环境准备:
服务器系统:CentOS 6.5
安装lamp环境:
yum -y install mysql mysql-server php php-mysql httpd php-gd* freetype freetype-devel libmcrypt libmcrypt-devel mcrypt mhash php-mcrypt
一、Apache配置
配置之前先把域名解析到服务器IP地址上
站点1:bbs.chinasoft.com 程序所在目录/var/www/html/bbs
站点2:sns.chinasoft.com 程序所在目录/var/www/html/sns
chown apache.apache -R /var/www/html #设置目录所有者为apache
chmod 700 /var/www/html -R #设置目录权限
说明:修改之前先备份原来的配置文件
cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.confbak #修改之前先备份原文件
vim /etc/httpd/conf/httpd.conf #编辑配置文件
ServerTokens OS 在44行 修改为:ServerTokens Prod (在出现错误页的时候不显示服务器操作系统的名称)
ServerSignature On 在536行 修改为:ServerSignature Off (在错误页中不显示Apache的版本)
Options Indexes FollowSymLinks 在331行 修改为:Options Includes ExecCGI FollowSymLinks(允许服务器执行CGI及SSI,禁止列出目录)
#AddHandler cgi-script .cgi 在796行 修改为:AddHandler cgi-script .cgi .pl (允许扩展名为.pl的CGI脚本运行)
AllowOverride None 在338行 修改为:AllowOverride All (允许.htaccess)
AddDefaultCharset UTF-8 在759行 修改为:AddDefaultCharset GB2312 (添加GB2312为默认编码)
Options Indexes MultiViews FollowSymLinks 在554行 修改为 Options MultiViews FollowSymLinks(不在浏览器上显示树状目录结构)
DirectoryIndex index.html index.html.var 在402行
修改为:DirectoryIndex index.html index.htm Default.html Default.htm index.php Default.php index.html.var (设置默认首页文件,增加index.php)
KeepAlive Off 在76行 修改为:KeepAlive On (允许程序性联机)
MaxKeepAliveRequests 100 在83行 修改为:MaxKeepAliveRequests 1000 (增加同时连接数)
:wq! #保存退出
/etc/init.d/httpd restart 重启
rm -f /etc/httpd/conf.d/welcome.conf /var/www/error/noindex.html #删除默认测试页
二、新建虚拟主机配置文件
vim /etc/httpd/conf.d/vhost.conf #编辑配置文件,添加以下内容
NameVirtualHost *:80
<VirtualHost *:80>
# ServerAdmin webmaster@dummy-host.example.com
DocumentRoot /error
ServerName error.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
</VirtualHost>
<Directory "/var/www/html/bbs/">
php_admin_value open_basedir "/var/www/html/bbs/:/tmp/"
Options Includes ExecCGI FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<VirtualHost *:80>
# ServerAdmin webmaster@dummy-host.example.com
DocumentRoot /var/www/html/bbs/
ServerName bbs.chinasoft.com:80
#ServerAlias bbs1.chinasoft.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
</VirtualHost>
<Directory "/var/www/html/sns/">
php_admin_value open_basedir "/var/www/html/sns/:/tmp/"
Options Includes ExecCGI FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<VirtualHost *:80>
# ServerAdmin webmaster@dummy-host.example.com
DocumentRoot /var/www/html/sns/
ServerName sns.chinasoft.com:80
#ServerAlias sns1.chinasoft.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
</VirtualHost>
纯IP的虚拟机配置方法来访问wordpress:
wordpress目录:/var/www/html/wordpress
NameVirtualHost *:80
<VirtualHost *:80>
DocumentRoot /error
ServerName error.com
</VirtualHost>
<Directory "/var/www/html/wordpress/">
php_admin_value open_basedir "/var/www/html/wordpress/:/tmp/"
Options Includes ExecCGI FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<VirtualHost *:80>
DocumentRoot /var/www/html/wordpress/
ServerName 192.168.1.22:80
</VirtualHost>
三、php配置
cp /etc/php.ini /etc/php.inibak #编辑之前先备份
vi /etc/php.ini #编辑配置文件
date.timezone = PRC #把前面的分号去掉,改为date.timezone = PRC
disable_functions=passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,escapeshellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space,posix_ctermid,posix_get_last_error,posix_getcwd,
posix_getegid,posix_geteuid,posix_getgid, posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid, posix_getppid,posix_getpwnam,posix_getpwuid, posix_getrlimit, posix_getsid,posix_getuid,posix_isatty, posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid,
posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname
#列出PHP可以禁用的函数,如果某些程序需要用到这个函数,可以删除,取消禁用。
expose_php = Off #禁止显示php版本的信息
display_errors = OFF #关闭错误提示
register_globals = OFF #关闭注册全局变量
magic_quotes_gpc = On #打开magic_quotes_gpc来防止SQL注入
log_errors = On #记录错误日志
error_log = /var/log/php/error_log.log #设置错误日志存放目录,文件必须允许apache用户的和组具有写的权限
#(chown apache.apache /var/log/php/error_log.log)
open_basedir = .:/tmp/ #设置表示允许访问当前目录(即PHP脚本文件所在之目录)和/tmp/目录,防止php木马跨站
四、测试
vi /var/www/html/bbs/index.php #编辑配置文件
<?php
phpinfo();
?>
:wq! #保存退出
vi /var/www/html/sns/index.php #编辑配置文件
<?php
phpinfo();
?>
:wq! #保存退出
chown apache.apache -R /var/www/html #设置目录所有者
chmod 700 /var/www/html -R #设置目录权限
service httpd restart #重启apache
打开
http://bbs.chinasoft.com/
http://sns.chinasoft.com/
可以看到相关PHP信息页面,说明配置成功
配置示例:
vim /usr/local/httpd-2.2.26/conf/vhost.d/agent.wondershare.com.conf <VirtualHost *:8080> ServerName agent.chinasoft.com ServerAlias agent.china-soft.com UseCanonicalName Off ServerAdmin "admin@chinasoft.com" DocumentRoot /data/www/vhosts/agent.chinasoft.com/httpdocs DirectoryIndex index.html index.shtml index.php CustomLog "|/usr/local/apache2/bin/rotatelogs -l /data/www/logs/apache_log/access/agent.chinasoft.com_access.log.%Y-%m-%d 86400" combined ErrorLog "|/usr/local/apache2/bin/rotatelogs -l /data/www/logs/apache_log/error/agent.chinasoft.com_error.log.%Y-%m-%d 86400" <IfModule mod_ssl.c> SSLEngine off </IfModule> <Directory /data/www/vhosts/agent.chinasoft.com/httpdocs/> <IfModule sapi_apache2.c> php_admin_flag engine on php_admin_flag safe_mode on php_admin_value open_basedir ".:/data/www/vhosts/agent.chinasoft.com:/tmp" </IfModule> <IfModule mod_php5.c> php_admin_flag engine on php_admin_flag safe_mode on php_admin_value open_basedir ".:/data/www/vhosts/agent.chinasoft.com:/tmp" </IfModule> Options -ExecCGI FollowSymLinks +Includes AllowOverride All </Directory> ErrorDocument 404 /404.html </VirtualHost>