一、環(huán)境準(zhǔn)備

1蜂嗽、操作系統(tǒng)安裝：CentOS6.5 64位最小化安裝苗膝。
2、配置好IP植旧、DNS辱揭、網(wǎng)關(guān)离唐、主機(jī)名
3、配置防火墻问窃，開啟80亥鬓、3306端口

vim /etc/sysconfig/iptables

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT #允許80端口通過防火墻
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT #允許3306端口通過防火墻

特別提示：如果這兩條規(guī)則添加到防火墻配置的最后一行，導(dǎo)致防火墻啟動失敗域庇，正確的應(yīng)該是添加到默認(rèn)的22端口 嵌戈。

/etc/init.d/iptables restart #最后重啟防火墻使配置生效

4、關(guān)閉SELinux

vi /etc/selinux/configurations

#SELINUX=enforcing #注釋掉
#SELINUXTYPE=targeted #注釋掉
SELINUX=disabled #增加

:wq! #保存退出 
setenforce 0 #使配置立即生效

二听皿、系統(tǒng)約定

硬盤分區(qū)：50G(/boot 200M /swap 8192M /)+100G(/usr)
軟件源代碼包存放位置：/usr/local/src
源碼包編譯安裝位置：/usr/local/軟件名
數(shù)據(jù)庫數(shù)據(jù)文件存儲路徑/usr/data/mysql/var

三熟呛、軟件包下載

1、nginx（目前穩(wěn)定版）
http://nginx.org/download/nginx-1.4.4.tar.gz
2尉姨、pcre （支持nginx偽靜態(tài)）
ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.40.tar.gz
3庵朝、MySQL
https://cdn.mysql.com//Downloads/MySQL-5.5/mysql-5.5.54-linux2.6-x86_64.tar.gz
https://cdn.mysql.com//Downloads/MySQL-5.5/mysql-5.5.54.tar.gz
http://mirrors.sohu.com/mysql/MySQL-5.5/mysql-5.5.54-linux2.6-x86_64.tar.gz
4、php
http://cn2.php.net/distributions/php-5.5.7.tar.gz
http://cn2.php.net/distributions/php-5.6.29.tar.gz
5啊送、cmake（MySQL編譯工具）
http://www.cmake.org/files/v2.8/cmake-2.8.12.1.tar.gz
6偿短、libmcrypt（PHPlibmcrypt模塊）
http://nchc.dl.sourceforge.net/project/mcrypt/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.gz
7、GD庫安裝包（php頁面圖片驗(yàn)證碼支持）
http://down1.chinaunix.net/distfiles/GD-2.18.tar.gz
8馋没、libevent（memcached支持）
http://down1.chinaunix.net/distfiles/libevent-1.4.12-stable.tar.gz
9昔逗、memcached(memcached服務(wù)端)
http://memcached.org/files/memcached-1.4.34.tar.gz
10、libmemcached(memcached 客戶端庫)
https://launchpadlibrarian.net/165454254/libmemcached-1.0.18.tar.gz
11篷朵、memcached(php的memcached擴(kuò)展)
http://pecl.php.net/get/memcached-2.2.0.tgz
12勾怒、swoole(php的swoole擴(kuò)展)
https://codeload.github.com/swoole/swoole-src/tar.gz/v1.9.9

四、安裝編譯工具及庫文件

使用CentOS yum命令一鍵安裝

yum install -y make apr* autoconf automake curl curl-devel gcc gcc-c++ gtk+-devel zlib-devel openssl openssl-devel pcre-devel gd kernel keyutils patch perl kernel-headers compat* cpp glibc libgomp libstdc++-devel keyutils-libs-devel libsepol-devel libselinux-devel krb5-devel libXpm* freetype freetype-devel freetype* fontconfig fontconfig-devel libjpeg* libpng* php-common php-gd gettext gettext-devel ncurses* libtool* libxml2 libxml2-devel patch policycoreutils bison

