Masinate tõus: AI tegelikud rakendused
Tehisintellekt ei ole tulevik, see on siin, olevikus. Sellest blogist loe, kuidas tehisintellekti rakendused on mõjutanud erinevaid sektoreid.
Installige CentOS 7-sse H2O veebiserver
H2O on uue põlvkonna HTTP-server, millel on suurepärane, täisfunktsionaalne HTTP/2 rakendus kõigist praegu kasutatavatest veebiserveritest. Kui teie veebiserver on H2O, saate ära kasutada HTTP/2 spetsifikatsiooni uusi funktsioone, nagu latentsusaja optimeerimine, serveri tõukejõud ja serveripoolne prioritiseerimine, mis võivad ära kasutada kaasaegseid brauseri funktsioone, millest harva räägitakse.
Selles üksikasjalikus õpetuses näitan teile samm-sammult, kuidas H2O oma CentOS 7 x64 eksemplaris käivitada.
Eeltingimused
- CentOS 7 x64 serveri eksemplar.
- Sudo kasutaja.
- SSL-sertifikaat (valikuline)
1. samm: värskendage süsteemi
Logige sisse SSH kaudu oma eksemplari alt leitud mandaatidega ja värskendage süsteemi järgmiselt.
sudo yum install epel-release -y
sudo yum clean all && sudo yum update -y
2. samm: installige H2O
H2O installimiseks opsüsteemi CentOS 7 peate eelehitatud H2O binaarfailide installimiseks lisama Bintray RPM-i hoidla. Kasutage kohandatud repo loomiseks Nano redaktorit.
sudo nano /etc/yum.repos.d/bintray-h2o-rpm.repo
Kopeerige ja kleepige allolev tekst repofaili.
[bintray-h2o-rpm]
name=bintray-h2o-rpm
baseurl=https://dl.bintray.com/tatsushid/h2o-rpm/centos/$releasever/$basearch/
gpgcheck=0
repo_gpgcheck=0
enabled=1
Järgmisena installige H2O.
sudo yum install h2o -y
Nüüd, kui H2O on installitud, kuid enne teenuse lubamist ja käivitamist, on vajalik õige konfiguratsioon ja me peame looma konkreetse kasutaja ja rühma, mille all H2O töötab. Looge H2O jaoks rühm ja kasutaja nime all h2o.
sudo groupadd -g 101 h2o
sudo useradd -d /etc/h2o -g 101 -M -s /sbin/nologin -u 101 h2o
3. samm: H2O veebiserveri konfigureerimine
Järgmised sammud annavad näiteid erinevate unencrypted, encrypted, staticja dynamicserveri seadistuste seadistustest; samuti kõigi nelja kombinatsioon.
Redirect http://www.example.comEt http://example.com(Staatiline HTML lehekülgi, nr PHP) Configuration
Liikuge /etc/h2o/kataloogi.
cd /etc/h2o/
Nimetage vaikeseade h2o.confümber h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Looge uus h2o.conffail.
sudo nano h2o.conf
Kopeerige ja kleepige allolev tekst h2o.conffaili.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.html' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/example.com
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://example.com/"
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Lubage ja käivitage H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Looge ülalpool loetletud kataloogivaliku index.htmlmalli kasutades vaikeseade ./var/www/htmlfile.dir/var/www/example.com
sudo cp -var /var/www/html /var/www/example.com
Nüüd avage brauser ja sisestage oma eksemplari serveri domeeninimi ( example.comvõi www.example.com). Kas saate sõnumi Unable to connectvõi This site can’t be reachedsõnumi? CentOS-i tulemüüri vaikeseade ei luba sissetulevaid ühendusi http-porti. Selle avamiseks tehke järgmist.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Värskendage lehte oma brauseris ( F5) ja saate selle teate.
Welcome to H2O - an optimized HTTP server
It works!
Redirect http://example.comEt http://www.example.com(Staatiline HTML lehekülgi, nr PHP) Configuration
Liikuge /etc/h2o/kataloogi.
cd /etc/h2o/
Nimetage vaikeseade h2o.confümber h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Looge uus h2o.conffail.
sudo nano h2o.conf
Kopeerige ja kleepige h2o.conffaili järgmine tekst .
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.html' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://www.example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/www.example.com
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Lubage ja käivitage H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Looge ülaltoodud kataloogivalikusse index.htmlmalli kasutades vaikefail ./var/www/htmlfile.dir/var/www/www.example.com
sudo cp -var /var/www/html /var/www/www.example.com
Nüüd avage brauser ja sisestage oma eksemplari serveri domeeninimi ( example.comvõi www.example.com). Kas saate sõnumi Unable to connectvõi This site can’t be reachedsõnumi? CentOS-i tulemüüri vaikeseade ei luba sissetulevaid ühendusi http-porti. Selle avamiseks tehke järgmist.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Värskendage lehte oma brauseris ( F5) ja saate selle teate.
Welcome to H2O - an optimized HTTP server
It works!
Redirect http://www.example.comEt http://example.com(Dynamic Page, PHP-FPM 5.6.x) Configuration
Liikuge /etc/h2o/kataloogi.
cd /etc/h2o/
Nimetage vaikeseade h2o.confümber h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Looge uus h2o.conffail.
sudo nano h2o.conf
Kopeerige ja kleepige h2o.conffaili järgmine tekst .
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/example.com
redirect:
internal: YES
status: 307
url: /index.php
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://example.com/"
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-5.6.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
In order to process PHP, the PHP-FPM 5.6 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Install PHP version 5.6.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php56-php-fpm -y
Navigate to the /opt/remi/php56/root/etc/ directory.
cd /opt/remi/php56/root/etc/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the text below into the php-fpm.conf file.
include=/opt/remi/php56/root/etc/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-5.6-error.log
pid = /var/run/php-fpm-5.6.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the text below into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-5.6.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the text below into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/opt/remi/php56/root/var/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /opt/remi/php56/root/var/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /opt/remi/php56/root/var/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php56-php-fpm
sudo systemctl start php56-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/example.com.
sudo mkdir /var/www/example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://example.com To http://www.example.com (Dynamic Page, PHP-FPM 5.6.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://www.example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/www.example.com
redirect:
internal: YES
status: 307
url: /index.php
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-5.6.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
In order to process PHP, the PHP-FPM 5.6 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands to install PHP version 5.6.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php56-php-fpm -y
Navigate to the /opt/remi/php56/root/etc/ directory.
cd /opt/remi/php56/root/etc/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the text below into the php-fpm.conf file.
include=/opt/remi/php56/root/etc/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-5.6-error.log
pid = /var/run/php-fpm-5.6.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the following text into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-5.6.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the following text below into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/opt/remi/php56/root/var/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /opt/remi/php56/root/var/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /opt/remi/php56/root/var/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php56-php-fpm
sudo systemctl start php56-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/www.example.com.
sudo mkdir /var/www/www.example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/www.example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://www.example.com To http://example.com (Dynamic Page, PHP-FPM 7.1.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/example.com
redirect:
internal: YES
status: 307
url: /index.php
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://example.com/"
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-7.1.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
In order to process PHP, the PHP-FPM 7.1 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands below to install PHP version 7.1.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php71-php-fpm -y
Navigate to the /etc/opt/remi/php71/ directory.
cd /etc/opt/remi/php71/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the following text into the php-fpm.conf file.
include=/etc/opt/remi/php71/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-7.1-error.log
pid = /var/run/php-fpm-7.1.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the text below into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-7.1.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the text below into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/var/opt/remi/php71/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /var/opt/remi/php71/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /var/opt/remi/php71/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php71-php-fpm
sudo systemctl start php71-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/example.com.
sudo mkdir /var/www/example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://example.com To http://www.example.com (Dynamic Page, PHP-FPM 7.1.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://www.example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/www.example.com
redirect:
internal: YES
status: 307
url: /index.php
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-7.1.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
In order to process PHP, the PHP-FPM 7.1 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands below to install PHP version 7.1.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php71-php-fpm -y
Navigate to the /etc/opt/remi/php71/ directory.
cd /etc/opt/remi/php71/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the text below into the php-fpm.conf file.
include=/etc/opt/remi/php71/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-7.1-error.log
pid = /var/run/php-fpm-7.1.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the following text into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-7.1.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the following text into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/var/opt/remi/php71/lib/php/session"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /var/opt/remi/php71/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /var/opt/remi/php71/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php71-php-fpm
sudo systemctl start php71-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/example.com.
sudo mkdir /var/www/www.example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/www.example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://example.com, http://www.example.com, and https://www.example.com to https://example.com (Static HTML Pages, No PHP) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.html' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://example.com/"
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Create a custom directory to store the default SSL options for all websites that use SSL.
sudo mkdir conf.d
Create a new ssl.conf file.
