yum -y install httpd php mysql mysql-server php-mysql

 
2. Configure the daemons to start automatically after server restart

     chkconfig httpd on
     chkconfig mysqld on

start them now

     service httpd start
     service mysqld start

 
3. Very important to set up the MySQL root account password. Without it, anyone on the server can login to MySQL as database root. The MySQL root account is not the same system root account that we know.
From the security perspective it is better to give it a different password from one we have for our system root account.

     mysqladmin -u root password 'new-password'
     // quotes are required

 
4. Here is an additional security related changes for MySQL.

     mysql -u root -p
     // login

     mysql> DROP DATABASE test;
     // delete the test database, we don't need it at all
     mysql> DELETE FROM mysql.user WHERE user = '';
     // removes anonymous user access
     mysql> FLUSH PRIVILEGES;
     // reset privilegies

 
5. the HTTP root folder after the default Fedora Apache installation is /var/www/html/
Let’s create a script to make shore that PHP is working.
write the folowing line to the file with any text editor,
save it as index.php and place it in the document root /var/www/html/

now open your browser on the server and go to http://localhost to check it out.

6. To create MySQL database and MySQL user for it, that you can use for PHP scripts.
execute the following in the MySQL terminal

     mysql> CREATE DATABASE my_db;
     mysql> GRANT ALL PRIVILEGES ON my_db.* TO 'myuser'@'localhost' IDENTIFIED BY 'password';
     // the GRANT statement will create a new MySQL user account.

Feel free to contact us in case of any support required.
Good Luck

   in sysctl:
           sysctl kern.maxfiles=90000
           sysctl kern.maxfilesperproc=80000
           sysctl net.inet.tcp.blackhole=2
           sysctl net.inet.udp.blackhole=1
           sysctl kern.polling.burst_max=1000
           sysctl kern.polling.each_burst=50
           sysctl kern.ipc.somaxconn=32768
           sysctl net.inet.tcp.msl=3000
           sysctl net.inet.tcp.maxtcptw=40960
           sysctl net.inet.tcp.nolocaltimewait=1
           sysctl net.inet.ip.portrange.first=1024
           sysctl net.inet.ip.portrange.last=65535
           sysctl net.inet.ip.portrange.randomized=0

in nginx configuration:
 

           worker_processes 1;
           worker_rlimit_nofile 80000;
           events {
               worker_connections 50000;
           }

           server_tokens off;
           log_format IP `$remote_addr';
           reset_timedout_connection on;

           listen  xx.xx.xx.xx:80  default rcvbuf=8192 sndbuf=16384 backlog=32000 accept_filter=httpready;

In the following way it is possible to realize filtration of url, in example for POST
index.php?action=login which is with empty referral.

           set $add 1;
           location /index.php {
                   limit_except GET POST {
                        deny all;
               }
               set $ban "";
               if ($http_referer = "" ) {set $ban $ban$add;}
               if ($request_method = POST ) {set $ban $ban$add;}
               if ($query_string = "action=login" ){set $ban $ban$add;}
               if ($ban = 111 ) {
                   access_log /var/log/[133]nginx/ban IP;
                   return 404;
               }
               proxy_pass http://127.0.0.1:8000; #here is a patch
           }

Further we cut it at pf level – loaded into IP table, hosts from which came too many hits.
PF with tables works very quickly. Sources for parsing of logs (ddetect) you can find on http://www.comsys.com.ua/files
Then Cron used once in a minute, to add into ip tables new IPs from a log.
25 Mbyte DDoS, which cuts IPs, the rests fall on nginx which by it is criterion pass IPs and the rests passed on the apache – LA 0, site works.