Linux系统下Apache安装、配置、优化
<p><span><span> </span> </span></p><p></p>
<p><span style="font-size:xx-small"><span style="font-family:Times New Roman"><a class="UBBWordLink" href="#" target="_blank">安装</a> Apache 2.0.48 (查看Install手册) </span></span></p>
<p><span style="font-size:xx-small"><span style="font-family:Times New Roman"> 考虑到以后要 rewite_url 来使 google 更加容易收录网站,特地添加了 mod_rewrite 。 </span></span></p>
<p><span style="font-size:xx-small"><span style="font-family:Times New Roman"> 同时为了限制流量,特别加了 mod_limitpcnn.c 补丁 , 所以多了一个 --enable-forward 选项。 </span></span></p>
<p><span style="font-size:xx-small"><span style="font-family:Times New Roman"> 建议<a class="UBBWordLink" href="#" target="_blank">安装</a>完毕以后不要删除<a class="UBBWordLink" href="#" target="_blank">安装</a>目录,以便以后升级时使用。 </span></span></p>
<p><span style="font-size:xx-small"><span style="font-family:Times New Roman"> 记得升级前关闭 apache2.0 </span></span></p>
<p><span style="font-size:xx-small"><span style="font-family:Times New Roman"> 编译过程:<br /> <br /> 代码: </span></span></p>
<p><span style="font-family:Times New Roman; font-size:medium"> </span></p>
<p><span style="font-family:Times New Roman; font-size:medium"> 这个例子里面是编译了 mod_so,mod_speling 和 openssl 支持。<br /> 同样有另外几种写法<br /> <br /> 代码: </span></p>
<p><span style="font-family:Times New Roman; font-size:medium"> </span></p>
<p><span style="font-family:Times New Roman; font-size:medium"> </span></p>
<p></p>
<p><span style="font-family:Times New Roman; font-size:medium"> 接着,将启动程序放入开机程序中去。 如果要启动 ssl 加密网页,则必须通过手动启动 apache2.0 (参见 ssl 部分 )<br /> <br /> 代码: </span></p>
<p><span style="font-family:Times New Roman; font-size:medium"> </span></p>
<p><span style="font-family:Times New Roman; font-size:medium"> 代码: </span></p>
<p></p>
<p><span style="font-family:Times New Roman; font-size:medium"> 在 profile 里面添加以上的语句来<a class="UBBWordLink" href="#" target="_blank">设置</a>路径,使得在 bash 下更容易控制 apachectl, 省去了输入路径的麻烦。<br /> <br /> 代码: </span></p>
<p><span style="font-family:Times New Roman; font-size:medium"> </span></p>
<p><span style="font-family:Times New Roman; font-size:medium"> </span></p>
<p><span style="font-family:Times New Roman; font-size:medium"> </span></p>
<p><span style="font-family:Times New Roman; font-size:medium"> Xiyang 的配置 </span></p>
<p><span style="font-family:Times New Roman; font-size:medium"> 我用的: mod_limitipconn, mod_expires, mod_gzip, mod_php4, mod_so, mod_access, mod_alias, mod_userdir, mod_dir, mod_autoindex, mod_status, mod_mime, mod_log_config, http_core<br /> <br /> 关于超时的问题<br /> 在我编写好所有的产品查看页面的时候,经常会出现因为超时,或者流量过大 ,apache 停止工作的问题,原因有二,一是代码的不科学性,二是 apache 的<a class="UBBWordLink" href="#" target="_blank">设置</a>问题。<br /> <br /> 以下是对<a class="UBBWordLink" href="#" target="_blank">设置</a>的一点改动:<br /> <br /> 代码: </span></p>
<p><span style="font-family:Times New Roman"><span style="font-size:medium"> </span></span><span style="font-family:宋体; font-size:medium"> </span></p>
<p><span style="font-family:Times New Roman; font-size:medium"> • 记录访问者的 HTTP-REFERER 和 AGENT, 有助于统计来者是通过什么搜索引擎找到我们的网站的。 或者在原有的CustomLog行,将参数由 common 改成 combined<br /> <br /> 代码: </span></p>
<p><span style="font-family:Times New Roman"><span style="font-size:medium"> </span></span><span style="font-family:宋体; font-size:medium"> </span></p>
<p><span style="font-family:Times New Roman; font-size:medium"> </span></p>
<p><span style="font-family:Times New Roman; font-size:medium"> <a class="UBBWordLink" href="#" target="_blank">安装</a>过程<br /> <br /> </span></p>
<table align="center" border="1" cellpadding="2" cellspacing="0" style="width:400px"><tbody><tr><td><pre># lynx <a href="http://dominia.org/djao/limit/mod_limitipconn-0.22.tar.gz">http://dominia.org/djao/limit/mod_limitipconn-0.22.tar.gz</a>
# tar -zxvf mod_limitipconn-0.22.tar.gz
# cd httpd-2.0.48
# patch -p1 < ../mod_limitipconn-0.22/apachesrc.diff
patching file configure.in
Hunk #1 succeeded at 373 (offset 55 lines).
