摘要:我的 CentOS 7 服务器安装了 PHP 7.4 fpm,但并未执行 PHP 文件,而是向客户端提供了原始 PHP 文件。在下一节中,我将解释环境。
我已经在虚拟机中设置了一个最小的 CentOS。
该服务器没有apt,没有 GUI,没有虚拟盒客户附加功能(请不要指望我复制粘贴文本而不是屏幕截图)并且没有任何花哨的功能。
我对从哪个 URL 下载软件包也非常严格。这就是为什么我从不通过
yum install <xxx>
相反,我使用这种方式来安装任何包
rpm -Uhv --reinstall <http://.... .rpm>
安装最小 CentOS 7 后,
httpd24u-2.4.54从 IUS 存储库安装 Apache :
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/a/apr15u-1.5.2-2.ius.el7.x86_64.rpm
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/a/apr15u-util-1.5.4-3.ius.el7.x86_64.rpm
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/h/httpd24u-filesystem-2.4.54-2.el7.ius.noarch.rpm
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/h/httpd24u-tools-2.4.54-2.el7.ius.x86_64.rpm
rpm -Uvh --reinstall https://download-ib01.fedoraproject.org/pub/epel/7/x86_64/Packages/l/libnghttp2-1.33.0-1.1.el7.x86_64.rpm
rpm -Uvh --reinstall https://download-ib01.fedoraproject.org/pub/epel/7/x86_64/Packages/b/brotli-1.0.7-5.el7.x86_64.rpm
rpm -Uvh --reinstall http://mirror.centos.org/centos/7/os/x86_64/Packages/mailcap-2.1.41-2.el7.noarch.rpm
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/h/httpd24u-2.4.54-2.el7.ius.x86_64.rpm
然后,安装 Apache 模块,
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/a/apr15u-util-ldap-1.5.4-3.ius.el7.x86_64.rpm
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/h/httpd24u-mod_ldap-2.4.54-2.el7.ius.x86_64.rpm
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/h/httpd24u-mod_ssl-2.4.54-2.el7.ius.x86_64.rpm
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/h/httpd24u-mod_session-2.4.54-2.el7.ius.x86_64.rpm
然后,安装 PHP 7.4 fpm:
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/p/php74-common-7.4.30-1.el7.ius.x86_64.rpm
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/p/php74-fpm-7.4.30-1.el7.ius.x86_64.rpm
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/p/php74-fpm-httpd-7.4.30-1.el7.ius.noarch.rpm
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/m/mod_php74-7.4.30-1.el7.ius.x86_64.rpm
然后安装PHP模块:
rpm -Uvh --reinstall http://mirror.centos.org/centos/7/os/x86_64/Packages/libxslt-1.1.28-6.el7.x86_64.rpm
rpm -Uvh --reinstall http://mirror.centos.org/centos/7/updates/x86_64/Packages/libxml2-2.9.1-6.el7_9.6.x86_64.rpm
rpm -Uvh --reinstall http://mirror.centos.org/centos/7/updates/x86_64/Packages/net-snmp-5.7.2-49.el7_9.2.x86_64.rpm
rpm -Uvh --reinstall http://mirror.centos.org/centos/7/updates/x86_64/Packages/net-snmp-libs-5.7.2-49.el7_9.2.x86_64.rpm
rpm -Uvh --reinstall http://www6.atomicorp.com/channels/atomic/centos/7/x86_64/RPMS/oniguruma-6.8.2-1.el7.x86_64.rpm
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/p/php74-ldap-7.4.30-1.el7.ius.x86_64.rpm
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/p/php74-mbstring-7.4.30-1.el7.ius.x86_64.rpm
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/p/php74-mysqlnd-7.4.30-1.el7.ius.x86_64.rpm
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/p/php74-pdo-7.4.30-1.el7.ius.x86_64.rpm
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/p/php74-snmp-7.4.30-1.el7.ius.x86_64.rpm
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/p/php74-soap-7.4.30-1.el7.ius.x86_64.rpm
rpm -Uvh --reinstall https://repo.ius.io/7/x86_64/packages/p/php74-xml-7.4.30-1.el7.ius.x86_64.rpm
rpm -Uvh --reinstall http://mirror.centos.org/centos/7/os/x86_64/Packages/perl-Data-Dumper-2.145-3.el7.x86_64.rpm
rpm -Uvh --reinstall http://mirror.centos.org/centos/7/updates/x86_64/Packages/net-snmp-agent-libs-5.7.2-49.el7_9.2.x86_64.rpm
rpm -Uvh --reinstall http://mirror.centos.org/centos/7/os/x86_64/Packages/lm_sensors-libs-3.4.0-8.20160601gitf9185e5.el7.x86_64.rpm # required by Net-snmp
我安装了 Perl 和 Mysql8 以及 Unix lsof 命令。我也可以提供它们的详细信息,但它们与这个问题无关。
允许 http 和 https 通过防火墙:
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
firewall-cmd --reload
在里面/etc/httpd/conf/httpd.conf,
这些模块包括
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbd_module modules/mod_authn_dbd.so
LoadModule authn_socache_module modules/mod_authn_socache.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_dbd_module modules/mod_authz_dbd.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_form_module modules/mod_auth_form.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule allowmethods_module modules/mod_allowmethods.so
#LoadModule file_cache_module modules/mod_file_cache.so
