使用两步验证插件来保护wordpress登陆是个常用安全防范措施。来自大名鼎鼎的wordpress博客备份工具UpdraftPlus作者的Two Factor Authentication是个很方便使用的两步验证解决方案。
启用这个两步验证插件后,正常情况是,在wordpress登陆界面输入用户名和密码后,点击登陆,会自动跳转到输入两步验证码的界面。但有时候输入用户名和密码后,点击登陆后,两步验证码的界面一直不出现,而是看到登陆按钮左边有个圈一直转啊转。
尝试使用带www和不带www的域名地址登陆,看哪个可以成功出现两步验证码的界面。
我的碰到的情况是使用co1dawn.com/wp-login.php登陆时就会出现上面的尴尬情况;
这时加上www,即登陆www.co1dawn.com/wp-login.php就会正常出现两步验证码。
也许你是相反的情况。
Changes:
2016-08-19
nginx-1.11.3 mainline或nginx-1.10.1, MariaDB 10.1.16, PHP 7.0.9,同样适用。
2016-05-04
nginx-1.9.15 mainline或nginx-1.10.0, MariaDB 10.1.13, PHP 7.0.5,同样适用。
2016-02-21
nginx 1.9.11, PHP 7.0.3,同样适用。
WordPress博客虽然越来越臃肿,但是与其功能不断丰富不无关系,目前是个人博客较好的选择。 本文介绍如何在CentOS 6系统的LNMP环境下安装WordPress。 说明: 1 本文从准备好的LNMP环境开始,成功的关键点在于要修改部分权限、用户名和用户组。 2 参考教程: How To Install WordPress with nginx on CentOS 6 Nginx, PHP5, MySQL Support In CentOS 6.5
详细过程:
1 建立wordpress站点的数据库
登录MariaDB,密码是之前设置的
mysql -u root -p
下面举例的数据库、用户、密码分别为:“wordpress”、“wpuser”、“wppw”。可自定义。
建立名为“wordpress”的数据库
CREATE DATABASE wordpress;
Query OK, 1 row affected (0.00 sec)
建立名为“wpuser”的用户,并设置密码为“wppw”
CREATE USER 'wpuser'@'localhost' IDENTIFIED BY 'wppw';
Query OK, 0 rows affected (0.00 sec)
修复权限
GRANT ALL PRIVILEGES ON wordpress.* TO 'wpuser'@'localhost';
Query OK, 0 rows affected (0.00 sec)
exit,退出。
2 配置nginx与PHP
2.1 假设把网站文件放在 /var/www/wordpress 目录下:
mkdir -p /var/www/wordpress
2.1 配置站点文件的路径,并启用unix socket通信
vi /etc/nginx/conf.d/default.conf
如下修改,保存
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
location / {
root /var/www/wordpress;
index index.php index.html index.htm;
try_files $uri $uri/ /index.php$is_args$args;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root /var/www/wordpress;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
“try_files $uri $uri/ /index.php$is_args$args;”,伪静态。
2.2 配置PHP,开启unix socket通信,并修改用户名和用户组
vi /etc/php-fpm.d/www.conf
2.2.1 修改unix socket通信,找到
listen = 127.0.0.1:9000
并修改为
listen = /var/run/php-fpm/php-fpm.sock
2.2.2 找到如下字段,去掉注释,并将nobody改为nginx,否则unix socket通信功能无效,nginx将无法与PHP连接。
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
;listen.owner = nobody
;listen.group = nobody
;listen.mode = 0660
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = nginx
listen.group = nginx
;listen.mode = 0660
2.2.3 找到如下字段,将user和group的apache改为nginx
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
; RPM: apache Choosed to be able to access some dir as httpd
user = apache
; RPM: Keep a group allowed to write in log dir.
group = apache
修改user和group为nginx
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
; RPM: apache Choosed to be able to access some dir as httpd
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx
如果忽略,会出现安装插件时需要输入用户名和密码的尴尬
Connection Information
To perform the requested action, WordPress needs to access your web server. Please enter your FTP credentials to proceed. If you do not remember your credentials, you should contact your web host.
2.3 重启nginx、php-fpm
service nginx restart
service php-fpm restart
3 安装WordPress
3.1 下载并配置
cd /tmp && wget wordpress.org/latest.tar.gz
tar xvzf latest.tar.gz && cp -rf wordpress/* /var/www/wordpress/
cp /var/www/wordpress/wp-config-sample.php /var/www/wordpress/wp-config.php
3.2 将WordPress连接至已经建好的数据库
找到数据库的配置字段,并按“1 建立wordpress的数据库”时所设置的数据库、用户名、密码进行修改:
vi /var/www/wordpress/wp-config.php
// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'wordpress');
/** MySQL database username */
define('DB_USER', 'wpuser');
/** MySQL database password */
define('DB_PASSWORD', 'wppw');
3.3 修复网站所在文件夹的权限,
cd /var/www/
chown nginx:nginx * -R
usermod -a -G nginx nginx
如不进行此步,则在安装插件时,会出现和“2.2.3”相同的情况:
Connection Information
To perform the requested action, WordPress needs to access your web server. Please enter your FTP credentials to proceed. If you do not remember your credentials, you should contact your web host.
3.4 用浏览器访问如下地址(假设站点IP为1.2.3.4,域名为www.urwp.com),并启动安装WordPress。
1.2.3.4/wp-admin/install.php
或
www.urwp.com/wp-admin/install.php
请启用子主题(child theme)后再进行主题的相关修改,主题更新时子主题所进行的修改不会被覆盖,利于维护。
“自豪地采用WordPress”是由主题目录下的footer.php控制的。
1 修改途径:
有两种途径可以修改,效果完全一致。
1.1 在WordPress仪表盘中,依次找到:
外观-编辑-主题页脚(footer.php)。
1.2 后台进入主题目录,然后:
vim footer.php2 如何删除“自豪地采用WordPress”
通过上面的任一途径,直接删除如下字段即可:
<a href="<?php echo esc_url( __( 'https://wordpress.org/', 'twentytwelve' ) ); ?>" title="<?php esc_attr_e( 'Semantic Personal Publishing Platform', 'twentytwelve' ); ?>"><?php printf( __( 'Proudly powered by %s', 'twentytwelve' ), 'WordPress' ); ?></a>3 如何修改“自豪地采用WordPress”
3.1 举个例子,想改成如下的样式,并去掉“自豪地”:
© 2016 Coldawn. Powered by WordPress只需将”© 2016 Coldawn.”直接加在上面提到的那串代码的前面,并将”Proudly”删除,把“powered”改成首字母大写“Powered”:
© 2016 Coldawn.<a href="<?php echo esc_url( __( 'https://wordpress.org/', 'twentytwelve' ) ); ?>" title="<?php esc_attr_e( 'Semantic Personal Publishing Platform', 'twentytwelve' ); ?>"><?php printf( __( 'Powered by %s', 'twentytwelve' ), 'WordPress' ); ?></a>3.2 如果只想WordPress有链接,变成这样:
© 2016 Coldawn. Powered by WordPress则把上面的代码中的“Powered by”提前到“© 2016 Coldawn.”后面,变成:
© 2016 ColPdawn. Powered by <a href="<?php echo esc_url( __( 'https://wordpress.org/', 'twentytwelve' ) ); ?>" title="<?php esc_attr_e( 'Semantic Personal Publishing Platform', 'twentytwelve' ); ?>"><?php printf( __( ' %s', 'twentytwelve' ), 'WordPress' ); ?></a>3.3 如果想添加更多内容,可复制第2步中删除的代码,直接粘贴到后面,按需要修改即可
| https://wordpress.org/ | 链接的网址 | https://wordpress.org/ |
| Semantic Personal Publishing Platform | 鼠标指向目标时显示的浮动文字 | 优雅的个人发布平台 |
| WordPress | 用于显示站点名 | WordPress |
3.4 如果需要分两行显示,只需在需要分行的地方插入如下代码即可:
<br />