WordPress最速インストール CentOS 8

この記事は約35分で読めます。

VPSサーバーに、WordPressをインストール。

ワードプレス、最速でVPSにインストール
の、CentOS8 版です。

CentOS8も、既にスタンダードになってきています。
CentOS7との違いをわかっていれば、簡単にインストールができます。

今回は、ConoHaVPS
で、行いました。
CentOS8.1を選ぶことができます。




# cat /etc/centos-release
CentOS Linux release 8.1.1911 (Core)

と、インストール直後に、CentOS 8.1 が入ります。

yum から dnf へ

yumが、「dnf」コマンドになります。

# dnf check-update

↑で、アップデートできる情報をチェック
# dnf upgrade-minimal
Last metadata expiration check: 0:02:07 ago on Tue 05 May 2020 09:42:11 AM JST.
No security updates needed, but 61 updates available
Dependencies resolved.
Nothing to do.
Complete!

↑「dnf upgrade-minimal」で、重要なものだけを更新する。今回(上記)は、ナシ。
# dnf upgrade

↑で、インストール済みのものを更新する
yum の「# yum update」。
# dnf upgrade
Last metadata expiration check: 0:02:17 ago on Tue 05 May 2020 09:42:11 AM JST.
Dependencies resolved.
====================================================================================================================================================================
 Package                                     Architecture            Version                                                       Repository                  Size
====================================================================================================================================================================
Installing:
 kernel                                      x86_64                  4.18.0-147.8.1.el8_1                                          BaseOS                     1.5 M
 kernel-core                                 x86_64                  4.18.0-147.8.1.el8_1                                          BaseOS                      25 M
 kernel-modules                              x86_64                  4.18.0-147.8.1.el8_1                                          BaseOS                      22 M
Upgrading:

(略)

  sssd-nfs-idmap-2.2.0-19.el8_1.1.x86_64                                    sssd-proxy-2.2.0-19.el8_1.1.x86_64
  sudo-1.8.25p1-8.el8_1.1.x86_64                                            systemd-239-18.el8_1.5.x86_64
  systemd-libs-239-18.el8_1.5.x86_64                                        systemd-pam-239-18.el8_1.5.x86_64
  systemd-udev-239-18.el8_1.5.x86_64                                        epel-release-8-8.el8.noarch

Installed:
  kernel-4.18.0-147.8.1.el8_1.x86_64   kernel-core-4.18.0-147.8.1.el8_1.x86_64   kernel-modules-4.18.0-147.8.1.el8_1.x86_64

Complete!

↑dnf (yum)で、アップデート完了!
# dnf groupinstall "Development Tools"

↑従来通り、groupinstallもできる。

firewall

centOS7でも使っていた、firewallは、CentOS8でも同じように利用できます。

# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2020-05-05 09:46:02 JST; 10min ago
     Docs: man:firewalld(1)
 Main PID: 6670 (firewalld)
    Tasks: 2 (limit: 5056)
   Memory: 20.7M
   CGroup: /system.slice/firewalld.service
           └─6670 /usr/libexec/platform-python -s /usr/sbin/firewalld --nofork --nopid

↑firewallは、起動されています。

sshポート変更

# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0
  sources: 
  services: cockpit dhcpv6-client ssh
  ports: 
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
 
# cp /usr/lib/firewalld/services/ssh.xml /etc/firewalld/services/ssh-XXXXX.xml
# vi /etc/firewalld/services/ssh-XXXXX.xml
# firewall-cmd --permanent --add-service=ssh-XXXXX
success
# firewall-cmd --reload
success
# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0
  sources: 
  services: cockpit dhcpv6-client ssh ssh-XXXXX
  ports: 
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules:

↑標準ポートではなく、「XXXXX」番ポートを空けます。
# vi /etc/ssh/sshd_config
 
#Port 22
↓
Port=xxxxx

# systemctl restart sshd

↑sshのサービス、標準ポートの「22」番から、「XXXXX」番に変更して、sshを再起動します。
# firewall-cmd --permanent --remove-service=ssh
success
# firewall-cmd --reload
success
# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0
  sources: 
  services: cockpit dhcpv6-client ssh-XXXXX
  ports: 
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 

↑ssh標準の「22」番ポートを削除します。

MySQL 8.0

# dnf search mysql |grep server
Last metadata expiration check: 0:22:37 ago on Tue 05 May 2020 09:48:38 AM JST.

voms-mysql-plugin.src : VOMS server plugin for MySQL
mysql-server.x86_64 : The MySQL server and related files
kf5-akonadi-server-mysql.x86_64 : Akonadi MySQL backend support

