Alibaba Cloud Centos8 uses Dnf to install LNMP, WordPress installation tutorial
Ali CloudCentos8buildLNMP environment,Install wordpress After setting up the centos8 operating system in Alibaba Cloud, first make some basic settings. Alibaba Cloud installs wordpress
Alibaba Cloud installs centos8 Chinese language pack
pass dnf search Command to search Chinese language pack
dnf search langpacks
Found that the Simplified Chinese installation package is: langpacks-zh_CN.noarch
Directly via DNF command:
dnf install langpacks-zh_CN
Modify language:
vi /etc/locale.conf
Modify the original content to the following content:
LANG="zh_CN.UTF-8"
Finally pass the command:locale-a Check whether zh_CN is installed successfully
Alibaba Cloud configures EPEL and REMI sources under centos8
Install epel repository
dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
confirmepelIs the library installed successfully?
rpm -qa | grep epel
Install remi repository
dnf install https://rpms.remirepo.net/enterprise/remi-release-8.rpm
Confirm whether the remi library is installed successfully
rpm -qa | grep remi
After the software source is installed, re-establish the dnf cache
dnf makecache
If it is Centos9, install the software source according to the following path
dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm dnf install https://rpms.remirepo.net/enterprise/remi-release-7.rpm
Get all running services and view port occupancy:
systemctl list-units --type=service netstat -lntup
Alibaba Cloud installs php/nginx/mysql through DNF under cnetos8
Alibaba Cloud installs php
After successfully adding the EPEL and Remi repositories, execute the following command to get the list of available PHP module streams:
dnf module list php
Reset php module:
dnf module reset php
Enable the stream module corresponding to the php version. Here we are installing the php7.4 version, so enable the remi-7.4 version of the stream:
dnf module enable php:remi-7.4
Install PHP, this command also installs many other packages:
dnf installphp
dnf install php-mysqlnd php-gd
After installing PHP, modify PHP permissions:
vi /etc/php-fpm.d/www.conf
user= nginx
group = nginx When installing WordPress and unable to create a directory, make sure that the directory where the wp file is stored, the nginx user group and the PHP user group are under the same user.
Modify the permissions of the wp storage directory:
chown -R nginx:nginx /home/www
Check which user group php-fpm belongs to:
ps -ef | grep php-fpm
Modify PHP configuration file:
vi /etc/php.ini
cgi.fix_pathinfo, modified to =0;
upload_max_filesize = 2M file upload size, the default value is too small, it is recommended to modify it to 1024M
display_errors = on print errors
post_max_size = 8M form maximum value, 1024M is recommended
max_execution_time=600 maximum execution time of php script Permission settings:
chown -R nginx:nginx /run/php-fpm/www.sock
Check whether php is installed successfully:
php -v
Set up the startup and running services:
systemctl enable php-fpm
systemctl start php-fpm
Commonly used operating commands:
Restart:
systemctl restart php-fpm
start up:
systemctl start php-fpm
closure:
systemctl stop php-fpm
state:
systemctl status php-fpm
Alibaba Cloud installs nginx
After successfully adding the EPEL and Remi repositories, execute the following command to get a list of available nginx module streams:
dnf module list nginx
Reset nginx module:
dnf module reset nginx
Enable the stream module corresponding to the nginx version. Here we are installing the nginx1.18 version, so enable the nginx1.18 version of the stream:
dnf module enable nginx:1.18
Install nginx, this command also installs many other packages:
dnf install nginx -y
Check whether nginx is installed successfully:
nginx -v
Check port occupancy:
netstat -lntup
Set up the startup and running services:
systemctl enable nginx
systemctl start nginx
Uninstall nginx
dnf remove nginx
Commonly used commands:
Restart:
systemctl restart nginx
start up:
systemctl start nginx
closure:
systemctl stop nginx
state:
systemctl status nginx
Note: If the installed nginx version does not support php, it will cause the page to be downloaded after opening the php page. You can create a test page test.php. Page content:
<?php phpinfo(); ?>
If php is not supported, you need to create the conf.d and default.d folders in the nginx installation directory /etc/nginx. Create the /default.d/php.conf file with the following contents:
# pass the PHP scripts to FastCGI server # # See conf.d/php-fpm.conf for socket configuration # index index.php index.html index.htm; location ~ \.php$ { try_files $uri =404; fastcgi_intercept_errors on; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass php-fpm; }
Create the /conf.d/php-fpm.conf file with the following contents:
# PHP-FPM FastCGI server # network or unix domain socket configuration upstream php-fpm { server unix:/run/php-fpm/www.sock; }
existnginx.confIn the file, insert reference statements for the two folders should be added.
