Wordpress open access https

First, the cloud server to request a certificate

After here to buy free ssl certificate, the application is complete, you can download directly in the service platform, in the following directory, where reference recommended configuration Ali cloud, conf directory under the installation directory of nginx create cert folder, extract the certificate cert on the folder, not just because of my nginx configuration of an application, are configured in the conf vhostdirectory

Be sure to note the location, file not found error otherwise nginx will start

And the background of the picture in the article wordpress forced https setting.

wordpress upload the pictures are written into the absolute address, that is, before the https enabled all the pictures are uploaded to the article to http://an address stored in the beginning, if not converted to https access the site at the top of the browser "small lock" will in some the browser displays a security warning, https address so that the picture becomes very simple, just in the current topic functions.php, add the following code file:

/* 替换图片链接为 https */
function my_content_manipulator($content){
    if( is_ssl() ){
        $content = str_replace('http://www.imisty.cn/wp-content/uploads', 'https://www.imisty.cn/wp-content/uploads', $content);
    }
    return $content;
}
add_filter('the_content', 'my_content_manipulator');

Can automatically http address all site-wide picture is automatically converted to https address picture.

Open https login and backstage access.

Open the Web site under the root directory of wp-config.phpthe file, add at the bottom of the file:

/* 强制后台和登录使用 SSL */
define('FORCE_SSL_LOGIN', true);
define('FORCE_SSL_ADMIN', true);

Then in the admin interface 设置-常规-wordpress地址和站点地址changed to https
To ensure that every element of the site (such as plug-ins, JS, CSS files, images, content distribution sites, etc.) are using the https protocol :( can look at chromeF12 there is no alarm)
All "Custom Link" to https Edit "menu" of them;
Modify addresses of other absolute link their cheap hand written ......
Http to replace all of the articles https

Directly modify the database (note that you back up! Note that you back up !! attention to back up important things to say !!! three times!)

UPDATE wp_posts 
SET    post_content = ( Replace (post_content, 'http://www.imisty.cn/', 'https://www.imisty.cn/') );

But during the actual operation, I found no need to use this step, after all, a little dangerous, so I'll be backstage after the completion of the site https setting, after the discovery of 404 articles visit, and then modify the simple link directly passing or modify the database using built-in WordPress white modified to me do not know PHP is still very good

Begin configuring the site's configuration file, my configuration is as follows

At this time, although the site supports HTTPS access, but also can use HTTP to access, taking into account the search engine is currently included are HTTP links, you need to redirect http to https.

server {
        listen          80;
        server_name     www.imisty.cn imisty.cn;
        return 301 https://www.imisty.cn$request_uri;
        root            /var/www/html/wordpress;
        index           index.html index.htm index.php;
        client_max_body_size 100M;

        if (!-e $request_filename) {
            rewrite ^(.*)$ /index.php$1 last;
        }

        location ~ .*\.php(\/.*)*$ {
            include fastcgi.conf;
            fastcgi_index  index.php;
            fastcgi_pass  127.0.0.1:9000;

            fastcgi_connect_timeout 300;

            fastcgi_send_timeout 300;

            fastcgi_read_timeout 300;
        }


        error_log  logs/error_wordpress.log;
        access_log logs/misty.log combined;
    }
server {
 listen 443 ssl;
 server_name www.imisty.cn imisty.cn;
 root            /var/www/html/wordpress;
 index           index.html index.htm index.php;
 client_max_body_size 100M;

 ssl_certificate   cert/misty.pem;
 ssl_certificate_key  cert/misty.key;
 ssl_session_timeout 5m;
 ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 ssl_prefer_server_ciphers on;


 location ~ .*\.php(\/.*)*$ {
      include fastcgi.conf;
      fastcgi_index  index.php;
      fastcgi_pass  127.0.0.1:9000;

      fastcgi_connect_timeout 300;

      fastcgi_send_timeout 300;

      fastcgi_read_timeout 300;
     }

}

Verify the configuration is correct
/usr/local/nginx/sbin/nginx -t

Nginx module installation http_ssl_module

If you do not enable SSL Nginx module configured Https when an error

nginx: [emerg] the "ssl" parameter requires ngx_http_ssl_module in /usr/local/nginx/conf/nginx.conf:xxx

Because when configured nginx already installed, but not installed ssl module

The following steps are to install nginx module ssl

Enter the ssl nginx source package
cd ~/MyFille/nginx
A configuremounting module specified
./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
make compile
make
4. Be sure not to execute make install, otherwise cover installed.
Backup original nginx
cp /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx_bak

6. compiled nginx will just replace the original, be sure to stop, otherwise it will display the file busy
cp ./objs/nginx /usr/local/nginx/sbin/

7. Check installation, normal installation instructions following information

[root@izwz993bv9azta8nrfwuhqz sbin]# ./nginx -V
nginx version: nginx/1.16.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC) 
built with OpenSSL 1.0.2k-fips  26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module

common problem

Nginx start when there are mistakes

解决Nginx: [error] open() ＂/usr/local/Nginx/logs/Nginx.pid" failed（2:No such file or directory）

Solution /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.confusing nginx -cthe parameters specified nginx.conf location of the file, note the location where the configuration file is best to use an absolute path

Ali cloud recommended nginx configuration warning message

[warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead
nginx 1.15 and later versions, do not need to write ssl on; a.

Changed
应该把 ssl on 改成 listen 443 ssl 这样才对

Home and normal background management https access, access another page 404 errors

This pseudo-static problems with access to information that, in the end use simple links to solve this problem, because I do not want to get to the bottom

WP Editor.md card loaded after modify the interface to access https

The problem I find is the time to find the front debugging js loaded using https need to address to https, and finally I chose to escape from problem-solving to switch to WP Githuber MD, another reason is that the author is no longer maintained WP Editor.md the

Small indeed fortunate

每一丝灵感都值得被记录,每一笔记录都是成长,每一点成长都值得欢呼

Personal bloggers station: www.imisty.cn
CSDN blog: https://blog.csdn.net/lookinthefog
blog Park: https://imist.cnblogs.com/

Hope to know some tech-savvy small partner, welcome to the Friends link yo