5.52-55PHP-FPM配置文件详解
php-fpm.conf
php.ini
www.conf
php-fpm.conf
- php-fpm.conf是主配置文件,配置文件路径:/usr/local/php-fpm/etc/php-fpm.conf
- 子配置文件路径:/usr/local/php-fpm/etc/php-fpm.d/*.conf,全部以.conf结尾的配置文件都为子配置文件
- 子配置文件会覆盖主配置文件。
- pid文件
[global] ; Pid file ## pid文件 ; Note: the default prefix is /usr/local/php-fpm/var ## pid文件默认路径 ; Default Value: none ;pid = run/php-fpm.pid ## 设置pid文件位置
-
错误日志文件php
; Error log file ; If it's set to "syslog", log is sent to syslogd instead of being written ## 若是设置为syslog,log就会发送给syslogd服务而不会写进文件里。 ; into a local file. ; Note: the default prefix is /usr/local/php-fpm/var ## 错误日志默认存放路径 ; Default Value: log/php-fpm.log ;error_log = log/php-fpm.log ##错误日志位置
-
日志级别html
日志级别 ; Log level ## 日志级别包括下一行这些 ; Possible Values: alert, error, warning, notice, debug ; Default Value: notice ;log_level = notice ## 默认日志级别是notice
php.ini
- 配置文件路径:/usr/local/php-fpm/etc/php.ini
- 两种方式查看php.ini文件的位置
①使用phpinfo的方式查看,在一个站点路径下写一个phpinfo.php的文件mysql
vi /data/wwwroot/xx.xx.com/phpinfo.php <?php phpinfo(); ?>
注意:在浏览器中访问该页面,不但能够找到php.ini的位置,还能够看到PHP的编译参数。不建议在生产环境中使用。linux
②生产环境中可使用以下命令查看php.ini的位置nginx
/usr/local/php-fpm/bin/php -i |head
- php.ini是PHP运行的核心配置文件
- php.ini配置文件很长,差很少2000行
php.ini两点注意事项 ****避免PHP的信息暴露在http的访问界面**** expose_php = off ****避免将错误信息暴露在http的访问界面**** display_errors = off php-fpm.conf配置要点 ****在关闭display_errors后,为了方便排障,开启PHP错误日志**** log_errors = on
www.conf
pool 名字: [www] 能够自定义,启动后,ps aux |grep php-fpm 看最右侧,就是pool的名字 listen 指定监听的IP:port或者socket地址 这个地址须要和nginx配置文件里面的那个fastcgi_pass所制定的地址一致,不然就会502 若是监听的是socket文件,那么要保证nginx服务用户(nginx)对该socket文件有读写权限,不然502 listen.mode 指定socket文件的权限 pm = dynamic 动态模式 pm.max_children = 5 最大进程数 pm.start_servers = 2 启动几个子进程 pm.min_spare_servers = 1 空闲时,最少不能少于几个子进程 pm.max_spare_servers = 3 空闲时,最多不能多于几个子进程 php_flag[display_errors] = off php_admin_value[error_log] = /var/log/fpm-php.www.log php_admin_flag[log_errors] = on php_admin_value[error_reporting] = E_ALL
配置slow 日志sql
slowlog = /tmp/php.slow
request_slowlog_timeout = 1
配置open_basedirvim
php_admin_value[open_basedir] = /data/wwwroot/blog.aminglinux.cc:/tmp
配置多个poolapi
定义多个配置文件,在配置文件中指定不一样的listen地址 不一样的 [pool_name] [blog] user = php-fpm group = php-fpm listen = /tmp/blog.socket listen.mode = 0666 pm = dynamic pm.max_children = 5 pm.start_servers = 2 pm.min_spare_servers = 1 pm.max_spare_servers = 3 slowlog = /tmp/php.slow request_slowlog_timeout = 1 php_flag[display_errors] = off php_admin_value[error_log] = /var/log/fpm-php.www.log php_admin_flag[log_errors] = on php_admin_value[error_reporting] = E_ALL php_admin_value[open_basedir] = /data/wwwroot/blog.aminglinux.cc:/tmp [bbs] user = php-fpm group = php-fpm listen = /tmp/bbs.socket listen.mode = 0666 pm = dynamic pm.max_children = 5 pm.start_servers = 2 pm.min_spare_servers = 1 pm.max_spare_servers = 3 slowlog = /tmp/php.slow request_slowlog_timeout = 1 php_flag[display_errors] = on php_admin_value[error_log] = /var/log/fpm-php.www.log php_admin_flag[log_errors] = on php_admin_value[error_reporting] = E_ALL php_admin_value[open_basedir] = /data/wwwroot/bbs.aminglinux.cc:/tmp
查看php.ini路径:浏览器
1) /usr/local/php-fpm/bin/php -i |head 2)用phpinfo
补充:安全
curl -k -H "host:bbs.aminglinux.cc" https://127.0.0.1/phpinfo.php
参考代码
php-fpm配置
[root@test01 conf.d]# vi bbs.champin.top.conf 把php端口改为9001
[root@test01 conf.d]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@test01 conf.d]# nginx -s reload
用浏览器打开bbs.champin.top 会显示502
[root@test01 conf.d]# !vi
vi bbs.champin.top.conf
[1]+ 已中止 vi bbs.champin.top.conf
[root@test01 conf.d]# tail /var/log/nginx/error.log 看nginx的错误日志也能够看出来。
2019/02/25 18:01:44 [error] 4899#4899: *138 access forbidden by rule, client: 192.168.28.1, server: www.aaa.com, request: "GET /static/image/common/qmenu.png HTTP/1.1", host: "bbs.champin.top"
2019/02/25 18:01:44 [error] 4899#4899: *137 access forbidden by rule, client: 192.168.28.1, server: www.aaa.com, request: "GET /static/image/common/nv_a.png HTTP/1.1", host: "bbs.champin.top"
2019/02/25 18:01:44 [error] 4899#4899: *141 access forbidden by rule, client: 192.168.28.1, server: www.aaa.com, request: "GET /static/image/common/search.png HTTP/1.1", host: "bbs.champin.top"
2019/02/25 18:01:44 [error] 4899#4899: *141 access forbidden by rule, client: 192.168.28.1, server: www.aaa.com, request: "GET /static/image/common/pt_item.png HTTP/1.1", host: "bbs.champin.top"
2019/02/25 18:01:44 [error] 4899#4899: *137 access forbidden by rule, client: 192.168.28.1, server: www.aaa.com, request: "GET /static/image/common/chart.png HTTP/1.1", host: "bbs.champin.top"
2019/02/25 18:01:44 [error] 4899#4899: *138 access forbidden by rule, client: 192.168.28.1, server: www.aaa.com, request: "GET /static/image/common/titlebg.png HTTP/1.1", host: "bbs.champin.top"
2019/02/25 18:01:45 [error] 4899#4899: *138 access forbidden by rule, client: 192.168.28.1, server: www.aaa.com, request: "GET /static/image/common/scrolltop.png HTTP/1.1", host: "bbs.champin.top"
2019/02/25 20:42:18 [notice] 5138#5138: signal process started
2019/02/25 20:42:55 [error] 5139#5139: *142 access forbidden by rule, client: 192.168.28.1, server: www.aaa.com, request: "GET / HTTP/1.1", host: "bbs.champin.top"
2019/02/25 20:43:09 [error] 5139#5139: *149 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.28.1, server: bbs.champin.top, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9001", host: "bbs.champin.top"
[root@test01 conf.d]# cd /usr/local/php-fpm/etc/
[root@test01 etc]# ls
pear.conf php-fpm.conf php-fpm.conf.default php-fpm.d php.ini
[root@test01 etc]# vi php-fpm.conf查看一下
[root@test01 etc]# cd php-fpm.d/
[root@test01 php-fpm.d]# ls
www.conf www.conf.default
[root@test01 php-fpm.d]# vi www.conf
[1]+ 已中止 vi www.conf
[root@test01 php-fpm.d]# ps aux |grep php-fpm
root 1106 0.0 0.6 230772 6200 ? Ss 07:06 0:02 php-fpm: master process (/usr/local/php-fpm/etc/php-fpm.conf)
php-fpm 1116 0.0 1.5 248088 15612 ? S 07:06 0:02 php-fpm: pool www
php-fpm 1117 0.0 1.8 331084 18788 ? S 07:06 0:03 php-fpm: pool www
root 5153 0.0 0.0 112728 976 pts/1 R+ 20:50 0:00 grep --color=auto php-fpm
[root@test01 php-fpm.d]# fg
vi www.conf
;listen = 127.0.0.1:9000 改为这个样子
listen = /tmp/www.socket
[root@test01 php-fpm.d]# /usr/local/php-fpm/sbin/php-fpm -t
[25-Feb-2019 20:54:57] NOTICE: configuration file /usr/local/php-fpm/etc/php-fpm.conf test is successful
[root@test01 php-fpm.d]# /etc/init.d/php-fpm reload
Reload service php-fpm done
[root@test01 php-fpm.d]# ls /tmp/www.socket 看看有没有这样一个粉红色的文件
/tmp/www.socket
[root@test01 php-fpm.d]# vi /etc/nginx/conf.d/bbs.champin.top.conf 在nginx配置使用这个socket文件
location ~ \.php$ {
root /data/wwwroot/bbs.champin.top;
# fastcgi_pass 127.0.0.1:9001; 这两行修改一下
fastcgi_pass unix:/tmp/www.socket;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/wwwroot/bbs.champin.top$fastcgi_script_name;
include fastcgi_params;
}
[root@test01 php-fpm.d]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@test01 php-fpm.d]# nginx -reload
用浏览器刷新HTTPS://bbs.champin.top仍是502
[root@test01 php-fpm.d]# !tail 看一看nginx的错误日志
tail /var/log/nginx/error.log
2019/02/25 18:01:44 [error] 4899#4899: *137 access forbidden by rule, client: 192.168.28.1, server: www.aaa.com, request: "GET /static/image/common/chart.png HTTP/1.1", host: "bbs.champin.top"
2019/02/25 18:01:44 [error] 4899#4899: *138 access forbidden by rule, client: 192.168.28.1, server: www.aaa.com, request: "GET /static/image/common/titlebg.png HTTP/1.1", host: "bbs.champin.top"
2019/02/25 18:01:45 [error] 4899#4899: *138 access forbidden by rule, client: 192.168.28.1, server: www.aaa.com, request: "GET /static/image/common/scrolltop.png HTTP/1.1", host: "bbs.champin.top"
2019/02/25 20:42:18 [notice] 5138#5138: signal process started
2019/02/25 20:42:55 [error] 5139#5139: *142 access forbidden by rule, client: 192.168.28.1, server: www.aaa.com, request: "GET / HTTP/1.1", host: "bbs.champin.top"
2019/02/25 20:43:09 [error] 5139#5139: *149 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.28.1, server: bbs.champin.top, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9001", host: "bbs.champin.top"
2019/02/25 20:47:02 [notice] 5145#5145: signal process started
2019/02/25 20:54:20 [notice] 5158#5158: signal process started
2019/02/25 21:03:57 [notice] 5187#5187: signal process started
2019/02/25 21:04:06 [crit] 5188#5188: *154 connect() to unix:/tmp/www.socket failed (13: Permission denied) while connecting to upstream, client: 192.168.28.1, server: bbs.champin.top, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/tmp/www.socket:", host: "bbs.champin.top"
Permission denied 日志里有这类的,多半是权限不到位等
[root@test01 php-fpm.d]# ls -l /tmp/www.socket
srw-rw----. 1 root root 0 2月 25 20:55 /tmp/www.socket
[root@test01 php-fpm.d]# vi www.conf
listen.mode = 0666 定义一下权限改为0666
[root@test01 php-fpm.d]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@test01 php-fpm.d]# /usr/local/php-fpm/sbin/php-fpm -t
[25-Feb-2019 21:12:54] NOTICE: configuration file /usr/local/php-fpm/etc/php-fpm.conf test is successful
[root@test01 php-fpm.d]# nginx -s reload
[root@test01 php-fpm.d]# /etc/init.d/php-fpm reload
Reload service php-fpm done
reload 不行,须要重启一下,它会先删除掉tmp下的socket在生成
[root@test01 php-fpm.d]# /etc/init.d/php-fpm reload
Reload service php-fpm done
[root@test01 php-fpm.d]# /etc/init.d/php-fpm restart
Gracefully shutting down php-fpm . done
Starting php-fpm done
[root@test01 php-fpm.d]# vim www.conf 演示一下
php_flag[display_errors] = on 去掉分号,off改为on
[root@test01 php-fpm.d]# /etc/init.d/php-fpm restart
Gracefully shutting down php-fpm . done
Starting php-fpm done
[root@test01 php-fpm.d]# vi /data/wwwroot/bbs.champin.top/forum.php 写入错误的代码
用浏览器打开论坛会直接显示第几行代码出错
正确作法。
php_flag[display_errors] = off
php_admin_value[error_log] = /var/log/fpm-php.www.log 打开错误日志
php_admin_flag[log_errors] = on
php_admin_value[error_reporting] = E_ALL
[root@test01 php-fpm.d]# /etc/init.d/php-fpm restart
Gracefully shutting down php-fpm . done
Starting php-fpm done
[root@test01 php-fpm.d]# touch /var/log/fpm-php.www.log
[root@test01 php-fpm.d]# chmod 777 !$
chmod 777 /var/log/fpm-php.www.log
[root@test01 php-fpm.d]# cat /var/log/fpm-php.www.log
[25-Feb-2019 13:50:51 UTC] PHP Parse error: syntax error, unexpected 'define' (T_STRING) in /data/wwwroot/bbs.champin.top/forum.php on line 11
[25-Feb-2019 13:50:52 UTC] PHP Parse error: syntax error, unexpected 'define' (T_STRING) in /data/wwwroot/bbs.champin.top/forum.php on line 11
[25-Feb-2019 13:50:52 UTC] PHP Parse error: syntax error, unexpected 'define' (T_STRING) in /data/wwwroot/bbs.champin.top/forum.php on line 11
[25-Feb-2019 13:50:52 UTC] PHP Parse error: syntax error, unexpected 'define' (T_STRING) in /data/wwwroot/bbs.champin.top/forum.php on line 11
[25-Feb-2019 13:50:53 UTC] PHP Parse error: syntax error, unexpected 'define' (T_STRING) in /data/wwwroot/bbs.champin.top/forum.php on line 11
[25-Feb-2019 13:50:53 UTC] PHP Parse error: syntax error, unexpected 'define' (T_STRING) in /data/wwwroot/bbs.champin.top/forum.php on line 11 错误日志就能显示出哪里出错了
php.ini
[root@test01 php-fpm.d]# ls /usr/local/php-fpm/etc/ php.ini路径
pear.conf php-fpm.conf php-fpm.conf.default php-fpm.d php.ini
[root@test01 php-fpm.d]# /usr/local/php-fpm/bin/php -i |head 若是不知道路径能够这么查看
phpinfo()
PHP Version => 7.3.1
System => Linux test01 3.10.0-514.el7.x86_64 #1 SMP Tue Nov 22 16:42:41 UTC 2016 x86_64
Build Date => Jan 26 2019 00:40:10
Configure Command => './configure' '--prefix=/usr/local/php-fpm' '--with-config-file-path=/usr/local/php-fpm/etc' '--enable-fpm' '--with-fpm-user=php-fpm' '--with-fpm-group=php-fpm' '--with-mysql=/usr/local/mysql5.7' '--with-mysqli=/usr/local/mysql5.7/bin/mysql_config' '--with-pdo-mysql=/usr/local/mysql5.7' '--with-mysql-sock=/tmp/mysql.sock' '--with-libxml-dir' '--with-gd' '--with-jpeg-dir' '--with-png-dir' '--with-freetype-dir' '--with-iconv-dir' '--with-zlib-dir' '--with-mcrypt' '--enable-soap' '--enable-gd-native-ttf' '--enable-ftp' '--enable-mbstring' '--enable-exif' '--with-pear' '--with-curl' '--with-openssl'
