Home > php教程 > PHP开发 > lamp architecture

lamp architecture

高洛峰
Release: 2016-12-01 13:41:37
Original
1541 people have browsed it

1. Apache process mode description

In Linux, we can use httpd-l to check whether the installed module is prefork mode or worker mode

[root@LAMP ~]# /usl/local/apache/bin/apachectl -l |egrep "worker|prefoker"

worker.c

[root@LAMP ~]#

or

[root@LAMP ~]# /usr/local/apache/bin/apachectl -l |sed -n ' /worker|prefork/p'

worker.c

[root@LAMP ~]#

prefork mode (default)

Prefork uses multiple child processes, and each child process has only one thread. Each process Only one connection can be maintained at a certain time.

Working principle:

The control process initially establishes several sub-processes. In order not to regenerate sub-processes when requests come, new sub-processes must be continuously created according to demand. The maximum can reach 32 per second until the demand is met.

Worker mode (default)

Worker mode is a newly introduced mode in Apache2.x. It is a combination of threads and processes. In worker mode, there will be multiple child processes, and each child process will have multiple threads. Each thread can only maintain one connection at a certain time.

Working principle:

Several sub-processes are generated by the main control process, and each sub-process contains a fixed number of threads. Each thread processes the request independently. In order not to generate another thread when the request comes, it is set in the configuration file. The minimum and maximum number of idle threads and the total number of threads in all child processes. If the total number of threads in the existing child processes cannot meet the concurrent load, the control process will spawn a new child process.

Installation method:

During the configuration and compilation process, add the parameter --with-mpm=worker. If not added, the system will adopt the default prefork mode.

Advantages: The memory usage is lower than the prefork mode, suitable for high concurrency. Traffic HTTPD service

Disadvantages: If a thread crashes, the entire process will "die" along with any of its threads. Since threads share memory space, a program must be recognized by the system as "per-thread safe" when it is running. Service stability is not as good as prefork mode.

Event mode: Under a very busy server, the above two servers are a bit overwhelmed. Based on the worker, it separates the service process from the connection. When the server processing speed is very fast and the click rate is very high, the number of available threads is the key resource limit. At this time, the Event MPM method is the most effective

1.prefork:

StartServers 5 questsPerChild 0 #process The maximum number of requests processed, 0 is unlimited, you can set it larger without recycling

2.worker:

StartServers 2 #Number of starting processes

MaxClients 150 # Maximum processing requests sMINSPAREADS 25 #minimum free thread number

Maxsparethreads 75 #maximum free thread number

ThreadsperChild 25 #How many threads can be generated for each process, the maximum of 20,000, the performance is closely related to

MaxrequestSperchild 0 # Thread processing The maximum number of requests, 0 unlimited

The total number of requests that can be processed simultaneously in worker mode is determined by the total number of child processes multiplied by the Threadsperchild value, which should be greater than or equal to maxclients. If the load is very large and the number of existing child processes cannot be satisfied, the control process will spawn new child processes.

Tip: The default maximum total number of child processes is 16. If you need to increase it, you need to clearly declare the value of serverlimit (the maximum value is 20000)

Check the number of concurrent connections under Apache's worker:

[root@LAMP ~ ]# pstree -a|grep httpd|wc -l

84

[root@LAMP ~]#

3.event will not be studied

2. Test analysis

Key points:

1, apachectl - M Check whether libphp5.so is loaded

2. Whether AddType Application/x-httpd-php .php is written correctly in httpd.conf

3. PHP code format must be written correctly

4. selinux must be turned off

5. deny was not changed to allow 2.4 denied granted

6. No host was added

2. Configure the first virtual host

Delete the warning sign in front of this line in httpd.conf

#Include conf/extra/httpd-vhosts. conf

vim /usr/local/apache2/con5. Configure user authentication for a virtual host

http://www.lishiming.net/thread-554-1-1.htmlf/extra/httpd-vhosts.conf

2. Web anti-hotlink technology

To put it simply, some illegal websites illegally call the resources of other websites without permission in their own website programs, and then display these called resources on their own websites to achieve the effect of filling the display of their own websites. However, the network traffic of calling resource websites is wasted, causing the bandwidth and service pressure of other websites to be tight, or even downtime.

Solutions for website hotlinking:

1. Implement hotlink prevention based on http referer

In the HTTP protocol, there is a header field called referer, which uses URL format to indicate where the resource linked to the current web page comes from. , through the referer, the source web page visited by the target can be detected. If it is a resource file, the web page address that displays it can be traced. Once it is detected that the source is not this site, it will be blocked or returned to the specified page. Currently, Apache, nginx, and lighttpd all support anti-hotlinking based on http referer

2. Processing based on cookies

3. Anti-hotlinking through encryption and transformation of access paths. lighttpd has a similar plug-in mod_secdownload

Apache web service to implement anti-hotlinking practice

ServerAdmin ucode@gmail.com

DocumentRoot "/var/html/bbs"

ServerName ucode.blog.51cto.com

ServerAlias ​​www.dummy-host.example.com

ErrorLog "logs/bbs-error_log"

CustomLog "|/usr/local/sbin/cronolog /app/logs/access_bbs_%Y%m%d.log" combined

RewriteEngine On #Turn on anti-hotlinking

RewriteCond %{HTTP_REFERER}!^http://ucode.blog.51cto.com/.*$ [NC]

RewriteCond %{HTTP_REFERER}!^http://ucode.blog.51cto.com/$ [NC]

RewriteCond %{HTTP_REFERER}!^http://ucode.blog.51cto.com/.*$ [NC]

RewriteCond %{HTTP_REFERER}!^http://ucode.blog.51cto.com$ [NC]

RewriteCond .*.(gif|jpg|swf)$ http://ucode.blog.51cto.com/img/nolink.jpg [ R,NC]

Satisfy the above bold part will return: http://ucode.blog.51cto.com/img/nolink.jpg picture

Listen 80##The default listening port is 80

PidFile /export/servers/apache2/logs/httpd.pid

LoadModule authn_file_module modules/mod_authn_file.so##Loaded module

User admin ##The general default setting is admin

Group admin ##The general default setting is admin

DocumentRoot "/export/servers/apache2/htdocs"# #Set your project file path

ServerAdmin you@example.com #When the server reports an error, return to the client and contact the administrator

ServerName localhost:80 ##Server name: port

AddType application/x-httpd -php .php allows the .php text file format to also run php programs.

1

Options FollowSymLinks

AllowOverride None

Order deny,allow

Allow from all

#Options: Configure which features are used in a specific directory, commonly used The value and basic meaning are as follows:

#ExecCGI: CGI scripts are allowed to be executed in this directory.

#FollowSymLinks: Allow file systems to use symbolic links in this directory.

#Indexes: When the user accesses the directory, if the user cannot find the homepage file specified by DirectoryIndex (such as #index.html), the file list in the directory will be returned to the user.

#SymLinksIfOwnerMatch: When using symbolic links, the symbolic link can only be accessed if its file owner is the same as the actual file owner.

Includes allows server-side includes.

IncludesNOEXEC allows server-side includes, but disables #exec commands and #exec CGI. It is still possible to #include virtual CGI scripts from the ScriptAliase directory.

For example, without any + and - symbols:

Options Indexes FollowSymLinks

Options Includes

Only Includes is set to the /web/docs/spec directory.

However, if the second Options directive uses + and - symbols:

Options Indexes FollowSymLinks

Options +Includes -Indexes

Then there will be FollowSymLinks and Includes set to the /web/docs/spec directory.

#AllowOverride: The types of directives allowed to exist in .htaccess files (the .htaccess file name can be changed, and its file name is determined by the AccessFileName directive):

#None: When AllowOverride is set to None. Do not search for .htaccess files in this directory (can reduce server overhead).

#All: All directives can be used in .htaccess files.

Order: Control which of the two access rules Allow and Deny takes precedence during access:

Allow: List of hosts allowed to access (available domain names or subnets, for example: Allow from 192.168.0.0/16).

Deny: List of hosts that are denied access.

The Apache server can perform document access control for directories. However, access control can be achieved in two ways. One is to set each directory in the setting file httpd.conf (or access.conf)

Timeout 300 ## Timeout interval for client and server connections

KeepAlive On ### Pass multiple HTTP requests in one connection

MaxKeepAliveRequests 100 ###The maximum number of HTTP requests that can be made for one connection

KeepAliveTimeout 15 ### Test the time between multiple request transmissions in a connection. If the server has completed a request but has not received the next request from the client program, the server will disconnect after the interval exceeds the value set by this parameter. .

ErrorLog logs/error_log #The storage location of the log

LogLevel warn ##Log level debug log category, there are more logs

The default format of the log is as follows:

LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined

LogFormat "%h %l %u %t "%r" %>s %b" common #common is the log format name

LogFormat "%{Referer}i -> %U" referer

LogFormat "%{User-agent}i" agent

CustomLog logs/access_log common

format The various parameters are as follows:

%h – the client’s IP address or host name

%l – The This is the RFC 1413 identity judged by the client’s identd. The symbol "-" in the output indicates that the information here is invalid.

%u – The name of the client who accessed the webpage obtained by the HTTP authentication system. It is only valid if there is authentication. The "-" symbol in the output indicates that the information here is invalid.

%t – The time when the server completed processing the request.

"%r" – The quotation marks are the request content sent by the customer which contains a lot of useful information.

%>s – This is the status code returned by the server to the client.

%b – The last item is the number of bytes returned to the client excluding response headers.

"%{Referer}i" – This item specifies which web page the request was submitted from.

"%{User-Agent}i" – This item is the browser identification information provided by the customer’s browser


Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Recommendations
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template