1、设置linux防火墙
1)在iptables上开放80,3306,443端口
[iyunv@db ~]# vim /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
[iyunv@db ~]# service iptables restart-----重启iptables服务
2)关闭selinux防火墙
[iyunv@db ~]# vim /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded. SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
[iyunv@db ~]#setenforc 0
3)安装依赖包
[iyunv@db ~]#yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel openldap-clients openldap-servers make libtool* git tree bison pcre-devel perl gd gd-devel
4)编译安装其他软件
A:安装libiconv软件(该软件支持编码转换为函数)
[iyunv@db software]# tar xf libiconv-1.14.tar.gz
[iyunv@db libiconv-1.14]# ./configure --prefix=/usr/local
[iyunv@db libiconv-1.14]# make && make install
[iyunv@db libiconv-1.14]# echo $?
0
(显示0,表示软件编译安装成功了)
B:安装libmcrypt (加密算法扩展库,支持DES, 3DES, RIJNDAEL, Twofish, IDEA, GOST, CAST-256, ARCFOUR, SERPENT, SAFER+等算法)
[iyunv@db software]# tar xf libmcrypt-2.5.7.tar.gz
[iyunv@db software]# cd libmcrypt-2.5.7
[iyunv@db libmcrypt-2.5.7]# ./configure
[iyunv@db libmcrypt-2.5.7]# cd libltdl/
[iyunv@db libltdl]# ./configure --enable-ltdl-install
[iyunv@db libltdl]# make && make install
C: 安装mhash(mhash的可以用于创建校验数值,消息摘要,消息认证码,以及无需原文的关键信息保存)
[iyunv@db software]# tar xf mhash-0.9.9.9.tar.gz
[iyunv@db software]# cd mhash-0.9.9.9
[iyunv@db mhash-0.9.9.9]# ./configure && make && make install
D:安装mcript(mcrypt 是 php 里面重要的加密支持扩展库,Mcrypt扩展库可以实现加密解密功能,就是既能将明文加密,也可以密文还原。)