我们以模拟实际需求的形式来复习。需求如下:
1. 准备两台centos 6,其中一台机器跑mysql,另外一台机器跑apache和nginx + php
2. 同时安装apache和nginx,其中nginx启动80端口,用来跑静态对象(图片、js、css),apache监听88端口,负责跑动态页(php相关的),并且需要由nginx代理对外访问
3. mysql服务器需要开启慢查询日志
4. 搭建discuz、wordpress以及phpmyadmin,域名分别为bbs.abc.com, blog.abc.com, pma.abc.com
5. 配置discuz的伪静态(nginx)
6. apache不需要记录日志,nginx记录日志,但不记录图片等静态页的日志,并且配置日志切割
7. 配置图片防盗链(nginx)
8. 配置图片缓存7天,js,css缓存1天(nginx)
9. discuz和wordpress访问后台限制一下ip白名单,比如只允许192.168.1.100访问(nginx)
10. phpmyadmin整个站点需要配置用户认证(nginx)
11. 写一个mysql备份的脚本,每天5点执行,需要远程拷贝到web机器上
12. 把除了百度、google外的其他常见搜索引擎蜘蛛封掉,比如(bingbot/2.0、Sogou web spider/4.0、360Spider、YisouSpider、YandexBot/3.0)(nginx)
参考配置:
/usr/local/apache2/conf/extra/httpd-vhosts.conf
- NameVirtualHost *:88
- <VirtualHost *:88>
- DocumentRoot "/tmp/tmp"
- ServerName tmp.com
- php_admin_value open_basedir "/tmp/tmp"
- <Directory /tmp/tmp/>
- Order allow,deny
- Deny from all
- </Directory>
- </VirtualHost>
- <VirtualHost *:88>
- DocumentRoot "/data/bbs"
- ServerName bbs.abc.com
- </VirtualHost>
- <VirtualHost *:88>
- DocumentRoot "/data/blog"
- ServerName blog.abc.com
- </VirtualHost>
- <VirtualHost *:88>
- DocumentRoot "/data/pma"
- ServerName pma.abc.com
- </VirtualHost>
复制代码
nginx相关的:
1. bbs.conf
- server
- {
- listen 80;
- server_name bbs.abc.com;
- index index.html index.htm index.php;
- root /data/bbs;
- #根据user_agent控制
- if ($http_user_agent ~ ‘bingbot/2.0|MJ12bot/v1.4.2|Spider/3.0|YoudaoBot|Tomato|Gecko/20100315‘){
- return 403;
- }
- location ~ admin.php {
- allow 192.168.31.141;
- deny all;
- proxy_pass http://127.0.0.1:88;
- proxy_set_header Host $host;
- }
- location ~ \.php$ {
- proxy_pass http://127.0.0.1:88;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
- location ~ .*\.(js|css)?$
- {
- expires 24h;
- access_log off;
- }
- location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls)$ {
- expires 7d;
- valid_referers none blocked server_names *.abc.com *.a.com *.b.com *.baidu.com\
- *.google.com *.google.cn *.soso.com ;
- if ($invalid_referer) {
- return 403;
- #rewrite ^/ http://www.example.com/nophoto.gif;
- }
- access_log off;
- }
- rewrite ^([^\.]*)/topic-(.+)\.html$ $1/portal.php?mod=topic&topic=$2 last;
- rewrite ^([^\.]*)/forum-(\w+)-([0-9]+)\.html$ $1/forum.php?mod=forumdisplay&fid=$2&page=$3 last;
- rewrite ^([^\.]*)/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ $1/forum.php?mod=viewthread&tid=$2&extra=page%3D$4&page=$3 last;
- rewrite ^([^\.]*)/group-([0-9]+)-([0-9]+)\.html$ $1/forum.php?mod=group&fid=$2&page=$3 last;
- rewrite ^([^\.]*)/space-(username|uid)-(.+)\.html$ $1/home.php?mod=space&$2=$3 last;
- rewrite ^([^\.]*)/(fid|tid)-([0-9]+)\.html$ $1/index.php?action=$2&value=$3 last;
- access_log /home/logs/discuz.log combined_realip;
- }
复制代码
2. blog.conf (参考 http://www.upupw.net/nginxhelp/n33.html)
- server
- {
- listen 80;
- server_name blog.abc.com;
- index index.html index.htm index.php;
- root /data/blog;
- location /wp-admin/ {
- allow 127.0.0.1;
- deny all;
- location ~ \.php$ {
- proxy_pass http://127.0.0.1:88;
- proxy_set_header Host $host;
- }
- }
- location / {
- proxy_pass http://127.0.0.1:88/;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
- }
复制代码
3. pma.conf
- server
- {
- listen 80;
- server_name pma.abc.com;
- index index.html index.htm index.php;
- root /data/pma;
- location / {
- auth_basic "Auth";
- auth_basic_user_file /usr/local/nginx/conf/htpasswd;
- location ~ \.php$ {
- proxy_pass http://127.0.0.1:88;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
- }
- }
复制代码
phpmyadmin 安装 http://www.aminglinux.com/bbs/thread-6509-1-1.html
Wordpress 安装 http://www.apelearn.com/bbs/forum.php?mod=viewthread&tid=7954&highlight=wordpress