CentOS 7.0默认使用的是firewall作为防火墙,这里改为iptables防火墙。
#停止firewall服务
systemctl stop firewalld.service
#禁止firewall开机启动
systemctl disable firewalld.service
#安装
yum install iptables-services
#编辑防火墙配置文件
vi /etc/sysconfig/iptables
加入红色的两行代码,请注意位置一定要对应。
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
:wq! #保存退出
#最后重启防火墙使配置生效
systemctl restart iptables.service
#设置防火墙开机启动
systemctl enable iptables.service
3. 关闭seinux
#修改配置文件
vi /etc/selinux/config
#SELINUX=enforcing #注释掉
#SELINUXTYPE=targeted #注释掉
SELINUX=disabled #增加
:wq! #保存退出
#使配置立即生效
setenforce 0
CentOS release 7.3.1611 (AltArch)
Linux nmserver-7.test.com3.10.0-514.el7.centos.plus.i686 #1 SMP Wed Jan 25 12:55:04 UTC 2017 i686 i686 i386 GNU/Linux
1、安装apache
1.1 安装apache
1.2 启动apache服务
1.3 设置httpd服务开机启动
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
1.4 查看服务状态
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since 五 2017-07-21 17:21:37 CST; 6min ago
Docs: man:httpd(8)
man:apachectl(8)
Main PID: 2449 (httpd)
Status: "Total requests: 11; Current requests/sec: 0; Current traffic: 0 B/sec"
CGroup: /system.slice/httpd.service
├─2449 /usr/sbin/httpd -DFOREGROUND
├─2450 /usr/sbin/httpd -DFOREGROUND
├─2451 /usr/sbin/httpd -DFOREGROUND
├─2452 /usr/sbin/httpd -DFOREGROUND
├─2453 /usr/sbin/httpd -DFOREGROUND
├─2454 /usr/sbin/httpd -DFOREGROUND
├─2493 /usr/sbin/httpd -DFOREGROUND
├─2494 /usr/sbin/httpd -DFOREGROUND
└─2495 /usr/sbin/httpd -DFOREGROUND
7月 21 17:21:36 nmserver-7.test.com httpd[2449]: AH00558: httpd: Could not reliably determine the server's fully q...ssage
Hint: Some lines were ellipsized, use -l to show in full.
1.5 防火墙设置开启80端口
success
success
success
1.6确认80端口监听中
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 1084/sshd
tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN 1486/master
tcp6 0 0 [::]:ssh [::]:* LISTEN 1084/sshd
tcp6 0 0 localhost:smtp [::]:* LISTEN 1486/master
tcp6 0 0 [::]:http [::]:* LISTEN 2449/httpd
udp 0 0 localhost:323 0.0.0.0:* 592/chronyd
udp6 0 0 localhost:323 [::]:* 592/chronyd
1.8 查服务器IP
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:56:bc:cf brd ff:ff:ff:ff:ff:ff
inet 192.168.8.9/24 brd 192.168.8.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe56:bccf/64 scope link
valid_lft forever preferred_lft forever
3: bridge0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
link/ether ea:89:d5:c7:32:73 brd ff:ff:ff:ff:ff:ff
1.9 浏览器登陆
2、安装mysql
2.1安装mysql
mariadb-libs-5.5.52-1.el7.i686
mariadb-5.5.52-1.el7.i686
mariadb-server-5.5.52-1.el7.i686
mariadb-devel-5.5.52-1.el7.i686
2.2 开启mysql服务,并设置开机启动,检查mysql状态
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
● mariadb.service - MariaDB database server
Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled)
Active: active (running) since 六 2017-07-22 21:19:20 CST; 21s ago
Main PID: 9603 (mysqld_safe)
CGroup: /system.slice/mariadb.service
├─9603 /bin/sh /usr/bin/mysqld_safe --basedir=/usr
└─9760 /usr/libexec/mysqld --basedir=/usr --datadir=/v...
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 1084/sshd
tcp 0 0 0.0.0.0:mysql 0.0.0.0:* LISTEN 9760/mysqld
tcp6 0 0 [::]:ssh [::]:* LISTEN 1084/sshd
tcp6 0 0 [::]:http [::]:* LISTEN 2449/httpd
udp 0 0 localhost:323 0.0.0.0:* 592/chronyd
udp6 0 0 localhost:323 [::]:* 592/chronyd
2.3 数据库安全设置
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] n
... skipping.
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDBinstallation should now be secure.
Thanks for using MariaDB!
2.4 登陆数据库测试
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 11
Server version: 5.5.52-MariaDB MariaDB Server
Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
3 rows in set (0.02 sec)
MariaDB [(none)]>
3、安装PHP
3.1 安装php
/etc/httpd/conf.d/php.conf
/etc/httpd/conf.modules.d/10-php.conf
/usr/lib/httpd/modules/libphp5.so
/usr/share/httpd/icons/php.gif
/var/lib/php/session
3.2 将php与mysql关联起来
/etc/php.d/mysql.ini
/etc/php.d/mysqli.ini
/etc/php.d/pdo_mysql.ini
/usr/lib/php/modules/mysql.so
/usr/lib/php/modules/mysqli.so
/usr/lib/php/modules/pdo_mysql.so
3.3 安装常用PHP模块
[[email protected]7 ~]# yum install -y php-gd php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-snmp php-soap curl curl-devel php-bcmath
3.4 测试PHP
[[email protected] ~]# cd /var/www/html/
[[email protected] html]# ls
[[email protected] html]# pwd
/var/www/html
[[email protected] html]# vi info.php
<?php
phpinfo();
?>
~
~
~
~
~
~
~
~
:wq
3.5重启apache服务器
3.6测试PHP
在自己电脑浏览器输入 192.168.8.9/info.php,你可以看到已经安装的模块;