五声旺、軟件安裝篇

1笔链、安裝cmake

cd /usr/local/src
tar zxvf cmake-2.8.8.tar.gz
cd cmake-2.8.8
./configure --prefix=/usr/local/cmake
make #編譯
make install #安裝
vim /etc/profile 在path路徑中增加cmake執(zhí)行文件路徑
export PATH=$PATH:/usr/local/cmake/bin
source /etc/profile使配置立即生效

2、安裝pcre

cd /usr/local/src
mkdir /usr/local/pcre #創(chuàng)建安裝目錄
tar zxvf pcre-8.34.tar.gz
cd pcre-8.34
./configure --prefix=/usr/local/pcre #配置
make && make install

3腮猖、安裝libmcrypt

cd /usr/local/src
tar zxvf libmcrypt-2.5.8.tar.gz #解壓
cd libmcrypt-2.5.8 #進(jìn)入目錄
./configure #配置
make #編譯
make install #安裝

4鉴扫、安裝gd庫

cd /usr/local/src
tar zxvf gd-2.0.36RC1.tar.gz
cd gd-2.0.36RC1
./configure --enable-m4_pattern_allow —prefix=/usr/local/gd --with-jpeg=/usr/lib --with-png=/usr/lib --with-xpm=/usr/lib --with-freetype=/usr/lib --with-fontconfig=/usr/lib #配置
make #編譯
make install #安裝

5、安裝及配置Mysql

安裝mysql

groupadd mysql #添加mysql組
useradd -g mysql mysql -s /bin/false #創(chuàng)建用戶mysql并加入到mysql組澈缺，不允許mysql用戶直接登錄系統(tǒng)
mkdir -p /usr/data/mysql/var #創(chuàng)建MySQL數(shù)據(jù)庫存放目錄
chown -R mysql:mysql /usr/data/mysql/var #設(shè)置MySQL數(shù)據(jù)庫目錄權(quán)限
cd /usr/local/src
tar zxvf mysql-5.5.35.tar.gz #解壓
cd mysql-5.5.35
cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/usr/data/mysql/var -DSYSCONFDIR=/etc #配置
make #編譯
make install #安裝

配置文件及生成mysql系統(tǒng)數(shù)據(jù)庫

cd /usr/local/mysql
cp ./support-files/my-huge.cnf /etc/my.cnf #拷貝配置文件（注意：如果/etc目錄下面默認(rèn)有一個my.cnf坪创，直接覆蓋即可）
vi /etc/my.cnf #編輯配置文件,在 [mysqld] 部分增加
datadir = /usr/data/mysql/var #添加MySQL數(shù)據(jù)庫路徑
./scripts/mysql_install_db --user=mysql #生成mysql系統(tǒng)數(shù)據(jù)庫

設(shè)置Mysql開機(jī)啟動

cp ./support-files/mysql.server /etc/rc.d/init.d/mysqld #把Mysql加入系統(tǒng)啟動
chmod 755 /etc/init.d/mysqld #增加執(zhí)行權(quán)限
chkconfig mysqld on #加入開機(jī)啟動 
vi /etc/rc.d/init.d/mysqld #編輯
basedir = /usr/local/mysql #MySQL程序安裝路徑
datadir = /usr/local/mysql/var #MySQl數(shù)據(jù)庫存放目錄
service mysqld start #啟動

設(shè)置Mysql環(huán)境變量

vi /etc/profile #把mysql服務(wù)加入系統(tǒng)環(huán)境變量：在最后添加下面這一行
export PATH=$PATH:/usr/local/cmake/bin:/usr/local/mysql/bin
source /etc/profile #使配置立即生效

設(shè)置Mysql初始密碼

mkdir /var/lib/mysql #創(chuàng)建目錄
ln -s /tmp/mysql.sock /var/lib/mysql/mysql.sock #添加軟鏈接
mysql_secure_installation #設(shè)置Mysql密碼，根據(jù)提示按Y 回車輸入2次密碼
/usr/local/mysql/bin/mysqladmin -u root -p password "123456" #或者直接修改密碼

