网站搭建前的分析:
(1)我们需要有DNS解析
(2)作为网站我们还要为其颁发证书
(3)搭建网站并连接数据库。
(4)安装wordpress
实现方法:
首先我们需要关闭防火墙和selinux
搭建DNS解析服务器:
[root@localhost ~]# vim /etc/named.conf
// listen-on port 53 { 127.0.0.1; };
// allow-query { localhost; };
[root@localhost ~]# vim /etc/named.rfc1912.zones
zone "a.com" IN {
type master;
file "a.com.zones";
};
zone "b.com" IN {
type master;
file "b.com.zones";
};
zone "c.com" IN {
type master;
file "c.com.zones";
};
[root@localhost ~]# vim /var/named/a.com.zones $TTL 1D @ IN SOA ns admin.a.com. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS ns ns A 192.168.125.131 www A 192.168.125.134 web A 192.168.125.134
[root@localhost ~]# vim /var/named/b.com.zones $TTL 1D @ IN SOA ns admin.b.com. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS ns ns A 192.168.125.131 www A 192.168.125.134
[root@localhost ~]# vim /var/named/c.com.zones $TTL 1D @ IN SOA ns admin.c.com. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS ns ns A 192.168.125.131 www A 192.168.125.134
创建虚拟主机
[root@localhost conf.d]# vim test.conf
NameVirtualHost *:443
<VirtualHost *:443>
ServerName www.b.com
DocumentRoot /app/html2
ErrorLog logs/www.b.com-error_log
CustomLog logs/www.b.com-access_log combined
SSLEngine on
SSLCertificateFile /etc/httpd/conf.d/ssl/httpd.crt
SSLCertificateKeyFile /etc/httpd/conf.d/ssl/httpd.key
SSLCACertificateFile /etc/httpd/conf.d/ssl/cacert.pem
</VirtualHost>
<VirtualHost *:443>
ServerName www.c.com
DocumentRoot /app/html3
ErrorLog logs/www.b.com-error_log
CustomLog logs/www.b.com-access_log combined
SSLEngine on
SSLCertificateFile /etc/httpd/conf.d/ssl/httpd-t.crt
SSLCertificateKeyFile /etc/httpd/conf.d/ssl/httpd.key
SSLCACertificateFile /etc/httpd/conf.d/ssl/cacert.pem
</VirtualHost>
#-------------------------------------------------------------------------
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.a.com
DocumentRoot /app/html1
ErrorLog logs/www.a.com-error_log
CustomLog logs/www.a.com-access_log combined
</VirtualHost>
<VirtualHost *:80>
ServerName www.b.com
DocumentRoot /app/html2
ErrorLog logs/www.b.com-error_log
CustomLog logs/www.b.com-access_log combined
</VirtualHost>
#----------------------------------------------------------------------------
<VirtualHost *:80>
ServerName www.c.com
DocumentRoot /app/html3
ErrorLog logs/www.b.com-error_log
CustomLog logs/www.b.com-access_log combined
</VirtualHost>
接着我们要找一台机器作为CA中心专门为我们颁发证书:
[root@localhost ~]# (umask 066;openssl genrsa -out private/cakey.pem 4096) [root@localhost ~]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 3650 [root@localhost CA]# touch index.txt [root@localhost CA]# echo 00 > serial
WEB Server生成私钥及请求文件
[local@centos ssl]# (umask 066;openssl genrsa -out httpd.key 1024) [local@centos ssl]# openssl req -new -key httpd.key -out httpd.csr [root@centos6 ssl]# scp httpd.csr [email protected]:/etc/pki/CA [root@centos6 CA]# openssl ca -in httpd.csr -out certs/httpd.crt -days 300 [root@centos6 CA]# scp certs/httpd.crt [email protected]:/etc/httpd/conf.d/ssl
vim /etc/httpd/cond.d/ssl.conf
将httpd.key httpd.crt cacert.pem 写入ssl.conf文件。
安装Apache软件
yum -y install httpd php php-mysql marisdb
启动服务:systemctl restart httpd
初始化数据库:
[root@lamp mysql]# mysql_secure_installation [root@lamp mysql]# mysql -uroot -pcentos MariaDB [(none)]> create database wpdb; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> grant all on wpdb.* to wpuser@'%' identified by 'centos'; Query OK, 0 rows affected (0.01 sec)
4.安装wordpress
4.安装wordpress [root@lamp src]# cd /usr/local/src/ [root@lamp src]# tar xvf wordpress-4.8.1-zh_CN.tar.gz -C /var/www/html/ [root@lamp html]# ln -s wordpress/ blog [root@lamp html]# setfacl -m u:apache:rwx blog