centos7 + LAMP installation

1) install Centos7

go to centos.org and download the iso , burn image ISO to DVD. use simple burn, iso. Do not use mac default one.

then, install it on blank server

2) install LAMP

see below link for apache, mariaDB

https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-centos-7

====

Introduction

A “LAMP” stack is a group of open source software that is typically installed together to enable a server to host dynamic websites and web apps. This term is actually an acronym which represents the Linux operating system, with the Apache web server. The site data is stored in a MySQL database (using MariaDB), and dynamic content is processed by PHP.

In this guide, we’ll get a LAMP stack installed on an CentOS 7 VPS. CentOS will fulfill our first requirement: a Linux operating system.

Prerequisites

Before you begin with this guide, you should have a separate, non-root user account set up on your server. You can learn how to do this by completing steps 1-4 in the initial server setup for CentOS 7.

Step One — Install Apache

The Apache web server is currently the most popular web server in the world, which makes it a great default choice for hosting a website.

We can install Apache easily using CentOS’s package manager, yum. A package manager allows us to install most software pain-free from a repository maintained by CentOS. You can learn more about how to use yum here.

For our purposes, we can get started by typing these commands:

sudo yum install httpd

Since we are using a sudo command, these operations get executed with root privileges. It will ask you for your regular user’s password to verify your intentions.

Afterwards, your web server is installed.

Once it installs, you can start Apache on your VPS:

sudo systemctl start httpd.service

You can do a spot check right away to verify that everything went as planned by visiting your server’s public IP address in your web browser (see the note under the next heading to find out what your public IP address is if you do not have this information already):

http://your_server_IP_address/

You will see the default CentOS 7 Apache web page, which is there for informational and testing purposes. It should look something like this:

CentOS 7 Apache default

If you see this page, then your web server is now correctly installed.

The last thing you will want to do is enable Apache to start on boot. Use the following command to do so:

sudo systemctl enable httpd.service

How To Find your Server’s Public IP Address

If you do not know what your server’s public IP address is, there are a number of ways you can find it. Usually, this is the address you use to connect to your server through SSH.

From the command line, you can find this a few ways. First, you can use the iproute2 tools to get your address by typing this:

ip addr show eth0 | grep inet | awk '{ print $2; }' | sed 's/\/.*$//'

This will give you one or two lines back. They are both correct addresses, but your computer may only be able to use one of them, so feel free to try each one.

An alternative method is to use an outside party to tell you how it sees your server. You can do this by asking a specific server what your IP address is:

curl http://icanhazip.com

Regardless of the method you use to get your IP address, you can type it into your web browser’s address bar to get to your server.

Step Two — Install MySQL (MariaDB)

Now that we have our web server up and running, it is time to install MariaDB, a MySQL drop-in replacement. MariaDB is a community-developed fork of the MySQL relational database management system. Basically, it will organize and provide access to databases where our site can store information.

Again, we can use yum to acquire and install our software. This time, we’ll also install some other “helper” packages that will assist us in getting our components to communicate with each other:

sudo yum install mariadb-server mariadb

When the installation is complete, we need to start MariaDB with the following command:

sudo systemctl start mariadb

Now that our MySQL database is running, we want to run a simple security script that will remove some dangerous defaults and lock down access to our database system a little bit. Start the interactive script by running:

sudo mysql_secure_installation

The prompt will ask you for your current root password. Since you just installed MySQL, you most likely won’t have one, so leave it blank by pressing enter. Then the prompt will ask you if you want to set a root password. Go ahead and enter Y, and follow the instructions:

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorization.

New password: password
Re-enter new password: password
Password updated successfully!
Reloading privilege tables..
 ... Success!

For the rest of the questions, you should simply hit the “ENTER” key through each prompt to accept the default values. This will remove some sample users and databases, disable remote root logins, and load these new rules so that MySQL immediately respects the changes we have made.

The last thing you will want to do is enable MariaDB to start on boot. Use the following command to do so:

sudo systemctl enable mariadb.service

At this point, your database system is now set up and we can move on.

Step Three — Install PHP

PHP is the component of our setup that will process code to display dynamic content. It can run scripts, connect to our MySQL databases to get information, and hand the processed content over to our web server to display.

We can once again leverage the yum system to install our components. We’re going to include the php-mysql package as well:

sudo yum install php php-mysql

This should install PHP without any problems. We need to restart the Apache web server in order for it to work with PHP. You can do this by typing this:

sudo systemctl restart httpd.service

Install PHP Modules

To enhance the functionality of PHP, we can optionally install some additional modules.

