活的不过“从容”二字
为了防止网上这些人暴力破解我的博客后台,为此我给我的后台目录加了一层NGINX验证密码,增加破解的难度,下面是添加方法
yum -y install httpd-tools # 生成密码可以使用 htpasswd,或者使用 openssl ,这儿我使用的是htpasswd
htpasswd -c /opt/nginx/conf/passwd/blog blog # 生成一个blog的密码文件,用户名是blog,确定之后输入自己的密码
location /wp-admin {
auth_basic "Please input admin password";
auth_basic_user_file /opt/nginx/conf/passwd/blog;
}
LVS作为第四层的负载均衡,效率比NGINX HA等方式搭建的负载均衡效率要高些,在企业中使用DR模式又比使用NAT模式的场景更广,下面就是一个简单的实验。
vip 172.16.50.65
Real server 1: 172.16.50.66
Real server 2: 172.16.50.67
Director Server: 172.16.50.10(MASTER)
Director Server: 172.16.50.11(BACKUP)
! Configuration File for keepalived
global_defs {
notification_email {
qq@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens32
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass yourpassword
}
virtual_ipaddress {
172.16.50.65
}
}
virtual_server 172.16.50.65 80 {
delay_loop 6
lb_algo rr
lb_kind DR
#persistence_timeout 50
protocol TCP
real_server 172.16.50.66 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 2
}
}
real_server 172.16.50.67 80 {
weight 2
TCP_CHECK {
connect_port 80
connect_timeout 2
}
}
}
! Configuration File for keepalived
global_defs {
notification_email {
qq@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface ens32
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass yourpassword
}
virtual_ipaddress {
172.16.50.65
}
}
virtual_server 172.16.50.65 80 {
delay_loop 6
lb_algo rr
lb_kind DR
#persistence_timeout 50
protocol TCP
real_server 172.16.50.66 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 2
}
}
real_server 172.16.50.67 80 {
weight 2
TCP_CHECK {
connect_port 80
connect_timeout 2
}
}
}
ifconfig lo:0 172.16.50.65 netmask 255.255.255.255 broadcast 172.16.50.65
route add -host 172.16.50.65 dev lo:0
net.ipv4.conf.all.arp_ignore=1
net.ipv4.conf.lo.arp_ignore=1
net.ipv4.conf.all.arp_announce=2
net.ipv4.conf.lo.arp_announce=2
#!/bin/bash
yum install wget -y
wget https://repo.mysql.com//mysql80-community-release-el7-1.noarch.rpm
rpm -Uvh mysql80-community-release-el7-1.noarch.rpm
rpm --import https://repo.mysql.com/RPM-GPG-KEY-mysql-2022
yum install mysql-community-server -y
systemctl start mysqld.service
systemctl enable mysqld.service
systemctl status mysqld.service
#查看mysql自己生成的临时密码
grep 'temporary password' /var/log/mysqld.log
## 由于 default_password_lifetime 的存在,必须修改默认密码之后才能使用
alter user user() identified by "yourpassword";
#!/bin/bash
yum remove php*
yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum -y install https://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum -y install yum-utils
yum-config-manager --enable remi-php74
yum update
yum install php php-zip php-bcmath php-cli php-common php-dba php-devel \
php-embedded php-enchant php-fpm php-gd php-imap php-interbase php-intl php-ldap php-xlswriter \
php-mbstring php-mysqlnd php-odbc php-opcache php-sodium \
php-pdo php-pdo_dblib php-pear php-pecl-apcu php-pecl-imagick php-pecl-memcached \
php-pecl-mongodb php-pecl-redis php-pgsql php-process \
php-pspell php-recode php-snmp php-soap php-tidy php-xml php-xmlrpc -y
systemctl start php-fpm
systemctl enable php-fpm
systemctl status php-fpm
php -v
© 2020 aiqinqin.info 渝ICP备19002253号