Server API => Command Line Interface
Virtual Directory Support => disabled
Configuration File (php.ini) Path => /usr/local/php-fpm/etc
Loaded Configuration File => /usr/local/php-fpm/etc/php.ini
还有如下一种方法能够,也能够用来测试php能不能解析,用浏览器访问
[root@test01 php-fpm.d]# ls /data/wwwroot/bbs.champin.top/
admin.php archiver crossdomain.xml forum.php index.php member.php portal.php source uc_client
api config data group.php install misc.php robots.txt static uc_server
api.php connect.php favicon.ico home.php m plugin.php search.php template
[root@test01 php-fpm.d]# vim /data/wwwroot/bbs.champin.top/phpinfo.php
<?php
phpinfo();
?>
能够用浏览器打开 bbs.champin.top/phpinfo.php的页面,能够查看到版本,路径,配置参数等,能够拿这个测试能不能解析,可是比较的危险,若是被黑客看到。配置信息尽收眼底
能够禁用掉
[root@test01 php-fpm.d]# vim /usr/local/php-fpm/etc/php.ini
找到disable_functions
disable_functions = phpinfo
[root@test01 php-fpm.d]# /etc/init.d/php-fpm reload 从新启动一下或者加载一下。
Reload service php-fpm done
从新刷新一下phpinfo.php页面就打不开了。
[root@test01 php-fpm.d]# tail /var/log/fpm-php.www.log 看错误日志是有记录的
[25-Feb-2019 14:56:53 UTC] PHP Warning: phpinfo() has been disabled for security reasons in /data/wwwroot/bbs.champin.top/phpinfo.php on line 2
[25-Feb-2019 14:56:56 UTC] PHP Warning: phpinfo() has been disabled for security reasons in /data/wwwroot/bbs.champin.top/phpinfo.php on line 2
[25-Feb-2019 14:57:02 UTC] PHP Warning: phpinfo() has been disabled for security reasons in /data/wwwroot/bbs.champin.top/phpinfo.php on line 2
[25-Feb-2019 14:58:19 UTC] PHP Warning: phpinfo() has been disabled for security reasons in /data/wwwroot/bbs.champin.top/phpinfo.php on line 2
[root@test01 php-fpm.d]# vim www.conf
php_flag[display_errors] = on 把显示错误日志打开,调式看看
[root@test01 php-fpm.d]# /etc/init.d/php-fpm reload
Reload service php-fpm done
[root@test01 php-fpm.d]# !curl
curl -k -H "host:bbs.champin.top" https://127.0.0.1/phpinfo.php -I 用curl 200 浏览器打开白页
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Mon, 25 Feb 2019 15:04:42 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/7.3.1
[root@test01 php-fpm.d]# curl -k -H "host:bbs.champin.top" https://127.0.0.1/phpinfo.php 加上I就显示200.不加就会显示出错误信息。
<br />
<b>Warning</b>: phpinfo() has been disabled for security reasons in <b>/data/wwwroot/bbs.champin.top/phpinfo.php</b> on line <b>2</b><br />
[root@test01 php-fpm.d]# vim www.conf 先改为on
[root@test01 php-fpm.d]# /etc/init.d/php-fpm reload
Reload service php-fpm done
[root@test01 php-fpm.d]# vim www.conf
[root@test01 php-fpm.d]# /etc/init.d/php-fpm reload
Reload service php-fpm done
配置slow日志(针对php-fpm)
[root@test01 php-fpm.d]# vim www.conf
slowlog = /tmp/php.slow 这个用来定义php脚本执行慢的日志路径(正常生产环境中不该放在tmp下。)
request_slowlog_timeout = 1 这个用来定义超时时间 2秒为佳
[root@test01 php-fpm.d]# /etc/init.d/php-fpm reload
Reload service php-fpm done
[root@test01 php-fpm.d]# vim /usr/local/php-fpm/etc/php.ini 先打开phpinfo
disable_functions =
[root@test01 php-fpm.d]# /etc/init.d/php-fpm reload 再次重载
Reload service php-fpm done
[root@test01 php-fpm.d]# cd /data/wwwroot/bbs.champin.top/
[root@test01 bbs.champin.top]# ls
admin.php config favicon.ico index.php misc.php robots.txt template
api connect.php forum.php install phpinfo.php search.php uc_client
api.php crossdomain.xml group.php m plugin.php source uc_server
archiver data home.php member.php portal.php static
[root@test01 bbs.champin.top]# vi phpinfo.php
<?php
phpinfo();
sleep (2);
echo 11112;
?>
[root@test01 bbs.champin.top]# !curl 实际会停顿2秒钟。可能感受不明显
curl -k -H "host:bbs.champin.top" https://127.0.0.1/phpinfo.php
[root@test01 bbs.champin.top]# cat /tmp/php.slow 再去看slow日志
[25-Feb-2019 23:22:31] [pool www] pid 5392
script_filename = /data/wwwroot/bbs.champin.top/phpinfo.php
[0x00007fbd9f4200a0] sleep() /data/wwwroot/bbs.champin.top/phpinfo.php:3
[root@test01 bbs.champin.top]# vi phpinfo.php
<?php
echo 1;
sleep (5);
echo 11112;
?>
[root@test01 bbs.champin.top]# !curl 停顿了5秒才显示出来
curl -k -H "host:bbs.champin.top" https://127.0.0.1/phpinfo.php
11112[root@test01 bbs.champin.top]#
[root@test01 bbs.champin.top]# !cat
cat /tmp/php.slow
[25-Feb-2019 23:22:31] [pool www] pid 5392
script_filename = /data/wwwroot/bbs.champin.top/phpinfo.php
[0x00007fbd9f4200a0] sleep() /data/wwwroot/bbs.champin.top/phpinfo.php:3
[25-Feb-2019 23:31:14] [pool www] pid 5393
script_filename = /data/wwwroot/bbs.champin.top/phpinfo.php
[0x00007fbd9f4200a0] sleep() /data/wwwroot/bbs.champin.top/phpinfo.php:3 会显示那个脚本的哪一行执行的慢
[root@test01 bbs.champin.top]# date
2019年 02月 25日 星期一 23:32:44 CST
[root@test01 bbs.champin.top]# rm -rvf phpinfo.php 测试机上能够用,生产环境中坚定避免使用phpinfo
已删除"phpinfo.php"
[root@test01 bbs.champin.top]# vim forum.php 中间增长sleep (10);
sleep (10);
用浏览器打开http://bbs.champin.top/forum.php,会等待10秒才会打开,日常用户打开网页也会出现这种状况,当出现这种状况时,排查就要借助slowlog用这种方法去排查
[root@test01 bbs.champin.top]# !cat 再看一下日志,我刷新了两次,因此记录的两条慢日志
cat /tmp/php.slow
[25-Feb-2019 23:22:31] [pool www] pid 5392
script_filename = /data/wwwroot/bbs.champin.top/phpinfo.php
[0x00007fbd9f4200a0] sleep() /data/wwwroot/bbs.champin.top/phpinfo.php:3
[25-Feb-2019 23:31:14] [pool www] pid 5393
script_filename = /data/wwwroot/bbs.champin.top/phpinfo.php
[0x00007fbd9f4200a0] sleep() /data/wwwroot/bbs.champin.top/phpinfo.php:3
[25-Feb-2019 23:37:41] [pool www] pid 5392
script_filename = /data/wwwroot/bbs.champin.top/forum.php
[0x00007fbd9f41d420] sleep() /data/wwwroot/bbs.champin.top/forum.php:22
[25-Feb-2019 23:37:49] [pool www] pid 5393
script_filename = /data/wwwroot/bbs.champin.top/forum.php
[0x00007fbd9f41d420] sleep() /data/wwwroot/bbs.champin.top/forum.php:22
[root@test01 bbs.champin.top]# !vi 去掉sleep (10);
vim forum.php
配置open_basedir
[root@test01 bbs.champin.top]# vim /usr/local/php-fpm/etc/php.ini
open_basedir = /home:/root
[root@test01 bbs.champin.top]# /etc/init.d/php-fpm reload
Reload service php-fpm done
用浏览器访问https://bbs.champin.top 出现No input file specified.
先看看错误日志
[root@test01 bbs.champin.top]# tail /var/log/fpm-php.www.log
[25-Feb-2019 14:56:56 UTC] PHP Warning: phpinfo() has been disabled for security reasons in /data/wwwroot/bbs.champin.top/phpinfo.php on line 2
[25-Feb-2019 14:57:02 UTC] PHP Warning: phpinfo() has been disabled for security reasons in /data/wwwroot/bbs.champin.top/phpinfo.php on line 2
[25-Feb-2019 14:58:19 UTC] PHP Warning: phpinfo() has been disabled for security reasons in /data/wwwroot/bbs.champin.top/phpinfo.php on line 2
[25-Feb-2019 15:01:58 UTC] PHP Warning: phpinfo() has been disabled for security reasons in /data/wwwroot/bbs.champin.top/phpinfo.php on line 2
[25-Feb-2019 15:04:42 UTC] PHP Warning: phpinfo() has been disabled for security reasons in /data/wwwroot/bbs.champin.top/phpinfo.php on line 2
[25-Feb-2019 15:04:55 UTC] PHP Warning: phpinfo() has been disabled for security reasons in /data/wwwroot/bbs.champin.top/phpinfo.php on line 2
[25-Feb-2019 15:05:01 UTC] PHP Warning: phpinfo() has been disabled for security reasons in /data/wwwroot/bbs.champin.top/phpinfo.php on line 2
[25-Feb-2019 15:31:13 UTC] PHP Warning: Use of undefined constant echo1 - assumed 'echo1' (this will throw an Error in a future version of PHP) in /data/wwwroot/bbs.champin.top/phpinfo.php on line 2
在这
[25-Feb-2019 15:56:44 UTC] PHP Warning: Unknown: open_basedir restriction in effect. File(/data/wwwroot/bbs.champin.top/forum.php) is not within the allowed path(s): (/home:/root) in Unknown on line 0
[25-Feb-2019 15:56:44 UTC] PHP Warning: Unknown: failed to open stream: Operation not permitted in Unknown on line 0
[root@test01 bbs.champin.top]# vim /usr/local/php-fpm/etc/php.ini
open_basedir = /data/wwwroot/bbs.champin.top:/tmp
[root@test01 bbs.champin.top]# /etc/init.d/php-fpm reload
Reload service php-fpm done
如今用浏览器访问https://bbs.champin.top 能够打开了。但访问www.champin.top就502了
先解决一下www.champin.top的502问题
[root@test01 bbs.champin.top]# vi /etc/nginx/conf.d/www.champin.top.conf
location ~ \.php$ {
root /data/wwwroot/www.champin.top;
#fastcgi_pass 127.0.0.1:9001;
fastcgi_pass unix:/tmp/www.socket;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/wwwroot/www.champin.top$fastcgi_script_name;
include fastcgi_params;
}
用浏览器访问www.champin.top 也是是出现No input file specified 由于openbesedir没定义www.champin.top的路径
能够在php.ini中 open_basedir里混合定义这两个网站的路径,这样若是其中一个网站被攻击,那么两个网站都会有安全风险。
另一种方法就是不在php.ini的open_basedir中定义,到php-fpm里面去定义
[root@test01 bbs.champin.top]# vim /usr/local/php-fpm/etc/php.ini
open_basedir = 取消
[root@test01 bbs.champin.top]# cd /usr/local/php-fpm/etc/php-fpm.d/
[root@test01 php-fpm.d]# vim www.conf
[root@test01 php-fpm.d]# vim www.conf
先定义好一个
php_admin_value[open_basedir] = /data/wwwroot/bbs.champin.top:/tmp
[root@test01 php-fpm.d]# grep -v '^;' www.conf |grep -v '^$'
[www]
user = php-fpm
group = php-fpm
listen = /tmp/www.socket
listen.mode = 0666
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
slowlog = /tmp/php.slow
request_slowlog_timeout = 1
php_flag[display_errors] = off
php_admin_value[error_log] = /var/log/fpm-php.www.log
php_admin_flag[log_errors] = on
php_admin_value[error_reporting] = E_ALL
php_admin_value[open_basedir] = /data/wwwroot/bbs.champin.top:/tmp
[root@test01 php-fpm.d]# vi blog.conf
[blog]
user = php-fpm
group = php-fpm
listen = /tmp/blog.socket
listen.mode = 0666
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
slowlog = /tmp/php.slow
request_slowlog_timeout = 1
php_flag[display_errors] = off
php_admin_value[error_log] = /var/log/fpm-php.www.log
php_admin_flag[log_errors] = on
php_admin_value[error_reporting] = E_ALL
php_admin_value[open_basedir] = /data/wwwroot/www.champin.top:/tmp
[root@test01 php-fpm.d]# mv www.conf bbs.conf 为了更好的区分pool,改为bbs。pool的名字也改为bbs
[root@test01 php-fpm.d]# vi bbs.conf
[www]改为[bbs]
[root@test01 php-fpm.d]# /usr/local/php-fpm/sbin/php-fpm -t
[26-Feb-2019 00:28:05] NOTICE: configuration file /usr/local/php-fpm/etc/php-fpm.conf test is successful
[root@test01 php-fpm.d]# /etc/init.d/php-fpm restart
Gracefully shutting down php-fpm . done
Starting php-fpm done
[root@test01 php-fpm.d]# ls /tmp/ 多了一个blog.socket文件
blog.socket systemd-private-4dd844f49c7d42aaa3d0ecd231f21905-vmtoolsd.service-wBwXw9
html systemd-private-844c61e19fa44725ac7e2901678bb6b6-vmtoolsd.service-fqEuo8
inittab.txt systemd-private-f76438af452340deb845a63bbbbbba43-vmtoolsd.service-UA99YA
mysql.sock www.socket
passwd.txt yum_save_tx.2019-02-14.23-03.I5mpYO.yumtx
php.slow
[root@test01 php-fpm.d]# vi /etc/nginx/conf.d/www.champin.top.conf 改为bbs.socket
listen = /tmp/bbs.socket
[root@test01 php-fpm.d]# vi /etc/nginx/conf.d/bbs.champin.top.conf 这里也要改为bbs.socket
fastcgi_pass unix:/tmp/bbs.socket;
[root@test01 php-fpm.d]# vi /etc/nginx/conf.d/www.champin.top.conf 这里也要改为blog.socket
fastcgi_pass unix:/tmp/blog.socket;
[root@test01 php-fpm.d]# ps aux |grep php-fpm 一个pool一个站点。独立开来
root 5492 0.0 0.6 230780 6332 ? Ss 00:28 0:00 php-fpm: master process (/usr/local/php-fp/etc/php-fpm.conf)
php-fpm 5493 0.0 0.7 230772 7028 ? S 00:28 0:00 php-fpm: pool bbs
php-fpm 5494 0.0 0.7 230772 7028 ? S 00:28 0:00 php-fpm: pool bbs
php-fpm 5495 0.0 0.6 230772 6320 ? S 00:28 0:00 php-fpm: pool blog
php-fpm 5496 0.0 0.6 230772 6320 ? S 00:28 0:00 php-fpm: pool blog
root 5509 0.0 0.0 112728 976 pts/1 R+ 00:37 0:00 grep --color=auto php-fpm
[root@test01 php-fpm.d]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@test01 php-fpm.d]# nginx -s reload
[root@test01 php-fpm.d]# /etc/init.d/php-fpm reload
Reload service php-fpm done
相关文章
- 1. php配置文件详解
- 2. redis配置文件详解
- 3. PHP配置文件详解
- 4. Mybatis配置文件详解
- 5. rsyslog配置文件详解
- 6. Hibernate配置文件详解
- 7. hibernate配置文件详解
- 8. redis.config配置文件详解
- 9. log4j.properties配置文件详解
- 10. nginx配置文件详解
- 更多相关文章...
- • MyBatis配置文件详解 - MyBatis教程
- • *.hbm.xml映射文件详解 - Hibernate教程
- • IDEA下SpringBoot工程配置文件没有提示
- • SpringBoot中properties文件不能自动提示解决方法
相关标签/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
欢迎关注本站公众号,获取更多信息
相关文章
- 1. php配置文件详解
- 2. redis配置文件详解
- 3. PHP配置文件详解
- 4. Mybatis配置文件详解
- 5. rsyslog配置文件详解
- 6. Hibernate配置文件详解
- 7. hibernate配置文件详解
- 8. redis.config配置文件详解
- 9. log4j.properties配置文件详解
- 10. nginx配置文件详解