Shulou(Shulou.com)06/02 Report--

Blogger QQ:819594300

Blog address: http://zpf666.blog.51cto.com/

Friends who have any questions can contact the blogger, the blogger will help you answer, thank you for your support! First, install apache2.4.23

The new version of httpd-2.4 adds the following features

New module for ①

Mod_proxy_fcgi (fcgi agent is available)

Mod_ratelimit (limit user bandwidth)

Mod_request (request module that filters requests)

Mod_remoteip (matches the IP address of the client)

② has modified the IP-based access control and no longer supports the allow,deny,order mechanism, but uniformly uses require.

③ also adds the following new features

1. MPM supports loading at run time; however, to enable this feature, you need to enable these three functions in the compilation installation.

-enable-mpms-shared=all-with-mpm=event

2. Support event

3. Support asynchronous read and write

4. Specify the log level on each module and each directory

5. Enhanced expression parser

6. Configuration per request:

7. Millisecond keepalivetimeout

8. FQDN-based virtual hosts no longer need NameVirtualHost instructions

9. Support the use of custom variables

Installation environment: operating system: Centos7.2, turn off selinux

Check to see if the httpd package is installed and uninstall it if it is installed

The figure above shows that httpd has not been installed, so here is the installation work:

Install apache2.4.23

You need to download several source packages shown below:

Httpd-2.4.23.tar.gz

Apr-1.5.2.tar.gz

Apr-util-1.5.4.tar.gz

Zlib-1.2.8.tar.gz

Pcre-8.39.tar.gz

Note: apr (Apache Portable Runtime) Apache portable runtime is an abstract library for calling the operating system, which is used to realize the use of the operating system by the internal components of Apache and improve the portability of the system.

Install apr and apr-util:

Install zlib:

\

Install pcre:

Install openssl:

Note: when you install apache2.4.23, you will be prompted that the version of openssl is too low, because the version of openssl-1.0.1e that comes with centos7, we need to download openssl ourselves.

Download openssl:

# wget https://www.openssl.org/source/openssl-1.0.1u.tar.gz

Here's how to install openssl:

Install apache2.4.23:

The relevant parameters are explained as follows:

-- enable-so supports dynamic sharing module, that is, open DSO support.

-- enable-rewrite supports url rewriting

-- enable-ssl supports ssl

-- with-ssl=/usr/local/openssl specifies the ssl installation location

-- enable-cgi enables cgi

-- enable-cgid:MPM uses event or worker to enable cgid

-- enable-modules=most explicitly indicates that the module to be statically compiled into the httpd binary is a space-delimited list of module names, all or mostall to include all modules most to include most commonly used modules

-- enable-mods-shared=most explicitly indicates that the module to be compiled in DSO is a space-delimited list of module names, and all or mostall indicates that it contains all module blocks and that most contains most modules.

-- enable-mpms-shared=all enables all the modes supported by MPM so that event, worker, and prefork will be installed in a modular manner and can be configured in httpd.conf.

-- with-mpm=event specifies that the enabled mpm mode defaults to enevt mode. In earlier versions of apache, the default prefork,2.2 version is worker2.4 version is event.

-- with-pcre=/usr/local/pcre supports pcre

-- with-z=/usr/local/zlib uses zlib compression libraries

-- with-apr=/usr/local/apr specifies the installation path of apr

-- with-apr-util=/usr/local/apr-util specifies the installation path of apr-util

-- enable-expires activation controls the "Expires:" and "Cache-Control:" headers of HTTP through configuration files, that is, provides client browser cache settings for website images, js, css, and other content. This is one of the important options for apache tuning.

-- sites where enable-deflate provides compression, transmission and coding support for content, such as html, js, css, etc. Using this parameter will increase the transmission speed and enhance the visitor access experience. This is one of the important options for apache tuning in a production environment.

Optimize the execution path of http programs:

Modify the configuration file httpd.conf to set the ServerName value in it:

For example: ServerName www.benet.com

Turn on the apache server:

Set to start automatically after boot:

Edit the / etc/init.d/httpd file and add two lines under the first line #! / bin/sh:

Add Apache to boot and start automatically:

Start the compiled Apache 2.4.23:

(note: if the status is not active (running), then restart the httpd service.)

The following is to start the httpd service in service.

Check the httpd status:

Here's how to solve this problem:

Lynx is installed, check the httpd status again:

The error in the above figure says: the requested URL / server status does not exist on this server. (that is, server-status does not exist), let's continue to solve the problem.

The status code returned is 404: it means the request is denied

So you can see the status of httpd.

Client test access (pay attention to the firewall):

Enable the httpd service exception first:

Access the test on a client:

The above picture shows that the visit was successful!

Second, the optimal configuration of Apache:

The hardware environment in which apache runs is the factor that has the greatest impact on performance. Even if the hardware cannot be upgraded, it is best to give apache a separate host to avoid interference from other applications. Among the various hardware metrics, memory has the greatest impact on performance. For static content (pictures, javascript files, css files, etc.), it determines how much content apache can cache. The more content it caches, the less chance to read content on the hard disk. Large memory can greatly improve the speed of static sites. For dynamic high-load sites, each request is saved for more time. Apache's mpm module will derive corresponding processes or threads for each request to be processed separately, and the number of processes or threads is approximately proportional to memory consumption, so increasing memory is also very beneficial to improve the load and running speed of dynamic sites.

The second is the speed of the hard disk, the static site is particularly prominent, apache continues to read files and send the corresponding request, the read and write of the hard disk is extremely frequent; dynamic sites also continue to load web programs (php, etc.), a request can even read more than a dozen files to complete, so as far as possible to improve the speed and quality of the hard disk to improve the performance of apache is of positive significance.

Finally, cpu and network, cpu affects the execution speed of web programs, and the network affects the amount of traffic.

1. The working mode of apache:

ApacheHTTP server is designed as a powerful and flexible server that can work on multiple platforms and different environments. This modular design is called the "multi-process processing module" (Multi-Processing Module,MPM), also known as the working mode.

Prefork mode (a non-threaded one):

Its main working mode is: when the Apache server starts, the mpm_prefork module will create multiple sub-processes in advance (the default is 5), each child process has only one thread. After receiving the request from the client, the mpm_prefork module transfers the request to the child process, and each child process can only be used to process a single request at the same time. If the current number of requests will exceed the number of pre-created child processes, the mpm_prefork module creates new child processes to handle additional requests. Apache always tries to keep some spare or idle subprocesses to meet upcoming requests. In this way, the client's request does not have to wait for the child process to be generated after it is received.

