安装宝塔界面
yum install -y wget && wget -O install.sh http://download.bt.cn/install/install_6.0.sh && bash install.sh
宝塔管理界面安装 LAMP环境
Apache=2.4 PHP=5.6 MySQL=5.5redis 默认版本
配值apache 虚拟目录
#后端服务器虚拟主机Listen 881ServerAdmin webmaster@example.com DocumentRoot "/www/wwwroot/services" ServerName 1ba914c3.cdn.bt.net ServerAlias cdn.bt.net 192.168.217.130 errorDocument 404 /404.html ErrorLog "/www/wwwlogs/cdn.bt.net-error_log" CustomLog "/www/wwwlogs/cdn.bt.net-access_log" combined #DENY FILES Order allow,deny Deny from all #PHPSetHandler "proxy:unix:/tmp/php-cgi-56.sock|fcgi://localhost" #PATHSetOutputFilter DEFLATE Options FollowSymLinks AllowOverride All Require all granted DirectoryIndex index.php index.html index.htm default.php default.html default.htm
正则规则
RewriteEngine OnRewriteBase /RewriteCond %{REQUEST_FILENAME} !-fRewriteCond %{REQUEST_FILENAME} !-dRewriteRule ^(.*)$ index.php?/$1 [QSA,PT,L]
前端虚拟主目录
#前端 虚拟主目录Listen 882ServerAdmin webmaster@example.com DocumentRoot "/www/wwwroot/web" ServerName a6e74644.www.bt.net ServerAlias www.bt.net errorDocument 404 /404.html ErrorLog "/www/wwwlogs/www.bt.net-error_log" CustomLog "/www/wwwlogs/www.bt.net-access_log" combined #DENY FILES Order allow,deny Deny from all #PHPSetHandler "proxy:unix:/tmp/php-cgi-56.sock|fcgi://localhost" #PATHSetOutputFilter DEFLATE Options FollowSymLinks AllowOverride All Require all granted DirectoryIndex index.php index.html index.htm default.php default.html default.htm
通过宝塔管理界面 创建数据库
通过宝塔管理界面 配置php Session 使用 Redis 或者 Memcache 缓存回话 session php.ini配置详情
[PHP]engine = Onshort_open_tag = Onasp_tags = Offprecision = 14output_buffering = 4096zlib.output_compression = Offimplicit_flush = Offunserialize_callback_func =serialize_precision = 17disable_functions = passthru,system,chroot,chgrp,chown,proc_open,proc_get_status,popen,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthrudisable_classes =zend.enable_gc = Onexpose_php = Onmax_execution_time = 120max_input_time = 120memory_limit = 1024Merror_reporting = 120display_errors = Ondisplay_startup_errors = Offlog_errors = Onlog_errors_max_len = 1024ignore_repeated_errors = Offignore_repeated_source = Offreport_memleaks = Ontrack_errors = Offhtml_errors = Onvariables_order = "GPCS"request_order = "GP"register_argc_argv = Offauto_globals_jit = Onpost_max_size = 1024Mauto_prepend_file =auto_append_file =default_mimetype = "text/html"default_charset = "UTF-8"doc_root =user_dir =enable_dl = Offcgi.fix_pathinfo = 1file_uploads = Onupload_max_filesize = 1024Mmax_file_uploads = 20allow_url_fopen = Onallow_url_include = Offdefault_socket_timeout = 60[CLI Server]cli_server.color = On[Date]date.timezone = PRC[filter][iconv][intl][sqlite3][Pcre][Pdo][Pdo_mysql]pdo_mysql.cache_size = 2000pdo_mysql.default_socket=[Phar][mail function]SMTP = localhostsmtp_port = 25sendmail_path = /usr/sbin/sendmail -t -imail.add_x_header = On[SQL]sql.safe_mode = Off[ODBC]odbc.allow_persistent = Onodbc.check_persistent = Onodbc.max_persistent = -1odbc.max_links = -1odbc.defaultlrl = 4096odbc.defaultbinmode = 1[Interbase]ibase.allow_persistent = 1ibase.max_persistent = -1ibase.max_links = -1ibase.timestampformat = "%Y-%m-%d %H:%M:%S"ibase.dateformat = "%Y-%m-%d"ibase.timeformat = "%H:%M:%S"[MySQL]mysql.allow_local_infile = Onmysql.allow_persistent = Onmysql.cache_size = 2000mysql.max_persistent = -1mysql.max_links = -1mysql.default_port =mysql.default_socket =mysql.default_host =mysql.default_user =mysql.default_password =mysql.connect_timeout = 60mysql.trace_mode = Off[MySQLi]mysqli.max_persistent = -1mysqli.allow_persistent = Onmysqli.max_links = -1mysqli.cache_size = 2000mysqli.default_port = 3306mysqli.default_socket =mysqli.default_host =mysqli.default_user =mysqli.default_pw =mysqli.reconnect = Off[mysqlnd]mysqlnd.collect_statistics = Onmysqlnd.collect_memory_statistics = Off[OCI8][PostgreSQL]pgsql.allow_persistent = Onpgsql.auto_reset_persistent = Offpgsql.max_persistent = -1pgsql.max_links = -1pgsql.ignore_notice = 0pgsql.log_notice = 0[Sybase-CT]sybct.allow_persistent = Onsybct.max_persistent = -1sybct.max_links = -1sybct.min_server_severity = 10sybct.min_client_severity = 10[bcmath]bcmath.scale = 0[browscap][Session]session.save_handler = redissession.save_path = "tcp://127.0.0.1:6379"session.use_strict_mode = 0session.use_cookies = 1session.use_only_cookies = 1session.name = PHPSESSIDsession.auto_start = 0session.cookie_lifetime = 0session.cookie_path = /session.cookie_domain =session.cookie_httponly =session.serialize_handler = phpsession.gc_probability = 1session.gc_divisor = 1000session.gc_maxlifetime = 1440session.referer_check =session.cache_limiter = nocachesession.cache_expire = 180session.use_trans_sid = 0session.hash_function = 0session.hash_bits_per_character = 5url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"[MSSQL]mssql.allow_persistent = Onmssql.max_persistent = -1mssql.max_links = -1mssql.min_error_severity = 10mssql.min_message_severity = 10mssql.compatibility_mode = Offmssql.secure_connection = Off[Assertion][COM][mbstring][gd][exif][Tidy]tidy.clean_output = Off[soap]soap.wsdl_cache_enabled=1soap.wsdl_cache_dir="/tmp"soap.wsdl_cache_ttl=86400soap.wsdl_cache_limit = 5[sysvshm][ldap]ldap.max_links = -1[mcrypt][dba][opcache][curl]curl.cainfo =/etc/pki/tls/certs/ca-bundle.crt[openssl]openssl.cafile=/etc/pki/tls/certs/ca-bundle.crtzend_extension = /usr/local/ioncube/ioncube_loader_lin_5.6.so[Zend Opcache]zend_extension=/www/server/php/56/lib/php/extensions/no-debug-non-zts-20131226/opcache.soopcache.enable = 1opcache.memory_consumption=128opcache.interned_strings_buffer=8opcache.max_accelerated_files=4000opcache.revalidate_freq=60opcache.fast_shutdown=1opcache.enable_cli=1[Zend ZendGuard Loader]zend_extension=/usr/local/zend/php56/ZendGuardLoader.sozend_loader.enable=1zend_loader.disable_licensing=0zend_loader.obfuscation_level_support=3zend_loader.license_path=extension = /www/server/php/56/lib/php/extensions/no-debug-non-zts-20131226/fileinfo.soextension=memcache.so[swoole]extension = swoole.soextension = /www/server/php/56/lib/php/extensions/no-debug-non-zts-20131226/apcu.so[ImageMagick]extension = "imagick.so"extension=/www/server/php/56/lib/php/extensions/no-debug-non-zts-20131226/xsl.soextension=memcached.so[redis]extension = /www/server/php/56/lib/php/extensions/no-debug-non-zts-20131226/redis.soextension=/www/server/php/56/lib/php/extensions/no-debug-non-zts-20131226/ixed.linextension = /www/server/php/56/lib/php/extensions/no-debug-non-zts-20131226/readline.soextension = /www/server/php/56/lib/php/extensions/no-debug-non-zts-20131226/bz2.so
php-fpm.conf 配置详情
[global]pid = /www/server/php/56/var/run/php-fpm.piderror_log = /www/server/php/56/var/log/php-fpm.loglog_level = notice[www]listen = /tmp/php-cgi-56.socklisten.backlog = -1listen.allowed_clients = 127.0.0.1listen.owner = wwwlisten.group = wwwlisten.mode = 0666user = wwwgroup = wwwpm = staticpm.status_path = /phpfpm_56_statuspm.max_children = 100pm.start_servers = 60pm.min_spare_servers = 20pm.max_spare_servers = 100request_terminate_timeout = 120request_slowlog_timeout = 30slowlog = var/log/slow.log
安装openresty
yum install yum-utils -y #安装yum 扩展工具yum-config-manager --add-repo https://openresty.org/package/centos/openresty.repo #加载openresty的yum源yum install -y openresty #安装openrestyweb程序ln -sf /usr/local/openresty/nginx /usr/local/nginx #建立软连接目录ln -sf /usr/local/nginx/sbin/nginx /usr/local/sbin/nginx #建立软连接nginx启动程序
配置openresty nginx 主配置 建立vhost虚拟目录
user www;worker_processes auto;worker_rlimit_nofile 65535;error_log logs/error.log crit;pid /var/run/nginx.pid;# Worker configevents { worker_connections 1024; use epoll; multi_accept on;}http { # Main settings sendfile on; tcp_nopush on; tcp_nodelay on; client_header_timeout 1m; client_body_timeout 1m; client_header_buffer_size 2k; client_body_buffer_size 256k; client_max_body_size 1024M; large_client_header_buffers 4 8k; send_timeout 30; keepalive_timeout 60 60; reset_timedout_connection on; server_tokens off; server_name_in_redirect off; server_names_hash_max_size 512; server_names_hash_bucket_size 512; # Log format log_format main '$remote_addr - $remote_user [$time_local] $request ' '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; #access_log logs/access.log main; access_log off; # Mime settings include mime.types; default_type application/octet-stream; # Compression gzip on; gzip_comp_level 9; gzip_min_length 512; gzip_buffers 8 64k; gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; gzip_proxied any; gzip_disable "MSIE [1-6]\."; # Proxy settings proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass_header Set-Cookie; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffers 32 4k; # Cloudflare https://www.cloudflare.com/ips set_real_ip_from 103.21.244.0/22; set_real_ip_from 103.22.200.0/22; set_real_ip_from 103.31.4.0/22; set_real_ip_from 104.16.0.0/12; set_real_ip_from 108.162.192.0/18; set_real_ip_from 131.0.72.0/22; set_real_ip_from 141.101.64.0/18; set_real_ip_from 162.158.0.0/15; set_real_ip_from 172.64.0.0/13; set_real_ip_from 173.245.48.0/20; set_real_ip_from 188.114.96.0/20; set_real_ip_from 190.93.240.0/20; set_real_ip_from 197.234.240.0/22; set_real_ip_from 198.41.128.0/17; #set_real_ip_from 2400:cb00::/32; #set_real_ip_from 2606:4700::/32; #set_real_ip_from 2803:f800::/32; #set_real_ip_from 2405:b500::/32; #set_real_ip_from 2405:8100::/32; #set_real_ip_from 2c0f:f248::/32; #set_real_ip_from 2a06:98c0::/29; real_ip_header CF-Connecting-IP; # SSL PCI Compliance ssl_session_cache shared:SSL:10m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; # Error pages error_page 403 /error/403.html; error_page 404 /error/404.html; error_page 502 503 504 /error/50x.html; # Cache settings proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; proxy_cache_key "$host$request_uri $cookie_user"; proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; proxy_cache_valid any 1d; # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; ~wordpress_logged_in 1; } # File cache settings open_file_cache max=10000 inactive=30s; open_file_cache_valid 60s; open_file_cache_min_uses 2; open_file_cache_errors off; add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Headers X-Requested-With; add_header Access-Control-Allow-Methods GET,POST,OPTIONS; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken'; add_header PS 1; include vhost/*.conf;}
xx.xxx.xx.conf
server { listen 80; server_name cdn.bt.net; error_log logs/cd.bt.net.error.log error; location / { proxy_pass http://127.0.0.1:881; location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|tif|tiff|css|js|htm|html|ttf|otf|webp|woff|txt|csv|rtf|doc|docx|xls|xlsx|ppt|pptx|odf|odp|ods|odt|pdf|psd|ai|eot|eps|ps|zip|tar|tgz|gz|rar|bz2|7z|aac|m4a|mp3|mp4|ogg|wav|wma|3gp|avi|flv|m4v|mkv|mov|mpeg|mpg|wmv|exe|iso|dmg|swf)$ { root //www/wwwroot/services; access_log logs/cdn.bt.net..log combined; access_log logs/cdn.bt.net.bytes bytes; expires max; try_files $uri @fallback; } } location /error/ { return 404 ; } location @fallback { proxy_pass http://127.0.0.1:881; } location ~ /\.ht {return 404;} location ~ /\.svn/ {return 404;} location ~ /\.git/ {return 404;} location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;}}server { listen 80; server_name www.bt.net; error_log logs/www.bt.net.error.log error; location / { proxy_pass http://127.0.0.1:882; location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|tif|tiff|css|js|htm|html|ttf|otf|webp|woff|txt|csv|rtf|doc|docx|xls|xlsx|ppt|pptx|odf|odp|ods|odt|pdf|psd|ai|eot|eps|ps|zip|tar|tgz|gz|rar|bz2|7z|aac|m4a|mp3|mp4|ogg|wav|wma|3gp|avi|flv|m4v|mkv|mov|mpeg|mpg|wmv|exe|iso|dmg|swf)$ { root //www/wwwroot/web; access_log logs/www.bt.net.log combined; access_log logs/www.bt.net.bytes bytes; expires max; try_files $uri @fallback; } } location /error/ { return 404; } location @fallback { proxy_pass http://127.0.0.1:882; } location ~ /\.ht {return 404;} location ~ /\.svn/ {return 404;} location ~ /\.git/ {return 404;} location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;}}
修改upload.php 文件 第6到第7行 注释掉
header('Access-Control-Allow-Origin:*'); header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept"); #修改支持 nginx配置跨域配置
项目文件归属用户和组 都是www.www 拥有读写权限