Installige Plesk operatsioonisüsteemi CentOS 7
Kas kasutate teistsugust süsteemi? Plesk on patenteeritud veebihosti juhtpaneel, mis võimaldab kasutajatel hallata oma isiklikke ja/või klientide veebisaite, andmebaase
Installige CentOS 7-sse H2O veebiserver
H2O on uue põlvkonna HTTP-server, millel on suurepärane, täisfunktsionaalne HTTP/2 rakendus kõigist praegu kasutatavatest veebiserveritest. Kui teie veebiserver on H2O, saate ära kasutada HTTP/2 spetsifikatsiooni uusi funktsioone, nagu latentsusaja optimeerimine, serveri tõukejõud ja serveripoolne prioritiseerimine, mis võivad ära kasutada kaasaegseid brauseri funktsioone, millest harva räägitakse.
Selles üksikasjalikus õpetuses näitan teile samm-sammult, kuidas H2O oma CentOS 7 x64 eksemplaris käivitada.
Eeltingimused
- CentOS 7 x64 serveri eksemplar.
- Sudo kasutaja.
- SSL-sertifikaat (valikuline)
1. samm: värskendage süsteemi
Logige sisse SSH kaudu oma eksemplari alt leitud mandaatidega ja värskendage süsteemi järgmiselt.
sudo yum install epel-release -y
sudo yum clean all && sudo yum update -y
2. samm: installige H2O
H2O installimiseks opsüsteemi CentOS 7 peate eelehitatud H2O binaarfailide installimiseks lisama Bintray RPM-i hoidla. Kasutage kohandatud repo loomiseks Nano redaktorit.
sudo nano /etc/yum.repos.d/bintray-h2o-rpm.repo
Kopeerige ja kleepige allolev tekst repofaili.
[bintray-h2o-rpm]
name=bintray-h2o-rpm
baseurl=https://dl.bintray.com/tatsushid/h2o-rpm/centos/$releasever/$basearch/
gpgcheck=0
repo_gpgcheck=0
enabled=1
Järgmisena installige H2O.
sudo yum install h2o -y
Nüüd, kui H2O on installitud, kuid enne teenuse lubamist ja käivitamist, on vajalik õige konfiguratsioon ja me peame looma konkreetse kasutaja ja rühma, mille all H2O töötab. Looge H2O jaoks rühm ja kasutaja nime all h2o.
sudo groupadd -g 101 h2o
sudo useradd -d /etc/h2o -g 101 -M -s /sbin/nologin -u 101 h2o
3. samm: H2O veebiserveri konfigureerimine
Järgmised sammud annavad näiteid erinevate unencrypted, encrypted, staticja dynamicserveri seadistuste seadistustest; samuti kõigi nelja kombinatsioon.
Redirect http://www.example.comEt http://example.com(Staatiline HTML lehekülgi, nr PHP) Configuration
Liikuge /etc/h2o/kataloogi.
cd /etc/h2o/
Nimetage vaikeseade h2o.confümber h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Looge uus h2o.conffail.
sudo nano h2o.conf
Kopeerige ja kleepige allolev tekst h2o.conffaili.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.html' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/example.com
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://example.com/"
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Lubage ja käivitage H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Looge ülalpool loetletud kataloogivaliku index.htmlmalli kasutades vaikeseade ./var/www/htmlfile.dir/var/www/example.com
sudo cp -var /var/www/html /var/www/example.com
Nüüd avage brauser ja sisestage oma eksemplari serveri domeeninimi ( example.comvõi www.example.com). Kas saate sõnumi Unable to connectvõi This site can’t be reachedsõnumi? CentOS-i tulemüüri vaikeseade ei luba sissetulevaid ühendusi http-porti. Selle avamiseks tehke järgmist.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Värskendage lehte oma brauseris ( F5) ja saate selle teate.
Welcome to H2O - an optimized HTTP server
It works!
Redirect http://example.comEt http://www.example.com(Staatiline HTML lehekülgi, nr PHP) Configuration
Liikuge /etc/h2o/kataloogi.
cd /etc/h2o/
Nimetage vaikeseade h2o.confümber h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Looge uus h2o.conffail.
sudo nano h2o.conf
Kopeerige ja kleepige h2o.conffaili järgmine tekst .
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.html' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://www.example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/www.example.com
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Lubage ja käivitage H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Looge ülaltoodud kataloogivalikusse index.htmlmalli kasutades vaikefail ./var/www/htmlfile.dir/var/www/www.example.com
sudo cp -var /var/www/html /var/www/www.example.com
Nüüd avage brauser ja sisestage oma eksemplari serveri domeeninimi ( example.comvõi www.example.com). Kas saate sõnumi Unable to connectvõi This site can’t be reachedsõnumi? CentOS-i tulemüüri vaikeseade ei luba sissetulevaid ühendusi http-porti. Selle avamiseks tehke järgmist.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Värskendage lehte oma brauseris ( F5) ja saate selle teate.
Welcome to H2O - an optimized HTTP server
It works!
Redirect http://www.example.comEt http://example.com(Dynamic Page, PHP-FPM 5.6.x) Configuration
Liikuge /etc/h2o/kataloogi.
cd /etc/h2o/
Nimetage vaikeseade h2o.confümber h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Looge uus h2o.conffail.
sudo nano h2o.conf
Kopeerige ja kleepige h2o.conffaili järgmine tekst .
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/example.com
redirect:
internal: YES
status: 307
url: /index.php
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://example.com/"
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-5.6.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
In order to process PHP, the PHP-FPM 5.6 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Install PHP version 5.6.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php56-php-fpm -y
Navigate to the /opt/remi/php56/root/etc/ directory.
cd /opt/remi/php56/root/etc/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the text below into the php-fpm.conf file.
include=/opt/remi/php56/root/etc/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-5.6-error.log
pid = /var/run/php-fpm-5.6.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the text below into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-5.6.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the text below into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/opt/remi/php56/root/var/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /opt/remi/php56/root/var/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /opt/remi/php56/root/var/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php56-php-fpm
sudo systemctl start php56-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/example.com.
sudo mkdir /var/www/example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://example.com To http://www.example.com (Dynamic Page, PHP-FPM 5.6.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://www.example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/www.example.com
redirect:
internal: YES
status: 307
url: /index.php
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-5.6.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
In order to process PHP, the PHP-FPM 5.6 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands to install PHP version 5.6.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php56-php-fpm -y
Navigate to the /opt/remi/php56/root/etc/ directory.
cd /opt/remi/php56/root/etc/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the text below into the php-fpm.conf file.
include=/opt/remi/php56/root/etc/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-5.6-error.log
pid = /var/run/php-fpm-5.6.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the following text into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-5.6.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the following text below into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/opt/remi/php56/root/var/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /opt/remi/php56/root/var/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /opt/remi/php56/root/var/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php56-php-fpm
sudo systemctl start php56-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/www.example.com.
sudo mkdir /var/www/www.example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/www.example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://www.example.com To http://example.com (Dynamic Page, PHP-FPM 7.1.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/example.com
redirect:
internal: YES
status: 307
url: /index.php
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://example.com/"
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-7.1.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
In order to process PHP, the PHP-FPM 7.1 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands below to install PHP version 7.1.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php71-php-fpm -y
Navigate to the /etc/opt/remi/php71/ directory.
cd /etc/opt/remi/php71/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the following text into the php-fpm.conf file.
include=/etc/opt/remi/php71/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-7.1-error.log
pid = /var/run/php-fpm-7.1.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the text below into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-7.1.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the text below into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/var/opt/remi/php71/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /var/opt/remi/php71/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /var/opt/remi/php71/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php71-php-fpm
sudo systemctl start php71-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/example.com.
