1. 更换可用的yum源(CentOS 8官方源已失效)
# 1. 备份现有的所有仓库文件
cd /etc/yum.repos.d/
mkdir -p backup
mv *.repo backup/
# 2. 配置阿里云CentOS-Vault仓库(CentOS 8的存档仓库,用于获取基础包)
cat > /etc/yum.repos.d/CentOS-Vault.repo << 'EOF'
[baseos-vault]
name=CentOS-8 - Base (Vault)
baseurl=https://mirrors.aliyun.com/centos-vault/8.5.2111/BaseOS/$basearch/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
[appstream-vault]
name=CentOS-8 - AppStream (Vault)
baseurl=https://mirrors.aliyun.com/centos-vault/8.5.2111/AppStream/$basearch/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
[extras-vault]
name=CentOS-8 - Extras (Vault)
baseurl=https://mirrors.aliyun.com/centos-vault/8.5.2111/extras/$basearch/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
EOF
# 3. 下载 Remi 仓库的最新版 release 包
# 我们从官方源下载,确保文件一定存在
sudo wget https://rpms.remirepo.net/enterprise/remi-release-8.rpm
# 4. 再次用 ls 确认文件已经成功下载
ls -l remi-release-8.rpm
# 5. 使用 rpm 命令强制安装,并忽略所有依赖
# --nodeps 会告诉 rpm "只管安装,别管其他包"
sudo rpm -ivh --nodeps remi-release-8.rpm
# 6. 清理所有 dnf 缓存
sudo dnf clean all
# 7. 重新生成缓存,让 dnf 识别新安装的 Remi 仓库
sudo dnf makecache
# 8. 现在,让 dnf 检查并修复系统中的依赖关系
# 这个命令会自动安装 remi-release 所需的任何缺失的包
sudo dnf distro-sync -y
# 9. 启用 Remi 的 PHP 8.1 模块流
sudo dnf module enable -y php:remi-8.1
# 10. 安装 PHP 8.1 及所有必需的扩展
sudo dnf install -y php php-fpm php-mysqlnd php-gd php-xml php-mbstring php-json php-opcache php-redis
# 验证 PHP 版本
php -v
# 启动并设置 PHP-FPM 开机自启
sudo systemctl start php-fpm
sudo systemctl enable php-fpm
# 检查 PHP-FPM 服务状态
sudo systemctl status php-fpm
2. 更新系统并安装必要工具
# 安装基础工具
dnf install -y curl wget vim nano tar unzip git htop net-tools bind-utils
1. 安装Nginx、MariaDB和PHP 8.1
# 启用Remi的PHP 8.1模块
dnf module reset php -y
dnf module enable php:remi-8.1 -y
# 安装所有必要软件包(一次性安装,减少依赖问题)
dnf install -y nginx mariadb-server mariadb \
php81 php81-php-fpm php81-php-mysqlnd \
php81-php-gd php81-php-mbstring php81-php-xml \
php81-php-opcache php81-php-zip php81-php-curl \
php81-php-imagick php81-php-intl php81-php-bcmath \
php81-php-soap php81-php-sodium
# 创建PHP和PHP-FPM的符号链接
ln -sf /opt/remi/php81/root/usr/bin/php /usr/bin/php
ln -sf /opt/remi/php81/root/usr/bin/php-fpm /usr/bin/php-fpm
ln -sf /opt/remi/php81/root/usr/sbin/php-fpm /usr/sbin/php-fpm
2. 配置MariaDB数据库
#安装expect工具
sudo dnf install -y expect
# 启动并启用MariaDB服务
systemctl start mariadb
systemctl enable mariadb
# 运行安全配置脚本(使用非交互方式设置)
SECURE_MYSQL=$(expect -c "
set timeout 10
spawn mysql_secure_installation
expect \"Enter current password for root (enter for none):\"
send \"\\r\"
expect \"Set root password?\"
send \"Y\\r\"
expect \"New password:\"
send \"guojiulin20060825\\r\"
expect \"Re-enter new password:\"
send \"guojiulin20060825\\r\"
expect \"Remove anonymous users?\"
send \"Y\\r\"
expect \"Disallow root login remotely?\"
send \"Y\\r\"
expect \"Remove test database and access to it?\"
send \"Y\\r\"
expect \"Reload privilege tables now?\"
send \"Y\\r\"
expect eof
")
echo "$SECURE_MYSQL"
# 创建WordPress数据库和用户
mysql -u root -pguojiulin20060825 <<EOF
CREATE DATABASE IF NOT EXISTS wordpress DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER IF NOT EXISTS 'wpuser'@'localhost' IDENTIFIED BY 'guojiulin20060825';
GRANT ALL PRIVILEGES ON wordpress.* TO 'wpuser'@'localhost';
FLUSH PRIVILEGES;
SHOW DATABASES;
EOF
echo "数据库配置完成!"
3. 配置PHP-FPM(极致优化版)
# 备份原始配置文件
cp /etc/opt/remi/php81/php-fpm.d/www.conf /etc/opt/remi/php81/php-fpm.d/www.conf.backup
# 创建优化的PHP-FPM配置
cat > /etc/opt/remi/php81/php-fpm.d/www.conf << 'EOF'
[www]
user = nginx
group = nginx
listen = /var/opt/remi/php81/run/php-fpm/www.sock
listen.owner = nginx
listen.group = nginx
listen.mode = 0660
pm = dynamic
pm.max_children = 15
pm.start_servers = 3
pm.min_spare_servers = 2
pm.max_spare_servers = 5
pm.max_requests = 500
pm.status_path = /php-status
ping.path = /ping
ping.response = pong
request_terminate_timeout = 300
request_slowlog_timeout = 10s
slowlog = /var/opt/remi/php81/log/php-fpm/www-slow.log
catch_workers_output = yes
decorate_workers_output = no
security.limit_extensions = .php .php7 .php8 .php81
env[HOSTNAME] = \$HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
php_admin_value[error_log] = /var/opt/remi/php81/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
php_admin_value[memory_limit] = 128M
php_admin_value[upload_max_filesize] = 64M
php_admin_value[post_max_size] = 65M
php_admin_value[max_execution_time] = 300
php_admin_value[max_input_time] = 300
EOF
# 创建必要的日志目录
mkdir -p /var/opt/remi/php81/log/php-fpm
chown -R nginx:nginx /var/opt/remi/php81/log/php-fpm
4. 配置PHP(php.ini优化)
# 备份原始php.ini
cp /etc/opt/remi/php81/php.ini /etc/opt/remi/php81/php.ini.backup
# 应用关键优化设置
cat >> /etc/opt/remi/php81/php.ini << 'EOF'
; ====== 自定义优化配置 ======
date.timezone = Asia/Shanghai
memory_limit = 128M
upload_max_filesize = 64M
post_max_size = 65M
max_execution_time = 300
max_input_time = 300
max_file_uploads = 20
; 错误处理
display_errors = Off
display_startup_errors = Off
log_errors = On
error_log = /var/opt/remi/php81/log/php-fpm/php_errors.log
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
; OPcache优化(性能关键!)
opcache.enable=1
opcache.enable_cli=1
opcache.memory_consumption=128
opcache.interned_strings_buffer=16
opcache.max_accelerated_files=10000
opcache.max_wasted_percentage=5
opcache.use_cwd=1
opcache.validate_timestamps=1
opcache.revalidate_freq=2
opcache.save_comments=1
opcache.fast_shutdown=1
opcache.enable_file_override=0
EOF
1. 配置Nginx主文件
# 备份原始配置
cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.backup
# 创建优化的nginx.conf
cat > /etc/nginx/nginx.conf << 'EOF'
user nginx;
worker_processes auto;
worker_rlimit_nofile 65535;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 4096;
multi_accept on;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
# 基础优化
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
resolver 223.5.5.5 119.29.29.29 valid=300s;
resolver_timeout 5s;
# 限制缓冲区大小防止DoS
client_body_buffer_size 128k;
client_max_body_size 100M; # 允许上传大文件
client_body_timeout 60s;
client_header_timeout 30s;
# Gzip压缩配置(节省2M带宽的关键)
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml text/javascript
application/json application/javascript application/xml+rss
application/atom+xml image/svg+xml;
gzip_disable "msie6";