Because each request corresponds to a child process in the mpm_prefork module, it consumes more system resources than the other two modules. However, the advantage of the mpm_prefork module is that each of its child processes processes the corresponding individual request independently, so that if there is a problem with one of the requests, the other requests will not be affected. Prefork is more efficient than Worker, but it uses much more memory and is not good at dealing with scenarios with high concurrency.

The important parameters that affect the performance of Apache in prefork mode are described:

Each configuration item is explained as follows:

StartServers 5

# number of child processes started by default when apache starts

MinSpareServers 5

# minimum number of idle child processes

MaxSpareServers 10

# maximum number of idle child processes

MaxRequestWorkers 250

# MaxRequestWorkers sets the maximum number of access requests allowed at the same time. Any request that exceeds the MaxRequestWorkers limit will enter the waiting queue. In previous versions of apache2.3.1, MaxRequestWorkers was called MaxClients, and the old name is still supported.

MaxConnectionsPerChild 500

# sets the number of requests that each child process can handle. Each child process is automatically destroyed after processing a "MaxConnectionsPerChild" request. 0 means infinity, that is, child processes are never destroyed. Although the default setting of 0 allows each child process to process more requests, setting it to a non-zero value also has two important benefits: 1. It prevents unexpected memory leaks. 2. When the server load drops, the number of child processes will be reduced automatically. Therefore, this value can be adjusted according to the load of the server. Before Apache2.3.9, it was called MaxRequestsPerChild.

Note 1:MaxRequestWorkers is the most important of these instructions, setting requests that Apache can process at the same time, and is the parameter that has the greatest impact on Apache performance. If the total number of requests has reached this value (which can be confirmed by ps-ef | grep http | wc-l), then subsequent requests will be queued until a request has been processed. This is the main reason why there are a lot of system resources left and HTTP access is slow. Although in theory, the higher the value, the more requests can be processed, it is recommended that the initial value be set to (maximum physical memory / 2 in Mb), and then dynamically adjusted according to the load. For example, for a machine with 4 gigabytes of memory, the initial value is 4, 000, 2, 000.

Note after the 2:prefork control process initially established a "StartServers" child process, in order to meet the needs of the MinSpareServers setting, wait one second, continue to create two, and then wait one second to continue to create four. This increases the number of processes created exponentially to a maximum of 32 per second until the value set by MinSpareServers is met. This mode eliminates the need to generate new processes when the request arrives, thus reducing system overhead to increase performance. MaxSpareServers sets the maximum number of idle processes, and if the number of idle processes is greater than this value, Apache will automatically kill some extra processes. Do not set this value too high, but if the value is smaller than MinSpareServers, Apache will automatically adjust it to MinSpareServers+1. If the site is heavily loaded, consider increasing MinSpareServers and MaxSpareServers at the same time.

(it is recommended that the value of StartServers is equal to that of MinSpareServers)

Note what's the difference between 3:ServerLimit and MaxClients (MaxRequestWorkers)?

Because in the apache1 era, the only parameter to control the maximum number of processes is MaxClients, and the maximum value of this parameter is 256. it is invalid to try to set it to more than 256. this is due to the server hardware limitations of the apache1 era. However, in the apache2 era, due to the upgrade of server hardware, the hardware is no longer limited, so using the parameter ServerLimit to control the maximum number of processes, the ServerLimit value > = MaxClient value is effective. ServerLimit should be placed before MaxClients, and the value should not be less than MaxClients.

Note 4: view the modules loaded by Apache

(static modules for static and dynamic modules for shared)

Or

(ditto, there are also static and shared)

Or

(only static modules compiled into binaries can be viewed)

Note 5: how do I view the working mode of Apache? You can use the httpd-V command to view it, and you can also use httpd-l to see it (usually httpd-V)

Note 6: how to modify prefork parameters and enable prefork mode (the default mode for httpd is event mode)

① defines the configuration information of the module through httpd-mpm.conf

② modifies the main configuration file of httpd

③ restarts the httpd service to allow the modified configuration to take effect

Note: in the actual production environment, elegant startup is recommended, because there is no "service httpd reload", the equivalent is "service httpd graceful"

Or

Whether the ④ verification mode has been changed to prefork

Worker mode (multi-thread and multi-process):

Compared with prefork mode, worker uses a mixed mode of multi-process and multi-thread. Worker mode also pre-derives some child processes, and then each child process creates some threads, including a listener thread, and each request is assigned to a thread to serve. Threads are lighter than processes, because threads share the memory space of the parent process, so the memory footprint is reduced. In high concurrency scenarios, there are more threads available than prefork, and the performance is better. In addition, if a thread has problems, it will also cause problems with threads in the same process. If multiple threads have problems, it will only affect part of the Apache, not all. Due to the use of multiprocess and multithreading, thread safety needs to be taken into account. When using keep-alive persistent connections, a thread will be occupied all the time, even if there is no request in the middle, it will have to wait until the timeout (this problem also exists in prefork mode)

Overall, the prefork approach is slightly faster than worker, but it also requires slightly more cpu and memory resources than woker.

The important parameters that affect the performance of Apache in worker mode are described:

Each configuration item is explained as follows:

StartServers 3

# number of child processes started by default when apache starts

MinSpareThreads 75

# minimum number of idle worker threads

MaxSpareThreads 250

# maximum number of idle worker threads

ThreadsPerChild 25

# number of threads generated by each child process

MaxRequestWorkers 400

# same as prefork mode

MaxConnectionsPerChild 0

# same as prefork mode

Note 1:Worker the main control process generates "StartServers" child processes, each of which contains a fixed number of ThreadsPerChild threads, and each thread processes the request independently. Similarly, in order not to generate threads when the request arrives, MinSpareThreads and MaxSpareThreads set the minimum and maximum number of free threads

MaxRequestWorkers sets the maximum total number of clients connected at the same time. If the total number of threads in the existing child process does not meet the load, the control process will derive a new child process

The maximum default values for MinSpareThreads and MaxSpareThreads are 75 and 250, respectively. These two parameters have little effect on the performance of Apache and can be adjusted according to the actual situation.

Note 2:ThreadsPerChild is the most performance-related instruction in worker MPM. The maximum default value for ThreadsPerChild is 64, which is not enough if the load is heavy. The ThreadLimit instruction is used explicitly, and its maximum default value is 20000.