↑標準のMySQLを探します。
# dnf info mysql-server.x86_64
Last metadata expiration check: 0:21:29 ago on Tue 05 May 2020 09:48:38 AM JST.
Available Packages
Name         : mysql-server
Version      : 8.0.17
Release      : 3.module_el8.0.0+181+899d6349
Architecture : x86_64
Size         : 22 M
Source       : mysql-8.0.17-3.module_el8.0.0+181+899d6349.src.rpm
Repository   : AppStream
Summary      : The MySQL server and related files
URL          : http://www.mysql.com
License      : GPLv2 with exceptions and LGPLv2 and BSD
Description  : MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
             : client/server implementation consisting of a server daemon (mysqld)
             : and many different client programs and libraries. This package contains
             : the MySQL server and some accompanying files and directories.

↑MySQLのバージョンをチェックします。
MySQL 8.0 なので、これを入れます。
# dnf install mysql-server.x86_64
Last metadata expiration check: 0:26:59 ago on Tue 05 May 2020 09:48:38 AM JST.
Dependencies resolved.
====================================================================================================================================================================
 Package                                        Architecture             Version                                                  Repository                   Size
====================================================================================================================================================================
Installing:
 mysql-server                                   x86_64                   8.0.17-3.module_el8.0.0+181+899d6349                     AppStream                    22 M
Installing dependencies:
 mariadb-connector-c-config                     noarch                   3.0.7-1.el8                                              AppStream                    13 k
 mecab                                          x86_64                   0.996-1.module_el8.0.0+41+ca30bab6.9                     AppStream                   397 k
 mysql                                          x86_64                   8.0.17-3.module_el8.0.0+181+899d6349                     AppStream                    11 M
 mysql-common                                   x86_64                   8.0.17-3.module_el8.0.0+181+899d6349                     AppStream                   143 k
 mysql-errmsg                                   x86_64                   8.0.17-3.module_el8.0.0+181+899d6349                     AppStream                   557 k
 protobuf-lite                                  x86_64                   3.5.0-7.el8                                              AppStream                   150 k
 policycoreutils-python-utils                   noarch                   2.9-3.el8_1.1                                            BaseOS                      250 k
Enabling module streams:
 mysql                                                                   8.0                                                                                       

Transaction Summary
====================================================================================================================================================================
Install  8 Packages

Total download size: 34 M
Installed size: 216 M


(略)

Installed:
  mysql-server-8.0.17-3.module_el8.0.0+181+899d6349.x86_64   mariadb-connector-c-config-3.0.7-1.el8.noarch
  mecab-0.996-1.module_el8.0.0+41+ca30bab6.9.x86_64          mysql-8.0.17-3.module_el8.0.0+181+899d6349.x86_64
  mysql-common-8.0.17-3.module_el8.0.0+181+899d6349.x86_64   mysql-errmsg-8.0.17-3.module_el8.0.0+181+899d6349.x86_64
  protobuf-lite-3.5.0-7.el8.x86_64                           policycoreutils-python-utils-2.9-3.el8_1.1.noarch

Complete!

# mysqld --version
/usr/libexec/mysqld  Ver 8.0.17 for Linux on x86_64 (Source distribution)

↑MySQL 8.0 が、インストールができました。
# systemctl start mysqld.service
# systemctl enable mysqld.service
Created symlink /etc/systemd/system/multi-user.target.wants/mysqld.service → /usr/lib/systemd/system/mysqld.service.

↑MySQL 8.0 を起動して、自動起動の設定をします。

MySQL 8.0 の初期設定をします。

# mysql_secure_installation

Securing the MySQL server deployment.

Connecting to MySQL using a blank password.

VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?

Press y|Y for Yes, any other key for No: y

There are three levels of password validation policy:

LOW    Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2

↑パスワードの強度を設定します。「強(Strong)」の「2」を選びます。
Please set the password for root here.

New password: xxxxxxxxx

Re-enter new password: xxxxxxxxx

Estimated strength of the password: 50 
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : n

↑「2」で、「Strong」を選びましたが、入力したパスワードは、強度が、50。
もう少し複雑にしたいので、「n」を入れます。
New password: xxxxxxxxx

Re-enter new password: xxxxxxxxx

Estimated strength of the password: 100 
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y

↑今度は、強度が「100」になったので、よしとします。「y」を入力して、次に進みます。
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.


Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
Success.

By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.


Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
 - Dropping test database...
Success.

 - Removing privileges on test database...
Success.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.

All done! 

