Forskelle

Dette viser forskellene mellem den valgte og den nuværende udgave af dokumentet. Gul er linjer der findes i den gamle udgave, og grøn er linjer der findes i den nuværende.

Link til denne sammenlinings vising

--- webserver_with_apache_php [2021/01/12 19:01]
noer oprettet
+++ webserver_with_apache_php [2021/01/12 22:47] (nuværende)
noer
@@ Linje 1: / Linje 1: @@
+=== Apache & PHP ===
+Add Ondrej repos for Apache & PHP
+<code>
+add-apt-repository ppa:ondrej/apache2
+add-apt-repository ppa:ondrej/php
+</code>
+Install Apache & PHP
 <code>
-apt install apache2 php7.4-cli php7.4-curl php7.4-gd php7.4-intl php7.4-mbstring php7.4-opcache php7.4-soap php7.4-xmlrpc php7.4-common php7.4-fpm php7.4-imap php7.4-json php7.4-mysql php7.4-readline php7.4-xml php7.4-zip
+apt install apache2 libapache2-mod-fcgid php7.4-cli php7.4-curl php7.4-gd php7.4-intl php7.4-mbstring php7.4-opcache php7.4-soap php7.4-xmlrpc php7.4-common php7.4-fpm php7.4-imap php7.4-json php7.4-mysql php7.4-readline php7.4-xml php7.4-zip
 </code>
+Enable some modules
+<code>
+a2enmod proxy_fcgi setenvif rewrite md headers http2 ssl
+</code>
+=== IonCube ===
+Download & install IonCube https://www.ioncube.com/loaders.php
+<code>
+wget https://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz
+tar -C /usr/local -xf ioncube_loaders_lin_x86-64.tar.gz
+</code>
+Create file ''/etc/php/7.4/mods-available/ioncube.ini'' with content:
+<code>
+zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.4.so
+</code>
+Create links to this file
+<code>
+ln -s /etc/php/7.4/mods-available/ioncube.ini /etc/php/7.4/fpm/conf.d/00-ioncube.ini
+ln -s /etc/php/7.4/mods-available/ioncube.ini /etc/php/7.4/cli/conf.d/00-ioncube.ini
+</code>
+=== PHP Configuration ===
+Create web home directory with ''tmp'', ''logs'' and ''html''
+Create file ''/etc/php/7.4/fpm/pool.d/hostinggl.conf''
+<code>
+[user_hostinggl]
+listen = "/run/php/hostinggl.sock"
+listen.owner = "www-data"
+listen.group = "hostinggl"
+listen.mode = 0660
+user = "hostinggl"
+group = "hostinggl"
+pm = ondemand
+pm.max_children = 25
+pm.process_idle_timeout = 15
+slowlog = "/home/hostinggl/logs/php-fpm.slow.log"
+php_admin_value[error_log] = "/home/hostinggl/logs/php.error.log"
+php_admin_flag[log_errors] = on
+php_admin_value[sys_temp_dir] = "/home/hostinggl/tmp"
+php_admin_value[upload_tmp_dir] = "/home/hostinggl/tmp"
+php_admin_value[max_input_vars] = 10000
+php_value[session.save_handler] = files
+php_value[session.save_path] = "/home/hostinggl/tmp"
+env[TMPDIR] = "/home/hostinggl/tmp"
+catch_workers_output = yes
+</code>
+=== Apache Configuration ===
+Add these 2 lines to ''/etc/apache2/mods-enabled/ssl.conf''
+<code>
+# Set the location of the SSL OCSP Stapling Cache
+ SSLStaplingCache shmcb:/tmp/stapling_cache(128000)
+</code>
+Add ''/etc/apache2/options-ssl-apache.conf'' with content:
+<code>
+# Baseline setting to Include for SSL sites
+SSLEngine on
+# Intermediate configuration, tweak to your needs
+SSLProtocol             all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
+SSLCipherSuite          ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
+SSLHonorCipherOrder     on
+SSLCompression          off
+SSLOptions +StrictRequire
+# Add vhost name to log entries:
+#LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" vhost_combined
+#LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common
+#CustomLog /var/log/apache2/access.log vhost_combined
+#LogLevel warn
+#ErrorLog /var/log/apache2/error.log
+# Always ensure Cookies have "Secure" set (JAH 2012/1)
+#Header edit Set-Cookie (?i)^(.*)(;\s*secure)??((\s*;)?(.*)) "$1; Secure$3$4"
+# HSTS
+Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
+Header always set X-Frame-Options DENY
+# OCSP
+SSLUseStapling on
+SSLStaplingResponseMaxAge 1800
+SSLStaplingResponderTimeout 5
+SSLStaplingReturnResponderErrors off
+</code>
+<code>
+</code>
+Example of config file for a host
+<code>
+<VirtualHost *:80>
+  ServerName hosting.gl
+  ServerAlias www.hosting.gl
+  DocumentRoot /srv/vhost/hosting.gl/html
+  ServerAdmin webmaster@hosting.gl
+  UseCanonicalName On
+  CustomLog /var/log/apache2/hosting.gl.log combined
+  <Directory /srv/vhost/hosting.gl/>
+    Options FollowSymLinks
+    AllowOverride All
+    Require all granted
+  </Directory>
+  <IfModule proxy_fcgi_module>
+    <FilesMatch \.(phtml|php[0-9]*)$>
+      SetHandler proxy:unix:/run/php/hostinggl.sock|fcgi://hosting.gl
+    </FilesMatch>
+  </IfModule>
+</VirtualHost>
+MDomain hosting.gl
+<VirtualHost *:443>
+  ServerName hosting.gl
+  ServerAlias www.hosting.gl
+  DocumentRoot /srv/vhost/hosting.gl/html
+  ServerAdmin webmaster@hosting.gl
+  UseCanonicalName On
+  CustomLog /var/log/apache2/hosting.gl-ssl.log combined
+  <Directory /srv/vhost/hosting.gl/>
+    Options FollowSymLinks
+    AllowOverride All
+    Require all granted
+  </Directory>
+  <IfModule mod_ssl.c>
+    Include /etc/apache2/options-ssl-apache.conf
+  </IfModule>
+  <IfModule proxy_fcgi_module>
+    <FilesMatch \.(phtml|php[0-9]*)$>
+      SetHandler proxy:unix:/run/php/hostinggl.sock|fcgi://hosting.gl
+    </FilesMatch>
+  </IfModule>
+  <IfModule headers_module>
+    RequestHeader set X-HTTPS 1
+  </IfModule>
+</VirtualHost>
+</code>
+<code>
+</code>

Noer IT

Brugerværktøjer

Webstedsværktøjer

Forskelle

Sideværktøjer