搭建WordPress(LAMP环境)

孔 宪道 2021年9月23日 0 Comments

1.LAMP环境安装

  • 本例中系统Debian11

sudo apt update && sudo apt upgrade

sudo apt install -y apache2 apache2-utils mariadb-server mariadb-client php7.4 php7.4-fpm libapache2-mod-php7.4 php7.4-mysql php7.4-mbstring php7.4-cli php7.4-xml php7.4-common php7.4-gd php7.4-bcmath php7.4-json php7.4-opcache php7.4-readline php7.4-curl php7.4-zip unzip

运行MariaDB前首次配置

sudo mysql_secure_installation

php-handler配置,如需要将来启用HTTP/2,php-handler需切换为php-fpm

sudo a2dismod php7.4
sudo a2dismod mpm_prefork
sudo a2enmod mpm_event proxy_fcgi setenvif
sudo a2enconf php7.4-fpm

2.下载并配置wordpress

wget https://wordpress.org/latest.zip && sudo unzip latest.zip -d /var/www/

为wordpress创建数据库

sudo mariadb -u root

create database wordpress;
grant all privileges on wordpress.* to wpuser@localhost identified by 'your-password';
flush privileges;
exit;

配置wordpress

sudo cp /var/www/wordpress/wp-config-sample.php /var/www/wordpress/wp-config.php

sudo sed -i 's/database_name_here/wordpress/g' /var/www/wordpress/wp-config.php
sudo sed -i 's/username_here/wpuser/g' /var/www/wordpress/wp-config.php
sudo sed -i 's/password_here/your-password/g' /var/www/wordpress/wp-config.php

为确保Apache2有权限写入wordpress根目录,需修改wordpress根目录所有者

sudo chown www-data:www-data /var/www/wordpress/ -R

3.配置Apache2

签发ECC+RSA双TLS证书

创建Apache2配置文件

sudo touch /etc/apache2/sites-available/wordpress.conf

将以下内容粘贴进/etc/apache2/sites-available/wordpress.conf

<VirtualHost *:80>
    RewriteEngine On
    RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
    RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
</VirtualHost>
<VirtualHost *:443>
    SSLEngine on
    SSLCertificateFile      /path/yourdomain.com.crt
    SSLCertificateKeyFile   /path/yourdomain.com.key
    Protocols h2 http/1.1
    Header always set Strict-Transport-Security "max-age=63072000"
        ServerName yourdomain.com
        ServerAlias www.yourdomain.com
        DocumentRoot /var/www/wordpress
        #This enables .htaccess file, which is needed for WordPress Permalink to
        <Directory "/var/www/wordpress">
             AllowOverride All
        </Directory>
        ErrorLog ${APACHE_LOG_DIR}/wordpress.error.log
        CustomLog ${APACHE_LOG_DIR}/wordpress.access.log combined
</VirtualHost>
SSLProtocol             all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite          ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305
SSLHonorCipherOrder     on
SSLSessionTickets       off
SSLUseStapling On
SSLStaplingCache "shmcb:logs/ssl_stapling(32768)"

测试apache2配置文件是否出错

sudo apache2ctl configtest

启用模块

sudo a2enmod rewrite
sudo a2enmod headers
sudo a2enmod ssl
sudo a2enmod http2

禁用apache2默认页面,启用wordpress配置

sudo a2dissite 000-default
sudo a2dissite default-ssl.conf
sudo a2ensite wordpress
sudo systemctl reload apache2