max_allowed_packet=512M
connect_timeout=60
net_read_timeout=120

[mysqld_safe]
log-error=/data/mysql/mysqld.log
pid-file=/data/mysql/mysqld.pid

  • bind-address=127.0.0.1:监听ip。

  • port=3306:监听端口。

  • datadir=/data/mysql:数据目录。

  • socket=/tmp/mysql.sock:指定socket的路径,默认就是/tmp/mysql.sock。

  • innodb-file-per-table=1:独立表空间。

  • innodb_flush_log_at_trx_commit=2:配置为1表示数据写入后马上写到磁盘,系统压力大。配置为2的话,会每秒执行一次写盘的操作,压力较小。

  • log_warnings=1:警告信息写入日志。

mysql数据的初始化:

1
2
3
4
5
6
7
8
9
# mkdir -p /data/mysql
# chown mysql:mysql /data/mysql/
# yum install -y perl-Module-Install
# /usr/local/mysql/scripts/mysql_install_db \
--basedir=/usr/local/mysql/ \
--user=mysql \
--datadir=/data/mysql/
# ls /data/mysql/
ibdata1  ib_logfile0  ib_logfile1  mysql  performance_schema  test

启动关闭方式:

1
2
3
4
5
6
7
8
# 手动启动
# nohup /usr/local/mysql/bin/mysqld_safe --defaults-file=/etc/my.cnf &
# 手动关闭
# mysqladmin -uroot -p -S /data/mysql/mysql.sock shutdown
# 用提供的脚本启动
# /etc/init.d/mysqld start
# 用提供的脚本关闭
# /etc/init.d/mysqld stop

systemctl管理mysql:

1
2
3
4
5
6
7
8
9
10
11
12
# vim /usr/lib/systemd/system/mysqld.service
[Unit]
Description=mysqld
After=network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
ExecStart=/etc/init.d/mysqld start
ExecStop=/etc/init.d/mysqld stop

[Install]
WantedBy=multi-user.target

启动mysql,设置开机自启:

1
2
3
# systemctl start mysqld
# systemctl enable mysqld
# systemctl status mysqld

查看端口和进程:

1
2
3
4
5
6
# netstat -tlunp | grep mysql
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      35057/mysqld        
# ps aux | grep mysql
root      34690  0.7  0.0 115540  1692 ?        S    15:43   0:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/data/mysql --pid-file=/data/mysql/node1.pid
mysql     35057 50.6  5.6 1325804 452044 ?      Sl   15:43   0:11 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/data/mysql --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=/data/mysql/mysqld.log --pid-file=/data/mysql/node1.pid --socket=/tmp/mysql.sock --port=3306
root      35939  0.0  0.0 112812   980 pts/0    S+   15:44   0:00 grep --color=auto mysql

mysql客户端使用和远程登录

配置mysql软连接:

1
# ln -s /usr/local/mysql/bin/mysql /usr/local/bin/

5.6版本默认登录无密码:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
# mysql -uroot
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.6.39-log Source distribution

Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> quit

查看mysql客户端命令的使用方式:

1
# mysql --help

修改mysql配置文件,使用socket登录,仅在本地登录(localhost)有效:

1
2
3
# vim /etc/my.cnf
# 5行,修改配置
socket=/data/mysql/mysql.sock
1
# systemctl restart mysqld

重新登录mysql,需要指定socket:

1
2
# mysql -uroot
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)
1
2
3
# mysql -uroot -S /data/mysql/mysql.sock

mysql> quit

指定ip登录不需要socket:

1
# mysql -uroot -h127.0.0.1

查看默认登录密码:

1
2
3
4
5
6
7
8
9
10
11
12
mysql> select user,password,host from mysql.user;
+------+----------+-----------+
| user | password | host      |
+------+----------+-----------+
| root |          | localhost |
| root |          | node1     |
| root |          | 127.0.0.1 |
| root |          | ::1       |
|      |          | localhost |
|      |          | node1     |
+------+----------+-----------+
6 rows in set (0.01 sec)

删除空用户:

1
2
mysql> delete from mysql.user where user='';
Query OK, 2 rows affected (0.00 sec)

