LNMP服务器安装配置（Rhel+Nginx+PHP+MySQL）

[root@localhost ~]# cp /etc/sysconfig/iptables /etc/sysconfig/iptablesbak
[root@localhost ~]# vim /etc/sysconfig/iptables
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
[root@localhost ~]# /etc/init.d/iptables restart
[root@localhost ~]# cp /etc/sysconfig/selinux /etc/sysconfig/selinuxbak
[root@localhost ~]# cat /etc/sysconfig/selinux|grep -v "#"
SELINUX=disabled
SELINUXTYPE=targeted
[root@localhost ~]#

[root@localhost ~]# rpm -e --nodeps `rpm -qa|egrep -i "httpd|php"`  #删除系统自带的软件包
[root@localhost ~]# wget   #下载、安装第三方yum源
[root@localhost ~]# sh ./atomic   #安装
Do you agree to these terms? (yes/no) [Default: yes] yes
Configuring the [atomic] yum archive for this system
Installing the Atomic GPG keys: OK
OK
Enable repo by default? (yes/no) [Default: yes]:
The Atomic Rocket Turtle archive has now been installed and configured for your system
The following channels are available:
[root@localhost ~]# yum check-update   #更新yum源
[root@localhost ~]# yum -y install nginx
[root@localhost ~]# service nginx start
Starting nginx:                                            [  OK  ]
[root@localhost ~]#

[root@localhost ~]# yum install mysql mysql-server -y
[root@localhost ~]# chkconfig mysqld on
[root@localhost ~]# /etc/init.d/mysqld start
[root@localhost ~]# cp /usr/share/mysql/my-medium.cnf /etc/my.cnf
cp: overwrite `/etc/my.cnf'? y
[root@localhost ~]# mysql_secure_installation   #为root账户设置密码
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Set root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
Remove anonymous users? [Y/n] Y
... Success!
Disallow root login remotely? [Y/n] Y
... Success!
Remove test database and access to it? [Y/n] Y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reload privilege tables now? [Y/n] Y
... Success!
Thanks for using MySQL!
[root@localhost ~]# service mysqld restart

[root@localhost ~]# yum install php php-fpm -y
[root@localhost ~]# yum install php-mysql php-gd libjpeg* php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt  php-bcmath php-mhash libmcrypt -y  #安装PHP组件，使 PHP5 支持 MySQL
[root@localhost ~]# chkconfig php-fpm on
[root@localhost ~]# /etc/init.d/php-fpm start
Starting php-fpm:                                          [  OK  ]
[root@localhost ~]#

[root@localhost ~]# cp /etc/nginx/nginx.conf /etc/nginx/nginx.confbak
[root@localhost ~]# vim /etc/nginx/nginx.conf
user              nginx nginx;    #修改nginx运行账号为：nginx组的nginx用户
worker_processes  1;
[root@localhost ~]# cp /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.confbak
[root@localhost ~]# vim /etc/nginx/conf.d/default.conf
location / {
root   /usr/share/nginx/html;
index  index.php index.html index.htm;   #增加index.php
# example
#ModSecurityEnabled on;
#ModSecurityConfig /etc/nginx/modsecurity.conf;
}
location ~ \.php$ {    #取location的注释,并将fastcgi_param行的参数,改为$document_root$fastcgi_script_name,或者使用绝对路径
root           html;
fastcgi_pass   127.0.0.1:9000;
fastcgi_index  index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include        fastcgi_params;
}
[root@localhost ~]# service nginx restart
Stopping nginx:                                            [  OK  ]
Starting nginx:                                            [  OK  ]
[root@localhost ~]#

[root@localhost ~]# cp /etc/php.ini /etc/php.inibak
[root@localhost ~]# vim /etc/php.ini
878 date.timezone = PRC
314 disable_functions = passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,in     i_alter,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server,escapesh     ellcmd,dll,popen,disk_free_space,checkdnsrr,checkdnsrr,getservbyname,getservbyport,disk_total_space,posix_c     termid,posix_get_last_error,posix_getcwd, posix_getegid,posix_geteuid,posix_getgid, posix_getgrgid,posix_ge     tgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid, posix_getppid,posix_getpwna     m,posix_getpwuid, posix_getrlimit, posix_getsid,posix_getuid,posix_isatty, posix_kill,posix_mkfifo,posix_se     tegid,posix_seteuid,posix_setgid, posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_     ttyname,posix_uname   #PHP禁用的函数，如果某些程序需要用到这个函数，可以删除，取消禁用。
375 expose_php = Off    #禁止显示php版本的信息
211 short_open_tag = ON   #支持php短标签
308 open_basedir = .:/tmp/  #设置表示允许访问当前目录(即PHP脚本文件所在之目录)和/tmp/目录,可以防止php木马跨站,如果改了之后安装程序有问题(例如：nginx可能网站根目录下的文件会提示Access Denied)，可以注销此行，或者直接写上程序的目录open_basedir = /usr/share/nginx/html/:/tmp/
[root@localhost ~]#

[root@localhost ~]# cp /etc/php-fpm.d/www.conf /etc/php-fpm.d/www.confbak
[root@localhost ~]# vim /etc/php-fpm.d/www.conf
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx
[root@localhost ~]#

[root@localhost ~]# cd /usr/share/nginx/html/
[root@localhost html]# vim index.php
<?php
phpinfo();
?>
~
[root@localhost html]# service nginx restart
Stopping nginx:                                            [  OK  ]
Starting nginx:                                            [  OK  ]
[root@localhost html]# service php-fpm restart
Stopping php-fpm:                                          [  OK  ]
Starting php-fpm:                                          [  OK  ]
[root@localhost html]#