lamp+discuz+wordpress+phpmyadmin例項安裝詳解

技術小甜發表於2017-11-16

應用需求如下:

1. 準備兩臺centos 6,其中一臺機器跑mysql,另外一臺機器跑apache和nginx + php 

2. 同時安裝apache和nginx,其中nginx啟動80埠,用來跑靜態物件(圖片、js、css),apache監聽88埠,負責跑動態頁(php相關的),並且需要由nginx代理對外訪問

3. mysql伺服器需要開啟慢查詢日誌

4. 搭建discuz、wordpress以及phpmyadmin,域名分別為bbs.test.com, blog.test.com, phpmd.test.com

5. 配置discuz的偽靜態(nginx)

6. apache不需要記錄日誌,nginx記錄日誌,但不記錄圖片等靜態頁的日誌,並且配置日誌切割

7. 配置圖片防盜鏈(nginx)

8. 配置圖片快取7天,js,css快取1天(nginx)

9. discuz和wordpress訪問後臺限制一下ip白名單,比如只允許192.168.1.100訪問(nginx)

10. phpmyadmin整個站點需要配置使用者認證(nginx)

11. 寫一個mysql備份的指令碼,每天5點執行,需要遠端拷貝到web機器上

12. 把除了百度、google外的其他常見搜尋引擎蜘蛛封掉,比如(bingbot/2.0、Sogou web spider/4.0、360Spider、YisouSpider、YandexBot/3.0)

環境準備:

1、VMware Workstation 11

2、裝置A:MySQL,IP地址:192.168.1.5,HostName:mysql

3、裝置B:LAMP環境+nginx代理,IP地址:192.168.1.6,HostName:lanp 

4、Linux發行版:Centos 6.7 x86_64;

5、Nginx:http://nginx.org/download/nginx-1.6.2.tar.gz

6、Apache:httpd-2.2.16.tar.gz

7、PHP:php-5.3.28.tar.gz

8、MySQL:mysql-5.5.42-linux2.6-x86_64.tar.gz

9、discuz:Discuz_X3.2_SC_UTF8.zip

10、wordpress:wordpress-4.2.2-zh_CN.tar.gz

11、phpmyadmin:phpMyAdmin-4.0.8-all-languages.zip

步驟詳解:


裝置A:安裝mysql            192.168.1.5

cd /usr/local/src/ 

tar zxvf mysql-5.5.42-linux2.6-x86_64.tar.gz

mv mysql-5.5.42-linux2.6-x86_64 /usr/local/mysql 

cd /usr/local/mysql

mkdir -p /data/mysql

useradd -s /sbin/nologin -M mysql

chown -R mysql:mysql /data/mysql

cp support-files/my-large.cnf /etc/my.cnf 

cp support-files/mysql.server /etc/init.d/mysqld

chmod 755 /etc/init.d/mysqld

vi /etc/init.d/mysql,basedir=/usr/local/mysql,datadir=/data/mysql

./scripts/mysql_install_db –user=mysql –datadir=/data/mysql 

vim /etc/profile.d/mysql.sh加入export PATH=$PATH:/usr/local/mysql/bin

chkconfig –add mysqld

chkconfig mysqld on

service mysqld start

登入mysql授權:grant all on *.* to `super`@`192.168.1.6` identified by `superlinux.com`;


裝置B:LAMP        192.168.1.6
1. 安裝apache

cd /usr/local/src/ 

tar zvxf httpd-2.2.16.tar.gz 

cd httpd-2.2.16 

./configure –prefix=/usr/local/apache2  –enable-mods-shared=most  –enable-so

make&make install

apache加入chkconfig

cp /usr/local/apache2/bin/apachectl /etc/init.d/httpd

vim /etc/init.d/httpd

在第一行#!/bin/sh下增加兩行文字

# chkconfig: 35 70 30

# description: Apache

chkconfig –level 35 httpd on
2.  安裝php

cd /usr/local/src/ 

tar zxvf php-5.3.28.tar.gz 

cd php-5.3.28 

./configure   –prefix=/usr/local/php   –with-apxs2=/usr/local/apache2/bin/apxs   –with-config-file-path=/usr/local/php/etc  –with-libxml-dir   –with-gd   –with-jpeg-dir   –with-png-dir   –with-freetype-dir   –with-iconv-dir   –with-zlib-dir   –with-bz2   –with-openssl   –with-mcrypt   –enable-soap   –enable-gd-native-ttf   –enable-mbstring   –enable-sockets   –enable-exif   –disable-ipv6 –with-mysql=mysqlnd –with-mysqli=mysqlnd  –with-pdo-mysql=mysqlnd

make&make install

cp /usr/local/src/php-5.3.28/php.ini-production /usr/local/php/etc/php.ini
3、 配置apache結合php

vim /usr/local/apache2/conf/httpd.conf

找到:

AddType application/x-gzip .gz .tgz

在該行下面新增:
AddType application/x-httpd-php .php

找到:

    DirectoryIndex index.html

將該行改為:

    DirectoryIndex index.html index.htm index.php

找到:

#ServerName www.example.com:80

修改為:
ServerName localhost:80

vim /usr/local/apache2/conf/httpd.conf找到:


    Options FollowSymLinks

    AllowOverride None

    Order deny,allow

    Deny from all


改為:


    Options FollowSymLinks

    AllowOverride None

    Order deny,allow

    Allow from all


測試LAMP環境:在瀏覽器訪問192.168.1.6,如果顯示IT Works!表示LAMP環境搭建成功

mkdir data

cd data

在data目錄分別建立bbs、blog、phpmd目錄


4.解壓discuz並把upload下的內容移到bbs下

cd /usr/local/src

unzip Discuz_X3.2_SC_UTF8.zip

mv upload/* /data/bbs  


5.解壓wordpress並把wordpress下的內容移到blog下

[root@lanp src]# tar zxvf wordpress-4.2.2-zh_CN.tar.gz

[root@lanp src]# mv wordpress/* /data/blog


6.解壓phpmyadmin並把phpMyAdmin-4.0.8-all-languages下的內容移到phpmd下

[root@lanp src]# unzip phpMyAdmin-4.0.8-all-languages.zip

[root@lanp src]# mv phpMyAdmin-4.0.8-all-languages/* /data/phpmd


7.把apache埠改成88:進入apache主配置檔案,把lisen 80改成88

8.[root@lanp ~]# vim /usr/local/apache2/conf/extra/httpd-vhosts.conf(新增三個虛擬主機,並把80埠改成88)


    #ServerAdmin webmaster@dummy-host.example.com

    DocumentRoot “/data/bbs”

    ServerName bbs.test.com

    #ServerAlias www.dummy-host.example.com

    ErrorLog “logs/bbs.test.com-error_log”

    CustomLog “logs/bbs.test.com-access_log” common


    #ServerAdmin webmaster@dummy-host2.example.com

    DocumentRoot “/data/blog”

    ServerName blog.test.com

    ErrorLog “logs/blog.test.com-error_log”

    CustomLog “logs/blog.test.com-access_log” common


    #ServerAdmin webmaster@dummy-host2.example.com

    DocumentRoot “/data/phpmd”

    ServerName phpmd.test.com

    ErrorLog “logs/phpmd.test.com-error_log”

    CustomLog “logs/phpmd.test.com-access_log” common


檢查配置檔案是否有語法錯誤:

[root@lanp ~]# /usr/local/apache2/bin/apachectl -t

Syntax OK

檢查88埠是否監聽

[root@lanp ~]# /usr/local/apache2/bin/apachectl restart

[root@lanp ~]# netstat -lnp
9.在真機win上的host檔案裡繫結ip和虛擬主機域名(host檔案路徑:C/windows/System32/drivers/etc/hosts

192.168.1.6  bbs.test.com blog.test.com phpmd.test.com
10.安裝discuz

在瀏覽器訪問bbs.test.com/install/,會出現discuz圖形安裝介面,點我同意,出現很多目錄不可寫,為啥不可寫呢?因為ps aux |grep httpd,httpd是以daemon使用者執行。所以需要把discuz中不可寫的目錄的屬主和屬組改成daemon,chown -R daemon:daemon config/ data uc_client/data uc_server/data

回到瀏覽器重新整理,下一步,再全新安裝discuz

在mysql中建立discuz庫並授權一個使用者

mysql> create database discuz;

mysql> grant all on *.* to `super`@`192.168.1.6` identified by `superlinux.com`;

mysql> flush privileges;

回到discuz瀏覽器,資料庫名為discuz,資料庫使用者名稱為super,資料庫密碼superlinux.com

到此discuz論壇安裝完畢

11.安裝wordpress

在mysql中建立blog庫

mysql> create database blog;

在瀏覽器中訪問blog.test.com:88進行web介面資訊輸入安裝

12.安裝phpmyadmin

cp libraries/config.default.php config.inc.php

更改

$cfg[`Servers`][$i][`user`] = `root`;

$cfg[`Servers`][$i][`password`] = `yourrootpassword`;

$cfg[`Servers`][$i][`host`] = `yourdbip`;

$cfg[`Servers`][$i][`auth_type`] = `config`;##認證模式

在瀏覽器中訪問phpmd.test.com:88進行web介面操作安裝



13.安裝nginx

[root@lanp src]# wget http://nginx.org/download/nginx-1.6.2.tar.gz

[root@lanp src]# tar zxvf nginx-1.6.2.tar.gz

[root@lanp nginx-1.6.2]# ./configure   –prefix=/usr/local/nginx   –with-pcre

make &make install
nginx啟動指令碼和配置檔案

vim /etc/init.d/nginx  //加入如下內容

#!/bin/bash

# chkconfig: – 30 21

# description: http service.

# Source Function Library

. /etc/init.d/functions

# Nginx Settings


NGINX_SBIN=”/usr/local/nginx/sbin/nginx”

NGINX_CONF=”/usr/local/nginx/conf/nginx.conf”

NGINX_PID=”/usr/local/nginx/logs/nginx.pid”

RETVAL=0

prog=”Nginx”


start() {

        echo -n $”Starting $prog: “

        mkdir -p /dev/shm/nginx_temp

        daemon $NGINX_SBIN -c $NGINX_CONF

        RETVAL=$?

        echo

        return $RETVAL

}


stop() {

        echo -n $”Stopping $prog: “

        killproc -p $NGINX_PID $NGINX_SBIN -TERM

        rm -rf /dev/shm/nginx_temp

        RETVAL=$?

        echo

        return $RETVAL

}


reload(){

        echo -n $”Reloading $prog: “

        killproc -p $NGINX_PID $NGINX_SBIN -HUP

        RETVAL=$?

        echo

        return $RETVAL

}


restart(){

        stop

        start

}


configtest(){

    $NGINX_SBIN -c $NGINX_CONF -t

    return 0

}


case “$1” in

  start)

        start

        ;;

  stop)

        stop

        ;;

  reload)

        reload

        ;;

  restart)

        restart

        ;;

  configtest)

        configtest

        ;;

  *)

        echo $”Usage: $0 {start|stop|reload|restart|configtest}”

        RETVAL=1

esac

exit $RETVAL

chmod 755 /etc/init.d/nginx

chkconfig –add nginx

chkconfig nginx on

service nginx start

service nginx configtest(檢測配置檔案,configtest相當於-t)

vim /usr/local/nginx/conf/nginx.conf 清空原來的配置,加入如下內容

user nobody nobody;

worker_processes 2;

error_log /usr/local/nginx/logs/nginx_error.log crit;

pid /usr/local/nginx/logs/nginx.pid;

worker_rlimit_nofile 51200;

events

{

    use epoll;

    worker_connections 6000;

}

http


{

    include mime.types;

    default_type application/octet-stream;

    server_names_hash_bucket_size 3526;

    server_names_hash_max_size 4096;

    log_format combined_realip `$remote_addr $http_x_forwarded_for [$time_local]`

    `$host “$request_uri” $status`

    `”$http_referer” “$http_user_agent”`;

    sendfile on;

    tcp_nopush on;

    keepalive_timeout 30;

    client_header_timeout 3m;

    client_body_timeout 3m;

    send_timeout 3m;

    connection_pool_size 256;

    client_header_buffer_size 1k;

    large_client_header_buffers 8 4k;

    request_pool_size 4k;

    output_buffers 4 32k;

    postpone_output 1460;

    client_max_body_size 10m;

    client_body_buffer_size 256k;

    client_body_temp_path /usr/local/nginx/client_body_temp;

    proxy_temp_path /usr/local/nginx/proxy_temp;

    fastcgi_temp_path /usr/local/nginx/fastcgi_temp;

    fastcgi_intercept_errors on;

    tcp_nodelay on;

    gzip on;

    gzip_min_length 1k;

    gzip_buffers 4 8k;

    gzip_comp_level 5;

    gzip_http_version 1.1;

    gzip_types text/plain application/x-javascript text/css text/htm application/xml;

   include vhosts/*.conf;

}


cd /usr/local/nginx/conf/

mkdir vhosts

touch discuz.conf

touch phpmd.conf

touch blog.conf

14.discuz.conf

server

{

    listen 80;

    server_name bbs.test.com;

    index index.html index.htm index.php;

    root /data/bbs;


#根據user_agent控制

    if ($http_user_agent ~ `bingbot/2.0|MJ12bot/v1.4.2|Spider/3.0|YoudaoBot|Tomato|Gecko/20100315`){

            return 403;

    }

    location ~ admin.php {

        allow 192.168.31.141;

        deny all;

        proxy_pass   http://127.0.0.1:88;

        proxy_set_header Host   $host;