patching file include/scoreboard.h
patching file modules/generators/mod_status.c
Hunk #1 succeeded at 746 (offset -1 lines). </pre></td></tr></tbody></table>
<p></p>
<table align="center" border="1" cellpadding="2" cellspacing="0" style="width:400px"><tbody><tr><td><pre>##Instructions for building DSO with proxy tracking:
# tar xzvf httpd-2.0.39.tar.gz
# tar xzvf mod_limitipconn-0.22.tar.gz
# cd httpd-2.0.39
# patch -p1 < ../mod_limitipconn-0.22/apachesrc.diff
# ./buildconf
# ./configure --enable-so --enable-speling --enable-rewrite
--with-ssl=/usr/local/ssl --enable-forward
# make
# make install
# cd ../mod_limitipconn-0.22
# PATH=/usr/local/apache2/bin:$PATH
# make install </pre></td></tr></tbody></table>
<p></p>
<table align="center" border="1" cellpadding="2" cellspacing="0" style="width:400px"><tbody><tr><td><pre><span style="font-size:medium"># If you would like to have agent and referer logfiles,
# uncomment the following directives.
CustomLog logs/referer_log referer
CustomLog logs/agent_log agent
CustomLog logs/www.domain.com-access_log combined</span></pre></td></tr></tbody></table>
<p><span style="font-size:medium"> <br /> <br /> 使用 mod_limitipconn.c 来限制 apache 的并发数<br /> <br /> Package: http://dominia.org/djao/limit/这里的<a class="UBBWordLink" href="#" target="_blank">安装</a>建议使用动态 DSO 并 patch apache2.0, 以使得 apache2.0 可以认识在后方的 IP 。但是要 重新编译 apache2.0, 以下是介绍。<br /> <br /> 代码:</span></p>
<p></p>
<table align="center" border="1" cellpadding="2" cellspacing="0" style="width:400px"><tbody><tr><td><pre><span style="font-size:medium"># KeepAlive: Whether or not to allow persistent connections(more than
