分类目录归档:WordPress

wordpress博客启用 UpdraftPlus作者的两步验证插件后登陆时不跳出验证码界面的解决办法

使用两步验证插件来保护wordpress登陆是个常用安全防范措施。来自大名鼎鼎的wordpress博客备份工具UpdraftPlus作者的Two Factor Authentication是个很方便使用的两步验证解决方案。

碰到的一个尴尬情况

启用这个两步验证插件后,正常情况是,在wordpress登陆界面输入用户名和密码后,点击登陆,会自动跳转到输入两步验证码的界面。但有时候输入用户名和密码后,点击登陆后,两步验证码的界面一直不出现,而是看到登陆按钮左边有个圈一直转啊转。

解决办法

尝试使用带www和不带www的域名地址登陆,看哪个可以成功出现两步验证码的界面。
我的碰到的情况是使用co1dawn.com/wp-login.php登陆时就会出现上面的尴尬情况;
这时加上www,即登陆www.co1dawn.com/wp-login.php就会正常出现两步验证码。
也许你是相反的情况。

CentOS 7 搭建LNMP服务器环境

CentOS漫长的支持周期使得对系统更新的需求不是那么迫切,只要用得顺手。不过,新安装的话,就应该直接安装最新版,这样就可以用很久了。Centos 7 搭建LNMP(nginx, MariaDB, PHP)服务器和在CentOS 6 搭建LNMP服务器环境大同小异,整体过程和方法都是一样的,只需将NMP的源由CentOS 6 改成CentOS 7 的,修改几条命令就可以了。

1 更新系统:

yum update -y

查看系统版本:

cat /etc/centos-release

CentOS Linux release 7.3.1611 (Core)

2 配置源:

2.1 配置MariaDB官方源
首先需要定制MariaDB的官方源
选择合适的系统,系统版本,及MariaDB版本(最新是10.2, 目前处于RC阶段),获得CentOS 7 64位系统MariaDB 10.2 RC版本的源地址。

CentOS > CentOS 7 (x86_64) > 10.2 [Release Candidate]

配置源方法

vi /etc/yum.repos.d/MariaDB.repo

填入如下内容

# MariaDB 10.2 CentOS repository list - created 2017-02-25 08:07 UTC
# http://downloads.mariadb.org/mariadb/repositories/
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.2/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1

保存退出(按ESC键,输入:wq)。

2.2 配置PHP源
webtatic源更新较快,且其命名有自己的特色方式,可以避免与其他源的某些冲突:

rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

2.3 配置nginx官方源
官方nginx有两个版本,mainline和stable,即开发板和稳定版,区别是前者引入新特性但可能有新bug,后者足够稳定。事实上,两者均比较稳定,nginx的网站总是运行在mainline版上。
以下提供两个版本供选择,请选择其一,推荐使用mainline版。

2.3.1 mainline 版
nginx的mainline版

vi /etc/yum.repos.d/nginx.repo

系统是CentOS 7,故写入如下内容

[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/mainline/centos/7/$basearch/
gpgcheck=0
enabled=1

保存退出。

2.3.2 stable 版

vi /etc/yum.repos.d/nginx.repo

系统是CentOS 7,故写入如下内容


[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1

保存退出。

3 安装、启动服务及设置开机启动

3.1.1 安装MariaDB

yum install MariaDB-server -y

3.1.2 安装PHP

yum install php71w-fpm -y

安装扩展

yum install php71w-gd php71w-mysqlnd php71w-pdo php71w-mcrypt php71w-mbstring php71w-xmlrpc -y

3.1.3 安装nginx

yum install nginx -y

3.2 启动服务并设置开机启动

systemctl start nginx

systemctl start mariadb

systemctl start php-fpm

systemctl enable nginx

systemctl enable mariadb

systemctl enable php-fpm

4 配置

4.1 设置MariaDB

MariaDB对MySQL的命令具有良好的兼容性。
此步主要是MariaDB的安全设置:

mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none): 

因为是初次设置MariaDB,所以root密码是空的,此处直接回车

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y

设置数据库的密码

New password: 

设置密码,设置一个你自己知道的密码。

Re-enter new password: 

再次输入密码

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

4.2 配置PHP

vi /etc/php.ini

找到

;cgi.fix_pathinfo=1

去掉注释,并将1改成0

cgi.fix_pathinfo=0

保存退出。

4.3 配置nginx

4.3.1 默认配置

直接用浏览器打开你的主机空间的IP地址或者域名(假设IP地址为1.2.3.4,域名为www.urwp.com,后面也会用到),就可以看到nginx的欢迎页面,说明nginx已经在工作了。

Welcome to nginx!

If you see this page, the nginx web server is successfully installed and working. Further configuration is required.

For online documentation and support please refer to nginx.org.
Commercial support is available at nginx.com.

Thank you for using nginx.

4.3.2 配置nginx,以支持PHP

vi /etc/nginx/conf.d/default.conf

修改前的默认配置是这样的:

server {
    listen       80;
    server_name  localhost;

    #charset koi8-r;
    #access_log  /var/log/nginx/log/host.access.log  main;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    #    root           html;
    #    fastcgi_pass   127.0.0.1:9000;
    #    fastcgi_index  index.php;
    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
    #    include        fastcgi_params;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #    deny  all;
    #}
}

修改如下区块,取消注释,并修改部分内容:

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location ~ \.php$ {
        root           /usr/share/nginx/html;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }

4.3.3 测试PHP是否正常运行

vi /usr/share/nginx/html/phpinfo.php

写入如下代码,并保存

<?php
phpinfo();
?>

重启nginx和PHP

systemctl restart nginx
systemctl restart php-fpm

再次访问你的主机地址或域名:

http://1.2.3.4/phpinfo.php

或者

http://www.urwp.com/phpinfo.php

可见到php相关信息,说明PHP和nginx已经配合工作了。
此时LNMP网络服务环境就已初步搭建了。

接下来,可以部署自己的网站,或者开个简单的博客,比如WordPress
部署好LNMP后,不管是CentOS 6,还是CentOS 7,安装WordPress步骤都是一样的:CentOS 6系统LNMP环境下安装WordPress

CentOS 6 系统LNMP环境下安装WordPress

Changes: 
2016-08-19
nginx-1.11.3 mainline或nginx-1.10.1, MariaDB 10.1.16, PHP 7.0.9,同样适用。
2016-05-04
nginx-1.9.15 mainline或nginx-1.10.0, MariaDB 10.1.13, PHP 7.0.5,同样适用。
2016-02-21
nginx 1.9.11, PHP 7.0.3,同样适用。
WordPress博客虽然越来越臃肿,但是与其功能不断丰富不无关系,目前是个人博客较好的选择。
本文介绍如何在CentOS 6系统的LNMP环境下安装WordPress。
说明:
1 本文从准备好的LNMP环境开始,成功的关键点在于要修改部分权限、用户名和用户组。
2 参考教程:
How To Install WordPress with nginx on CentOS 6
Nginx, PHP5, MySQL Support In CentOS 6.5

详细过程:
1 建立wordpress站点的数据库

登录MariaDB,密码是之前设置的

mysql -u root -p

下面举例的数据库、用户、密码分别为:“wordpress”、“wpuser”、“wppw”。可自定义。

建立名为“wordpress”的数据库

CREATE DATABASE wordpress;
Query OK, 1 row affected (0.00 sec)

建立名为“wpuser”的用户,并设置密码为“wppw”

CREATE USER 'wpuser'@'localhost' IDENTIFIED BY 'wppw';
Query OK, 0 rows affected (0.00 sec)

修复权限

GRANT ALL PRIVILEGES ON wordpress.* TO 'wpuser'@'localhost';
Query OK, 0 rows affected (0.00 sec)

exit,退出。

2 配置nginx与PHP

2.1 假设把网站文件放在 /var/www/wordpress 目录下:

mkdir -p /var/www/wordpress

2.1 配置站点文件的路径,并启用unix socket通信

vi /etc/nginx/conf.d/default.conf

如下修改,保存

server {
    listen       80;
    server_name  localhost;

    #charset koi8-r;
    #access_log  /var/log/nginx/log/host.access.log  main;

    location / {
        root   /var/www/wordpress;
        index  index.php index.html index.htm;
        try_files $uri $uri/ /index.php$is_args$args;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location ~ \.php$ {
         root /var/www/wordpress;
         fastcgi_split_path_info ^(.+\.php)(/.+)$;
         fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
         fastcgi_index index.php;
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
         include fastcgi_params;
         }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    # deny all;
    #}
}

“try_files $uri $uri/ /index.php$is_args$args;”,伪静态。

2.2 配置PHP,开启unix socket通信,并修改用户名和用户组

vi /etc/php-fpm.d/www.conf

2.2.1 修改unix socket通信,找到

listen = 127.0.0.1:9000

并修改为

listen = /var/run/php-fpm/php-fpm.sock

2.2.2 找到如下字段,去掉注释,并将nobody改为nginx,否则unix socket通信功能无效,nginx将无法与PHP连接。

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
;listen.owner = nobody
;listen.group = nobody
;listen.mode = 0660

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = nginx
listen.group = nginx
;listen.mode = 0660

2.2.3 找到如下字段,将user和group的apache改为nginx

; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
; RPM: apache Choosed to be able to access some dir as httpd
user = apache
; RPM: Keep a group allowed to write in log dir.
group = apache

修改user和group为nginx

; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
; RPM: apache Choosed to be able to access some dir as httpd
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx

如果忽略,会出现安装插件时需要输入用户名和密码的尴尬

Connection Information

To perform the requested action, WordPress needs to access your web server. Please enter your FTP credentials to proceed. If you do not remember your credentials, you should contact your web host.