# FastCGI缓存路径(性能关键!)
fastcgi_cache_path /var/cache/nginx/fastcgi_cache levels=1:2
keys_zone=WORDPRESS:100m inactive=60m max_size=512m;
fastcgi_cache_key "\$scheme\$request_method\$host\$request_uri";
fastcgi_cache_use_stale error timeout invalid_header updating
http_500 http_503;
fastcgi_cache_valid 200 301 302 60m;
fastcgi_cache_valid 404 1m;
fastcgi_cache_valid any 10m;
# 代理缓存设置
proxy_cache_path /var/cache/nginx/proxy_cache levels=1:2 keys_zone=PROXY:100m inactive=60m max_size=512m;
# 包含站点配置
include /etc/nginx/conf.d/*.conf;
}
EOF
# 创建缓存目录
mkdir -p /var/cache/nginx/{fastcgi_cache,proxy_cache}
chown -R nginx:nginx /var/cache/nginx
2. 配置WordPress站点
# 创建站点配置文件
cat > /etc/nginx/conf.d/guojiulin.cn.conf << 'EOF'
server {
listen 80;
listen [::]:80;
server_name guojiulin.cn www.guojiulin.cn;
# 安全头
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
# 重定向到HTTPS
return 301 https://$server_name$request_uri;
}
# HTTPS主配置
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name guojiulin.cn www.guojiulin.cn;
# SSL证书配置
ssl_certificate /opt/guojiulin.cn.pem;
ssl_certificate_key /opt/guojiulin.cn.key;
# SSL优化(安全与性能平衡)
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
# 安全头
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
# 根目录设置
root /var/www/guojiulin.cn;
index index.php index.html index.htm;
# 访问日志
access_log /var/log/nginx/guojiulin.cn.access.log combined buffer=512k flush=1m;
error_log /var/log/nginx/guojiulin.cn.error.log warn;
# 静态文件缓存(性能关键)
location ~* \.(jpg|jpeg|png|gif|ico|webp|svg|svgz|mp4|webm|ogg|mp3|wav|ttf|otf|woff|woff2|eot)$ {
expires 365d;
add_header Cache-Control "public, immutable";
add_header Access-Control-Allow-Origin "*";
try_files $uri =404;
}
location ~* \.(css|js)$ {
expires 30d;
add_header Cache-Control "public, immutable";
try_files $uri =404;
}
# 安全设置:阻止访问敏感文件
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
location ~* ^/(wp-config\.php|wp-config-sample\.php|readme\.html|license\.txt|nginx\.conf) {
deny all;
access_log off;
log_not_found off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# WordPress固定链接重写
location / {
try_files $uri $uri/ /index.php?$args;
}
# PHP处理(启用FastCGI缓存)
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/opt/remi/php81/run/php-fpm/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_param HTTPS on;
fastcgi_param SERVER_PORT 443;
# 【修正】将 skip_cache 的判断逻辑移到使用它之前
set $skip_cache 0;
if ($request_method = POST) {
set $skip_cache 1;
}
if ($query_string != "") {
set $skip_cache 1;
}
if ($request_uri ~* "/wp-admin/|/wp-login.php|/cart/|/checkout/|/my-account/|/xmlrpc.php|wp-.*\.php|/feed/|index.php|sitemap(_index)?\.xml|/wp-cron\.php") {
set $skip_cache 1;
}
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in|wordpress_no_cache|woocommerce_items_in_cart|woocommerce_cart_hash") {
set $skip_cache 1;
}
# FastCGI缓存配置(性能关键)
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache WORDPRESS;
fastcgi_cache_valid 200 301 302 60m;
fastcgi_cache_valid 404 1m;
fastcgi_cache_valid any 10m;
fastcgi_cache_min_uses 1;
fastcgi_cache_lock on;
fastcgi_cache_use_stale error timeout updating invalid_header http_500 http_503;
