Installera Plesk på CentOS 7
Använder du ett annat system? Plesk är en egen kontrollpanel för webbhotell som tillåter användare att administrera sina personliga och/eller klienters webbplatser, databaser
Installera H2O-webbservern på CentOS 7
H2O är en ny generation HTTP-server som har en fantastisk, fullt utrustad HTTP/2-implementering av alla nuvarande webbservrar som används. Med H2O som din webbserver kan du dra nytta av de nya funktionerna i HTTP/2-specifikationen, som latensoptimering, server-push och prioritering på serversidan som kan dra nytta av moderna webbläsarfunktioner som det sällan pratas om.
I denna detaljerade handledning kommer jag att visa dig steg för steg hur du får H2O att köra på din CentOS 7 x64-instans.
Förutsättningar
- En CentOS 7 x64-serverinstans.
- En sudo- användare.
- Ett SSL-certifikat (valfritt)
Steg 1: Uppdatera systemet
Logga in via SSH med de referenser som finns under din instans och uppdatera systemet enligt följande.
sudo yum install epel-release -y
sudo yum clean all && sudo yum update -y
Steg 2: Installera H2O
För att installera H2O på CentOS 7 måste du lägga till Bintray RPM-förrådet för att installera de förbyggda H2O-binärfilerna. Använd Nano-redigeraren för att skapa en anpassad repo.
sudo nano /etc/yum.repos.d/bintray-h2o-rpm.repo
Kopiera och klistra in texten nedan i repofilen.
[bintray-h2o-rpm]
name=bintray-h2o-rpm
baseurl=https://dl.bintray.com/tatsushid/h2o-rpm/centos/$releasever/$basearch/
gpgcheck=0
repo_gpgcheck=0
enabled=1
Installera sedan H2O.
sudo yum install h2o -y
Nu när H2O är installerat, men innan du aktiverar och startar tjänsten, krävs en korrekt konfiguration och vi måste skapa en specifik användare och grupp som H2O kan köras under. Skapa en grupp och användare för H2O att köra under namngiven h2o.
sudo groupadd -g 101 h2o
sudo useradd -d /etc/h2o -g 101 -M -s /sbin/nologin -u 101 h2o
Steg 3: Konfigurera H2O-webbservern
Följande steg kommer att ge exempel på konfigurationsinställningar för olika unencrypted, encrypted, staticoch dynamicserverinställningar; samt en kombination av alla fyra.
Omdirigera http://www.example.comtill http://example.com(statiska HTML-sidor, ingen PHP) konfiguration
Navigera till /etc/h2o/katalogen.
cd /etc/h2o/
Byt namn på standard h2o.conftill h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Skapa en ny h2o.conffil.
sudo nano h2o.conf
Kopiera och klistra in texten nedan i h2o.conffilen.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.html' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/example.com
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://example.com/"
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Aktivera och starta H2O-servern.
sudo systemctl enable h2o
sudo systemctl start h2o
Skapa en standard index.htmlmed mallen i /var/www/htmlkatalogalternativet som file.diranges ovan i /var/www/example.com.
sudo cp -var /var/www/html /var/www/example.com
Öppna nu din webbläsare och ange serverdomännamnet ( example.comeller www.example.com) för din instans. Får du ett Unable to connecteller ett This site can’t be reachedmeddelande? CentOS standardinställning för brandvägg tillåter inte inkommande anslutningar till http-porten. Utför följande för att öppna den.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Uppdatera sidan i din webbläsare ( F5) så får du detta meddelande.
Welcome to H2O - an optimized HTTP server
It works!