到此姐赡，mysql安裝完成莱预！

6、安裝及配置nginx

安裝nginx

cd /usr/local/src
groupadd www #添加www組
useradd -g www www -s /bin/false #創(chuàng)建nginx運(yùn)行賬戶www并加入到www組项滑，不允許www用戶直接登錄系統(tǒng)
tar zxvf nginx-1.4.4.tar.gz
cd nginx-1.4.4
./configure --prefix=/usr/local/nginx --without-http_memcached_module --user=www --group=www --with-http_stub_status_module --with-openssl=/usr/ --with-pcre=/usr/local/src/pcre-8.31
注意:--with-pcre=/usr/local/src/pcre-8.34指向的是源碼包解壓的路徑依沮，而不是安裝的路徑，否則會報錯
make
make install
/usr/local/nginx/sbin/nginx #啟動nginx

設(shè)置nginx開啟啟動

vi /etc/rc.d/init.d/nginx #編輯啟動文件添加下面內(nèi)容

#!/bin/bash
# nginx Startup script for the Nginx HTTP Server
# it is v.0.0.2 version.
# chkconfig: - 85 15
# description: Nginx is a high-performance web and proxy server.
# It has a lot of features, but it's not for everyone.
# processname: nginx
# pidfile: /var/run/nginx.pid
# config: /usr/local/nginx/conf/nginx.conf
nginxd=/usr/local/nginx/sbin/nginx
nginx_config=/usr/local/nginx/conf/nginx.conf
nginx_pid=/usr/local/nginx/logs/nginx.pid
RETVAL=0
prog="nginx"
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
[ -x $nginxd ] || exit 0
# Start nginx daemons functions.
start() {
if [ -e $nginx_pid ];then
echo "nginx already running...."
exit 1
fi
echo -n $"Starting $prog: "
daemon $nginxd -c ${nginx_config}
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/nginx
return $RETVAL
}
# Stop nginx daemons functions.
stop() {
echo -n $"Stopping $prog: "
killproc $nginxd
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/nginx /usr/local/nginx/logs/nginx.pid
}
reload() {
echo -n $"Reloading $prog: "
#kill -HUP `cat ${nginx_pid}`
killproc $nginxd -HUP
RETVAL=$?
echo
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
stop
start
;;
status)
status $prog
RETVAL=$?
;;
*)
echo $"Usage: $prog {start|stop|restart|reload|status|help}"
exit 1
esac
exit $RETVAL

:wq! #保存退出
chmod 775 /etc/rc.d/init.d/nginx #賦予文件執(zhí)行權(quán)限
chkconfig nginx on #設(shè)置開機(jī)啟動
/etc/rc.d/init.d/nginx restart #重新啟動Nginx
service nginx restart

7、安裝php

cd /usr/local/src
tar -zvxf php-5.5.7.tar.gz
cd php-5.5.7.
./configure --prefix=/usr/local/php5 --with-config-file-path=/usr/local/php5/etc --with-mysql=/usr/local/mysql --with-mysql-sock=/tmp/mysql.sock --with-gd --with-iconv --with-zlib --enable-xml --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --enable-mbregex --enable-fpm --enable-mbstring --enable-ftp --enable-gd-native-ttf --with-openssl --enable-pcntl --enable-sockets --with-xmlrpc --enable-zip --enable-soap --without-pear --with-gettext --enable-session --with-mcrypt --with-curl --with-jpeg-dir --with-freetype-dir
make #編譯
make install #安裝

cp php.ini-production /usr/local/php5/etc/php.ini #復(fù)制php配置文件到安裝目錄
rm -rf /etc/php.ini #刪除系統(tǒng)自帶配置文件
ln -s /usr/local/php5/etc/php.ini /etc/php.ini #添加軟鏈接
cp /usr/local/php5/etc/php-fpm.conf.default /usr/local/php5/etc/php-fpm.conf #拷貝模板文件為php-fpm配置文件
vi /usr/local/php5/etc/php-fpm.conf #編輯

編輯 /usr/local/php5/etc/php-fpm.conf

user = www #設(shè)置php-fpm運(yùn)行賬號為www
group = www #設(shè)置php-fpm運(yùn)行組為www
pid = run/php-fpm.pid #取消前面的分號

