10

Ubuntu 18 安装 Apache2,配置php 安装 wordpress

 3 years ago
source link: https://yjalifebook.com/ubuntu-18-%e5%ae%89%e8%a3%85-apache2%ef%bc%8c%e9%85%8d%e7%bd%aephp-%e5%ae%89%e8%a3%85-wordpress-%e5%b9%b6%e5%8a%a0%e4%b8%8a-fpm-%e5%85%a8%e8%bf%87%e7%a8%8b/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

如何在Ubuntu 18.04上用Apache安装WordPress

安装 apache2

sudo apt update
sudo apt install apache2
// check
sudo systemctl status apache2

申请 SSL

sudo apt update
sudo apt install certbot

生成强Dh(Diffie-Hellman)组

Diffie-Hellman密钥交换(DH)是一种在不安全的通信信道上安全地交换加密密钥的方法。我们将生成一组新的2048位DH参数以增强安全性:

sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048

获得让我们加密的SSL证书

要获取域的SSL证书,我们将使用Webroot插件,该插件的工作原理是在${webroot-path}/.well-known/acme-challenge目录中创建一个用于验证请求的域的临时文件。 Let’s Encrypt服务器向临时文件发出HTTP请求,以验证请求的域是否解析为certbot运行的服务器。

为简化起见,我们将针对.well-known/acme-challenge的所有HTTP请求映射到单个目录/var/lib/letsencrypt

sudo mkdir -p /var/lib/letsencrypt/.well-known
sudo chgrp www-data /var/lib/letsencrypt
sudo chmod g+s /var/lib/letsencrypt
sudo vim /etc/apache2/conf-available/letsencrypt.conf

letsencrypt.conf 文件内容

Alias /.well-known/acme-challenge/ "/var/lib/letsencrypt/.well-known/acme-challenge/"
<Directory "/var/lib/letsencrypt/">
    AllowOverride None
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    Require method GET POST OPTIONS
</Directory>
sudo vim /etc/apache2/conf-available/ssl-params.conf

ssl-params.conf 文件内容

SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
# for the problem of ssh in elementor of wordpress
Header always set X-Frame-Options SAMEORIGIN
Header always set X-Content-Type-Options nosniff
# Requires Apache >= 2.4
SSLCompression off
SSLUseStapling on
SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
# Requires Apache >= 2.4.11
SSLSessionTickets Off
SSLOpenSSLConfCmd DHParameters "/etc/ssl/certs/dhparam.pem"

启动相关模组

sudo a2enmod ssl
sudo a2enmod headers

启动配置文件

sudo a2enconf letsencrypt
sudo a2enconf ssl-params

启用HTTP / 2模块,这将使您的网站更快,更健壮:

sudo a2enmod http2

重启 apache2

sudo systemctl reload apache2

现在,我们可以运行带有Webroot插件的Certbot工具,并通过输入以下内容获取SSL证书文件:

sudo certbot certonly --agree-tos --email [email protected] --webroot -w /var/lib/letsencrypt/ -d example.com -d www.example.com

自动更新以加密SSL证书

sudo vim /etc/cron.d/certbot

cerbot 内容

0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(3600))' && certbot -q renew --renew-hook "systemctl reload apache2"
sudo certbot renew --dry-run

如果没有错误,则表示更新过程成功。

安装 WordPress

sudo apt update
sudo apt upgrade

安装 php

// http
// for wordpress
sudo apt install php7.2 php7.2-mysql
// for updraftPlus Backups
sudo apt install php7.2-xml php7.2-curl
// for alidswoo,字符处理
sudo apt install php7.2-mbstring
// Wordpres, media - edit image 图像处理
sudo apt install php7.2-gd
// 其实上面的代码就够了
sudo apt install php7.2 php7.2-cli php7.2-mysql php7.2-json php7.2-opcache php7.2-mbstring php7.2-xml php7.2-gd php7.2-curl
sudo systemctl restart apache2

下载 WordPress

cd /var/www/
sudo wget https://wordpress.org/latest.tar.gz
sudo tar xf latest.tar.gz
sudo mv wordpress/ example.com

配置 Apache2

sudo vim /etc/apache2/sites-available/example.com.conf

HTTP – /etc/apache2/sites-available/example.com.conf

<VirtualHost *:80>
	ServerAdmin [email protected]
	ServerName example.com
	ServerAlias www.example.com
	DocumentRoot /var/www/example.com
	ErrorLog ${APACHE_LOG_DIR}/example.com-error.log
	CustomLog ${APACHE_LOG_DIR}/example.com-access.log combined
	<Directory /var/www/example.com>
          Options FollowSymLinks
          AllowOverride All
          Require all granted
	</Directory>
</VirtualHost>

HTTPS – /etc/apache2/sites-available/example.com.conf

<VirtualHost *:80>
  ServerAdmin [email protected]
  ServerName example.com
  ServerAlias www.example.com
  Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost *:443>
  ServerName example.com
  ServerAlias www.example.com
  Protocols h2 http:/1.1
  <If "%{HTTP_HOST} == 'www.example.com'">
    Redirect permanent / https://example.com/
  </If>
  DirectoryIndex index.html index.php
  DocumentRoot /var/www/example.com
  ErrorLog ${APACHE_LOG_DIR}/example.com-error.log
  CustomLog ${APACHE_LOG_DIR}/example.com-access.log combined
  SSLEngine On
  SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
  SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
  <Directory /var/www/example.com>
      Options FollowSymLinks
      AllowOverride All
      Require all granted
  </Directory>
</VirtualHost>
sudo a2ensite example.com
sudo systemctl restart apache2
sudo a2enmod rewrite
apachectl configtest
sudo systemctl restart apache2

欢迎大家关顾我的Facebook主页「Y Life Book」以及我的公众微信号「不点语书」,我们下期见。


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK