- 如果打算使用AMH等云主机面板,就不要安装阿里云linux一键安装WEB环境,否则会有冲突;
-
云服务器ECS——创建实例——部署web环境LAMP(Xshell & Xftp)
给安装文件夹赋予777权限,执行安装命令:chmod -R 777 sh-1.5.5 cd sh-1.5.5 ./install.sh -
安装phpwind,通过公网 IP/phpmyadmin,配置wp所需要的数据库,数据库的排序类型选择utf8_general_ci;
-
将wordpress的文件解压到网站的根目录,阿里云ecs的网站根目录在alidata/www/phpwind;
nginx:(1)比apache 占用更少的内存及资源;(2)抗并发,nginx 处理请求是异步非阻塞的,而apache 则是阻塞型的,在高并发下nginx 能保持低资源低消耗高性能;(3)高度模块化的设计,编写模块相对简单;(4)社区活跃;
apache:(1)rewrite ,比nginx 的rewrite 强大;(2)模块超多,基本想到的都可以找到;(3)少bug ,nginx 的bug 相对较多;(4)稳定;
- 过程中简单的linux命令:
netstat -tunlp (检查服务器端口的listen情况)
netstat -anp | grep (443 检查443接口的监听情况)
service nginx restart (nginx服务器重启)
service httpd restart (apache服务器重启)
- ping不能调试接口,调试接口需要telnet;
- 服务器的ftp和数据库的账号密码在/root/安装文件夹/account.log中;
- AMH云主机面板具有配置ssl证书的模块AMSSL,应用该模块后不需要再通过服务器配置ssl文件,但是AMH并不稳定,经常出现无法访问的问题,不是上乘之选。默认的AMH后台通过ip:8888访问,加密的情况下通过ip:9999访问后台;
- 负载均衡有配置ssl的地方,可以通过ssl推送来为负载均衡配置。前端协议443,后端协议80,即负载均衡作为桥梁为443和后台做连接。但是,负载均衡配置成功后,并不能直接实现https访问,还需要进行rewrite等方面的配置,对小白来说比较困难,所以负载均衡并不是https的捷径。
(阿里云负载均衡配置https单向认证) - 配置ssl证书的目录是/alidata/server/nginx-1.4.4/conf下,而不是/root/sh-1.5.5下,即是nginx/apache/tomcat的安装目录;
(阿里云ssl证书不同服务器配置方式) - 各端口的意义:
| 端口号 | 作用 |
|---|---|
| 0.0.0.0:3306 | mysql |
| 0.0.0.0:80 | nginx |
| 0.0.0.0:21 | ftp |
| 0.0.0.0.22 | sshd |
| 0.0.0.0.443 | https加密端口 |
- 域名解析后,需要在 云服务器ECS——网络和安全——安全组——配置规则:
| 协议类型 | 端口范围 | 授权类型 | 优先级 |
|---|---|---|---|
| ICMP | -1/-1 | 地址段访问 | 1 |
| TCP | 443 | 地址段访问 | 1 |
| TCP | 80 | 地址段访问 | 1 |
| TCP | 22 | 地址段访问 | 110 |
| TCP | 3389 | 地址段访问 | 110 |
-
按照ssl证书配置方式进行配置后,https+域名,(nginx服务器)出现:Welcome to nginx;(apache服务器)出现:It is httpd;
这说明你的加密已经生效了,但是路径还没配置正确,所以跳到了默认的一个欢迎页。这时需要对nginx.conf文件进行如下的配置:#user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" # $status $body_bytes_sent "$http_referer" # "$http_user_agent" "$http_x_forwarded_for"; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen 80; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / { root html; index index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} # another virtual host using mix of IP-, name-, and port-based configuration #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # server { listen 443 ssl; server_name localhost; #ssl on; ssl_certificate cert/214211268900404.pem; ssl_certificate_key cert/214211268900404.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_prefer_server_ciphers on; location / { root /alidata/www/phpwind; index index.html index.htm index.php; } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ \.php$ { root /alidata/www/phpwind; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /alidata/www/phpwind$fastcgi_script_name; include fastcgi_params; } }
网友评论