I. Preface
II. Environment
III. Basic Configuration
1. Build a LAMP Environment
2. install WordPress
3. Install phpMyAdmin
Iv. Security Configuration
1. Authentication
2. Source Control
3. encrypted access (https)
V. Test
-------------------------------------------
I. Preface
LAMP is Linux + Apache + Mysql + PHP. A group of open-source software commonly used to build dynamic websites or servers are independent programs. However, LAMP is often used together, with higher compatibility, a powerful Web application platform is formed together. With the rapid development of open source, open source code LAMP has been integrated with J2EE and. net commercial software has formed a three-pronged trend, and the software development project has a low investment cost in software, so it has received the attention of the entire IT industry. More than 70% of website traffic is provided by LAMP, which is the most powerful website solution.
WordPress is a blog platform developed in PHP. you can build your own website on servers that support PHP and MySQL databases. WordPress can also be used as a Content Management System (CMS. WordPress is a free open-source project that is licensed to be released under the GNU General Public License. WordPress is regarded as the official successor of the blog platform b2/cafelog developed by micel Valdrighi. The name "WordPress" came from Christine Selleck, a friend of Matt Mullenweg, a major developer.
PhpMyAdmin is a MySQL database management tool based on PHP and based on Web-Base architecture on the website host. It allows managers to use Web interfaces to manage MySQL databases. By using this Web interface, you can become a better way to easily input complicated SQL syntax, especially to process the import and export of a large amount of data. One of the biggest advantages is that phpMyaAdmin runs on the Web server like other PHP programs, but you can use the HTML pages generated by these programs anywhere, that is, remote management of MySQL databases, allows you to easily create, modify, and delete databases and data tables. You can also use phpMyAdmin to create common php syntaxes to facilitate the correctness of the SQL syntaxes required for compiling webpages.
II. Environment
System: redhat6.5 32-bit
IP: 192.168.2.200/24
Software Package:
Wordpress-3.9-zh_CN.zip wordpress main file
PhpMyAdmin-4.1.5-all-languages.zip phpMyAdmin main file
III. Basic Configuration
1. Build a LAMP Environment
123456789101112131415161718192021222324252627
# Service iptables stop // disable firewall and SELinux
# setenforce 0
# yum install httpd mysql mysql-server php php-mysql php-gd php-xml
# service httpd start
# service mysqld start
# Chkconfig httpd on // start upon startup
# chkconfig --list |grep httpd
httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
# chkconfig mysqld on
# chkconfig --list |grep mysql
mysqld 0:off 1:off 2:on 3:on 4:on 5:on 6:off
# Mysqladmin-u root-p password '000000' // set the user and password for mysql
Enter password:
//
Press enter here.
# mysql -u root -p
Enter password:
mysql> create database wordpress;
//
Create a wordpress database and prepare for installing wordpress below.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
|
test
|
| wordpress |
+--------------------+
mysql> \q
Bye
2. install WordPress
12
# Unzip wordpress-3.9-zh_CN.zip // Extract
# mv wordpress /var/www/html/
Write the following IP address and domain name to the hosts file C: \ Windows \ System32 \ drivers \ etc \ hosts
192.168.2.10 www.yinuo.com
Client browser access http://www.yinuo.com/wordpress/
(1) Click Create configuration file.
(2) Click here to start.
(3) write the username and password and click Submit.
(4) follow the prompts to manually create a wp-config.php file, copy the text in, And then install.
12
# cd /var/www/html/wordpress/
# vim wp-config.php
(5) If the database connection error, be sure to look at the wp-config.php file 17-26 lines, do not have any errors (such ).
(6) Fill in the site information and install wordpress.
(7) You have successfully logged on.
(8) logon test.
(9th, for example, fengying.zip.
12
# unzip fengying.zip
# mv fengying /var/www/html/wordpress/wp-content/themes/
3. Install phpMyAdmin
12345
# unzip phpMyAdmin-4.1.5-all-languages.zip
# mv phpMyAdmin-4.1.5-all-languages /var/www/html/phpmyadmin
# Rpm-qa php // view php version information
php-5.3.3-22.el6.i686
http:
//rpm
.pbone.net/
//
Download the php-mbstring corresponding to the php version at this URL.
12345678
# rpm -ivh php-mbstring-5.3.3-22.el6.i686.rpm
# rpm -qa |grep php
php-5.3.3-22.el6.i686
php-mbstring-5.3.3-22.el6.i686
Again, the php and php-mbstring versions must be consistent.
# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
Access http: // 192.168.2.10/phpmyadmin/
Enter the database account and password.
Manage databases (mysql management tool under the graphic interface ).
Iv. Security Configuration
1. Authentication
1234567891011121314151617181920212223
# vim /etc/httpd/conf/httpd.conf
338 AllowOverride all
//
Access needs verification
# cd /var/www/html/wordpress/
# Vim. htaccess // create a verification instruction file
authuserfile
/var/www/html/
.htpasswd
authname
"nuo"
authtype basic
require valid-user
# cd ..
# Htpasswd-c. htpasswd admin // create a password file with the username admin. For security purposes, the password and description file are not in the same directory.
New password:
Re-
type
new password:
Adding password
for
user admin
# cat .htpasswd
admin:OEWyxf6WFthog
# ll -a
drwxr-xr-x. 3 root root 4096 May 14 14:21 .
drwxr-xr-x. 6 root root 4096 Mar 30 15:01 ..
-rw-r--r--. 1 root root 20 May 14 14:21 .htpasswd
drwxr-xr-x. 5 root root 4096 May 14 14:20 wordpress
# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
Client browser access http://www.yinuo.com/wordpress/
You need an account and password to access your personal homepage.
2. Source Control
1234
# vim /etc/httpd/conf/httpd.conf
343 Order allow,deny
344 Allow from all
345 deny from X.X.X.X
X. X indicates the IP address that denies access.
3. encrypted access (https)
123456789101112
# cd /etc/pki
# ll
drwxr-xr-x. 6 root root 4096 Mar 30 14:59 CA
drwxr-xr-x. 4 root root 4096 Mar 30 14:57 ca-trust
drwxr-xr-x. 2 root root 4096 Mar 30 15:41 entitlement
drwxr-xr-x. 2 root root 4096 Mar 30 14:57 java
drwxr-xr-x. 2 root root 4096 Mar 30 14:58 nssdb
drwxr-xr-x. 2 root root 4096 Mar 30 15:15 product
drwxr-xr-x. 2 root root 4096 Mar 30 14:55 rpm-gpg
drwx------. 2 root root 4096 Aug 15 2013 rsyslog
drwxr-xr-x. 5 root root 4096 Mar 30 14:59 tls
# vim tls/openssl.cnf
123456789101112131415161718192021222324252627282930313233343536373839
# cd /etc/pki/CA/
# touch index.txt
# touch serial
# echo 00 >serial
# openssl genrsa 1024 >private/cakey.pem
Generating RSA private key, 1024 bit long modulus
.................++++++
.........................................++++++
e is 65537 (0x10001)
# ll private/cakey.pem
-rw-r--r--. 1 root root 887 May 14 14:38 private
/cakey
.pem
# openssl req -new -key private/cakey.pem -x509 -out cacert.pem
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter
'.'
, the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:HeNan
Locality Name (eg, city) [Default City]:ZhengZhou
Organization Name (eg, company) [Default Company Ltd]:ZZU
Organizational Unit Name (eg, section) []:tec
Common Name (eg, your name or your server's
hostname
) []:rootca.net.org
Email Address []:
# mkdir -pv /etc/httpd/certs
# cd /etc/httpd/certs/
# openssl genrsa 1024 >httpd.key
Generating RSA private key, 1024 bit long modulus
.......++++++
....++++++
e is 65537 (0x10001)
# ll
-rw-r--r--. 1 root root 887 May 14 14:42 httpd.key
# chmod 600 httpd.key
# ll
-rw-------. 1 root root 887 May 14 14:42 httpd.key
# Vim/etc/pki/tls/openssl. cnf // low-line command mode: 85,87 s/match/optional
1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768
# openssl req -new -key httpd.key -out httpd.crq
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter
'.'
, the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:HeNan
Locality Name (eg, city) [Default City]:ZhengZhou
Organization Name (eg, company) [Default Company Ltd]:abc
Organizational Unit Name (eg, section) []:tec
Common Name (eg, your name or your server's
hostname
) []:www.abc.com
Email Address []:
Please enter the following
'extra'
attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
# ll
-rw-r--r--. 1 root root 651 May 14 14:46 httpd.crq
-rw-------. 1 root root 887 May 14 14:42 httpd.key
# openssl ca -in httpd.crq -out httpd.cert
Using configuration from
/etc/pki/tls/openssl
.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number: 0 (0x0)
Validity
Not Before: May 14 21:46:54 2014 GMT
Not After : May 14 21:46:54 2015 GMT
Subject:
countryName = CN
stateOrProvinceName = ZhengZhou
organizationName = abc
organizationalUnitName = tec
commonName = www.abc.com
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
0A:8A:11:6A:C4:86:4B:66:DC:C3:10:B5:D4:CE:C2:AB:E8:8A:8B:DE
X509v3 Authority Key Identifier:
keyid:79:AB:D7:17:BC:30:27:1F:59:08:6F:01:70:A2:33:53:55:99:27:E1
Certificate is to be certified
until
May 14 21:46:54 2015 GMT (365 days)
Sign the certificate? [y
/n
]:y
1 out of 1 certificate requests certified, commit? [y
/n
]y
Write out database with 1 new entries
Data Base Updated
# cd /etc/pki/CA/
# cat index.txt
V 150514214654Z 00 unknown
/C
=CN
/ST
=ZhengZhou
/O
=abc
/OU
=tec
/CN
=www.abc.com
# yum install mod_ssl
# vim /etc/httpd/conf.d/ssl.conf
105 SSLCertificateFile
/etc/httpd/certs/httpd
.cert
112 SSLCertificateKeyFile
/etc/httpd/certs/httpd
.key
121 SSLCertificateChainFile
/etc/pki/CA/cacert
.pem
# Service httpd configtest // syntax Test
Syntax OK
# vim /etc/httpd/conf/httpd.conf
136
# Listen 80 // close port 80 and only allow https access
# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
# netstat -tupln |grep httpd
tcp 0 0 :::443 :::* LISTEN 25167
/httpd
V. Test
Client browser access https://www.yinuo.com/wordpress/
View and install the certificate.
Homepage display
This article from the "one promise thousands of gold" blog, please be sure to keep this source http://yinuoqianjin.blog.51cto.com/8360868/1352804