1. Install Nginx/PHP/PHP-FPM
First setup new packages source repos.
Remi Dependency on CentOS 7 and Red Hat (RHEL) 7
rpm -Uvh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-1.noarch.rpm
CentOS 7 and Red Hat (RHEL) 7
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
Create file /etc/yum.repos.d/nginx.repo
and add following content to repo file:
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1
Then install nginx and php.
yum --enablerepo=remi,remi-php56 install nginx php-fpm php-common
yum --enablerepo=remi,remi-php56 install php-opcache php-pecl-apcu php-cli php-pear php-pdo php-mysqlnd php-pgsql php-pecl-mongo php-pecl-sqlite php-pecl-memcache php-pecl-memcached php-gd php-mbstring php-mcrypt php-xml
yum --enablerepo=remi,remi-php56 install php-redis
Last start all the services:
service php-fpm start
service nginx start
service redis start
Set SELinux to permissive mode:
setenforce 0
2. Install MariaDB
Remove old packages if alread installed before.
yum remove mysql* mysql-server mysql-devel mysql-libs
or yum remove mariadb-libs-1:5.5.37-1.el7_0.x86_64
Then run commands to install MariaDB 10.1.
yum install MariaDB-server MariaDB-client
If no error raised, then start MariaDB:
/etc/init.d/mysql start
3. Open ports for incoming requests
First run iptables --line -vnL
to find the line number of the REJECT
rule:
# iptables --line -vnL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
1 48563 67M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
2 21 1434 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
3 101K 8704K INPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
4 101K 8704K INPUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
5 101K 8704K INPUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
6 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
7 101K 8704K REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Here the number is 7 , So the new iptables rule will be:
iptables -I INPUT 7 -i em4 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -I INPUT 7 -i em4 -p tcp --dport 3306 -m state --state NEW,ESTABLISHED -j ACCEPT
Don't forget to specify correct network interface if yours is not em4
.
reference: