Apache、MariaDB、PHP is installed independently on Windows

   The website that used the AppServ shelf in the early years was hacked,一直查不出原因,Want to update Apache、PHP、The MySQL version is limited by the compatibility issue of the Joomla package and cannot be performed,之後又要遇到需要另外新增一個網站的需求,Originally planned to use XAMPP,But when reading the official XAMPP documents,赫然看到官方並不建議將此軟體用於正式環境,若非得使用,官方雖有建議調整部份設定值,以提高安全性,但又提醒你,這只能稍微增加一點點安全性而已 (好直白的官方啊~哈),So I started to research and install Apache independently.、MariaDB、PHP and phpMyAdmin。

The installation process of each kit is as follows:

【Apache】

  • To Apache house Download the zip file (x64)。
  • unzip,First read the readme_first.html instructions。
  • Copy the directory to the desired location Apache24。
  • Open httpd.conf,Set Define SRVROOT path,As D:\WebApache24。
  • Find Options Indexes FollowSymLinks in httpd.conf,Delete Indexes,Avoid being browsed。
  • Directly execute httpd.exe,See if there is an error during the startup process,Then browse localhost with a browser,To see if it is correct。
  • CMD input”httpd.exe -k install”,Set Apache as a service (The removal instruction is “httpd.exe -k uninstall”)。

 


【PHP】

  PHP is divided into two versions, Non Thread Safe and Thread Safe,Two articles are cited here to illustrate the choice of the two:

 

Difference between PHP Non Thread Safe and Thread Safe – Weimai blog” Mention:

None Thread Safe is non-thread safe,No thread safety check during execution。

Thread Safe is thread safety,Thread safety check will be performed during execution,To prevent new threads from being started,Exhaust system resources。

…Slightly

FastCGI execution method is to perform operations with a single thread,So there is no need to perform thread safety checks,Remove the protection of thread safety checks but can improve execution efficiency。

The thread safety check is prepared for the ISAPI PHP,That is prepared for IIS,Because there are many php modules that are not thread safe,So need to use Thread Safe PHP。

So,If PHP is executed with FastCGI ,It is recommended to use Non Thread Safe PHP (zip installation package)。

PS. It is recommended to go to this article for the full description。

 

PHP Thread Safe and Non-Thread Safe for Windows – Stack Overflow” The Crack mentioned:

So it really depends on the way that you want to use PHP:

Apache + LoadModule: Thread Safe
Apache + FastCGI: Non-Thread Safe
IIS: Thread Safe
IIS + FastCGI: Non-Thread Safe

PHP manual has nice installation instructions.

AFAIR running PHP with FastCGI is the preferable way, it performs faster and allows for more fine-grained security configuration.

 

  From the two articles above,,Use FastCGI + Non-Thread Safe PHP would be a better choice。And the actual use of the feeling,After I changed from the original Thread Safe to Non Thread Safe,While browsing the Joomla website,You can actually feel the speed of page opening,Surprised me a little。

  The following two ways of setting Non Thread Safe and Thread Safe。

 

【PHP – Non Thread Safe】(recommend)

  • To Official page Download Non Thread Safe archive。
  • unzip,Copy the directory to the desired location,Change php.ini-production to php.ini。
  • Open php.ini,Modify the following content:
  • # 搜尋 extension_dir = "ext",改成:  extension_dir = "D:\Web\php-7.4.3\ext"    # 搜尋 file_uploads = On,改成:  file_uploads = Off  # 如果網站沒有用到檔案上傳功能,建議關閉,有需要使用時再開啟,避免被上傳病毒檔案。  # 之前我們 ESET 防毒常攔截到網站伺服器被上傳惡意檔案,直到關閉此設定才沒再發生。    # 搜尋 upload_max_filesize = 2M,改成適合的大小:  upload_max_filesize = 15M    # 搜尋 allow_url_fopen = On,改成:  allow_url_fopen = Off  # 如果網站沒有用到檔案上傳功能,建議關閉,有需要使用時再開啟,避免被上傳病毒檔案。  # 之前我們 ESET 防毒常攔截到網站伺服器被上傳惡意檔案,直到關閉此設定才沒再發生。    # 搜尋 ;date.timezone =,改成:  date.timezone ="Asia/Taipei"  # 建議要設,避免部份網站程式的時間有時差。
  • To Apache house Download "Mod FCGID for Apache 2.4.x x64"。
  • After unpacking,Change mod_fcgid.so under Modules,copy to Apache Under the Modules。
  • 開啟 Apache Httpd.conf,Add the following:
  • FcgidInitialEnv PHPRC "D:/Web/php-7.4.6"   # 讓 FastCGI 知道 php.ini 所在目錄。    LoadModule fcgid_module modules/mod_fcgid.so  # 載入 FastCGI 的模組。    AddHandler fcgid-script .php  # 設定 FastCGI 處理 php 檔案。    FcgidWrapper "D:/Web/php-7.4.6/php-cgi.exe" .php  # FastCGI 設定。    # 搜尋 Options FollowSymLinks (或 Options Indexes FollowSymLinks,在上面 Apache 步驟中,已去除 Indexes),改成:  Options FollowSymLinks ExecCGI  # 讓網頁目錄有執行 CGI 的權限。    FcgidMaxRequestLen 15360000  # 根據「壞蛋的密室」文章的說明,此參數為用戶端送來的最大長度資料,預設值為 139072 (135K),    # 搜尋 DirectoryIndex,在後面增加:  index.php
  • Add an index.php file (For testing),Put D:\WebApache24htdocs,Follows:
  • <?php  phpinfo();  ?>
  • Open index.php in a browser ,Confirm you can see the php information。

remind:If you execute httpd.exe,There is an error out of the path,Check the slash direction of the absolute path of httpd.conf,Please use slash(/)Replace backslash(\)。I originally used D:\Webphp-7.4.6 will jump wrong,Change to D:/Web/php-7.4.6 is OK。

 

【PHP – Thread Safe】

  • To Official page Download Thread Safe compressed file。
  • unzip,Copy the directory to the desired location,Change php.ini-production to php.ini。
  • Open php.ini,Modify the following content:
  • # 搜尋 extension_dir = "ext",改成:  extension_dir = "D:\Web\php-7.4.3\ext"    # 搜尋 file_uploads = On,改成:  file_uploads = Off  # 如果網站沒有用到檔案上傳功能,建議關閉,有需要使用時再開啟,避免被上傳病毒檔案。  # 之前我們 ESET 防毒常攔截到網站伺服器被上傳惡意檔案,直到關閉此設定才沒再發生。    # 搜尋 upload_max_filesize = 2M,改成適合的大小:  upload_max_filesize = 15M    # 搜尋 allow_url_fopen = On,改成:  allow_url_fopen = Off  # 如果網站沒有用到檔案上傳功能,建議關閉,有需要使用時再開啟,避免被上傳病毒檔案。  # 之前我們 ESET 防毒常攔截到網站伺服器被上傳惡意檔案,直到關閉此設定才沒再發生。    # 搜尋 ;date.timezone =,改成:  date.timezone ="Asia/Taipei"  # 建議要設,避免部份網站程式的時間有時差。
  • 開啟 Apache Httpd.conf,Add the following:
  • PHPIniDir "D:\Web\php-7.1.5"  # 指定 php.ini 存放的資料夾位置。    LoadModule php7_module "D:\Web\php-7.1.5\php7apache2_4.dll"  # 載入 php 的模組。    AddType application/x-httpd-php .php .php3 .phtml .inc  # 指定附檔名是 .php .php3 .phtml .inc 的程式都為 php 程式。    AddType application/x-httpd-php-source .phps .phpsource  # 指定附檔名是 .phps 時,把內容視為 hightlight 的原始碼輸出到網頁。    # 搜尋 DirectoryIndex,在後面增加:  index.php
  • Add an index.php file (For testing),Put D:\WebApache24htdocs,Follows:
  • <?php phpinfo(); ?>
  • Open index.php in a browser ,Confirm you can see the php information。

 


【MariaDB】

  • To Official page Download msi(x64),直接安裝。
  • Set root password。
  • Uncheck [Enable access from remote machines for ‘root’ user】,To reduce risk。
  • 勾【Use UTF8 as default server’s character set】。

 


【phpMyAdmin】

  • Download the zip file,unzip,Copy to Apache24htdocs。
  • Open PHP's php.ini。
  • Remove #extension_dir = “ext” 的 # Comment,”ext” Changed “D:\Webphp-7.1.5ext”。
  • Remove #extension=php_mbstring.dll # Comment。
  • Remove #extension=php_mysqli.dll # Comment。

–2019/01/05 Update

  • The config.sample.inc.php changed its name to config.inc.php。
  • Open config.inc.php,To find $cfg[‘blowfish_secret’],Fill in single quotation marks later 32 Digit password,Direct to find a password generator to generate enough。
  • Add the line $cfg[‘PmaNoRelation_DisableWarning’] = ‘true’;,To avoid the error message from phpMyAdmin,Calls for the establishment table。

 
【參考連結】

One Response

  1. Apache Updates、MariaDB、PHP | Old Sen Chang Tan Says |

    […] Appserv is a package that is quickly built but only suitable for development environments,Change to manually build Apache、MariaDB and PHP,After renewed every six months and with the frequency of maintenance to do,Benpian Apache is the record update、MariaDB […]

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.