    }


    location ~ .php$ {

         proxy_pass   http://127.0.0.1:88;

         proxy_set_header Host   $host;

         proxy_set_header X-Real-IP      $remote_addr;

         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    }



    location ~ .*.(js|css)?$

    {

          expires      24h;

          access_log off;

    }


    location ~* ^.+.(gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls)$ {

         expires 7d;

         valid_referers none blocked server_names *.test.com *.a.com *.b.com *.baidu.com

         *.google.com *.google.cn *.soso.com ;

         if ($invalid_referer) {

              return 403;

              #rewrite ^/ http://www.example.com/nophoto.gif;

         }

         access_log off;

    }


    rewrite ^([^.]*)/topic-(.+).html$ $1/portal.php?mod=topic&topic=$2 last;

        rewrite ^([^.]*)/forum-(w+)-([0-9]+).html$ $1/forum.php?mod=forumdisplay&fid=$2&page=$3 last;

        rewrite ^([^.]*)/thread-([0-9]+)-([0-9]+)-([0-9]+).html$ $1/forum.php?mod=viewthread&tid=$2&extra=page%3D$4&page=$3 last;

        rewrite ^([^.]*)/group-([0-9]+)-([0-9]+).html$ $1/forum.php?mod=group&fid=$2&page=$3 last;

        rewrite ^([^.]*)/space-(username|uid)-(.+).html$ $1/home.php?mod=space&$2=$3 last;

        rewrite ^([^.]*)/(fid|tid)-([0-9]+).html$ $1/index.php?action=$2&value=$3 last;



    access_log /home/logs/discuz.log combined_realip;

檢測nginx配置檔案:/usr/local/nginx/sbin/nginx -t

重啟nginx:service nginx restart

在瀏覽器訪問bbs.test.com,是可以正常進入discuz頁面的。

15.blog.conf配置

server

{

    listen 80;

    server_name blog.test.com;

    index index.html index.htm index.php;

    root /data/blog;

    location /wp-admin/ {

        allow 127.0.0.1;

        deny all;

        location ~ .php$ {

        proxy_pass   http://127.0.0.1:88;

        proxy_set_header Host   $host;

        }

    }


    location  / {

         proxy_pass   http://127.0.0.1:88/;

         proxy_set_header Host   $host;

         proxy_set_header X-Real-IP      $remote_addr;

         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    }


}


檢測nginx配置檔案是否有語法錯誤:/usr/local/nginx/sbin/nginx -t

重啟nginx:service nginx restart

在瀏覽器訪問:blog.test.com,是可以訪問的

16.配置phpmd.conf

server

{

    listen 80;

    server_name phpmd.test.com;

    index index.html index.htm index.php;

    root /data/phpmd;


    location / {

         auth_basic              “Auth”;

         auth_basic_user_file   /usr/local/nginx/conf/htpasswd;


    location ~ .php$ {

         proxy_pass   http://127.0.0.1:88;

         proxy_set_header Host   $host;

         proxy_set_header X-Real-IP      $remote_addr;

         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    }


    }

}

檢測nginx配置檔案是否有語法錯誤:/usr/local/nginx/sbin/nginx -t

重啟nginx:service nginx restart

瀏覽器訪問:phpmd.test.com是可以訪問到的


17、配置nginx的日誌切割

[root@lanp vhosts]# vim /usr/local/sbin/logrotate.sh

#!/bin/bash

d=`date -d “-1 day” +%Y%m$d`

/bin/mv /home/logs/discuz.log /home/logs/discuz_$d.log

/etc/init.d/nginx reload >/dev/null 2>/dev/null

cd /home/logs

gzip discuz_$d.log


18、mysql備份指令碼無需密碼通過ssh執行rsync來同步檔案的方法可以參考http://www.jb51.net/article/60192.htm

vim mysqlbak.sh

#!/bin/bash

source /etc/profile

d=`date +%F`

/usr/local/mysql/bin/mysqldump -uroot -p838024 wordpress >/data/mysqlbak/$d.wordpresssql

/usr/local/mysql/bin/mysqldump -uroot -p838024 discuz >/data/mysqlbak/$d.discuzsql

/usr/local/mysql/bin/mysqldump -uroot -p838024 phpmyadmin >/data/mysqlbak/$d.phpmyadminsql

rsync -avLupz -e “ssh -p 22” /data/mysqlbak/ 192.168.1.6:/tmp/

再把指令碼放進crontab計劃任務

chmod a+x mysqlbak.sh

crontab -e

*/3 * * * * /root/shell/mysqlbak.sh














本文轉自super李導51CTO部落格,原文連結: http://blog.51cto.com/superleedo/1890719,如需轉載請自行聯絡原作者



相關文章