Note the total number of requests that can be processed simultaneously in 3:Worker mode is determined by the total number of child processes multiplied by the ThreadsPerChild value, which should be greater than or equal to MaxRequestWorkers. If the load is so heavy that the number of existing child processes cannot be satisfied, the control process will derive new child processes. By default, the maximum number of child processes is 16, and you also need to explicitly declare ServerLimit when you enlarge (the maximum number of processes configured by the system, the maximum is 20000). It is important to note that if ServerLimit is explicitly declared, its value multiplied by ThreadsPerChild must be greater than or equal to MaxRequestWorkers, and MaxRequestWorkers must be an integral multiple of ThreadsPerChild, otherwise Apache will automatically adjust to a corresponding value.

Note 4: the difference between processes and threads

A thread is an execution unit within a process and a schedulable entity within a process.

A program has at least one process and a process has at least one thread.

The division scale of threads is smaller than that of processes, which makes multithreaded programs have high concurrency.

In addition, the process has an independent memory unit during execution, and multiple threads share memory, which greatly improves the running efficiency of the program.

Threads are different from processes in the process of execution. each independent thread has an entrance to the program, a sequential execution sequence and an exit to the program. However, threads cannot execute independently and must be stored in the application, which provides multiple thread execution control.

From a logical point of view, the significance of multithreading is that there are multiple execution parts in an application that can be executed at the same time. However, the operating system does not regard multiple threads as multiple independent applications to achieve process scheduling and management and resource allocation. This is the important difference between processes and threads.

A process is a running activity of a program with a certain independent function on a certain data set, and a process is an independent unit of resource allocation and scheduling in the system.

A thread is an entity of a process and the basic unit of CPU scheduling and dispatching. It is a smaller basic unit that can run independently than a process. The thread basically does not own the system resources, but only has some essential resources (such as program counters, a set of registers and stacks), but it can share all the resources owned by the process with other threads belonging to the same process.

One thread can create and undo another thread; multiple threads in the same process can execute concurrently.

Summarize the differences between processes and threads:

(1) address space: an execution unit within a process; the process has at least one thread; they share the process's address space; and the process has its own independent address space.

(2) Resource ownership: a process is a unit of resource allocation and ownership, and threads in the same process share the resources of the process.

(3) Thread is the basic unit of processor scheduling, but the process is not.

(4) both of them can be executed concurrently.

Processes and threads are the basic units of program running experienced by the operating system, and the system uses this basic unit to realize the concurrency of the system to the application.

The difference between a process and a thread is:

In short, a program has at least one process and a process has at least one thread.

The division scale of threads is smaller than that of processes, which makes multithreaded programs have high concurrency.

In addition, the process has an independent memory unit during execution, and multiple threads share memory, which greatly improves the running efficiency of the program.

Event mode:

This is the latest working mode of Apache and a variant of worker mode (upgrade). It separates the service process from the connection. Different from worker mode, it solves the problem that thread resources are wasted during keep-alive persistent connections. In event working mode, there are some special threads to manage these keep-alive type threads and pass the request to the thread of the server when a real request comes. When the execution is finished, it is allowed to be released. This enhances request processing in high concurrency scenarios. Event mode does not support https access very well (issues related to HTTP authentication).

(for the conversion between prefork, worker, and event modes, please refer to Note 6 of the prefork mode, the conversion method is the same. )

2. Apache configuration parameters

1) KeepAlive On/Off

(default is on)

KeepAlive refers to keeping the connection active, in other words, if KeepAlive is set to On, then requests from the same client do not need to connect again, avoiding the need to create a new connection for each request, thus adding to the burden on the server. In general, websites with more pictures should set KeepAlive to On.

2) KeepAliveTimeout number

(default is 5 seconds)

If the time between the second request and the first request exceeds the KeepAliveTimeOut, the first connection will be broken and a second connection will be created. Its setting generally takes into account the interval between two requests for files such as pictures or JS, which is generally set to 3-5 seconds.

3) MaxKeepAliveRequests 100

(default is 100 times)

The maximum number of HTTP requests that can be made per connection. Setting its value to 0 will support unlimited transmission requests within a single connection. In fact, no client program requests too many pages in a single connection, and the connection is usually completed below this limit.

4) HostnameLookups on | off | double

(default is off. It is recommended to keep off)

If you use on, you can only do a reverse check, and if you use double, then you will have to do a forward resolution after the reverse check, and only two results match each other, while off does not perform domain name verification.

For security, it is recommended to use double; to speed up access, it is recommended to use off.

When domain name lookup is enabled, this will increase the burden on apache. It is recommended to turn it off if you slow down the access speed.

5) timeout 5

Recommendation 5 this is when the apache accepts the request or sends the corresponding time to disconnect beyond this time

(default is 60 seconds, it is recommended to adjust to 5 seconds)

Note: the above configuration items can be set in / usr/local/http-2.4.23/conf/extra/httpd-default.conf and referenced through the include option in the httpd.conf file

The key to MPM is the main factor affecting concurrency efficiency:

1) StartServers 10

Sets the number of child processes established when the server starts. Because the number of child processes dynamically depends on the weight of the load, it is generally not necessary to adjust this parameter.

2) MinSpareServers 10

Sets the minimum number of idle child processes. The so-called idle child process refers to no child process that is processing the request. If the current number of idle child processes is less than MinSpareServers, then Apache will generate new child processes at a maximum rate of one per second. This parameter needs to be adjusted only on very busy machines. Setting this parameter too large is usually a bad idea.

3) MaxSpareThreads 75

Sets the maximum number of free child processes. If there are currently more free child processes than MaxSpareServers, the parent process will kill the extra child processes. This parameter needs to be adjusted only on very busy machines. Setting this parameter too large is usually a bad idea. If you set the value of the instruction to be less than MinSpareServers, Apache will automatically change it to "MinSpareServers+1".

4) ServerLimit 2000

The maximum number of processes allowed to be configured by the server. Use it only if you need to set MaxClients higher than the default of256. Keep the value of this instruction the same as MaxClients. Changing the value of this directive must stop the service completely before starting to take effect, and restarting in restart mode will not take effect.

5) MaxClients/MaxRequestWorkers 256

The maximum number of requests (maximum number of child processes) used for client requests, and any requests that exceed the MaxClients limit will enter the waiting queue. The default value is 256. if you want to increase this value, you must also increase the value of ServerLimit. It is recommended that you set the initial value to (maximum physical memory / 2 in Mb), and then dynamically adjust it according to the load. For example, for a machine with 4 gigabytes of memory, the initial value is 4, 000, 2, 000.