设置root账户密码,123456:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
mysql> update mysql.user set password=PASSWORD('123456') where user='root';
Query OK, 4 rows affected (0.01 sec)
Rows matched: 4  Changed: 4  Warnings: 0

mysql> select user,password,host from mysql.user;
+------+-------------------------------------------+-----------+
| user | password                                  | host      |
+------+-------------------------------------------+-----------+
| root | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 | localhost |
| root | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 | node1     |
| root | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 | 127.0.0.1 |
| root | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 | ::1       |
+------+-------------------------------------------+-----------+
4 rows in set (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql> quit

登录mysql测试:

1
2
3
# mysql -uroot -h127.0.0.1 -p123456

mysql> quit

使用外网登录,没授权:

1
2
3
# mysql -uroot -h10.80.10.1 -p123456
Warning: Using a password on the command line interface can be insecure.
ERROR 2003 (HY000): Can't connect to MySQL server on '10.80.10.1' (111)

修改mysql配置文件,添加给内网ip、外网ip授权:

1
2
3
# vim /etc/my.cnf
# 2行,修改配置
bind-address=0.0.0.0
1
# systemctl restart mysqld
1
2
3
4
5
6
7
8
9
# mysql -uroot -h127.0.0.1 -p123456

mysql> grant all privileges on *.* to 'student'@'10.80.10.1' identified by '123456' with grant option;
Query OK, 0 rows affected (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql> quit

student账户登录,登录成功:

1
2
3
# mysql -ustudent -h10.80.10.1 -p123456

mysql> quit

mysql的两个重要日志

mysql重要的两个日志文件:

  • 错误日志:当mysql启动有问题的时候,我们需要借助这个日志进行排查。

  • 慢日志:当业务出现慢或者超时的时候,我们需要观查mysql的慢日志是否过多。

查看错误日志:

1
# tail -f /data/mysql/mysqld.log

新建终端,修改mysql配置文件并重启,观察日志:

1
2
3
# vim /etc/my.cnf
# 2行,修改配置
bind-address=127.0.0.1
1
# systemctl restart mysqld

删除掉数据,无法启动mysql,重启报错,观察错误日志:

1
2
# \rm -rf /data/mysql/
# systemctl restart mysqld

重新初始化:

1
2
3
4
5
# /usr/local/mysql/scripts/mysql_install_db \
--basedir=/usr/local/mysql \
--user=mysql \
--datadir=/data/mysql/
# systemctl restart mysqld

mysql慢日志说明:

  • slow_query_log=on:开启慢日志。

  • long_query_time=1:记录sql超过1秒。

  • slow_query_log_file=/data/mysql/mysql-slow.log:慢日志位置。

插入测试数据:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
# mysql -uroot -h127.0.0.1

mysql> use test;
Database changed

mysql> create table if not exists `user`(
`id` int unsigned,
`username` varchar(50) not null,
`password` varchar(100) not null
)engine=innodb default charset=utf8;
Query OK, 0 rows affected (0.02 sec)

mysql> insert into user values (1,'teacher','red');
Query OK, 1 row affected (0.00 sec)

mysql> insert into user values (6,'student','yellow');
Query OK, 1 row affected (0.00 sec)

mysql> select * from user;
+------+----------+----------+
| id   | username | password |
+------+----------+----------+
|    1 | teacher  | red      |
|    6 | student  | yellow   |
+------+----------+----------+
2 rows in set (0.00 sec)

批量复制数据,指数增长,等待时间超过1秒:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
mysql> insert into user (`username`,password) select username,password from user;
Query OK, 2 rows affected (0.00 sec)
Records: 2  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 4 rows affected (0.00 sec)
Records: 4  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 8 rows affected (0.00 sec)
Records: 8  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 16 rows affected (0.00 sec)
Records: 16  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 32 rows affected (0.00 sec)
Records: 32  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 64 rows affected (0.00 sec)
Records: 64  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 128 rows affected (0.00 sec)
Records: 128  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 256 rows affected (0.01 sec)
Records: 256  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 512 rows affected (0.01 sec)
Records: 512  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 1024 rows affected (0.02 sec)
Records: 1024  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 2048 rows affected (0.03 sec)
Records: 2048  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 4096 rows affected (0.06 sec)
Records: 4096  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 8192 rows affected (0.15 sec)
Records: 8192  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 16384 rows affected (0.12 sec)
Records: 16384  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 32768 rows affected (0.42 sec)
Records: 32768  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 65536 rows affected (0.66 sec)
Records: 65536  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 131072 rows affected (1.21 sec)
Records: 131072  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 262144 rows affected (3.37 sec)
Records: 262144  Duplicates: 0  Warnings: 0