To see the available options for PHP modules and libraries, you can type this into your system:

yum search php-

The results are all optional components that you can install. It will give you a short description for each:

php-bcmath.x86_64 : A module for PHP applications for using the bcmath library
php-cli.x86_64 : Command-line interface for PHP
php-common.x86_64 : Common files for PHP
php-dba.x86_64 : A database abstraction layer module for PHP applications
php-devel.x86_64 : Files needed for building PHP extensions
php-embedded.x86_64 : PHP library for embedding in applications
php-enchant.x86_64 : Enchant spelling extension for PHP applications
php-fpm.x86_64 : PHP FastCGI Process Manager
php-gd.x86_64 : A module for PHP applications for using the gd graphics library
. . .

To get more information about what each module does, you can either search the internet, or you can look at the long description in the package by typing:

yum info package_name

There will be a lot of output, with one field called Description which will have a longer explanation of the functionality that the module provides.

For example, to find out what the php-fpm module does, we could type this:

yum info php-fpm

Along with a large amount of other information, you’ll find something that looks like this:

. . .
Summary     : PHP FastCGI Process Manager
URL         : http://www.php.net/
License     : PHP and Zend and BSD
Description : PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI
            : implementation with some additional features useful for sites of
            : any size, especially busier sites.

If, after researching, you decide you would like to install a package, you can do so by using the yum install command like we have been doing for our other software.

If we decided that php-fpm is something that we need, we could type:

sudo yum install php-fpm

If you want to install more than one module, you can do that by listing each one, separated by a space, following the yum install command, like this:

sudo yum install package1 package2 ...

At this point, your LAMP stack is installed and configured. We should still test out our PHP though.

Step Four — Test PHP Processing on your Web Server

In order to test that our system is configured properly for PHP, we can create a very basic PHP script.

We will call this script info.php. In order for Apache to find the file and serve it correctly, it must be saved to a very specific directory, which is called the “web root”.

In CentOS 7, this directory is located at /var/www/html/. We can create the file at that location by typing:

sudo vi /var/www/html/info.php

This will open a blank file. We want to put the following text, which is valid PHP code, inside the file:

<?php phpinfo(); ?>

When you are finished, save and close the file.

If you are running a firewall, run the following commands to allow HTTP and HTTPS traffic:

sudo firewall-cmd --permanent --zone=public --add-service=http 
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload

Now we can test whether our web server can correctly display content generated by a PHP script. To try this out, we just have to visit this page in our web browser. You’ll need your server’s public IP address again.

The address you want to visit will be:

http://your_server_IP_address/info.php

The page that you come to should look something like this:

CentOS 7 default PHP info

This page basically gives you information about your server from the perspective of PHP. It is useful for debugging and to ensure that your settings are being applied correctly.

If this was successful, then your PHP is working as expected.

You probably want to remove this file after this test because it could actually give information about your server to unauthorized users. To do this, you can type this:

sudo rm /var/www/html/info.php

You can always recreate this page if you need to access the information again later.

Conclusion

Now that you have a LAMP stack installed, you have many choices for what to do next. Basically, you’ve installed a platform that will allow you to install most kinds of websites and web software on your server.

 

===

 

then, Install phpMyAdmin

Step One — Install phpMyAdmin

With our LAMP platform already in place, we can begin right away with installing the phpMyAdmin software. Unfortunately, phpMyAdmin is not available in CentOS 7’s default repository.

To get the packages we need, we’ll have to add an additional repo to our system. The EPEL repo (Extra Packages for Enterprise Linux) contains many additional packages, including the phpMyAdmin package we are looking for.

The EPEL repository can be made available to your server by installing a special package called epel-release. This will reconfigure your repository list and give you access to the EPEL packages.

To install, just type:

sudo yum install epel-release

Now that the EPEL repo is configured, you can install the phpMyAdmin package using the yum packaging system by typing:

sudo yum install phpmyadmin

The installation will now complete. The installation included an Apache configuration file that has already been put into place. We will need to modify this a bit to get it to work correctly for our installation.

Open the file in your text editor now so that we can make a few changes:

sudo nano /etc/httpd/conf.d/phpMyAdmin.conf

Inside, we see some directory blocks with some conditional logic to explain the access policy for our directory. There are two distinct directories that are defined, and within these, configurations that will be valid for both Apache 2.2 and Apache 2.4 (which we are running).