6) MaxRequestsPerChild/MaxConnectionsPerChild 0

Set the number of requests that can be processed by each child process. Each child process is automatically destroyed after processing a "MaxRequestsPerChild" request. 0 means infinity, that is, child processes are never destroyed. Servers with more memory can be set to 0 or a larger number. Servers with less memory might as well be set to 30, 50, 100. So in general, if you find that the memory of the server is rising in a straight line, it is recommended that you try to modify this parameter.

Note: the above configuration items can be set in / usr/local/http-2.4.23/conf/extra/httpd-mpm.conf and referenced through the include option in the httpd.conf file

3. Enable the Gzip (deflate) function of apache

Gzip can greatly accelerate the website, and sometimes the compression ratio is as high as 80%, at least more than 40%, which is quite good. In versions after Apache2, the module name is not gzip, but mod_deflate

Gzip is not used:

Enable using Gzip:

If you want to enable moddeflate, be sure to open the following two modules:

LoadModule deflate_module modules/mod_deflate.so

LoadModule headers_module modules/mod_headers.so

Set the compression ratio, which ranges from 1 (minimum) to 9 (maximum). It is not recommended to set it too high. Although it has a high compression ratio, it takes up more CPU resources.

Mod_deflate module inspection and installation:

If you see that it is not possible that it did not start, go to the httpd.conf configuration file to see if there is a deflate_module module.

Now both must-have modules are available.

If it is not installed, resolve it in the following ways:

a. Compile-time installation method

When compiling, keep up with-- enable-deflate to install.

B.DSO installation

① is first cut to the directory where apache source package mod_deflate is located.

② is compiled and installed into apache as DSO

Note: to install the mod_deflate module, you need to add the parameter "- I". Other modules do not need "- I".

③ checks whether mod_deflate and mod_headers are installed. The file will be displayed here if the installation is successful.

After ④ is successfully installed, start the httpd service gracefully

The apxs command parameter description:

-c this option indicates that a compilation operation is required.

-I this option indicates that an installation operation is required to install one or more dynamic shared objects to the server's modules directory.

-a this option automatically adds a LoadModule line to the httpd.conf file to enable the module, or, if the line already exists, to enable it.

-I this option is passed directly to the connection command to add custom library files.

An additional parameter:

The-An option is similar to the-an option, but the LoadModule command it adds has a pound sign prefix (#), that is, the module is ready but not enabled.

Note: if other httpd versions of the experimental environment (such as httpd2.2.17)

# / usr/local/http2.2/bin/apxs-c-I-a / root/httpd-2.2.17/modules/metadata/mod_deflate.c

# / usr/local/http2.2/bin/apxs-c-I-a/root/httpd-2.2.17/modules/metadata/mod_headers.c

If an error occurs during reboot:

Error in referencing:

Cannotload / usr/local/apache/modules/mod_deflate.so into server: / usr/local/apache/modules/mod_deflate.so:undefined symbol: inflateEnd

The solution is as follows:

Need to be in the

Load zlib.so in front of LoadModuledeflate_module modules/mod_deflate.so

It should be noted here that LoadModule deflate_module needs to be placed after LoadModulephp5_module.

The explanation is as follows:

LoadFile/usr/lib/libz.so (on x64 systems, the library file is located in the / usr/lib64 directory and can be softly linked to / usr/lib. Note: if in this lab environment (i.e. httpd2.4.24) ln-s / usr/local/zlib/lib/libz.so / usr/lib/)

LoadModuledeflate_module modules/mod_deflate.so

Restart httpd:

# / usr/local/http2.4.23/bin/apachectl graceful # start httpd service gracefully

Attachment: how to install one without a module?

Modify the Apache configuration file to enable gzip compressed transfer:

① httpd.conf modifies and adds configuration parameters:

Description: after opening httpd.conf, first remove the # in front of the above two lines of configuration, so that apache will enable these two modules, in which mod_deflate is the compression module, which is the gzip compression of the code to be transmitted to the client; the function of the mod_headers module is to tell the browser that the page is compressed by gzip. If mod_headers is not enabled, the browser will download the gzip compressed page and cannot display it properly.

② adds the following code to httpd.conf, which can be added to any blank space. If you don't know apache, if you are worried about adding the wrong place, put it on the last line of the http.conf file.

Note: it is best to check the two codes to be added before adding the code to make sure it exists.

The meaning of each line is explained as follows:

The compression level of DeflateCompressionLevel6 # can be 6 by default to maintain a balance between processor performance and web page compression quality.

SetOutputFilterDEFLATE # sets the output filter to enable compression of the output, which, like a switch, tells apache to compress the content transferred to the browser

# AddOutputFilterByTypeDEFLATE text/html text/plain text/xml application/x-javascriptapplication/x-httpd-php

# AddOutputFilterByType DEFLATE pawning picpathway *

AddOutputFilterByType DEFLATE text/* # setting compresses the contents of the file that are text, such as text/html text/css text/plain, etc.

AddOutputFilterByTypeDEFLATE application/ms* application/vnd* application/postscriptapplication/javascript application/x-javascript # compress the javascript file

AddOutputFilterByTypeDEFLATE application/x-httpd-php application/x-httpd-fastphp # compresses files of type php.

SetEnvIfNoCaseRequest_URI. (?: gif | jpe?g | png) $no-gzip dont-vary # setting does not compress image files with the suffix gif,jpg,jpeg,png. Note:: means that the contents of () will not be captured.

SetEnvIfNoCaseRequest_URI. (?: exe | t?gz | zip | bz2 | sit | rar) $no-gzip dont-vary

# same as above, set not to compress files such as exe,tgz,gz.

SetEnvIfNoCaseRequest_URI. (?: pdf | mov | avi | mp3 | mp4 | rm) $no-gzip dont-vary # same as above is to set not to compress files such as pdf,avi,mp3.

Set log output!

The meaning of each line is explained as follows:

DeflateFilterNoteInput input_info# declares the number of byte of the input stream

DeflateFilterNoteOutput output_info# declares the number of byte of the output stream

Percentage of compression declared by DeflateFilterNoteRatio ratio_info#

LogFormat' "% r"% {output_info} n deflate#% {input_info} n (% {ratio_info} n%) 'deflate# declares log format

CustomLoglogs/deflate_log.log deflate

After modification, save exit and restart the httpd service (start gracefully):

Use Google browser to test the access, as shown in the following figure: (hint: press F12 before accessing the test page):

Add some data to index.html, increase its file size, and send another test image:

Officially start testing:

In Google browser, press F12:

View the log:

Note: the picture does not need to be enabled for GZip compression. If you do not set SetEnvIfNoCaseRequest_URI. (?: gif | jpe?g | png) $no-gzip dont-vary, then from the GZip test results, the compressed image volume is even larger than the original volume! This explains why images do not have to enable GZip compression! (in fact, some images will become smaller when compressed, but most of them will become larger when compressed.)

