lamp/lnmp实例

实现需求如下：

1. 准备两台centos 6，其中一台机器跑mysql，另外一台机器跑apache和nginx + php

2. 同时安装apache和nginx，其中nginx启动80端口，用来跑静态对象（图片、js、css），apache监听88端口，负责跑动态页（php相关的），并且需要由nginx代理对外访问

3. mysql服务器需要开启慢查询日志

4. 搭建discuz、wordpress以及phpmyadmin，域名分别为bbs.abc.com, blog.abc.com, pma.abc.com

5. 配置discuz的伪静态(nginx)

6. apache不需要记录日志，nginx记录日志，但不记录图片等静态页的日志，并且配置日志切割

7. 配置图片防盗链(nginx)

8. 配置图片缓存7天，js，css缓存1天(nginx)

9. discuz和wordpress访问后台限制一下ip白名单，比如只允许192.168.1.100访问(nginx)

10. phpmyadmin整个站点需要配置用户认证(nginx)

11. 写一个mysql备份的脚本，每天5点执行，需要远程拷贝到web机器上

12. 把除了百度、google外的其他常见搜索引擎蜘蛛封掉，比如（bingbot/2.0、Sogou web spider/4.0、360Spider、YisouSpider、YandexBot/3.0）(nginx)

/usr/local/apache2/conf/extra/httpd-vhosts.conf

NameVirtualHost *:88

<VirtualHost *:88>

DocumentRoot "/www"

ServerName abc.com

ServerAlias www.abc.com

</VirtualHost>

<VirtualHost *:88>

DocumentRoot "/www/discuz"

ServerName bbs.abc.com

ServerAlias www.bbs.abc.com

</VirtualHost>

<VirtualHost *:88>

DocumentRoot "/www/wordpress"

ServerName blog.abc.com

ServerAlias www.blog.abc.com

</VirtualHost>

<VirtualHost *:88>

DocumentRoot "/www/phpadmin"

ServerName pma.abc.com

ServerAlias www.pma.abc.com

</VirtualHost>

bbs.conf

server

{

listen 80;

server_name bbs.abc.com;

index index.html index.htm index.php;

root /www/discuz;

if ($http_user_agent ~ ‘bingbot/2.0|MJ12bot/v1.4.2|Spider/3.0|YoudaoBot|Tomato|Gecko/20100315‘){

return 403;

}

location ~ admin.php {

allow 192.168.16.16;

deny all;

proxy_pass http://127.0.0.1:88;

proxy_set_header Host   $host;

}

location ~ \.php$

{

proxy_pass http://127.0.0.1:88;

proxy_set_header Host   $host;

proxy_set_header X-Real-IP      $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

}

rewrite ^([^\.]*)/topic-(.+)\.html$ $1/portal.php?mod=topic&topic=$2 last;

rewrite ^([^\.]*)/forum-(\w+)-([0-9]+)\.html$ $1/forum.php?mod=forumdisplay&fid=$2&page=$3 last;

rewrite ^([^\.]*)/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ $1/forum.php?mod=viewthread&tid=$2&extra=page%3D$4&page=$3 last;

rewrite ^([^\.]*)/group-([0-9]+)-([0-9]+)\.html$ $1/forum.php?mod=group&fid=$2&page=$3 last;

rewrite ^([^\.]*)/space-(username|uid)-(.+)\.html$ $1/home.php?mod=space&$2=$3 last;

rewrite ^([^\.]*)/(fid|tid)-([0-9]+)\.html$ $1/index.php?action=$2&value=$3 last;

location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls)$

{

expires 7d;

valid_referers none blocked server_names  *.taobao.com *.baidu.com *.google.com *.google.cn *.soso.com ;

if ($invalid_referer) {

#      return 403;

rewrite ^/ http://blog.abc.com/;

}

access_log off;

}

location ~ .*\.(js|css)?$

{

expires      24h;

access_log off;

}

deny 192.168.1.0/24;

allow all;

access_log /usr/local/nginx/logs/discuz.log combined_realip;

}

blog.comf

server

{

listen 80;

server_name blog.abc.com;

index index.html index.htm index.php;

root /www/wordpress;

location = / {

proxy_pass http://127.0.0.1:88/;

proxy_set_header Host   $host;

proxy_set_header X-Real-IP      $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

}

location ~ \.php$

{

proxy_pass http://127.0.0.1:88;

proxy_set_header Host   $host;

proxy_set_header X-Real-IP      $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

}

access_log /usr/local/nginx/logs/wordpress.log combined_realip;

}

pma.conf

server

{

listen 80;

server_name pma.abc.com;

index index.html index.htm index.php;

root /www/phpadmin;

location / {

auth_basic              "Auth";

auth_basic_user_file   /usr/local/nginx/conf/.htpasswd;

}

location ~ \.php$

{

proxy_pass http://127.0.0.1:88;

proxy_set_header Host   $host;

proxy_set_header X-Real-IP      $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

}

access_log /usr/local/nginx/logs/pma.log combined_realip;

}

日志切割.sh

#!/bin/bash

#

exec &> /dev/null

d=`date -d "-1 day" +%Y%m%d`

/bin/mv   /usr/local/nginx/logs/discuz.log   /usr/local/nginx/logs/$d.discuz.log

/usr/local/nginx/sbin/nginx -s reload

find /tmp/ -type f -mtime +30|xargs rm -f