Currently, this setup is configured to deny access to any connection not being made from the server itself. Since we are working on our server remotely, we need to modify some lines to specify the IP address of your home connection.

Change any lines that read Require ip 127.0.0.1 or Allow from 127.0.0.1 to refer to your home connection’s IP address. If you need help finding the IP address of your home connection, check out the next section. There should be four locations in the file that must be changed:

. . .
Require ip your_workstation_IP_address
. . .
Allow from your_workstation_IP_address
. . .
Require ip your_workstation_IP_address
. . .
Allow from your_workstation_IP_address
. . .

When you are finished, restart the Apache web server to implement your modifications by typing:

sudo systemctl restart httpd.service

With that, our phpMyAdmin installation is now operational. To access the interface, go to your server’s domain name or public IP address followed by /phpMyAdmin, in your web browser:

http://server_domain_or_IP/phpMyAdmin

phpMyAdmin login screen

To sign in, use a username/password pair of a valid MariaDB user. The root user and the MariaDB administrative password is a good choice to get started. You will then be able to access the administrative interface:

phpMyAdmin admin interface

Find Your IP Address

You will need to know the IP address of the computer you are using to access your databases in order to complete the step above. This is a security precaution so that unauthorized people cannot connect to your server.

Note: This is not the IP address of your VPS, it is the IP address of your home or work computer.

You can find out how the greater web sees your IP address by visiting one of these sites in your web browser:

Compare a few different sites and make sure they all give you the same value. Use this value in the configuration file above.

Step Two — Secure your phpMyAdmin Instance

The phpMyAdmin instance installed on our server should be completely usable at this point. However, by installing a web interface, we have exposed our MySQL system to the outside world.

Even with the included authentication screen, this is quite a problem. Because of phpMyAdmin’s popularity combined with the large amount of data it provides access to, installations like these are common targets for attackers.

We will implement two simple strategies to lessen the chances of our installation being targeted and compromised. We will change the location of the interface from /phpMyAdmin to something else to sidestep some of the automated bot brute-force attempts. We will also create an additional, web server-level authentication gateway that must be passed before even getting to the phpMyAdmin login screen.

Changing the Application’s Access Location

In order for our Apache web server to work with phpMyAdmin, our phpMyAdmin Apache configuration file uses an alias to point to the directory location of the files.

To change the URL where our phpMyAdmin interface can be accessed, we simply need to rename the alias. Open the phpMyAdmin Apache configuration file now:

sudo nano /etc/httpd/conf.d/phpMyAdmin.conf

Toward the top of the file, you will see two lines that look like this:

Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin

These two lines are our aliases, which means that if we access our site’s domain name or IP address, followed by either /phpMyAdmin or /phpmyadmin, we will be served the content at /usr/share/phpMyAdmin.

We want to disable these specific aliases since they are heavily targeted by bots and malicious users. Instead, we should decide on our own alias. It should be easy to remember, but not easy to guess. It shouldn’t indicate the purpose of the URL location. In our case, we’ll go with /nothingtosee.

To apply our intended changes, we should remove or comment out the existing lines and add our own:

# Alias /phpMyAdmin /usr/share/phpMyAdmin
# Alias /phpmyadmin /usr/share/phpMyAdmin
Alias /nothingtosee /usr/share/phpMyAdmin

When you are finished, save and close the file.

To implement the changes, restart the web service:

sudo systemctl restart httpd.service

Now, if you go to the previous location of your phpMyAdmin installation, you will get a 404 error:

http://server_domain_or_IP/phpMyAdmin

phpMyAdmin 404 error

However, your phpMyAdmin interface will be available at the new location we selected:

http://server_domain_or_IP/nothingtosee

phpMyAdmin login screen

Setting up a Web Server Authentication Gate

The next feature we wanted for our installation was an authentication prompt that a user would be required to pass before ever seeing the phpMyAdmin login screen.

Fortunately, most web servers, including Apache, provide this capability natively. We will just need to modify our Apache configuration file to use an authorization file.

Open the phpMyAdmin Apache configuration file in your text editor again:

sudo nano /etc/httpd/conf.d/phpMyAdmin.conf

Within the /usr/share/phpMyAdmin directory block, but outside of any of the blocks inside, we need to add an override directive. It will look like this:

. . .
<Directory /usr/share/phpMyAdmin/>
   AllowOverride All
   <IfModule mod_authz_core.c>
   . . .
</Directory>
. . .

This will allow us to specify additional configuration details in a file called .htaccess located within the phpMyAdmin directory itself. We will use this file to set up our password authentication.

Save and close the file when you are finished.

Restart the web service to implement this change:

sudo systemctl restart httpd.service

Create an .htaccess File

Now that we have the override directive in our configuration, Apache will look for a file called .htaccess within the /usr/share/phpMyAdmin directory. If it finds one, it will use the directives contained within to supplement its previous configuration data.

Our next step is to create the .htaccess file within that directory. Use your text editor to do so now:

sudo nano /usr/share/phpMyAdmin/.htaccess

Within this file, we need to enter the following information:

AuthType Basic
AuthName "Admin Login"
AuthUserFile /etc/httpd/pma_pass
Require valid-user

Let’s go over what each of these lines mean:

  • AuthType Basic: This line specifies the authentication type that we are implementing. This type will implement password authentication using a password file.
  • AuthName: This sets the message for the authentication dialog box. You should keep this generic so that unauthorized users won’t gain knowledge about what is being protected.
  • AuthUserFile: This sets the location of the actual password file that will be used for authentication. This should be outside of the directories that are being served. We will create this file in a moment.
  • Require valid-user: This specifies that only authenticated users should be given access to this resource. This is what actually stops unauthorized users from entering.

When you are finished entering this information, save and close the file.

Create the Password File for Authentication

Now that we have specified the location for our password file through the use of the AuthUserFile directive in our .htaccess file, we need to create and populate the password file.

This can be accomplished through the use of an Apache utility called htpasswd. We invoke the command by passing it the location where we would like to create the file and the username we would like to enter authentication details for:

sudo htpasswd -c /etc/httpd/pma_pass username

The -c flag indicates that this will create an initial file. The directory location is the path and filename that will be used for the file. The username is the first user we would like to add. You will be prompted to enter and confirm a password for the user.

If you want to add additional users to authenticate, you can call the same command again without the -c flag, and with a new username:

sudo htpasswd /etc/httpd/pma_pass seconduser

With our password file created, an authentication gateway has been implemented and we should now see a password prompt the next time we visit our site:

http://server_domain_or_IP/nothingtosee

Apache authentication page

Once you enter your credentials, you will be taken to the normal phpMyAdmin login page. This added layer of protection will help keep your MySQL logs clean of authentication attempts in addition to the added security benefit.

Conclusion

You can now manage your MySQL databases from a reasonably secure web interface. This UI exposes most of the functionality that is available from the MySQL command prompt. You can view databases and schema, execute queries, and create new data sets and structures.

Tagged In: PHP, MySQL, Ubuntu, Apache

 

godaddy SSL install at directadmin

1) create the SSL csr request at directadmin
2) paste to godady and wait for 5 mins , there will be download link for SSL certificates
3) install the Certificate on cert. and install the gd_bundle to CA certifiates. paste all 3 pcs certificates in gd_budle4) wait for 5 mints and use the certificates ssl tester to see the results. it takes a while for test to see the good results

 

 

how to move the Magento website to new

– windows use putty for SSH tool

http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

– SSH connect

ssh host@67.215.241.19

pass: xxxxxxx

——————-

find the folder of the website  and tar the folder and files

tar -cvzf p.tar.gz public_html/

export the database

mysqldump -uABC_mg -pPASSWORD ABC_DATBASENAME > backupdatabase.sql

Then, move the website to new domain,

unzip the file
tar -xvzf p.tar.gz

Create new database in the Directadmin
and Import database
mysql -uDB_USER -pPASSWORD DB_NAME < backupdatabase.sql

lastly go to magento file folder  APP > etc > local.xml change the database link ,

change the domain name in the backend of configuration > web > url change to new domain url

clear the cache

the site should be ok .

SSL Installation on Directadmin

1) Go to Directadmin SSL certificate

create the SSL RSA Key

key

 

copy the RSA code to SSL certificate company field and submit.

you will get a email for approval the certificate,

check the email and click the link and approve it.

then you will get an email contain certificate for both SSL and CA root certificate.

1) open the SSL in directadmin, copy the SSL certificate and pasted it under the RSA key, save it

2) below it, there is “click here” to add the CA root certificate.copy from email and paste it to the CA Root certificate field  and check the top , save it.

use the SSL validation tools to check it.

