Tomtalk
来自tomtalk
目录
重启php-fpm
service php-fpm restart
freebsd重启mysql
/usr/local/etc/rc.d/mysql-server restart
您的主机42.121.108.182正在被暴力破解
- 原因
- 您好,建议您分析下云盾提示的攻击ip,将实际的攻击ip使用iptables功能屏蔽掉。
- 另外更改ssh的端口号。加强登陆端口的隐蔽性。
- 对常用端口如ssh端口 ftp端口等用iptables命令限制访问ip等。
- 操作
- 改/etc/services和 /etc/ssh/sshd_config
- 和/etc/services没任何关系,需要找到正确位置的sshd_config,然后修改其端口号,重启sshd服务。因为不同的安装方式,sshd_config的文件位置不同,而且可能不只一个。
service sshd restart netstat -lnp passwd 用户名 (修改密码)
centos6.2安装五笔输入法
使用centos 仓库里的 ibus,五笔支持是 ibus-table-wubi 包
sudo yum install ibus-table-wubi
varnish重启脚本
#!/bin/sh pkill varnishd cd /usr/local/varnish/sbin ./varnishd -f vcl.conf -s malloc,50M
varnish wiki 配置文件
# set default backend if no server cluster specified backend default { .host = "localhost"; .port = "8080"; # .port = "80"; also works well, but using 8080 allows direct access to Apache for debugging purposes. } # The default code for vcl_recv is incorporated into the following subroutine to make it easier to specify the proper order of execution. sub vcl_recv { # Force lookup if the request is a no-cache request from the client. if (req.http.Cache-Control ~ "no-cache") { ban_url(req.url); } unset req.http.Cookie; if (req.http.Accept-Encoding) { if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") { # No point in compressing these remove req.http.Accept-Encoding; } elsif (req.http.Accept-Encoding ~ "gzip") { set req.http.Accept-Encoding = "gzip"; } elsif (req.http.Accept-Encoding ~ "deflate" && req.http.user-agent !~ "MSIE") { set req.http.Accept-Encoding = "deflate"; } else { # unkown algorithm set req.http.Accept-Encoding = "gzip"; #remove req.http.Accept-Encoding; } } return (lookup); } sub vcl_pipe { # This is otherwise not necessary if you do not do any request rewriting. set bereq.http.connection = "close"; } sub vcl_hit { if (req.request == "PURGE") { purge; error 200 "Purged"; } } sub vcl_miss { if (req.request == "PURGE") { error 200 "Not in cache"; } } sub vcl_fetch { # For debugging only. Varnish's internal Time To Live for cached object set beresp.http.X-orig-ttl = beresp.ttl; # I think the following is redundant because caches aren't allowed to change Cache Control headers set beresp.http.X-Orig-Cache-Control = beresp.http.Cache-Control; # set minimum timeouts to auto-discard stored objects # set beresp.prefetch =-30s; set beresp.grace = 120s; set beresp.ttl = 1h; return(deliver); } sub vcl_deliver { # For debugging only. The approximate number of times the object has been delivered. A value of 0 indicates a cache miss. set resp.http.X-obj-hits = obj.hits; return(deliver); }
install memcached
wget https://github.com/downloads/libevent/libevent/libevent-2.0.20-stable.tar.gz tar zxvf libevent-2.0.20-stable.tar.gz ./configure --prefix=/usr make && make install wget http://memcached.googlecode.com/files/memcached-1.4.15.tar.gz tar zxvf http://memcached.googlecode.com/files/memcached-1.4.15.tar.gz ./configure --with-libevent=/usr make && make install
参数不算多,我们来启动一个Memcache的服务器端:
- /usr/bin/memcached -d -m 10 -u root -l localhost -p 12000 -c 256 -P /tmp/memcached.pid
-d选项是启动一个守护进程,-m是分配给Memcache使用的内存数量,单位是MB,我这里是10MB,-u是运行Memcache的用户,我这里是root,-l是监听的服务器IP地址,如果有多个地址的话,我这里指定了服务器的IP地址192.168.0.200,-p是设置Memcache监听的端口,我这里设置了12000,最好是1024以上的端口,-c选项是最大运行的并发连接数,默认是1024,我这里设置了256,按照你服务器的负载量来设定,-P是设置保存Memcache的pid文件,我这里是保存在/tmp/memcached.pid,如果要结束Memcache进程,执行:
- kill `cat /tmp/memcached.pid`
也可以启动多个守护进程,不过端口不能重复。
pecl install memcache
install nginx
yum install gcc-c++ libtool gcc zlib zlib-devel wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.20.tar.gz tar zxvf pcre-8.20.tar.gz ./configure make && make install wget http://nginx.org/download/nginx-1.2.2.tar.gz tar zxvf nginx ./configure make && make install #现在,启动ngnix测试是否已经安装好。open http://www.tomtalk.net/ will display "Welcome to nginx!". /usr/local/ngnix/sbin/ngnix
install mysql
yum install cmake #mysql5.5以后是通过cmake来编译的 wget http://downloads.mysql.com/archives/mysql-5.5/mysql-5.5.0-m2.tar.gz cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/usr/local/mysql/data -DCURSES_LIBRARY=/usr/lib/libncurses.so.5 -DCURSES_INCLUDE_PATH=/usr/include make && make install #注意事项:重新编译时,需要清除旧的对象文件和缓存信息。# rm -f CMakeCache.txt yum -y install mysql-server php-mysql
install php
yum install libxml2 libxml2-devel yum -y install libmcrypt libmcrypt-devel yum install php-mcrypt gd-devel php-gd curl curl-devel wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.13.1.tar.gz tar -zxvf libiconv-1.13.1.tar.gz cd libiconv-1.13.1 ./configure make && make install wget http://cn2.php.net/get/php-5.3.8.tar.gz/from/au.php.net/mirror #www.php.net/download.php tar -zxvf php-5.3.8.tar.gz ./configure --enable-fastcgi --enable-fpm --enable-pdo --with-iconv=/usr/local/libiconv --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-curl=/usr/local/curl --with-gd --with-mcrypt=/usr --with-config-file-path=/etc --enable-pcntl make && make install
注:
- Nginx+PHP整合,在安装时必须启用–enable-fastcgi和 –enable-fpm,这两个选项是做什么的上面已经描述。执行完后系统会提示–enable-fastcgi是一个未知选项,我们不必理会。
- elong要使用pdo,所以要加入--enable-pdo
- 解决办法:安装php-mcrypt libmcrypt libmcrypt-devel这三个库文件
系统运维 www.osyunwei.com 温馨提醒:qihang01原创内容?版权所有,转载请注明出处及原文链接
下面以CentOS 6.0系统为例来为说明:(备注:以下操作均在终端命令行下进行)
1、安装第三方yum源(默认yum源里面没有这几个库文件,不能使用yum安装)
wget http://www.atomicorp.com/installers/atomic #下载 sh ./atomic #安装
- yun 提示kernel-2.6.32-220.13.1.el6.x86_64 has missin
运行yun 提示kernel-2.6.32-220.13.1.el6.x86_64 has missing requires of kernel-firmware >= ('0', '2.6.32', '220.13.1.el6')
请修改文件vi /etc/yum.conf 将exclude=kernel*前加注释即可解决
configure: error: libjpeg.(a|so) not found
在64位机器centos 6.0系统上安装php-5.3.3出现如下报错,
解决方法:
- ln -s /usr/lib64/libjpeg.so /usr/lib/
- ln -s /usr/lib64/libpng.so /usr/lib/
[root@MyVPS conf]# cat /usr/local/etc/php-fpm.conf [global] pid = /usr/local/var/run/php-fpm.pid error_log = /usr/local/var/log/php-fpm.log log_level = notice [www] listen = /tmp/php-cgi.sock user = nobody group = nobody pm = dynamic pm.max_children = 30 pm.start_servers = 2 pm.min_spare_servers = 2 pm.max_spare_servers = 5 pm.max_requests = 50 request_terminate_timeout = 80s request_slowlog_timeout = 80s slowlog = /usr/local/var/log/slow-exec-php-fpm.log /usr/local/sbin/php-fpm #运行php-pfm ln -s /var/lib/mysql/mysql.sock mysql.sock
ngnix.conf
/usr/local/etc/nginx
user nobody nobody; worker_processes 2; error_log /usr/local/var/log/nginx_error.log crit; pid /usr/local/nginx/logs/nginx.pid; worker_rlimit_nofile 51200; events { use epoll; worker_connections 2048; } http { include mime.types; default_type application/octet-stream; server_names_hash_bucket_size 128; client_header_buffer_size 32k; large_client_header_buffers 4 32k; client_max_body_size 50m; sendfile on; tcp_nopush on; keepalive_timeout 60; tcp_nodelay on; fastcgi_connect_timeout 60; fastcgi_send_timeout 180; fastcgi_read_timeout 180; fastcgi_buffer_size 128k; fastcgi_buffers 256 16k; fastcgi_busy_buffers_size 512k; fastcgi_temp_file_write_size 700k; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.0; gzip_comp_level 2; gzip_types text/plain application/x-javascript text/css application/xml; gzip_vary on; server { listen 80; server_name www.tomtalk.net; index index.html index.htm index.php; root /var/www; location /wiki { index index.php; rewrite "^/wiki/([^?]*)(?:\?(.*))?" /wiki/index.php?title=$1&$args last; } error_page 404 403 500 502 503 504 /404.html; location ~ .+\.php($|/) { set $script $uri; set $path_info "/"; if ($uri ~ "^(.+\.php)(/.+)") { set $script $1; set $path_info $2; } fastcgi_pass unix:/tmp/php-cgi.sock; fastcgi_index index.php?IF_REWRITE=1; include fastcgi.conf; fastcgi_param PATH_INFO $path_info; fastcgi_param SCRIPT_FILENAME $document_root/$script; fastcgi_param SCRIPT_NAME $script; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; } location ~ .*\.(js|css)?$ { expires 12h; } } include vhost/*.conf; }