nginx generates domain name certificate ssl
Use the acme.sh script to apply for an SSL certificate. Install socat first:
dnf install socat
Install acme.sh
curl https://get.acme.sh | sh
Note that after the script is installed, it must be restarted.
reboot
Certificate application:
After setting the domain name in nginx, apply for a certificate, for example:
acme.sh --issue -d www.uzbox.tk -d uzbox.tk --webroot /home/uzbox/
You can also use the command to read the nginx configuration. If the site is not set up in nginx, please set up the site first.
acme.sh --issue -d www.uzbox.tk -d uzbox.tk --nginx
After the certificate application is successful, install the certificate: First add the following to the server block of the nginx configuration file:
ssl_certificate /home/ssl/uzbox.tk/fullchain.cer; ssl_certificate_key /home/ssl/uzbox.tk/uzbox.tk.key;
After successfully applying for a domain name certificate, you need to install the certificate in the specified location, create a new /ssl/ folder in the /home/ folder, and create the certificate storage folder /uzbox.tk/ under the /ssl/ folder. Then run the following command to install the certificate. Note: If you do not create a folder where the certificate is stored, the certificate installation will fail with an error message: Unable to touch '/home/ssl/uzbox.tk/uzbox.tk.key': No such file or directory.
acme.sh --installcert -d uzbox.tk --key-file /home/ssl/uzbox.tk/uzbox.tk.key --fullchain-file /home/ssl/uzbox.tk/fullchain.cer --reloadcmd "service nginx force-reload"
More detailed domain name certificate application tutorial:acme.sh Apply for domain name SSL/TSL certificate for free
Install MySQL through dnf under Alibaba Cloud CentOS 8
Install using the latest package managerMySQL
dnf install @mysql
Turn on startup
systemctl enable --now mysqld
Check if MySQL server is running
systemctl status mysqld
Add password and security settings
Run the mysql_secure_installation script, which performs some security-related operations and sets the MySQL root password:
sudo mysql_secure_installation
Proceed as follows:
You are required to configure the VALIDATE PASSWORD component: Enter y and press Enter to enter the configuration.
Select the password verification policy level. I choose 0 (low) here and press Enter.
Enter new password twice
Are you sure you want to continue using the password provided? Enter y and press Enter
Removeanonymoususer? Enter y and press Enter
Allow root remote login? Enter n and press Enter
Remove test database? Enter y and press Enter
Reload permission table? Enter y and press Enter
Configure mysql remote login. If you need to set up the root account for remote login, repeat the previous step to allow root remote login? This step needs to be set to y.
Next, log in to MySQL locally and set the host field of the root user to '%', which means to accept login requests from all root IP addresses.
Restart the mysql service after setting
systemctl restart mysqld
MySQL8.0 already has the utf8mb4 character set by default, so the character set will no longer be modified.
Alibaba Cloud installs phpMyAdmin
phpMyAdminwebsite:https://www.phpmyadmin.net/
Download the latest version of phpMyAdmin, phpMyAdmin is a visual mysql management tool.
wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.tar.gz
After downloadingunzipdocument
tar -zxvf phpMyAdmin-latest-all-languages.tar.gz
Rename the decompressed file
mv phpMyAdmin-5.2.0-all-languages phpMyAdmin
Move the folder to the website directory
mv phpMyAdmin /home/www
If the php extension is not installed after installation, php needs to be installed with the php-mysqlnd extension.
dnf install php-mysqlnd
Finally, re-authorize the web directory.
chown -R nginx:nginx /home/www
Modify the phpMyAdmin configuration file:
In the phpMyAdmin home directory, rename the configuration file.
cd /home/uzbox/phpMyAdmin/
mv config.sample.inc.php config.inc.php
viconfig.inc.php
$cfg['Servers'][$i]['host'] = 'localhost'; changed to $cfg['Servers'][$i]['host'] = '127.0.0.1';
Then change the short password that phpMyAdmin uses for cookies.
$cfg['blowfish_secret'] = ”; changed to $cfg['blowfish_secret'] = '123456'; (Note: '123456' is any character larger than 32 bits.)
This password is used to encrypt cookies to avoid confusion when cookies are shared by multiple PhpMyAdmin or other programs.
Modify the user group and permissions of the session path (such as /var/lib/php/session), and then go to the corresponding session path.
cd /var/lib/php
chown nginx:nginx ./session
chmod -R 777 ./session
Create a new tmp folder in the phpmyadmin directory with permissions set to 777
chmod -R 777 /home/uzbox/phpMyAdmin/tmp
Solve the problem that the advanced functions in phpMyAdmin have not been fully set up, and some functions are notactivationThe problem.
Click to create an empty phpmyadmin in phpMyAdmindatabaseIt can be solved.
Finally, after configuring the access path of phpMyAdmin in Nginx, you can access it normally. What should I do if a blank page appears when accessing phpmyadmin? Try another version! Note: phpMyAdmin version 5.2.0 only supports php7.2 or above. PHP7.2 is not supported. If phpMyAdmin displays a blank page, please try changing the php version or changing the phpMyAdmin version. If an error occurs when opening the phpMyAdmin page, try accessing it again after changing the php version. phpMyAdmin 5.2.0
Welcome to the release of phpMyAdmin version 5.2.0. This release contains many new features and quite a few bug fixes. We also released phpMyAdmin 5.1.4, the last version in the 5.1 series, mainly to help downstream packaging teams. Most users should migrate to 5.2.0. Most notably, these releases resolve network errors when exporting files ( https://github.com/phpmyadmin/phpmyadmin/issues/17445 ). Some other highlights of 5.2.0 include:
- deleted pair Microsoft Internet Explorer support
- Requires PHP 7.2 or newer
- Requires openssl PHP extension
- Improved handling of system CA packages and cacert.pem, allowing fallback to Mozilla CA if necessary
- Replace the term "master/slave" with "master/replica"
- Add "NOT LIKE %…%" operator to table search
- Add support for Mroonga engine
- Add support for account lockout
- Some fixes and improvements to the SQL parser library
Of course, you can do this in the ChangeLog file included with this release or onlineSee more fixes and new features in https://demo.phpmyadmin.net/master-config/index.php?route=/changelog Now available inhttps://phpmyadmin.net/downloads/Download
Alibaba Cloud installs WordPress
WordPress official website:https://cn.wordpress.org/
Start by downloading the latest version of WordPress.
wget https://cn.wordpress.org/latest-zh_CN.tar.gz
Unzip the file after downloading.
tar -xzvf latest-zh_CN.tar.gz
Move the folder to the website directory
mv wordpress /var/wwwroot
cd /var/wwwroot
Rename the wp-config-sample.php file
cp wp-config-sample.php wp-config.php
Modify website configuration file:
vim wp-config.php
The name of the WordPress database: define( 'DB_NAME', 'WordPress' );
MySQL database user name: define('DB_USER', 'root');
MySQL database password: define( 'DB_PASSWORD', 'mysql password' );
MySQL host: define('DB_HOST', '127.0.0.1');
Default text encoding when creating a data table: define('DB_CHARSET', 'utf8');
Add the following code at the end of the file:
if(is_admin()) {add_filter('filesystem_method', create_function('$a', 'return "direct";' ));define( 'FS_CHMOD_DIR', 0751 );}
After modifying the configuration file, place phpMyAdmin in the wordpress directory
mv phpMyAdmin /var/wwwroot/phpMyAdmin
https://your website domain name/phpMyAdmin
Then open phpMyAdmin, create a new WordPress database, name the database WordPress, and create an empty database. The name of this database must be the same as that configured in wp-config.php above.
Then configure the website in the browser and follow the steps to install it. RecommendedGoogle Chrome.
https://websitedomainname/wp-admin/install.php websiteplug-inUpdate installation and template installation permission configuration:
In this step, some people will configure the directory permissions to 777. This has certain security risks. The correct configuration is to unify all user groups and users, that is, the user group of PHP, the user group of NGINX, and the user group of the WordPress storage directory. .
First, enter the website storage directory and view the folder user group and permissions.
cd /var/wwwroot/
Use the ls -l command to check the user group to which the directory belongs. The default user group and user are root.
ls -l
Modify the user group permissions of the website storage directory.
chown -R nginx:nginx /var/wwwroot/
For example, nginx is started using the nginx user, which needs to be changed to the nginx user group and nginx user.
PHP also needs to be started using the nginx user group.
vi /etc/php-fpm.d/www.conf
user=apache
group=apache
Modify to nginx user group and user
user=nginx
group=nginx
After modifying the user group of php user group, NGINX user group, and wordpress storage directory, reboot.serverThat's it.