sudo mkdir /var/www/example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://example.com To http://www.example.com (Dynamic Page, PHP-FPM 7.1.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://www.example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/www.example.com
redirect:
internal: YES
status: 307
url: /index.php
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-7.1.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
In order to process PHP, the PHP-FPM 7.1 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands below to install PHP version 7.1.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php71-php-fpm -y
Navigate to the /etc/opt/remi/php71/ directory.
cd /etc/opt/remi/php71/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the text below into the php-fpm.conf file.
include=/etc/opt/remi/php71/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-7.1-error.log
pid = /var/run/php-fpm-7.1.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the following text into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-7.1.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the following text into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/var/opt/remi/php71/lib/php/session"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /var/opt/remi/php71/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /var/opt/remi/php71/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php71-php-fpm
sudo systemctl start php71-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/example.com.
sudo mkdir /var/www/www.example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/www.example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://example.com, http://www.example.com, and https://www.example.com to https://example.com (Static HTML Pages, No PHP) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.html' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://example.com/"
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Create a custom directory to store the default SSL options for all websites that use SSL.
sudo mkdir conf.d
Create a new ssl.conf file.
sudo nano conf.d/ssl.conf
Copy and paste the following text into the ssl.conf file.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Make a directory to store the dhparam_2048.pem file that will be regenerated daily via a cronjob.
sudo mkdir /etc/ssl/h2o/
Create a new regenerate_dhparam file.
sudo nano /etc/cron.daily/regenerate_dhparam
Copy and paste the following text into the regenerate_dhparam file.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Make the bash file just created executable.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Execute the bash script for a first run as H2O won't start properly if it's not generated. This will take about a minute or two to generate on first run.
sudo /etc/cron.daily/regenerate_dhparam
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a default index.html using the template in /var/www/html to the directory option file.dir listed above in /var/www/example.com.
sudo cp -var /var/www/html /var/www/example.com
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get this message.
Welcome to H2O - an optimized HTTP server
It works!
Redirect http://example.com, http://www.example.com, and https://example.com to https://www.example.com (Static HTML Pages, No PHP) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.html' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://www.example.com/"
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/www.example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Create a custom directory to store the default SSL options for all websites that use SSL.
sudo mkdir conf.d
Create a new ssl.conf file.
sudo nano conf.d/ssl.conf
Copy and paste the following text into the ssl.conf file.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Make a directory to store the dhparam_2048.pem file that will be regenerated daily via a cronjob.
sudo mkdir /etc/ssl/h2o/
Create a new regenerate_dhparam file.
sudo nano /etc/cron.daily/regenerate_dhparam
Copy and paste the following text inside of the regenerate_dhparam file.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Make the bash file just created executable.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Execute the bash script for a first run as H2O won't start properly if it's not generated. This will take about a minute or two to generate on first run.
sudo /etc/cron.daily/regenerate_dhparam
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a default index.html using the template in /var/www/html to the directory option file.dir listed above in /var/www/www.example.com.
sudo cp -var /var/www/html /var/www/www.example.com
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get this message.
Welcome to H2O - an optimized HTTP server
It works!
Redirect http://example.com, http://www.example.com, and https://www.example.com to https://example.com (Dynamic Page, PHP-FPM 5.6.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
internal: YES
status: 307
url: /index.php
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://example.com/"
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-5.6.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Create a custom directory to store the default SSL options for all websites that use SSL.
sudo mkdir conf.d
Create a new ssl.conf file.
sudo nano conf.d/ssl.conf
Copy and paste the text below into the ssl.conf file.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Make a directory to store the dhparam_2048.pem file that will be regenerated daily via a cronjob.
sudo mkdir /etc/ssl/h2o/
Create a new regenerate_dhparam file.
sudo nano /etc/cron.daily/regenerate_dhparam
Copy and paste the following text inside of the regenerate_dhparam file.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Make the bash file just created executable.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Execute the bash script for a first run as H2O won't start properly if it's not generated. This will take about a minute or two to generate on first run.
sudo /etc/cron.daily/regenerate_dhparam
In order to process PHP, the PHP-FPM 5.6 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands to install PHP version 5.6.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php56-php-fpm -y
Navigate to the /opt/remi/php56/root/etc/ directory.
cd /opt/remi/php56/root/etc/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the following text into the php-fpm.conf file.
include=/opt/remi/php56/root/etc/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-5.6-error.log
pid = /var/run/php-fpm-5.6.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the text below into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-5.6.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the text below into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/opt/remi/php56/root/var/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /opt/remi/php56/root/var/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /opt/remi/php56/root/var/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php56-php-fpm
sudo systemctl start php56-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/example.com.
sudo mkdir /var/www/example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://example.com, http://www.example.com, and https://example.com to https://www.example.com (Dynamic Page, PHP-FPM 5.6.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://www.example.com/"
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/www.example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
internal: YES
status: 307
url: /index.php
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-5.6.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Create a custom directory to store the default SSL options for all websites that use SSL.
sudo mkdir conf.d
Create a new ssl.conf file.
sudo nano conf.d/ssl.conf
Copy and paste the text below into the ssl.conf file.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Make a directory to store the dhparam_2048.pem file that will be regenerated daily via a cronjob.
sudo mkdir /etc/ssl/h2o/
Create a new regenerate_dhparam file.
sudo nano /etc/cron.daily/regenerate_dhparam
Copy and paste the following text inside of the regenerate_dhparam file.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Make the bash file just created executable.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Execute the bash script for a first run as H2O won't start properly if it's not generated. This will take about a minute or two to generate on first run.
sudo /etc/cron.daily/regenerate_dhparam
In order to process PHP, the PHP-FPM 5.6 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands to install PHP version 5.6.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php56-php-fpm -y
Navigate to the /opt/remi/php56/root/etc/ directory.
cd /opt/remi/php56/root/etc/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the text below into the php-fpm.conf file.
include=/opt/remi/php56/root/etc/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-5.6-error.log
pid = /var/run/php-fpm-5.6.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the text below into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-5.6.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the following text into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/opt/remi/php56/root/var/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /opt/remi/php56/root/var/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /opt/remi/php56/root/var/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php56-php-fpm
sudo systemctl start php56-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/www.example.com.
sudo mkdir /var/www/www.example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/www.example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://example.com, http://www.example.com, and https://www.example.com to https://example.com (Dynamic Page, PHP-FPM 7.1.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
internal: YES
status: 307
url: /index.php
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://example.com/"
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-7.1.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Create a custom directory to store the default SSL options for all websites that use SSL.
sudo mkdir conf.d
Create a new ssl.conf file.
sudo nano conf.d/ssl.conf
Copy and paste the text below into the ssl.conf file.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Make a directory to store the dhparam_2048.pem file that will be regenerated daily via a cronjob.
sudo mkdir /etc/ssl/h2o/
Create a new regenerate_dhparam file.
sudo nano /etc/cron.daily/regenerate_dhparam
Copy and paste the following text inside of the regenerate_dhparam file.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Make the bash file just created executable.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Execute the bash script for a first run as H2O won't start properly if it's not generated. This will take about a minute or two to generate on first run.
sudo /etc/cron.daily/regenerate_dhparam
In order to process PHP, the PHP-FPM 7.1 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands below to install PHP version 7.1.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php71-php-fpm -y
Navigate to the /etc/opt/remi/php71/ directory.
cd /etc/opt/remi/php71/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the text below into the php-fpm.conf file.
include=/etc/opt/remi/php71/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-7.1-error.log
pid = /var/run/php-fpm-7.1.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the following text into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-7.1.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the following text below into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/var/opt/remi/php71/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /var/opt/remi/php71/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /var/opt/remi/php71/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php71-php-fpm
sudo systemctl start php71-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/example.com.
sudo mkdir /var/www/example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://example.com, http://www.example.com, and https://example.com to https://www.example.com (Dynamic Page, PHP-FPM 7.1.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://www.example.com/"
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/www.example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
internal: YES
status: 307
url: /index.php
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-7.1.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Create a custom directory to store the default SSL options for all websites that use SSL.
sudo mkdir conf.d
Create a new ssl.conf file.
sudo nano conf.d/ssl.conf
Copy and paste the text below into the ssl.conf file.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Make a directory to store the dhparam_2048.pem file that will be regenerated daily via a cronjob.
sudo mkdir /etc/ssl/h2o/
Create a new regenerate_dhparam file.
sudo nano /etc/cron.daily/regenerate_dhparam
Copy and paste the following text inside of the regenerate_dhparam file.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Make the bash file just created executable.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Execute the bash script for a first run as H2O won't start properly if it's not generated. This will take about a minute or two to generate on first run.
sudo /etc/cron.daily/regenerate_dhparam
PHP töötlemiseks peab olema installitud ja konfigureeritud PHP-FPM 7.1 deemon. PHP-FPM-i vaikeversioonist 5.4.x uuema versiooni installimiseks tuleb installida REMI repo, mis sisaldab PHP versioone 5.6.x, 7.0.x ja 7.1.x. PHP versiooni 7.1.x installimiseks tippige järgmised käsud.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php71-php-fpm -y
Liikuge /etc/opt/remi/php71/kataloogi.
cd /etc/opt/remi/php71/
Nimetage vaikeseade php-fpm.confümber php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Looge uus php-fpm.conffail.
sudo nano php-fpm.conf
Kopeerige ja kleepige php-fpm.conffaili järgmine tekst .
include=/etc/opt/remi/php71/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-7.1-error.log
pid = /var/run/php-fpm-7.1.pid
process_control_timeout = 10s
Nimeta vaikimisi www.conffaili php-fpm.dkataloog.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Looge uus www.conffail.
sudo nano php-fpm.d/www.conf
Kopeerige ja kleepige allolev tekst www.conffaili. Muutke pm.max\_childrenoma VPS-i eksemplarile vastavaks CPU-de arvuga.
[www]
group = h2o
listen = /var/run/php-fpm-7.1.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Nimetage vaikefail ümber php.ini.
sudo mv php.ini php.ini.original
Looge uus php.inifail.
sudo nano php.ini
Kopeerige ja kleepige allolev tekst uude php.ini file. Muutke memory\_limit, post\_max\_size, upload\_max\_filesizeja date.timezonevastavalt oma VPS näiteks.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/var/opt/remi/php71/lib/php/session"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Muutke /var/opt/remi/php71/lib/php/session/kataloogi rühma omandiõigust apacherühmalt h2orühmale.
sudo chown root.h2o /var/opt/remi/php71/lib/php/session/
Looge kataloog, kus asuvad PHP-FPM-i serveri logid.
sudo mkdir /var/log/php-fpm/
Lubage ja käivitage PHP-FPM-server.
sudo systemctl enable php71-php-fpm
sudo systemctl start php71-php-fpm
Lubage ja käivitage H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Looge kataloog, kus vaikeseade index.phpasub file.dirülaltoodud kataloogivalikuga loendis /var/www/example.com.
sudo mkdir /var/www/www.example.com
Loo vaikimisi index.phpkasutab phpinfotestimiseks käsku PHP.
sudo nano /var/www/www.example.com/index.php
Kopeerige ja kleepige allolev tekst uude index.phpfaili.
<?php
phpinfo();
?>
Nüüd avage brauser ja sisestage oma eksemplari serveri domeeninimi ( example.comvõi www.example.com). Kas saate sõnumi Unable to connectvõi This site can’t be reachedsõnumi? CentOS-i tulemüüri vaikeseade ei luba sissetulevaid ühendusi http-porti. Selle avamiseks tehke järgmist.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Värskendage lehte oma brauseris ( F5) ja saate tavalise PHP teabelehe.
See lõpetab minu õpetuse. Täname lugemise eest.
