- 如果打算使用AMH等云主機(jī)面板,就不要安裝阿里云linux一鍵安裝WEB環(huán)境募判,否則會(huì)有沖突荡含;
-
云服務(wù)器ECS——?jiǎng)?chuàng)建實(shí)例——部署web環(huán)境LAMP(Xshell & Xftp)
給安裝文件夾賦予777權(quán)限,執(zhí)行安裝命令:chmod -R 777 sh-1.5.5 cd sh-1.5.5 ./install.sh
安裝phpwind届垫,通過公網(wǎng) IP/phpmyadmin释液,配置wp所需要的數(shù)據(jù)庫(kù),數(shù)據(jù)庫(kù)的排序類型選擇utf8_general_ci装处;
將wordpress的文件解壓到網(wǎng)站的根目錄均澳,阿里云ecs的網(wǎng)站根目錄在alidata/www/phpwind;
nginx:(1)比apache 占用更少的內(nèi)存及資源;(2)抗并發(fā)找前,nginx 處理請(qǐng)求是異步非阻塞的糟袁,而apache 則是阻塞型的,在高并發(fā)下nginx 能保持低資源低消耗高性能躺盛;(3)高度模塊化的設(shè)計(jì)项戴,編寫模塊相對(duì)簡(jiǎn)單;(4)社區(qū)活躍槽惫;
apache:(1)rewrite 周叮,比nginx 的rewrite 強(qiáng)大;(2)模塊超多界斜,基本想到的都可以找到仿耽;(3)少bug ,nginx 的bug 相對(duì)較多各薇;(4)穩(wěn)定项贺;
- 過程中簡(jiǎn)單的linux命令:
netstat -tunlp (檢查服務(wù)器端口的listen情況)
netstat -anp | grep (443 檢查443接口的監(jiān)聽情況)
service nginx restart (nginx服務(wù)器重啟)
service httpd restart (apache服務(wù)器重啟)
- ping不能調(diào)試接口,調(diào)試接口需要telnet峭判;
- 服務(wù)器的ftp和數(shù)據(jù)庫(kù)的賬號(hào)密碼在/root/安裝文件夾/account.log中开缎;
- AMH云主機(jī)面板具有配置ssl證書的模塊AMSSL,應(yīng)用該模塊后不需要再通過服務(wù)器配置ssl文件林螃,但是AMH并不穩(wěn)定奕删,經(jīng)常出現(xiàn)無(wú)法訪問的問題,不是上乘之選疗认。默認(rèn)的AMH后臺(tái)通過ip:8888訪問完残,加密的情況下通過ip:9999訪問后臺(tái);
- 負(fù)載均衡有配置ssl的地方横漏,可以通過ssl推送來為負(fù)載均衡配置坏怪。前端協(xié)議443,后端協(xié)議80绊茧,即負(fù)載均衡作為橋梁為443和后臺(tái)做連接铝宵。但是,負(fù)載均衡配置成功后华畏,并不能直接實(shí)現(xiàn)https訪問鹏秋,還需要進(jìn)行rewrite等方面的配置,對(duì)小白來說比較困難亡笑,所以負(fù)載均衡并不是https的捷徑侣夷。
(阿里云負(fù)載均衡配置https單向認(rèn)證) - 配置ssl證書的目錄是/alidata/server/nginx-1.4.4/conf下,而不是/root/sh-1.5.5下仑乌,即是nginx/apache/tomcat的安裝目錄百拓;
(阿里云ssl證書不同服務(wù)器配置方式) - 各端口的意義:
端口號(hào) | 作用 |
---|---|
0.0.0.0:3306 | mysql |
0.0.0.0:80 | nginx |
0.0.0.0:21 | ftp |
0.0.0.0.22 | sshd |
0.0.0.0.443 | https加密端口 |
- 域名解析后琴锭,需要在 云服務(wù)器ECS——網(wǎng)絡(luò)和安全——安全組——配置規(guī)則:
協(xié)議類型 | 端口范圍 | 授權(quán)類型 | 優(yōu)先級(jí) |
---|---|---|---|
ICMP | -1/-1 | 地址段訪問 | 1 |
TCP | 443 | 地址段訪問 | 1 |
TCP | 80 | 地址段訪問 | 1 |
TCP | 22 | 地址段訪問 | 110 |
TCP | 3389 | 地址段訪問 | 110 |
-
按照ssl證書配置方式進(jìn)行配置后,https+域名衙传,(nginx服務(wù)器)出現(xiàn):Welcome to nginx决帖;(apache服務(wù)器)出現(xiàn):It is httpd;
這說明你的加密已經(jīng)生效了蓖捶,但是路徑還沒配置正確地回,所以跳到了默認(rèn)的一個(gè)歡迎頁(yè)。這時(shí)需要對(duì)nginx.conf文件進(jìn)行如下的配置:#user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" # $status $body_bytes_sent "$http_referer" # "$http_user_agent" "$http_x_forwarded_for"; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen 80; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / { root html; index index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} # another virtual host using mix of IP-, name-, and port-based configuration #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # server { listen 443 ssl; server_name localhost; #ssl on; ssl_certificate cert/214211268900404.pem; ssl_certificate_key cert/214211268900404.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_prefer_server_ciphers on; location / { root /alidata/www/phpwind; index index.html index.htm index.php; } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ \.php$ { root /alidata/www/phpwind; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /alidata/www/phpwind$fastcgi_script_name; include fastcgi_params; } }