NGINX nginx.conf configuration, for reference only: nginx.conf configuration:
user nginx; # configures the user or group, the default is nobody nobody. worker_processes auto; # allows the number of processes to be generated, the default is 1 pid /run/nginx.pid; # specifies the nginx process running file storage address error_log /var/log/nginx/error.log error; # specifies the error log path and level. This setting can be placed in the global block, http block, and server block. The levels are: debug|info|notice|warn|error|crit|alert|emerg. The higher the level, the fewer records. Generally, error # is set to load the dynamic module. include /usr/share/nginx/modules/*.conf; # working mode and maximum number of connections - events global settings events { accept_mutex on; # sets network connection serialization to prevent the occurrence of thundering groups, the default is on multi_accept on; # sets whether a process accepts multiple network connections at the same time. The default is off #use epoll; # event-driven model, select|poll|kqueue|epoll|resig|/dev/poll|eventport worker_connections 1024; # The maximum connection allowed by a single work process Number, default is 512 } #http server configuration file block http { log_format myFormat '$remote_addr–$remote_user [$time_local] $request $status $body_bytes_sent $http_referer $http_user_agent $http_x_forwarded_for'; # custom log format access_log /var/log/nginx/access.log myFormat; # settings Access log path and format. combined is the default value of the log format. rewrite_log on; #access_log off; # cancel service access log sendfile on; # allows sendfile mode to transfer files, the default is off, and can be in http block, server block, location block. sendfile_max_chunk 0; # The number of transfers per process call cannot be greater than the set value. The default is 0, that is, there is no upper limit. keepalive_timeout 1000; # connection timeout, the default is 75s, can be in http, server, location block. client_max_body_size 1024m; types_hash_max_size 4096; tcp_nodelay on; tcp_nopush on; default_type application/octet-stream; # default file type, default is text/plain fastcgi_connect_timeout 3000; #fastcgi connection timeout, default 60 seconds fastcgi_send_timeout 3000; 1TP 5Tnginx process sends request to fastcgi process The timeout time of the process, the default value is 60 seconds fastcgi_read_timeout 3000; # The timeout time for the fastcgi process to send the output process to the nginx process, the default value is 60 seconds gzip on; #gzip compression switch, on turns on Gzip compression, the default is off, turns off gzip_min_length 1k; # enables gzip compression The minimum file, files smaller than the set value will not be compressed gzip_comp_level 8; # gzip compression level, 1-9, the larger the number, the better the compression, and the more CPU time is taken up gzip_buffers 4 16k; # Set the buffer required for compression Size gzip_http_version 1.1; # Set the HTTP protocol version for gzip compression. If there is no load, you can not use gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/ jpeg image/gif image/png application/vnd.ms-fontobject font/ttf font/opentype font/x-woff image/svg+xml; # file type for compression. JavaScript comes in many forms. The values can be found in the mime.types file. gzip_vary on; # Whether to add Vary: Accept-Encoding in the http header, it is recommended to turn on gzip_disable "MSIE [1-6]\."; # Disable IE 6 gzip gzip_proxied off; include /etc/nginx/mime.types; # file Extension and file type mapping table. Set the mime type (email support type), the type is defined by the mime.types file. include /etc/nginx/conf.d/*.conf; # loads modular configuration files from the /etc/nginx/conf.d directory. }
server configuration:
server { listen 80; listen [::]:80; server_name www.uzbox.tk uzbox.tk; #Your website domain name return 301 https://uzbox.tk$request_uri; #301 redirect to https } server { listen 443 ssl http2 ; listen [::]:443 ssl http2; server_name www.uzbox.tk; # The domain name of the website can be multiple, separated by spaces return 301 https://uzbox.tk$request_uri; ssl_certificate /home/ssl/uzbox.tk /fullchain.cer; ssl_certificate_key /home/ssl/uzbox.tk/uzbox.tk.key; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name uzbox.tk; root /home/www; index index.php index.html index.htm; ssl_certificate /home/ssl/uzbox.tk/fullchain.cer; ssl_certificate_key /home/ssl/uzbox.tk/uzbox.tk.key; ssl_session_cache shared:le_nginx_SSL:10m; ssl_session_timeout 1440m ; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers off; ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM -SHA384:ECDHE-RSA -AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"; include /etc/nginx/ default.d/*.conf; # loads the configuration file of the default server block from /etc/nginx/default.d. # pseudo-static page location / { if (-f $request_filename/index.html){ rewrite (.*) $1/index.html break; } if (-f $request_filename/index.php){ rewrite (.*) $1/index .php; } if (!-f $request_filename){ rewrite (.*) /index.php; } } }
Pseudo-static plug-in installation:
First, you need to modify the WordPress permalink, enter the background, and open the setting permalink.
自定义结构后面填入%category%/%post_id%
Install the "No Category Base" plug-in to remove the category directory /category/. Finally, check all running services on the server.
systemctl list-units --type=service