fastcgi_cache_background_update on;
add_header X-FastCGI-Cache $upstream_cache_status;
}
# 禁止直接访问PHP文件在某些目录
location ~* /wp-content/uploads/.*\.php$ {
deny all;
}
# 健康检查
location = /health {
access_log off;
return 200 "healthy\n";
add_header Content-Type text/plain;
}
# PHP-FPM状态页(仅限本地访问)
location = /php-status {
access_log off;
allow 127.0.0.1;
deny all;
fastcgi_pass unix:/var/opt/remi/php81/run/php-fpm/www.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
EOF
# 测试Nginx配置
nginx -t
显示如下即可:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
1. 创建网站目录并下载WordPress
# 创建网站目录
mkdir -p /var/www/guojiulin.cn
cd /var/www/guojiulin.cn
# 下载最新版WordPress
wget https://cn.wordpress.org/latest-zh_CN.tar.gz
tar -xzvf latest-zh_CN.tar.gz --strip-components=1
rm -f latest-zh_CN.tar.gz
# 设置正确的权限
chown -R nginx:nginx /var/www/guojiulin.cn
find /var/www/guojiulin.cn -type d -exec chmod 755 {} \;
find /var/www/guojiulin.cn -type f -exec chmod 644 {} \;
# 特殊权限设置(确保上传功能正常)
mkdir -p /var/www/guojiulin.cn/wp-content/uploads
chmod -R 775 /var/www/guojiulin.cn/wp-content/uploads
chown -R nginx:nginx /var/www/guojiulin.cn/wp-content/uploads
2.获取正确的安全密钥**
(1)访问 WordPress 官方密钥生成器:
https://api.wordpress.org/secret-key/1.1/salt/
你会看到一段类似下面的代码,完整地复制这段代码:
define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
define('AUTH_SALT', 'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT', 'put your unique phrase here');
define('NONCE_SALT', 'put your unique phrase here');
注意:你看到的 put your unique phrase here 会是随机生成的复杂字符串。
(2)创建WordPress配置文件
cd /var/www/guojiulin.cn
# 创建wp-config.php
cat > wp-config.php << 'EOF'
<?php
/**
* WordPress基础配置文件。
*/
// **数据库设置** /
define('DB_NAME', 'wordpress');
define('DB_USER', 'wpuser');
define('DB_PASSWORD', 'guojiulin20060825');
define('DB_HOST', 'localhost');
define('DB_CHARSET', 'utf8mb4');
define('DB_COLLATE', '');
#注意跟换为刚刚WordPress官方生成的密钥
define('AUTH_KEY', 'J4,MK! NDG}r|2D)nRovMGZ23Fr?^%I2kKJ< M@-*PfqO9HIu8jT[}i4-+S;-!V#');
define('SECURE_AUTH_KEY', '4Yrov7b1FFVXiSmD]WGin+R*&/vRrE|#zWJ&Kk%WJ!<iR`hKfyc8VnF=4CD7I{Ee');
define('LOGGED_IN_KEY', '*=@+pRrUEb263kqyP]-SB*5g|rsNAkODYb{vvx;nW:2Y,t!6SHJb}]&]|17>oC# ');
define('NONCE_KEY', 'Tl9@&fq:*Q-*#M$3n}3#44!q5VD]}8Q|>!F6O#.l;HRw3T+So#7lr!Z-du(C>NGv');
define('AUTH_SALT', '}<a&+f5VpKGs5!JV5;?N$*mj0.edq$H2YVUjCJ>HaKp^cUhZ8Fe*<t_J~oioi({f');
define('SECURE_AUTH_SALT', '#lmz>APEV8X&f%:[@A=rOQ+45wK5z-*b[ez,&hE?LLI*m4#?,4t49AWL0e+TCx?C');
define('LOGGED_IN_SALT', 'WfP;L7:H9~|/_h3FNw?jl O;Q/M#-;#u+P!z|*DrliJT7:wN2]lr(fmivG*&l7?+');
define('NONCE_SALT', 'ClbQhRpLh+u+pJ4-|Z``Ke,`J@ /lfmuW61wA}>xsIscmdWQrw[YelfkJ>!x@S!^');
$table_prefix = 'wp_';
// **WordPress调试模式** /
define('WP_DEBUG', false);
define('WP_DEBUG_LOG', false);
define('WP_DEBUG_DISPLAY', false);
@ini_set('display_errors', 0);
// **性能优化设置** /
define('WP_CACHE', true); // 启用缓存
define('WP_MEMORY_LIMIT', '128M');
define('WP_MAX_MEMORY_LIMIT', '256M');
define('WP_POST_REVISIONS', 5);
define('AUTOSAVE_INTERVAL', 160);
define('EMPTY_TRASH_DAYS', 7);
define('WP_AUTO_UPDATE_CORE', 'minor');
// **安全设置** /
define('FORCE_SSL_ADMIN', true);
define('FORCE_SSL_LOGIN', true);
define('DISALLOW_FILE_EDIT', true);
define('DISALLOW_UNFILTERED_HTML', true);
// **多站点设置(如需启用)** /
// define('WP_ALLOW_MULTISITE', true);
// **SMTP邮件设置(QQ邮箱)** /
define('WPMS_ON', true);
define('WPMS_SMTP_AUTH', true);
define('WPMS_SMTP_SECURE', 'ssl');
define('WPMS_SMTP_HOST', 'smtp.qq.com');
define('WPMS_SMTP_PORT', 465);
define('WPMS_SMTP_USER', '2107228721@qq.com');
define('WPMS_SMTP_PASS', '你的QQ邮箱授权码'); // 需要替换为实际授权码
define('WPMS_MAIL_FROM', '2107228721@qq.com');
define('WPMS_MAIL_FROM_NAME', 'guojiulin.cn');
define('WPMS_SMTP_AUTO_TLS', false);
// **绝对路径** /
if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/');
// **设置WordPress变量和包含文件** /
require_once(ABSPATH . 'wp-settings.php');
EOF
# 设置配置文件权限
chmod 640 wp-config.php
chown nginx:nginx wp-config.php
1. 配置Systemd资源限制(确保不超过1核1G)
# 为Nginx设置资源限制
mkdir -p /etc/systemd/system/nginx.service.d
cat > /etc/systemd/system/nginx.service.d/limits.conf << 'EOF'
[Service]
LimitNOFILE=65535
LimitNPROC=512
CPUQuota=40% # 限制为0.4个核心
MemoryMax=400M # 内存限制400MB
MemoryHigh=350M
EOF
# 为MariaDB设置资源限制
mkdir -p /etc/systemd/system/mariadb.service.d
cat > /etc/systemd/system/mariadb.service.d/limits.conf << 'EOF'
[Service]
LimitNOFILE=65535
LimitNPROC=512
CPUQuota=30% # 限制为0.3个核心
MemoryMax=300M # 内存限制300MB
MemoryHigh=250M
EOF
# 为PHP-FPM设置资源限制
mkdir -p /etc/systemd/system/php81-php-fpm.service.d
cat > /etc/systemd/system/php81-php-fpm.service.d/limits.conf << 'EOF'
[Service]
LimitNOFILE=65535
LimitNPROC=512
CPUQuota=30% # 限制为0.3个核心
MemoryMax=300M # 内存限制300MB
MemoryHigh=250M
EOF
# 重新加载Systemd配置
systemctl daemon-reload
2. 配置防火墙
# 安装并配置firewalld
dnf install -y firewalld
systemctl start firewalld
systemctl enable firewalld
# 配置防火墙规则
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --permanent --add-service=ssh
firewall-cmd --permanent --remove-service=dhcpv6-client 2>/dev/null || true
firewall-cmd --reload
# 验证防火墙规则
firewall-cmd --list-all
3. 配置SELinux(如启用)
# 检查SELinux状态
sestatus
# 如果SELinux启用,设置必要权限
if [ "$(getenforce)" != "Disabled" ]; then
dnf install -y policycoreutils-python-utils
# 设置Nginx相关权限
setsebool -P httpd_can_network_connect 1
setsebool -P httpd_can_network_connect_db 1
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/guojiulin.cn/wp-content(/.*)?"
restorecon -Rv /var/www/guojiulin.cn/wp-content
# 设置缓存目录权限
semanage fcontext -a -t httpd_cache_t "/var/cache/nginx(/.*)?"
restorecon -Rv /var/cache/nginx
fi
1. 重启所有服务
# 重启服务
systemctl restart nginx
systemctl restart mariadb
systemctl restart php81-php-fpm
# 检查服务状态
systemctl status nginx --no-pager -l
systemctl status mariadb --no-pager -l
systemctl status php81-php-fpm --no-pager -l
# 设置开机自启
systemctl enable nginx mariadb php81-php-fpm
2. 测试配置
# 测试Nginx配置
nginx -t
# 测试PHP-FPM配置
php-fpm -t
# 测试PHP信息
echo "<?php phpinfo(); ?>" > /var/www/guojiulin.cn/test.php
chown nginx:nginx /var/www/guojiulin.cn/test.php
echo "访问 https://guojiulin.cn/test.php 测试PHP配置"
echo "测试完成后请删除:rm /var/www/guojiulin.cn/test.php"
# 检查端口监听
netstat -tlnp | grep -E '(:80|:443|:3306)'
# 测试数据库连接
mysql -u wpuser -pguojiulin20060825 -e "SELECT NOW();" wordpress
3. 访问网站完成安装
# 输出安装信息
echo "================================================"
echo " WordPress安装准备完成!"
