基于nginx搭建个人网站(博客),获取证书(ssl)(以下内容仅供参考,如有错误请指出)
-
准备 LNMP 环境
安装 Nginx
使用
yum
安装 Nginx:yum install nginx -y
修改 /etc/nginx/conf.d/default.conf
cd /etc/nginx #切换路径
ls #查看当前路径的文件
找到nginx.conf
重点:先进行备份
cp nginx.conf cp_nginx.conf
vim nginx.conf
按 i进入编辑模式
修改配置文件
server { listen 80 default_server; # listen [::]:80 default_server; server_name _; root /usr/share/nginx/html; # Load configuration files for the default server block. include /etc/nginx/default.d/*.conf; location / { } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } }
修改完后按 Esc退出编辑模式 再按( Shift+; ),最后输入(wq)按回车即修改配置文件成功
修改完后,启动Nginx:
nginx
此时就可以访问自己的http服务了(http://(自己的ip或域名))
设置Nginx开机自启
chkconfig nginx on
安装mysql
使用yum命令安装MySQL:
yum install mysql-server -y
安装完后启动MySQL服务:
service mysqld restart
设置MySQL账户root密码
/usr/bin/mysqladmin -u root password '你自己想要设置的密码'
设置开机自启
chkconfig mysqld on
安装PHP
使用yum安装PHP:
yum install php-fpm php-mysql -y
安装之后启动PHP-FPM进程:
service php-fpm start
启动之后查看PHP-FPM进程监听的端口号
netstat -nlpt | grep php-fpm
设置PHP-FPM开机自启:
chkconfig php-fpm on
安装配置WordPress
yum install wordpress -y
进入数据库
mysql -uroot --password='数据库密码'
为WordPress创建一个数据库
CREATE DATABASE wordpress;
退出数据库
exit
设置WordPress配置文件,切换路径,备份配置文件,修改配置文件,保存并退出
cd /etc/wordpress ls cp wp-config.php cp_wp-config.php vim wp-config.php
<?php /** * The base configuration for WordPress * * The wp-config.php creation script uses this file during the * installation. You don't have to use the web site, you can * copy this file to "wp-config.php" and fill in the values. * * This file contains the following configurations: * * * MySQL settings * * Secret keys * * Database table prefix * * ABSPATH * * @link https://codex.wordpress.org/Editing_wp-config.php * * @package WordPress */ // ** MySQL settings - You can get this info from your web host ** // /** The name of the database for WordPress */ define('DB_NAME', 'wordpress'); /** MySQL database username */ define('DB_USER', 'root'); /** MySQL database password */ define('DB_PASSWORD', 'MyPas$word4Word_Press'); /** MySQL hostname */ define('DB_HOST', 'localhost'); /** Database Charset to use in creating database tables. */ define('DB_CHARSET', 'utf8'); /** The Database Collate type. Don't change this if in doubt. */ define('DB_COLLATE', ''); /**#@+ * Authentication Unique Keys and Salts. * * Change these to different unique phrases! * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service} * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again. * * @since 2.6.0 */ define('AUTH_KEY', 'put your unique phrase here'); define('SECURE_AUTH_KEY', 'put your unique phrase here'); define('LOGGED_IN_KEY', 'put your unique phrase here'); define('NONCE_KEY', 'put your unique phrase here'); define('AUTH_SALT', 'put your unique phrase here'); define('SECURE_AUTH_SALT', 'put your unique phrase here'); define('LOGGED_IN_SALT', 'put your unique phrase here'); define('NONCE_SALT', 'put your unique phrase here'); /**#@-*/ /** * WordPress Database Table prefix. * * You can have multiple installations in one database if you give each * a unique prefix. Only numbers, letters, and underscores please! */ $table_prefix = 'wp_'; /** * See http://make.wordpress.org/core/2013/10/25/the-definitive-guide-to-disabling-auto-updates-in-wordpress-3-7 */ /* Disable all file change, as RPM base installation are read-only */ define('DISALLOW_FILE_MODS', true); /* Disable automatic updater, in case you want to allow above FILE_MODS for plugins, themes, ... */ define('AUTOMATIC_UPDATER_DISABLED', true); /* Core update is always disabled, WP_AUTO_UPDATE_CORE value is ignore */ /** * For developers: WordPress debugging mode. * * Change this to true to enable the display of notices during development. * It is strongly recommended that plugin and theme developers use WP_DEBUG * in their development environments. * * For information on other constants that can be used for debugging, * visit the Codex. * * @link https://codex.wordpress.org/Debugging_in_WordPress */ define('WP_DEBUG', false); /* That's all, stop editing! Happy blogging. */ /** Absolute path to the WordPress directory. */ if ( !defined('ABSPATH') ) define('ABSPATH', '/usr/share/wordpress'); /** Sets up WordPress vars and included files. */ require_once(ABSPATH . 'wp-settings.php');
配置Nginx
在/etc/nginx下创建wordpress.conf 配置
cd /etc/nginx/
server { listen 80; root /usr/share/wordpress; location / { index index.php index.html index.htm; try_files $uri $uri/ /index.php index.php; } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 location ~ .php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } }
配置号后重新加载Nginx
nginx -s reload
此时Nginx已经配置好了接下来就开始配置ssl证书
首先进入自己的腾讯云服务器,在左上角点击“云产品”,搜索栏中搜索ssl证书然后点击进入,你可以选择购买证书或者申请免费证书,我这里提供的是申请免费证书,点击申请免费证书,跳转页面后直接确定,然后填写自己的真实信息(中间有一个DNS验证,如果不会就选择自动验证),提交后等待短信通知,证书申请成功后,进入证书列表将证书下载到本地
不过不理解可以参照该网页的申请方法,再根据自己的情况稍微修改一点就可以了:https://www.cnblogs.com/phper12580/p/8777748.html
证书申请完后将公钥和私钥上传到自己的服务器上,上传工具我这里用的是WinSCP(操作简单)
将公钥放在/root/etc/pki/nginx 中(如果没有文件夹就创建),私钥放在/root/etc/pki/nginx /private中 (该步骤为后面配置的修改做铺垫)
现在开始修改配置文件
切换路径到nginx
cd /etc/nginx
查看目录下的文件
ls
如果目录下有nginx.conf文件就可以继续下面操作
vim nginx.conf
如果没有则查找该文件
find nginx.conf
先对配置文件进行备份(好习惯才能少走弯路)
cp nginx.conf cp_nginx.conf
找到后进行编辑
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name 请输入你的域名;
rewrite ^(.*)$ https://$host$1 permanent; #http自动跳转https
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# Settings for a TLS enabled server.
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name 请输入你的域名;
root /usr/share/nginx/html;
ssl_certificate "/etc/pki/nginx/server.crt(你的公钥文件名)"; #公钥路径
ssl_certificate_key "/etc/pki/nginx/private/server.key(你的私钥文件名)"; #私钥路径
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
修改后保存并退出,上面有该步骤
重启服务器
systemctl restart nginx.service
此时就应该可以访问你自己的网页了,可以通过WinSCP将自己写的网页上传到/usr/share/nginx/html下面刷新一下就可以了