Ubuntu 18 安装 Apache2,配置php 安装 wordpress
source link: https://yjalifebook.com/ubuntu-18-%e5%ae%89%e8%a3%85-apache2%ef%bc%8c%e9%85%8d%e7%bd%aephp-%e5%ae%89%e8%a3%85-wordpress-%e5%b9%b6%e5%8a%a0%e4%b8%8a-fpm-%e5%85%a8%e8%bf%87%e7%a8%8b/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
如何在Ubuntu 18.04上用Apache安装WordPress
安装 apache2
sudo apt update
sudo apt install apache2
// check
sudo systemctl status apache2
申请 SSL
sudo apt update
sudo apt install certbot
生成强Dh(Diffie-Hellman)组
Diffie-Hellman密钥交换(DH)是一种在不安全的通信信道上安全地交换加密密钥的方法。我们将生成一组新的2048位DH参数以增强安全性:
sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
获得让我们加密的SSL证书
要获取域的SSL证书,我们将使用Webroot插件,该插件的工作原理是在${webroot-path}/.well-known/acme-challenge
目录中创建一个用于验证请求的域的临时文件。 Let’s Encrypt服务器向临时文件发出HTTP请求,以验证请求的域是否解析为certbot运行的服务器。
为简化起见,我们将针对.well-known/acme-challenge
的所有HTTP请求映射到单个目录/var/lib/letsencrypt
。
sudo mkdir -p /var/lib/letsencrypt/.well-known
sudo chgrp www-data /var/lib/letsencrypt
sudo chmod g+s /var/lib/letsencrypt
sudo vim /etc/apache2/conf-available/letsencrypt.conf
letsencrypt.conf 文件内容
Alias /.well-known/acme-challenge/ "/var/lib/letsencrypt/.well-known/acme-challenge/"
<Directory "/var/lib/letsencrypt/">
AllowOverride None
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
Require method GET POST OPTIONS
</Directory>
sudo vim /etc/apache2/conf-available/ssl-params.conf
ssl-params.conf 文件内容
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
# for the problem of ssh in elementor of wordpress
Header always set X-Frame-Options SAMEORIGIN
Header always set X-Content-Type-Options nosniff
# Requires Apache >= 2.4
SSLCompression off
SSLUseStapling on
SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
# Requires Apache >= 2.4.11
SSLSessionTickets Off
SSLOpenSSLConfCmd DHParameters "/etc/ssl/certs/dhparam.pem"
启动相关模组
sudo a2enmod ssl
sudo a2enmod headers
启动配置文件
sudo a2enconf letsencrypt
sudo a2enconf ssl-params
启用HTTP / 2模块,这将使您的网站更快,更健壮:
sudo a2enmod http2
重启 apache2
sudo systemctl reload apache2
现在,我们可以运行带有Webroot插件的Certbot工具,并通过输入以下内容获取SSL证书文件:
sudo certbot certonly --agree-tos --email [email protected] --webroot -w /var/lib/letsencrypt/ -d example.com -d www.example.com
自动更新以加密SSL证书
sudo vim /etc/cron.d/certbot
cerbot 内容
0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(3600))' && certbot -q renew --renew-hook "systemctl reload apache2"
sudo certbot renew --dry-run
如果没有错误,则表示更新过程成功。
安装 WordPress
sudo apt update
sudo apt upgrade
安装 php
// http
// for wordpress
sudo apt install php7.2 php7.2-mysql
// for updraftPlus Backups
sudo apt install php7.2-xml php7.2-curl
// for alidswoo,字符处理
sudo apt install php7.2-mbstring
// Wordpres, media - edit image 图像处理
sudo apt install php7.2-gd
// 其实上面的代码就够了
sudo apt install php7.2 php7.2-cli php7.2-mysql php7.2-json php7.2-opcache php7.2-mbstring php7.2-xml php7.2-gd php7.2-curl
sudo systemctl restart apache2
下载 WordPress
cd /var/www/
sudo wget https://wordpress.org/latest.tar.gz
sudo tar xf latest.tar.gz
sudo mv wordpress/ example.com
配置 Apache2
sudo vim /etc/apache2/sites-available/example.com.conf
HTTP – /etc/apache2/sites-available/example.com.conf
<VirtualHost *:80>
ServerAdmin [email protected]
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/example.com
ErrorLog ${APACHE_LOG_DIR}/example.com-error.log
CustomLog ${APACHE_LOG_DIR}/example.com-access.log combined
<Directory /var/www/example.com>
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
HTTPS – /etc/apache2/sites-available/example.com.conf
<VirtualHost *:80>
ServerAdmin [email protected]
ServerName example.com
ServerAlias www.example.com
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
Protocols h2 http:/1.1
<If "%{HTTP_HOST} == 'www.example.com'">
Redirect permanent / https://example.com/
</If>
DirectoryIndex index.html index.php
DocumentRoot /var/www/example.com
ErrorLog ${APACHE_LOG_DIR}/example.com-error.log
CustomLog ${APACHE_LOG_DIR}/example.com-access.log combined
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
<Directory /var/www/example.com>
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
sudo a2ensite example.com
sudo systemctl restart apache2
sudo a2enmod rewrite
apachectl configtest
sudo systemctl restart apache2
欢迎大家关顾我的Facebook主页「Y Life Book」以及我的公众微信号「不点语书」,我们下期见。
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK