Analysis before the website is built:
(1) We need to have DNS resolution
(2) As a website, we will also issue a certificate for it
(3) Build a website and connect to the database.
(4) Install wordpress
Implementation:
First we need to turn off the firewall and selinux
Set up a DNS resolution server:
[root@localhost ~]# vim /etc/named.conf
// listen-on port 53 { 127.0.0.1; };
// allow-query { localhost; };
[root@localhost ~]# vim /etc/named.rfc1912.zones
zone "a.com" IN {
type master;
file "a.com.zones";
};
zone "b.com" IN {
type master;
file "b.com.zones";
};
zone "c.com" IN {
type master;
file "c.com.zones";
};
[root@localhost ~]# vim /var/named/a.com.zones $TTL 1D @ IN SOA ns admin.a.com. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS ns ns A 192.168.125.131 www A 192.168.125.134 web A 192.168.125.134
[root@localhost ~]# vim /var/named/b.com.zones $TTL 1D @ IN SOA ns admin.b.com. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS ns ns A 192.168.125.131 www A 192.168.125.134
[root@localhost ~]# vim /var/named/c.com.zones $TTL 1D @ IN SOA ns admin.c.com. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS ns ns A 192.168.125.131 www A 192.168.125.134
Create virtual host
[root@localhost conf.d]# vim test.conf
NameVirtualHost *:443
<VirtualHost *:443>
ServerName www.b.com
DocumentRoot /app/html2
ErrorLog logs/www.b.com-error_log
CustomLog logs/www.b.com-access_log combined
SSLEngine on
SSLCertificateFile /etc/httpd/conf.d/ssl/httpd.crt
SSLCertificateKeyFile /etc/httpd/conf.d/ssl/httpd.key
SSLCACertificateFile /etc/httpd/conf.d/ssl/cacert.pem
</VirtualHost>
<VirtualHost *:443>
ServerName www.c.com
DocumentRoot /app/html3
ErrorLog logs/www.b.com-error_log
CustomLog logs/www.b.com-access_log combined
SSLEngine on
SSLCertificateFile /etc/httpd/conf.d/ssl/httpd-t.crt
SSLCertificateKeyFile /etc/httpd/conf.d/ssl/httpd.key
SSLCACertificateFile /etc/httpd/conf.d/ssl/cacert.pem
</VirtualHost>
#-------------------------------------------------------------------------
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.a.com
DocumentRoot /app/html1
ErrorLog logs/www.a.com-error_log
CustomLog logs/www.a.com-access_log combined
</VirtualHost>
<VirtualHost *:80>
ServerName www.b.com
DocumentRoot /app/html2
ErrorLog logs/www.b.com-error_log
CustomLog logs/www.b.com-access_log combined
</VirtualHost>
#----------------------------------------------------------------------------
<VirtualHost *:80>
ServerName www.c.com
DocumentRoot /app/html3
ErrorLog logs/www.b.com-error_log
CustomLog logs/www.b.com-access_log combined
</VirtualHost>
Then we need to find a machine as a CA center to issue certificates for us:
[root@localhost ~]# (umask 066;openssl genrsa -out private/cakey.pem 4096) [root@localhost ~]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 3650 [root@localhost CA]# touch index.txt [root@localhost CA]# echo 00 > serial
WEB Server generates private key and request file
[local@centos ssl]# (umask 066;openssl genrsa -out httpd.key 1024) [local@centos ssl]# openssl req -new -key httpd.key -out httpd.csr [root@centos6 ssl]# scp httpd.csr [email protected]:/etc/pki/CA [root@centos6 CA]# openssl ca -in httpd.csr -out certs/httpd.crt -days 300 [root@centos6 CA]# scp certs/httpd.crt [email protected]:/etc/httpd/conf.d/ssl
vim /etc/httpd/cond.d/ssl.conf
will httpd.key httpd.crt cacert .pem is written to the ssl.conf file.
Install Apache software
yum -y install httpd php php-mysql marisdb
Start the service: systemctl restart httpd
Initialize the database:
[root@lamp mysql]# mysql_secure_installation [root@lamp mysql]# mysql -uroot -pcentos MariaDB [(none)]> create database wpdb; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> grant all on wpdb.* to wpuser@'%' identified by 'centos'; Query OK, 0 rows affected (0.01 sec)
4. Install wordpress
4. Install wordpress [root@lamp src]# cd /usr/local/src/ [root@lamp src]# tar xvf wordpress-4.8.1-zh_CN.tar.gz -C /var/www/html/ [root@lamp html]# ln -s wordpress/ blog [root@lamp html]# setfacl -m u:apache:rwx blog