You can detect pictures from several portals, as well as pictures from Google and baidu, all of which do not enable GZip compression of pictures, but only enable GZip compression of files such as html, css, js, etc., which further shows that GZip compression is not suitable for pictures. In addition, in addition to images, flash swf files do not have to enable GZip compression.

4. Configure mod_expires module

With this very useful optimization, mod_expires can reduce the number of repeated requests by about 20-30%, so that the repeated users CACHE the results of the specified page requests locally and do not send requests to the server at all. But be careful not to do this for files that update quickly.

This module controls the Expires header content of the server response and the max-age instruction of the Cache-Control header. The expiration date can be set relative to the last modification time of the source file or the access time of the client.

The effect of not enabling expire:

Enable expire caching:

Installation configuration of ① mod_expires:

Enable expires_module

② add Expires configuration rules

③ gracefully starts the service

④ verification

ExpiresDefault and ExpiresByType instructions can also be defined in an easy-to-understand syntax format:

ExpiresDefault "[plus] {}"

ExpiresByTypetype/encoding "[plus] {}"

One of the following is:

Access

Now (equivalent to 'access')

Modification

The plus keyword is optional. Must be an integer, which is one of the following:

Years

Months

Weeks

Days

Hours

Minutes

Seconds

For example, the following three directives indicate that the default validity of a document is one month:

ExpiresDefault "access plus 1 month"

ExpiresDefault "access plus 4 weeks"

ExpiresDefault "access plus 30 days"

The validity period can be further adjusted by adding a "" clause:

ExpiresByTypetext/html "access plus 1 month 15 days 2 hours"

ExpiresByTypep_w_picpath/gif "modification plus 5 hours 3 minutes"

Note that if you use a setting based on the last modified date, the "Expires:" header will not be added to content that does not come from the disk file. This is because these contents do not have the attribute of "last modified time".

# GIF is valid for 1 month (seconds)

ExpiresByTypep_w_picpath/gif A2592000

ExpiresByTypep_w_picpath/jpeg A2592000

ExpiresByTypep_w_picpath/png A2592000

ExpiresByTypep_w_picpath/x-icon A2592000

ExpiresByTypeapplication/x-javascript A604800

ExpiresByTypetext/plain A604800

# the validity period of the HTML document is one week after the last revision time

ExpiresByTypetext/html M604800

"M" indicates the last modification time of the source file, and "A" indicates the time when the client accesses the source file. The later time is calculated in seconds.

For an introduction to Apache Expires Module, you can refer to its official documentation:

Http://httpd.apache.org/docs/2.4/mod/mod_expires.html

5. Apache forbids directory traversal

By removing the Indexes from Options Indexes FollowSymLinks, you can prevent Apache from displaying the directory structure. The purpose of Indexes is to display the directory structure when there are no index.html files in that directory.

Let's first look at what directory traversal is:

Traversing the directory is to show all the files and subdirectories in the / usr/local/http-2.4.23/htdocs directory, which is not safe.

6. Apache hides version information

Test the status information of the default apache:

Enable httpd-default.conf in the ① master configuration

Remove the comment "#" from line 484:

② modifies httpd-default.conf

Change to the configuration shown in the following figure:

③ gracefully starts the httpd service

The status information of apache after ④ test hidden version number (still visible is apache, but the version of apache is not visible)

If ⑤ needs to completely revamp information such as versions, you need to prepare or recompile before compiling. When recompiling, modify the ap_release.h file in the include directory under the source package

# define AP_SERVER_BASEVENDOR "Apache Software Foundation" # name of the provider of the service

# Project name of the define AP_SERVER_BASEPROJECT "Apache HTTPServer" # service

# Product name of the define AP_SERVER_BASEPRODUCT "Apache" # service

# define AP_SERVER_MAJORVERSION_NUMBER 2 # Major version number

# define AP_SERVER_MINORVERSION_NUMBER 4 # minor version number

# define AP_SERVER_PATCHLEVEL_NUMBER 23 # Patch level

# define AP_SERVER_DEVBUILD_BOOLEAN 0 #

The lines listed above have been annotated, so you can change them to what you want, and then after compiling and installing, the other party will not know your version number at all.

7. Apache log cutting

Why split the log?

As the access to the website becomes larger and larger, the log files generated by WebServer will become larger and larger. If the logs are not divided, the large logs (such as Apache logs) can only be deleted at once, thus losing a lot of valuable information to the website, because these logs can be used for access analysis, network security monitoring, network health monitoring and so on. Therefore, the management of these massive logs is of great significance to the website.

Method 1: use rotatelogs (a tool that comes with apache) to record a log every other day

Edit the main configuration file for Apache with the following changes:

Comment out the following two lines:

Then add the following two lines:

The screenshot is as follows:

ErrorLog "| / usr/local/http-2.4.23/bin/rotatelogs-l logs/error_%Y%m%d.log86400"

CustomLog "| / usr/local/http-2.4.23/bin/rotatelogs-l logs/access_%Y%m%d.log86400" combined

Note: 86400 is the time unit of rotation in seconds.

Verification: view log files in the logs directory

Note: error logs are generated immediately after elegant startup, but access logs will not be generated until a client accesses the web server.

Note: due to the log polling tool rotatelogs provided by apache, it is said that logs are easy to be lost during log cutting, so we usually use cronolog for log polling.

Method 2. Use cronolog to create a new log for each day.

Install the cronolog program:

As shown in the previous method, comment out lines 276 and 305:

Add the following two lines:

Note: if there are multiple virtual hosts in the Apache, it is best to place one such code in each virtual host and change the log file name to a different name.

Extend:

① this ensures that one log is generated every hour under a folder every day.

② polling by day (common usage in production environment, recommended):

③ polling by the hour (more commonly used in production environments):

Note: the first method and the second method these two pipeline log file programs (that is, "|") are also different in that directories are automatically created when using cronolog if the log is placed in a path that does not exist, but not automatically when using rotatelogs.

7. Configure hotlink protection

Explanation: sometimes, the number of inexplicable visits to your website becomes larger, don't be happy too early, it may be hacked by others.