Kuidas installida CentOS-i Squid Proxy
Squid on populaarne tasuta Linuxi programm, mis võimaldab teil luua edastamise veebipuhverserveri. Selles juhendis näete, kuidas installida Squid CentOS-i, et teid pöörata
Lighttpd (LLMP Stack) installimine CentOS 6-sse
Sissejuhatus Lighttpd on Apache'i hark, mille eesmärk on olla palju vähem ressursimahukas. See on kerge, sellest ka oma nimi, ja seda on üsna lihtne kasutada. Installin
Staatilise võrgu ja IPv6 konfigureerimine CentOS 7-s
VULTR on hiljuti teinud nende osas muudatusi ja kõik peaks nüüd töötama hästi, kui NetworkManager on lubatud. Kui soovite keelata
Icinga2 muutmine, et kasutada CentOS 6 või CentOS 7 põhi-/kliendimudelit
Icinga2 on võimas seiresüsteem ja kui seda kasutatakse põhikliendi mudelis, võib see asendada vajaduse NRPE-põhiste seirekontrollide järele. Meister-klient
Apache Cassandra 3.11.x installimine opsüsteemi CentOS 7
Kas kasutate teistsugust süsteemi? Apache Cassandra on tasuta ja avatud lähtekoodiga NoSQL-i andmebaasihaldussüsteem, mis on loodud pakkuma skaleeritavust, hig.
Kuidas installida Microweber operatsioonisüsteemi CentOS 7
Kas kasutate teistsugust süsteemi? Microweber on avatud lähtekoodiga pukseeritav CMS-i ja veebipood. Microweberi lähtekoodi majutatakse GitHubis. See juhend näitab teile
Mattermost 4.1 installimine CentOS 7-sse
Kas kasutate teistsugust süsteemi? Mattermost on avatud lähtekoodiga isehostitav alternatiiv Slack SAAS-i sõnumsideteenusele. Teisisõnu, Mattermostiga saate ca
Minecrafti serverite võrgu loomine BungeeCordi abil opsüsteemides Debian 8, Debian 9 või CentOS 7
Mida vajate Vultr VPS-i, millel on vähemalt 1 GB muutmälu. SSH-juurdepääs (juur-/administraatoriõigustega). 1. samm: BungeeCordi installimine Kõigepealt
Võimaldab Pleskis krüptida
Pleski juhtpaneelil on Lets Encrypti jaoks väga kena integratsioon. Lets Encrypt on üks ainsatest SSL-i pakkujatest, kes väljastab sertifikaate täielikult
Võimaldab krüptida cPanelil
Lets Encrypt on sertifitseerimisasutus, mis on pühendunud SSL-sertifikaatide tasuta pakkumisele. cPanel on teie ja teie kliendi jaoks loonud korraliku integratsiooni
Kuidas installida Concrete5 süsteemi CentOS 7
Kas kasutate teistsugust süsteemi? Concrete5 on avatud lähtekoodiga CMS, mis pakub palju eristatavaid ja kasulikke funktsioone, mis aitavad toimetajatel sisu hõlpsalt luua.
Kuidas installida CentOS 7 arvustuspaneeli
Kas kasutate teistsugust süsteemi? Review Board on tasuta avatud lähtekoodiga tööriist lähtekoodi, dokumentatsiooni, piltide ja palju muu ülevaatamiseks. See on veebipõhine tarkvara
Setup HTTP Authentication With Nginx on CentOS 7
In this guide, you will learn how to setup HTTP authentication for an Nginx web server running on CentOS 7. Requirements To get started, youll need th
Kuidas installida YOURLS süsteemi CentOS 7
YOURLS (Your Own URL Shortener) on avatud lähtekoodiga URL-i lühendamise ja andmeanalüüsi rakendus. Selles artiklis käsitleme installimisprotsessi
Kuidas installida ja konfigureerida ArangoDB CentOS 7-s
Kas kasutate teistsugust süsteemi? Sissejuhatus ArangoDB on avatud lähtekoodiga NoSQL-i andmebaas, millel on paindlik andmemudel dokumentide, graafikute ja võtmeväärtuste jaoks. see on
Etckeeperi kasutamine faili / etc versioonikontrolliks
Sissejuhatus Kataloog /etc/ mängib Linuxi süsteemi toimimises kriitilist rolli. Selle põhjuseks on peaaegu iga süsteemi konfiguratsioon
Miks peaksite kasutama SSHFS-i? Kuidas ühendada CentOS 6-ga kaugfailisüsteem SSHFS-iga
Paljud süsteemiadministraatorid haldavad suuri servereid. Kui failidele on vaja juurde pääseda erinevatest serveritest, logige igasse eraldi sisse ca
Half Life 2 serveri seadistamine opsüsteemis CentOS 6
See õpetus hõlmab Half Life 2 mänguserveri installimist süsteemi CentOS 6 System. 1. samm: eeltingimuste installimine Ou seadistamiseks
Kuidas installida Laravel GitScrum süsteemi CentOS 7
Laravel GitScrum ehk GitScrum on avatud lähtekoodiga produktiivsuse tööriist, mis on loodud selleks, et aidata arendusmeeskondadel rakendada Scrumi metoodikat sarnasel viisil.
Masinate tõus: AI tegelikud rakendused
Tehisintellekt ei ole tulevik, see on siin, olevikus. Sellest blogist loe, kuidas tehisintellekti rakendused on mõjutanud erinevaid sektoreid.
DDOS-i rünnakud: lühike ülevaade
Kas olete ka DDOS-i rünnakute ohver ja olete segaduses ennetusmeetodite osas? Oma päringute lahendamiseks lugege seda artiklit.
Kas olete kunagi mõelnud, kuidas häkkerid raha teenivad?
Võib-olla olete kuulnud, et häkkerid teenivad palju raha, kuid kas olete kunagi mõelnud, kuidas nad sellist raha teenivad? arutleme.
Googlei revolutsioonilised leiutised, mis muudavad teie elu lihtsaks.
Kas soovite näha Google'i revolutsioonilisi leiutisi ja seda, kuidas need leiutised muutsid iga inimese elu tänapäeval? Seejärel lugege ajaveebi, et näha Google'i leiutisi.
Reede oluline osa: mis juhtus tehisintellektiga juhitavate autodega?
Isejuhtivate autode kontseptsioon tehisintellekti abil teedele jõudmiseks on meil juba mõnda aega unistus. Kuid vaatamata mitmele lubadusele pole neid kusagil näha. Lisateabe saamiseks lugege seda ajaveebi…
Tehnoloogiline singulaarsus: inimtsivilisatsiooni kauge tulevik?
Kuna teadus areneb kiiresti, võttes üle suure osa meie jõupingutustest, suureneb ka oht, et allume seletamatule singulaarsusele. Loe, mida singulaarsus meie jaoks tähendada võiks.
Andmesalvestuse areng – infograafik
Andmete säilitamise meetodid on arenenud alates andmete sünnist. See ajaveeb käsitleb infograafiku alusel andmete salvestamise arengut.
Suurandmete viitearhitektuuri kihtide funktsioonid
Lugege ajaveebi, et kõige lihtsamal viisil teada saada Big Data Architecture'i erinevaid kihte ja nende funktsioone.
6 hämmastavat eelist nutikate koduseadmete olemasolust meie elus
Selles digipõhises maailmas on nutikad koduseadmed muutunud elu oluliseks osaks. Siin on mõned nutikate koduseadmete hämmastavad eelised, mis muudavad meie elu elamisväärseks ja lihtsamaks.
macOS Catalina 10.15.4 täienduse värskendus põhjustab rohkem probleeme kui lahendamine
Hiljuti andis Apple välja macOS Catalina 10.15.4 täiendusvärskenduse probleemide lahendamiseks, kuid tundub, et värskendus põhjustab rohkem probleeme, mille tulemuseks on Maci masinate tellimine. Lisateabe saamiseks lugege seda artiklit