====

In Magento side, please change the http to https in Secure https under configuration > Web

and enable it in front end to “YES”

Trouble shoot, if there is Blank page on the checkout page, here is how to fix it,

use SSH command,

1) remove the private _html

2) add the link by ssh command

ln -s public_html ./private_html

it will fix the problem

cheer!

Donny

 

=======

You’ll need to log onto SSH and navigate to your domains folder where your domain exists. Open the domain folder and rename the private_html folder (if it exists) to private_htmlbu or something like that.

Next execute this command:  ln -s public_html ./private_html

 

most easy way to install lamp for ubuntu

Install Apache

To start off we will install Apache.

1. Open up the Terminal (Applications > Accessories > Terminal).

2. Copy/Paste the following line of code into Terminal and then press enter:

sudo apt-get install apache2

3. The Terminal will then ask you for you’re password, type it and then press enter.

Testing Apache

To make sure everything installed correctly we will now test Apache to ensure it is working properly.

1. Open up any web browser and then enter the following into the web address:

http://localhost/

You should see a folder entitled apache2-default/. Open it and you will see a message saying “It works!” , congrats to you!

Install PHP

In this part we will install PHP 5.

Step 1. Again open up the Terminal (Applications > Accessories > Terminal).

Step 2. Copy/Paste the following line into Terminal and press enter:

sudo apt-get install php5 libapache2-mod-php5

Step 3. In order for PHP to work and be compatible with Apache we must restart it. Type the following code in Terminal to do this:

sudo /etc/init.d/apache2 restart

Test PHP

To ensure there are no issues with PHP let’s give it a quick test run.

Step 1. In the terminal copy/paste the following line:

sudo gedit /var/www/testphp.php

This will open up a file called phptest.php.

Step 2. Copy/Paste this line into the phptest file:

<?php phpinfo(); ?>

Step 3. Save and close the file.

Step 4. Now open you’re web browser and type the following into the web address:

http://localhost/testphp.php

The page should look like this:

Test PHP Page

Congrats you have now installed both Apache and PHP!

Install MySQL

To finish this guide up we will install MySQL. (Note – Out of Apache and PHP, MySQL is the most difficult to set up. I will provide some great resources for anyone having trouble at the end of this guide.)

Step 1. Once again open up the amazing Terminal and then copy/paste this line:

sudo apt-get install mysql-server

Step 2 (optional). In order for other computers on your network to view the server you have created, you must first edit the “Bind Address”. Begin by opening up Terminal to edit the my.cnf file.

gksudo gedit /etc/mysql/my.cnf

Change the line

bind-address = 127.0.0.1

And change the 127.0.0.1 to your IP address.

Step 3. This is where things may start to get tricky. Begin by typing the following into Terminal:

mysql -u root

Following that copy/paste this line:

mysql> SET PASSWORD FOR ‘root’@’localhost’ = PASSWORD(‘yourpassword’);

(Make sure to change yourpassword to a password of your choice.)

Step 4. We are now going to install a program called phpMyAdmin which is an easy tool to edit your databases. Copy/paste the following line into Terminal:

sudo apt-get install libapache2-mod-auth-mysql php5-mysql phpmyadmin

After that is installed our next task is to get PHP to work with MySQL. To do this we will need to open a file entitled php.ini. To open it type the following:

gksudo gedit /etc/php5/apache2/php.ini

Now we are going to have to uncomment the following line by taking out the semicolon (;).

Change this line:

;extension=mysql.so

To look like this:

extension=mysql.so

Now just restart Apache and you are all set!

sudo /etc/init.d/apache2 restart

The End

Quick note to anyone who encountered problems with setting up the MySQL password, please refer to this page: MysqlPasswordReset

I applaud everyone who has taken the time to read this guide. This guide is also my first ever so I would love to hear back from the public on what you guys think! Just don’t be too harsh. 😉

If you have questions about installing any part of LAMP just drop them in the comment box and I will do my best to help you out.

ftp limit the access

3.2.3. 特定使用者peter、john 不得变更目录
使用者的预设目录为/home/username,若是我们不希望使用者在ftp 时能够
切换到上一层目录/home,则可参考以下步骤。
Step1. 修改/etc/vsftpd/vsftpd.conf
将底下三行
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd.chroot_list
改为
chroot_list_enable=YES
# (default follows)
chroot_list_file=/etc/vsftpd/chroot_list
Step2. 新增一个档案: /etc/vsftpd/chroot_list
内容增加两行:
peter
john
Step3. 重新启动vsftpd
[root@home vsftpd]# /sbin/service vsftpd restart
Shutting down vsftpd: OK ]
Starting vsftpd for vsftpd: OK ]
若是peter 欲切换到根目录以外的目录,则会出现以下警告:
ftp> cd /home
550 Failed to change directory.