↑その他、設定をして完了させます。
初期のパスワードが、設定されていないだけで、そのほかは、4.7と同じです。

ワードプレス用、ユーザ、パスワード、DB名設定

ログインしてみます。

# mysql -u root -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 10
Server version: 8.0.17 Source distribution

Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| performance_schema |
| sys                |
+--------------------+
4 rows in set (0.00 sec)


mysql> show variables like 'character%';
+--------------------------+----------------------------+
| Variable_name            | Value                      |
+--------------------------+----------------------------+
| character_set_client     | utf8mb4                    |
| character_set_connection | utf8mb4                    |
| character_set_database   | utf8mb4                    |
| character_set_filesystem | binary                     |
| character_set_results    | utf8mb4                    |
| character_set_server     | utf8mb4                    |
| character_set_system     | utf8                       |
| character_sets_dir       | /usr/share/mysql/charsets/ |
+--------------------------+----------------------------+
8 rows in set (0.03 sec)

↑デフォルトのcharsetです。
mysql> insert into user (host,User,authentication_string,ssl_cipher,x509_issuer,x509_subject) values ('localhost','wp_user1',password('パスワード'),'','','');
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '('パスワード'),'','','')' at line 1

↑従来の「password」という関数は、エラーとなります。
mysql> insert into user (host,User,authentication_string,ssl_cipher,x509_issuer,x509_subject) values ('localhost','wp_user1','','','','');
Query OK, 1 row affected (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql> ALTER USER 'wp_user1'@'localhost' IDENTIFIED BY 'パスワード';
Query OK, 0 rows affected (0.01 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

↑と、2段階で、パスワードを設定します。
mysql> insert into db (host,db,user) values ('localhost','wp_db','wp_user1');
Query OK, 1 row affected (0.01 sec)

mysql> update db set Select_priv='Y',Insert_priv='Y',Update_priv='Y',Delete_priv='Y',Create_priv='Y',Drop_priv='Y',Grant_priv='Y',References_priv='Y',Index_priv='Y',Alter_priv='Y',Create_tmp_table_priv='Y',Lock_tables_priv='Y',Create_view_priv='Y',Show_view_priv='Y',Create_routine_priv='Y',Alter_routine_priv='Y',Execute_priv='Y',Event_priv='Y',Trigger_priv='Y' where db='wp_db';
Query OK, 1 row affected (0.00 sec)
Rows matched: 1  Changed: 1  Warnings: 0

mysql> create database wp_db;
Query OK, 1 row affected (0.01 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

↑DB名などを設定します。

httpd (apache)

# dnf search httpd
Last metadata expiration check: 0:15:33 ago on Tue 05 May 2020 09:26:14 PM JST.
=================================================================== Name Exactly Matched: httpd ====================================================================
httpd.x86_64 : Apache HTTP Server
================================================================== Name & Summary Matched: httpd ===================================================================


# dnf info httpd.x86_64
Last metadata expiration check: 0:15:49 ago on Tue 05 May 2020 09:26:14 PM JST.
Available Packages
Name         : httpd
Version      : 2.4.37
Release      : 16.module_el8.1.0+256+ae790463
Architecture : x86_64
Size         : 1.7 M
Source       : httpd-2.4.37-16.module_el8.1.0+256+ae790463.src.rpm
Repository   : AppStream
Summary      : Apache HTTP Server
URL          : https://httpd.apache.org/
License      : ASL 2.0
Description  : The Apache HTTP Server is a powerful, efficient, and extensible

↑httpdのバージョンを調べます。
# dnf install httpd.x86_64


Installed:
  httpd-2.4.37-16.module_el8.1.0+256+ae790463.x86_64             apr-util-bdb-1.6.1-6.el8.x86_64
  apr-util-openssl-1.6.1-6.el8.x86_64                            apr-1.6.3-9.el8.x86_64
  apr-util-1.6.1-6.el8.x86_64                                    centos-logos-httpd-80.5-2.el8.noarch
  httpd-filesystem-2.4.37-16.module_el8.1.0+256+ae790463.noarch  httpd-tools-2.4.37-16.module_el8.1.0+256+ae790463.x86_64
  mod_http2-1.11.3-3.module_el8.1.0+213+acce2796.x86_64                              

Complete!

# httpd -version
Server version: Apache/2.4.37 (centos)
Server built:   Dec 23 2019 20:45:34

↑httpd (apache) 2.4.37が入りました。
vi /etc/httpd/conf/httpd.conf

<Directory "/var/www/html">
のセクション

Options Indexes FollowSymLinks
 ↓
Options All -Indexes +SymLinksIfOwnerMatch -FollowSymLinks
 
AllowOverride None
 ↓
AllowOverride AuthConfig FileInfo Indexes Limit Options=MultiViews,Ind

↑と、変更をします。
# systemctl start httpd.service
# systemctl status httpd.service
# systemctl enable httpd.service

↑httpd(apache)のサービスを起動して、自動起動も設定します。
# firewall-cmd --add-service=http --zone=public --permanent
success
# firewall-cmd --add-service=https --zone=public --permanent
success
# firewall-cmd --reload
success

↑firewallで、80番と443番ポートを空けます。

PHP 7.4

# yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
 
# yum install https://rpms.remirepo.net/enterprise/remi-release-8.rpm


# dnf install dnf-utils

# dnf module install php:remi-7.4


# php -v
PHP 7.4.5 (cli) (built: Apr 14 2020 12:54:33) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies

↑php 7.4 が入りました。
# vi /etc/httpd/conf/httpd.conf

AddType application/x-httpd-php .php

↑phpとhttpd(apache)を関連付けます。
# systemctl restart httpd.service

php7.4
↑phpが認識されました。

ワードプレス

# cd /var/www/
# wget https://ja.wordpress.org/latest-ja.tar.gz
# tar xzvf latest-ja.tar.gz 
# mv html/ html.back
# mv wordpress/ html
# cd html
# cp -a wp-config-sample.php wp-config.php

↑コンテンツをダウンロードして、設定ファイルをコピーします。
# vi wp-config.php

define('DB_NAME', 'database_name_here');
define('DB_USER', 'username_here');
define('DB_PASSWORD', 'password_here');

↑MySQLで設定した情報を登録します。
# vi wp-config.php

define('AUTH_KEY',         'put your unique phrase here');
define('SECURE_AUTH_KEY',  'put your unique phrase here');
define('LOGGED_IN_KEY',    'put your unique phrase here');
define('NONCE_KEY',        'put your unique phrase here');
define('AUTH_SALT',        'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT',   'put your unique phrase here');
define('NONCE_SALT',       'put your unique phrase here');

上記を
https://api.wordpress.org/secret-key/1.1/salt/
で、表示されるものに入れ替えます。
# vi /etc/httpd/conf.d/virtual.conf

<VirtualHost XXX.XXX.XXX.XXX:80>
ServerName (ドメイン名、FQDN)
DocumentRoot /var/www/html
 
</VirtualHost>

↑グローバルIPと、FQDNを設定します。
# systemctl restart httpd.service

http://(ドメイン名、FQDN)/

で、アクセスしてみます。

↑「お使いのサーバーの PHP では WordPress に必要な MySQL 拡張を利用できないようです」とエラーがでました・・・

# dnf install httpd mod_ssl
# dnf install php php-xmlrpc php-gd php-pdo php-mysqlnd php-pecl-mysql php-pecl-zip php-pecl-apc
# systemctl restart httpd.service

↑うまく行きました。

SSL

wget https://dl.eff.org/certbot-auto
chmod 755 certbot-auto
./certbot-auto certonly --non-interactive --agree-tos --webroot -w /var/www/html -d (ドメイン名、FQDN)--email (連絡先メールアドレス)

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/(ドメイン名、FQDN)/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/(ドメイン名、FQDN)/privkey.pem
   Your cert will expire on 2020-08-03. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot-auto
   again. To non-interactively renew *all* of your certificates, run
   "certbot-auto renew"

↑SSLが発行されました。
vi /etc/httpd/conf.d/ssl.conf
 
 
<VirtualHost _default_:443>
 
---
</VirtualHost>

↑上記部分を削除
vi /etc/httpd/conf.d/ssl.conf

<VirtualHost XXX.XXX.XXX.XXX:443>
ServerName (ドメイン名、FQDN)
DocumentRoot /var/www/html
 
SSLProtocol all -SSLv2 -SSLv3
 
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/(ドメイン名、FQDN)/fullchain.pem
SSLCertificateChainFile /etc/letsencrypt/live/(ドメイン名、FQDN)/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/(ドメイン名、FQDN)/privkey.pem
</VirtualHost>

と設定をします。
# systemctl restart httpd.service

FTPサーバー、proftpd

Proftpd for SSL/TSL ,CentOS7
の通り、設定をします。CentOS8でも、同じ方法で、インストールができます。

ワードプレス、FTP用ユーザ登録

# useradd -d /var/www/ -g 100 (FTPユーザ名)
# passwd (FTPユーザ名)
# chown -R (FTPユーザ名).100 /var/www/

↑ワードプレス用のftpを設定します。

ワードプレス、SSL

いろいろな方法があるかと思いますが、
プラグイン、Really Simple SSL での設定方法を・・・

Really Simple SSLを検索して、インストールします。

↑SSLが有効になりました。

CentOS8、ワードプレス、結論

ワードプレスをインストールする分には、CentOS7と同じ感覚でできます。
脆弱性が少ないであろう、新しいバージョンのほうがいいですね。

タイトルとURLをコピーしました