PHP环境安全性能检查

PHP环境安全性能检查

PHP在Linux环境下安全配置是一个复杂的过程,其中涉及到很多的细节设置,在这里发出来一个脚本,通过这个脚本来检测你的PHP环境是否存在安全隐患,从而针对这些对你的PHP环境进行加固。
功能:

  • 1.检测PHP环境安全配置
  • 2.应禁用的功能。
  • 3.危险的设置,可能会导致本地或远程文件包含。
  • 4.错误处理。
  • 5.在编译时定义的常量。

安装PHP环境后,将此三个文件脚本放在网站web目录下(audit.php php.xml style.css )进行浏览器查看,他将在你配置的基础中通过XML文件中匹配规则检测出可能存在的配置错误,存在问题的选项它会用红色突出的颜色显示。当然还有一些东西可以根据你的要求更改。
效果如下:

audit.php

  1. <?php
  2. /**
  3. * PHP Security Auditor
  4. */
  5. class Audit {
  6. static private $rules;
  7. static private $constants;
  8. static private $phpVer;
  9. static public $report;
  10. /**
  11. * Converts settings such as 1M 1G 1K to their byte equivilent values
  12. *
  13. * @param string $n
  14. * @return string
  15. */
  16. static private function convertToBytes($n) {
  17. // If n is -1 then there is no limit
  18. if ($n == -1)
  19. return PHP_INT_MAX;
  20. switch (substr($n, -1)) {
  21. case "B": return substr($n,0,-1);
  22. case "K": return substr($n,0,-1) * 1024;
  23. case "M": return substr($n,0,-1) * 1024 * 1024;
  24. case "G": return substr($n,0,-1) * 1024 * 1024 * 1024;
  25. }
  26. return $n;
  27. }
  28. static private function MakeReport($type, $title) {
  29. ksort(self::$report[$type]);
  30. $html = ‘<h1>‘ . $title . ‘</h1><table><tr class="h"><th>Setting</th><th>Current</th><th>Recomended</th><th>Description</th></tr>‘;
  31. foreach(self::$report[$type] as $key => $values)
  32. {
  33. if ($values[‘p‘] == 1) $class="r";
  34. else $class="v";
  35. $html .= ‘<tr><td class="e">‘ . htmlentities($key) . ‘</td>‘ .
  36. ‘<td class=". $class .">‘ . htmlentities($values[‘c‘]) . ‘</td>‘ .
  37. ‘<td class=". $class .">‘ . htmlentities($values[‘r‘]) . ‘</td>‘ .
  38. ‘<td class=". $class .">‘ . htmlentities($values[‘d‘]) . ‘</td></tr>‘;
  39. }
  40. $html .= ‘</table>‘;
  41. return $html;
  42. }
  43. static public function HTMLReport()
  44. {
  45. $class = "";
  46. $html = ‘<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">‘ .
  47. ‘<html><head>‘ .
  48. ‘<link rel="stylesheet" type="text/css" media="all" href="style.css"/>‘ .
  49. ‘</head><body>‘;
  50. $html .= self::MakeReport("ini", "PHP INI");
  51. $html .= self::MakeReport("disabled", "PHP Disabled Functions");
  52. $html .= self::MakeReport("const", "PHP CONST");
  53. $html .= ‘</html>‘;
  54. echo($html . "\n");
  55. }
  56. /**
  57. * Adds an item to the reporting array.
  58. *
  59. * @param string $type - the type (ini or const)
  60. * @param string $key - the name of the variable
  61. * @param string $currentValue - the current ini or const value
  62. * @param string $recomended - the recomended value
  63. * @param string $desc - a description of the issue
  64. * @param boolean $problem - true if not complaint, false if compliant
  65. */
  66. static private function Report($type, $key, $currentValue, $recomended, $desc, $problem)
  67. {
  68. if (isset(self::$report[$type][$key]))
  69. if ((self::$report[$type][$key][‘r‘] < $recomended)
  70. && (self::$report[$type][$key[‘p‘]] == 1))
  71. return;
  72. self::$report[$type][$key] = array(
  73. "c" => $currentValue,
  74. "r" => $recomended,
  75. "d" => $desc,
  76. "p" => $problem
  77. );
  78. }
  79. /**
  80. * Loads the rules from an XML file
  81. *
  82. * @param string $file
  83. */
  84. static public function LoadRules($file = "php.xml")
  85. {
  86. if (!defined(‘PHP_VERSION_ID‘))
  87. {
  88. $version = explode(".", PHP_VERSION);
  89. self::$phpVer =  ($version[0] * 10000 + $version[1] * 100 + $version[2]);
  90. } else
  91. self::$phpVer = PHP_VERSION_ID;
  92. self::$constants = get_defined_constants();
  93. self::$rules = simplexml_load_file($file);
  94. }
  95. /**
  96. * Processes the XML ruleset against const and ini values found in PHP
  97. *
  98. */
  99. static public function ProcessXML() {
  100. foreach(self::$rules as $null => $entry) {
  101. $ruleID = $entry->attributes()->id;
  102. // Check the version of PHP the rule applies to
  103. $version = (string)$entry->version;
  104. if ($version != "") {
  105. $op = (string)$entry->version->attributes()->op;
  106. switch ($op) {
  107. case ‘before‘:
  108. if ($version < self::$phpVer)
  109. continue 2;
  110. break;
  111. }
  112. }
  113. // Evaluate the rule as we are sure it applys to the version of PHP running
  114. switch((string)$entry->type)
  115. {
  116. // Look at CONST values in PHP
  117. case "const":
  118. $key = (string)$entry->key; // e.g LIBXML_NOENT
  119. $cValue = self::$constants[$key]; // The current value
  120. $rValue = (string)$entry->value; // The recomended value
  121. $desc = (string)$entry->description; // Description
  122. switch((string)$entry->value->attributes()->op)
  123. {
  124. case "eq":
  125. self::Report("const", $key, $cValue, $rValue, $desc, ($cValue == $rValue) ? 0 : 1);
  126. break;
  127. }
  128. break;
  129. // Check the list of functions that should be restricted
  130. case "disable_functions":
  131. $disabled = ini_get("disable_functions");
  132. $list = explode(",", $disabled);
  133. $xmlList = (array)($entry->list);
  134. $xmlList = $xmlList[‘function‘];
  135. foreach($xmlList as $null => $function) {
  136. $de = array_search($function, $list);
  137. self::Report("disabled", $function, (($de == 0) ? "enabled" : "disabled"), "disabled", "", (($de == 0) ? 1 : 0));
  138. }
  139. break;
  140. // Look at values defined within the INI files
  141. case "ini":
  142. $key = (string)$entry->key; // e.g. display_errors
  143. $cValue = trim(self::convertToBytes(ini_get($key))); // Current value
  144. $rValue = (string)$entry->value; // Recomended value
  145. $desc = (string)$entry->description; // Description
  146. if (is_numeric($rValue) && $cValue == "") $cValue = "0";
  147. // Deals with where one value should be compared to another
  148. if ((string)$entry->value->attributes()->type == "key")
  149. $rValue = self::convertToBytes(ini_get((string)$entry->value));
  150. switch((string)$entry->value->attributes()->op)
  151. {
  152. // Equal to
  153. case "eq":
  154. self::Report("ini", $key, $cValue, $rValue, $desc, ($cValue == $rValue) ? 0 : 1);
  155. break;
  156. // Less than or equal to
  157. case "lt":
  158. self::Report("ini", $key, $cValue, "< $rValue", $desc, ($cValue <= $rValue) ? 0 : 1);
  159. break;
  160. // Greater than or equal to
  161. case "gt":
  162. self::Report("ini", $key, $cValue, "> $rValue", $desc, ($cValue >= $rValue) ? 0 : 1);
  163. break;
  164. // Not equal to
  165. case "ne":
  166. $neValue  = (string)$entry->value->attributes()->net;
  167. $notBlank = (string)$entry->value->attributes()->notblank;
  168. if ($notBlank == "true") {
  169. self::Report("ini", $key, $cValue, $rValue, $desc, ($cValue != "") ? 0 : 1);
  170. break;
  171. }
  172. self::Report("ini", $key, $cValue, $rValue, $desc, ($cValue != $neValue) ? 0 : 1);
  173. break;
  174. }
  175. break;
  176. }
  177. }
  178. }
  179. }
  180. Audit::LoadRules();
  181. Audit::ProcessXML();
  182. Audit::HTMLReport();

php.xml代码如下:

  1. <?xml version="1.0" encoding="UTF-8"?>
  2. <rules>
  3. <entry id="1">
  4. <type>ini</type>
  5. <key>upload_max_filesize</key>
  6. <value op="lt">4194304</value>
  7. <description>Sets the maximum size of an uploaded file. Reduce this to mitigate the risk of DOS attacks.</description>
  8. </entry>
  9. <entry id="29">
  10. <type>ini</type>
  11. <key>upload_max_filesize</key>
  12. <value op="lt" type="key">memory_limit</value>
  13. <description>The maximum size of an uploaded file should be able to fit within the avaliable memory limit.</description>
  14. </entry>
  15. <entry id="30">
  16. <type>ini</type>
  17. <key>post_max_size</key>
  18. <value op="lt" type="key">memory_limit</value>
  19. <description>The maximum post size of data posted to the server should be within the avaliable memory limit.</description>
  20. </entry>
  21. <entry id="32">
  22. <type>ini</type>
  23. <key>always_populate_raw_post_data</key>
  24. <value op="eq">0</value>
  25. <description>This does not need to be used. The preferred method for accessing the raw POST data is php://input.</description>
  26. </entry>
  27. <entry id="33">
  28. <type>ini</type>
  29. <key>magic_quotes_gpc</key>
  30. <value op="eq">0</value>
  31. <description>Sets magic_quotes state for GPC (GET PUT COOKIE) data.  Relying on this feature is highly discouraged.</description>
  32. <version op="before">50300</version>
  33. <url>http://www.php.net/manual/en/info.configuration.php#ini.magic-quotes-gpc</url>
  34. </entry>
  35. <entry id="34">
  36. <type>ini</type>
  37. <key>magic_quotes_runtime</key>
  38. <value op="eq">0</value>
  39. <description>Sets magic_quotes state for data from external sources.  Relying on this feature is highly discouraged.</description>
  40. <version op="before">50300</version>
  41. <url>http://www.php.net/manual/en/info.configuration.php#ini.magic-quotes-runtime</url>
  42. </entry>
  43. <entry id="35">
  44. <type>ini</type>
  45. <key>safe_mode</key>
  46. <value op="eq">0</value>
  47. <description>This feature has been DEPRECATED as of PHP 5.3.0. Relying on this feature is highly discouraged.</description>
  48. <version op="before">50300</version>
  49. </entry>
  50. <entry id="36">
  51. <type>ini</type>
  52. <key>memory_limit</key>
  53. <value op="lt">16777216</value>
  54. <description>The maximum memory limit for each script should be 16M or less.</description>
  55. </entry>
  56. <entry id="5">
  57. <type>ini</type>
  58. <key>upload_max_filesize</key>
  59. <value op="lt" type="key">post_max_size</value>
  60. <description>The maximum upload file size should be less than or equal to the maximum post size.</description>
  61. </entry>
  62. <entry id="2">
  63. <type>ini</type>
  64. <key>max_file_uploads</key>
  65. <value op="lt">10</value>
  66. <description>The maximum mumber of files that can be uploaded in 1 go.</description>
  67. </entry>
  68. <entry id="3">
  69. <type>ini</type>
  70. <key>file_uploads</key>
  71. <value op="eq">0</value>
  72. <description>This may be impractical but if not needed file uploading should be disabled.</description>
  73. </entry>
  74. <entry id="4">
  75. <type>ini</type>
  76. <key>post_max_size</key>
  77. <value op="lt">4194304</value>
  78. <description>The maximum post size should as small as reasonably possible to mitigate the risk of DOS attacks.</description>
  79. </entry>
  80. <entry id="6">
  81. <type>ini</type>
  82. <key>register_long_arrays</key>
  83. <value op="eq">0</value>
  84. <description>Populates HTTP_*_VARS which should no longer be used.</description>
  85. <version op="before">50300</version>
  86. </entry>
  87. <entry id="7">
  88. <type>ini</type>
  89. <key>register_globals</key>
  90. <value op="eq">0</value>
  91. <description>Highly dangerous feature enabling variables to be defined in scripts from the GPC paramaters. This should be always be turned off.</description>
  92. <version op="before">50300</version>
  93. </entry>
  94. <entry id="8">
  95. <type>ini</type>
  96. <key>session.hash_function</key>
  97. <value op="eq">1</value>
  98. <description>MD5 should be replaced with SHA-160 as it is a more complex and secure hashing algorithm.</description>
  99. <version op="after">50000</version>
  100. </entry>
  101. <entry id="9">
  102. <type>ini</type>
  103. <key>session.hash_bits_per_character</key>
  104. <value op="gt">5</value>
  105. <description>The number of bits encoded per character of the session key.</description>
  106. <version op="after">50000</version>
  107. </entry>
  108. <entry id="10">
  109. <type>ini</type>
  110. <key>session.entropy_file</key>
  111. <value op="ne" net="">/dev/random</value>
  112. <description>Provides a random seed for generating the session.</description>
  113. </entry>
  114. <entry id="11">
  115. <type>ini</type>
  116. <key>session.entropy_length</key>
  117. <value op="gt">32</value>
  118. <description>The number of bytes to read for gathering entropy for session generation.</description>
  119. </entry>
  120. <entry id="12">
  121. <type>ini</type>
  122. <key>session.name</key>
  123. <value op="ne" net="PHPSESSID">Custom String</value>
  124. <description>The name given to the PHP Session. It is recomended this be changed from the default.</description>
  125. </entry>
  126. <entry id="14">
  127. <type>ini</type>
  128. <key>session.save_path</key>
  129. <value op="ne" net="/tmp" notblank="true">/custom/location</value>
  130. <description>The save path for the session should be changed from the default /tmp.</description>
  131. </entry>
  132. <entry id="15">
  133. <type>ini</type>
  134. <key>session.use_trans_sid</key>
  135. <value op="eq">0</value>
  136. <description>Sessions should not be allowed in GET paramaters.</description>
  137. </entry>
  138. <entry id="18">
  139. <type>ini</type>
  140. <key>display_errors</key>
  141. <value op="eq">0</value>
  142. <description>Error messages should be suppressed</description>
  143. </entry>
  144. <entry id="19">
  145. <type>ini</type>
  146. <key>allow_url_fopen</key>
  147. <value op="eq">0</value>
  148. <description>Remote files should not be accessable using fopen.</description>
  149. </entry>
  150. <entry id="20">
  151. <type>ini</type>
  152. <key>allow_url_include</key>
  153. <value op="eq">0</value>
  154. <description>You should not be able to include remote scripts using include.</description>
  155. </entry>
  156. <entry id="31">
  157. <type>ini</type>
  158. <key>session.cookie_httponly</key>
  159. <value op="eq">1</value>
  160. <description>Cookies must be httponly by default</description>
  161. <version op="after">50200</version>
  162. </entry>
  163. <entry id="20">
  164. <type>ini</type>
  165. <key>open_basedir</key>
  166. <value op="ne" net="/" notblank="true">/the/webroot</value>
  167. <description>Limit the files that can be opened by PHP to the webroot.</description>
  168. </entry>
  169. <entry id="32">
  170. <type>ini</type>
  171. <key>upload_tmp_dir</key>
  172. <value op="ne" net="/tmp" notblank="true">/custom/location</value>
  173. <description>Change the location of where files are initally uploaded to</description>
  174. </entry>
  175. <entry id="21">
  176. <type>ini</type>
  177. <key>max_execution_time</key>
  178. <value op="lt">20</value>
  179. <description>Execution time should be limited to 20 seconds or less.</description>
  180. </entry>
  181. <entry id="22">
  182. <type>ini</type>
  183. <key>max_input_nesting_level</key>
  184. <value op="lt">32</value>
  185. <description>Maximum level of nesting of objects 32 is sufficent.</description>
  186. </entry>
  187. <entry id="23">
  188. <type>ini</type>
  189. <key>enable_dl</key>
  190. <value op="eq">0</value>
  191. <description>Disable loading of dynamic extensions.</description>
  192. </entry>
  193. <entry id="24">
  194. <type>ini</type>
  195. <key>display_startup_errors</key>
  196. <value op="eq">0</value>
  197. <description>Startup errors should be suppressed.</description>
  198. </entry>
  199. <entry id="25">
  200. <type>ini</type>
  201. <key>log_errors</key>
  202. <value op="eq">1</value>
  203. <description>All errors generated by PHP should be logged to a file.</description>
  204. </entry>
  205. <entry id="26">
  206. <type>ini</type>
  207. <key>log_errors_max_len</key>
  208. <value op="gt">2048</value>
  209. <description>At least 2048 characters of the error message should be stored in the error log.</description>
  210. </entry>
  211. <entry id="27">
  212. <type>ini</type>
  213. <key>error_log</key>
  214. <value op="ne" net="">/custom/location</value>
  215. <description>Should be set to the location of the php error log.</description>
  216. </entry>
  217. <entry id="28">
  218. <type>const</type>
  219. <key>LIBXML_NOENT</key>
  220. <value op="eq">0</value>
  221. <description>External entities should be disabled for XML parsing</description>
  222. </entry>
  223. <entry id="37">
  224. <type>ini</type>
  225. <key>session.use_only_cookies</key>
  226. <value op="eq">1</value>
  227. <description>Session variables should only be passed in cookies.</description>
  228. </entry>
  229. <entry id="29">
  230. <type>const</type>
  231. <key>LIBXML_NONET</key>
  232. <value op="eq">0</value>
  233. <description>Network access for XML parsers should be disabled.</description>
  234. </entry>
  235. <entry id="38">
  236. <type>disable_functions</type>
  237. <list>
  238. <function>fsocket_open</function>
  239. <function>pack</function>
  240. <function>escapeshellarg</function>
  241. <function>escapeshellcmd</function>
  242. <function>exec</function>
  243. <function>passthru</function>
  244. <function>proc_close</function>
  245. <function>php_uname</function>
  246. <function>getmyuid</function>
  247. <function>getmypid</function>
  248. <function>passthru</function>
  249. <function>leak</function>
  250. <function>listen</function>
  251. <function>diskfreespace</function>
  252. <function>tmpfile</function>
  253. <function>link</function>
  254. <function>ignore_user_abort</function>
  255. <function>set_time_limit</function>
  256. <function>limit</function>
  257. <function>exec</function>
  258. <function>highlight_file</function>
  259. <function>show_source</function>
  260. <function>fpaththru</function>
  261. <function>virtual</function>
  262. <function>posix_ctermid</function>
  263. <function>posix_getcwd</function>
  264. <function>posix_getegid</function>
  265. <function>posix_geteuid</function>
  266. <function>posix_getgid</function>
  267. <function>posix_getgrgid</function>
  268. <function>posix_getgrnam</function>
  269. <function>posix_getgroups</function>
  270. <function>posix_getlogin</function>
  271. <function>posix_getpgid</function>
  272. <function>posix_getpgrp</function>
  273. <function>posix_getpid</function>
  274. <function>posix</function>
  275. <function>posix_getpwnam</function>
  276. <function>posix_getpwuid</function>
  277. <function>posix_getrlimit</function>
  278. <function>posix_getsid</function>
  279. <function>posix_getuid</function>
  280. <function>posix_isatty</function>
  281. <function>posix_kill</function>
  282. <function>posix_mkfifo</function>
  283. <function>posix_setegid</function>
  284. <function>posix_seteuid</function>
  285. <function>posix_setgid</function>
  286. <function>posix_setpgid</function>
  287. <function>posix_setsid</function>
  288. <function>posix_setuid</function>
  289. <function>posix_times</function>
  290. <function>posix_ttyname</function>
  291. <function>posix_uname</function>
  292. <function>proc_open</function>
  293. <function>proc_close</function>
  294. <function>proc_get_status</function>
  295. <function>proc_nice</function>
  296. <function>proc_terminate</function>
  297. <function>phpinfo</function>
  298. <function>proc_open</function>
  299. <function>shell_exec</function>
  300. <function>system</function>
  301. <function>set_time_limit</function>
  302. <function>ini_alter</function>
  303. <function>dl</function>
  304. <function>popen</function>
  305. <function>parse_ini_file</function>
  306. </list>
  307. </entry>
  308. </rules>