FTP added in linux

For this example, I am using Vsftpd, as it is the default FTP client distributed with RedHat, however these instructions should apply to most FTP server applications.

Create a FTP user group. eg: ftpaccounts
#/usr/sbin/groupadd ftpaccounts

Add a new user to this group, and set the default path of that user to /home/user/.
#/usr/sbin/adduser -g ftpaccounts -d /home/user/ testuser

Set a password for the newley created user.
#passwd testuser

Set ownership of /home/user to the testuser and ftpaccounts.
#chown testuser:ftpaccounts /home/user

Give Read/Write access to testuser and all members in ftpaccounts
#chmod 775 /home/user

Edit /etc/vsftpd/vsftpd.conf file and make sure ‘local_enable=YES’ is uncommented.

Restart the vsftpd service.
#/etc/init.d/vsftpd restart

To Install SSL and Intermediate Certificates
1. Copy your SSL certificate file and the certificate bundle file to your Apache server. You should already have a key file on the server from when you generated your certificate request.
2. Edit your Apache configuration to reference these files. The exact configuration file you will edit will depend on your version of Apache, your OS platform, and/or the method used to install Apache. In Apache 1.3, you will most likely edit the main httpd.conf file. In Apache 2.x, you will most likely edit the ssl.conf file.
3. Locate the following directives. If one or more of them are currently commented out, uncomment them by removing the ‘#’ character from the beginning of the line. Set the values of these directives to the absolute path and filename of the appropriate file:
◦ SSLCertificateFile /path/to/your/certificate/file
◦ SSLCertificateKeyFile /path/to/your/key/file
◦ SSLCertificateChainFile /path/to/intermediate/bundle/file
4. Save your configuration file and restart Apache.
To Restart Your Web Server

eg.

SSLEngine on
SSLCertificateFile /usr/local/directadmin/data/users/meetgain/meetgain.com.cert
SSLCertificateKeyFile /usr/local/directadmin/data/users/meetgain/domains/meetgain.com.key
SSLCertificateChainFile /usr/local/directadmin/data/users/meetgain/gd_bundle.crt

ServerName www.meetgain.com
ServerAlias www.meetgain.com meetgain.com
ServerAdmin webmaster@meetgain.com
DocumentRoot /home/meetgain/domains/meetgain.com/private_html
ScriptAlias /cgi-bin/ /home/meetgain/domains/meetgain.com/public_html/cgi-bin/

UseCanonicalName OFF

SuexecUserGroup meetgain meetgain
CustomLog /var/log/httpd/domains/meetgain.com.bytes bytes
CustomLog /var/log/httpd/domains/meetgain.com.log combined
ErrorLog /var/log/httpd/domains/meetgain.com.error.log


Options +Includes -Indexes

php_admin_flag engine ON

php_admin_flag safe_mode OFF

php_admin_value sendmail_path ‘/usr/sbin/sendmail -t -i -f meetgain@meetgain.com’

php_admin_value open_basedir /home/meetgain/:/tmp:/var/tmp:/usr/local/lib/php/

Linux CentOS 5.6 Installation Guide

Wow, it takes a whole day to prepare the CDs and install CentOS 5.6, here is a memory of how to do it,
– Making CDs
1) download the centOS from
http://isoredirect.centos.org/centos/5.6/isos/i386/
or
http://isoredirect.centos.org/centos/

download either 1/8 to 8/8 or whole one file

2) Make it to iso CD
– this is the most confused parts, finally figure it out,
use Simply Burns ( for Mac System) or you can try (Nero for Windows) to Burn it to ISO.
Select the files from download page, Open with Simply Burns, Burn it to ISO.

