在安装服务器时做了相应的笔记,这个方法是亲身经验成功的,随着版本的不断更新,也许会有一些地方不同,但是基本原理都是一样的。
1.安装CentOS 6 ,可以选择最小安装,也可以安装桌面
2.升级系统
yum update3.安装mysql,并设置mysql开机自启动,同时启动mysql
yum install mysqlyum install mysql-serverchkconfig --levels 35 mysqld onservice mysqld start
4.配置mysql的root密码 mysql>; USE mysql; mysql>; UPDATE user SET PassWord=PASSWORD('newpassword') WHERE user='root'; mysql>; FLUSH PRIVILEGES;
设置mysql密码还可以用:mysql_secure_installation 命令
mysql_secure_installation
Enter current password for root (enter for none): ( 回车)OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MySQLroot user without the proper authorisation.
Set root password? [Y/n] (Y)
New password: (123456)Re-enter new password: (123456)Password updated successfully!Reloading privilege tables.. ... Success!
By default, a MySQL installation has an anonymous user, allowing anyoneto log into MySQL without having to have a user account created forthem. This is intended only for testing, and to make the installationgo a bit smoother. You should remove them before moving into aproduction environment.
Remove anonymous users? [Y/n]
(是否移出数据库的默认帐户,如果移出,那么在终端中直接输入mysql是会提示连接错误的)Y
Normally, root should only be allowed to connect from 'localhost'. Thisensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n]
(是否禁止root的远程登录)YBy default, MySQL comes with a database named 'test' that anyone canaccess. This is also intended only for testing, and should be removedbefore moving into a production environment.
Remove test database and access to it? [Y/n] YReload privilege tables now? [Y/n] Y
**后来设置是否允许远程登录 mysql -u root -p Enter Password: <your new password> mysql>GRANT ALL PRIVILEGES ON *.* TO '用户名'@'%' IDENTIFIED BY '密码' WITH GRANT OPTION; 完成后就能用mysql-front远程管理mysql了。 设为开机启动 chkconfig mysqld on
5.安装apache,并设置开机启动
yum install httpdchkconfig --levels 35 httpd onservice httpd start这时候可以测试apache是否正常工作
直接浏览器访问localhost应该没问题,但是如果别的机子访问不了的话,是因为防火墙的关系,配置防火墙
(后面的ssl还会有这个问题的)
6.安装php
如果安装php53以下的版本的话,可能会导致项目放在这个环境中不能运行的情况,当时装的是php5.2结果发现项目根本运行不起来,找了好久的原因才发现是php版本太低了(在这之前一直是以为json的原因,因为php5.2没有json扩展),所以在安装前一定要看好版本在安装,否则以后项目出现问题不好找出原因。
yum install php53 yum install php53-mysql php53-gd php53-imap php53-ldap php53-odbc php53-pear php53-xml php53-xmlrpc这个时候php就安装完成拉,写个脚本测试一下
vi /var/www/html/info.php输入
<?phpphpinfo();?>访问localhost/info.php即可~
7.安装phpMyAdmin
首先先给系统安装epel 和rpmfushion两个软件大仓库
rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpmrpm -Uvh http://download1.rpmfusion.org/free/el/updates/testing/6/i386/rpmfusion-free-release-6-0.1.noarch.rpm http://download1.rpmfusion.org/nonfree/el/updates/testing/6/i386/rpmfusion-nonfree-release-6-0.1.noarch.rpm如果是centos 5 的话执行下面
rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpmrpm -Uvh http://download1.rpmfusion.org/free/el/updates/testing/5/i386/rpmfusion-free-release-5-0.1.noarch.rpm http://download1.rpmfusion.org/nonfree/el/updates/testing/5/i386/rpmfusion-nonfree-release-5-0.1.noarch.rpm接着安装起来就很方便拉,~根本不需要去下载就可以获得最新的版本
yum install phpmyadmin安装完成后还需要配置一下访问权限,使得出了本机外,其他机子也能访问phpMyAdmin
vi /etc/httpd/conf.d/phpMyAdmin.conf找到两个directory的权限设置,Allow from 改成All
<Directory /usr/share/phpMyAdmin/> Order Deny,Allow Deny from All Allow from 127.0.0.1 Allow from All</Directory><Directory /usr/share/phpMyAdmin/setup/> Order Deny,Allow Deny from All Allow from 127.0.0.1 Allow from All</Directory>
重启服务器
service httpd restart测试localhost/phpMyAdmin
用户名密码:root 123456
OK~ LAMP搭建完毕,
8.搭建SSL,让apache支持https
yum install mod_ssl其实安装完这个模块后,重启完apache 就可以用https://localhost测试了,因为他创建了默认的证书
在/etc/pki/tls下
当然我们也可以用openssl创建自己的证书
yum install openssl生成证书文件创建一个rsa私钥,文件名为server.key
openssl genrsa -out server.key 1024
Generating RSA private key, 1024 bit long modulus............++++++............++++++e is 65537 (0x10001)
用 server.key 生成证书签署请求 CSR
openssl req -new -key server.key -out server.csrCountry Name:两个字母的国家代号State or Province Name:省份名称Locality Name:城市名称Organization Name:公司名称Organizational Unit Name:部门名称Common Name:你的姓名Email Address:地址至于 'extra' attributes 不用输入.直接回车
生成证书CRT文件server.crt。
openssl x509 -days 365 -req -in server.csr -signkey server.key -out server.crt修改ssl.conf指定我们自己生成的证书
vi /etc/httpd/conf.d/ssl.conf找到如下位置,修改路径
# Server Certificate:# Point SSLCertificateFile at a PEM encoded certificate. If# the certificate is encrypted, then you will be prompted for a# pass phrase. Note that a kill -HUP will prompt again. A new# certificate can be generated using the genkey(1) command.SSLCertificateFile /etc/pki/tls/certs/localhost.crt
# Server Private Key:# If the key is not combined with the certificate, use this# directive to point at the key file. Keep in mind that if# you've both a RSA and a DSA private key you can configure# both in parallel (to also allow the use of DSA ciphers, etc.)SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
OK
service httpd restart
yum install vsftpd
2.启动/重启/关闭vsftpd服务器/sbin/service vsftpd restartShutting down vsftpd: [ OK ]Starting vsftpd for vsftpd: [ OK ]OK表示重启成功了.启动和关闭分别把restart改为start/stop即可.如果是源码安装的,到安装文件夹下找到start.sh和shutdown.sh文件,执行它们就可以了.
根据下面修改
vi /etc/vsftpd/vsftpd.conf
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).anonymous_enable=NO
# if your users expect that (022 is used by most other ftpd's)local_umask=022local_root=/
vi /etc/vsftpd/ftpusers
# Users that are not allowed to login via ftp#root
vi /etc/vsftpd/user_list
# for users that are denied.#root
防火墙配置a.添加.允许访问端口{80: http}.-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPTb.关闭防火墙{不推荐}.service iptables stopc.重置加载防火墙service iptables restart