The website that used the AppServ shelf in the early years was hacked,一直查不出原因,Want to update Apache、PHP、The MySQL version is limited by the compatibility issue of the Joomla package and cannot be performed,之後又要遇到需要另外新增一個網站的需求,Originally planned to use XAMPP,But when reading the official XAMPP documents,赫然看到官方並不建議將此軟體用於正式環境,若非得使用,官方雖有建議調整部份設定值,以提高安全性,但又提醒你,這只能稍微增加一點點安全性而已 (好直白的官方啊~哈),So I started to research and install Apache independently.、MariaDB、PHP and phpMyAdmin。
The installation process of each kit is as follows:
【Apache】
- To Apache house Download the zip file (x64)。
- unzip,First read the readme_first.html instructions。
- Copy the directory to the desired location Apache24。
- Open httpd.conf,Set Define SRVROOT path,As D:\WebApache24。
- Find Options Indexes FollowSymLinks in httpd.conf,Delete Indexes,Avoid being browsed。
- Directly execute httpd.exe,See if there is an error during the startup process,Then browse localhost with a browser,To see if it is correct。
- CMD input”httpd.exe -k install”,Set Apache as a service (The removal instruction is “httpd.exe -k uninstall”)。
【PHP】
PHP is divided into two versions, Non Thread Safe and Thread Safe,Two articles are cited here to illustrate the choice of the two:
“Difference between PHP Non Thread Safe and Thread Safe – Weimai blog” Mention:
None Thread Safe is non-thread safe,No thread safety check during execution。
Thread Safe is thread safety,Thread safety check will be performed during execution,To prevent new threads from being started,Exhaust system resources。
…Slightly
FastCGI execution method is to perform operations with a single thread,So there is no need to perform thread safety checks,Remove the protection of thread safety checks but can improve execution efficiency。
The thread safety check is prepared for the ISAPI PHP,That is prepared for IIS,Because there are many php modules that are not thread safe,So need to use Thread Safe PHP。
So,If PHP is executed with FastCGI ,It is recommended to use Non Thread Safe PHP (zip installation package)。
PS. It is recommended to go to this article for the full description。
“PHP Thread Safe and Non-Thread Safe for Windows – Stack Overflow” The Crack mentioned:
So it really depends on the way that you want to use PHP:
Apache + LoadModule: Thread Safe
Apache + FastCGI: Non-Thread Safe
IIS: Thread Safe
IIS + FastCGI: Non-Thread SafePHP manual has nice installation instructions.
AFAIR running PHP with FastCGI is the preferable way, it performs faster and allows for more fine-grained security configuration.
From the two articles above,,Use FastCGI + Non-Thread Safe PHP would be a better choice。And the actual use of the feeling,After I changed from the original Thread Safe to Non Thread Safe,While browsing the Joomla website,You can actually feel the speed of page opening,Surprised me a little。
The following two ways of setting Non Thread Safe and Thread Safe。
【PHP – Non Thread Safe】(recommend)
- To Official page Download Non Thread Safe archive。
- unzip,Copy the directory to the desired location,Change php.ini-production to php.ini。
- Open php.ini,Modify the following content:
# 搜尋 extension_dir = "ext",改成: extension_dir = "D:\Web\php-7.4.3\ext" 或 ./ext # 搜尋 file_uploads = On,改成: file_uploads = Off # 如果網站沒有用到檔案上傳功能,建議關閉, # 有需要使用時再開啟,避免被上傳病毒檔案。 # 之前我們 ESET 防毒常攔截到網站伺服器被上傳惡意檔案, # 直到關閉此設定才沒再發生。 # 搜尋 upload_max_filesize = 2M,改成適合的大小: upload_max_filesize = 30M # Joomla 4 的建議值為 30M # 搜尋 allow_url_fopen = On,改成: allow_url_fopen = Off # 如果網站沒有用到檔案上傳功能,建議關閉, # 有需要使用時再開啟,避免被上傳病毒檔案。 # 之前我們 ESET 防毒常攔截到網站伺服器被上傳惡意檔案, # 直到關閉此設定才沒再發生。 # 搜尋 ;date.timezone =,改成: date.timezone ="Asia/Taipei" # 建議要設,避免部份網站程式的時間有時差。
LoadModule fcgid_module modules/mod_fcgid.so # 載入 FastCGI 的模組。 # 搜尋 DirectoryIndex,在後面增加: index.php
There are two ways to do it next,One is standard practice,One is simple。
[FastCGI settings – Standard Practice]
- Change the httpd-fcgid.conf under conf/extra in the FastCGI directory,copy to Apache Under conf/extra。
- Open httpd-fcgid.conf,Modify the following content:
# 搜尋 FcgidInitialEnv PHPRC "C:\\php",改成: FcgidInitialEnv PHPRC "D:\\Web\\php-7.4.6" # 讓 FastCGI 知道 php.ini 所在目錄。 # 其他的 FcgidInitialEnv 環境參數可視實際環境修正。 FcgidMaxRequestLen 15360000 # 此參數可選擇性增加。 # 根據「壞蛋的密室」文章的說明, # 此參數為用戶端送來的最大長度資料,預設值為 139072 (135K)。 # 搜尋 FcgidWrapper "C:/php/php-cgi.exe" .php,改成: FcgidWrapper "D:/Web/php-7.4.6/php-cgi.exe" .php # FastCGI 設定。
# 搜尋 Include conf/extra/httpd-fcgid.conf, # 將前面的註解井字號拿掉。
[FastCGI settings – Simple method]
- 開啟 Apache Httpd.conf,Add the following content:
FcgidInitialEnv PHPRC "D:/Web/php-7.4.6" # 讓 FastCGI 知道 php.ini 所在目錄。 AddHandler fcgid-script .php # 設定 FastCGI 處理 php 檔案。 FcgidWrapper "D:/Web/php-7.4.6/php-cgi.exe" .php # FastCGI 設定。 FcgidMaxRequestLen 15360000 # 此參數可選擇性增加。 # 根據「壞蛋的密室」文章的說明, # 此參數為用戶端送來的最大長度資料,預設值為 139072 (135K)。 # 搜尋 Options FollowSymLinks # (或 Options Indexes FollowSymLinks, # 若未在上面 Apache 步驟中去除 Indexes),在後面增加: ExecCGI # 讓網頁目錄有執行 CGI 的權限。
<?php phpinfo(); ?>
remind:If you execute httpd.exe,There is an error out of the path,Check the slash direction of the absolute path of httpd.conf,Please use slash(/)Replace backslash(\)。I originally used D:\Webphp-7.4.6 will jump wrong,Change to D:/Web/php-7.4.6 is OK。
【PHP – Thread Safe】
- To Official page Download Thread Safe compressed file。
- unzip,Copy the directory to the desired location,Change php.ini-production to php.ini。
- Open php.ini,Modify the following content:
# 搜尋 extension_dir = "ext",改成: extension_dir = "D:\Web\php-7.4.3\ext" # 搜尋 file_uploads = On,改成: file_uploads = Off # 如果網站沒有用到檔案上傳功能,建議關閉, # 有需要使用時再開啟,避免被上傳病毒檔案。 # 之前我們 ESET 防毒常攔截到網站伺服器被上傳惡意檔案, # 直到關閉此設定才沒再發生。 # 搜尋 upload_max_filesize = 2M,改成適合的大小: upload_max_filesize = 30M # Joomla 4 的建議值為 30M # 搜尋 allow_url_fopen = On,改成: allow_url_fopen = Off # 如果網站沒有用到檔案上傳功能,建議關閉, # 有需要使用時再開啟,避免被上傳病毒檔案。 # 之前我們 ESET 防毒常攔截到網站伺服器被上傳惡意檔案, # 直到關閉此設定才沒再發生。 # 搜尋 ;date.timezone =,改成: date.timezone ="Asia/Taipei" # 建議要設,避免部份網站程式的時間有時差。
PHPIniDir "D:\Web\php-7.1.5" # 指定 php.ini 存放的資料夾位置。 LoadModule php7_module "D:\Web\php-7.1.5\php7apache2_4.dll" # 載入 php 的模組。 AddType application/x-httpd-php .php .php3 .phtml .inc # 指定附檔名是 .php .php3 .phtml .inc 的程式都為 php 程式。 AddType application/x-httpd-php-source .phps .phpsource # 指定附檔名是 .phps 時, # 把內容視為 hightlight 的原始碼輸出到網頁。 # 搜尋 DirectoryIndex,在後面增加: index.php
<?php phpinfo(); ?>
【MariaDB】
- To Official page Download msi(x64),直接安裝。
- Set root password。
- Uncheck [Enable access from remote machines for ‘root’ user】,To reduce risk。
- 勾【Use UTF8 as default server’s character set】。
【phpMyAdmin】
- Download the zip file,unzip,Copy to Apache24htdocs。
- Open PHP's php.ini。
- Remove #extension_dir = “ext” 的 # Comment,”ext” Changed “D:\Webphp-7.1.5ext”。
- Remove #extension=php_mbstring.dll # Comment。
- Remove #extension=php_mysqli.dll # Comment。
–2019/01/05 Update
- The config.sample.inc.php changed its name to config.inc.php。
- Open config.inc.php,To find $cfg[‘blowfish_secret’],Fill in single quotation marks later 32 Digit password,Direct to find a password generator to generate enough。
- Add the line $cfg[‘PmaNoRelation_DisableWarning’] = ‘true’;,To avoid the error message from phpMyAdmin,Calls for the establishment table。
【參考連結】
- Windows 7 安裝 Apache + MySQL + PHP ~ JxL Blog 技術札記
- Manually install Apache、MySQL、PHP and related settings – OA’s blog
- In Windows manually install Apache、PHP、MySQL、phpMyAdmin | Beyond The Time
- XYZ的筆記本: windows7 64 bit installer Apache、PHP、MySQL
- Blue Ocean Studios – View topic – Setting phpMyAdmin
- phpMyAdmin 設定 blowfish secret
- Difference between PHP Non Thread Safe and Thread Safe – Weimai blog
- multithreading – PHP Thread Safe and Non-Thread Safe for Windows – Stack Overflow
- PHP on Windows + Apache mod_fcgid installation method | Bad room
[…] Appserv is a package that is quickly built but only suitable for development environments,Change to manually build Apache、MariaDB and PHP,After renewed every six months and with the frequency of maintenance to do,Benpian Apache is the record update、MariaDB […]