How to build a picture server on Linux platform through nginx and vsftpd

1. nginx installation

1. nginx installation environment

nginx is developed in C language. It is recommended to run on Linux. This tutorial Use centos6.5 as the installation environment.

To install nginx, you need to compile the source code downloaded from the official website first. The compilation depends on the gcc environment. If there is no gcc environment, you need to install gcc: yum install gcc-c

pcre (perlcompatible regular expressions) is A perl library that includes a perl-compatible regular expression library. The http module of nginx uses pcre to parse regular expressions, so the pcre library needs to be installed on Linux.

yuminstall -y pcre pcre-devel

Note: pcre-devel is a secondary development library developed using pcre. nginx also requires this library.

The zlib library provides many compression and decompression methods. nginx uses zlib to gzip the contents of the http package, so the zlib library needs to be installed on Linux.

yuminstall -y zlib zlib-devel

openssl is a powerful secure socket layer cryptographic library, including major cryptographic algorithms, commonly used key and certificate encapsulation management functions and SSL protocols, and provides a wealth of applications for testing or other purposes use.

nginx not only supports the http protocol, but also supports https (that is, transmitting http over the ssl protocol), so you need to install the openssl library on Linux.

yuminstall -y openssl openssl-devel

2. Compile and install

Copy nginx-1.8.0.tar.gz to the linux server.

Unzip:

tar -zxvf nginx-1.8.0.tar.gz

Enter the root directory of nginx:

cd nginx-1.8.0

a.configure

./configure --help Query detailed parameters (refer to this tutorial Appendix part: nginx compilation parameters)

The parameter settings are as follows:

./configure \ 
--prefix=/usr/local/nginx \ 
--pid-path=/var/run/nginx/nginx.pid \ 
--lock-path=/var/lock/nginx.lock \ 
--error-log-path=/var/log/nginx/error.log \ 
--http-log-path=/var/log/nginx/access.log \ 
--with-http_gzip_static_module \ 
--http-client-body-temp-path=/var/temp/nginx/client\ 
--http-proxy-temp-path=/var/temp/nginx/proxy\ 
--http-fastcgi-temp-path=/var/temp/nginx/fastcgi\ 
--http-uwsgi-temp-path=/var/temp/nginx/uwsgi\ 
--http-scgi-temp-path=/var/temp/nginx/scgi

Note: The temporary file directory is specified as /var/temp/nginx above, and the temp and nginx directories need to be created under /var

b. Compile and install

make
make install

Installation is successful. Check the installation directory:

c. Start nginx

cd /usr/local/nginx/sbin/
./nginx

Query the nginx process:

##15098 is the process id of the nginx main process, 15099 is the process id of the nginx worker process

Note: Execute ./nginx to start nginx. Here you can specify the loaded nginx configuration file with -c, as follows:

./nginx-c /usr/local/nginx/conf/nginx.conf

If you do not specify -c, nginx will load the conf/nginx.conf file by default at startup. This file The address can also be specified when compiling and installing nginx./configure parameters (--conf-path= points to the configuration file (nginx.conf))

d. Stop nginx

Method 1, quick stop:

cd /usr/local/nginx/sbin 
./nginx -s stop

This method is equivalent to finding out the nginx process ID first and then using the kill command to forcefully kill the process.

Method 2, complete stop (recommended):

cd /usr/local/nginx/sbin 
./nginx -s quit

The stop step in this method is to stop the nginx process after the task is completed.

e. Restart nginx

Method 1, stop and then start (recommended):

Restarting nginx is equivalent to stopping nginx first and then Start nginx, that is, execute the stop command first and then the start command.

As follows:

./nginx -s quit 
./nginx

Method 2, reload the configuration file:

When the nginx configuration file nginx.conf is modified, you want to make the configuration To take effect, nginx needs to be restarted. Use -s reload to make the configuration information effective in nginx without first stopping nginx and then starting nginx, as follows:

./nginx -s reload

f. Test

nginx installation is successful, start nginx , you can access nginx on the virtual machine:

This means that nginx is successfully installed.

2. FTP installation

1. Install the vsftpd component

[root@bogon ~]# yum -y install vsftpd

After installation, there is the /etc/vsftpd/vsftpd.conf file, which is vsftp configuration file.

2. Add an ftp user

This user is used to log in to the ftp server.

[root@bogon ~]# useradd ftpuser

After such a user is created, you can use this to log in. Remember to use normal login instead of anonymous. After logging in, the default path is /home/ftpuser. ​

3. Add a password to the ftp user.

[root@bogon ~]# passwd ftpuser

Enter the password twice and then change the password.

4. Firewall opens port 21

Because the default port of ftp is 21, and centos is not enabled by default, you need to modify the iptables file. Some centos installations do not enable the firewall by default. No need to think about this step.

[root@bogon ~]# vim /etc/sysconfig/iptables

There is 22 on the line -jaccept. Enter a new line similar to that line, just replace 22 with 21, and then: wq to save.

Also run and restart iptables

[root@bogon ~]# service iptables restart

5. Modify selinux

The external network can be accessed, but I found that I cannot return to the directory (using ftp Active mode, passive mode is still inaccessible), and it cannot be uploaded because selinux is causing trouble.

Modify selinux:

Execute the following command to check the status:

[root@bogon ~]# getsebool -a | grepftp 
allow_ftpd_anon_write --> off 
allow_ftpd_full_access --> off 
allow_ftpd_use_cifs --> off 
allow_ftpd_use_nfs --> off 
ftp_home_dir --> off 
ftpd_connect_db --> off 
ftpd_use_passive_mode --> off 
httpd_enable_ftp_server --> off 
tftp_anon_write --> off 
[root@bogon ~]#

Execute the above command, and then return the result to see that both lines are off, which means that the external network is not enabled. Access

[root@bogon ~]#setsebool -p allow_ftpd_full_access on 
[root@bogon ~]#setsebool -p ftp_home_dir on

这样应该没问题了（如果，还是不行，看看是不是用了ftp客户端工具用了passive模式访问了，如提示entering passive mode，就代表是passive模式，默认是不行的，因为ftp passive模式被iptables挡住了，下面会讲怎么开启，如果懒得开的话，就看看你客户端ftp是否有port模式的选项，或者把passive模式的选项去掉。如果客户端还是不行，看看客户端上的主机的电脑是否开了防火墙，关吧） 

filezilla的主动、被动模式修改：

菜单：编辑→设置

6、关闭匿名访问

修改/etc/vsftpd/vsftpd.conf文件：

重启ftp服务：

[root@bogon ~]# service vsftpd restart

7、开启被动模式

默认是开启的，但是要指定一个端口范围，打开vsftpd.conf文件，在后面加上

pasv_min_port=30000 
pasv_max_port=30999

表示端口范围为30000~30999，这个可以随意改。改完重启一下vsftpd
由于指定这段端口范围，iptables也要相应的开启这个范围，所以像上面那样打开iptables文件。
也是在21上下面另起一行，更那行差不多，只是把21 改为30000:30999,然后:wq保存，重启下iptables。这样就搞定了。 

8、设置开机启动vsftpd ftp服务

[root@bogon ~]# chkconfig vsftpd on

         

The above is the detailed content of How to build a picture server on Linux platform through nginx and vsftpd. For more information, please follow other related articles on the PHP Chinese website!