LoadModule cache_module modules/mod_cache.so
LoadModule cache_disk_module modules/mod_cache_disk.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule socache_dbm_module modules/mod_socache_dbm.so
LoadModule socache_memcache_module modules/mod_socache_memcache.so
LoadModule dbd_module modules/mod_dbd.so
#LoadModule bucketeer_module modules/mod_bucketeer.so
LoadModule dumpio_module modules/mod_dumpio.so
LoadModule echo_module modules/mod_echo.so
#LoadModule case_filter_module modules/mod_case_filter.so
#LoadModule case_filter_in_module modules/mod_case_filter_in.so
LoadModule buffer_module modules/mod_buffer.so
LoadModule ratelimit_module modules/mod_ratelimit.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule request_module modules/mod_request.so
LoadModule include_module modules/mod_include.so
LoadModule filter_module modules/mod_filter.so
LoadModule substitute_module modules/mod_substitute.so
LoadModule sed_module modules/mod_sed.so
LoadModule charset_lite_module modules/mod_charset_lite.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule mime_module modules/mod_mime.so
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule log_debug_module modules/mod_log_debug.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule mime_magic_module modules/mod_mime_magic.so
#LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule remoteip_module modules/mod_remoteip.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_express_module modules/mod_proxy_express.so
LoadModule session_module modules/mod_session.so
LoadModule session_cookie_module modules/mod_session_cookie.so
LoadModule session_dbd_module modules/mod_session_dbd.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
#LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
LoadModule unixd_module modules/mod_unixd.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule info_module modules/mod_info.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule cgid_module modules/mod_cgid.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule systemd_module modules/mod_systemd.so
LoadModule php7_module modules/libphp7.so
其他相关部分:
Listen 80
<IfModule php7_module>
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
</IfModule>
<IfModule unixd_module>
User nobody
Group nobody
</IfModule>
<Directory />
AllowOverride none
Require all denied
</Directory>
DocumentRoot "/my/webpages"
<Directory "/my/webpages">
Options Indexes FollowSymLinks ExecCGI Includes
AllowOverride All
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.html index.html.var index.php index.php3 index.php4
</IfModule>
<Files ".ht*">
Require all denied
</Files>
<IfModule mime_module>
TypesConfig /etc/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddHandler cgi-script .cgi .pl
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
Include /etc/httpd/extra/httpd-vhosts.conf
<IfModule ssl_module>
Listen 443
<IfDefine SSL>
Include /etc/httpd/extra/httpd-ssl.conf
</IfDefine>
</IfModule>
<IfModule ssl_module>
Include /etc/httpd/extra/httpd-ssl.conf
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
TraceEnable Off
ServerTokens Prod
ServerSignature Off
<IfModule mod_headers.c>
Header unset X-Powered-By
</IfModule>
和 /etc/httpd/extra/httpd-ssl.conf:
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:/run/httpd/sslcache(512000)"
SSLSessionCacheTimeout 300
<VirtualHost _default_:443>
DocumentRot "/my/webpages"
ServerName localhost:443
ServerAdmin [email protected]
ErrorLog "logs/ssl_error_log"
TransferLog "logs/access_log"
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "/etc/httpd/conf/ssl/my.crt"
SSLCertificateKeyFile "/etc/httpd/conf/ssl/my.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<FilesMatch "\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
重新启动服务:
systemctl restart httpd
systemctl restart php-fpm
反馈
systemctl status httpd
systemctl status php-fpm
都显示为active (running)。
我还解决了加载时出现禁止 404 错误的问题
https://192.168.1.133/install.php
通过以下命令:
chcon --user system_u --type httpd_sys_content_t -Rv /my/webpages/
注意:我不确定php和php-cli和之间有什么关系。我只找到了来自 IUS 和 PHP 7.4 的php-fpm相关软件包。php-fpm
现在,加载
https://192.168.1.133/install.php
给我原始的 PHP。我无法用 http 测试它。请不要问。
额外的信息:
php-fpm -v
PHP 7.4.30 ....
httpd -v
.... Apache/2.4.54 (IUS)
...
ls /etc/init.d
functions jexec lampp netconsole network README
httpd -M | grep php
php7_module (shared)