前言

nginx + php 用于运行大部分php开发的网站。前几篇文章，都是是运行与docker下的。如果系统不方便使用docker，直接在系统内配置 nginx+php服务

安装软件

yum install nginx 

yum install php  php-xml  php-mysql php-mongo php-redis php-memcache   php-intl  php-mbstring  php-mcrypt  php-pecl-swoole php-xcache php-pecl-xhprof php-fpm php-opcache

配置

php-fpm

/etc/php.ini

[PHP]
engine = On
short_open_tag = Off
precision = 14
output_buffering = 4096
zlib.output_compression = Off
implicit_flush = Off
unserialize_callback_func =
serialize_precision = 17
disable_functions =
disable_classes =
zend.enable_gc = On
expose_php = On
max_execution_time = 30
max_input_time = 60
memory_limit = 128M
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
display_errors = Off
display_startup_errors = Off
log_errors = On
log_errors_max_len = 1024
ignore_repeated_errors = Off
ignore_repeated_source = Off
report_memleaks = On
track_errors = Off
html_errors = On
variables_order = "GPCS"
request_order = "GP"
register_argc_argv = Off
auto_globals_jit = On
post_max_size = 256M
auto_prepend_file =
auto_append_file =
default_mimetype = "text/html"
default_charset = "UTF-8"
doc_root =
user_dir =
enable_dl = Off
file_uploads = On
upload_max_filesize = 2M
max_file_uploads = 20
allow_url_fopen = On
allow_url_include = Off
default_socket_timeout = 60
[CLI Server]
cli_server.color = On
[Date]
[filter]
[iconv]
[intl]
[sqlite]
[sqlite3]
[Pcre]
pcre.jit=0
[Pdo]
[Pdo_mysql]
pdo_mysql.cache_size = 2000
pdo_mysql.default_socket=
[Phar]
[mail function]
sendmail_path = /usr/sbin/sendmail -t -i
mail.add_x_header = On
[SQL]
sql.safe_mode = Off
[ODBC]
odbc.allow_persistent = On
odbc.check_persistent = On
odbc.max_persistent = -1
odbc.max_links = -1
odbc.defaultlrl = 4096
odbc.defaultbinmode = 1
[Interbase]
ibase.allow_persistent = 1
ibase.max_persistent = -1
ibase.max_links = -1
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
ibase.dateformat = "%Y-%m-%d"
ibase.timeformat = "%H:%M:%S"
[MySQLi]
mysqli.max_persistent = -1
mysqli.allow_persistent = On
mysqli.max_links = -1
mysqli.cache_size = 2000
mysqli.default_port = 3306
mysqli.default_socket =
mysqli.default_host =
mysqli.default_user =
mysqli.default_pw =
mysqli.reconnect = Off
[mysqlnd]
mysqlnd.collect_statistics = On
mysqlnd.collect_memory_statistics = Off
[PostgreSQL]
pgsql.allow_persistent = On
pgsql.auto_reset_persistent = Off
pgsql.max_persistent = -1
pgsql.max_links = -1
pgsql.ignore_notice = 0
pgsql.log_notice = 0
[bcmath]
bcmath.scale = 0
[browscap]
[Session]
session.save_handler = files
session.use_strict_mode = 0
session.use_cookies = 1
session.use_only_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.cookie_httponly =
session.serialize_handler = php
session.gc_probability = 1
session.gc_divisor = 1000
session.gc_maxlifetime = 1440
session.referer_check =
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 0
session.hash_function = 0
session.hash_bits_per_character = 5
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
[Assertion]
zend.assertions = -1
[mbstring]
[gd]
[exif]
[Tidy]
tidy.clean_output = Off
[soap]
soap.wsdl_cache_enabled=1
soap.wsdl_cache_dir="/tmp"
soap.wsdl_cache_ttl=86400
soap.wsdl_cache_limit = 5
[sysvshm]
[ldap]
ldap.max_links = -1
[mcrypt]
[dba]
[curl]
[openssl]
[opcache]
opcache.enable=1
opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=4000
opcache.revalidate_freq=60
opcache.fast_shutdown=1
opcache.validate_timestamps=0
opcache.file_cache=/tmp

/etc/php-fpm.conf

include=/etc/php-fpm.d/*.conf
[global]
pid = /var/run/php-fpm/php-fpm.pid
error_log = /var/log/php-fpm/php_error.log

/etc/php-fpm.d/www.conf

[www]
listen = /var/run/php-fpm/php-fpm.sock
listen.allowed_clients = 127.0.0.1
listen.owner = nginx
listen.group = nginx
listen.mode = 0660
listen.backlog = 16384
user = nginx
group = nginx
pm = static
pm.max_children = 20
pm.start_servers = 10
pm.min_spare_servers = 10
pm.max_spare_servers = 35
pm.max_requests = 10000
request_terminate_timeout = 180
request_slowlog_timeout = 30
slowlog = /var/log/php-fpm/www-slow.log
;access.log = /opt/servicelogs/php-fpm/access.$pool.log
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{seconds}d %{megabytes}M %{user}C%%"
;ping.path = /php70fpm-ping
;pm.status_path = /phpfpm70-status

nginx

/etc/nginx/nginx.conf

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;


# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;


events {
    worker_connections 1024;
}


http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';


    access_log  /var/log/nginx/access.log  main buffer=32k flush=30s;


    server_tokens       off;
    client_max_body_size 100m;


    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;


    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;


    #ssl 配置
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
    ssl_ecdh_curve secp384r1;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;
    ssl_session_tickets off;
    ssl_stapling on; # Requires nginx >= 1.3.7
    ssl_stapling_verify on; # Requires nginx => 1.3.7
    add_header Strict-Transport-Security "max-age=63072000; preload";
    #add_header X-Frame-Options DENY;
    add_header X-Frame-Options SAMEORIGIN;
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";


    #nginx缓存
    fastcgi_cache_path /var/cache/nginx/  levels=1:2 keys_zone=wordpress:10m inactive=30m use_temp_path=off;
    fastcgi_cache_key $request_method$scheme$host$request_uri;
    # note: can also use HTTP headers to form the cache key, e.g.
    #fastcgi_cache_key $scheme$request_method$host$request_uri$http_x_custom_header;
    #fastcgi_cache_lock on;
    fastcgi_cache_use_stale error timeout invalid_header updating http_500;
    fastcgi_cache_valid 200 301 302 10h;
    fastcgi_cache_valid 404 10m;
    fastcgi_ignore_headers Expires Set-Cookie Vary;


    #启动gzip
    gzip on;
    gzip_min_length  1k;
    gzip_buffers     4 16k;
    gzip_comp_level 7;
    gzip_types
        text/css
        text/plain
        text/javascript
        application/javascript
        application/json
        application/x-javascript
        application/xml
        application/xml+rss
        application/xhtml+xml
        application/x-font-ttf
        application/x-font-opentype
        application/vnd.ms-fontobject
        image/svg+xml
        image/x-icon
        application/rss+xml
        application/atom_xml
        image/jpeg
        image/gif
        image/png
        image/icon
        image/bmp
        image/jpg;
    gzip_vary on;


    # for more information.
    include /etc/nginx/conf.d/*.conf;
}

/etc/nginx/conf.d/my-wordpress.com.conf

server {
    listen 80 http2;
    server_name  www.chreagent.com  chreagent.com; # 请换成自己的域名
    rewrite ^(.*) https://$server_name$1 permanent;
}


server {
    listen       80 http2;
    listen       443  ssl http2;
    server_name  www.my-wordpress.com  my-wordpress.com;


    charset utf-8;


    ssl_certificate     "/etc/nginx/ssl/server.crt";
    ssl_certificate_key "/etc/nginx/ssl/server.key";


    set $host_path "/var/www/html/chreagent";
    error_log    /var/log/nginx/error_chreagent.log;
    access_log   /var/log/nginx/acc_chreagent.log;


    root  $host_path;


    # 缓存标记
    set $skip_cache 0;
    if ($query_string != "") {
        set $skip_cache 1;
    }
    if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|sitemap(_index)?.xml") {
        set $skip_cache 1;
    }
    # 登录用户或发表评论者
    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
        set $skip_cache 1;
    }


    location = / {
        index  index.php index.html;
        try_files /index.php?$args /index.php?$args;
    }


    location / {
        index  index.php index.html;
        try_files $uri $uri/ /index.php?$args;
    }
    location ~ ^/\.user\.ini {
            deny all;
    }


    location ~ \.php$ {
    try_files $uri =404;
        fastcgi_index index.php;
        fastcgi_pass      unix:/var/run/php-fpm/php-fpm.sock;
        fastcgi_cache  wordpress;
        fastcgi_cache_valid 200 301 302 30m;
        fastcgi_cache_valid 404 10m;
        fastcgi_cache_bypass $skip_cache;
        fastcgi_no_cache $skip_cache;
        fastcgi_cache_lock on;
        fastcgi_param      SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        #fastcgi_param  PHP_VALUE "open_basedir=$document_root:/tmp/";
        include            fastcgi_params;
    }


    location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar|jpeg)$ {
        expires max;
        access_log off;
        try_files $uri =404;
    }


}

启动

systemctl enable --now php-fpm
systemctl enable --now nginx

centos7系统下安装nginx+php服务

前言

安装软件

配置

php-fpm

nginx

启动

新客户端IP一键过白功能开发与配置

nginx自动申请ssl证书

woocommerce支付插件开发知识总结

docker部署php环境

评论 (1)