mysql> insert into user (`username`,password) select username,password from user;
Query OK, 524288 rows affected (6.04 sec)
Records: 524288  Duplicates: 0  Warnings: 0

mysql> quit

查看慢日志,记录了sql和执行时间:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# cat /data/mysql/mysql-slow.log
/usr/local/mysql/bin/mysqld, Version: 5.6.39-log (Source distribution). started with:
Tcp port: 3306  Unix socket: /data/mysql/mysql.sock
Time                 Id Command    Argument
# Time: 231213 15:52:57
# User@Host: root[root] @  [127.0.0.1]  Id:     1
# Query_time: 1.482038  Lock_time: 0.000162 Rows_sent: 0  Rows_examined: 262144
use test;
SET timestamp=1702453977;
insert into user (`username`,password) select username,password from user;
# Time: 231213 15:53:04
# User@Host: root[root] @  [127.0.0.1]  Id:     1
# Query_time: 6.615719  Lock_time: 0.000165 Rows_sent: 0  Rows_examined: 524288
SET timestamp=1702453984;
insert into user (`username`,password) select username,password from user;
# Time: 231213 15:53:18
# User@Host: root[root] @  [127.0.0.1]  Id:     1
# Query_time: 7.810866  Lock_time: 0.000158 Rows_sent: 0  Rows_examined: 1048576
SET timestamp=1702453998;
insert into user (`username`,password) select username,password from user;

lnmp部署验收及回顾

需要写一个操作mysql的php,然后浏览器能够正常访问,就说明lnmp环境部署成功。

mysql创建student用户并进行授权:

1
2
3
4
5
6
7
8
9
# mysql -uroot -h127.0.0.1

mysql> grant all privileges on *.* to 'student'@'127.0.0.1' identified by '123456' with grant option;
Query OK, 0 rows affected (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.01 sec)

mysql> quit

编写php文件:

1
2
3
4
5
6
7
8
9
# vim /usr/local/nginx/html/lnmp.php
<?php
    $link=mysql_connect("127.0.0.1","student","123456");
    if(!$link){
        echo "mysql_connect fail\n";
    }else{
        echo "mysql_connect success\n";
    }
?>
1
2
# systemctl restart nginx
# systemctl restart php-fpm
1
2
# curl 10.80.10.1/lnmp.php
mysql_connect success

过程中如果有异常,需要观察nginx的error日志,可先从nginx的error日志排查开始。数据库异常得查看数据库错误日志。

如果是网站访问慢,可以通过nginx的响应时间日志、fpm的慢日志、mysql的慢日志分析吧。

phpadmin的安装部署

phpadmin以web的方式去管理mysql数据库,使用php语言开发。

下载安装phpmyadmin:

下载地址:https://www.phpmyadmin.net/downloads/

1
2
3
4
# cd /usr/local/src/
# wget https://files.phpmyadmin.net/phpMyAdmin/4.8.1/phpMyAdmin-4.8.1-all-languages.zip
# unzip phpMyAdmin-4.8.1-all-languages.zip
# mv phpMyAdmin-4.8.1-all-languages /usr/local/nginx/html/phpmyadmin

修改配置文件:

1
2
3
4
5
6
7
8
9
# cd /usr/local/nginx/html/phpmyadmin/
# cp libraries/config.default.php config.inc.php
# vim config.inc.php
# 131行,修改配置
$cfg['Servers'][$i]['host'] = '127.0.0.1';
# 262行,修改配置
$cfg['Servers'][$i]['user'] = 'student';
# 269行,修改配置
$cfg['Servers'][$i]['password'] = '123456';

浏览器访问:http://10.80.10.1/phpmyadmin/

1
2
用户名:student
密码:123456

进入主页:

选择mysql库的user表,删除空用户localhost和node1:

确认删除:

选择test库,点击sql,输入sql语句执行:

1
drop table user;

1
2
3
4
5
6
7
use test;
create table if not exists `user`(
   `id` Int unsigned auto_increment,
   `username` varchar(50) not null,
   `password` varchar(100) not null,
   primary key ( `id` )
)engine=innodb default charset=utf8;

选择test库的user表,插入数据:

1
2
username:teacher
password:red

浏览,查看数据:

执行sql插入数据,进行查看:

1
insert into user (username,password) values ('classmate','black');

修改nginx配置文件,限制ip访问:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# vim /usr/local/nginx/conf/nginx.conf
# 64行,添加配置
        location /phpmyadmin {
            allow  127.0.0.1;
            deny   all;
            root   html;
            index  index.html index.htm index.php;
        }
        location ~ /phpmyadmin/.*.php$ {
            allow  127.0.0.1;
            deny   all;
            root           html;
            fastcgi_pass   unix:/dev/shm/php-fpm.sock;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            include        fastcgi_params;
        }
1
# systemctl restart nginx

只有本机能访问:

添加物理机权限,两部分都添加:

1
2
3
# vim /usr/local/nginx/conf/nginx.conf
# 65行、71行,添加配置,在deny前添加
            allow  10.80.0.1;
1
# systemctl restart nginx

discuz论坛的安装部署

discuz开源软件,用php语言开发的一个开源的网页论坛。

有很多线上在用的论坛都是基于或者直接用discuz的模板。

下载安装discuz:

下载地址:https://www.discuz.vip/download.html

1
2
3
4
# cd /usr/local/src/
# wget http://download.comsenz.com/DiscuzX/3.2/Discuz_X3.2_SC_UTF8.zip
# unzip Discuz_X3.2_SC_UTF8.zip
# mv upload/ /usr/local/nginx/html/discuz

浏览器访问:http://10.80.10.1/discuz/

同意安装:

修改配置,刷新页面:

1
2
# cd /usr/local/nginx/html/discuz/
# chown -R www:www config/ data/ uc_client/ uc_server/

安装全新的discuz:

1
2
3
4
数据库服务器:127.0.0.1
数据库用户名:student
数据库密码:123456
管理员密码:123456

等待安装成功,点击右下方点此访问,进入主页:

登录后台,输入配置的管理员账号及密码,点击右上方的管理中心,再次登录:

1
2
用户名:admin
密码:123456

点击管理中心,进入后台:

1
2
用户名:admin
密码:123456

提示移除文件,移除后刷新:

1
# mv /usr/local/nginx/html/discuz/install/ /tmp/

修改论坛版块为lnmp:

论坛—>版块管理

提交后,刷新论坛主页,改了名字:

还可以注册用户,管理用户等等。

wordpress博客系统的安装部署

wordpress使用php开发的开源博客系统。

wordpress拥有各种主题,也可以用来作为内容管理。

载安装wordpress:

下载地址:https://cn.wordpress.org/download

1
2
3
4
# cd /usr/local/src/
# wget https://cn.wordpress.org/wordpress-4.9.4-zh_CN.zip
# unzip wordpress-4.9.4-zh_CN.zip
# mv wordpress /usr/local/nginx/html/

修改配置文件:

1
2
3
4
5
6
7
8
9
10
11
# cd /usr/local/nginx/html/wordpress/
# cp wp-config-sample.php wp-config.php
# vim wp-config.php
# 23行,修改配置
define('DB_NAME', 'wordpress');
# 26行,修改配置
define('DB_USER', 'student');
# 29行,修改配置
define('DB_PASSWORD', '123456');
# 32行,修改配置
define('DB_HOST', '127.0.0.1');

创建wordpress数据库:

1
2
3
4
5
6
# mysql -ustudent -h127.0.0.1 -p123456

mysql> create database wordpress;
Query OK, 1 row affected (0.00 sec)

mysql> quit

浏览器访问:http://10.80.10.1/wordpress/

1
2
3
4
5
6
站点标题:mrch
用户名:admin
密码:123456
确认密码:确认使用弱密码(勾选)
您的电子邮件:test@localhost.com
对搜索引擎的可见性:对搜索引擎的可见性 建议搜索引擎不索引本站点(勾选)

登录:

1
2
用户名或电子邮件地址:admin
密码:123456

进入后台:

进入前台,浏览器访问:http://10.80.10.1/wordpress/

右上角admin进入后台:

创建文章,进行发布:

文章—>写文章

博客主页显示新内容: