CentOS 7配置+xcache, php module

yum-y install php-mysql php mariadb-server httpd

yum install php-mysql php-gd libjpeg* php-ldap php-odbc

mod_ssl

vim/etc/httpd/conf.d/FQDN.conf  <VirtualHost*:80>    ServerName www. phpmyadmin.com    DocumentRoot /httpd/vhosts/phpmyadmin    <Directory "/httpd/vhosts/ phpmyadmin">        Options None        AllowOverride None        Require all granted    </Directory>    ErrorLog /var/log/httpd/ phpmyadmin /error.log    CustomLog /var/log/httpd/ phpmyadmin /access.logcombined</VirtualHost> <VirtualHost*:80>    ServerName www. wordpress.com    DocumentRoot /httpd/vhosts/wordpress    <Directory"/httpd/vhosts/wordpress">        Options None        AllowOverride None        Require all granted    </Directory>    ErrorLog /var/log/httpd/wordpress/error.log    CustomLog/var/log/httpd/wordpress/access.log combined</VirtualHost>

[root@localhost~]# mkdir /var/log/httpd/wordpress[root@localhost~]# mkdir /var/log/httpd/phpmyadmin

[root@localhost~]# mkdir -p /httpd/vhosts/wordpress[root@localhost~]# mkdir -p /httpd/vhosts/phpMyAdmin

[root@localhost~]# httpd -tSyntaxOK[root@localhost~]# systemctl start httpd[root@localhost~]# systemctl enable httpd

[root@localhost~]# systemctl start mariadb.service[root@localhost~]# systemctl enable mariadb.service

[root@localhostconf.d]# mysql_secure_installation/usr/bin/mysql_secure_installation:line 379: find_mysql_client: command not found NOTE:RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY! Inorder to log into MariaDB to secure it, we'll need the currentpasswordfor the root user.  If you've justinstalled MariaDB, andyouhaven't set the root password yet, the password will be blank,soyou should just press enter here. Entercurrent password for root (enter for none): （回车）OK,successfully used password, moving on... Settingthe root password ensures that nobody can log into the MariaDBrootuser without the proper authorisation. Setroot password? [Y/n] YNewpassword: Re-enternew password: Passwordupdated successfully!Reloadingprivilege tables.. ... Success!  Bydefault, a MariaDB installation has an anonymous user, allowing anyonetolog into MariaDB without having to have a user account created forthem.  This is intended only for testing, and tomake the installationgo abit smoother.  You should remove thembefore moving into aproductionenvironment. Removeanonymous users? [Y/n] y ... Success! Normally,root should only be allowed to connect from 'localhost'.  Thisensuresthat someone cannot guess at the root password from the network. Disallowroot login remotely? [Y/n] y ... Success! Bydefault, MariaDB comes with a database named 'test' that anyone canaccess.  This is also intended only for testing, andshould be removedbeforemoving into a production environment. Removetest database and access to it? [Y/n] y - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reloadingthe privilege tables will ensure that all changes made so farwilltake effect immediately. Reloadprivilege tables now? [Y/n] y ... Success! Cleaningup... Alldone!  If you've completed all of theabove steps, your MariaDBinstallationshould now be secure. Thanksfor using MariaDB!

[root@localhost~]#vim /etc/my.cnf innodb_file_per_table= ONskip_name_resolve= ON

[root@localhost~]# mysql -u root -pEnterpassword: Welcometo the MariaDB monitor.  Commands endwith ; or \g.YourMariaDB connection id is 10Serverversion: 5.5.47-MariaDB MariaDB Server Copyright(c) 2000, 2015, Oracle, MariaDB Corporation Ab and others. Type'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB[(none)]>

MariaDB[(none)]> grant all on wpdb.* to 'wpuser@192.168.%.%' identified by'password'    -> ;QueryOK, 0 rows affected (0.00 sec)

MariaDB[(none)]> flush privileges    -> ;QueryOK, 0 rows affected (0.00 sec) MariaDB[(none)]> quitBye

[root@localhostwordpress]# yum -y install wordpress

[root@localhostwordpress]# mv /usr/share/wordpress /httpd/vhosts/wordpress/

[root@localhostwordpress]# vim wp-config.php// **MySQL settings - You can get this info from your web host ** ///**The name of the database for WordPress */define('DB_NAME','wpdb'); /**MySQL database username */define('DB_USER','wpuser'); /**MySQL database password */define('DB_PASSWORD','password'); /**MySQL hostname */define('DB_HOST','192.168.1.10');

[root@wwwphpMyAdmin]# yum -y install phpMyAdmin

cp -r./ /httpd/vhosts/phpmyadmin/

[root@bogon~]# cd /etc/pki/CA/[root@bogonCA]# (umask 077; openssl genrsa -out private/cakey.pem 1024)GeneratingRSA private key, 1024 bit long modulus.................++++++......................................++++++e is65537 (0x10001

[root@bogonCA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pemYouare about to be asked to enter information that will be incorporatedintoyour certificate request.Whatyou are about to enter is what is called a Distinguished Name or a DN.Thereare quite a few fields but you can leave some blankForsome fields there will be a default value,Ifyou enter '.', the field will be left blank.-----CountryName (2 letter code) [XX]:CNStateor Province Name (full name) []:beijingLocalityName (eg, city) [Default City]:beijingOrganizationName (eg, company) [Default Company Ltd]:phpmyadminOrganizationalUnit Name (eg, section) []:phpmyadminCommonName (eg, your name or your server's hostname) []:ca.admin.comEmailAddress []:caadmin@phpmyadmin.com

[root@bogonCA]# touch index.txt[root@bogonCA]# echo 01 > serial

[root@wwwssl]# openssl req -new -key httpd.key -out httpd.csrYouare about to be asked to enter information that will be incorporatedintoyour certificate request.Whatyou are about to enter is what is called a Distinguished Name or a DN.Thereare quite a few fields but you can leave some blankForsome fields there will be a default value,Ifyou enter '.', the field will be left blank.-----CountryName (2 letter code) [XX]:CNStateor Province Name (full name) []:beijingLocalityName (eg, city) [Default City]:beijingOrganizationName (eg, company) [Default Company Ltd]:phpmyadminOrganizationalUnit Name (eg, section) []:phpmyadminCommonName (eg, your name or your server's hostname) []:www.phpmyadmin.comEmailAddress []:caadmin@phpmyadmin.com Pleaseenter the following 'extra' attributesto besent with your certificate requestAchallenge password []:Anoptional company name []:

[root@wwwssl]# scp httpd.csr 192.168.1.7:/tmpTheauthenticity of host '192.168.1.7 (192.168.1.7)' can't be established.ECDSAkey fingerprint is 4b:8b:6d:c8:53:c4:7e:ff:dd:26:a2:b9:67:1d:ab:cd.Areyou sure you want to continue connecting (yes/no)? yesWarning:Permanently added '192.168.1.7' (ECDSA) to the list of known hosts.

[root@bogonCA]# openssl ca -in /tmp/httpd.csr -out /tmp/httpd.crtUsingconfiguration from /etc/pki/tls/openssl.cnfCheckthat the request matches the signatureSignatureokCertificateDetails:        Serial Number: 1 (0x1)        Validity            Not Before: Jul 17 02:49:36 2016GMT            Not After : Jul 17 02:49:36 2017GMT        Subject:            countryName               = CN            stateOrProvinceName       = beijing            organizationName          = phpmyadmin            organizationalUnitName    = phpmyadmin            commonName                = www.phpmyadmin.com            emailAddress              = caadmin@phpmyadmin.com        X509v3 extensions:            X509v3 Basic Constraints:                 CA:FALSE            Netscape Comment:                 OpenSSL Generated Certificate            X509v3 Subject Key Identifier:                 97:05:5A:39:41:43:C0:61:6E:E1:23:18:98:78:02:0D:21:F3:2B:EE            X509v3 Authority Key Identifier:                keyid:0F:9B:41:AB:0F:47:89:C2:28:98:0F:59:61:BE:D3:4E:04:C9:51:81 Certificateis to be certified until Jul 17 02:49:36 2017 GMT (365 days)Signthe certificate? [y/n]:y  1 outof 1 certificate requests certified, commit? [y/n]yWriteout database with 1 new entriesDataBase Updated

[root@bogonCA]# scp /tmp/httpd.crt 192.168.1.10:/etc/httpd/sslTheauthenticity of host '192.168.1.10 (192.168.1.10)' can't be established.ECDSAkey fingerprint is d3:71:51:da:74:25:b2:af:b6:d2:d4:98:9a:cd:f4:ee.Areyou sure you want to continue connecting (yes/no)? yesWarning:Permanently added '192.168.1.10' (ECDSA) to the list of known hosts.root@192.168.1.10'spassword: httpd.crt                                                      100% 3317     3.2KB/s   00:00

 [root@www ssl]# cd ../conf.d [root@www conf.d]# vim ssl.conf

#General setup for the virtual host, inherited from global configuration#DocumentRoot"/var/www/html"#ServerNamewww.example.com:443DocumentRoot"/httpd/vhosts/phpmyadmin"ServerNamewww.phpmyadmin.com:443#   Server Certificate:#Point SSLCertificateFile at a PEM encoded certificate.  If# thecertificate is encrypted, then you will be prompted for a#pass phrase.  Note that a kill -HUP willprompt again.  A new#certificate can be generated using the genkey(1) command.SSLCertificateFile/etc/httpd/ssl/httpd.crt

#   Server Certificate:#Point SSLCertificateFile at a PEM encoded certificate.  If# thecertificate is encrypted, then you will be prompted for a#pass phrase.  Note that a kill -HUP willprompt again.  A new#certificate can be generated using the genkey(1) command.SSLCertificateFile/etc/httpd/ssl/httpd.crt #   Server Private Key:#   If the key is not combined with thecertificate, use this#   directive to point at the key file.  Keep in mind that if#   you've both a RSA and a DSA private key youcan configure#   both in parallel (to also allow the use ofDSA ciphers, etc.)SSLCertificateKeyFile/etc/httpd/ssl/httpd.key

[root@wwwconf.d]# systemctl restart httpd

[root@bogonconf.d]# yum -y install php-xcache
[root@bogonvhosts]# systemctl restart httpd

[root@bogonvhosts]# ab -c 100 -n 1000 http://www.xcache.com/index.php
Timeper request:       132.352 [ms] (mean)
Timeper request:       1.324 [ms] (mean,across all concurrent requests)
Transferrate:          34763.10 [Kbytes/sec]received
[root@bogonvhosts]# ab -c 200 -n 2000 http://www.xcache.com/index.php
Timeper request:       334.702 [ms] (mean)
Timeper request:       1.674 [ms] (mean,across all concurrent requests)
Transferrate:          27492.89 [Kbytes/sec]received
 
[root@bogonvhosts]# ab -c 300 -n 3000 http://www.xcache.com/index.php
Timeper request:       1513.902 [ms] (mean)
Timeper request:       5.046 [ms] (mean,across all concurrent requests)
Transferrate:          9117.43 [Kbytes/sec]received
 
[root@bogonvhosts]# ab -c 400 -n 4000 http://www.xcache.com/index.php
Timeper request:       5866.443 [ms] (mean)
Timeper request:       14.666 [ms] (mean,across all concurrent requests)
Transferrate:          3039.11 [Kbytes/sec]received
 
[root@bogonvhosts]# ab -c 500 -n 5000 http://www.xcache.com/index.php
Timeper request:       5984.272 [ms] (mean)
Timeper request:       11.969 [ms] (mean,across all concurrent requests)
Transferrate:          3681.99 [Kbytes/sec]received
 
[root@bogonvhosts]# ab -c 600 -n 6000 http://www.xcache.com/index.php
Timeper request:       6207.417 [ms] (mean)
Timeper request:       10.346 [ms] (mean,across all concurrent requests)
Transferrate:          4296.02 [Kbytes/sec]received
 
[root@bogonvhosts]# ab -c 700 -n 7000 http://www.xcache.com/index.php
Timeper request:       1901.629 [ms] (mean)
Timeper request:       2.717 [ms] (mean,across all concurrent requests)
Transferrate:          16936.40 [Kbytes/sec]received、
 
[root@bogonvhosts]# ab -c 800 -n 8000 http://www.xcache.com/index.php
Timeper request:       3199.896 [ms] (mean)
Timeper request:       4.000 [ms] (mean,across all concurrent requests)
Transferrate:          11224.73 [Kbytes/sec]received
 
[root@bogonvhosts]# ab -c 900 -n 9000 http://www.xcache.com/index.php
Timeper request:       3335.247 [ms] (mean)
Timeper request:       3.706 [ms] (mean, across all concurrentrequests)
Transferrate:          12321.67 [Kbytes/sec]received
 
[root@bogonvhosts]# ab -c 1000 -n 10000 http://www.xcache.com/index.php
Timeper request:       4754.311 [ms] (mean)
Timeper request:       4.754 [ms] (mean,across all concurrent requests)
Transferrate:          9507.14 [Kbytes/sec]received