Alibaba Cloud installation tutorial for wordpress, Centos8 to build LNMP environment

阿里云安装wordpress,Centos8使用Dnf搭建LNMP环境

Alibaba Cloud Centos8 uses Dnf to install LNMP, WordPress installation tutorial

Ali Cloudbuild,Install After setting up the centos8 operating system in Alibaba Cloud, first make some basic settings. Alibaba Cloud installs wordpress

Alibaba Cloud installs centos8 Chinese language pack

pass dnf search Command to search Chinese language pack

dnf search langpacks

Found that the Simplified Chinese installation package is: langpacks-zh_CN.noarch
Directly via DNF command:

dnf install langpacks-zh_CN

Modify language:

vi /etc/locale.conf

Modify the original content to the following content:

LANG="zh_CN.UTF-8"

Finally pass the command:locale-a Check whether zh_CN is installed successfully

Alibaba Cloud configures EPEL and REMI sources under centos8

Install epel repository

dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm

confirmIs the library installed successfully?

rpm -qa | grep epel

Install remi repository

dnf install https://rpms.remirepo.net/enterprise/remi-release-8.rpm

Confirm whether the remi library is installed successfully

rpm -qa | grep remi

After the software source is installed, re-establish the dnf cache

dnf makecache

If it is Centos9, install the software source according to the following path

dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm dnf install https://rpms.remirepo.net/enterprise/remi-release-7.rpm

Get all running services and view port occupancy:

systemctl list-units --type=service netstat -lntup
阿里云安装 wordpress 教程,Centos8搭建LNMP环境

Alibaba Cloud installs php/nginx/mysql through DNF under cnetos8

Alibaba Cloud installs php

After successfully adding the EPEL and Remi repositories, execute the following command to get the list of available PHP module streams:

dnf module list php


Reset php module:

dnf module reset php


Enable the stream module corresponding to the php version. Here we are installing the php7.4 version, so enable the remi-7.4 version of the stream:

dnf module enable php:remi-7.4

Install PHP, this command also installs many other packages:

dnf installphp
dnf install php-mysqlnd php-gd 

 
After installing PHP, modify PHP permissions:

vi /etc/php-fpm.d/www.conf


user=
group = nginx When installing WordPress and unable to create a directory, make sure that the directory where the wp file is stored, the nginx user group and the PHP user group are under the same user.
Modify the permissions of the wp storage directory:

chown -R nginx:nginx /home/www


Check which user group php-fpm belongs to:

ps -ef | grep php-fpm

Modify PHP configuration file:

vi /etc/php.ini


cgi.fix_pathinfo, modified to =0;
upload_max_filesize = 2M file upload size, the default value is too small, it is recommended to modify it to 1024M
display_errors = on print errors
post_max_size = 8M form maximum value, 1024M is recommended
max_execution_time=600 maximum execution time of php script Permission settings:

chown -R nginx:nginx /run/php-fpm/www.sock

Check whether php is installed successfully:

php -v

Set up the startup and running services:

systemctl enable php-fpm

 

systemctl start php-fpm


Commonly used operating commands:
Restart:

systemctl restart php-fpm


start up:

systemctl start php-fpm


closure:

systemctl stop php-fpm


state:

systemctl status php-fpm

Alibaba Cloud installs nginx

After successfully adding the EPEL and Remi repositories, execute the following command to get a list of available nginx module streams:

dnf module list nginx


Reset nginx module:

dnf module reset nginx

Enable the stream module corresponding to the nginx version. Here we are installing the nginx1.18 version, so enable the nginx1.18 version of the stream:

dnf module enable nginx:1.18

Install nginx, this command also installs many other packages:

dnf install nginx -y


Check whether nginx is installed successfully:

nginx -v

Check port occupancy:

netstat -lntup

Set up the startup and running services:

systemctl enable nginx

 

systemctl start nginx

Uninstall nginx

dnf remove nginx

Commonly used commands:
Restart:

systemctl restart nginx


start up:

systemctl start nginx


closure:

systemctl stop nginx


state:

systemctl status nginx

Note: If the installed nginx version does not support php, it will cause the page to be downloaded after opening the php page. You can create a test page test.php. Page content:

<?php
phpinfo();
?>

  If php is not supported, you need to create the conf.d and default.d folders in the nginx installation directory /etc/nginx. Create the /default.d/php.conf file with the following contents:

# pass the PHP scripts to FastCGI server # # See conf.d/php-fpm.conf for socket configuration # index index.php index.html index.htm; location ~ \.php$ { try_files $uri =404; fastcgi_intercept_errors on; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass php-fpm; }

  Create the /conf.d/php-fpm.conf file with the following contents:

# PHP-FPM FastCGI server # network or unix domain socket configuration upstream php-fpm { server unix:/run/php-fpm/www.sock; }

existIn the file, insert reference statements for the two folders should be added.

nginx generates domain name certificate ssl

Use the acme.sh script to apply for an SSL certificate. Install socat first:

dnf install socat


Install acme.sh

curl https://get.acme.sh | sh


Note that after the script is installed, it must be restarted.

reboot

Certificate application:
After setting the domain name in nginx, apply for a certificate, for example:

acme.sh --issue -d www.uzbox.tk -d uzbox.tk --webroot /home/uzbox/


You can also use the command to read the nginx configuration. If the site is not set up in nginx, please set up the site first.

acme.sh --issue -d www.uzbox.tk -d uzbox.tk --nginx

After the certificate application is successful, install the certificate: First add the following to the server block of the nginx configuration file:

ssl_certificate /home/ssl/uzbox.tk/fullchain.cer; ssl_certificate_key /home/ssl/uzbox.tk/uzbox.tk.key;

  After successfully applying for a domain name certificate, you need to install the certificate in the specified location, create a new /ssl/ folder in the /home/ folder, and create the certificate storage folder /uzbox.tk/ under the /ssl/ folder. Then run the following command to install the certificate. Note: If you do not create a folder where the certificate is stored, the certificate installation will fail with an error message: Unable to touch '/home/ssl/uzbox.tk/uzbox.tk.key': No such file or directory.

acme.sh --installcert -d uzbox.tk --key-file /home/ssl/uzbox.tk/uzbox.tk.key --fullchain-file /home/ssl/uzbox.tk/fullchain.cer --reloadcmd "service nginx force-reload"

More detailed domain name certificate application tutorial:acme.sh Apply for domain name SSL/TSL certificate for free

Install MySQL through dnf under Alibaba Cloud CentOS 8

Install using the latest package manager

dnf install @mysql


Turn on startup

systemctl enable --now mysqld


Check if MySQL server is running

systemctl status mysqld

Add password and security settings
Run the mysql_secure_installation script, which performs some security-related operations and sets the MySQL root password:

sudo mysql_secure_installation


Proceed as follows:
You are required to configure the VALIDATE PASSWORD component: Enter y and press Enter to enter the configuration.
Select the password verification policy level. I choose 0 (low) here and press Enter.
Enter new password twice
Are you sure you want to continue using the password provided? Enter y and press Enter
Removeuser? Enter y and press Enter
Allow root remote login? Enter n and press Enter
Remove test database? Enter y and press Enter
Reload permission table? Enter y and press Enter
Configure mysql remote login. If you need to set up the root account for remote login, repeat the previous step to allow root remote login? This step needs to be set to y.
Next, log in to MySQL locally and set the host field of the root user to '%', which means to accept login requests from all root IP addresses.
Restart the mysql service after setting

systemctl restart mysqld


MySQL8.0 already has the utf8mb4 character set by default, so the character set will no longer be modified.

Alibaba Cloud installs phpMyAdmin

website:https://www.phpmyadmin.net/
Download the latest version of phpMyAdmin, phpMyAdmin is a visual mysql management tool.

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.tar.gz


After downloadingdocument

tar -zxvf phpMyAdmin-latest-all-languages.tar.gz


Rename the decompressed file

mv phpMyAdmin-5.2.0-all-languages phpMyAdmin


Move the folder to the website directory

mv phpMyAdmin /home/www


If the php extension is not installed after installation, php needs to be installed with the php-mysqlnd extension.

dnf install php-mysqlnd

Finally, re-authorize the web directory.

chown -R nginx:nginx /home/www

Modify the phpMyAdmin configuration file:

In the phpMyAdmin home directory, rename the configuration file.

cd /home/uzbox/phpMyAdmin/

 

mv config.sample.inc.php config.inc.php

 

viconfig.inc.php

$cfg['Servers'][$i]['host'] = 'localhost'; changed to $cfg['Servers'][$i]['host'] = '127.0.0.1';
Then change the short password that phpMyAdmin uses for cookies.
$cfg['blowfish_secret'] = ”; changed to $cfg['blowfish_secret'] = '123456'; (Note: '123456' is any character larger than 32 bits.)
This password is used to encrypt cookies to avoid confusion when cookies are shared by multiple PhpMyAdmin or other programs.

阿里云安装 wordpress 教程,Centos8搭建LNMP环境

Modify the user group and permissions of the session path (such as /var/lib/php/session), and then go to the corresponding session path.

cd /var/lib/php

 

chown nginx:nginx ./session

 

chmod -R 777 ./session


Create a new tmp folder in the phpmyadmin directory with permissions set to 777

chmod -R 777 /home/uzbox/phpMyAdmin/tmp


Solve the problem that the advanced functions in phpMyAdmin have not been fully set up, and some functions are notThe problem.
Click to create an empty phpmyadmin in phpMyAdminIt can be solved.
Finally, after configuring the access path of phpMyAdmin in Nginx, you can access it normally. What should I do if a blank page appears when accessing phpmyadmin? Try another version! Note: phpMyAdmin version 5.2.0 only supports php7.2 or above. PHP7.2 is not supported. If phpMyAdmin displays a blank page, please try changing the php version or changing the phpMyAdmin version. If an error occurs when opening the phpMyAdmin page, try accessing it again after changing the php version. phpMyAdmin 5.2.0

Welcome to the release of phpMyAdmin version 5.2.0. This release contains many new features and quite a few bug fixes. We also released phpMyAdmin 5.1.4, the last version in the 5.1 series, mainly to help downstream packaging teams. Most users should migrate to 5.2.0. Most notably, these releases resolve network errors when exporting files ( https://github.com/phpmyadmin/phpmyadmin/issues/17445 ). Some other highlights of 5.2.0 include:

  • deleted pair Explorer support
  • Requires PHP 7.2 or newer
  • Requires openssl PHP extension
  • Improved handling of system CA packages and cacert.pem, allowing fallback to Mozilla CA if necessary
  • Replace the term "master/slave" with "master/replica"
  • Add "NOT LIKE %…%" operator to table search
  • Add support for Mroonga engine
  • Add support for account lockout
  • Some fixes and improvements to the SQL parser library

Of course, you can do this in the ChangeLog file included with this release or onlineSee more fixes and new features in https://demo.phpmyadmin.net/master-config/index.php?route=/changelog Now available inhttps://phpmyadmin.net/downloads/Download

Alibaba Cloud installs WordPress

WordPress official website:https://cn.wordpress.org/
Start by downloading the latest version of WordPress.

wget https://cn.wordpress.org/latest-zh_CN.tar.gz


Unzip the file after downloading.

tar -xzvf latest-zh_CN.tar.gz


Move the folder to the website directory

mv wordpress /var/wwwroot

 

cd /var/wwwroot


Rename the wp-config-sample.php file

cp wp-config-sample.php wp-config.php 


Modify website configuration file:

vim wp-config.php


The name of the WordPress database: define( 'DB_NAME', 'WordPress' );
MySQL database user name: define('DB_USER', 'root');
MySQL database password: define( 'DB_PASSWORD', 'mysql password' );
MySQL host: define('DB_HOST', '127.0.0.1');
Default text encoding when creating a data table: define('DB_CHARSET', 'utf8');
Add the following code at the end of the file:

if(is_admin()) {add_filter('filesystem_method', create_function('$a', 'return "direct";' ));define( 'FS_CHMOD_DIR', 0751 );}


After modifying the configuration file, place phpMyAdmin in the wordpress directory

mv phpMyAdmin /var/wwwroot/phpMyAdmin


https://your website domain name/phpMyAdmin
Then open phpMyAdmin, create a new WordPress database, name the database WordPress, and create an empty database. The name of this database must be the same as that configured in wp-config.php above.
Then configure the website in the browser and follow the steps to install it. Recommended.
https://websitedomainname/wp-admin/install.php websiteUpdate installation and template installation permission configuration:
In this step, some people will configure the directory permissions to 777. This has certain security risks. The correct configuration is to unify all user groups and users, that is, the user group of PHP, the user group of NGINX, and the user group of the WordPress storage directory. .
First, enter the website storage directory and view the folder user group and permissions.

cd /var/wwwroot/


Use the ls -l command to check the user group to which the directory belongs. The default user group and user are root.

ls -l


Modify the user group permissions of the website storage directory.

chown -R nginx:nginx /var/wwwroot/


For example, nginx is started using the nginx user, which needs to be changed to the nginx user group and nginx user.
PHP also needs to be started using the nginx user group.

vi /etc/php-fpm.d/www.conf


user=apache
group=apache
Modify to nginx user group and user
user=nginx
group=nginx
After modifying the user group of php user group, NGINX user group, and wordpress storage directory, reboot.That's it.
NGINX nginx.conf configuration, for reference only: nginx.conf configuration:

user nginx; # configures the user or group, the default is nobody nobody. worker_processes auto; # allows the number of processes to be generated, the default is 1 pid /run/nginx.pid; # specifies the nginx process running file storage address error_log /var/log/nginx/error.log error; # specifies the error log path and level. This setting can be placed in the global block, http block, and server block. The levels are: debug|info|notice|warn|error|crit|alert|emerg. The higher the level, the fewer records. Generally, error # is set to load the dynamic module. include /usr/share/nginx/modules/*.conf; # working mode and maximum number of connections - events global settings events { accept_mutex on; # sets network connection serialization to prevent the occurrence of thundering groups, the default is on multi_accept on; # sets whether a process accepts multiple network connections at the same time. The default is off #use epoll; # event-driven model, select|poll|kqueue|epoll|resig|/dev/poll|eventport worker_connections 1024; # The maximum connection allowed by a single work process Number, default is 512 } #http server configuration file block http { log_format myFormat '$remote_addr–$remote_user [$time_local] $request $status $body_bytes_sent $http_referer $http_user_agent $http_x_forwarded_for'; # custom log format access_log /var/log/nginx/access.log myFormat; # settings Access log path and format. combined is the default value of the log format. rewrite_log on; #access_log off; # cancel service access log sendfile on; # allows sendfile mode to transfer files, the default is off, and can be in http block, server block, location block. sendfile_max_chunk 0; # The number of transfers per process call cannot be greater than the set value. The default is 0, that is, there is no upper limit. keepalive_timeout 1000; # connection timeout, the default is 75s, can be in http, server, location block. client_max_body_size 1024m; types_hash_max_size 4096; tcp_nodelay on; tcp_nopush on; default_type application/octet-stream; # default file type, default is text/plain fastcgi_connect_timeout 3000; #fastcgi connection timeout, default 60 seconds fastcgi_send_timeout 3000; 1TP 5Tnginx process sends request to fastcgi process The timeout time of the process, the default value is 60 seconds fastcgi_read_timeout 3000; # The timeout time for the fastcgi process to send the output process to the nginx process, the default value is 60 seconds gzip on; #gzip compression switch, on turns on Gzip compression, the default is off, turns off gzip_min_length 1k; # enables gzip compression The minimum file, files smaller than the set value will not be compressed gzip_comp_level 8; # gzip compression level, 1-9, the larger the number, the better the compression, and the more CPU time is taken up gzip_buffers 4 16k; # Set the buffer required for compression Size gzip_http_version 1.1; # Set the HTTP protocol version for gzip compression. If there is no load, you can not use gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/ jpeg image/gif image/png application/vnd.ms-fontobject font/ttf font/opentype font/x-woff image/svg+xml; # file type for compression. JavaScript comes in many forms. The values can be found in the mime.types file. gzip_vary on; # Whether to add Vary: Accept-Encoding in the http header, it is recommended to turn on gzip_disable "MSIE [1-6]\."; # Disable IE 6 gzip gzip_proxied off; include /etc/nginx/mime.types; # file Extension and file type mapping table. Set the mime type (email support type), the type is defined by the mime.types file. include /etc/nginx/conf.d/*.conf; # loads modular configuration files from the /etc/nginx/conf.d directory. }

server configuration:

server { listen 80; listen [::]:80; server_name www.uzbox.tk uzbox.tk; #Your website domain name return 301 https://uzbox.tk$request_uri; #301 redirect to https } server { listen 443 ssl http2 ; listen [::]:443 ssl http2; server_name www.uzbox.tk; # The domain name of the website can be multiple, separated by spaces return 301 https://uzbox.tk$request_uri; ssl_certificate /home/ssl/uzbox.tk /fullchain.cer; ssl_certificate_key /home/ssl/uzbox.tk/uzbox.tk.key; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name uzbox.tk; root /home/www; index index.php index.html index.htm; ssl_certificate /home/ssl/uzbox.tk/fullchain.cer; ssl_certificate_key /home/ssl/uzbox.tk/uzbox.tk.key; ssl_session_cache shared:le_nginx_SSL:10m; ssl_session_timeout 1440m ; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers off; ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM -SHA384:ECDHE-RSA -AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"; include /etc/nginx/ default.d/*.conf; # loads the configuration file of the default server block from /etc/nginx/default.d. # pseudo-static page location / { if (-f $request_filename/index.html){ rewrite (.*) $1/index.html break; } if (-f $request_filename/index.php){ rewrite (.*) $1/index .php; } if (!-f $request_filename){ rewrite (.*) /index.php; } } }

Pseudo-static plug-in installation:
First, you need to modify the WordPress permalink, enter the background, and open the setting permalink.
自定义结构后面填入%category%/%post_id%
Install the "No Category Base" plug-in to remove the category directory /category/. Finally, check all running services on the server.

systemctl list-units --type=service
score

Leave a Reply

Your email address will not be published. Required fields are marked *