CentOS7系統建置WordPress網站
這篇記錄透過CentOS7安裝WordPress的指令。
Oracle登入centos帳戶: opc
AWS登入centos帳戶: centos
更新centos
sudo yum update
yum install -y wget yum-utils
分別執行
wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
wget http://rpms.remirepo.net/enterprise/remi-release-7.rpm
rpm -Uvh epel-release-latest-7.noarch.rpm
rpm -Uvh remi-release-7.rpm
移除下載檔案
rm epel-release-latest-7.noarch.rpm remi-release-7.rpm
指定php版本(這裡用php7.2當作示範)
yum-config-manager --enable remi-php72
開始安裝php7
yum install -y php php-mysqlnd php-pdo php-xml php-pear php-devel php-mbstring re2c gcc-c++ gcc
檢查php版本
php -v
yum localinstall mysql57-community-release-el7-7.noarch.rpm
yum install mysql-community-server
service mysqld start
查詢root資料庫密碼
cat /var/log/mysqld.log | grep "temporary password"
顯示預設root密碼(類似接續在root@localhost: 後面的cr&vzE%so4jb)
[Note] A temporary password is generated for root@localhost: cr&vzE%so4jb
mysql -u root -p
>cr&vzE%so4jb (預設的root資料庫使用者密碼)
修改root資料庫使用者密碼(這裡以Passw0rD%9作為範例)
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'Passw0rD%9';
新增一個網站用的資料庫(範例名稱wordpressdb)
mysql
> CREATE DATABASE wordpressdb DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
創建該資料庫(wordpressdb)的帳號(範例wordpressu)密碼(範例w0rdpR&8essU)
> GRANT ALL ON wordpressdb.* TO 'wordpressu'@'localhost' IDENTIFIED BY 'w0rdpR&8essU';
刷新設定值
> FLUSH PRIVILEGES;
離開資料庫設定
>\q
啟用Apache
systemctl start httpd
systemctl enable httpd
要新增網站的conf放置處為/etc/httpd/conf.d
vi /etc/httpd/conf.d/wordpress.conf
寫入內容
<VirtualHost *:80>
DocumentRoot /var/www/demoapheav8d
ServerName demo-aphe2.example.co
</VirtualHost>
<VirtualHost *:443>
DocumentRoot /var/www/demoapheav8d
ServerName demo-aphe2.example.co
SSLEngine On
SSLCertificateFile /var/www/ssl/demoapheav8d.crt
SSLCertificateKeyFile /var/www/ssl/demoapheav8d.key
SSLCertificateChainFile /var/www/ssl/demoapheav8d_ca.crt
SSLHonorCipherOrder On
SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128:AES256:AES:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK
</VirtualHost>
<Directory /var/www/demoapheav8d>
AllowOverride All
</Directory>
將www資料夾權限交給apache
cd /var
chown apache:apache -R www
先登入到非管理員帳戶下(範例為useraa帳戶名稱)
透過
whoami
查詢當前帳戶名稱,
輸入(注意useraa是範例的帳戶名稱)
sudo usermod -a -G apache centos
將當前帳戶加入apache的群組
接著更改群組讀寫權限
sudo chmod 775 /var/www -R
理論上該帳戶即可修改網站根目錄的檔案。
假設網站要放置在/var/www/demoapheav8d資料夾
mkdir /var/www/demoapheav8d/
cd /var/www/demoapheav8d
接著將檔案匯入該資料夾
假設網站憑證放置在/var/www/ssl資料夾
啟用SSL
yum install mod_ssl openssl
重啟apache
systemctl restart httpd
因為CentOS通常會啟用SELinux
如果修改ssh端口要注意一併開啟對應端口
設定指令如下(在root管理權限下設置)
semanage port -a -t ssh_port_t -p tcp 端口號碼
接著確認是否已經增加端口(理應出現該端口號碼)
semanage port -l|grep ssh
另外因為MySQL選擇的版本是5.7,
將會消耗較多的記憶體資源,
小於1GB的記憶體可能會導致mysql無法連接,
可以參考DigitalOcean這篇教學建立swap空間置換暫時解決問題。
Oracle登入centos帳戶: opc
AWS登入centos帳戶: centos
