Directadmin 常见优化/限制

目录(持续更新)

安全
安装CSF防火墙
CloudLinux(lsphp) 与 CSF 冲突解决方法
性能
更换成Nginx+Apache+php-fpm架构
解决Apache假死,重启apache无效的解决方法
解决Apache长时间运行后,自动崩溃并无法启动
功能
开启共享IP允许使用SSL
 

安装CSF防火墙

wget http://www.configserver.com/free/csf.tgz
tar zxvf csf.tgz
cd csf
yum install perl-libwww-perl  perl-Time-HiRes perl iptables -y
sh install.sh
sed -i 's/TESTING = "1"/TESTING = "0"/g' /etc/csf/csf.conf
sed -i 's/ICMP_IN = "1"/ICMP_IN = "0"/g' /etc/csf/csf.conf
sed -i 's/DENY_IP_LIMIT = "100"/DENY_IP_LIMIT = "500"/g' /etc/csf/csf.conf
sed -i 's/DENY_TEMP_IP_LIMIT = "100"/DENY_TEMP_IP_LIMIT = "500"/g' /etc/csf/csf.conf
perl /etc/csf/csftest.pl

wget http://www.configserver.com/free/csf.tgz
tar zxvf csf.tgz
cd csf
yum install perl-libwww-perl  perl-Time-HiRes perl iptables -y
sh install.sh
sed -i 's/TESTING = "1"/TESTING = "0"/g' /etc/csf/csf.conf
sed -i 's/ICMP_IN = "1"/ICMP_IN = "0"/g' /etc/csf/csf.conf
sed -i 's/DENY_IP_LIMIT = "100"/DENY_IP_LIMIT = "500"/g' /etc/csf/csf.conf
sed -i 's/DENY_TEMP_IP_LIMIT = "100"/DENY_TEMP_IP_LIMIT = "500"/g' /etc/csf/csf.conf
perl /etc/csf/csftest.pl
 

CloudLinux(lsphp) 与 CSF 冲突解决方法

csf -x
echo "exe:/usr/local/bin/lsphp">>/etc/csf/csf.pignore
echo "pexe:/opt/alt/php.*/usr/bin/lsphp">>/etc/csf/csf.pignore
csf -e

csf -x
echo "exe:/usr/local/bin/lsphp">>/etc/csf/csf.pignore
echo "pexe:/opt/alt/php.*/usr/bin/lsphp">>/etc/csf/csf.pignore
csf -e
更换成Nginx+Apache+php-fpm架构
 

cd /usr/local/directadmin/custombuild
./build set webserver nginx_apche
./build set php1_mode php-fpm
./build set php1_release 5.4
./build set php2_mode no
./build set zend yes
./build set ioncube yes
./build set mod_ruid2 no
./build all #时间可能有点略长
./build rewrite_confs
./build secure_php

cd /usr/local/directadmin/custombuild
./build set webserver nginx_apche
./build set php1_mode php-fpm
./build set php1_release 5.4
./build set php2_mode no
./build set zend yes
./build set ioncube yes
./build set mod_ruid2 no
./build all #时间可能有点略长
./build rewrite_confs
./build secure_php
解决Apache假死,重启apache无效的解决方法

echo "kernel.msgmni = 1024">>/etc/sysctl.conf
echo "kernel.sem = 250 256000 32 1024">>/etc/sysctl.conf
sysctl -p
reboot #改完需重启

echo "kernel.msgmni = 1024">>/etc/sysctl.conf
echo "kernel.sem = 250 256000 32 1024">>/etc/sysctl.conf
sysctl -p
reboot #改完需重启
解决Apache长时间运行后,自动崩溃并无法启动
下载这个,然后解压丢到/etc/cron.hourly

chmod 755 /etc/cron.hourly/ipcs_check
bash /etc/cron.hourly/ipcs_check

chmod 755 /etc/cron.hourly/ipcs_check
bash /etc/cron.hourly/ipcs_check
开启共享IP允许使用SSL

echo "enable_ssl_sni=1">>/usr/local/directadmin/conf/directadmin.conf
service directadmin restart

echo "enable_ssl_sni=1">>/usr/local/directadmin/conf/directadmin.conf
service directadmin restart

© 版权声明
THE END
請多多支持
点赞0
评论 抢沙发

    暂无评论内容