3) Use the First CD to start the server, use CD boot in server boot setup
4) 1-8 CD installation

Something need to write down
– Active httpd service
# service httpd start

– check httpd status
# service httpd status

– stop httpd service
# servide httpd stop

– NetCard setting
#ifconfig eth0 192.168.0.167 netmask 255.255.255.0 up
#ifconfig eth0:0 down
#ifconfig eth0:0 up
#/etc/sysconfig/network-scripts/ifcfg-eth0
#etc/resolv.conf
#etc/sysconfig/network

– Something config in ifcfg-eth0
DEVICE=eth0:0
BOOTPROTO=none
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PERDNS=yes
NETMASK=255.255.255.0
IPADDR=192.168.0.167
GATEWAY=192.168.0.1
ONPARENT=no
ONBOOT=yes

done

– YUM Installation
1) Install GNOME
#yum groupinstall “X Window System” “GNOME Desktop Environment”

2) Install Firefox
#yum list firefox
#yum install firefox_x86( as listed file name)

3) install chinese language package
#yum install “@Chinese Support”

Done

Or the good link for installation guide from site
http://www.howtoforge.com/installation-guide-centos5.1-desktop

linux配置文件共享服务器

前  言

  在我们使用 Windows 作为客户机的时候,通常有文件、打印共享的需求。作为Windows 网络功能之一,通常可以在 Windows 客户机之间通过 Windows Network 固有的功能实现这些要求。然而,通过 Samba 我们也可以让一台 CentOS 主机来兼容 Windows 网络,实现同样的功能,进而充分发挥 CentOS 主机的可用性。

  本篇文档主要介绍怎样通过 Samba 服务器的构建实现 Windows 网络中的文件共享。

安装 Samba

  首先,通过 yum 来在线安装 Samba 。

[root@sample ~]# yum -y install samba  ← 安装 Samba

Setting up Install Process
Setting up repositories
update 100% |=========================| 951 B 00:00
base 100% |=========================| 1.1 kB 00:00
addons 100% |=========================| 951 B 00:00
extras 100% |=========================| 1.1 kB 00:00
Reading repository metadata in from local files
primary.xml.gz 100% |=========================| 73 kB 00:00
update : ################################################## 212/212
Added 212 new packages, deleted 0 old in 4.94 seconds
primary.xml.gz 100% |=========================| 569 kB 00:00
base : ################################################## 1500/1500
Added 1500 new packages, deleted 0 old in 28.97 seconds
primary.xml.gz 100% |=========================| 157 B 00:00
Added 0 new packages, deleted 0 old in 0.03 seconds
primary.xml.gz 100% |=========================| 32 kB 00:00
extras : ################################################## 124/124
Added 124 new packages, deleted 0 old in 1.93 seconds
Parsing package install arguments
Resolving Dependencies
–> Populating transaction set with selected packages. Please wait.
—> Downloading header for samba to pack into transaction set.
samba-3.0.10-1.4E.9.i386. 100% |=========================| 101 kB 00:00
—> Package samba.i386 0:3.0.10-1.4E.9 set to be updated
–> Running transaction check
–> Processing Dependency: samba-common = 0:3.0.10 for package: samba
–> Restarting Dependency Resolution with new changes.
–> Populating transaction set with selected packages. Please wait.
—> Downloading header for samba-common to pack into transaction set.
samba-common-3.0.10-1.4E. 100% |=========================| 37 kB 00:00
—> Package samba-common.i386 0:3.0.10-1.4E.9 set to be updated
–> Running transaction check

Dependencies Resolved

=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
samba i386 3.0.10-1.4E.9 base 13 M
Installing for dependencies:
samba-common i386 3.0.10-1.4E.9 base 5.0 M

Transaction Summary
=============================================================================
Install 2 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 18 M
Downloading Packages:
(1/2): samba-common-3.0.1 100% |=========================| 5.0 MB 00:04
(2/2): samba-3.0.10-1.4E. 100% |=========================| 13 MB 00:11
warning: rpmts_HdrFromFdno: V3 DSA signature: NOKEY, key ID 443e1821
Public key for samba-common-3.0.10-1.4E.9.i386.rpm is not installed
Retrieving GPG key from http://mirror.centos.org/centos/RPM-GPG-KEY-centos4
Importing GPG key 0x443E1821 “CentOS-4 key
Key imported successfully
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: samba-common ######################### [1/2]
Installing: samba ######################### [2/2]
Installed: samba.i386 0:3.0.10-1.4E.9
Dependency Installed: samba-common.i386 0:3.0.10-1.4E.9
Complete!