更新centos
sudo yum update
安裝php7
執行yum install -y wget yum-utils
分別執行
wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
wget http://rpms.remirepo.net/enterprise/remi-release-7.rpm
rpm -Uvh epel-release-latest-7.noarch.rpm
rpm -Uvh remi-release-7.rpm
移除下載檔案
rm epel-release-latest-7.noarch.rpm remi-release-7.rpm
指定php版本(這裡用php7.2當作示範)
yum-config-manager --enable remi-php72
開始安裝php7
yum install -y php php-mysqlnd php-pdo php-xml php-pear php-devel php-mbstring re2c gcc-c++ gcc
檢查php版本
php -v
安裝資料庫
wget http://dev.mysql.com/get/mysql57-community-release-el7-7.noarch.rpmyum localinstall mysql57-community-release-el7-7.noarch.rpm
yum install mysql-community-server
service mysqld start
查詢root資料庫密碼
cat /var/log/mysqld.log | grep "temporary password"
顯示預設root密碼(類似接續在root@localhost: 後面的cr&vzE%so4jb)
[Note] A temporary password is generated for root@localhost: cr&vzE%so4jb
mysql -u root -p
>cr&vzE%so4jb (預設的root資料庫使用者密碼)
修改root資料庫使用者密碼(這裡以Passw0rD%9作為範例)
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'Passw0rD%9';
新增一個網站用的資料庫(範例名稱wordpressdb)
mysql
> CREATE DATABASE wordpressdb DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
創建該資料庫(wordpressdb)的帳號(範例wordpressu)密碼(範例w0rdpR&8essU)
> GRANT ALL ON wordpressdb.* TO 'wordpressu'@'localhost' IDENTIFIED BY 'w0rdpR&8essU';
刷新設定值
> FLUSH PRIVILEGES;
離開資料庫設定
>\q
安裝Apache
yum -y install httpd啟用Apache
systemctl start httpd
systemctl enable httpd
要新增網站的conf放置處為/etc/httpd/conf.d
vi /etc/httpd/conf.d/wordpress.conf
寫入內容
<VirtualHost *:80>
DocumentRoot /var/www/demoapheav8d
ServerName demo-aphe2.example.co
</VirtualHost>
<VirtualHost *:443>
DocumentRoot /var/www/demoapheav8d
ServerName demo-aphe2.example.co
SSLEngine On
SSLCertificateFile /var/www/ssl/demoapheav8d.crt
SSLCertificateKeyFile /var/www/ssl/demoapheav8d.key
SSLCertificateChainFile /var/www/ssl/demoapheav8d_ca.crt
SSLHonorCipherOrder On
SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128:AES256:AES:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK
</VirtualHost>
<Directory /var/www/demoapheav8d>
AllowOverride All
</Directory>
將www資料夾權限交給apache
cd /var
chown apache:apache -R www
先登入到非管理員帳戶下(範例為useraa帳戶名稱)
透過
whoami
查詢當前帳戶名稱,
輸入(注意useraa是範例的帳戶名稱)
sudo usermod -a -G apache centos
將當前帳戶加入apache的群組
接著更改群組讀寫權限
sudo chmod 775 /var/www -R
理論上該帳戶即可修改網站根目錄的檔案。
假設網站要放置在/var/www/demoapheav8d資料夾
mkdir /var/www/demoapheav8d/
cd /var/www/demoapheav8d
接著將檔案匯入該資料夾
假設網站憑證放置在/var/www/ssl資料夾
啟用SSL
yum install mod_ssl openssl
重啟apache
systemctl restart httpd
補充
針對變更ssh端口的設定因為CentOS通常會啟用SELinux
如果修改ssh端口要注意一併開啟對應端口
設定指令如下(在root管理權限下設置)
semanage port -a -t ssh_port_t -p tcp 端口號碼
接著確認是否已經增加端口(理應出現該端口號碼)
semanage port -l|grep ssh
另外因為MySQL選擇的版本是5.7,
將會消耗較多的記憶體資源,
小於1GB的記憶體可能會導致mysql無法連接,
可以參考DigitalOcean這篇教學建立swap空間置換暫時解決問題。
留言
張貼留言