Omdirigera http://example.comtill http://www.example.com(statiska HTML-sidor, ingen PHP) konfiguration
Navigera till /etc/h2o/katalogen.
cd /etc/h2o/
Byt namn på standard h2o.conftill h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Skapa en ny h2o.conffil.
sudo nano h2o.conf
Kopiera och klistra in följande text i h2o.conffilen.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.html' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://www.example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/www.example.com
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Aktivera och starta H2O-servern.
sudo systemctl enable h2o
sudo systemctl start h2o
Skapa en standardfil med index.htmlhjälp av mallen i /var/www/htmlkatalogalternativet som file.diranges ovan i /var/www/www.example.com.
sudo cp -var /var/www/html /var/www/www.example.com
Öppna nu din webbläsare och ange serverdomännamnet ( example.comeller www.example.com) för din instans. Får du ett Unable to connecteller ett This site can’t be reachedmeddelande? CentOS standardinställning för brandvägg tillåter inte inkommande anslutningar till http-porten. Gör följande för att öppna den.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Uppdatera sidan i din webbläsare ( F5) så får du detta meddelande.
Welcome to H2O - an optimized HTTP server
It works!
Omdirigera http://www.example.comtill http://example.com(dynamisk sida, PHP-FPM 5.6.x) konfiguration
Navigera till /etc/h2o/katalogen.
cd /etc/h2o/
Byt namn på standard h2o.conftill h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Skapa en ny h2o.conffil.
sudo nano h2o.conf
Kopiera och klistra in följande text i h2o.conffilen.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/example.com
redirect:
internal: YES
status: 307
url: /index.php
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://example.com/"
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-5.6.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
In order to process PHP, the PHP-FPM 5.6 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Install PHP version 5.6.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php56-php-fpm -y
Navigate to the /opt/remi/php56/root/etc/ directory.
cd /opt/remi/php56/root/etc/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the text below into the php-fpm.conf file.
include=/opt/remi/php56/root/etc/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-5.6-error.log
pid = /var/run/php-fpm-5.6.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the text below into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-5.6.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the text below into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/opt/remi/php56/root/var/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /opt/remi/php56/root/var/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /opt/remi/php56/root/var/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php56-php-fpm
sudo systemctl start php56-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/example.com.
sudo mkdir /var/www/example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://example.com To http://www.example.com (Dynamic Page, PHP-FPM 5.6.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://www.example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/www.example.com
redirect:
internal: YES
status: 307
url: /index.php
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-5.6.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
In order to process PHP, the PHP-FPM 5.6 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands to install PHP version 5.6.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php56-php-fpm -y
Navigate to the /opt/remi/php56/root/etc/ directory.
cd /opt/remi/php56/root/etc/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the text below into the php-fpm.conf file.
include=/opt/remi/php56/root/etc/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-5.6-error.log
pid = /var/run/php-fpm-5.6.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the following text into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-5.6.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the following text below into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/opt/remi/php56/root/var/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /opt/remi/php56/root/var/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /opt/remi/php56/root/var/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php56-php-fpm
sudo systemctl start php56-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/www.example.com.
sudo mkdir /var/www/www.example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/www.example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://www.example.com To http://example.com (Dynamic Page, PHP-FPM 7.1.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/example.com
redirect:
internal: YES
status: 307
url: /index.php
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://example.com/"
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-7.1.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
In order to process PHP, the PHP-FPM 7.1 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands below to install PHP version 7.1.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php71-php-fpm -y
Navigate to the /etc/opt/remi/php71/ directory.
cd /etc/opt/remi/php71/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the following text into the php-fpm.conf file.
include=/etc/opt/remi/php71/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-7.1-error.log
pid = /var/run/php-fpm-7.1.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the text below into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-7.1.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the text below into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/var/opt/remi/php71/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /var/opt/remi/php71/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /var/opt/remi/php71/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php71-php-fpm
sudo systemctl start php71-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/example.com.
sudo mkdir /var/www/example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://example.com To http://www.example.com (Dynamic Page, PHP-FPM 7.1.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "http://www.example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
file.dir: /var/www/www.example.com
redirect:
internal: YES
status: 307
url: /index.php
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-7.1.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
In order to process PHP, the PHP-FPM 7.1 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands below to install PHP version 7.1.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php71-php-fpm -y
Navigate to the /etc/opt/remi/php71/ directory.
