LOADING STUFF...

appnode 搭建优化

原创文章5年前 (2019)发布 fdadmin
8,545 0 0

1.安装 appnode

INSTALL_AGENT=1 INSTALL_APPS=sitemgr INIT_SWAPFILE=1 INSTALL_PKGS='nginx-stable,php71,mysql56' bash -c "$(curl -sS http://dl.appnode.com/install.sh)"

1-1.安装 redis
1-2.php 安装插件 pecl-redis

2.配置php 环境变量

vi /etc/profile

末尾加入:
[rihide]
“`shell
PATH=$PATH:/opt/appnode/appnode-php71/root/bin
export PATH
“`
[/rihide]

配置文件生效

source /etc/profile

检查php 是否生效

php -i
php -v

3.创建运行环境
选择数据库—重置root 密码
4.创建网站
网站数据库和密码
5.伪静态

if (!-d $request_filename){
    set $rule_0 1$rule_0;
}
if (!-f $request_filename){
    set $rule_0 2$rule_0;
}
if ($rule_0 = "21"){
    rewrite ^/(.*)$ /index.php?s=/$1 last;
}

6.php 安全设置–自定义
[rihide]
“`
phpinfo,eval, passthru, exec, system, chroot, chgrp, chown, shell_exec, proc_open, proc_get_status, ini_alter, ini_alter, ini_restore, dl, openlog, syslog, readlink, popepassthru, stream_socket_server
“`

7.禁止爬虫采集
“`
baiduspider
360spider
googlebot
yodao
soso
bing
sogou
yahoo
yisouspider
sohu-search
YoudaoBot
robozilla
msnbot
MJ12bot
NHN
Twiceler
baidu
sogo
uc
UCBrowser
qihoobot
""
ia_archiver
“`
8.导入数据库

9.解决./getdate.sh:行4: Could: 未找到命令
“`shell
sed -i "s#;date.timezone =#date.timezone = PRC#g" /etc/opt/appnode/scls/appnode-php71/php.ini
“`
10.解决PHP Notice – yiibaseErrorException
修改php.ini error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
为: error_reporting = E_ALL & ~E_NOTICE

11.开启CC攻击防护
12.开启反代攻击
13.安装防火墙
启动,并且设置自启,禁止Ping
[/rihide]

14.配置后nginx
[rihide]
“`
server {
listen 80;
server_name 427.922.135.101;

if ($http_user_agent ~* (baiduspider|360spider|googlebot|yodao|soso|bing|sogou|yahoo|yisouspider|sohu-search|YoudaoBot|robozilla|msnbot|MJ12bot|NHN|Twiceler|baidu|sogo|uc|UCBrowser|”)) {
return 404;
}

keepalive_timeout 75s;
keepalive_requests 100;
access_log /application/htgj/sites/htgj/log/nginx/access.log;
error_log /application/htgj/sites/htgj/log/nginx/error.log;
pagespeed on;
pagespeed FileCachePath /application/htgj/sites/htgj/cache/ngx_pagespeed;
pagespeed LowercaseHtmlNames on;
pagespeed PreserveUrlRelativity on;
pagespeed RespectVary on;
pagespeed XHeaderValue ‘Powered By AppNode’;
pagespeed EnableFilters remove_comments,collapse_whitespace,combine_css,rewrite_css,sprite_images,combine_javascript,rewrite_javascript,rewrite_images,lazyload_images,prioritize_critical_css,extend_cache;
pagespeed FileCacheCleanIntervalMs 3600;
pagespeed FileCacheSizeKb 102400;
pagespeed FileCacheInodeLimit 500000;
pagespeed AdminPath /pagespeed_admin;
pagespeed PurgeMethod PURGE;
pagespeed EnableCachePurge on;
root /application/htgj/sites/htgj/www/frontend/web/;
client_max_body_size 10M;
access_by_lua_file /application/htgj/sites/htgj/conf/access.lua;

location / {
index index.html index.htm index.php;

if (!-d $request_filename) {
set $rule_0 1$rule_0;
}

if (!-f $request_filename) {
set $rule_0 2$rule_0;
}

if ($rule_0 = 21) {
rewrite ^/(.*)$ /index.php?s=/$1 last;
}
}

location = /__appnode_anti_cc_admin {
allow 127.0.0.1;
deny all;
}

location = /__appnode_anti_cc_log {
internal;
access_log /application/htgj/sites/htgj/log/nginx/cc_attack.log;
}

location ~ ‘.pagespeed.([a-z].)?[a-z]{2}.[^.]{10}.[^.]+’ {
add_header ” ”;
}

location ~ ^/pagespeed_static/ {
}

location ~ ^/ngx_pagespeed_beacon$ {
}

location ~ ^/pagespeed_admin {
allow 127.0.0.1;
deny all;
}

location ~ ^/.+.php(/|$) {
include conf.sitemgr.d/global/conf/fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /application/htgj/sites/htgj/www/frontend/web/$fastcgi_script_name;
fastcgi_split_path_info ^(.+.php)(/.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_read_timeout 60s;
fastcgi_pass unix:/application/htgj/sites/htgj/php-pool/php-fpm.sock;
}

location ~* .(js|css|png|jpg|jpeg|gif|ico|bmp|swf|eot|svg|ttf|woff|woff2)$ {
expires 30d;
log_not_found off;
}
}
“`
[/rihide]

© 版权声明

相关文章

暂无评论

暂无评论...