2.3 重启nginx、php-fpm

service nginx restart
service php-fpm restart

3 安装WordPress

3.1 下载并配置

cd /tmp && wget wordpress.org/latest.tar.gz

tar xvzf latest.tar.gz && cp -rf wordpress/* /var/www/wordpress/

cp /var/www/wordpress/wp-config-sample.php /var/www/wordpress/wp-config.php

3.2 将WordPress连接至已经建好的数据库

找到数据库的配置字段,并按“1 建立wordpress的数据库”时所设置的数据库、用户名、密码进行修改:

vi /var/www/wordpress/wp-config.php

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'wordpress');

/** MySQL database username */
define('DB_USER', 'wpuser');

/** MySQL database password */
define('DB_PASSWORD', 'wppw');

3.3 修复网站所在文件夹的权限,

cd /var/www/

chown nginx:nginx * -R
usermod -a -G nginx nginx

如不进行此步,则在安装插件时,会出现和“2.2.3”相同的情况:

Connection Information

To perform the requested action, WordPress needs to access your web server. Please enter your FTP credentials to proceed. If you do not remember your credentials, you should contact your web host.

3.4 用浏览器访问如下地址(假设站点IP为1.2.3.4,域名为www.urwp.com),并启动安装WordPress。

1.2.3.4/wp-admin/install.php

www.urwp.com/wp-admin/install.php

上一篇:CentOS 6 搭建LNMP服务器环境

删除或修改“自豪地采用WordPress”

请启用子主题(child theme)后再进行主题的相关修改,主题更新时子主题所进行的修改不会被覆盖,利于维护。

“自豪地采用WordPress”是由主题目录下的footer.php控制的。

1 修改途径:
有两种途径可以修改,效果完全一致。
1.1 在WordPress仪表盘中,依次找到:
外观-编辑-主题页脚(footer.php)。
1.2 后台进入主题目录,然后:

vim footer.php

2 如何删除“自豪地采用WordPress”
通过上面的任一途径,直接删除如下字段即可:

<a href="<?php echo esc_url( __( 'https://wordpress.org/', 'twentytwelve' ) ); ?>" title="<?php esc_attr_e( 'Semantic Personal Publishing Platform', 'twentytwelve' ); ?>"><?php printf( __( 'Proudly powered by %s', 'twentytwelve' ), 'WordPress' ); ?></a>

3 如何修改“自豪地采用WordPress”
3.1 举个例子,想改成如下的样式,并去掉“自豪地”:

© 2016 Coldawn. Powered by WordPress

只需将”© 2016 Coldawn.”直接加在上面提到的那串代码的前面,并将”Proudly”删除,把“powered”改成首字母大写“Powered”:

© 2016 Coldawn.<a href="<?php echo esc_url( __( 'https://wordpress.org/', 'twentytwelve' ) ); ?>" title="<?php esc_attr_e( 'Semantic Personal Publishing Platform', 'twentytwelve' ); ?>"><?php printf( __( 'Powered by %s', 'twentytwelve' ), 'WordPress' ); ?></a>

3.2 如果只想WordPress有链接,变成这样:

© 2016 Coldawn. Powered by WordPress

则把上面的代码中的“Powered by”提前到“© 2016 Coldawn.”后面,变成:

© 2016 ColPdawn. Powered by <a href="<?php echo esc_url( __( 'https://wordpress.org/', 'twentytwelve' ) ); ?>" title="<?php esc_attr_e( 'Semantic Personal Publishing Platform', 'twentytwelve' ); ?>"><?php printf( __( ' %s', 'twentytwelve' ), 'WordPress' ); ?></a>

3.3 如果想添加更多内容,可复制第2步中删除的代码,直接粘贴到后面,按需要修改即可

https://wordpress.org/ 链接的网址 https://wordpress.org/
Semantic Personal Publishing Platform 鼠标指向目标时显示的浮动文字 优雅的个人发布平台
WordPress 用于显示站点名 WordPress

3.4 如果需要分两行显示,只需在需要分行的地方插入如下代码即可:

<br />