cd /etc/opt/remi/php71/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the text below into the php-fpm.conf file.
include=/etc/opt/remi/php71/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-7.1-error.log
pid = /var/run/php-fpm-7.1.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the following text into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-7.1.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the following text into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/var/opt/remi/php71/lib/php/session"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /var/opt/remi/php71/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /var/opt/remi/php71/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php71-php-fpm
sudo systemctl start php71-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/example.com.
sudo mkdir /var/www/www.example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/www.example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://example.com, http://www.example.com, and https://www.example.com to https://example.com (Static HTML Pages, No PHP) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.html' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://example.com/"
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Create a custom directory to store the default SSL options for all websites that use SSL.
sudo mkdir conf.d
Create a new ssl.conf file.
sudo nano conf.d/ssl.conf
Copy and paste the following text into the ssl.conf file.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Make a directory to store the dhparam_2048.pem file that will be regenerated daily via a cronjob.
sudo mkdir /etc/ssl/h2o/
Create a new regenerate_dhparam file.
sudo nano /etc/cron.daily/regenerate_dhparam
Copy and paste the following text into the regenerate_dhparam file.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Make the bash file just created executable.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Execute the bash script for a first run as H2O won't start properly if it's not generated. This will take about a minute or two to generate on first run.
sudo /etc/cron.daily/regenerate_dhparam
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a default index.html using the template in /var/www/html to the directory option file.dir listed above in /var/www/example.com.
sudo cp -var /var/www/html /var/www/example.com
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get this message.
Welcome to H2O - an optimized HTTP server
It works!
Redirect http://example.com, http://www.example.com, and https://example.com to https://www.example.com (Static HTML Pages, No PHP) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.html' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://www.example.com/"
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/www.example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Create a custom directory to store the default SSL options for all websites that use SSL.
sudo mkdir conf.d
Create a new ssl.conf file.
sudo nano conf.d/ssl.conf
Copy and paste the following text into the ssl.conf file.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Make a directory to store the dhparam_2048.pem file that will be regenerated daily via a cronjob.
sudo mkdir /etc/ssl/h2o/
Create a new regenerate_dhparam file.
sudo nano /etc/cron.daily/regenerate_dhparam
Copy and paste the following text inside of the regenerate_dhparam file.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Make the bash file just created executable.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Execute the bash script for a first run as H2O won't start properly if it's not generated. This will take about a minute or two to generate on first run.
sudo /etc/cron.daily/regenerate_dhparam
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a default index.html using the template in /var/www/html to the directory option file.dir listed above in /var/www/www.example.com.
sudo cp -var /var/www/html /var/www/www.example.com
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get this message.
Welcome to H2O - an optimized HTTP server
It works!
Redirect http://example.com, http://www.example.com, and https://www.example.com to https://example.com (Dynamic Page, PHP-FPM 5.6.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
internal: YES
status: 307
url: /index.php
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://example.com/"
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-5.6.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Create a custom directory to store the default SSL options for all websites that use SSL.
sudo mkdir conf.d
Create a new ssl.conf file.
sudo nano conf.d/ssl.conf
Copy and paste the text below into the ssl.conf file.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Make a directory to store the dhparam_2048.pem file that will be regenerated daily via a cronjob.
sudo mkdir /etc/ssl/h2o/
Create a new regenerate_dhparam file.
sudo nano /etc/cron.daily/regenerate_dhparam
Copy and paste the following text inside of the regenerate_dhparam file.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Make the bash file just created executable.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Execute the bash script for a first run as H2O won't start properly if it's not generated. This will take about a minute or two to generate on first run.
sudo /etc/cron.daily/regenerate_dhparam
In order to process PHP, the PHP-FPM 5.6 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands to install PHP version 5.6.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php56-php-fpm -y
Navigate to the /opt/remi/php56/root/etc/ directory.
cd /opt/remi/php56/root/etc/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the following text into the php-fpm.conf file.
include=/opt/remi/php56/root/etc/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-5.6-error.log
pid = /var/run/php-fpm-5.6.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the text below into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-5.6.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the text below into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/opt/remi/php56/root/var/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /opt/remi/php56/root/var/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /opt/remi/php56/root/var/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php56-php-fpm
sudo systemctl start php56-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/example.com.
sudo mkdir /var/www/example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://example.com, http://www.example.com, and https://example.com to https://www.example.com (Dynamic Page, PHP-FPM 5.6.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://www.example.com/"
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/www.example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
internal: YES
status: 307
url: /index.php
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-5.6.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Create a custom directory to store the default SSL options for all websites that use SSL.
sudo mkdir conf.d
Create a new ssl.conf file.
sudo nano conf.d/ssl.conf
Copy and paste the text below into the ssl.conf file.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Make a directory to store the dhparam_2048.pem file that will be regenerated daily via a cronjob.
sudo mkdir /etc/ssl/h2o/
Create a new regenerate_dhparam file.
sudo nano /etc/cron.daily/regenerate_dhparam
Copy and paste the following text inside of the regenerate_dhparam file.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Make the bash file just created executable.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Execute the bash script for a first run as H2O won't start properly if it's not generated. This will take about a minute or two to generate on first run.
sudo /etc/cron.daily/regenerate_dhparam
In order to process PHP, the PHP-FPM 5.6 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands to install PHP version 5.6.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php56-php-fpm -y
Navigate to the /opt/remi/php56/root/etc/ directory.
cd /opt/remi/php56/root/etc/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the text below into the php-fpm.conf file.
include=/opt/remi/php56/root/etc/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-5.6-error.log
pid = /var/run/php-fpm-5.6.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the text below into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-5.6.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the following text into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/opt/remi/php56/root/var/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /opt/remi/php56/root/var/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /opt/remi/php56/root/var/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php56-php-fpm
sudo systemctl start php56-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/www.example.com.
sudo mkdir /var/www/www.example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/www.example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Redirect http://example.com, http://www.example.com, and https://www.example.com to https://example.com (Dynamic Page, PHP-FPM 7.1.x) Configuration
Navigate to the /etc/h2o/ directory.
cd /etc/h2o/
Rename the default h2o.conf to h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Create a new h2o.conf file.
sudo nano h2o.conf
Copy and paste the text below into the h2o.conf file.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
internal: YES
status: 307
url: /index.php
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://example.com/"
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-7.1.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Create a custom directory to store the default SSL options for all websites that use SSL.
sudo mkdir conf.d
Create a new ssl.conf file.
sudo nano conf.d/ssl.conf
Copy and paste the text below into the ssl.conf file.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Make a directory to store the dhparam_2048.pem file that will be regenerated daily via a cronjob.
sudo mkdir /etc/ssl/h2o/
Create a new regenerate_dhparam file.
sudo nano /etc/cron.daily/regenerate_dhparam
Copy and paste the following text inside of the regenerate_dhparam file.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Make the bash file just created executable.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Execute the bash script for a first run as H2O won't start properly if it's not generated. This will take about a minute or two to generate on first run.
sudo /etc/cron.daily/regenerate_dhparam
In order to process PHP, the PHP-FPM 7.1 daemon must be installed and configured. In order to install a version of PHP-FPM newer than the default 5.4.x, the REMI repo must be installed which contains PHP versions 5.6.x, 7.0.x and 7.1.x. Type the following commands below to install PHP version 7.1.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php71-php-fpm -y
Navigate to the /etc/opt/remi/php71/ directory.
cd /etc/opt/remi/php71/
Rename the default php-fpm.conf to php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Create a new php-fpm.conf file.
sudo nano php-fpm.conf
Copy and paste the text below into the php-fpm.conf file.
include=/etc/opt/remi/php71/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-7.1-error.log
pid = /var/run/php-fpm-7.1.pid
process_control_timeout = 10s
Rename the default www.conf file in the php-fpm.d directory.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Create a new www.conf file.
sudo nano php-fpm.d/www.conf
Copy and paste the following text into the www.conf file. Change your pm.max\_children to match the number of CPUs in accordance with your VPS instance.
[www]
group = h2o
listen = /var/run/php-fpm-7.1.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Rename the default php.ini file.
sudo mv php.ini php.ini.original
Create a new php.ini file.
sudo nano php.ini
Copy and paste the following text below into the new php.ini file. Change the memory\_limit, post\_max\_size, upload\_max\_filesize and date.timezone in accordance with your VPS instance.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/var/opt/remi/php71/lib/php/session/"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Change the group ownership for the /var/opt/remi/php71/lib/php/session/ directory from the apache group to the h2o group.
sudo chown root.h2o /var/opt/remi/php71/lib/php/session/
Create a directory where the PHP-FPM server logs will reside.
sudo mkdir /var/log/php-fpm/
Enable and start the PHP-FPM server.
sudo systemctl enable php71-php-fpm
sudo systemctl start php71-php-fpm
Enable and start the H2O server.
sudo systemctl enable h2o
sudo systemctl start h2o
Create a directory where the default index.php will reside listed by the directory option file.dir above in /var/www/example.com.
sudo mkdir /var/www/example.com
Create a default index.php using the phpinfo command to test PHP.
sudo nano /var/www/example.com/index.php
Copy and paste the text below in the new index.php file.
<?php
phpinfo();
?>
Now, open your browser and enter the server domain name (example.com or www.example.com) for your instance. Are you getting an Unable to connect or a This site can’t be reached message? CentOS's default firewall setting disallows incoming connections to the http port. Do the following to open it.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Refresh the page in your browser (F5) and you will get the standard PHP info page.
Omdirigera http://example.com, http://www.example.com, och https://example.comtill https://www.example.com(Dynamisk sida, PHP-FPM 7.1.x) konfiguration
Navigera till /etc/h2o/katalogen.
cd /etc/h2o/
Byt namn på standard h2o.conftill h2o.conf.original.
sudo mv h2o.conf h2o.conf.original
Skapa en ny h2o.conffil.
sudo nano h2o.conf
Kopiera och klistra in texten nedan i h2o.conffilen.
access-log: /var/log/h2o/access.log
compress: ON
error-log: /var/log/h2o/error.log
expires: 1 day
file.index: [ 'index.php' ]
hosts:
"example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://example.com/"
"www.example.com:80":
listen:
port: 80
paths:
"/":
redirect:
status: 301
url: "https://www.example.com/"
"example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
status: 301
url: "https://www.example.com/"
"www.example.com:443":
listen:
port: 443
ssl:
<<: !file /etc/h2o/conf.d/ssl.conf
certificate-file: /location/of/certificate/file/fullchain.ext
key-file: /location/of/private/key/file/privkey.ext
paths:
"/":
file.dir: /var/www/www.example.com
header.add: "strict-transport-security: max-age=31536000; includeSubDomains; preload"
redirect:
internal: YES
status: 307
url: /index.php
file.custom-handler:
extension: .php
fastcgi.connect:
port: /run/php-fpm-7.1.sock
type: unix
pid-file: /var/run/h2o/h2o.pid
send-server-name: OFF
setenv:
HTTP_PROXY: ""
user: h2o
Skapa en anpassad katalog för att lagra standard-SSL-alternativen för alla webbplatser som använder SSL.
sudo mkdir conf.d
Skapa en ny ssl.conffil.
sudo nano conf.d/ssl.conf
Kopiera och klistra in texten nedan i ssl.conffilen.
cipher-preference: server
cipher-suite: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
dh-file: /etc/ssl/h2o/dhparam_2048.pem
Skapa en katalog för att lagra dhparam_2048.pemfilen som kommer att regenereras dagligen via en cronjob.
sudo mkdir /etc/ssl/h2o/
Skapa en ny regenerate_dhparamfil.
sudo nano /etc/cron.daily/regenerate_dhparam
Kopiera och klistra in följande text inuti regenerate_dhparamfilen.
#!/bin/bash
cd /etc/ssl/h2o
umask 022
for length in 2048
do
openssl dhparam -out dhparam_$length.tmp $length && mv dhparam_$length.tmp dhparam_$length.pem
chmod 444 dhparam_$length.pem
done
Gör bash-filen som just skapats körbar.
sudo chmod +x /etc/cron.daily/regenerate_dhparam
Kör bash-skriptet för en första körning eftersom H2O inte startar ordentligt om det inte genereras. Detta kommer att ta ungefär en minut eller två att generera vid första körningen.
sudo /etc/cron.daily/regenerate_dhparam
För att kunna bearbeta PHP måste PHP-FPM 7.1-demonen vara installerad och konfigurerad. För att installera en version av PHP-FPM som är nyare än standardversionen 5.4.x måste REMI-repo vara installerad som innehåller PHP-versionerna 5.6.x, 7.0.x och 7.1.x. Skriv följande kommandon för att installera PHP version 7.1.x.
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install php71-php-fpm -y
Navigera till /etc/opt/remi/php71/katalogen.
cd /etc/opt/remi/php71/
Byt namn på standard php-fpm.conftill php-fpm.conf.original.
sudo mv php-fpm.conf php-fpm.conf.original
Skapa en ny php-fpm.conffil.
sudo nano php-fpm.conf
Kopiera och klistra in följande text i php-fpm.conffilen.
include=/etc/opt/remi/php71/php-fpm.d/*.conf
[global]
daemonize = yes
emergency_restart_threshold = 2
emergency_restart_interval = 1m
error_log = /var/log/php-fpm/php-fpm-7.1-error.log
pid = /var/run/php-fpm-7.1.pid
process_control_timeout = 10s
Byt namn på standardfilen www.confi php-fpm.dkatalogen.
sudo mv php-fpm.d/www.conf php-fpm.d/www.conf.original
Skapa en ny www.conffil.
sudo nano php-fpm.d/www.conf
Kopiera och klistra in texten nedan i www.conffilen. Ändra din för pm.max\_childrenatt matcha antalet CPU:er i enlighet med din VPS-instans.
[www]
group = h2o
listen = /var/run/php-fpm-7.1.sock
listen.backlog = 65536
listen.owner = h2o
listen.group = h2o
pm = static
pm.max_children = 2
pm.max_requests = 10240
user = h2o
Byt namn på standardfilen php.ini.
sudo mv php.ini php.ini.original
Skapa en ny php.inifil.
sudo nano php.ini
Kopiera och klistra in följande text nedan i den nya php.ini file. Ändra memory\_limit, post\_max\_size, upload\_max\_filesizeoch date.timezonei enlighet med din VPS-instans.
[PHP]
allow_url_fopen = On
always_populate_raw_post_data = -1
display_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
log_errors = On
memory_limit = 256M
output_buffering = 4096
post_max_size = 64M
register_argc_argv = Off
request_order = "GP"
upload_max_filesize = 64M
variables_order = "GPCS"
[Date]
date.timezone = America/New_York
[Session]
session.cache_limiter =
session.gc_divisor = 1000
session.hash_bits_per_character = 5
session.save_handler = files
session.save_path = "/var/opt/remi/php71/lib/php/session"
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
Ändra gruppägandet för /var/opt/remi/php71/lib/php/session/katalogen från apachegruppen till h2ogruppen.
sudo chown root.h2o /var/opt/remi/php71/lib/php/session/
Skapa en katalog där PHP-FPM-serverloggarna kommer att finnas.
sudo mkdir /var/log/php-fpm/
Aktivera och starta PHP-FPM-servern.
sudo systemctl enable php71-php-fpm
sudo systemctl start php71-php-fpm
Aktivera och starta H2O-servern.
sudo systemctl enable h2o
sudo systemctl start h2o
Skapa en katalog där standarden index.phpkommer att finnas listad av katalogalternativet file.dirovan i /var/www/example.com.
sudo mkdir /var/www/www.example.com
Skapa en standard index.phpmed phpinfokommandot för att testa PHP.
sudo nano /var/www/www.example.com/index.php
Kopiera och klistra in texten nedan i den nya index.phpfilen.
<?php
phpinfo();
?>
Öppna nu din webbläsare och ange serverdomännamnet ( example.comeller www.example.com) för din instans. Får du ett Unable to connecteller ett This site can’t be reachedmeddelande? CentOS standardinställning för brandvägg tillåter inte inkommande anslutningar till http-porten. Gör följande för att öppna den.
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
Uppdatera sidan i din webbläsare ( F5) så får du standard PHP-infosida.
Detta avslutar min handledning. Tack för att du läser.
Hur man installerar Squid Proxy på CentOS
Squid är ett populärt, gratis Linux-program som låter dig skapa en webbproxy för vidarebefordran. I den här guiden ser du hur du installerar Squid på CentOS för att förvandla dig
Hur man installerar Lighttpd (LLMP Stack) på CentOS 6
Inledning Lighttpd är en apachegaffel som syftar till att vara mycket mindre resurskrävande. Den är lätt, därav namnet, och är ganska enkel att använda. Installera
Konfigurera statiskt nätverk och IPv6 på CentOS 7
VULTR har nyligen gjort ändringar på deras sida, och allt borde nu fungera bra direkt när NetworkManager är aktiverat. Om du vill inaktivera
Ändra Icinga2 för att använda Master/Client Model på CentOS 6 eller CentOS 7
Icinga2 är ett kraftfullt övervakningssystem, och när det används i en master-klient-modell kan det ersätta behovet av NRPE-baserade övervakningskontroller. Master-klienten
Hur man installerar Apache Cassandra 3.11.x på CentOS 7
Använder du ett annat system? Apache Cassandra är ett gratis NoSQL-databashanteringssystem med öppen källkod som är designat för att ge skalbarhet, hög
Hur man installerar Microweber på CentOS 7
Använder du ett annat system? Microweber är en öppen källkod för dra och släpp CMS och onlinebutik. Microweber källkod finns på GitHub. Denna guide kommer att visa dig
Hur man installerar Vanilla Forum på CentOS 7
Använder du ett annat system? Vanilla forum är en open source forumapplikation skriven i PHP. Det är en helt anpassningsbar, enkel att använda och stöder externa
Hur man installerar Mattermost 4.1 på CentOS 7
Använder du ett annat system? Mattermost är ett alternativ med öppen källkod, självvärd till meddelandetjänsten Slack SAAS. Med andra ord, med Mattermost, du ca
Skapa ett nätverk av Minecraft-servrar med BungeeCord på Debian 8, Debian 9 eller CentOS 7
Vad du behöver En Vultr VPS med minst 1 GB RAM. SSH-åtkomst (med root-/administrativa privilegier). Steg 1: Installera BungeeCord Först till kvarn
Låt oss kryptera på Plesk
Plesks kontrollpanel har en mycket trevlig integration för Lets Encrypt. Lets Encrypt är en av de enda SSL-leverantörerna som ger ut certifikat fullständigt
Låter kryptera på cPanel
Lets Encrypt är en certifikatmyndighet dedikerad till att tillhandahålla SSL-certifikat gratis. cPanel har byggt en snygg integration så att du och din klient
Hur man installerar Concrete5 på CentOS 7
Använder du ett annat system? Concrete5 är ett CMS med öppen källkod som erbjuder många distinkta och användbara funktioner för att hjälpa redaktörer att producera innehåll enkelt och
Hur man installerar Review Board på CentOS 7
Använder du ett annat system? Review Board är ett gratis och öppen källkodsverktyg för att granska källkod, dokumentation, bilder och många fler. Det är webbaserad mjukvara
Ställ in HTTP-autentisering med Nginx på CentOS 7
I den här guiden lär du dig hur du ställer in HTTP-autentisering för en Nginx-webbserver som körs på CentOS 7. Krav För att komma igång behöver du
Hur man installerar YOURLS på CentOS 7
YOURLS (Your Own URL Shortener) är ett webbadressförkortnings- och dataanalysprogram med öppen källkod. I den här artikeln kommer vi att täcka installationsprocessen
Hur man installerar och konfigurerar ArangoDB på CentOS 7
Använder du ett annat system? Inledning ArangoDB är en NoSQL-databas med öppen källkod med en flexibel datamodell för dokument, grafer och nyckel-värden. Det är
Använda Etckeeper för versionskontroll av /etc
Inledning Katalogen /etc/ spelar en avgörande roll för hur ett Linux-system fungerar. Anledningen till detta är att nästan varje systemkonfiguration
Varför ska du använda SSHFS? Hur man monterar ett fjärrfilsystem med SSHFS på CentOS 6
Många systemadministratörer hanterar stora mängder servrar. När filer behöver nås över olika servrar, logga in på var och en individuellt ca
Konfigurera en Half Life 2-server på CentOS 6
Denna handledning kommer att täcka processen att installera en Half Life 2-spelserver på CentOS 6 System. Steg 1: Installera förutsättningarna För att ställa in ou
The Rise of Machines: Real World Applications of AI
Artificiell intelligens är inte i framtiden, det är här i nuet I den här bloggen Läs hur Artificiell intelligens-applikationer har påverkat olika sektorer.
DDOS-attacker: En kort översikt
Är du också ett offer för DDOS-attacker och förvirrad över de förebyggande metoderna? Läs den här artikeln för att lösa dina frågor.
Har du någonsin undrat hur hackare tjänar pengar?
Du kanske har hört att hackare tjänar mycket pengar, men har du någonsin undrat hur de tjänar den typen av pengar? låt oss diskutera.
Revolutionerande uppfinningar från Google som gör ditt liv lätt.
Vill du se revolutionerande uppfinningar av Google och hur dessa uppfinningar förändrade livet för varje människa idag? Läs sedan till bloggen för att se uppfinningar av Google.
Fredag Essential: Vad hände med AI-drivna bilar?
Konceptet med att självkörande bilar ska ut på vägarna med hjälp av artificiell intelligens är en dröm vi har ett tag nu. Men trots flera löften finns de ingenstans att se. Läs den här bloggen för att lära dig mer...
Technological Singularity: A Distant Future of Human Civilization?
När vetenskapen utvecklas i snabb takt och tar över en hel del av våra ansträngningar, ökar också riskerna för att utsätta oss för en oförklarlig singularitet. Läs, vad singularitet kan betyda för oss.
Utveckling av datalagring – Infographic
Lagringsmetoderna för data har utvecklats kan vara sedan födelsen av data. Den här bloggen tar upp utvecklingen av datalagring på basis av en infografik.
Funktioner för Big Data Reference Architecture Layers
Läs bloggen för att känna till olika lager i Big Data Architecture och deras funktionaliteter på enklaste sätt.
6 fantastiska fördelar med att ha smarta hemenheter i våra liv
I denna digitala värld har smarta hemenheter blivit en avgörande del av livet. Här är några fantastiska fördelar med smarta hemenheter om hur de gör vårt liv värt att leva och enklare.
macOS Catalina 10.15.4 tilläggsuppdatering orsakar fler problem än att lösa
Nyligen släppte Apple macOS Catalina 10.15.4, en tilläggsuppdatering för att åtgärda problem, men det verkar som om uppdateringen orsakar fler problem som leder till att mac-datorer blir murade. Läs den här artikeln för att lära dig mer
