centos7.6升級ssh7.9、安裝PHP7.2、Nginx1.15.9、PHP加密擴展php_screw1.5
阿新 • • 發佈:2019-03-14
pam.d modules with top start .org 直接 mon 下載
1、centos7 安裝PHP7.2版本 #查詢是否安裝過php yum list installed | grep php yum provides php #移除php yum remove php-common #下載源 rpm -Uvh https://mirror.webtatic.com/yum/el7/epel-release.rpm rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm yum install php72w php72w-opcache php72w-xml php72w-gd php72w-devel php72w-mysql php72w-intl php72w-mbstring php72w-fpm php72w-cli php72w-mbstring php72w-pdo php-redis php -v #PHP 7.2.14 #設置時區 vim /etc/php.ini date.timezone = "Asia/Shanghai" #設置php-fpm運行用戶組 vim /etc/php-fpm.d/www.conf user = nginx group = nginx listen.owner = nobody 前面;去掉 listen.group = nobody 前面;去掉 listen.mode = 0660 前面;去掉 #啟動php-fpm systemctl start php-fpm.service systemctl status php-fpm.service systemctl stop php-fpm.service systemctl restart php-fpm.service #設置開機自啟動 systemctl enable php-fpm.service #安裝mcrypt擴展 #mcrypt擴展從php7.1.0開始廢棄,自php7.2.0起會移到pecl #http://pecl.php.net/package/mcrypt yum install libmcrypt libmcrypt-devel mcrypt mhash wget http://pecl.php.net/get/mcrypt-1.0.1.tgz tar -zxvf mcrypt-1.0.1.tgz cd mcrypt-1.0.1 #whereis phpize /usr/bin/phpize #whereis php-config ./configure --with-php-config=/usr/bin/php-config && make && make install #vim php.ini extension=mcrypt.so #重啟php-fpm systemctl restart php-fpm.service 2、nginx安裝nginx-1.15.9 ps aux | grep nginx #kill 45124(ps aux | grep nginx執行之後第一條是pid) #踢出nginx所有進程 pkill -9 nginx systemctl stop nginx.service #移除nginx yum remove nginx yum list installed | grep nginx yum remove **** #再次檢查nginx文件夾 find / -name nginx* #找出nginx目錄(刪除目錄) rm -rf ***** #以上處理之後證明nginx已經清理幹凈了 #安裝庫 yum install zlib-devel yum install openssl openssl-devel yum install gcc gcc-c++ wget yum install automake autoconf libtool libxml2-devel libxslt-devel perl-devel perl-ExtUtils-Embed pcre-devel #cd /home/tools wget -c https://nginx.org/download/nginx-1.15.9.tar.gz tar -zxvf nginx-1.15.9.tar.gz cd nginx-1.15.9 ./configure make && make install #nginx默認安裝在/usr/local/nginx #查看nginx當前版本 nginx/1.15.9 /usr/local/nginx/sbin/nginx -v pkill -9 nginx /usr/local/nginx/sbin/nginx #添加nginx項目配置文件夾 mkdir -p /usr/local/nginx/conf/conf.d #添加nginx運行錯誤日誌文件夾 mkdir -p /var/log/nginx #完善nginx配置 vim /usr/local/nginx/conf/nginx.conf #修改nginx用戶組 user nginx; #設置工作進程數 方便的話可以直接設置成auto worker_processes auto; #lscpu 可以查看下cpu的數量 #worker_processes一般設置和CPU數量一樣且配合worker_cpu_affinity一起配置 worker_processes 2; worker_cpu_affinity 01 10; #配置nginx錯誤日誌 error_log /var/log/nginx/error.log; #設置nginx.pid nginx.pid存放的是nginx的master進程的進程號 pid /run/nginx.pid; #http 對象中修改 #log_format 前的#去掉 #添加 client_max_body_size 200m; #添加 include /usr/local/nginx/conf/conf.d/*.conf; #項目的http配置文件可以放到conf.d文件夾中了 #nginx的啟動與重啟 /usr/local/nginx/sbin/nginx -s quit #nginx停止 /usr/local/nginx/sbin/nginx -s reload #nginx reload /usr/local/nginx/sbin/nginx #nginx啟動 #nginx設置開機自啟動 #即在rc.local增加啟動代碼就可以了 vi /etc/rc.local #增加一行 /usr/local/nginx/sbin/nginx #設置執行權限 chmod 755 /etc/rc.local 3、redis安裝 yum install redis #啟動redis systemctl start redis.service systemctl status redis.service systemctl stop redis.service systemctl restart redis.service #設置開機自啟動 systemctl enable redis.service 4、mysql5.7.20安裝 wget http://dev.mysql.com/get/mysql57-community-release-el7-8.noarch.rpm #安裝mysql源 yum localinstall mysql57-community-release-el7-8.noarch.rpm #安裝mysql server yum install mysql-community-server #啟動mysqld systemctl start mysqld.service systemctl status mysqld.service systemctl enable mysqld.service #查看臨時密碼 grep ‘A temporary password‘ /var/log/mysqld.log #登錄設置root新密碼 alter user ‘root‘@‘localhost‘ identified by ‘Abc123!@#‘; 5、php_screw-1.5 擴展編譯 #進入http://sourceforge.net/projects/php-screw/下載最新版本php_screw-1.5.tar.gz #cd /home/tools tar -zxvf php_screw-1.5.tar.gz cd php_screw-1.5 #更改加密策略 vim php_screw.h #修改 define PM9SCREW “\tPHPSCREW\t” vim my_screw.h #數組中數據隨便修改,但最多保持在5位數 vim php_screw.c #CG(extended_info) = 1; 修改為 CG(compiler_options) |= ZEND_COMPILE_EXTENDED_INFO; /usr/bin/phpize ./configure --with-php-config=/usr/bin/php-config make && make install #編譯會在/home/tools/php_screw-1.5/modules文件夾 #/usr/lib64/php/modules/文件夾生成php_screw.so文件 #php.ini添加extension=php_screw.so vim /etc/php.ini systemctl restart php-fpm.service #生成加密二進制文件screw cd /home/tools/php_screw-1.5/tools make #make生成二進制文件screw cp screw /usr/bin/screw #接下來就玩起來吧 6、openssh升級到7.9 #先安裝telnet服務,以防卸載openssh後連接不到服務器 yum list telnet-server yum install telnet-server yum list xinetd yum install xinetd #啟動telnet服務 systemctl enable xinetd systemctl enable telnet.socket systemctl start telnet.socket systemctl start xinetd #默認情況下系統是不允許root用戶telnet遠程登錄的 #如果要使用root用戶直接登錄需設置/etc/securetty vim /etc/securetty #添加 pts/0 #添加 pts/1 systemctl restart xinetd #root登錄時總是提示 login incorrect vim /etc/pam.d/login #auth ****** pam_securetty.so 註釋這行 #設置好後,最好重啟下服務器 reboot systemctl start telnet.socket systemctl start xinetd #wget 下載資源包 wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.9p1.tar.gz #安裝依賴包 yum install openssl openssl-devel pam-devel gcc gcc-c++ zlib zlib-devel zlib-static #解壓openssh-7.9p1.tar.gz tar -zxvf openssh-7.9p1.tar.gz cd openssh-7.9p1 #備份/etc/ssh mv /etc/ssh /opt/ssh.bak #安裝openssh7.9 ./configure --sysconfdir=/etc/ssh #沒有錯誤繼續 make && make install #查看版本 /usr/local/sbin/sshd -v #編譯安裝完畢後,默認不允許root遠程登錄 vim /etc/ssh/sshd_config #PermitRootLogin prohibit-password 改成 PermitRootLogin yes #重啟sshd systemctl restart sshd systemctl stop sshd systemctl start sshd systemctl enable sshd #可以關閉下sshd來體驗下telnet,登錄telnet後臺啟動下sshd #記得systemctl start telnet.socket systemctl start xinetd 7、一些問題總結 #測試nginx是否配置有誤,如果有誤請去查看nginx的error_log日誌 /usr/local/nginx/sbin/nginx -t #/var/lib/php 需要設置777權限,PHP寫入session chmod -R 777 /var/lib/php #檢查是否開啟selinux #查看是否開啟了selinux [disabled或permissive是關閉|enforcing是開啟] getenforce #setenforce 0關閉/1開啟 setenforce 0 setenforce 1 #PHP7.2開始mcrypt_encrypt已被移除需使用openssl_encrypt openssl_encrypt(‘加密串串‘,‘AES-128-ECB‘,‘加密種子‘,OPENSSL_RAW_DATA); openssl_decrypt(‘加密串串‘,‘AES-128-ECB‘,‘加密種子‘,OPENSSL_RAW_DATA);
centos7.6升級ssh7.9、安裝PHP7.2、Nginx1.15.9、PHP加密擴展php_screw1.5