Apache2.4.41\u304c\u30ea\u30ea\u30fc\u30b9<\/a>\u3055\u308c\u3066\u3044\u305f\u306e\u3067\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u3066\u307f\u307e\u3057\u305f\u3002Apache\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u30a2\u30c3\u30d7\u81ea\u4f53\u304c\u8da3\u5473\u306b\u306a\u308a\u3064\u3064\u3042\u308a\u307e\u3059\u7b11\u3002<\/p>\n \u8a18\u4e8b\u306b\u306f\u6295\u7a3f\u305b\u305a\u306b\u3001\u3059\u3067\u306bOpenSSL1.1.1c\u3068PHP7.3.8\u306f\u73fe\u6642\u70b9\u306e\u6700\u65b0\u7248\u306b\u8ffd\u5f93\u3057\u3066\u3044\u307e\u3057\u305f\u304c\u3001\u307e\u3068\u3081\u3066\u8a18\u8f09\u3057\u3066\u304a\u304d\u307e\u3059\u3002Ngttp2\u306f\u4eca\u56de1.37.0\u21921.39.1\u306b\u30d0\u30fc\u30b8\u30e7\u30f3\u30a2\u30c3\u30d7\u3057\u307e\u3059\u3002<\/p>\n \u307e\u305f\u3001\u3044\u3064\u3082\u306e\u3088\u3046\u306b\u4f5c\u696d\u4e2d\u3067\u3082\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u3088\u3046\u306b\u3001\u4ee3\u66ff\u306ehttpd\u3092\u7acb\u3061\u4e0a\u3052\u3066\u304a\u304d\u307e\u3059\u3002<\/p>\n <\/p>\n <\/p>\n OpenSSL 1.1.1c\u306f \/usr\/local\/ssl \u914d\u4e0b\u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u3066\u3042\u308b\u306e\u3067\u3001env\u3067\u6307\u5b9a\u3057\u307e\u3059\u3002<\/p>\n <\/p>\n —prefix=\/usr\/local\/httpd4 \u3068\u3059\u308b\u3053\u3068\u3067\u300chttpd4\u300d\u306e\u30d5\u30a9\u30eb\u30c0\u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u307e\u3059\u30022.4.39\u304chttpd4\u3067\u3057\u305f\u304c\u3001\u6163\u308c\u3066\u304d\u305f\u306e\u3067\u4eca\u56de\u306f\u4e0a\u66f8\u304d\u3057\u3066\u3057\u307e\u3044\u307e\u3059\u3002<\/p>\n \u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u305f\u3089Apache\u306e\u8a2d\u5b9a\u3002httpd.conf\u306e\u8a72\u5f53\u7b87\u6240\u3092\u6709\u52b9\u5316\u3001\u8ffd\u8a18\u30fb\u4fee\u6b63\u3057\u307e\u3059\u3002<\/p>\n mpm_event\u306e\u8a2d\u5b9a<\/p>\n HTTPS\u306e\u8a2d\u5b9a\u3002httpd-ssl.conf\u3092\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u8ffd\u8a18\u30fb\u4fee\u6b63\u3057\u307e\u3059\u3002\u6700\u8fd1SSL Labs<\/a>\u306e\u5224\u5b9a\u304c\u53b3\u3057\u3044\u306e\u3067\u3001TLS 1.2\u3001TLS 1.3\u306e\u7dd1\u8272\u306b\u306a\u308b\uff08Weak\u6271\u3044\u3055\u308c\u306a\u3044\uff09\u6697\u53f7\u30b9\u30a4\u30fc\u30c8\u3060\u3051\u6b8b\u3057\u307e\u3059\u3002\u3053\u308c\u306b\u3088\u3063\u3066\u5f53Blog\u30b5\u30a4\u30c8\u95b2\u89a7\u7aef\u672b\u3068\u3057\u3066iOS 8\u4ee5\u4e0b\u3068MacOS 10.10 (Yosemite)\u4ee5\u4e0b\u3001\u305d\u3057\u3066Windows Phone 8.1\u4ee5\u4e0b\u304c\u5207\u308a\u6368\u3066\u3089\u308c\u307e\u3059<\/strong>\u304c\u76ee\u3092\u3064\u3080\u308b\u3053\u3068\u306b\u3057\u307e\u3059\u3002\u3061\u306a\u307f\u306bTLS 1.1\u4ee5\u4e0b\u3092\u4e0d\u8a31\u53ef\u306b\u3057\u3066\u3044\u308b\u306e\u3067Android4.3\u4ee5\u4e0b\u306f\u5f53\u521d\u304b\u3089\u975e\u5bfe\u5fdc\u3067\u3059\u3002<\/p>\n HTTP\u30d0\u30fc\u30c1\u30e3\u30eb\u30db\u30b9\u30c8\u306e\u8a2d\u5b9a<\/p>\n HTTPS\u30d0\u30fc\u30c1\u30e3\u30eb\u30db\u30b9\u30c8\u306e\u8a2d\u5b9a<\/p>\n Require not ip \u306f\u3001\u5fc5\u8981\u306b\u5fdc\u3058\u3066\u5236\u9650\u3057\u305f\u3044IP\u30a2\u30c9\u30ec\u30b9\u7bc4\u56f2\u3092\u6307\u5b9a\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n <\/p>\n \u300csystemctl start httpd4\u300d\u3067\u8d77\u52d5\u3067\u304d\u308b\u3088\u3046\u306b\u3001httpd4 \u3068\u3044\u3046\u540d\u524d\u306e\u30b5\u30fc\u30d3\u30b9\u3068\u3057\u3066\u767b\u9332\u3057\u307e\u3059\u3002reload=graceful<\/a>\u52d5\u4f5c\u3067\u3059\u3002\u4eca\u56de\u306f2.4.39\u306ehttpd4\u3092\u4f7f\u3044\u307e\u308f\u3057\u305f\u306e\u3067\u3068\u304f\u306b\u5bfe\u5fdc\u306f\u5fc5\u8981\u3042\u308a\u307e\u305b\u3093\u3002<\/p>\n <\/p>\n –with-apxs2=[dir]\u3067PHP\u3068Apache\u3092\u3001–with-openssl=[dir]\u3067PHP\u3068OpenSSL\u3092\u3001–with-mysql-sock=[dir]\u3067PHP\u3068mySQL\u3092\u7d50\u3073\u3064\u3051\u307e\u3059\u3002<\/p>\n <\/p>\n Redmine\u3092\u52d5\u304b\u3055\u306a\u3044\u5834\u5408\u306f\u98db\u3070\u3057\u3066\u3044\u305f\u3060\u3044\u3066\u554f\u984c\u3042\u308a\u307e\u305b\u3093\u3002httpd4\u3092\u4e0a\u66f8\u304d\u3057\u305f\u306e\u3067\u4eca\u56de\u306f\u518d\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u4e0d\u8981\u3067\u3057\u305f\u3002<\/p>\n <\/p>\n <\/p>\n <\/p>\n httpd4\u3092\u8d77\u52d5\u3057\u3066SSL Labs\u3067HTTPS\u306e\u691c\u8a3c<\/a>\u3092\u884c\u3044\u3001\u7121\u4e8bApache 2.4.41\/OpenSSL 1.1.1c\/PHP 7.3.8\/(Passenger 6.0.2)<\/strong>\u306e\u74b0\u5883\u306b\u3066\u3001\u52d5\u4f5c\u304c\u78ba\u8a8d\u3067\u304d\u307e\u3057\u305f\uff01 <\/p>\n","protected":false},"excerpt":{"rendered":" CentOS7\u306bApache2.4.41+OpenSSL1.1.1c+PHP7.3.8\u3092\u30bd\u30fc\u30b9\u304b\u3089\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb Apache2.4.41\u304c\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u3066\u3044\u305f\u306e\u3067\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u3066\u307f\u307e\u3057\u305f\u3002Apache\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u30a2\u30c3\u30d7\u81ea\u4f53 … \u7d9a\u304d\u3092\u8aad\u3080 Apache2.4.41 + OpenSSL1.1.1c\u3092\u30bd\u30fc\u30b9\u304b\u3089\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/span> $ sudo -i\r\n# systemctl stop httpd4\r\n# systemctl start httpd<\/pre>\n
<\/h4>\n
1. OpenSSL 1.1.1c \u3092 \/usr\/local\/ssl \u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/h4>\n
# yum -y groupinstall base\r\n# yum -y groupinstall development\r\n# yum -y update\r\n# yum -y install zlib-devel\r\n# yum -y install perl-core\r\n# cd \/usr\/local\/src\/\r\n# wget https:\/\/www.openssl.org\/source\/openssl-1.1.1c.tar.gz\r\n# tar xvfz openssl-1.1.1c.tar.gz\r\n# cd openssl-1.1.1c\r\n# .\/config --prefix=\/usr\/local\/ssl --openssldir=\/usr\/local\/ssl shared zlib\r\n# make depend\r\n# make\r\n# make test\r\n# make install\r\n# ln -s \/usr\/local\/ssl\/lib\/libcrypto.so.1.1 \/lib64\/libcrypto.so.1.1 (\u521d\u3081\u3066\u306e\u3068\u304d)\r\n# ln -s \/usr\/local\/ssl\/lib\/libssl.so.1.1 \/lib64\/libssl.so.1.1 (\u521d\u3081\u3066\u306e\u3068\u304d)\r\n# echo \/usr\/local\/ssl\/lib > \/etc\/ld.so.conf.d\/openssl111c.conf\r\n# ldconfig\r\n# \/usr\/local\/ssl\/bin\/openssl version<\/pre>\n
<\/h4>\n
2. Ngttp2\u3068Brotli\u3092 \/usr\/local\/lib \u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/h4>\n
2.1. Ngttp2 1.39.1\uff08libnghttp2\uff09<\/h5>\n
# yum -y install jansson-devel\r\n# yum -y install libev-devel\r\n# yum -y install c-ares-devel\r\n# yum -y install centos-release-scl\r\n# yum -y install devtoolset-7\r\n# scl enable devtoolset-7 bash\r\n# cd \/usr\/local\/src\/\r\n# wget https:\/\/github.com\/nghttp2\/nghttp2\/releases\/download\/v1.39.1\/nghttp2-1.39.1.tar.gz\r\n# tar xvzf nghttp2-1.39.1.tar.gz\r\n# cd nghttp2-1.39.1\/\r\n# env OPENSSL_CFLAGS=\"-I\/usr\/local\/ssl\/include\" OPENSSL_LIBS=\"-L\/usr\/local\/ssl\/lib -lssl -lcrypto\" .\/configure -enable-app\r\n# make\r\n# make install<\/pre>\n
2.2. Brotli 1.0.7<\/h5>\n
# yum -y install cmake\r\n# cd \/usr\/local\/src\/\r\n# wget https:\/\/github.com\/google\/brotli\/archive\/v1.0.7.tar.gz\r\n# tar xvzf v1.0.7.tar.gz\r\n# cd brotli-1.0.7\/\r\n# mkdir out && cd out\r\n# ..\/configure-cmake\r\n# make\r\n# make test\r\n# make install\r\n# echo \/usr\/local\/lib > \/etc\/ld.so.conf.d\/usr-local-lib.conf\r\n# ldconfig<\/pre>\n
<\/h5>\n
3. Apache 2.4.41 \u3092 \/usr\/local\/httpd4 \u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/h4>\n
3.1. APR 1.7.0<\/h5>\n
# cd \/usr\/local\/src\/\r\n# wget http:\/\/ftp.jaist.ac.jp\/pub\/apache\/\/apr\/apr-1.7.0.tar.gz\r\n# tar xvzf apr-1.7.0.tar.gz\r\n# cd apr-1.7.0\/\r\n# .\/configure\r\n# make\r\n# make install<\/pre>\n
3.2. APR-util 1.6.1<\/h5>\n
# cd \/usr\/local\/src\/\r\n# wget http:\/\/ftp.jaist.ac.jp\/pub\/apache\/\/apr\/apr-util-1.6.1.tar.gz\r\n# tar xvzf apr-util-1.6.1.tar.gz\r\n# cd apr-util-1.6.1\/\r\n# .\/configure --with-apr=\/usr\/local\/apr\r\n# make\r\n# make install<\/pre>\n
3.3. Apache 2.4.41<\/h5>\n
# cd \/usr\/local\/src\/\r\n# wget http:\/\/ftp.jaist.ac.jp\/pub\/apache\/\/httpd\/httpd-2.4.41.tar.gz\r\n# tar xvzf httpd-2.4.41.tar.gz\r\n# cd httpd-2.4.41\/\r\n# .\/configure \\\r\n--prefix=\/usr\/local\/httpd4 \\\r\n--enable-http2 \\\r\n--enable-brotli \\\r\n--with-brotli=\/usr\/local\/lib \\\r\n--enable-ssl \\\r\n--with-ssl=\/usr\/local\/ssl \\\r\n--with-apr=\/usr\/local\/apr \\\r\n--with-apr-util=\/usr\/local\/apr \\\r\n--enable-so \\\r\n--enable-mods-shared=all \\\r\n--enable-mpms-shared=all\r\n# make\r\n# make install<\/pre>\n
# cd \/usr\/local\/httpd4\/conf\r\n# vi httpd.conf\r\n-----------------------------------------\r\n# for Brotli\r\nLoadModule brotli_module modules\/mod_brotli.so\r\nLoadModule mpm_event_module modules\/mod_mpm_event.so\r\n#LoadModule mpm_prefork_module modules\/mod_mpm_prefork.so\r\n#LoadModule mpm_worker_module modules\/mod_mpm_worker.so\r\n# for HTTPS\r\nLoadModule ssl_module modules\/mod_ssl.so\r\nLoadModule socache_shmcb_module modules\/mod_socache_shmcb.so\r\n# for HTTP\/2\r\nLoadModule http2_module modules\/mod_http2.so\r\n# for VirtualHost\r\nLoadModule vhost_alias_module modules\/mod_vhost_alias.so\r\n# for Rewrite\r\nLoadModule rewrite_module modules\/mod_rewrite.so\r\n# for php-fpm\r\nLoadModule proxy_module modules\/mod_proxy.so\r\nLoadModule proxy_fcgi_module modules\/mod_proxy_fcgi.so\r\n# for gZip\r\nLoadModule deflate_module modules\/mod_deflate.so\r\n# for cash expire\r\nLoadModule expires_module modules\/mod_expires.so\r\n.\r\n.\r\nUser apache\r\nGroup apache\r\n.\r\n.\r\n# for cash expire\r\n<IfModule mod_expires.c>\r\n <filesMatch \".(jpg|jpeg|png|gif|swf|js|css)$\">\r\n ExpiresActive On\r\n ExpiresDefault \"access plus 30 days\"\r\n <\/filesMatch>\r\n<\/IfModule>\r\n.\r\n.\r\n<IfModule dir_module>\r\n # index.php\u8ffd\u52a0\uff08WordPress\u306b\u5fc5\u8981\uff09\r\n #DirectoryIndex index.html\r\n DirectoryIndex index.html index.php\r\n<\/IfModule>\r\n.\r\n.\r\n# php\u8ffd\u52a0\r\nAddType application\/x-httpd-php .php\r\nAddType application\/x-httpd-php-source .phps\r\n.\r\n.\r\nInclude conf\/extra\/httpd-mpm.conf\r\n.\r\n.\r\n# Virtual hosts\uff08http\u7528\u3001https\u7528\u306f\u5206\u3051\u3066\u8a2d\u5b9a\u3057\u307e\u3059\uff09\r\n#Include conf\/extra\/httpd-vhosts.conf\r\nInclude conf\/extra\/httpd-vhosts-http.conf\r\nInclude conf\/extra\/httpd-vhosts-https.conf\r\n.\r\n.\r\nInclude conf\/extra\/httpd-ssl.conf\r\n-----------------------------------------\r\n:wq<\/pre>\n
# cd extra\r\n# vi httpd-mpm.conf \r\n-----------------------------------------\r\n.\r\n.\r\n<IfModule mpm_event_module>\r\n StartServers 2\r\n MinSpareThreads 4\r\n MaxSpareThreads 4\r\n ThreadsPerChild 8\r\n MaxRequestWorkers 8\r\n MaxConnectionsPerChild 100\r\n<\/IfModule>\r\n.\r\n.\r\n-----------------------------------------\r\n:wq\r\n<\/pre>\n
# vi httpd-ssl.conf\r\n-----------------------------------------\r\n.\r\n.\r\n# \u5e38\u6642SSL\r\nHeader set Strict-Transport-Security \"max-age=31536000; includeSubDomains; preload\"\r\nHeader edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure\r\nHeader always set X-Frame-Options SAMEORIGIN\r\nHeader always set X-Content-Type-Options nosniff\r\n.\r\n.