- 安裝Nginx並配置訪問
- 安裝PHP並輸出指令碼結果
- 配置typecho
Nginx安裝並驗證
apt install nginx
systemctl start nginx
正常情況應該可以看到Nginx的歡迎頁面了,如果看不到就是防火牆的問題,設定下防火牆放通即可。
安裝PHP並使用Nginx代理
apt install php-fpm php-curl php-gd php-mbstring php-xml php-sqlite3
修改Nginx配置以支援php指令碼
index index.php index.html index.htm index.nginx-debian.html;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
# With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
測試截圖
安裝最新Typecho程式碼
下載原始碼
wget https://github.com/typecho/typecho/releases/latest/download/typecho.zip
解壓到網頁根目錄安裝
unzip typecho.zip
訪問網站進行安裝,發現沒有/usr/uploads的許可權,需要修改下。
檢視php-fpm的執行使用者是www-data所以更改目錄所有者為www-data
chown -R www-data:www-data usr/uploads
然後重新整理頁面就可以正確安裝了
安全加固,僅放通必要埠(80,443,21)
檢視防火牆的狀態,發現預設一個沒開
root@web:~# ufw status
Status: inactive
root@web:~# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
使用ufw配置規則
ufw default allow outgoing
ufw default deny incoming
ufw allow ssh
ufw allow "Nginx Full"
啟用ufw
ufw enable
systemctl start ufw