echo "================================================"
echo "访问地址:https://guojiulin.cn"
echo "数据库名:wordpress"
echo "数据库用户:wpuser"
echo "数据库密码:guojiulin20060825"
echo "管理员邮箱:2107228721@qq.com"
echo ""
echo "下一步操作:"
echo "1. 通过浏览器访问 https://guojiulin.cn"
echo "2. 按照WordPress向导完成安装"
echo "3. 设置管理员账号密码"
echo "4. 安装Jasmine-master主题到wp-content/themes/"
echo "5. 在WordPress后台启用主题"
echo "================================================"
1. 安装监控工具
# 安装系统监控工具
dnf install -y htop sysstat
# 启用sysstat数据收集
systemctl enable --now sysstat
# 创建性能监控脚本
cat > /usr/local/bin/check-performance.sh << 'EOF'
#!/bin/bash
echo "===== 系统性能状态 ====="
echo "内存使用:"
free -h
echo ""
echo "CPU使用:"
top -bn1 | grep "Cpu(s)"
echo ""
echo "磁盘空间:"
df -h / /var/www
echo ""
echo "服务状态:"
systemctl is-active nginx mariadb php81-php-fpm
echo ""
echo "连接数统计:"
netstat -ant | awk '{print $6}' | sort | uniq -c | sort -rn
EOF
chmod +x /usr/local/bin/check-performance.sh
2. 创建自动清理脚本
cat > /usr/local/bin/cleanup.sh << 'EOF'
#!/bin/bash
# 清理Nginx日志(保留7天)
find /var/log/nginx -name "*.log" -mtime +7 -delete
nginx -s reopen 2>/dev/null || true
# 清理PHP-FPM日志
find /var/opt/remi/php81/log/php-fpm -name "*.log" -mtime +7 -delete
# 清理MariaDB日志
find /var/log/mariadb -name "*.log" -mtime +7 -delete 2>/dev/null || true
# 清理Nginx缓存(保留3天)
find /var/cache/nginx -type f -mtime +3 -delete
# 清理临时文件
find /tmp -type f -atime +2 -delete
find /var/tmp -type f -atime +2 -delete
# 清理Yum缓存
dnf clean all
echo "清理完成: $(date)"
EOF
chmod +x /usr/local/bin/cleanup.sh
# 添加到crontab,每天凌晨3点执行
(crontab -l 2>/dev/null; echo "0 3 * * * /usr/local/bin/cleanup.sh") | crontab -
1. 安装主题
# 假设您已将Jasmine-master主题上传到/root目录
# 请根据您的实际情况调整路径
# 解压并安装主题
cd /root
# 解压主题(根据实际文件名调整)
# unzip jasmine-master.zip -d /var/www/guojiulin.cn/wp-content/themes/
# 或
# tar -xzvf jasmine-master.tar.gz -C /var/www/guojiulin.cn/wp-content/themes/
# 设置主题权限
chown -R nginx:nginx /var/www/guojiulin.cn/wp-content/themes/jasmine-master
find /var/www/guojiulin.cn/wp-content/themes/jasmine-master -type d -exec chmod 755 {} \;
find /var/www/guojiulin.cn/wp-content/themes/jasmine-master -type f -exec chmod 644 {} \;
2. 主题兼容性检查
由于Jasmine-master主题的具体功能未知,建议在启用主题后检查以下功能:
常用排查命令:
# 查看错误日志
tail -f /var/log/nginx/guojiulin.cn.error.log
tail -f /var/opt/remi/php81/log/php-fpm/www-error.log
tail -f /var/log/mariadb/mariadb.log
# 检查资源使用
/usr/local/bin/check-performance.sh
# 测试网站响应
curl -I https://guojiulin.cn
curl -k https://guojiulin.cn
# 检查SSL证书
openssl s_client -connect guojiulin.cn:443 -servername guojiulin.cn
# 检查FastCGI缓存状态
curl -I https://guojiulin.cn | grep X-FastCGI-Cache
重要提醒:
wp-config.php中替换你的QQ邮箱授权码为实际的授权码check-performance.sh监控资源使用此方案已充分考虑您的服务器配置(2核2G2M)和性能要求(最大使用1核1G),通过多级缓存、资源限制和优化配置,确保WordPress运行流畅且稳定。