Typecho博客系统在Ubuntu上的搭建
- 安装Nginx并配置访问
- 安装PHP并输出脚本结果
- 配置typecho
Nginx安装并验证
apt install nginx
systemctl start nginx
正常情况应该可以看到Nginx的欢迎页面了,如果看不到就是防火墙的问题,设置下防火墙放通即可。
安装PHP并使用Nginx代理
apt install php-fpm php-curl php-gd php-mbstring php-xml php-sqlite3
修改Nginx配置以支持php脚本
index index.php index.html index.htm index.nginx-debian.html;
if (!-e $request_filename) {
rewrite ^(.*)$ /index.php$1 last;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
location ~ .*\.php(\/.*)*$ {
include snippets/fastcgi-php.conf;
set $path_info "";
set $real_script_name $fastcgi_script_name;
if ($fastcgi_script_name ~ "^(.+?\.php)(/.+)$") {
set $real_script_name $1;
set $path_info $2;
}
# With php-fpm (or other unix sockets):
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_param SCRIPT_NAME $real_script_name;
fastcgi_param PATH_INFO $path_info;
# With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
测试截图
安装最新Typecho代码
下载源代码
wget https://github.com/typecho/typecho/releases/latest/download/typecho.zip
解压到网页根目录安装
unzip typecho.zip
访问网站进行安装,发现没有/usr/uploads的权限,需要修改下。
查看php-fpm的运行用户是www-data
所以更改目录所有者为www-data
chown -R www-data:www-data typecho
然后刷新页面就可以正确安装了
安全加固,仅放通必要端口(80,443,21)
查看防火墙的状态,发现默认一个没开
root@web:~# ufw status
Status: inactive
root@web:~# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
使用ufw配置规则
ufw default allow outgoing
ufw default deny incoming
ufw allow ssh
ufw allow "Nginx Full"
启用ufw
ufw enable
systemctl start ufw
感谢扫码支持