SSI说明

一、SSI
Server Side Include,是一种基于服务端的网页制作技术,大多数(尤其是基于Unix平台)的web服务器如Netscape Enterprise Server等均支持SSI命令。
它的工作原因是:在页面内容发送到客户端之前,使用SSI指令将文本、图片或代码信息包含到网页中。对于在多个文件中重复出现内容,使用SSI是一种简便的方法,将内容存入一个包含文件中即可,不必将其输入所有文件。通过一个非常简单的语句即可调用包含文件,此语句指示Web服务器将内容插入适当网页。而且,使用包含文件时,对内容的所有更改只需在一个地方就能完成。

二、Nginx配置
ssi: 默认值off,启用ssi时将其设为on
ssi_silent_errors: 默认值off,开启后在处理SSI文件出错时不输出错误提示”[an error occurred while processing the directive]”。
ssi_types: 默认是text/html,所以如果需支持html,则不需要设置这句,如果需要支持shtml则需要设置:ssi_types text/shtml
三个参数可以放在http, server或location作用域下

三、Apache配置
AddType text/html .shtml .html
AddOutputFilter INCLUDES .shtml .html
Options Indexes FollowSymLinks INCLUDES IncludesNOEXEC

四、file和virtual
file可以包含一些指令,virtual不可以

五、语法
<!–#include virtual=”test.html” –>

&lt;!--#include file="test.html"--&gt;

参考:http://man.chinaunix.net/newsoft/ApacheManual/howto/ssi.html

http://nginx.org/en/docs/http/ngx_http_ssi_module.html

代理Node服务器

apache版本

        DocumentRoot /data/html/abc
        ServerName blog.phpfs.com

        ProxyPass http://127.0.01:3000/#注意Node监听的端口
        ProxyPassReverse http://127.0.0.1:3000/


nginx版本
server {  
    listen  80;  
    server_name blog.phpfs.com;  
    location / {  
        proxy_pass http://127.0.0.1:3000;  
    }  
} 

 

Centos7安装LAMP+PHPmyadmin

1、更新Centos7下载源
更新之前记得备份!!!
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
参考:http://mirrors.aliyun.com/help/centos
163的源参考:http://mirrors.163.com/.help/centos.html
2、更新本地缓存
yum clean all
yum makecache
3、安装网络工具
yum install net-tools
如果你要用ifconfig等命令的话
4、关闭firewall
systemctl stop firewalld.service
systemctl disable firewalld.service
5、关闭selinux
vi /etc/selinux/config
注释#SELINUX=enforcing
注释#SELINUXTYPE=targeted
添加SELINUX=disabled
保存退出:wq
setenforce 0#关闭selinux
6、安装apache
yum install httpd
7、安装Mariadb
yum install mariadb mariadb-server
拷贝配置文件覆盖原配置文件
cp /usr/share/mysql/my-huge.cnf /etc/my.cnf
8、安装PHP
yum install php php-mysql php-gd php-odbc php-pear php-mbstring php-mcrypt
9、下载PHPmyadmin
wget https://files.phpmyadmin.net/phpMyAdmin/4.0.0/phpMyAdmin-4.0.0-all-languages.zip
解压到/var/www/html/phpmyadmin

10、配置站点
vi /etc/httpd/conf/httpd.conf
文件最后加入

Include vhost/*.conf
mkdir /etc/httpd/vhost
touch test.conf

DocumentRoot /var/www/html/test
ServerName test

Options FollowSymLinks
AllowOverride All


touch phpmyadmin.conf

DocumentRoot /var/www/html/phpmyadmin
ServerName phpmyadmin

Options FollowSymLinks
AllowOverride All


重启apache和mariadb
11、安装epel源
wget http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-8.noarch.rpm
如果版本不一样就去这里找http://dl.fedoraproject.org/pub/epel/
rpm -ivh rpm epel-release-7-8.noarch.rpm
yum clean all
yum update
以下步骤都是在安装了epel源下进行的
12、安装mcrypt扩展
yum install php-mcrypt
13、安装redis、memcache以及扩展
yum install redis
vi /etc/redis.conf
daemonize yes#守护进程运行
redis-server /etc/redis.conf
yum install php-redis
yum install memcached
yum install php-memcached

附录:
启动|停止|重启apache systemctl start|stop|restart httpd.service
开机启动apache systemctl enable httpd.service
启动|停止|重启mariadb systemctl start|stop|restart mariadb.service
开启启动mariadb systemctl enable mariadb.service

Nginx搭建Https服务器

mkdir -p /etc/nginx/ssl
生成私钥
openssl genrsa -des3 -out server.key 1024
提示输入密码和确认密码
生成证书
openssl req -new -key server.key -out server.csr
提示输入密码,国家,省份,城市,组织等信息
生成无密码私钥
openssl rsa -in server.key -out public.key
颁发证书
openssl x509 -req -days 365 -in server.csr -signkey public.key -out server.crt
配置nginx站点

server {
    listen 443;
    ssl on;
    ssl_certificate  /etc/nginx/ssl/server.crt;
    ssl_certificate_key  /etc/nginx/ssl/public.key;
    server_name test.phpfs.com;
    root /data/html/test.phpfs.com/;
    location / {
       autoindex on;
    }
}

配置apache站点
提示:Invalid command ‘SSLEngine’, perhaps misspelled or defined by a module not included in the server configuration
Action ‘configtest’ failed.
需要启用sudo a2enmod ssl


	ServerName test.phpfs.com
	DocumentRoot /var/www/html/test
	SSLEngine on
    SSLCertificateFile /etc/nginx/ssl/server.crt
    SSLCertificateKeyFile /etc/nginx/ssl/public.key



nginx-https-1

ab压力测试

ab -n 1000 -c 50 http://test.xxxx.com/www/

Document Path: /www/
Document Length: 28625 bytes #请求文档大小

Concurrency Level: 50 #并发数
Time taken for tests: 47.986 seconds #全部请求完成耗时
Complete requests: 1000 #全部请求
Failed requests: 0 #失败的请求
Write errors: 0
Total transferred: 29014000 bytes #总传输大小
HTML transferred: 28625000 bytes #html内容传输量
Requests per second: 20.84 [#/sec] (mean)#重要指标之一,每秒请求数(平均)
Time per request: 2399.308 [ms] (mean)#重要指标之一,每次并发请求时间
Time per request: 47.986 [ms] (mean, across all concurrent requests)#每个请求实际运行时间,平均值
Transfer rate: 590.46 [Kbytes/sec] received #传输速率

Connection Times (ms)
min mean[+/-sd] median max
Connect: 0 0 0.4 0 2
Processing: 922 2379 376.4 2389 3723
Waiting: 891 2319 369.0 2326 3715
Total: 925 2379 376.2 2389 3723

Percentage of the requests served within a certain time (ms)
50% 2389
66% 2521
75% 2594
80% 2659
90% 2806
95% 2905
98% 3113
99% 3417
100% 3723 (longest request)
#50%的用户响应时间小于2389毫秒
#最长的响应时间是3723毫秒

apache防盗链

#防盗链

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$ [NC]
RewriteCond %{HTTP_REFERER} !phpfs.com [NC]
RewriteRule .*.(gif|jpg|png)$ http://www.phpfs.com/ [R,NC,L]

第一行是开启

第二行是允许空的http_pefferer访问,这样设置是因为有的使用代理的就没有这个了。所以大部分网站还是允许用代理访问的!

第三个仅仅允许phpf.com网站访问!

第四行是防盗链gif,jpg,png图片指向了首页

其中nc是不区分大小写,r是重定向,l是最后不再匹配其他

如果是其他格式可以在(git|jpg|png)中添加即可

apache禁止恶意解析

1.apache配置加载的时候把ip放在最前面即可

<VirtualHost *:80>
DocumentRoot /var/www/
ServerName 127.0.0.1
<Directory /var/www>
Options -Indexes FollowSymLinks
AllowOverride All
Order Allow,Deny
Deny from all
</Directory>
</VirtualHost>

Include sites-enabled/*.conf

这样sites-enabled下是所有网站的解析信息

Subversion 301 Moved Permanently 的解決方法

1.要保证svn和document不同一目录

官方说明:http://subversion.tigris.org/project_faq.html#301-error

 

<VirtualHost *:80>
ServerName blog.phpfs.com
DocumentRoot /var/www/html
<Directory /var/www/html>
order allow,deny
allow from all
</Directory>
<Location /test>
DAV svn
SVNPath /var/www/svn/test
Authtype Basic
AuthName ‘SVN’
Auth_MySQL on
Auth_MySQL_Authoritative on
Auth_MySQL_Host localhost
Auth_MySQL_DB svn
Auth_MySQL_User svn
Auth_MySQL_Password test
Auth_MySQL_Password_Table user
Auth_MySQL_Username_Field username
Auth_MySQL_Password_Field password
Auth_MySQL_Empty_Passwords Off
Auth_MySQL_Encrypted_Passwords on
Auth_MySQL_Encryption_Types PHP_MD5
AuthBasicAuthoritative Off
AuthUserFile /dev/null
Require valid-user
</Location>
<Location /html>
DAV svn
SVNPath /var/www/svn/html
Authtype Basic
AuthName ‘SVN’
Auth_MySQL on
Auth_MySQL_Authoritative on
Auth_MySQL_Host localhost
Auth_MySQL_DB svn
Auth_MySQL_User svn
Auth_MySQL_Password test
Auth_MySQL_Password_Table user
Auth_MySQL_Username_Field username
Auth_MySQL_Password_Field password
Auth_MySQL_Empty_Passwords Off
Auth_MySQL_Encrypted_Passwords on
Auth_MySQL_Encryption_Types PHP_MD5
AuthBasicAuthoritative Off
AuthUserFile /dev/null
Require valid-user
</Location>

</VirtualHost>

这个配置是ubuntu下的svn+mysql认证