設(shè)置 php-fpm開機(jī)啟動

cp /usr/local/src/php-5.5.7/sapi/fpm/init.d.php-fpm /etc/rc.d/init.d/php-fpm #拷貝php-fpm到啟動目錄
chmod +x /etc/rc.d/init.d/php-fpm #添加執(zhí)行權(quán)限
chkconfig php-fpm on #設(shè)置開機(jī)啟動
vi /usr/local/php5/etc/php.ini #編輯配置文件

找到下面幾項(xiàng)并更改

disable_functions = passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,escapeshellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space,posix_ctermid,posix_get_last_error,posix_getcwd, posix_getegid,posix_geteuid,posix_getgid, posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid, posix_getppid,posix_getpwnam,posix_getpwuid, posix_getrlimit, posix_getsid,posix_getuid,posix_isatty, posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid, posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname
#列出PHP可以禁用的函數(shù)危喉，如果某些程序需要用到這個函數(shù)宋渔，可以刪除，取消禁用

date.timezone = PRC #設(shè)置時區(qū)
expose_php = OFF #禁止顯示php版本的信息
short_open_tag = ON #支持php短標(biāo)簽

8辜限、配置nginx支持php

vi /usr/local/nginx/conf/nginx.conf
修改/usr/local/nginx/conf/nginx.conf 配置文件,需做如下修改

user www www;#首行user去掉注釋, 修改Nginx運(yùn)行組為www www傻谁； 必須與 / usr / local / php / etc / php - fpm.conf中的user, group配置相同， 否則php運(yùn)行出錯 
worker_processes 1;
events {
    worker_connections 1024;
}
http {
    include mime.types;
    default_type application / octet - stream;
    
    sendfile on;
    # tcp_nopush on;
    #tcp_nodelay on;

    # keepalive_timeout 0;
    keepalive_timeout 65;
    
    # keepalive_timeout 0;
    fastcgi_connect_timeout 300;
    fastcgi_send_timeout 300;
    fastcgi_read_timeout 300;
    fastcgi_buffer_size 128 k;
    fastcgi_buffers 4 128 k;
    fastcgi_busy_buffers_size 256 k;
    fastcgi_temp_file_write_size 256 k;

    #gzip on;
    gzip on;
    gzip_min_length 1 k;
    gzip_buffers 4 32 k;
    gzip_http_version 1.1;
    gzip_comp_level 2;
    gzip_types text / plain application / x - javascript text / css application / xml;
    gzip_vary on;
    gzip_disable "MSIE [1-6].";

    server_names_hash_bucket_size 128;
    client_max_body_size 100 m;
    client_header_buffer_size 256 k;
    large_client_header_buffers 4 256 k;

    server {
        listen 80;
        server_name localhost;
        location / {
            root html;
            index index.php index.html index.htm;
        }
        location~\.php$ {
            root html;
            fastcgi_pass 127.0 .0 .1: 9000;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include fastcgi_params;
        }
    }
}

/etc/init.d/nginx restart #重啟nginx

9列粪、安裝pdo_mysql擴(kuò)展
該擴(kuò)展可在編譯時使用--with-pdo-mysql開啟，如編譯時未開啟谈飒，可在/usr/local/src/php-5.6.30/ext/pdo_mysql找到該擴(kuò)展包岂座。

cd /usr/local/src/php-5.6.30/ext/pdo_mysql #打開php自帶pdo_mysql擴(kuò)展包
/usr/local/php5/bin/phpize #執(zhí)行完 phpize 命令后，在 pdo_mysql 目錄中就會出現(xiàn) configure
./configure --with-php-config=/usr/local/php/bin/php-config --with-pdo-mysql=/usr/local/mysql/ 
#--with-php-config=/usr/local/php5/bin/php-config 指定安裝 PHP 的時候的配置
#--with-pdo-mysql=/usr/local/mysql/ 指定 mysql的安裝目錄位置
make
make install