\r\n# \u660e\u793a\u7684\u306bSSL\u5727\u7e2e\u3092OFF\r\nSSLCompression off\r\n.\r\n.\r\nSSLCipherSuite \"TLS_AES_256_GCM_SHA384 \\\r\nTLS_CHACHA20_POLY1305_SHA256 \\\r\nECDHE-RSA-AES128-GCM-SHA256 \\\r\nECDHE-RSA-AES256-GCM-SHA384 \\\r\nDHE-RSA-AES128-GCM-SHA256 \\\r\nDHE-RSA-AES256-GCM-SHA384\r\n\r\nSSLProxyCipherSuite \"TLS_AES_256_GCM_SHA384 \\\r\nTLS_CHACHA20_POLY1305_SHA256 \\\r\nECDHE-RSA-AES128-GCM-SHA256 \\\r\nECDHE-RSA-AES256-GCM-SHA384 \\\r\nDHE-RSA-AES128-GCM-SHA256 \\\r\nDHE-RSA-AES256-GCM-SHA384 \r\n.\r\n.\r\nSSLProtocol all -SSLv3 -TLSv1 -TLSv1.1\r\nSSLProxyProtocol all -SSLv3 -TLSv1 -TLSv1.1\r\n.\r\n.\r\n# for OCSP\r\nSSLUseStapling on\r\nSSLStaplingResponderTimeout 5\r\nSSLStaplingReturnResponderErrors off\r\nSSLStaplingCache shmcb:\/var\/run\/ocsp(128000)\r\n.\r\n.\r\n#ServerName www.example.com:443\r\n#ServerAdmin you@example.com\r\n.\r\n.\r\nSSLEngine on\r\n #Include \/etc\/letsencrypt\/options-ssl-apache.conf\r\n SSLCertificateFile \/etc\/letsencrypt\/live\/ji0vwl.net\/cert.pem\r\n SSLCertificateKeyFile \/etc\/letsencrypt\/live\/ji0vwl.net\/privkey.pem\r\n SSLCertificateChainFile \/etc\/letsencrypt\/live\/ji0vwl.net\/chain.pem\r\n.\r\n.\r\n#SSLCertificateFile \"\/usr\/local\/httpd4\/conf\/server.crt\"\r\n.\r\n.\r\n#SSLCertificateKeyFile \"\/usr\/local\/httpd4\/conf\/server.key\"\r\n-----------------------------------------\r\n:wq<\/pre>\n
# vi httpd-vhosts-http.conf\r\n-----------------------------------------\r\n<VirtualHost *:80>\r\n DocumentRoot \/var\/www\/html\r\n ServerName test.ji0vwl.net\r\n\r\n <Directory \"\/var\/www\/html\/\">\r\n Options FollowSymlinks Includes\r\n AllowOverride All\r\n AddType text\/html .html\r\n Require all granted\r\n <\/Directory>\r\n \r\n # HTTPS\u306b\u30ea\u30e9\u30a4\u30c8\u3059\u308b\u5834\u5408\u306f\u30b3\u30e1\u30f3\u30c8\u30a2\u30a6\u30c8\u89e3\u9664\r\n #RewriteEngine on\r\n #RewriteCond %{SERVER_NAME} =test.ji0vwl.net\r\n #RewriteRule ^ https:\/\/%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]\r\n<\/VirtualHost>\r\n-----------------------------------------\r\n:wq<\/pre>\n# vi httpd-vhosts-https.conf\r\n-----------------------------------------\r\n<IfModule mod_ssl.c>\r\n<VirtualHost *:443>\r\n DocumentRoot \/var\/www\/html\r\n ServerName test.ji0vwl.net\r\n \r\n # HTTP\/2\u6709\u52b9\u5316\uff08h2\u8ffd\u52a0\uff09\r\n Protocols h2 http\/1.1\r\n\r\n <Directory \"\/var\/www\/html\/\">\r\n Options FollowSymlinks Includes\r\n AllowOverride All\r\n AddType text\/html .html\r\n <RequireAll>\r\n Require not ip xxx.xxx yyy.yyy zzz.zzz.zzz\r\n Require all granted\r\n <\/RequireAll>\r\n <\/Directory>\r\n\r\n # SSL\u8a3c\u660e\u66f8\r\n SSLCertificateFile \/etc\/letsencrypt\/live\/ji0vwl.net\/fullchain.pem\r\n SSLCertificateKeyFile \/etc\/letsencrypt\/live\/ji0vwl.net\/privkey.pem\r\n #SSLCertificateFile \/etc\/letsencrypt\/live\/ji0vwl.net\/cert.pem\r\n #SSLCertificateChainFile \/etc\/letsencrypt\/live\/ji0vwl.net\/chain.pem\r\n\r\n # for gZip\u5727\u7e2e\r\n <IfModule mod_deflate.c>\r\n DeflateCompressionLevel 1\r\n <IfModule mod_filter.c>\r\n FilterDeclare COMPRESS\r\n FilterProvider COMPRESS DEFLATE \"%{CONTENT_TYPE} =~ m#^text\/#i\"\r\n FilterProvider COMPRESS DEFLATE \"%{CONTENT_TYPE} =~ m#^application\/(atom\\+xml|javascript|json|rss\\+xml|xml|xhtml\\+xml)#i\"\r\n FilterProvider COMPRESS DEFLATE \"%{CONTENT_TYPE} =~ m#^image\/(svg\\+xml|vnd\\.microsoft\\.icon)#i\"\r\n FilterChain COMPRESS\r\n FilterProtocol COMPRESS DEFLATE change=yes;byteranges=no\r\n <\/IfModule>\r\n <\/Ifmodule>\r\n\r\n # for Brotli\u5727\u7e2e\r\n <IfModule mod_brotli.c>\r\n SetOutputFilter BROTLI_COMPRESS\r\n SetEnvIfNoCase Request_URI \\.(?:gif|jpe?g|png)$ no-brotli\r\n\r\n BrotliCompressionQuality 5\r\n BrotliCompressionWindow 18\r\n\r\n BrotliFilterNote Input instream\r\n BrotliFilterNote Output outstream\r\n BrotliFilterNote Ratio ratio\r\n LogFormat '\"%r\" %{outstream}n\/%{instream}n (%{ratio}n%%)' brotli\r\n CustomLog \"logs\/brotli_log\" brotli\r\n <\/IfModule>\r\n\r\n # for dosdetector\r\n DoSDetection on\r\n DoSPeriod 60\r\n DoSThreshold 250\r\n DoSBanPeriod 60\r\n DoSTableSize 100\r\n RewriteEngine On\r\n RewriteCond %{ENV:SuspectDoS} =1\r\n RewriteRule .* - [R=503,L]\r\n ErrorDocument 503 \"<h1>Sorry, ji0vwl.net is busy.. Please access later.<\/h1>\"\r\n<\/VirtualHost>\r\n<\/IfModule>\r\n-----------------------------------------\r\n:wq\r\n<\/pre>\n<\/h4>\n
4. Apache 2.4.41 \u3092 httpd4.service \u306b\u767b\u9332<\/h4>\n
# vi \/etc\/systemd\/system\/httpd4.service\r\n-----------------------------------------\r\n[Unit]\r\nDescription=The Apache HTTP Server\r\nAfter=network.target remote-fs.target nss-lookup.target\r\n \r\n[Service]\r\nType=forking\r\nExecStart=\/usr\/local\/httpd4\/bin\/apachectl start\r\nExecReload=\/usr\/local\/httpd4\/bin\/apachectl graceful\r\nExecStop=\/usr\/local\/httpd4\/bin\/apachectl stop\r\n \r\n[Install]\r\nWantedBy=multi-user.target\r\n-----------------------------------------\r\n:wq<\/pre>\n
# systemctl daemon-reload\r\n# systemctl list-unit-files | grep httpd4<\/pre>\n
<\/h4>\n
5. PHP 7.3.8 \u3092 \/usr\/local\/php7.3.8 \u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b<\/h4>\n
