LINUX(LAMP) stack 安装日记

今天重装了一台服务器的LAMP stack.纯粹做个日记,下次就可以参考参考了。哈哈。

系统:CentOS7 x86_64_1511
console远程登陆软件:Putty
stack选择:LINUX(centos7),Apache,MySQL,PHPD

首先安装好了linux.为了方便查看,装的时候选择了basic web server with GUI的包装。

跳过安装步骤。全部设置好,然后吧不需要的东西先删除掉。比如libreoffice的软件之类。然后确保磁盘空间分配正确。下面开始安装LAMP的网络服务包
为了方便安装,使用了SSH从另外一台电脑链接网络进去进行一下网络服务的安装。
putty

APACHE的安装命令

这个命令是进行Yum的安装包的更新和所有软件的更新

sudo yum update (yum软件包的更新。如果你是类似我一样是新系统,可能会更新一段时间。因为很多包的下载还是蛮多的。我就下载了奖金700多MB的新软件包更新。)
sudo yum install httpd(这个是进行apache的安装。apache的软件包名字就叫做httpd)
sudo systemctl start httpd.service (这个是开始运行apache的服务)
sudo systemctl enable httpd.service(这个是吧apache的服务运行加入启动就自动运行。
这里有一点比较重要的是,我每次进行centos的服务器的LAMP配置都会遇到的。不一定所有人多会有,那就是当我在本地网络的其他电脑的浏览器输入这个centos服务器的网络地址进行访问的时候,正常会显示apache的默认欢迎的网页。可是很多时候都是无法访问的,这个时候就需要进行防火墙的配置了。我在下面进行了防火墙加了两个端口。(我记得之前在做research的时候,有些人建议直接吧防火墙关闭了。虽然这个是本地的服务器和网络,可是安全期间,还是建议不要完全关闭,只要吧你需要的端口打开即可。)

sudo firewall-cmd –permanent –add-port=80/tcp
sudo firewall-cmd –permanent –add-port=443/tcp

以上两个命令在防火墙的命令配置里面增加了80和443的端口。
sudo firewall-cmd –reload
上面这个命令则是进行防火墙的重启。之后再试试看。是不是就可以打开了apache的经典默认欢迎界面了。

apache-default-screen

下面就开始mysql的安装了,这里我用了mariadb的安装包。这是社区开发版的MySQL

sudo yum install mariadb-server mariadb

mariadb

sudo systemctl start mariadb(开启服务)
sudo systemctl enable mariadb.service(开启开机自动启动服务)
sudo mysql_secure_installation(这个命令会进行mysql的初始化设置的一些工作)
mysql-installation
具体安装的设置,都不是那么困难,所以就大概讲一下:

Enter current password for root (enter for none):
OK, successfully used password, moving on…

第一个问题是问你当前的root密码。因为是首次安装,自然是没有面。直接回车跳过。
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
… Success!

然后问你要不要进行密码设置,输入y然后进行密码设置
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
… Success!

上面这一段话是说,默认情况下mariadb有匿名用户账户。这可以让任何人都进去却不需要创建账户。然后问你是否要删除掉匿名用户权限。当然就是回答y了!

Normally, root should only be allowed to connect from ‘localhost’. This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] n
… skipping.

正常情况,root只可以从本地访问。这可以杜绝别人从网络访问去猜测root的密码。是否拒绝root的远程登陆。因为我经常要从本地和远程登陆进行管理。所以我会回答n 给这个问题。

By default, MariaDB comes with a database named ‘test’ that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
– Dropping test database…
… Success!
– Removing privileges on test database…
… Success!

默认情况下,mariaDB自带了一个叫做test的数据库,这个是完全拿来做测试用的blah blah.我直接回答y去吧这个数据库给删除掉了。

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
… Success!

Cleaning up…

All done! If you’ve completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

要不要重置所有权限,这样之前所做的所有改动就会立即生效。直接回答y就好了。

接下来就开始安装PHP了。
sudo yum install php php-mysql

yum-install-php

sudo systemctl restart httpd.service (重启apache的服务)

最后,做一个简单的php的探针的编写进行测试:

sudo vim /var/www/html/info.php

输入以下内容:

<?php

phpinfo();

?>
接着,用浏览器打开http://主机ip地址/info.php如果可以看到一下界面就完全成功了!

php-info

Last but not the least is to install phpmyadmin. This is a very useful tool with GUI to manage the MySQL database on the centos7 server.
Now, run the following commands:

sudo yum install php-gd php-pear (Install two very important php related packages.)
sudo yum install epel-release-7-1.noarch.rpm (This is to add the epel release package to the repo.)
sudo yum install epel-release (install and update the epel release package lists)
sudo yum install phpmyadmin (Install the phpmyadmin)

After that, if you go ahead and access http://ipaddress/phpmyadmin you should see something different message other than the 404 now.

Unfortunately, you still cant access phpmyadmin yet. Now, you need to change the file

vi /etc/httpd/conf.d/phpMyAdmin.conf
Below is the file what it looks like the first time you open it.

# phpMyAdmin - Web based MySQL browser written in php
# 
# Allows only localhost by default
#
# But allowing phpMyAdmin to anyone other than localhost should be considered
# dangerous unless properly secured by SSL

Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin

<Directory /usr/share/phpMyAdmin/>
   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 127.0.0.1
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     Deny from All
     Allow from 127.0.0.1
     Allow from ::1
   </IfModule>
</Directory>

<Directory /usr/share/phpMyAdmin/setup/>
   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 127.0.0.1
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     Deny from All
     Allow from 127.0.0.1
     Allow from ::1
   </IfModule>
</Directory>

# These directories do not require access over HTTP - taken from the original
# phpMyAdmin upstream tarball
#
<Directory /usr/share/phpMyAdmin/libraries/>
    Order Deny,Allow
    Deny from All
    Allow from None
</Directory>

<Directory /usr/share/phpMyAdmin/setup/lib/>
    Order Deny,Allow
    Deny from All
    Allow from None
</Directory>

<Directory /usr/share/phpMyAdmin/setup/frames/>
    Order Deny,Allow
    Deny from All
    Allow from None
</Directory>

# This configuration prevents mod_security at phpMyAdmin directories from
# filtering SQL etc.  This may break your mod_security implementation.
#
#<IfModule mod_security.c>
#    <Directory /usr/share/phpMyAdmin/>
#        SecRuleInheritance Off
#    </Directory>
#</IfModule>

Modify and add below items to. Check out the bold text carefully.

<Directory /usr/share/phpMyAdmin/>
   AddDefaultCharset UTF-8

   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       #ADD following line:
       Require all granted
       Require ip 127.0.0.1
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     #CHANGE following 2 lines:
     Order Allow,Deny
     Allow from All
     Allow from 127.0.0.1
     Allow from ::1
   </IfModule>
</Directory>

After i did the above two changes, i would do a httpd restart service again.

sudo systemctl restart httpd.service

Boom! PHPMYADMIN!~ YAHOO~

phpmyadmin

Leave a Reply

Your email address will not be published. Required fields are marked *