sudo nano conf.d/ssl.conf
Copy and paste the following text into the ssl.conf file.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Make a directory to store the dhparam_2048.pem file that will be regenerated daily via a cronjob.
sudo mkdir /etc/ssl/h2o/
Create a new regenerate_dhparam file.
sudo nano /etc/cron.daily/regenerate_dhparam
Copy and paste the following text into the regenerate_dhparam file.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Make the bash file just created executable.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Execute the bash script for a first run as H2O won't start properly if it's not generated. This will take about a minute or two to generate on first run.
sudo /etc/cron.daily/regenerate_dhparam
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a default index.html using the template in /var/www/html to the directory option file.dir listed above in /var/www/example.com.
sudo cp -var /var/www/html /var/www/example.com
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get this message.
Welcome to H2O - an optimized HTTP server
It works!
Redirect http://example.com, http://www.example.com, and https://example.com to https://www.example.com (Static HTML Pages, No PHP) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.html' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://www.example.com/"
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/www.example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Create a custom directory to store the default SSL options for all websites that use SSL.
sudo mkdir conf.d
Create a new ssl.conf file.
sudo nano conf.d/ssl.conf
Copy and paste the following text into the ssl.conf file.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Make a directory to store the dhparam_2048.pem file that will be regenerated daily via a cronjob.
sudo mkdir /etc/ssl/h2o/
Create a new regenerate_dhparam file.
sudo nano /etc/cron.daily/regenerate_dhparam
Copy and paste the following text inside of the regenerate_dhparam file.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Make the bash file just created executable.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Execute the bash script for a first run as H2O won't start properly if it's not generated. This will take about a minute or two to generate on first run.
sudo /etc/cron.daily/regenerate_dhparam
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a default index.html using the template in /var/www/html to the directory option file.dir listed above in /var/www/www.example.com.
sudo cp -var /var/www/html /var/www/www.example.com
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get this message.
Welcome to H2O - an optimized HTTP server
It works!
Redirect http://example.com, http://www.example.com, and https://www.example.com to https://example.com (Dynamic Page, PHP-FPM 5.6.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
internal: YES
status: 307
url: /index.php
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://example.com/"
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-5.6.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Create a custom directory to store the default SSL options for all websites that use SSL.
sudo mkdir conf.d
Create a new ssl.conf file.
sudo nano conf.d/ssl.conf
Copy and paste the text below into the ssl.conf file.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Make a directory to store the dhparam_2048.pem file that will be regenerated daily via a cronjob.
sudo mkdir /etc/ssl/h2o/
Create a new regenerate_dhparam file.
sudo nano /etc/cron.daily/regenerate_dhparam
Copy and paste the following text inside of the regenerate_dhparam file.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Make the bash file just created executable.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Execute the bash script for a first run as H2O won't start properly if it's not generated. This will take about a minute or two to generate on first run.
sudo /etc/cron.daily/regenerate_dhparam
In order to process PHP, the PHP-FPM 5.6 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands to install PHP version 5.6.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php56-php-fpm -y
Navigate to the /opt/remi/php56/root/etc/ directory.
cd /opt/remi/php56/root/etc/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the following text into the php-fpm.conf file.
include=/opt/remi/php56/root/etc/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-5.6-error.log
pid = /var/run/php-fpm-5.6.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the text below into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-5.6.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the text below into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/opt/remi/php56/root/var/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /opt/remi/php56/root/var/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /opt/remi/php56/root/var/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php56-php-fpm
sudo systemctl start php56-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/example.com.
sudo mkdir /var/www/example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://example.com, http://www.example.com, and https://example.com to https://www.example.com (Dynamic Page, PHP-FPM 5.6.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://www.example.com/"
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/www.example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
internal: YES
status: 307
url: /index.php
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-5.6.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Create a custom directory to store the default SSL options for all websites that use SSL.
sudo mkdir conf.d
Create a new ssl.conf file.
sudo nano conf.d/ssl.conf
Copy and paste the text below into the ssl.conf file.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Make a directory to store the dhparam_2048.pem file that will be regenerated daily via a cronjob.
sudo mkdir /etc/ssl/h2o/
Create a new regenerate_dhparam file.
sudo nano /etc/cron.daily/regenerate_dhparam
Copy and paste the following text inside of the regenerate_dhparam file.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Make the bash file just created executable.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Execute the bash script for a first run as H2O won't start properly if it's not generated. This will take about a minute or two to generate on first run.
sudo /etc/cron.daily/regenerate_dhparam
In order to process PHP, the PHP-FPM 5.6 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands to install PHP version 5.6.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php56-php-fpm -y
Navigate to the /opt/remi/php56/root/etc/ directory.
cd /opt/remi/php56/root/etc/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the text below into the php-fpm.conf file.
include=/opt/remi/php56/root/etc/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-5.6-error.log
pid = /var/run/php-fpm-5.6.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the text below into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-5.6.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the following text into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/opt/remi/php56/root/var/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /opt/remi/php56/root/var/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /opt/remi/php56/root/var/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php56-php-fpm
sudo systemctl start php56-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/www.example.com.
sudo mkdir /var/www/www.example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/www.example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://example.com, http://www.example.com, and https://www.example.com to https://example.com (Dynamic Page, PHP-FPM 7.1.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
internal: YES
status: 307
url: /index.php
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://example.com/"
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-7.1.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Create a custom directory to store the default SSL options for all websites that use SSL.
sudo mkdir conf.d
Create a new ssl.conf file.
sudo nano conf.d/ssl.conf
Copy and paste the text below into the ssl.conf file.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Make a directory to store the dhparam_2048.pem file that will be regenerated daily via a cronjob.
sudo mkdir /etc/ssl/h2o/
Create a new regenerate_dhparam file.
sudo nano /etc/cron.daily/regenerate_dhparam
Copy and paste the following text inside of the regenerate_dhparam file.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Make the bash file just created executable.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Execute the bash script for a first run as H2O won't start properly if it's not generated. This will take about a minute or two to generate on first run.
sudo /etc/cron.daily/regenerate_dhparam
In order to process PHP, the PHP-FPM 7.1 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands below to install PHP version 7.1.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php71-php-fpm -y
Navigate to the /etc/opt/remi/php71/ directory.
cd /etc/opt/remi/php71/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the text below into the php-fpm.conf file.
include=/etc/opt/remi/php71/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-7.1-error.log
pid = /var/run/php-fpm-7.1.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the following text into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-7.1.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the following text below into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/var/opt/remi/php71/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /var/opt/remi/php71/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /var/opt/remi/php71/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php71-php-fpm
sudo systemctl start php71-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/example.com.
sudo mkdir /var/www/example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://example.com, http://www.example.com, and https://example.com to https://www.example.com (Dynamic Page, PHP-FPM 7.1.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://www.example.com/"
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/www.example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
internal: YES
status: 307
url: /index.php
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-7.1.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Create a custom directory to store the default SSL options for all websites that use SSL.
sudo mkdir conf.d
Create a new ssl.conf file.
sudo nano conf.d/ssl.conf
Copy and paste the text below into the ssl.conf file.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Make a directory to store the dhparam_2048.pem file that will be regenerated daily via a cronjob.
sudo mkdir /etc/ssl/h2o/
Create a new regenerate_dhparam file.
sudo nano /etc/cron.daily/regenerate_dhparam
Copy and paste the following text inside of the regenerate_dhparam file.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Make the bash file just created executable.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Execute the bash script for a first run as H2O won't start properly if it's not generated. This will take about a minute or two to generate on first run.
sudo /etc/cron.daily/regenerate_dhparam
PHP töötlemiseks peab olema installitud ja konfigureeritud PHP-FPM 7.1 deemon. PHP-FPM-i vaikeversioonist 5.4.x uuema versiooni installimiseks tuleb installida REMI repo, mis sisaldab PHP versioone 5.6.x, 7.0.x ja 7.1.x. PHP versiooni 7.1.x installimiseks tippige järgmised käsud.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php71-php-fpm -y
Liikuge /etc/opt/remi/php71/kataloogi.
cd /etc/opt/remi/php71/
Nimetage vaikeseade php-fpm.confümber php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Looge uus php-fpm.conffail.
sudo nano php-fpm.conf
Kopeerige ja kleepige php-fpm.conffaili järgmine tekst .
include=/etc/opt/remi/php71/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-7.1-error.log
pid = /var/run/php-fpm-7.1.pid
process_control_timeout = 10s
Nimeta vaikimisi www.conffaili php-fpm.dkataloog.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Looge uus www.conffail.
sudo nano php-fpm.d/www.conf
Kopeerige ja kleepige allolev tekst www.conffaili. Muutke pm.max\_childrenoma VPS-i eksemplarile vastavaks CPU-de arvuga.
