Debian 9.X使用源安装 LEMP

Install NewNginx With Source of Sury:

apt-get update && apt-get upgrade

apt-get install curl vim wget unzip apt-transport-https lsb-release ca-certificates

wget -O /etc/apt/trusted.gpg.d/nginx-mainline.gpg https://packages.sury.org/nginx-mainline/apt.gpg

cat >> /etc/apt/sources.list.d/nginx.list << EOF

deb https://packages.sury.org/nginx-mainline/ $(lsb_release -sc) main

EOF

apt-get update

apt-get install nginx-extras

nginx -v

systemctl enable nginx

install new PHP7.x with Sury:

这个源目前默认的 PHP 是 7.1.x ,如果您需要 7.2.x 或 7.0.x 或 5.6.x 那么请修改对应的 PHP 版本号(注意配置文件哦)

wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg

sh -c ‘echo “deb https://packages.sury.org/php/ $(lsb_release -sc) main” > /etc/apt/sources.list.d/php.list’

apt-get update

apt-get install php7.2-fpm php7.2-mysql php7.2-curl php7.2-gd php7.2-mbstring php7.2-xml php7.2-xmlrpc php7.2-zip php7.2-opcache

如果希望安装其他组件,可以通过搜索看看有没有对应的包

apt-cache search php7.2* | grep php

修改 php.ini 防止跨目录攻击,如果安装的 PHP 7.1.x 请相应修改 /etc/php/7.1/fpm/php.ini PHP 7.0.x 请相应修改 /etc/php/7.0/fpm/php.ini PHP 5.6.x 请修改 /etc/php/5.6/fpm/php.ini

sed -i ‘s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/’ /etc/php/7.2/fpm/php.ini

重启 PHP 和 Nginx

systemctl restart php7.2-fpm

Nginx 参考配置文件如下,新建立个 /etc/nginx/conf.d/example.com.conf

cat >> /etc/nginx/conf.d/example.com.conf << EOF

 

server {

listen 80;

listen [::]:80;

# 指定网站目录,可根据自己情况更换,建议放在 /var/www 目录下

root /var/www/example.com;

index index.php index.html index.htm;

# 默认第一个域名,替换 example.com 为您的域名

server_name example.com;

location / {

try_files \$uri \$uri/ =404;

}

# 开启 PHP7.2-fpm 模式,如需要安装 PHP 7.1.x 请修改为 fastcgi_pass unix:/run/php/php7.1-fpm.sock;

location ~ \.php$ {

include snippets/fastcgi-php.conf;

fastcgi_pass unix:/run/php/php7.2-fpm.sock;

}

}

EOF

 

重启 Nginx

systemctl restart nginx

我们的目录在 /var/www/example.com, 创建一个 phpinfo.php 并输入 phpinfo() 函数

mkdir /var/www/example.com

cat >> /var/www/example.com/phpinfo.php << EOF

EOF

好了,此时在浏览器输入 http://example.com/phpinfo.php,如果看到经典的 phpinfo 页面则说明安装成功,如果不成功,请仔细对比步骤查找哪里出错

安装 MySQL 5.7.x / Percona Server 5.7.x

Debian 9.x Stretch 默认已经使用 Mariadb ,所以这里我们推荐 Percona Server, 这货已经发布了 Debian 9.x Stretch 版本

wget https://repo.percona.com/apt/percona-release_0.1-5.$(lsb_release -sc)_all.deb

dpkg -i percona-release_0.1-5.$(lsb_release -sc)_all.deb

apt-get update

apt-get install percona-server-server-5.7

在弹出的界面里输入两次随机并且强大的 MySQL root 密码即可,安装成功后检查一下版本

很多新手第一次安装用了弱密码,后来服务器就被人日,所以这里强烈推荐安装完 MySQL 后,执行一次安全设置,很简单的一条命令

mysql_secure_installation

执行后会让您选择密码强度,一般情况下选择 1 或者 2

 

[email protected]:~# mysql_secure_installation

Securing the MySQL server deployment.

Enter password for user root:

VALIDATE PASSWORD PLUGIN can be used to test passwords

and improve security. It checks the strength of password

and allows the users to set only those passwords which are

secure enough. Would you like to setup VALIDATE PASSWORD plugin?

Press y|Y for Yes, any other key for No:y 请输入 y 进行初始安全设置

There are three levels of password validation policy:

LOW Length >= 8

MEDIUM Length >= 8, numeric, mixed case, and special characters

STRONG Length >= 8, numeric, mixed case, special characters and dictionary file

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2 最强大的密码当然要输入 2

Using existing password for root.

Estimated strength of the password: 100

Change the password for root ? ((Press y|Y for Yes, any other key for No) : n 如果之前设置了强密码,则不需要重新更改 root 密码,反之则按 y 回车后输入两次重置

By default, a MySQL installation has an anonymous user,

allowing anyone to log into MySQL without having to have

a user account created for them. This is intended only for

testing, and to make the installation go a bit smoother.

You should remove them before moving into a production

environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : y 移除匿名用户,没啥鸟用就直接移除吧

Normally, root should only be allowed to connect from

‘localhost’. This ensures that someone cannot guess at

the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y 关闭 root 远程登录,不需要进行远程登录的话就关了吧

Success.

By default, MySQL comes with a database named ‘test’ that

anyone can access. This is also intended only for testing,

and should be removed before moving into a production

environment.

Remove test database and access to it? (Press y|Y for Yes, any other key for No) :y 移除 test 数据库

Reloading the privilege tables will ensure that all changes

made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y 重置数据库权限

再次提醒,密码一定要随机、不可猜测,使用弱密码而导致服务器被日的例子实在是数不清楚

安装phpmyadmin

wget https://files.phpmyadmin.net/phpMyAdmin/4.8.5/phpMyAdmin-4.8.5-all-languages.zip

unzip phpMyAdmin-4.8.5-all-languages.zip

rm phpMyAdmin-4.8.5-all-languages.zip

mv phpMyAdmin-4.8.5-all-languages 你用的目录

然后访问http://域名/目录访问phpmyadmin测试。

然后访问http://域名/目录访问phpmyadmin测试。

注意,需要修改php.ini和nginx.conf中关于文件上传大小的限制

php.ini:

post_max_size = 30M

upload_max_filesize = 30M

nginx,nginx.conf中添加:

client_max_body_size 1000m;


「点点赞赏,手留余香」

    还没有人赞赏,快来当第一个赞赏的人吧!
Aff
0 条回复 A 作者 M 管理员
    所有的伟大,都源于一个勇敢的开始!
欢迎您,新朋友,感谢参与互动!欢迎您 {{author}},您在本站有{{commentsCount}}条评论