style.css代码如下:

  1. @CHARSET "UTF-8";
  2. body { color: #000000;}
  3. body, td, th, h1, h2 {font-family: sans-serif;}
  4. pre {margin: 0px; font-family: monospace;}
  5. table {border-collapse: collapse;}
  6. td, th { border: 1px solid #000000; font-size: 75%; vertical-align: baseline;  padding-left:5px; padding-right:5px;}
  7. h1 {font-size: 150%;}
  8. h2 {font-size: 125%;}
  9. .p {text-align: left;}
  10. .e { font-weight: bold; color: #000000;}
  11. .h {background-color: #9999cc; font-weight: bold; color: #000000;}
  12. .v { color: #000000; padding-left:5px;}
  13. .r {background-color: #c50000; color: #000000;  padding-left:5px;}

三个文件已经打包:php-security-check.zip
转自:http://lanlan611.sinaapp.com/?p=112

转载请标明文章来源:《https://www.centos.bz/2012/03/php-security-check/

时间: 2024-10-03 13:44:45

PHP环境安全性能检查的相关文章

生产环境使用 pt-table-checksum 检查MySQL数据一致性

公司数据中心从托管机房迁移到阿里云,需要对mysql迁移(Replication)后的数据一致性进行校验,但又不能对生产环境使用造成影响,pt-table-checksum 成为了绝佳也是唯一的检查工具. pt-table-checksum 是 Percona-Toolkit 的组件之一,用于检测MySQL主.从库的数据是否一致.其原理是在主库执行基于statement的sql语句来生成主库数据块的checksum,把相同的sql语句传递到从库执行,并在从库上计算相同数据块的checksum,最

Apache环境下进程检查脚本

在实际生产环境中使用比较多web环境一般是apache,平时为了确保Apache的正常运行,一定会对Apache进程监控,但是一般情况下效率并不是很好,为了确保生产环境中的业务正常运行或者是故障快速处理可以利用检查系统中是否有httpd的tcp连接来判断,为此就写了一个检查Apache的脚本 #!/bin/bash #apache_deamon.sh log=/data/backup/apache_status/logs#做好事件记录 httpd_Num=`netstat -ntpa |grep

sqlserver的IO性能检查

这一个月老被一个信息科科长纠缠,原因就是他们的sql server 2008 R2老是定期的写入性能低下.我是这样认为的,但身边的人似乎都不这么想.每每我对那个挂在一个交换机上的网络存储表达担忧时,这科长总不以为然. 直到利用window的“管理工具”上的性能监控提供的信息,他们才把重点放回存储上. 检查三项内容: 1.Average disk sec/read, 平均每个读花的时间,小于10ms表示性能很好,在10ms~20ms之间表示性能可以接受,如果大于20ms,说明存在I/O问题:2.A

服务端测试环境hosts配置检查脚本

问题 由于A测试环境和B测试环境相互耦合,B测试环境切换导致我方测试环境需要更改后台服务器的响应配置.若多台服务器中有一台服务器没有更改配置,则在测试过程中将会出现问题.届时排查由于环境配置不统一引起的环境问题将会费时费力. 思考 测试环境之间的关联配置就是hosts的配置,我们只需要知道A测试环境中各个服务器上的hosts文件中配置的B环境的hosts是否一致即可得出结论. 解决方案 在A测试环境服务器端各个机器的根目录下均安放hosts检查脚本hosts_check.py,内容如下: #!/

性能检查工具

vmstat  1,表示每秒输出一次统计信息 r:等待在CPU资源的进程数.这个数据比平均负载更加能够体现CPU负载情况,数据中不包含等待IO的进程.如果这个数值大于机器CPU核数,那么机器的CPU资源已经饱和. free:系统可用内存数(以千字节为单位),如果剩余内存不足,也会导致系统性能问题.下文介绍到的free命令,可以更详细的了解系统内存的使用情况. si, so:交换区写入和读取的数量.如果这个数据不为0,说明系统已经在使用交换区(swap),机器物理内存已经不足 us, sy, id

Java生产环境下性能监控与调优详解

第1章 课程介绍(Java秒杀课程老师倾力打造)本章为大家介绍生产环境可能存在的问题和常用的性能监控工具,以及课程能学到什么,课程内容如何安排等,让大家对课程有个全貌的认识,从而更好的学习这门课程.1-1 为什么学习这门课程? 第2章 基于JDK命令行工具的监控本章带大家学习JDK的命令行监控工具的使用,包括jps.jinfo.jstat.jmap.jstack, 并结合MAT实战如何定位内存溢出,实战如何定位死循环和死锁.2-1 JVM的参数类型2-2 查看JVM运行时参数2-3 jstat查

mysql数据库运行性能检查脚本

只针对mysql 5.6.8以上版本select version();use information_schema:#查询所有数据库参数show VARIABLES; #查询数据库最大连接数show variables like '%max_connections%'; #查询当前数据库连接数show full processlist; #单表记录数超过1000W的数据库查询select table_schema,table_name,table_rows from information_sc

Linux 性能检查命令总结

iostat -x 1 查看磁盘的IO负载 Linux系统出现了性能问题,一般我们可以通过top.iostat,vmstat等命令来查看初步定位问题.其中iostat可以给我们提供丰富的IO状态数据 $ iostat -x -1 avg-cpu:  %user   %nice %system %iowait  %steal   %idle 10.43    0.00    1.51    1.51    0.00   86.56 Device:rrqm/s  wrqm/s  r/s   w/s

一些linux服务器性能检查命令

1.uptime 2.dmesg | tail 3.vmstat 1 4.mpstat -P ALL 1 5.pidstat 1 6.iostat -xz 1 7.free -m 8.sar -n  DEV 1 9.sar -n TCP,ETCP 1 10.top 11.htop 12.atop 13.glances 14.dstat