In small and medium-sized projects, which configurations of nginx, php-fpm, and php are commonly used and important and need attention? ? ?

I went to see their various configurations. There are too many. It is impossible to understand them all with the current elementary operation and maintenance level, so I want to ask everyone what configurations you are familiar with and need to know about, and how to configure them better. Maintain projects and improve performance.

Reply content:

I went to see their various configurations. There are too many. It is impossible to understand them all with the current elementary operation and maintenance level, so I want to ask everyone what configurations you are familiar with and need to know about, and how to configure them better. Maintain projects and improve performance.

What a big question. Let me tell you what points I personally pay attention to. Other partners are welcome to supplement and improve it. It will definitely be missed

Safety

1. nginx (user configuration item), php-fpm (user, group configuration item) and other services as well as website directory permissions, users and user groups are really important

2. In terms of PHP security, please also pay attention to disabling all system-level functions (disable_functions) if there are no project requirements

3. Do not turn on error printing in php, it is easy to expose information and be attacked

<code>display_startup_errors = Off ,display_errors = Off</code>

Performance

1. nginx process number worker_processes, maximum number of connections worker_connections

2. php-fpm performance related: pm.max_children, pm.start_servers, pm.min_spare_servers, pm.max_spare_servers, pm.max_requests

Log monitoring and analysis

1. nginx log: access_log cooperates with log_format

2. php log: log_errors

3. php-fpm records slow execution logs: slowlog cooperates with request_slowlog_timeout

I will also pay attention to the system level: iptables, /etc/sysctl.conf, etc.

Suggestions

It is best to write some scripts yourself to monitor memory, traffic, CPU, number of processes, disk space, etc. You can also use monitoring products, open source monitoring projects, etc. to reasonably control the alarm strategy.

Then regularly analyze the log files generated in the above configuration, check and understand some logs with slow response, wrong time, and slow execution, and solve some daily performance problems during operation

The configuration of php is basically the default and does not need to be changed. The main thing is that when adding Xdebug, you need to add the configuration in php.ini, such as

<code>[xdebug]
zend_extension="/Applications/MAMP/bin/php/php7.0.0/lib/php/extensions/no-debug-non-zts-20151012/xdebug.so"
xdebug.remote_enable = 1
xdebug.remote_connect_back = 1
xdebug.remote_port = 9000
xdebug.scream=0 
xdebug.cli_color=1
xdebug.show_local_vars=1</code>

Xdebug is particularly useful in the Development environment. When you need to enable OPcache in the Production environment, you need to open the OPcache configuration in php.ini, such as:

<code>[OPcache]
zend_extension="/Applications/MAMP/bin/php/php7.0.0/lib/php/extensions/no-debug-non-zts-20151012/opcache.so"
  opcache.memory_consumption=128
  opcache.interned_strings_buffer=8
  opcache.max_accelerated_files=4000
  opcache.revalidate_freq=60
  opcache.fast_shutdown=1
  opcache.enable_cli=1</code>

Regarding PHP log processing, it is recommended to use the monolog/monolog library to handle log printing.
Here we recommend Sentry, an exception handling tool, and Logentries, a log processing tool.

php-fpm:

<code>pm 系列配置</code>