- 作者:xiaoxiao
- 发表时间:2020-12-23 10:39
- 来源:未知
一、前言本人结合网上资料和个人的实践,利用一个下午的时间写出了这个适用于资源下载型网站的典型配置。这种配置的WEB网站初步实现了IP线程和线程流量的管理,同时proftpd用于上传资源,ssh用于主机管理。无疑这样可以自己支配宝贵的网络带宽,文章后面有个简单的防火墙配置仅供参考,我用的linux版本是redhat as 3.0。希望大家在看了这篇文章后多多和我交流, MAIL:LLZQQ@163.COM二、软件版本apache-1.3.29 mysql-4.0.16 php-4.3.4 proftpd-1.2.9 mod_limitipconn-0.04 mod_bandwidth-2.0.4三、安装配置Mysql# cd mysql-4.0.16# ./configure --prefix=/usr/local/mysql --localstatedir=/usr/local/mysql/data --disable-maintainer-mode –with-mysqld-user=mysql --enable-large-files-without-debug# make # make install添加mysql用户# /usr/sbin/groupadd mysqlThen we create a user called mysql which belongs to the mysql group; # /usr/sbin/useradd -g mysql mysql安装数据库文件: #./scripts/mysql_install_db 设置文件权限: # chown -R root:mysql /usr/local/mysql # chown -R mysql:mysql /usr/local/mysql/data 配置ld.so.conf # vi /etc/ld.so.conf 增加下面一句: /usr/local/mysql/lib/mysql 建立mysql的启动文件: # cp support-files/mysql.server /etc/init.d/mysql # cp support-files/my-medium.cnf /etc/my.cnf 以安全模式启动mysql: # /usr/local/mysql/bin/mysqld_safe –user=mysql & 设置mysql的root密码: # /usr/local/mysql/bin/mysqladmin -u root password new_password 把mysql服务设置为开机启动: # chmod 755 /etc/init.d/mysql # chkconfig –-add mysql # chkconfig mysql on 四、安装配置PHP #cd php-4.3.4 #./configure --prefix=/usr/local/php --with-apxs=/usr/local/apache/bin/apxs --with-mysql=/usr/local/mysql #make #make install 建立php的配置文件: # cp php.ini-dist /usr/local/php/lib/php.ini 修改php的配置文件: #vi /usr/local/php/lib/php.ini doc_root= “/home/www/” file_uploads=Off register-golbals = On 建立测试php页面 # vi /home/www/test.php <?php phpinfo(); ?> # chomd 755 /home/www/test.php 五、安装apache-1.3.29 # tar zvxf apache_1.3.29.tar.gz # cd apache_1.3.29 # cp ../mod_bandwidth.c mod_bandwidth.c 修改src/include/httpd.h 增大最大线程数 # vi src/include/httpd.h 修改其中的 #define HARD_SERVER_LIMIT 256 为 #define HARD_SERVER_LIMIT 2560 # ./configure --prefix=/usr/local/apache --enable-module=so --enable-module=rewrite --enable-shared=max --htdocsdir=/home/www --add-module=mod_bandwidth.c --permute-module=BEGIN:bandwidth # make # make install 建立启动文件: #cp apachectl /etc/init.d/httpd 修改apache的配置文件: #vi /usr/local/apache/conf/httpd.conf 修改、添加和确认存在下列配置项: addDefaultCharset GB2312 注释掉“addDefaultCharset ISO8859*” ExtendedStatus On LoadModule php4_module modules/libphp4.so DirectoryIndex index.html index.html.var index.php AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps LoadModule limitipconn_module libexec/mod_limitipconn.so AddModule mod_limitipconn.c 安装mod_limitipconn-0.04 # tar xzf mod_limitipconn-0.04.tar.gz # cd mod_limitipconn-0.04 # vi Makefile APXS = /usr/local/apache/bin/apxs # make # make install 使用mod_limitip模块需要在httpd.conf中增加这个设置 <IfModule mod_limitipconn.c> <Location /home/www/> 设置要控制的目录 MaxConnPerIP 2 限制每个IP的最大线程数 </Location> </IfModule> 完成mod_bandwidth模块的安装 创建 mod_bandwidth 运行需要的目录 mkdir /var/apachebw mkdir /var/apachebw/link mkdir /var/apachebw/master chmod -R 777 /var/apachebw修改httpd.conf增加下列内容 <IfModule mod_bandwidth.c> BandWidthDataDir "/var/apachebw/" BandWidthModule on<Directory /home/www> BandWidth 192.168.0 0 200000 制局域网内用户的下载速度为200k BandWidth all 51200 限制其他用户的下载速度为每秒 51200 字节 </Directory></IfModule>修改/etc/init.d/httpd# vi /etc/init.d/httpd在三行之后添加如下内容: #!/bin/sh # # Startup script for the Apache Web Server # chkconfig: - 85 15 # description: Apache is a World Wide Web server. It is used to serve / # HTML files and CGI. # processname: httpd # pidfile: /usr/local/apache/log/httpd.pid # config: /usr/local/apache/conf/httpd.conf 把apache服务设置为开机启动:# chkconfig –-add httpd # chmod 755 /etc/init.d/httpd # chkconfig httpd on 六、安装porftpd-1.2.9 # tar –zxvf proftpd-1.2.9.tar.gz # cd proftpd-1.2.9 # ./configure --prefix=/usr/local/proftpd # make # make install建立启动文件、把proftpd设置为开机启动 # cp ./contrib/dist/rpm/proftpd.init.d /etc/rc.d/init.d/proftpd# chkconfig --add proftpd # chmod 755 /etc/rc.d/init.d/proftpd # vi /etc/rc.d/init.d/functions export PATH="/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin:/usr/local/proftpd/ sbin" # vi /etc/rc.d/init.d/proftpd config: /usr/local/proftpd/etc/proftpd.conf PATH="$PATH:/usr/local/proftpd/sbin"# chkconfig proftpd on建立帐号和目录:# mkdir /home/test # chmod 755 /home/test # adduser -d /home/test -g ftp -s /sbin/nologin test # passwd test# adduser -d /home/upload -g ftp -s /sbin/nologin upload # passwd upload配置/usr/local/proftpd/etc/proftpd.conf,禁用匿名登陆ServerName "llzqq's ftp service" ServerType standalone DefaultServer on# Port 21 is the standard FTP port. Port 21# Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable. Umask 022MaxInstances 10# Set the user and group under which the server will run. User nobody Group ftp# To cause every FTP user to be "jailed" (chrooted) into their home # directory, uncomment this line. DefaultRoot ~ # Normally, we want files to be overwriteable. <Directory /> AllowOverwrite on </Directory># We want 'welcome.msg' displayed at login, and '.message' displayed # in each newly chdired directory. DisplayLogin welcome.msg DisplayFirstChdir .message RequireValidShell no#Limit User of being enbled login ftp server <Limit LOGIN> AllowGroup ftp DenyAll </Limit> # <Directory /home/test> <Limit WRITE> DenyGroup ftp </Limit> TransferRate RETR 51200 group ftp </Directory> <Directory /home/upload> <Limit RMD RNFR DELE RETR> DenyGroup ftp </Limit> TransferRate STOR 256000 group ftp </Directory>ServerIdent off MaxClientsPerHost 2 TimeoutIdle 600 TimeoutLogin 300 TimeoutNoTransfer 300 TimeoutStalled 300七、reboot计算机# shutdown –r now