# cd \/usr\/local\/src\r\n# yum -y install libxml2-devel systemd-devel libpng-devel libwebp libwebp-devel libwebp-tools\r\n# wget http:\/\/jp2.php.net\/get\/php-7.3.8.tar.gz\/from\/this\/mirror -O \/usr\/local\/src\/php-7.3.8.tar.gz\r\n# tar -xvzf php-7.3.8.tar.gz\r\n# cd php-7.3.8\r\n# .\/configure \\\r\n--prefix=\/usr\/local\/php7.3.8 \\\r\n--with-apxs2=\/usr\/local\/httpd4\/bin\/apxs \\\r\n--with-openssl=\/usr\/local\/ssl \\\r\n--with-mysql-sock=\/var\/lib\/mysql\/mysql.sock \\\r\n--with-mysqli \\\r\n--with-pdo-mysql \\\r\n--enable-mbstring \\\r\n--with-freetype-dir=\/usr \\\r\n--with-png-dir=\/usr \\\r\n--with-jpeg-dir=\/usr \\\r\n--with-webp-dir=\/usr \\\r\n--with-gd=shared \\\r\n--with-zlib \\\r\n--with-fpm-systemd \\\r\n--with-fpm-user=apache \\\r\n--with-fpm-group=apache \\\r\n--enable-gd-jis-conv \\\r\n--enable-fpm \\\r\n--enable-ftp\r\n# make\r\n# make install\r\n# libtool --finish \/usr\/local\/src\/php-7.3.8\/libs<\/pre>\n
<\/h4>\n
6. \u00a0Passenger 6.0.2 \u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/h4>\n
# gem install passenger\r\n# chmod o+x \"\/root\"\r\n# passenger-install-apache2-module --apxs2-path \"\/usr\/local\/httpd4\/bin\/apxs\" # \u3081\u3061\u3083\u304f\u3061\u3083\u6642\u9593\u304c\u304b\u304b\u308a\u307e\u3059\r\n1\r\n[Enter]\r\n\u25cfRuby\r\n\u25cfPython\r\n[Enter]\r\ny\r\n[Enter]\r\n.\r\n.\r\n.\r\n\u260530\u5206\u4ee5\u4e0a\u3002\u6c17\u9577\u306b\u5f85\u3061\u307e\u3057\u3087\u3046\u2605\r\n.\r\n.\r\n[Enter]\r\n[Enter]<\/pre>\n
7. \u4ee3\u66ff\u8d77\u52d5\u3057\u3066\u3044\u305fhttpd\u3092\u505c\u6b62\u30012.4.41\u306b\u4e0a\u66f8\u304d\u3057\u305fhttpd4\u3092\u8d77\u52d5<\/h4>\n
# systemctl stop httpd\r\n# systemctl start httpd4<\/pre>\n
\n<\/a><\/p>\n
![\n<\/a><\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":"CentOS7\u306bApache2.4.41+OpenSSL1.1.1c+PHP7.3.8\u3092\u30bd\u30fc\u30b9\u304b\u3089\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb Apache2.4.41\u304c\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u3066\u3044\u305f\u306e\u3067\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u3066\u307f\u307e\u3057\u305f\u3002Apache\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u30a2\u30c3\u30d7\u81ea\u4f53 … \u7d9a\u304d\u3092\u8aad\u3080 Apache2.4.41 + OpenSSL1.1.1c\u3092\u30bd\u30fc\u30b9\u304b\u3089\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/span> →<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2306","post","type-post","status-publish","format-standard","hentry","category-server"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/posts\/2306","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/comments?post=2306"}],"version-history":[{"count":0,"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/posts\/2306\/revisions"}],"wp:attachment":[{"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/media?parent=2306"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/categories?post=2306"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ji0vwl.net\/index.php\/wp-json\/wp\/v2\/tags?post=2306"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}](\"https:\/\/test.ji0vwl.net\/wp-content\/uploads\/2019\/01\/bf2e41e9ebf76b4d8f5e731583b8c902.png\"){kind=link}