下载相应的源代码：apache1,tomcat4,mysql,apr.jdk

1,安装MYSQL4数据库：

#tar –zxvf mysql-4.tar.gz
#groupadd mysql
#useradd -g mysql mysql
#cd mysql-4
#./configure –prefix=/usr/local/mysql
#make;make install
#scripts/mysql_install_db
#chown -R root /usr/local/mysql
#chown -R mysql /usr/local/mysql/var
#chgrp -R mysql /usr/local/mysql
#cp /usr/local/mysql/share/mysql/my-medium.cnf /etc/my.cnf
#/usr/local/mysql/bin/mysqld_safe --user=mysql &
#/usr/local/mysql/bin/mysql

-->show databases;
-->exit;

#/usr/local/mysql/bin/mysqladmin -u root password your_new_password

MYSQL安装已经完成

2，安装APACHE1服务器：

#tar -zxvf apache1.tar.gz
#cd apache1
#./configure --prefix=/usr/local/apache --enable-module=so
#make;make install
#vi /usr/local/apache/conf/httpd.conf

servername:yourip

保存并退出

3安装TOMCAT4

(1)安装JDK

#cd /usr/local
#sh jdk-1.2.2-RC4-linux-i386-glibc-2.1.2.sh
#ln –s jdk-1.2.2 /usr/local/jdk
#ln –s jdk-1.2.2 /usr/local/jre

(2)设置TOMCAT运行环境

#vi /root/.bash_profile

在此文件后加入下面

JAVA_HOME=/usr/local/jdk
export JAVA_HOME
CLASSPATH=/usr/local/jdk/lib:/usr/local/jre/lib
export CLASSPATH
CATALINA_HOME=/usr/local/tomcat
export CATALINA_HOME
PATH=$PATH:/usr/local/jdk/bin:/usr/local/jre/bin

保存并退出

(3)安装TOMCAT4

#tar –zxvf jakarta-tomcat4.tar.gz
#mv jakarta-tomat tomcat

a.测试TOMCAT运行情况

#lynx localhost:8080

b.生成mod_webapp.so

#tar -zxvf jakarta-tomcat.connnerts-src.tar.gz
#tar -zxvf apr_APACHE_2.0.35.tar.gz
#mv -r apr /usr/local/tomcat.connerts-src/webapp/
#cd /usr/local/tomcat.connerts-src/webapp/
#support/buildconf.sh
#./configure --with-apxs=/usr/local/apache/bin/apxs
#make

4.联合APACHE1+TOMCAT4

#cp apache-1.3/mod_webapp.so /usr/local/apache/libexec/
#vi /usr/local/apache/conf/httpd.conf
修改
DirectoryIndex index.jsp index.html
Options Indexes MultiViews  Options MultiViews
加入
LoadModule webapp_module libexec/mod_webapp.so
WebAppConnection warpConnection warp localhost:8008
WebAppDeploy examples warpConnection /examples/
WebAppInfo /webapp-info
保存并退出
#/usr/local/apache/bin/apachectl configtest
Syntax OK
#/usr/local/apache/bin/apachectl start
#/usr/local/tomcat/webapps/examples/index.jsp
#vi /usr/local/tomcat/webapps/examples/index.jsp
2 + 2 = <%= 2 + 2 %>
保存并退出
#chmod 755 /usr/local/tomcat/webapps/examples/index.jsp
#nohup /usr/local/tomcat/bin/startup.sh

5.测试

打开浏览器键入http://localhost/examples/ 如出现
2+2=4
即联合成功。

6.创建mysql,apache,tomcat自启动

＃vi /etc/rc.d/rc.local

/usr/local/mysql/bin/mysqld_safe --user=mysql &
/usr/local/apache/bin/apachectl start
/usr/local/tcstart.sh

保存并退出

#touch /etc/init.d/tomcat
＃chmod 755 /etc/init.d/tomcat
＃useradd -d /usr/local/ tomcat
#vi /etc/init.d/tomcat

#!/bin/bash
#
# tomcat Starts Tomcat Java server.
#
#
# chkconfig: 345 88 12
# description: Tomcat is the server for Java servlet applications.
### BEGIN INIT INFO
# Provides: $tomcat
### END INIT INFO

# Source function library.
. /etc/init.d/functions

[ -f /usr/local/tcstart.sh ] || exit 0
[ -f /usr/local/tcstop.sh ] || exit 0

RETVAL=0

umask 077

start() {
echo -n $"Starting Tomcat Java server: "
daemon su -c /usr/local/tcstart.sh tomcat
echo
return $RETVAL
}
stop() {
echo -n $"Shutting down Tomcat Java server: "
daemon su -c /usr/local/tcstop.sh tomcat
echo
return $RETVAL
}
restart() {
stop
start
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart|reload)
restart
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
esac

exit $?

保存并退出

#touch /usr/local/tcstart.sh

#!/bin/bash
export JDK_HOME=/usr/local/jsdk
export JAVA_HOME=/usr/local/jsdk
#startup tomcat server
/usr/local/tomcat/bin/startup.sh

保存并退出

#chmod 755 /usr/local/tcstart.sh

7.创建安全的科威WEB运行环境

(1).阻止你的系统响应任何从外部/内部来的ping请求

#vi /etc/rc.d/rc.local
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all

(2).减少系统CPU占有量和由于误操作导致系统重启

#vi /etc/inittab

id:3:initdefault:
# Run gettys in standard runlevels
1:2345:respawn:/sbin/mingetty tty1
2:2345:respawn:/sbin/mingetty tty2
#3:2345:respawn:/sbin/mingetty tty3
#4:2345:respawn:/sbin/mingetty tty4
#5:2345:respawn:/sbin/mingetty tty5
#6:2345:respawn:/sbin/mingetty tty6
#ca::ctrlaltdel:/sbin/shutdown -t3 -r now

保存并退出

(3). 删除不必要的拥护和组

#userdel –r username
adm,lp,sync,shutdown,halt,mail,procmail,mailx,news,uucp,operator,games,gopher,ftp
#groupdel groupname
adm,lp,sync,shutdown,halt,mail,procmail,mailx,news,uucp,operator,games,gopher,ftp
(4). 创建ftp账户

#groupadd su
#useradd –g su –d /usr/local/apache/htdocs webserver

(5). 用chattr命令给下面的文件加上不可更改属性。

[root@deep]# chattr +i /etc/passwd
[root@deep]# chattr +i /etc/shadow
[root@deep]# chattr +i /etc/group
[root@deep]# chattr +i /etc/gshadow

(6).禁止任何人(非法)通过su命令改变为root用户

#vi /etc/pam.d/su

auth sufficient /lib/security/pam_rootok.so debug
auth required /lib/security/pam_wheel.so group=sul

保存并退出
这样之后，只有su组成员可以改变为root用户

(7).资源限制防止DoS类型攻击

#vi /etc/security/limits.conf
在这个文件后加入下面
* hard core 0
* hard rss 5000
* hard nproc 20
保存并退出
#vi /etc/pam.d/login
在这个文件后加入下面
session required /lib/security/pam_limits.so
保存并退出
至此，科威服务器已组建成功，即现在的http://www.zznk.net.