说明:
站点1:bbs.osyunwei.com 程序所在目录/data/osyunwei/bbs
站点2:sns.osyunwei.com 程序所在目录/data/osyunwei/sns
系统运维 www.osyunwei.com 温馨提醒:qihang01原创内容©版权所有,转载请注明出处及原文链接
相关配置文件目录:
nginx主配置文件:/usr/local/nginx/conf/nginx.conf
php安装目录:/usr/local/php5/
站点1虚拟主机配置配置文件:/usr/local/nginx/conf/vhost/bbs.conf
站点2虚拟主机配置配置文件:/usr/local/nginx/conf/vhost/sns.conf
实现目的:
1、可以对站点1和站点2单独启动、停止php-fpm
2、站点1和站点2的php运行权限相互隔离,不能跨目录浏览,即站点1内的php木马不能访问站点2中的内容,
同理,站2内的php木马不能访问站点1中的内容。
实现方法:
一、为每个站点创建php-fpm.pid文件
cd /usr/local/php5/var/run
touch php-fpm-bbs.pid
touch php-fpm-sns.pid
二、为每个站点创建php-fpm.conf文件
cd /usr/local/php5/etc/
cp php-fpm.conf php-fpm-bbs.conf
cp php-fpm.conf php-fpm-sns.conf
三、为每个站点建立php-cgi.sock文件
touch /tmp/php-cgi-bbs.sock #建立php-cgi.sock文件
chown www.www /tmp/php-cgi-bbs.sock #设置文件所有者为www(必须与nginx的用户一致)
touch /tmp/php-cgi-sns.sock
chown www.www /tmp/php-cgi-sns.sock
四、编辑相关文件
vi /usr/local/php5/etc/php-fpm-bbs.conf
pid = run/php-fpm-bbs.pid
listen =/tmp/php-cgi-bbs.sock;
vi /usr/local/php5/etc/php-fpm-sns.conf
pid = run/php-fpm-sns.pid
listen =/tmp/php-cgi-sns.sock;
vi /etc/rc.d/init.d/php-fpm
vhost=$2
php_fpm_CONF=${prefix}/etc/php-fpm-$vhost.conf
php_fpm_PID=${prefix}/var/run/php-fpm-$vhost.pid
php_opts="-d open_basedir=/data/osyunwei/$vhost/:/tmp/ --fpm-config $php_fpm_CONF"
vi /usr/local/nginx/conf/vhost/bbs.conf
fastcgi_pass unix:/tmp/php-cgi-bbs.sock;
vi /usr/local/nginx/conf/vhost/sns.conf
fastcgi_pass unix:/tmp/php-cgi-sns.sock;
cd /home
vi start.sh #编辑开机启动脚本
#!/bin/bash
auto=$1
/bin/bash /etc/rc.d/init.d/php-fpm $auto bbs
/bin/bash /etc/rc.d/init.d/php-fpm $auto sns
chmod +x start.sh #添加脚本执行权限
vi /etc/rc.local #编辑开机启动文件
sh /home/start.sh start #加入开机启动
service nginx start
/etc/rc.d/init.d/php-fpm start bbs #单独启动站点bbs.osyunwei.com
/etc/rc.d/init.d/php-fpm start sns
系统运维 www.osyunwei.com 温馨提醒:qihang01原创内容©版权所有,转载请注明出处及原文链接
/etc/rc.d/init.d/php-fpm stop bbs #单独停止站点sns.osyunwei.com
/etc/rc.d/init.d/php-fpm stop sns
五、相关配置文件内容
/usr/local/nginx/conf/nginx.conf
3 | #error_log logs/error.log; |
4 | #error_log logs/error.log notice; |
5 | #error_log logs/error.log info; |
10 | worker_connections 65535; |
15 | default_type application/octet-stream; |
17 | #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' |
18 | # '$status $body_bytes_sent "$http_referer" ' |
19 | # '"$http_user_agent" "$http_x_forwarded_for"'; |
21 | #access_log logs/access.log main; |
22 | server_names_hash_bucket_size 128; |
23 | client_header_buffer_size 32k; |
24 | large_client_header_buffers 4 32k; |
25 | client_max_body_size 300m; |
28 | fastcgi_connect_timeout 300; |
29 | fastcgi_send_timeout 300; |
30 | fastcgi_read_timeout 300; |
31 | fastcgi_buffer_size 64k; |
32 | fastcgi_buffers 4 64k; |
33 | fastcgi_busy_buffers_size 128k; |
34 | fastcgi_temp_file_write_size 128k; |
42 | gzip_http_version 1.1; |
44 | gzip_types text/plain application/x-javascript text/css application/xml; |
61 | #server_name localhost; |
62 | index index.php default.php index.html index.htm default.html default.htm ; |
69 | location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ |
73 | location ~ .*\.(js|css)?$ |