For example: for example, you set up a discuz forum with some hot pictures and videos; then someone redirects the address of visiting pictures on his website to your discuz, so that his server can be free; that is to say, when others visit the pictures and videos of his website, the consumption is indeed your server's resources.

The solution to this problem is to configure hotlink protection so that outsiders can't steal the chain.

Methods the first implementation method of 1:Apache hotlink protection can be implemented with rewrite.

First, make sure that the rewrite module for Apache is available:

As can be seen from the figure above, there are two reasons why there is no rewrite module module, one is that it is not downloaded and installed, and the other is that it is not enabled. Let's first see if there is a rewrite module module in the httpd master configuration file, whether it is not started, and if it is started.

(just remove the comment "#" from line 158)

Then add the following code where you find the configuration for your website, such as in the main configuration file or in the virtual host:

The screenshot is as follows:

RewriteEngineOn

RewriteCond% {HTTP_REFERER}! ^ $

RewriteCond% {HTTP_REFERER}! benet\ .com /. * $[NC]

RewriteCond% {HTTP_REFERER}! www\ .benet\ .com /. * $[NC]

RewriteRule.*\. (gif | jpg | swf) $http://www.benet.com/about/nolink.png[R,NC,L]

Note: explanation of relevant options

1.RewriteEngine On # enable rewrite. For rewrite to work, you must write

2.RewriteCond test-string condPattern # can be written before RewriteRule, there can be one or N entries to test the matching conditions of rewrite. How to write it, which will be discussed in more detail later.

3.RewriteRule Pattern Substitution # rules

4.% {HTTP_REFERER}: server variable, HTTPReferer is a part of header. When the browser sends a request to the web server, it usually takes Referer to tell the server which page I linked from, so that the server can get some information for processing. For example, if you link to a friend from my home page, his server can count from HTTP Referer how many users click on the link on my home page to visit his site every day.

5. [NC] refers to case-insensitive, [R] forced redirection of redirect

6. The letter L indicates that if this rule can be matched, then this rule is the last (Last), ignoring the subsequent rule

Description of hotlink protection configuration:

1. The red part: indicates your trust site. For my site, set to http://www.benet.com and http://benet.com

two。 Green: the extension of the file to be protected (to | separate). Files with these extensions must be referenced by a red URL before they can be accessed.

3. Blue part: define the image to be replaced when it is stolen, and let all the web pages of jpg, gif, swf and other files display the about/ nolink.png files in the root directory of the web document. Note: the replacement of the displayed image should not be placed in the hotlink protection directory, and the smaller the size of the image file, the better. Of course, instead of setting up a replacement picture, you can use the following statement: RewriteRule. *\. (gif | jpg | png) $- [F]

Note: [F] (force URL to be prohibited forbidden), force the current URL to be prohibited, that is, immediately feedback a HTTP response code 403 (prohibited).

Note:

RewriteCond% {HTTP_REFERER}! ^ $

The above line is intended to allow empty "HTTP_REFERER" access, that is, the display of the image file when the user is allowed to enter the image address directly in the browser address bar.

RewriteCond% {HTTP_REFERER}! benet\ .com /. * $[NC]

RewriteCond% {HTTP_REFERER}! www\ .benet\ .com /. * $[NC]

Set the HTTP sources that are allowed to access, including the site itself.

RewriteRule. *\. (gif | jpg | swf) $http://www.benet.com/about/nolink.png[R,NC,L]

Redirect access that does not meet the referer condition to nolink.png. Nolink.png is located in the directory about that allows "theft chain". Be careful, otherwise, warnings and pictures will not be displayed on each other's website.

Note: clear the economic browser cache during the test

Start testing now:

① added those five lines at the end of the httpd main configuration file. Save the exit and start gracefully.

② prepares two test pictures

③ stole the paoche.jpg resources of the httpdA website from the home page of httpdB.

④ modifies httpdB and client hosts files

⑤ is tested on a client

The experiment is successful, it should be noted that if you are in the experimental environment, do not forget to open the port 80 exception of the two web servers.

Method 2: block some requests by judging the browser header information, that is, using SetEnvIfNoCase and access.

Explanation: this method can save your bandwidth traffic by preventing some robots or spider crawlers from crawling your website.

Syntax: SetEnvIfNoCase attribute regex [!] env-variable [= value] [[!] env-variable [= value]]...

SetEnvIfNoCase assigns a value to a variable when a condition is met, that is, it sets the environment variable according to the client request property.

Note: Referer: indicates the URL that requests the original resource of the current resource. Hotlink protection can be achieved by using referer.

Then add the following code where you find the configuration for your website, such as in the main configuration file or in the virtual host:

The screenshot is as follows:

SetEnvIfNoCaseReferer "^ $" local_ref

SetEnvIfNoCaseReferer "www.benet.com/.*$" local_ref

SetEnvIfNoCaseReferer "benet.com/.*$" local_ref

Below version # 2.4, and then add the following:

Method 1:

Order Deny,Allow

Allow from env=local_ref

Deny from all

Method 2:

Order Allow,Deny

Allow from env=local_ref

# 2.4 or above, and then add the following:

The screenshot is as follows:

Require alldenied

Require env local_ref

Let's start the test:

After ① has modified the httpd main configuration file, start it gracefully:

② is tested on a client (clear the client's browser cache before testing)

3. Compile and install LAMP+xcache in fcgi mode

The mode of operation of php:

There are three working modes of php in lamp environment: CGI mode, apache module and FastCGI mode. Running PHP in CGI mode, the performance is not very good. Running as a module of apache, compiling and installing lamp has been introduced in the previous course. The difference between FastCGI mode and apache module is that FastCGI mode PHP is an independent process, and all PHP child processes are managed by a component called php-fpm of PHP; while PHP run in apache modular mode, apache is responsible for calling PHP to complete the work. The performance of PHP's FastCGI mode is much better than that of apache's modular approach. Today we compile and install lamp in FastCGI mode.

How FastCGI works:

First of all, the client initiates a request. There are two kinds of requests. One is a static request, which can be returned directly by the Apache. The other is a dynamic request. If it contains php or Perl as a script interpretation language, the Apache server will call the php server through the fastcgi protocol to execute and return to Apache the result after the interpretation will be returned by Apache. If the operation on the data is involved, the php server will also call the mysql server through the mysql protocol.

