如何使用 Apache 安装 WonderCMS 并在 CentOS 8 上加密 SSL如何使用 Apache 安装 WonderCMS 并在 CentOS 8 上加密 SSL如何使用 Apache 安装 WonderCMS 并在 CentOS 8 上加密 SSL如何使用 Apache 安装 WonderCMS 并在 CentOS 8 上加密 SSL
  • 文章
  • 正则表达式
    • 工具
  • 登录
找到的结果: {phrase} (显示: {results_count} 共: {results_count_total})
显示: {results_count} 共: {results_count_total}

加载更多搜索结果...

搜索范围
模糊匹配
搜索标题
搜索内容
发表 admin at 2025年2月28日
类别
  • 未分类
标签

如何使用 Apache 安装 WonderCMS 并在 CentOS 8 上加密 SSL

在此页

  1. 先决条件
  2. 安装 Apache 和 PHP
  3. 下载 WonderCMS
  4. 为 WonderCMS 配置 Apache
  5. 使用 Lets Encrypt SSL 保护 WonderCMS
  6. 配置防火墙和 SELinux
  7. 访问 WonderCMS
  8. 结论

WonderCMS 是一个免费、开源、简单且轻量级的内容管理系统,用于构建简单的网站和博客。它是一个平面文件 CMS,不需要任何数据库。安装过程非常简单,不需要任何初始配置。它提供了一组丰富的功能,包括所见即所得支持、灵活的 CSS 框架、SEO 友好等等。

在本教程中,我们将向您展示如何在 CentOS 8 上安装 WonderCMS 并使用 Lets Encrypt SSL 对其进行保护。

先决条件

  • 一台运行 CentOS 8 的服务器。
  • 在您的服务器上配置了根密码。

安装 Apache 和 PHP

首先,使用以下命令安装 Apache 网络服务器、PHP 和其他 PHP 扩展:

dnf install httpd php php-mysqlnd php-curl php-opcache php-xml php-xmlrpc php-gd php-mbstring php-zip php-json wget unzip git -y

安装完成后,打开 php.ini 文件并更改一些设置:

nano /etc/php.ini

根据您的要求更改值:

memory_limit = 128M
post_max_size = 32M
upload_max_filesize = 16M
max_execution_time = 300
date.timezone = Asia/Kolkata

完成后保存并关闭文件。然后,使用以下命令启动 Apache 服务并重新启动它以在系统重启后启动:

systemctl start httpd
 systemctl enable httpd

下载 WonderCMS

首先,从 Git 存储库下载最新版本的 WonderCMS:

cd /var/www/html
 git clone https://github.com/robiso/wondercms.git

下载完成后,使用以下命令为下载的目录授予适当的权限:

chown -R apache:apache /var/www/html/wondercms
 chmod -R 775 /var/www/html/wondercms

为 WonderCMS 配置 Apache

首先,使用以下命令为 WonderCMS 创建一个新的 Apache 虚拟主机配置文件:

nano /etc/httpd/conf.d/wondercms.conf

添加以下行:

<VirtualHost *:80>
  ServerName wonder.linuxbuz.com
  DirectoryIndex index.php
  DocumentRoot /var/www/html/wondercms  
  Redirect /wondercms/loginURL /loginURL

  ErrorLog /var/log/httpd/linuxbuz.com-error.log
  CustomLog /var/log/httpd/linuxbuz.com-access.log combined

  <Directory /var/www/html/wondercms>
      Options FollowSymLinks
      AllowOverride All
      Require all granted
  </Directory>

</VirtualHost>

保存并关闭文件。然后,使用以下命令重新启动 Apache 服务:

systemctl restart httpd

您还可以使用以下命令检查 Apache 服务的状态:

systemctl status httpd

您应该看到以下输出:

? httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
  Drop-In: /usr/lib/systemd/system/httpd.service.d
           ??php-fpm.conf
   Active: active (running) since Wed 2020-02-19 08:51:34 EST; 1min 25s ago
     Docs: man:httpd.service(8)
 Main PID: 4716 (httpd)
   Status: "Total requests: 6; Idle/Busy workers 100/0;Requests/sec: 0.0759; Bytes served/sec: 812 B/sec"
    Tasks: 278 (limit: 12558)
   Memory: 43.1M
   CGroup: /system.slice/httpd.service
           ??4716 /usr/sbin/httpd -DFOREGROUND
           ??4718 /usr/sbin/httpd -DFOREGROUND
           ??4719 /usr/sbin/httpd -DFOREGROUND
           ??4720 /usr/sbin/httpd -DFOREGROUND
           ??4721 /usr/sbin/httpd -DFOREGROUND
           ??4935 /usr/sbin/httpd -DFOREGROUND

Feb 19 08:51:34 centos8 systemd[1]: Starting The Apache HTTP Server...

使用 Lets Encrypt SSL 保护 WonderCMS

接下来,使用以下命令安装 Certbot Lets Encrypt 客户端:

wget https://dl.eff.org/certbot-auto
 mv certbot-auto /usr/local/bin/certbot-auto
 chown root /usr/local/bin/certbot-auto
 chmod 0755 /usr/local/bin/certbot-auto

现在,运行以下命令为您的 WonderCMS 网站获取并安装 SSL 证书。

certbot-auto --apache -d wonder.linuxbuz.com

上面的命令将首先在您的服务器上安装所有必需的依赖项。安装后,系统会要求您提供电子邮件地址并接受服务条款,如下所示:

注意:如果您收到任何与 SSL 证书相关的错误,请重新启动 Apache 服务并再次运行上述命令。

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y 


Obtaining a new certificate
Performing the following challenges:
http-01 challenge for wonder.linuxbuz.com
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/nginx/conf.d/wondercms.conf

接下来,您需要选择是否将 HTTP 流量重定向到 HTTPS,如下所示:

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

键入 2 并按 Enter 键继续。安装完成后,您应该会看到以下输出:

Redirecting all traffic on port 80 to ssl in /etc/nginx/conf.d/wondercms.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://wonder.linuxbuz.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=wonder.linuxbuz.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/wonder.linuxbuz.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/wonder.linuxbuz.com/privkey.pem
   Your cert will expire on 2020-03-23. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot-auto
   again with the "certonly" option. To non-interactively renew *all*
   of your certificates, run "certbot-auto renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

配置防火墙和 SELinux

接下来,您需要创建防火墙规则以允许来自外部网络的 HTTP 和 HTTPS 服务。您可以使用以下命令允许它:

firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
 firewall-cmd --reload

接下来,您需要为 WonderCMS 配置 SELinux。您可以使用以下命令配置 SELinux:

setsebool httpd_can_network_connect on -P
 chcon -R -u system_u -t httpd_sys_rw_content_t -r object_r /var/www/html/wondercms

最后,重新启动 Apache 服务以应用更改:

systemctl restart httpd

访问WonderCMS

现在,打开您的 Web 浏览器并输入 URL https://wonder.linuxbuz.com。您将被重定向到 WonderCMS 主页:

现在,从上面的页面复制密码,然后单击单击登录按钮。您应该会看到以下页面:

粘贴密码并单击“登录”按钮。您应该会看到以下页面:

接下来,单击“设置”=>“安全性”。您应该会看到以下页面:

更改您的登录 URL、密码并单击“更改密码”按钮。

结论

恭喜!您已经使用 Lets Encrypt SSL 在 CentOS 8 上成功安装并保护了 WonderCMS。您现在可以使用 WonderCMS 轻松托管自己的博客和网站。

©2015-2025 艾丽卡 support@alaica.com