vi /usr/local/nginx/conf/vhost/bbs.conf
4 | server_name bbs.osyunwei.com; |
5 | index index.php index.html index.htm default.html default.htm default.php; |
6 | root /data/osyunwei/bbs; |
7 | location ~ .*\.(php|php5)?$ |
9 | fastcgi_pass unix:/tmp/php-cgi-bbs.sock; |
10 | fastcgi_index index.php; |
18 | location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ |
22 | location ~ .*\.(js|css)?$ |
vi /usr/local/nginx/conf/vhost/sns.conf
4 | server_name sns.osyunwei.com; |
5 | index index.php index.html index.htm default.html default.htm default.php; |
6 | root /data/osyunwei/sns; |
7 | location ~ .*\.(php|php5)?$ |
9 | fastcgi_pass unix:/tmp/php-cgi-sns.sock; |
10 | fastcgi_index index.php; |
18 | location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ |
22 | location ~ .*\.(js|css)?$ |
vi /usr/local/nginx/conf/fcgi.conf
1 | fastcgi_param GATEWAY_INTERFACE CGI/1.1; |
2 | fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; |
4 | fastcgi_param QUERY_STRING $query_string; |
5 | fastcgi_param REQUEST_METHOD $request_method; |
6 | fastcgi_param CONTENT_TYPE $content_type; |
7 | fastcgi_param CONTENT_LENGTH $content_length; |
9 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; |
10 | fastcgi_param SCRIPT_NAME $fastcgi_script_name; |
11 | fastcgi_param REQUEST_URI $request_uri; |
12 | fastcgi_param DOCUMENT_URI $document_uri; |
13 | fastcgi_param DOCUMENT_ROOT $document_root; |
14 | fastcgi_param SERVER_PROTOCOL $server_protocol; |
16 | fastcgi_param REMOTE_ADDR $remote_addr; |
17 | fastcgi_param REMOTE_PORT $remote_port; |
18 | fastcgi_param SERVER_ADDR $server_addr; |
19 | fastcgi_param SERVER_PORT $server_port; |
20 | fastcgi_param SERVER_NAME $server_name; |
22 | # PHP only, required if PHP was built with --enable-force-cgi-redirect |
23 | fastcgi_param REDIRECT_STATUS 200; |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~转载结束~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
一、很久之前的版本,不同域名使用php-fpm不同配置文件用不同的pid。现版本为同一个pid即ok。
二、tcp socket & unix socket,监听的研究
请参看URL:http://blog.csdn.net/liv2005/article/details/7741732
目前简易采用tcp socket,轮询900X端口
/usr/local/nginx/conf/vhost.conf 文件内容如下:
upstream backend {
server localhost:9000;
server localhost:9001;
server localhost:9002;
server localhost:9003;
server localhost:9004;
server localhost:9005;
server localhost:9006;
server localhost:9007;
}
include /usr/local/nginx/conf/vhost/*.conf;
nginx的vhost配置文件如下:
/usr/local/nginx/conf/vhost/sap2w01.com.conf;
server {
listen 80;
server_name www.
sap2w01
.com;
access_log /usr/local/nginx/logs/
sap2w01
.com.log yundns_log;
index index.php index.html;
root /home/
sap2w01
.com;
location ~^(.+\.php)(.*)$ {
proxy_pass
http://127.0.0.1:8080;
#fastcgi_pass unix:/tmp/php-cgi-
sap2w01
.com.sock;
#fastcgi_pass
127.0.0.1:9000;
fastcgi_pass backend;
fastcgi_index index.php;
include fastcgi.conf;
}
error_page 403 /403.html;
error_page 404 /404.html;
error_page 500 /500.html;
error_page 503 /503.html;
}
#
php_admin_value[open_basedir]的安全设置:
请参看URL:http://www.iamle.com/archives/1854.html
扫一扫
1881
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