此時會在以下目錄生成 /usr/local/php5/lib/php/extensions/no-debug-non-zts-20090626/pdo_mysql.so

vi /usr/local/php5/etc/php.ini #編輯php.ini 配置文件杭措，如下

extension=/usr/local/php5/lib/php/extensions/no-debug-non-zts-20090626/pdo_mysql.so #也可 extension=pdo_mysql.so
service php-fpm restart #重啟php

** 10费什、安裝memcached擴(kuò)展**

安裝libevent類庫

cd /usr/local/src/libevent-2.0.12-stable #
./configure #默認(rèn)安裝到/usr/local/lib/目錄
make
make install

安裝Memcached 服務(wù)端

cd /usr/local/src/memcached-1.4.34 #打開Memcached 服務(wù)端源文件
./configure --prefix=/usr/local/memcached
make
make install

pecl.php.net有兩個memcache擴(kuò)展：memcache和memcached。
memcached 的版本比較新手素，而且使用的是 libmemcached 庫鸳址。libmemcached 被認(rèn)為做過更好的優(yōu)化，應(yīng)該比 php only 版本的 memcache 有著更高的性能泉懦。我們這里選擇安裝的是memcached稿黍。

安裝libmemcached庫

cd /usr/local/src/libmemcached-1.0.4  
./configure  
make  
make install

安裝memcached擴(kuò)展

cd /usr/local/src/memcached-2.2.0
/usr/loca/php5/bin/phpize  
./configure --enable-memcache --with-php-config=/usr/local/php/bin/php-config  
make  
make install  

11、安裝swoole 擴(kuò)展

cd /usr/local/src/swoole-src-1.9.6
/usr/loca/php5/bin/phpize  
./configure --enable-swoole --with-php-config=/usr/local/php/bin/php-config  
make  
make install 

六崩哩、測試篇

cd /usr/local/nginx/html/ #進(jìn)入nginx默認(rèn)網(wǎng)站根目錄
rm -rf /usr/local/nginx/html/* #刪除默認(rèn)測試頁
vi index.php #新建index.php文件

<?php
phpinfo();
?>

:wq! #保存退出
chown www.www /usr/local/nginx/html/ -R #設(shè)置目錄所有者
chmod 700 /usr/local/nginx/html/ -R #設(shè)置目錄權(quán)限

七巡球、其它說明

服務(wù)器相關(guān)操作命令

service nginx restart #重啟nginx
service mysqld restart #重啟mysql
/usr/local/php/sbin/php-fpm #啟動php-fpm
/etc/rc.d/init.d/php-fpm restart #重啟php-fpm
/etc/rc.d/init.d/php-fpm stop #停止php-fpm
/etc/rc.d/init.d/php-fpm start #啟動php-fpm
nginx默認(rèn)站點(diǎn)目錄是：/usr/local/nginx/html/
權(quán)限設(shè)置：chown www.www /usr/local/nginx/html/ -R
MySQL數(shù)據(jù)庫目錄是：/usr/local/mysql/var
權(quán)限設(shè)置：chown mysql.mysql -R /usr/local/mysql/var

八、安全優(yōu)化

sherwin@rocnic~$ssh root@172.16.134.141
root@172.16.134.141's password:
Last login: Sat Jan 18 12:11:57 2014 from 172.16.134.1
-bash: warning: setlocale: LC_CTYPE: cannot change locale (UTF-8): No such file or directory
[root@dev01 ~]# locale
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
LANG=en_US.UTF-8
LC_CTYPE=UTF-8
LC_NUMERIC="en_US.UTF-8"
LC_TIME="en_US.UTF-8"
LC_COLLATE="en_US.UTF-8"
LC_MONETARY="en_US.UTF-8"
LC_MESSAGES="en_US.UTF-8"
LC_PAPER="en_US.UTF-8"
LC_NAME="en_US.UTF-8"
LC_ADDRESS="en_US.UTF-8"
LC_TELEPHONE="en_US.UTF-8"
LC_MEASUREMENT="en_US.UTF-8"
LC_IDENTIFICATION="en_US.UTF-8"
LC_ALL=

本文轉(zhuǎn)載于：http://www.linuxidc.com/Linux/2015-10/123845.htm