网络优化
# ee /etc/sysctl.conf
# ee /boot/loader.conf
安装多线程下载工具axel
# cd /usr/ports/ftp/axel
# make install clean ; rehash
默认选项 安装
# ee /etc/make.conf
No.2 更新ports
#cd /usr/share/examples/cvsup
#ee ports-supfile
//把
*default host=CHANGE_THIS.FreeBSD.org
//改为:
*default host=cvsup5.FreeBSD.org
//作为webserver,升级全部的ports是完全没有必要的,因此可以把 ports-all那行前面加#注释掉。继续往后面
//找,有很多ports分支,我们把需要的打开,不需要的保留行首的#,就是取消了。如果是WEBserver 只更新 :
ports-databases //mysql5
ports-devel //Zend Optimize
ports-ftp //pure-ftpd
ports-lang //php5
ports-net
ports-www //apache22
//就可以…不过如果你网速还可以的话建议还是你都选上..万一中间出什么错你回来还得找我算帐…
#cvsup -g -L 2 ports-supfile
cd /usr/ports/distfiles/
#ls
编译内核
# dmesg | more #获得当前设备资源列表
# cd /usr/src/sys/i386/conf
# cp GENERIC MYKERNEL
# ee MYKERNEL
# 具体选项请参考http://www.freebsd.org/doc/zh_CN.GB2312/books/handbook/kernelconfig-config.html
代码:
ident MYKERNEL #内核标记名称
options QUOTA #启用磁盘配额
引用:
# cd /usr/src
# make -j4 buildworld ; rehash ; make –j4 buildkernel KERNCONF=MYKERNEL ; rehash ; make –j4 installkernel KERNCONF=MYKERNEL ; reboot
安装perl
QUOTE:
# cd /usr/ports/lang/perl5.8
# make install clean ; rehash
安装webmin
/usr/ports/sysutils/webmin
make install
安装mysql
#cd/usr/ports/databases/mysql50-server
#make WITH_CHARSET=gbk WITH_XCHARSET=all WITH_PROC_SCOPE_PTH=yes BUILD_OPTIMIZED=yes BUILD_STATIC=yes SKIP_DNS_CHECK=yes WITHOUT_INNODB=yes install clean
#cp /usr/local/share/mysql/my-small.cnf /etc/my.cnf
rehash
//切记..如果你要安装DZ论坛的必需加上WITH_CHARSET=gbk 要不然后悔的就是你.重新编译去吧你.
安装完成后运行
mysql_install_db –user=mysql
启动服务器/usr/local/etc/rc.d/mysql-server.sh start
mysqladmin –uroot –p password yourpassword(修改root密码)
mysql随系统启动
QUOTE:
# cp /usr/local/etc/rc.d/mysql-server /usr/local/etc/rc.d/mysql.sh
# ee /etc/rc.conf
CODE:
mysql_enable=”YES”
安装Apache
#cd /usr/ports/www/apache22
#make WITH_MPM=worker WITHOUT_IPV6=yes WITH_THREADS=yes WITHOUT_SSL=yes install clean
安装完成
ee /etc/rc.conf
添加一句:
apache22_enable=”YES”
使用/usr/local/etc/rc.d/apache22.sh start 启动apache
apachectl restart 重新启动
安装php
# cd /usr/ports/lang/php5
# make config
[X] CLI Build CLI version
[X] CGI Build CGI version
[X] APACHE Build Apache module
[ ] DEBUG Enable debug
[X]] SUHOSIN Enable Suhosin protection system
[X] MULTIBYTE Enable zend multibyte support
[ ] IPV6 Enable ipv6 support
[ ] REDIRECT Enable force-cgi-redirect support (CGI only)
[ ] DISCARD Enable discard-path support (CGI only)
[X] FASTCGI Enable fastcgi support (CGI only)
[X] PATHINFO Enable path-info-check support (CGI only)
# make install clean
#cp /usr/local/etc/php.ini-dist /usr/local/etc/php.ini
//切记不要选DEGUG 否则Zend装不上.别说我没告诉你.
//关于[X]] SUHOSIN Enable Suhosin protection system.我找到一些资料.为了安全..建议选上..
安装php5-extensions
# cd /usr/ports/lang/php5-extensions/
# make config
Options for php5-extensions 1.0
————————————————-
[X] FTP FTP support
[X] GD
[X] GETTEXT
[X] MBSTRING
[X] MYSQL
[ ] POSIX //去掉
[ ] SQLITE //去掉
[X] ZLIB
[X] CALENDAR
[X] CTYPE
[X] ICONV
[X] PCRE
[X] SESSION
[X] SOCKETS
[X] ZIP
# make install clean
配置php
QUOTE:
# cd /usr/local/etc
# cp php.ini-recommended php.ini
# ee php.ini
代码:
; 基于安全考虑,禁用某些功能,根据自己情况修改
disable_functions = passthru, exec, phpinfo, system, ini_alter, readlink, symlink, leak, proc_open, popepassthru, chroot, scandir, chgrp, chown, escapeshellcmd, escapeshellarg, shell_exec, proc_get_status
配置apache
引用:
# ee /usr/local/etc/apache22/httpd.conf
复制内容到剪贴板
代码:
DocumentRoot “/usr/www” # 网站主目录
Options FollowSymLinks
DirectoryIndex index.html index.php index.htm
AddType application/x-gzip .gz .tgz
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
AddDefaultCharset GB2312
ServerTokens Prod
ServerSignature Email
StartServers 10
MinSpareServers 10
MaxSpareServers 15
ServerLimit 2000
MaxClients 1500
MaxRequestsPerChild 10000
安装Zend Optimizer
# cd /usr/ports/devel/ZendOptimizer/
make install clean
//直接就可以安装.不用去fetch好几M的包..知道diskfiles好处了吧.
//你会看到以下提示:
//You have installed the ZendOptimizer package.
//Edit /usr/local/etc/php.ini and add:
//[Zend]
//zend_optimizer.optimization_level=15
//zend_extension_manager.optimizer=”/usr/local/lib/php/20050922-zts/Optimizer”
//zend_extension_manager.optimizer_ts=”/usr/local/lib/php/20050922-zts/Optimizer_TS”
//zend_extension=”/usr/local/lib/php/20050922-zts/ZendExtensionManager.so”
//zend_extension_ts=”/usr/local/lib/php/20050922-zts/ZendExtensionManager_TS.so”
//********************************************************************************
//ok根据提示我们继续.
# ee /usr/local/etc/php.ini
#h0//如果你打开是空白.那一定是忘了
# cp /usr/local/etc/php.ini-dist /usr/local/etc/php.ini//
//然后再
# ee /usr/local/etc/php.ini
//在最下边加上.
[Zend]
zend_optimizer.optimization_level=15
zend_extension_manager.optimizer=”/usr/local/lib/php/20050922-zts/Optimizer”
zend_extension_manager.optimizer_ts=”/usr/local/lib/php/20050922-zts/Optimizer_TS”
zend_extension=”/usr/local/lib/php/20050922-zts/ZendExtensionManager.so”
zend_extension_ts=”/usr/local/lib/php/20050922-zts/ZendExtensionManager_TS.so”
//先不要急着测试apache mysql php是否好使..心急吃不了热豆腐…明白不?我还没说完呢…
安装eaccelerator
cd /usr/ports/www/eaccelerator
make install clean
编辑httpd.conf
#ee /usr/local/etc/apache22/httpd.conf
//查找 :
#Listen 12.34.56.78:80 //行,将该行下面的内容修改为
Listen 125.208.15.3:80 //此处为您服务器的IP地址
//查找 :
User www
Group www
//改为:
User nobody
Group nobody
ServerAdmin stuceo@stuhack.com
//再往下找..
Options Indexes FollowSymLinks
//改为Options FollowSymLinks
//别说我没告诉你.163都会有这种错误.被黑客目录浏览到配置文件.到时候死了没我的事.
DirectoryIndex index.html index.php
AddDefaultCharset ISO-8859-1,
//将那行内容更改为AddDefaultCharset gb2312
//乱码烦不烦人?
//再往下找 怎么着?烦了…烦了睡觉去吧.这儿你不看别想解析php!
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
//再下面添加
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
//最下面
Include etc/apache22/extra/httpd-mpm.conf //把#去掉
//ESC退出保存
#ee /usr/local/etc/apache22/extra/httpd-mpm.conf
ServerLimit 3000
StartServers 5
MaxClients 5000
MinSpareThreads 75
MaxSpareThreads 300
ThreadsPerChild 50
MaxRequestsPerChild 80000
//切记… ServerLimit 3000 这儿一定要加上限制连接数..要不然重启的时候肯定报错
Starting Apache22
WARNING:MaxClients of 5000 would ruquire 100 servers,and would exceed the ServerLimit value of 16 Automatically lowering MaxClients to 800.To increase ,please see the ServerLimit directive.
//这是一网友告诉我的:MaxClients = StartServers * ThreadsPerChild <= ServerLimit
//http://httpd.apache.org/docs/2.0/mod/worker.html 可以自己去看看.
编辑index.php
#cd /usr/local/www/apache22/data/
#rm index.html
//不删的话您只能看到 it works!
#ee index.php
//输入:
phpinfo();
?>
安装phpmyadmin
也可以通过传统方式,通过ftp下载/上传到机器上,配置好参数即可运行。
QUOTE:
# cd /usr/ports/databases/phpmyadmin
# make install clean ; rehash
默认选项
引用:
# cp -R /usr/local/www/phpMyAdmin /usr/www/phpMyAdmin
//这里是看别人的,我自己是改成
# cp -R /usr/local/www/phpMyAdmin /usr/local/www/apache22/data/phpMyAdmin
//这样就等于是外部地址http://192.168.1.11/phpMyAdmin
# cd /usr/www/phpMyAdmin
# cp ./libraries/config.default.php config.inc.php
# ee config.inc.php
复制内容到剪贴板
代码:
$cfg[‘PmaAbsoluteUri’] = ‘http://192.168.163.130/phpMyAdmin/’ # 设置phpMyAdmin的绝对地址
$cfg[‘blowfish_secret’] = ‘host’; # 设置cookie加密
$cfg[‘Servers’][$i][‘auth_type’] = ‘cookie’ # 设置认证方式
引用:
# chmod 755 config.inc.php
FTP设置
配置ftp(系统自带)
引用:
# ee /etc/inetd.conf
复制内容到剪贴板
代码:
ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l -h
//去掉ftp前的#号
引用:
# ee /etc/rc.conf
复制内容到剪贴板
代码:
inetd_enable=”YES”
启动ftp
引用:
# killall -HUP inetd
添加ftp用户组
引用:
# pw groupadd ftpgroup -g 10001
添加ftp用户
引用:
# adduser
Username:ftp
Full name:
Uid (Leave empty for default):1001
Login group [ftpuser]: ftpgroup
Login group is ftpgrou. Invite ftpuser into other groups? []:
Login class [default]:
Shell (sh csh tcsh zsh nologin) [sh]:
Home directory [/home/ftpuser]:/usr/www
Use password-based authentication? [yes]:
Use an empty password? (yes/no) [no]:
Use a random password? (yes/no) [no]:
Enter password:
Enter password again:
Lock out the account after creation? [no]:
Username : ftpuser
Password : *****
Full Name :
Uid : 1001
Class :
Groups : ftpgroup
Home : /usr/www
Shell : /bin/sh
Locked : no
OK? (yes/no) : yes
adduser: INFO: Successfully added (ftpuser) to the user database.
Add another user? (yes/no): no
Goodbye!
禁止匿名用户登录
引用:
# ee /etc/ftpusers
复制内容到剪贴板
代码:
anonymous
@guest
设定用户使用目录
引用:
# ee /etc/ftpchroot
复制内容到剪贴板
代码:
ftpusr /usr/www
设置用户磁盘限额
引用:
# ee /etc/rc.conf
复制内容到剪贴板
代码:
enable_quotas=”YES”
check_quotas=”YES”
引用:
# ee /etc/fstab
复制内容到剪贴板
代码:
/dev/ad0s1f /usr ufs rw,userquota,groupquota 2 2
引用:
# quotacheck -av
# repquota –a
# edquota –u ftpuser
复制内容到剪贴板
代码:
/usr: kbytes in use: 0, limits (soft = 100000, hard = 100020) # soft是警告容量,hard是强制容量
引用:
# edquota –t
复制内容到剪贴板
代码:
/usr: block grace period: 1 minutes, file grace period: 1 minutes
引用:
# quotaon -a
]]>