# one request per connection). Set to "Off" to deactivate.
# KeepAlive Off
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
# MaxKeepAliveRequests 0
# KeepAliveTimeout: Number of seconds to wait for the next request
# from the same client on the same connection.
# KeepAliveTimeout 0 </span></pre></td></tr></tbody></table>
<p><span style="font-size:medium"> </span></p>
<p></p>
<table align="center" border="1" cellpadding="2" cellspacing="0" style="width:400px"><tbody><tr><td><pre>#chmod 755 – R /home/dalouis/ </pre></td></tr></tbody></table>
<p> <br /> <a class="UBBWordLink" href="#" target="_blank">设置</a>目录的可读性为 drwxr-xr-x(755), 否则会出现 "Forbidden You don't have permission to access / on this server."<br /> <br /> 一些关于安全性的配置:<br /> <br /> 考虑到 cgi-bin 的安全性问题,我们暂时将 cgi-bin 去掉。将所有 httpd.conf 中的所有关于 cgi-bin 的行加上 #.</p>
<p></p>
<table align="center" border="1" cellpadding="2" cellspacing="0" style="width:400px"><tbody><tr><td><pre># vi /usr/local/apache2/conf/httpd.conf </pre></td></tr></tbody></table>
<p><br /> <br /> 配置文件请看文件 httpd.conf (<a class="UBBWordLink" href="#" target="_blank">设置</a>文档目录为/home/dalouis/public_html)<br /> <br /> 代码:</p>
<p></p>
<table align="center" border="1" cellpadding="2" cellspacing="0" style="width:400px"><tbody><tr><td><pre># vi /etc/profile
PATH=" $PATH:usr/local/apache2/bin:”</pre></td></tr></tbody></table>
<p> <br /> <br /> 配置 apache2.0<br /> <br /> 代码:</p>
<p></p>
<table align="center" border="1" cellpadding="2" cellspacing="0" style="width:400px"><tbody><tr><td><pre><span style="font-size:medium">If you want your server to continue running after a system reboot ,
you should add a call to apachectl to your system startup files (typically rc.local or
a file in an rc.N directory). This will start Apache as root. Before doing this ensure
that your server is properly configured for security and access restrictions. </span></pre></td></tr></tbody></table>
<p><span style="font-size:medium"> </span></p>
<p></p>
<table align="center" border="1" cellpadding="2" cellspacing="0" style="width:400px"><tbody><tr><td><pre># echo "/usr/local/apache2/bin/apachectl start" >> /etc/rc.d/rc.local </pre></td></tr></tbody></table>
<p><br /> <br /> 参考:</p>
<p></p>
<table align="center" border="1" cellpadding="2" cellspacing="0" style="width:400px"><tbody><tr><td><pre><span style="font-size:medium"> # apachectl -l
Compiled in modules:
core.c
mod_access.c
mod_auth.c
mod_include.c
mod_log_config.c
mod_env.c
mod_setenvif.c
prefork.c
http_core.c
mod_mime.c
mod_status.c
mod_autoindex.c
mod_asis.c
mod_cgi.c
mod_negotiation.c
mod_dir.c mod_imap.c
mod_actions.c
mod_speling.c
mod_userdir.c
mod_alias.c
mod_rewrite.c
mod_so.c </span></pre></td></tr></tbody></table>
<p><span style="font-size:medium"> </span></p>
<p></p>
<table align="center" border="1" cellpadding="2" cellspacing="0" style="width:400px"><tbody><tr><td><pre>#./configure --enable-modules=”so speling” </pre></td></tr></tbody></table>
<p><br /> <br /> --enable-MODULE[=shared] 编译并包含模块 MODULE. MODULE 是文档中去掉” _module ”的模块名。要将一个模块编译成为 DSO, 需要加 -shared 选项 , 即 --enable-mods-shared 。 (查看 MODULE 手册)<br /> <br /> 注意 :"如果希望核心能够装载 DSO,而不实际编译任何动态模块,则要明确指定 --enable-modules=so 或者 --enable-so" (查看 DSO 手册),所以前面的顺序不能交换顺序。 查看所有apache 的 configure 参数<br /> <br /> <a class="UBBWordLink" href="#" target="_blank">安装</a>完毕后可以用以下命令来查看启动了那些模块<br /> <br /> 代码:</p>
<p></p>
<table align="center" border="1" cellpadding="2" cellspacing="0" style="width:400px"><tbody><tr><td><pre>#./configure --enable-modules=so --enable-modules=speling --enable-modules=rewrite </pre></td></tr></tbody></table>
<p><br /> <br /> 或者<br /> <br /> 代码:</p>
<p></p>
<table align="center" border="1" cellpadding="2" cellspacing="0" style="width:400px"><tbody><tr><td><pre>#./configure --enable-so --enable-speling --enable-rewrite
--with-ssl=/usr/local/ssl --enable-forward
# make
# make install </pre></td></tr></tbody></table>
<p></p>
<p><span> </span></p>
頁:
[1]