If you are using php-fcgid with suexec and you get the following error :
End of script output before headers:
mod_fcgid: error reading data from FastCGI server
exit(communication error), terminated by calling exit(), return code: 109
Check the followings:
1. /usr/sbin/suexec has +s flag set (you can set it by running chmod 4550 /usr/sbin/suexec )
2. the php-cgi binary path exists in your php-fcgid script
3. mod_fcgid is installed and enabled on your server
Monday, June 22, 2020
Wednesday, June 3, 2020
Centos 8: [How-to] install Mysql 5.6/5.7/8.0 PHP 5.6/7.4 and Virtualmin
Here is the gist I use to install Virtualmin / Mysql / PHP on CentOS 8 :
# Fixing perl locale warning
echo "LANGUAGE=en_US.utf8
LC_ALL=en_US.utf-8
LANG=en_US.utf8
LC_TYPE=en_US.utf8" > /etc/environment
# Logout SSH and Login again to apply env
# Installing Mysql/Remi repo and required packages
yum install epel-release -y
yum install https://rpms.remirepo.net/enterprise/remi-release-8.rpm htop wget perl perl-DBD-MySQL screen net-tools yum-utils unzip glibc-langpack-en lsof vim-enhanced git nload iotop bind-utils tar zip telnet -y
# Disabling default mysql mariadb php modules on centos 8
dnf module disable mysql mariadb php -y
echo "exclude=mariadb*" >> /etc/yum.conf
# Remi provides modular packages for PHP 7.2+
yum-config-manager --enable remi
dnf module enable php:remi-7.4 -y
yum update -y
## Instructions for Mysql 8.0
yum install https://dev.mysql.com/get/mysql80-community-release-el8-1.noarch.rpm -y
yum install mysql-community-server
sed -i /etc/my.cnf -e "s,# default-authentication-plugin=mysql_native_password,default-authentication-plugin=mysql_native_password,g"
service mysqld start
echo "validate_password.policy=LOW" >> /etc/my.cnf
echo "max_allowed_packet = 100M" >> /etc/my.cnf
service mysqld restart
## Instructions for Mysql 5.7/5.6 from mysql's el7 repo
yum install https://dev.mysql.com/get/mysql80-community-release-el7-3.noarch.rpm -y
yum-config-manager --disable mysql80-community
yum-config-manager --enable mysql57-community
yum install mysql-community-server
mysql -e "uninstall plugin validate_password;"
# Fixing perl locale warning
echo "LANGUAGE=en_US.utf8
LC_ALL=en_US.utf-8
LANG=en_US.utf8
LC_TYPE=en_US.utf8" > /etc/environment
# Logout SSH and Login again to apply env
# Installing Mysql/Remi repo and required packages
yum install epel-release -y
yum install https://rpms.remirepo.net/enterprise/remi-release-8.rpm htop wget perl perl-DBD-MySQL screen net-tools yum-utils unzip glibc-langpack-en lsof vim-enhanced git nload iotop bind-utils tar zip telnet -y
# Disabling default mysql mariadb php modules on centos 8
dnf module disable mysql mariadb php -y
echo "exclude=mariadb*" >> /etc/yum.conf
# Remi provides modular packages for PHP 7.2+
yum-config-manager --enable remi
dnf module enable php:remi-7.4 -y
yum update -y
## Instructions for Mysql 8.0
yum install https://dev.mysql.com/get/mysql80-community-release-el8-1.noarch.rpm -y
yum install mysql-community-server
sed -i /etc/my.cnf -e "s,# default-authentication-plugin=mysql_native_password,default-authentication-plugin=mysql_native_password,g"
service mysqld start
echo "validate_password.policy=LOW" >> /etc/my.cnf
echo "max_allowed_packet = 100M" >> /etc/my.cnf
service mysqld restart
yum install https://dev.mysql.com/get/mysql80-community-release-el7-3.noarch.rpm -y
yum-config-manager --disable mysql80-community
yum-config-manager --enable mysql57-community
yum install mysql-community-server
mysql -e "uninstall plugin validate_password;"
echo "max_allowed_packet = 100M" >> /etc/my.cnf
###
# Installing Virtualmin
echo "set nocompatible" > /root/.vimrc
wget http://software.virtualmin.com/gpl/scripts/install.sh
sh install.sh -m
# Configuring Virtualmin
sed -i /etc/webmin/virtual-server/*config -e "s/ Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch//g"
sed -i /etc/webmin/mysql/config -e "s,mariadb,mysqld,g"
sed -i /etc/webmin/virtual-server/*config -e "s,quotas=1,quotas=0,g"
sed -i /etc/webmin/virtual-server/*config -e "s,collect_restart=0,collect_restart=1,g"
virtualmin set-global-feature --enable-feature ssl --default-on ssl
virtualmin set-global-feature --disable-feature virtualmin-dav --default-off virtualmin-dav
service webmin restart
# php 5.6
yum install php56-php-bcmath php56-php-common php56-php-gd php56-php-intl php56-php-ioncube-loader php56-php-litespeed php56-php-mbstring php56-php-mcrypt php56-php-mysqlnd php56-php-opcache php56-php-pdo php56-php-pecl-jsonc php56-php-pecl-zip php56-php-soap php56-php-xml php56-runtime php56-php-fpm php56-php-cgi php-zip -y
# php 7.3
dnf module install php:remi-7.3
dnf install php73-php-bcmath php73-php-common php73-php-gd php73-php-intl php73-php-ioncube-loader php73-php-litespeed php73-php-mbstring php73-php-mcrypt php73-php-mysqlnd php73-php-opcache php73-php-pdo php73-php-pecl-jsonc php73-php-pecl-zip php73-php-soap php73-php-xml php73-runtime php73-php-fpm php73-php-cgi php-zip -y
dnf install php-bcmath php-common php-gd php-intl php-ioncube-loader php-litespeed php-mbstring php-mcrypt php-mysqlnd php-opcache php-pdo php-pecl-zip php-soap php-xml php-zip -y
# Limit DNS recursion in named
# add to /etc/named.conf
allow-recursion { localhost; };
# Disable UseDNS in sshd
# Update /etc/ssh/sshd_config
UseDNS No
# Mysql config
local-infile=0
sql_mode = "NO_ENGINE_SUBSTITUTION"
collation-server = utf8mb4_unicode_ci
init-connect='SET NAMES utf8mb4'
character-set-server = utf8mb4
# Apache config:
echo '<IfModule mod_expires.c>
# Enable expirations
ExpiresActive On
# Default directive
# ExpiresDefault "access plus 15 days"
# My favicon
ExpiresByType image/x-icon "access plus 15 days.
# Images
ExpiresByType image/gif "access plus 15 days"
ExpiresByType image/png "access plus 15 days"
ExpiresByType image/jpg "access plus 15 days"
ExpiresByType image/jpeg "access plus 15 days"
# CSS
ExpiresByType text/css "access 15 days.
# Javascript
ExpiresByType application/javascript "access plus 15 days"
</IfModule>' > /etc/httpd/conf.d/expires.conf
echo '<IfModule deflate_module>
<Location />
SetOutputFilter DEFLATE
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
SetEnvIfNoCase Request_URI \
\.(?:gif|jpe?g|png|swf)$ no-gzip dont-vary
</Location>
</IfModule>' > /etc/httpd/conf.d/deflate.conf
echo '<IfModule event.c>
ServerLimit 15
MaxClients 960
StartServers 2
ThreadsPerChild 64
ThreadLimit 64
MinSpareThreads 32
# must be >= (MinSpareThreads + ThreadsPerChild)
MaxSpareThreads 112
# at 200 r/s, 20000 r results in a process lifetime of 2 minutes
MaxRequestsPerChild 20000
</IfModule>' > /etc/httpd/conf.d/mpm.conf
# /etc/php.ini
# Installing ffmpeg gz
sudo yum-config-manager --add-repo=https://negativo17.org/repos/epel-multimedia.repo
yum install ffmpeg -y
###
# Installing Virtualmin
echo "set nocompatible" > /root/.vimrc
wget http://software.virtualmin.com/gpl/scripts/install.sh
sh install.sh -m
# Configuring Virtualmin
sed -i /etc/webmin/virtual-server/*config -e "s/ Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch//g"
sed -i /etc/webmin/mysql/config -e "s,mariadb,mysqld,g"
sed -i /etc/webmin/virtual-server/*config -e "s,quotas=1,quotas=0,g"
sed -i /etc/webmin/virtual-server/*config -e "s,collect_restart=0,collect_restart=1,g"
virtualmin set-global-feature --enable-feature ssl --default-on ssl
virtualmin set-global-feature --disable-feature virtualmin-dav --default-off virtualmin-dav
service webmin restart
# php 5.6
yum install php56-php-bcmath php56-php-common php56-php-gd php56-php-intl php56-php-ioncube-loader php56-php-litespeed php56-php-mbstring php56-php-mcrypt php56-php-mysqlnd php56-php-opcache php56-php-pdo php56-php-pecl-jsonc php56-php-pecl-zip php56-php-soap php56-php-xml php56-runtime php56-php-fpm php56-php-cgi php-zip -y
# php 7.3
dnf module install php:remi-7.3
dnf install php73-php-bcmath php73-php-common php73-php-gd php73-php-intl php73-php-ioncube-loader php73-php-litespeed php73-php-mbstring php73-php-mcrypt php73-php-mysqlnd php73-php-opcache php73-php-pdo php73-php-pecl-jsonc php73-php-pecl-zip php73-php-soap php73-php-xml php73-runtime php73-php-fpm php73-php-cgi php-zip -y
dnf install php-bcmath php-common php-gd php-intl php-ioncube-loader php-litespeed php-mbstring php-mcrypt php-mysqlnd php-opcache php-pdo php-pecl-zip php-soap php-xml php-zip -y
# Limit DNS recursion in named
# add to /etc/named.conf
allow-recursion { localhost; };
# Disable UseDNS in sshd
# Update /etc/ssh/sshd_config
UseDNS No
# Mysql config
# add to /etc/my.cnf
symbolic-links=0local-infile=0
sql_mode = "NO_ENGINE_SUBSTITUTION"
collation-server = utf8mb4_unicode_ci
init-connect='SET NAMES utf8mb4'
character-set-server = utf8mb4
# Apache config:
echo '<IfModule mod_expires.c>
# Enable expirations
ExpiresActive On
# Default directive
# ExpiresDefault "access plus 15 days"
# My favicon
ExpiresByType image/x-icon "access plus 15 days.
# Images
ExpiresByType image/gif "access plus 15 days"
ExpiresByType image/png "access plus 15 days"
ExpiresByType image/jpg "access plus 15 days"
ExpiresByType image/jpeg "access plus 15 days"
# CSS
ExpiresByType text/css "access 15 days.
# Javascript
ExpiresByType application/javascript "access plus 15 days"
</IfModule>' > /etc/httpd/conf.d/expires.conf
echo '<IfModule deflate_module>
<Location />
SetOutputFilter DEFLATE
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
SetEnvIfNoCase Request_URI \
\.(?:gif|jpe?g|png|swf)$ no-gzip dont-vary
</Location>
</IfModule>' > /etc/httpd/conf.d/deflate.conf
echo '<IfModule event.c>
ServerLimit 15
MaxClients 960
StartServers 2
ThreadsPerChild 64
ThreadLimit 64
MinSpareThreads 32
# must be >= (MinSpareThreads + ThreadsPerChild)
MaxSpareThreads 112
# at 200 r/s, 20000 r results in a process lifetime of 2 minutes
MaxRequestsPerChild 20000
</IfModule>' > /etc/httpd/conf.d/mpm.conf
# update mpm in /etc/httpd/conf.modules.d/00-mpm.conf
# high performance mpm_event /etc/httpd/conf.d/mpm.conf:
<IfModule event.c>
ServerLimit 64
ThreadsPerChild 256
ThreadLimit 256
MaxRequestWorkers 4096
StartServers 2
MinSpareThreads 32
# must be >= (MinSpareThreads + ThreadsPerChild)
MaxSpareThreads 112
# at 200 r/s, 20000 r results in a process lifetime of 2 minutes
MaxRequestsPerChild 20000
</IfModule>
# move /tmp to ram: /etc/fstab
tmpfs /tmp tmpfs mode=1777,nosuid,nodev 0 0
# /etc/php.ini
#update:
upload_max_filesize
post_max_size
memory_limit
max_execution_time
max_input_time
# Install Node.js 14.x
# Install Node.js 14.x
curl -sL https://rpm.nodesource.com/setup_14.x | bash -
yum install -y nodejs
# Install pm2
npm i -g pm2
# Here is a helloworld node.js app.js
const http = require('http');
http.createServer(function(request, response) {
response.writeHead(200, {'Content-Type': 'text/plain'});
response.end("Hello, World!\n");
}).listen(process.env.PORT);
console.log('7001');
# create a virtual server and place the app.js file then run the following commands to activate it
sudo -u $user pm2 start app.js
sudo -u $user pm2 save
sudo -u $user pm2 startup
# then proxypass requests in apache to the app
ProxyPass / http://127.0.0.1:7001/ timeout=60
ProxyPassReverse / http://127.0.0.1:7001/
sudo yum-config-manager --add-repo=https://negativo17.org/repos/epel-multimedia.repo
yum install ffmpeg -y
Subscribe to:
Posts (Atom)
-
This post shows how to configure a mail proxy server to connect clients in an intranet to an external mail server. I will use SSL offloading... -
An updated version of this post is available here . I use this tutorial to setup RemoSIM.com product for customers. RasPBX – Asterisk for ... -
I use this tutorial to setup RemoSIM.com product for customers. To do: - Add instructions for enabling fail2ban for asterisk - Fix the fre...