[www]
group = h2o
listen = /var/run/php-fpm-7.1.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Nimetage vaikefail ümber php.ini.
sudo mv php.ini php.ini.original
Looge uus php.inifail.
sudo nano php.ini
Kopeerige ja kleepige allolev tekst uude php.ini file. Muutke memory\_limit, post\_max\_size, upload\_max\_filesizeja date.timezonevastavalt oma VPS näiteks.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/var/opt/remi/php71/lib/php/session"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Muutke /var/opt/remi/php71/lib/php/session/kataloogi rühma omandiõigust apacherühmalt h2orühmale.
sudo chown root.h2o /var/opt/remi/php71/lib/php/session/
Looge kataloog, kus asuvad PHP-FPM-i serveri logid.
sudo mkdir /var/log/php-fpm/
Lubage ja käivitage PHP-FPM-server.
sudo systemctl enable php71-php-fpm
sudo systemctl start php71-php-fpm
Lubage ja käivitage H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Looge kataloog, kus vaikeseade index.phpasub file.dirülaltoodud kataloogivalikuga loendis /var/www/example.com.
sudo mkdir /var/www/www.example.com
Loo vaikimisi index.phpkasutab phpinfotestimiseks käsku PHP.
sudo nano /var/www/www.example.com/index.php
Kopeerige ja kleepige allolev tekst uude index.phpfaili.
<?php
phpinfo();
?>
Nüüd avage brauser ja sisestage oma eksemplari serveri domeeninimi ( example.comvõi www.example.com). Kas saate sõnumi Unable to connectvõi This site can’t be reachedsõnumi? CentOS-i tulemüüri vaikeseade ei luba sissetulevaid ühendusi http-porti. Selle avamiseks tehke järgmist.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Värskendage lehte oma brauseris ( F5) ja saate tavalise PHP teabelehe.
See lõpetab minu õpetuse. Täname lugemise eest.
DDOS-i rünnakud: lühike ülevaade
Kas olete ka DDOS-i rünnakute ohver ja olete segaduses ennetusmeetodite osas? Oma päringute lahendamiseks lugege seda artiklit.
Kas olete kunagi mõelnud, kuidas häkkerid raha teenivad?
Võib-olla olete kuulnud, et häkkerid teenivad palju raha, kuid kas olete kunagi mõelnud, kuidas nad sellist raha teenivad? arutleme.
Googlei revolutsioonilised leiutised, mis muudavad teie elu lihtsaks.
Kas soovite näha Google'i revolutsioonilisi leiutisi ja seda, kuidas need leiutised muutsid iga inimese elu tänapäeval? Seejärel lugege ajaveebi, et näha Google'i leiutisi.
Reede oluline osa: mis juhtus tehisintellektiga juhitavate autodega?
Isejuhtivate autode kontseptsioon tehisintellekti abil teedele jõudmiseks on meil juba mõnda aega unistus. Kuid vaatamata mitmele lubadusele pole neid kusagil näha. Lisateabe saamiseks lugege seda ajaveebi…
Tehnoloogiline singulaarsus: inimtsivilisatsiooni kauge tulevik?
Kuna teadus areneb kiiresti, võttes üle suure osa meie jõupingutustest, suureneb ka oht, et allume seletamatule singulaarsusele. Loe, mida singulaarsus meie jaoks tähendada võiks.
Suurandmete viitearhitektuuri kihtide funktsioonid
Lugege ajaveebi, et kõige lihtsamal viisil teada saada Big Data Architecture'i erinevaid kihte ja nende funktsioone.
Andmesalvestuse areng – infograafik
Andmete säilitamise meetodid on arenenud alates andmete sünnist. See ajaveeb käsitleb infograafiku alusel andmete salvestamise arengut.
6 hämmastavat eelist nutikate koduseadmete olemasolust meie elus
Selles digipõhises maailmas on nutikad koduseadmed muutunud elu oluliseks osaks. Siin on mõned nutikate koduseadmete hämmastavad eelised, mis muudavad meie elu elamisväärseks ja lihtsamaks.
macOS Catalina 10.15.4 täienduse värskendus põhjustab rohkem probleeme kui lahendamine
Hiljuti andis Apple välja macOS Catalina 10.15.4 täiendusvärskenduse probleemide lahendamiseks, kuid tundub, et värskendus põhjustab rohkem probleeme, mille tulemuseks on Maci masinate tellimine. Lisateabe saamiseks lugege seda artiklit