Create by @terrychan999 on 2021-Apr-30, feel free to share :)
-
Linux ENV: Ubuntu 20.04 Server
此教學僅在Ubuntu 20.04測試過
-
更新apt套件庫
sudo apt update && sudo apt upgrade
如果是在台灣的話推薦使用 NCHC FSLab mirror
-
安裝Web Server (nginx)
sudo apt install nginx
sudo systemctl enable nginx
Wordpress是基於帳號的後台管理系統
因此安裝好nginx後推薦先設置SSL
以Certbot設置Let’s Encrypt SSL為例: (請先確認dns record有正確設置)acme.sh 也是很棒的alternative, 尤其是在沒有sudo權限下也可以使用
-
安裝certbot
sudo apt install certbot sudo apt install python3-certbot-nginx
-
執行certbot
sudo certbot --nginx -d example.com
-
確認certbot.timer是否正常運作:
sudo systemctl status certbot.timer
SSL設定參數補充參考: Mozilla SSL Config Generator
-
安裝Wordpress所需的 php & plugins
sudo apt install php-cli php-common php-fpm php-mysql php-imagick php-gd php-mbstring php-curl php-zip php-xml php-intl
-
在nginx site config上設定php
我們直接修改/etc/nginx/sites-available/default
- 修改index優先度
index index.php index.html;
- 修改location成
/index.php?$args;
location / { try_files $uri $uri/ /index.php?$args; }
- 將下列這段取消註解,其他用不到的註解也可以刪掉
精簡後會長這樣
# pass PHP scripts to FastCGI server # location ~ \.php$ { include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; }
location ~ \.php$ { include snippets/fastcgi-php.conf; fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; }
-
加上fastcgi_param (這樣就不需要動到php.ini)
請自行了解以下這些參數的意義及大小,此範例僅供參考
location ~ \.php$ { include snippets/fastcgi-php.conf; fastcgi_pass unix:/run/php/php7.4-fpm.sock; fastcgi_param PHP_VALUE "memory_limit=256M \n post_max_size=256M \n upload_max_filesize=250M \n max_file_uploads=200 \n max_execution_time=3600 \n max_input_time=3600 \n"; fastcgi_read_timeout 3600s; } client_max_body_size 0;
這樣php基本上就設定好了
確認語法有沒有錯誤
sudo nginx -t
沒錯的話重啟nignx
sudo systemctl restart nginx
-
安裝mysql server
sudo apt install mysql-server
如果系統本身的ram很少的話可以關閉Performance Schema,設定在/etc/mysql/my.cnf
-
設定mysql database和user/password
sudo mysql
請將wp_user
,wp_passwd
,db_name
替換掉CREATE USER 'wp_user'@'localhost' IDENTIFIED BY 'wp_passwd'; CREATE DATABASE db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci; GRANT ALL PRIVILEGES ON db_name.* TO 'wp_user'@'localhost'; FLUSH PRIVILEGES; \q
-
下載wordpress:
cd ~ wget -c https://tw.wordpress.org/latest-zh_TW.tar.gz tar xzvf ./latest-zh_TW.tar.gz
-
安裝wordpress:
a. 如果你想建立在example.com/sitefolder下的話:sudo mkdir /var/www/html/sitefolder sudo cp -R wordpress/. /var/www/html/sitefolder sudo chown -R www-data:www-data /var/www/html/sitefolder sudo chmod -R 775 /var/www/html/sitefolder
4.b 的路徑也要一同修改:
location /sitefolder { try_files $uri $uri/ /sitefolder/index.php?$args; }
b. 如果你想建立在example.com/下的話:
sudo cp -R wordpress/. /var/www/html/ sudo chown -R www-data:www-data /var/www/html/ sudo chmod -R 775 /var/www/html/
-
開啟網頁設定wordpress
-
安裝完成後續,一些資安防護:
修改/etc/nginx/sites-available/default
a. 禁用xmlrpc *極度推薦location /sitefolder { try_files $uri $uri/ /sitefolder/index.php?$args; location = /sitefolder/xmlrpc.php { deny all; } }
b. 關閉autoindex *極度推薦
autoindex off;
c. 關閉
.git/
存取 *極度推薦location ~ /\.git { deny all; }