Compilation environment and software versions:

Linux

Web server

Php

Mysql database

Xcache

Centos7.2

Httpd-2.4.23

Php-5.4.26

Mysql5.7

Xcache-3.1.0

Host planning

At least 3 hosts, the operating system is centos7.2. The network segment is 192.168.1.0

Gateway 192.168.1.1

The distribution is as follows:

1 httpd server (192.168.1.7)

1 php server (192.168.1.8)

1 mysql server (192.168.1.9)

Compile and install LAMP:

Compile and install apache (please refer to the previous installation of apache)

Compile and install mysql (please refer to mysql installation)

Install php in FastCGI mode

Install the php server below:

1. Solve the dependency relationship

Install libmcrypt:

2. Compile and install php

The screenshot above is as follows:

. / configure--prefix=/usr/local/php5.6-- with-mysql=mysqlnd-- with-pdo-mysql=mysqlnd--with-mysqli=mysqlnd-- with-openssl-- enable-fpm-- enable-sockets-- enable-sysvshm--enable-mbstring-- with-freetype-dir-- with-jpeg-dir-- with-png-dir--with-zlib-- with-libxml-dir=/usr-- enable-xml-- with-mhash--with-mcrypt=/usr/local/libmcrypt-- with-config-file- Path=/etc--with-config-file-scan-dir=/etc/php.d-- with-bz2--enable-maintainer-zts & & make & & make install

Explanation of the relevant options:

-- prefix=/usr/local/php5.6 / / installation location

-- with-mysql=mysqlnd / / supports mysql

-- with-pdo-mysql=mysqlnd / / supports pdo module

-- with-mysqli=mysqlnd / / supports mysqli module

Note: the role of the above three options: the database and php are not on the same server, specify this way, and install the database connection driver

-- with-openssl / / supports openssl module

-- enable-fpm / / supports fpm mode

-- enable-sockets / / enable socket support

-- enable-sysvshm / / enable system shared memory support

-- enable-mbstring / / multi-byte strings, like our Chinese is multi-byte strings

-- with-freetype-dir / / supports freetype, freetype-devel, font-related, font parsing tools

-- with-jpeg-dir

-- with-png-dir

Note: the function of the above two options: deal with jpeg, png pictures, php can dynamically generate jpeg pictures

-- with-zlib / / is a compression library that is used to compress transmission over the Internet.

-- with-libxml-dir=/usr / / this libxml is used to parse xml, specified under / usr

-- enable-xml / / support xml

-- with-mhash / / supports mhash

-- with-mcrypt=/usr/local/libmcrypt / / libmcrypt-devel specified by this package

-- with-config-file-path=/etc / / specifies the path where the configuration file is stored

-- with-config-file-scan-dir=/etc/php.d / / profile scan path

-- with-bz2 / / supports BZip2

To support the worker or event MPM of apache, the-- enable-maintainer-zts option is used at compile time

Note: if you are using PHP5.3 or above, you can specify mysqlnd in order to link to the MySQL database, so that you do not need to install MySQL or MySQL development packages on this machine. Mysqlnd is available from php5.3 and can be bound to it at compile time (without having to rely on specific MySQL client library bindings), but it has been the default since PHP 5.4.

3. Provide php configuration file

4. Provide scripts for php-fpm

5. Provide php-fpm configuration file and edit

Start the php-fpm service:

Create a new virtual host directory on this host to store web page files:

Now that php is installed and configured, let's configure apache to call php through fastcgi protocol.

6. Configure apache (switch to apache host)

Description: after Apache2.4, there has been a special module for the implementation of FastCGI, this module is mod_proxy_fcgi.so, it is actually an expansion of the mod_proxy.so module, therefore, these two modules have to be loaded.

Remove the comment "#" from the following two lines:

Create a directory as the home directory for the virtual host:

Edit the main configuration file httpd.conf and open the virtual host:

Remove the comment "#" from the following line:

Locate AddType; at the same time and add the following two lines: let apache recognize the page in php format:

And navigate to DirectoryIndex: home page that supports php format (add index.php (preferably at the front)

Configure virtual hosts to support the use of fcgi:

The screenshot is as follows:

ServerAdmin webmaster@benet.com

DocumentRoot "/ var/www/benet"

ServerName www.benet.com

ServerAlias benet.com

ErrorLog "logs/benet.com-error_log"

CustomLog "logs/benet.com-access_log" common

ProxyRequests Off

ProxyPassMatch ^ / (. *\ .php (/. *)?) $fcgi://192.168.1.8:9000/var/www/benet/$1

#

# ProxyPassfcgi://192.168.1.8:9000/var/www/benet

#

Options FollowSymLinks

AllowOverride None

Require all granted

Note: the virtual host instance at the bottom of this profile is deleted.

The above configuration items are explained as follows:

ProxyRequests off # turn off the forward agent

ProxyPassMatch # sends file requests ending in .php to the php-fpm process. Php-fpm needs to know at least the running directory and URI, so these two parameters are specified directly after fcgi://192.168.1.8:9000. Other parameters have been encapsulated by mod_proxy_fcgi.so and do not need to be specified manually.

In particular, the red font part needs to be consistent with the path after the DocumentRoot in, and the ProxyPassMatch will only match and enforce this rule if it satisfies a specific regular pattern, which is ^ / (. *\ .php (/. *)?) $.

Start with the site (the root of the virtual host) and match any path that ends in .php or follows one / followed by something else.

^ (caret) and $(dollar) mark the beginning and end of the path to match

() the content in parentheses can be represented by $1 to facilitate referencing it later.

The proxy forwarded by fcgi://192.168.1.81:9000 through mod_proxy_fcgi, using the fastCGI protocol, goes to the port that PHP-FPM listens on.

/ path/to/your/documentroot/

It's very important! Must match the path of the virtual host and must be the absolute path of the corresponding php file in the operating system. Otherwise, the file will not be found.

$1 can be expanded from the original request to a variable of the entire request path, where it refers to the matching path (uri) in the preceding ().

Add: in versions prior to Apache httpd 2.4, PHP was either run as a module for Apache, or a third-party module was added to support PHP-FPM implementation.

Start the httpd service gracefully:

The following tests the LAMP environment:

First create a mysql account on the mysql host for php server connections:

Exception: open port 3306 on the Mysql server firewall:

Create a test page for .php under the / var/www/benet directory on the php server:

Don't forget that the web server should also open port 80 exception:

Access the php test page on the client:

Now add the mapping relationship to the client's hosts file:

You can see that the above two test pages show that apache, php, and mysql can work together.

7. Stress test

Website performance stress testing is an indispensable part in the process of server website performance tuning. Only when the server is under high pressure can we really reflect the problems exposed by improper settings such as software and hardware.

At present, the most common performance testing tools are ab, http_load, webbench, and siege. Today we are devoted to introducing ab.

Ab is a stress testing tool that comes with apache. Ab is very practical. It can be used not only for website access stress testing of apache servers, but also for other types of servers. Such as nginx, tomcat, IIS and so on.

Let's start with the use of the ab command:

The principle of 1.ab

Installation of 2.ab

3.ab parameter description

4.ab performance index

Actual use of 5.ab

6. Test the performance of nginx

1) the principle of ab

Ab is an abbreviation for the apachebench command.

How ab works: the ab command creates multiple concurrent access threads to simulate multiple visitors accessing a URL address at the same time. Its testing goal is based on URL, so it can be used not only to test the load pressure of apache, but also to test the pressure of other Web servers such as nginx, lighthttp, tomcat, IIS and so on.

The ab command requires very little of the computer that issues the load, and it takes up neither a very high CPU nor a lot of memory. But it puts a huge load on the target server, and the principle is similar to CC***. You should also pay attention to testing and using it yourself, otherwise there will be too much load at a time. It may cause the target server to run out of resources, and even lead to a crash in serious cases.

2) installation of ab

The installation of ab is very simple, and it is even easier if you install apache in source code. After the apache installation, the ab command is stored in the bin directory of the apache installation directory. As follows:

Note 1: if apache is installed through yum's RPM package, the ab command is stored in the / usr/bin directory by default.

Note 2: note: if you don't want to install apache but want to use the ab command, you can install apache's toolkit httpd-tools directly. As follows:

Yum-y install httpd-tools

To see if ab is installed successfully, you can change to the above directory and use the ab-V command to test. As follows:

The above picture shows that the test results were reported incorrectly. Here is the solution:

① first check it out with the find command

② adds the path of libssl.so.1.0.0 to the file in the search base file

③ executes the ldconfig command to make its changes take effect

Now let's look at the test again:

From the picture above, the problem has been solved and can be seen.

3) ab parameter description

About the use of the ab command, we can view it through the help command. As follows:

Let's explain these parameters below. As follows:

-n: the number of requests executed in the test session (that is, the total number of requests).

-c: the number of requests generated at a time (that is, the number of concurrent users).

Let's start the stress test:

The data in the figure above is used to describe the distribution of the processing time of each request. For example, in the above test, 80% of the request processing time does not exceed 63ms, which refers to the previous Time per request, that is, the average processing time of each request for a single user.

Continue the stress test.

Let's do another stress test, when the number of concurrent users is 1000, other conditions remain the same, and check the throughput difference between the two test results.

4) ab performance index

There are several metrics that are important during performance testing:

1. Throughput (Requests per second)

A quantitative description of the server's concurrent processing capacity, in reqs/s, which refers to the number of requests processed per unit time under a certain number of concurrent users. The maximum number of requests that can be processed per unit time under a certain number of concurrent users is called maximum throughput.

Remember: throughput is based on the number of concurrent users. This sentence represents two meanings:

A, throughput is related to the number of concurrent users

B. Under different concurrent users, the throughput is generally different.

Formula: total number of requests / time it takes to process these requests, that is

Requestper second=Complete requests/Time taken for tests

It must be noted that this value represents the overall performance of the current machine, and the higher the value, the better.

2. Concurrent connections (The number of concurrent connections)

The number of concurrent connections refers to the number of requests accepted by the server at a certain time, in short, a session.

3. Number of concurrent users (Concurrency Level)

Pay attention to the difference between this concept and the number of concurrent connections. A user may have multiple sessions at the same time, that is, the number of connections.

4. APCge request waiting time (Time per request)

Calculation formula: the time it takes to process all requests / (total requests / concurrent users), that is:

Timeper request=Time taken for tests/ (Complete requests/ConcurrencyLevel)

5. APCge request waiting time on the server (Time per request:across all concurrentrequests)

Calculation formula: the time / total number of requests taken to process all requests completed, that is:

Timetaken for/testsComplete requests

As you can see, it is the reciprocal of throughput.

At the same time, it is also equal to the average request waiting time of users / the number of concurrent users, that is

Timeper request/Concurrency Level

8. Install php acceleration software Xcache under CentOS7.2 (complete the following operations on the php host)

Let me explain in advance:

Php installation directory: / usr/local/php5.6

Php.ini profile path: / etc/php.ini

Php web page root directory: / var/www/benet

1) install xcache

Wget http://xcache.lighttpd.net/pub/Releases/3.2.0/xcache-3.2.0.tar.gz

# download

2) create xcache cache file

3) copy the xcache background management program to the root directory of the website

4) configure php to support xcache

Add the following to the last line:

Copy the xcache directory to the web page documentation directory of the apache host:

5) Test

Restart php-fpm:

The browser opens the xcache under the root of the website:

The reason for the warning is that the timezone of the system is not set.

Description: from PHP 5.1.0, when using functions such as date (), if timezone is set incorrectly, E_NOTICE or E_WARNING information will be generated each time the time function is called. In PHP 5.1.0, date.timezone is off by default, and no matter what PHP command is used, it seems that this error will be thrown by force in PHP 5.3 if it is not set. To solve this problem, just localize it.

The solution is as follows:

① enters the php.ini configuration file

② modifies line 913 to remove the comment "#" and add PRC after it

③ restart php-fpm

Browse again to verify:

As can be seen in the picture above, the warning message has been resolved.

At this point, the Xcache tutorial for installing php acceleration software under Linux has been completed.

Perform the ab stress test below:

Perform the first stress test:

Perform the second stress test:

Check the hit rate of xcache:

Visit the following web page many times:

Then take a look at the hit rate:

9. Deploy bbs forums

Extract the program files for ① Discuz and place all files in upload into the website directory (php server operation)

② sets the service user of php-fpm as the owner of the following files or sets write permissions on them, otherwise an error will be reported during installation

③ modifies the php.ini file

④ restart php-fpm

The web server also needs to have static files (operate on the apache server):

The service user who sets httpd also needs to have write permission to the specified file:

Create a bbs database and authorization account on the database server:

After all the settings are completed, enter them on the client.

Http://www.benet.com/bbs/install can be installed

The above situation is due to the program changes caused by the installation of discuz on the php server, which leads to inconsistent programs between the dynamic server and the static server. You only need to manually synchronize the files of the bbs server with the web server. If you want to achieve automatic synchronization, you need to use other services, such as initory+rsync, sersync and other tools.

Use the following command to synchronize:

After the dynamic server and the static server synchronize the files, you can access the bbs URL again:

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.