Yesterday, i finished the whole process to built up a completely new LAMP stacks. After that, i am going to import my test server to my production server.

During this transition, i have to upload my sql database dump from my production server 1 to this new server.

Unfortunately, there is a problem for myself that i left off from yesterday’s process. I did not modify any of the PHP configuration. Therefore, i wasn’t able to upload the sql file which size 14MB.  By default,t he upload single file is only 2MB.

So, today i am going to dig into this php configuration file and do some modifications.

First, i would go to change the file php.ini. You can run following command to edit the php.ini file. (Sometime it’s stored in /etc/php.ini, but it also could be in /etc/php.d/cgi/php.ini or /usr/local/etc/php.ini)

vi /etc/php.ini

Then use the vi ‘s search function to search for below syntax and modify to suit your needs. (type in /strings to find your keyword and use keybaord i to get into insert mode to modify it one by one.)

memory_limit = 32M
upload_max_filesize = 10M
post_max_size = 20M

here is the search function: i type in /post_max and then hit enter

Then, the cursor will jump to the result it found

After all the modification has been completed, you can do following command to restart the apache

sudo service httpd restart

今天重装了一台服务器的LAMP stack.纯粹做个日记，下次就可以参考参考了。哈哈。

系统：CentOS7 x86_64_1511
console远程登陆软件:Putty
stack选择：LINUX(centos7),Apache,MySQL,PHPD

首先安装好了linux.为了方便查看，装的时候选择了basic web server with GUI的包装。

跳过安装步骤。全部设置好，然后吧不需要的东西先删除掉。比如libreoffice的软件之类。然后确保磁盘空间分配正确。下面开始安装LAMP的网络服务包
为了方便安装，使用了SSH从另外一台电脑链接网络进去进行一下网络服务的安装。

APACHE的安装命令

这个命令是进行Yum的安装包的更新和所有软件的更新

sudo yum update (yum软件包的更新。如果你是类似我一样是新系统，可能会更新一段时间。因为很多包的下载还是蛮多的。我就下载了奖金700多MB的新软件包更新。）
sudo yum install httpd（这个是进行apache的安装。apache的软件包名字就叫做httpd)
sudo systemctl start httpd.service (这个是开始运行apache的服务）
sudo systemctl enable httpd.service（这个是吧apache的服务运行加入启动就自动运行。
这里有一点比较重要的是，我每次进行centos的服务器的LAMP配置都会遇到的。不一定所有人多会有，那就是当我在本地网络的其他电脑的浏览器输入这个centos服务器的网络地址进行访问的时候，正常会显示apache的默认欢迎的网页。可是很多时候都是无法访问的，这个时候就需要进行防火墙的配置了。我在下面进行了防火墙加了两个端口。（我记得之前在做research的时候，有些人建议直接吧防火墙关闭了。虽然这个是本地的服务器和网络，可是安全期间，还是建议不要完全关闭，只要吧你需要的端口打开即可。）

sudo firewall-cmd –permanent –add-port=80/tcp
sudo firewall-cmd –permanent –add-port=443/tcp

以上两个命令在防火墙的命令配置里面增加了80和443的端口。
sudo firewall-cmd –reload
上面这个命令则是进行防火墙的重启。之后再试试看。是不是就可以打开了apache的经典默认欢迎界面了。

下面就开始mysql的安装了，这里我用了mariadb的安装包。这是社区开发版的MySQL

sudo yum install mariadb-server mariadb

sudo systemctl start mariadb(开启服务）
sudo systemctl enable mariadb.service(开启开机自动启动服务）
sudo mysql_secure_installation(这个命令会进行mysql的初始化设置的一些工作）

具体安装的设置，都不是那么困难，所以就大概讲一下：

Enter current password for root (enter for none):
OK, successfully used password, moving on…

第一个问题是问你当前的root密码。因为是首次安装，自然是没有面。直接回车跳过。
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
… Success!

然后问你要不要进行密码设置，输入y然后进行密码设置
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
… Success!

上面这一段话是说，默认情况下mariadb有匿名用户账户。这可以让任何人都进去却不需要创建账户。然后问你是否要删除掉匿名用户权限。当然就是回答y了！

Normally, root should only be allowed to connect from ‘localhost’. This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] n
… skipping.

正常情况，root只可以从本地访问。这可以杜绝别人从网络访问去猜测root的密码。是否拒绝root的远程登陆。因为我经常要从本地和远程登陆进行管理。所以我会回答n 给这个问题。

By default, MariaDB comes with a database named ‘test’ that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
– Dropping test database…
… Success!
– Removing privileges on test database…
… Success!

默认情况下,mariaDB自带了一个叫做test的数据库，这个是完全拿来做测试用的blah blah.我直接回答y去吧这个数据库给删除掉了。

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
… Success!

Cleaning up…

All done! If you’ve completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

要不要重置所有权限，这样之前所做的所有改动就会立即生效。直接回答y就好了。

接下来就开始安装PHP了。
sudo yum install php php-mysql

sudo systemctl restart httpd.service (重启apache的服务）

最后，做一个简单的php的探针的编写进行测试：

sudo vim /var/www/html/info.php

输入以下内容：

<?php

phpinfo();

?>
接着，用浏览器打开http://主机ip地址/info.php如果可以看到一下界面就完全成功了！

Last but not the least is to install phpmyadmin. This is a very useful tool with GUI to manage the MySQL database on the centos7 server.
Now, run the following commands:

sudo yum install php-gd php-pear (Install two very important php related packages.)
sudo yum install epel-release-7-1.noarch.rpm (This is to add the epel release package to the repo.)
sudo yum install epel-release (install and update the epel release package lists)
sudo yum install phpmyadmin (Install the phpmyadmin)

After that, if you go ahead and access http://ipaddress/phpmyadmin you should see something different message other than the 404 now.

Unfortunately, you still cant access phpmyadmin yet. Now, you need to change the file

vi /etc/httpd/conf.d/phpMyAdmin.conf
Below is the file what it looks like the first time you open it.

# phpMyAdmin - Web based MySQL browser written in php
# 
# Allows only localhost by default
#
# But allowing phpMyAdmin to anyone other than localhost should be considered
# dangerous unless properly secured by SSL

Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin

<Directory /usr/share/phpMyAdmin/>
   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 127.0.0.1
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     Deny from All
     Allow from 127.0.0.1
     Allow from ::1
   </IfModule>
</Directory>

<Directory /usr/share/phpMyAdmin/setup/>
   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 127.0.0.1
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     Deny from All
     Allow from 127.0.0.1
     Allow from ::1
   </IfModule>
</Directory>

# These directories do not require access over HTTP - taken from the original
# phpMyAdmin upstream tarball
#
<Directory /usr/share/phpMyAdmin/libraries/>
    Order Deny,Allow
    Deny from All
    Allow from None
</Directory>

<Directory /usr/share/phpMyAdmin/setup/lib/>
    Order Deny,Allow
    Deny from All
    Allow from None
</Directory>

<Directory /usr/share/phpMyAdmin/setup/frames/>
    Order Deny,Allow
    Deny from All
    Allow from None
</Directory>

# This configuration prevents mod_security at phpMyAdmin directories from
# filtering SQL etc.  This may break your mod_security implementation.
#
#<IfModule mod_security.c>
#    <Directory /usr/share/phpMyAdmin/>
#        SecRuleInheritance Off
#    </Directory>
#</IfModule>

Modify and add below items to. Check out the bold text carefully.

<Directory /usr/share/phpMyAdmin/>
   AddDefaultCharset UTF-8

   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       #ADD following line:
       Require all granted
       Require ip 127.0.0.1
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     #CHANGE following 2 lines:
     Order Allow,Deny
     Allow from All
     Allow from 127.0.0.1
     Allow from ::1
   </IfModule>
</Directory>

After i did the above two changes, i would do a httpd restart service again.

sudo systemctl restart httpd.service

Boom! PHPMYADMIN!~ YAHOO~