配置 Samba

  然后,通过编辑 /etc/samba/smb.conf ,根据需求配置 Samba。在这里,本文的原则是只将文件共享应用于内网,并让将要被共享的目录拥有充分的读写权限属性。
[root@sample ~]# vi /etc/samba/smb.conf  ← 编辑 Samba 的配置文件

#======================= Global Settings =====================================
[global]   ← 找到这一行(全局设置标签),在此行下面添加如下行:

dos charset = GB2312  ← 将 Windows 客户端的文字编码设置为简体中文 GB2312
unix charset = GB2312  ← 指定 Samba 所在的 CentOS 服务端新建文件或目录时的编码为 GB2312
display charset = GB2312  ← 指定使用 SWAT(一种通过浏览器控制Samba的工具)时页面的默认文字编码
directory mask = 0777  ← 指定新建目录的属性(以下4行)
force directory mode = 0777
directory security mask = 0777
force directory security mode = 0777
create mask = 0777  ← 指定新建文件的属性(以下4行)
force create mode = 0777
security mask = 0777
force security mode = 0777

workgroup = MYGROUP  ← 找到此行,将工作组名称改为 Windows 网络所定义的工作组名
 ↓
workgroup = WORKGROUP  ← 变为此状态,这里以 Windows XP 默认的“WORKGROUP”为例

; hosts allow = 192.168.1. 192.168.2. 127.  ← 找到此行,去掉行首的“;”,并制定访问限制
 ↓
hosts allow = 192.168.0. 127.  ← 变为此状态,指定内网IP地址及本地,只允许这两种情况的访问

然后在配置文件的末尾填如下几行,定义公众共享目录:

[public]
comment = Public Stuff
path = /home/samba  ← 指定共享目录位置
public = yes
writable = yes  ← 赋予共享目录写入权限的属性

  接下来,创建将要通过 Samba 共享给 Windows 网络的专用目录。
[root@sample ~]# mkdir /home/samba  ← 建立共享文件专用目录

[root@sample ~]# chown -R nobody. /home/samba  ← 设置专用目录归属为 nobody

[root@sample ~]# chmod 777 /home/samba  ← 将专用目录属性设置为 777

  在进行到服务端的连接之前,需要预先对用于登录 Samba 的用户进行设置。这里我们以 CentOS 中 Samba 标准的 Samba 用户数据库管理工具“smbpasswd”为例,创建用于登录 Samba 的用户数据。这里需要注意的一点:用 smbpasswd 创建用户的前提是,系统用户中存在该用户 — 在基于系统用户之上,才可以创建该用户在 Samba 用户数据库中的信息。

[root@sample ~]# smbpasswd -a centospub  ← 将系统用户 centospub(例)加入到 Samba 用户数据库

New SMB password:  ← 输入该用户用于登录 Samba 的密码
Retype new SMB password:  ← 再次确认输入该密码
Added user centospub.

启动 Samba 服务

  在启动 Samba 服务之前,首先将防火墙设置中 Samba 所用到的端口进行开放。
[root@sample ~]# vi /etc/sysconfig/iptables  ← 编辑 iptables 配置文件

-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 25 -j ACCEPT  ← 找到此行,在下面添加如下行:
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 139 -j ACCEPT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 445 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp –dport 137 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp –dport 138 -j ACCEPT

[root@sample ~]# /etc/rc.d/init.d/iptables restart  ← 重新启动 iptables ,使新的规则生效
Flushing firewall rules:          [ OK ]
Setting chains to policy ACCEPT: filter   [ OK ]
Unloading iptables modules:       [ OK ]
Applying iptables firewall rules:      [ OK ]

  最后,启动 Samba 服务。
[root@sample ~]# chkconfig smb on  ← 设置 Samba 自启动

[root@sample ~]# chkconfig –list smb  ← 确认 Samba 启动标签,确认 2-5 为 on 的状态
smb 0:off 1:off 2:on 3:on 4:on 5:on 6:off

[root@sample ~]# /etc/rc.d/init.d/smb start  ← 启动 Samba 服务
Starting SMB services:       [ OK ]
Starting NMB services:       [ OK ]

从 Windows 客户端连接到 Samba 服务器

  在服务端启动 Samba 服务后,我们就可以从 Windows 客户端通过 Windows 网络连接到 Samba。这里以 Windows XP 为例,说明如下连接过程:

1、从桌面打开“网上邻居”,并点击“查看工作组计算机”选项;

2、确认出现 Samba 服务端的连接,并双击该连接;(本站文档的主机名以 Sample 为例)

3、输入在服务端预先设置好的 Samba 用户的用户名及密码;(用户名同系统用户名,密码需要输入在通过 smbpasswd 为该系统用户设置的 Samba 专用的密码。)

4、然后确认能够连接到 Samba 服务器,并出现根目录及 Samba 专用共享目录。

  最后,在相应目录进行新建、修改以及删除文件的操作,测试相应权限的可操作性