{"id":764,"date":"2014-07-26T09:33:22","date_gmt":"2014-07-26T09:33:22","guid":{"rendered":"http:\/\/ixyzero.com\/blog\/?p=764"},"modified":"2014-07-26T09:33:22","modified_gmt":"2014-07-26T09:33:22","slug":"%e7%bb%99wordpress%e8%ae%be%e7%bd%ae%e5%90%8e%e5%8f%b0%e7%99%bb%e5%bd%95%e9%a1%b5%e9%9d%a2%e5%bc%ba%e5%88%b6%e5%8a%a0%e5%af%86","status":"publish","type":"post","link":"https:\/\/ixyzero.com\/blog\/archives\/764.html","title":{"rendered":"\u7ed9WordPress\u8bbe\u7f6e\u540e\u53f0\/\u767b\u5f55\u9875\u9762\u5f3a\u5236\u52a0\u5bc6"},"content":{"rendered":"<p>\u5176\u5b9e\u65e9\u5c31\u60f3\u5f04\u4e2aHTTPS\u4e86\u7684\uff0c\u660e\u6587\u4f20\u8f93\u4ec0\u4e48\u7684\u592a\u4e0d\u5b89\u5168\u4e86\uff0c\u81ea\u5df1\u5728\u5bb6\u91cc\u53ef\u80fd\u8fd8\u7a0d\u5fae\u597d\u70b9\uff0c\u4f46\u5230\u65f6\u5019\u5230\u4e86\u5916\u9762\u7528\u7684\u7f51\u7edc\u7684\u5b89\u5168\u6ca1\u6cd5\u4fdd\u8bc1\u7684\u8bdd\uff0c\u55c5\u63a2\u3001\u76d1\u542c\u4ec0\u4e48\u7684\u7acb\u9a6c\u5c31\u628a\u5bc6\u7801\u7ed9\u6293\u8fc7\u53bb\u4e86\uff0c\u5bc6\u7801\u4e22\u4e86\u7684\u8bdd\uff0c\u5176\u4ed6\u7684\u5b89\u5168\u505a\u7684\u518d\u597d\u4e5f\u767d\u642d\u3002<\/p>\n<p>\u4e0a\u5348\u770b\u4e86\u770bHTTPS\u7684\u76f8\u5173\u77e5\u8bc6\uff0c\u4e2d\u5348\u5c31\u60f3\u7740\u7ed9Nginx\u589e\u52a0\u4e2aHTTPS\u652f\u6301\/\u914d\u7f6e\uff0c\u56e0\u4e3a\u4e4b\u524d\u5728\u6e90\u7801\u7f16\u8bd1\u5b89\u88c5\u7684\u65f6\u5019\u5c31\u9ed8\u8ba4\u6dfb\u52a0\u4e86SSL\u7684\u652f\u6301\u9009\u9879\uff0c\u6240\u4ee5\u8fd9\u6b21\u8981\u8f7b\u677e\u4e9b\uff0c\u4e0d\u7528\u91cd\u65b0\u7f16\u8bd1\uff1b\u7136\u540eOpenSSL\u8fd9\u4e9b\u4e5f\u662f\u65e9\u5c31\u88c5\u4e86\u7684\uff0c\u7248\u672c\u4e5f\u662f\u6700\u65b0\u7684\u3002<\/p>\n<h5>\u4e0b\u9762\u5c31\u5f00\u59cb\u4e00\u5207\u4ece\u7b80\u8fdb\u884c\u8bbe\u7f6e\u4e86\uff1a<\/h5>\n<h6>\u4f7f\u7528\u81ea\u8ba4\u8bc1\u7684\u8bc1\u4e66\uff1a<\/h6>\n<p>1.\u521b\u5efa\u4e00\u4e2a(\u672a\u52a0\u5bc6\u7684)RSA\u79c1\u94a5\uff1a<br \/>\n$ openssl genrsa -out crazyof_me.key 1024<\/p>\n<p>2.\u521b\u5efa\u4e00\u4e2a\u81ea\u7b7e\u540d\u7684\u8bc1\u4e66\u6587\u4ef6(X.509\u7ed3\u6784\uff0c\u8f93\u51fa\u4e3aPEM\u683c\u5f0f)\uff1a<br \/>\n$ openssl req -new -x509 -days 365 -key crazyof_me.key -out crazyof_me.crt<\/p>\n<p>\u73b0\u5728\uff0c\u6211\u4eec\u6709\u4e86\u4e24\u4e2a\u6587\u4ef6\uff0ccrazyof_me.key\u548ccrazyof_me.crt\uff0c\u4e0b\u9762\u53ea\u9700\u5728nginx\u4e2d\u7684\u914d\u7f6e\u6587\u4ef6\u4e2d\u8fdb\u884c\u7b80\u5355\u7684\u8bbe\u7f6e\u5c31\u884c\uff1a<\/p>\n<pre class=\"lang:default decode:true\">http {\n    ssl_session_cache   shared:SSL:10m;\n    ssl_session_timeout 10m;\n\n    server {\n        listen              80;\n        listen              443 ssl;\n        server_name         ixyzero.com;\n        keepalive_timeout   70;\n\n        ssl_certificate     \/home\/crazyof_me.crt;\n        ssl_certificate_key \/home\/crazyof_me.key;\n        ssl_protocols       SSLv3 TLSv1 TLSv1.1 TLSv1.2;\n        ssl_ciphers         HIGH:!aNULL:!MD5;\n        ...<\/pre>\n<p>\u8bf4\u660e\uff1a\u56e0\u4e3a\u6211\u7684VPS\u914d\u7f6e\u6bd4\u8f83\u4f4e\uff0c\u6240\u4ee5\uff0c\u4e0d\u53ef\u80fd\u6240\u6709\u7684\u8fde\u63a5\u90fd\u91c7\u7528HTTPS\uff0c\u90a3\u6837\u5f00\u9500\u592a\u5927\uff0c\u670d\u52a1\u5668\u53d7\u4e0d\u4e86\uff0c\u800c\u4e14\u8bbf\u95ee\u901f\u5ea6\u4e5f\u4f1a\u53d7\u5f71\u54cd\uff0c\u6240\u4ee5\uff0c1.\u8bbe\u7f6e\u4e86ssl_session_cache\u548cssl_session_timeout\u8fdb\u884c\u7b80\u5355\u7684\u4f18\u5316\uff1b2.\u4e0a\u9762\u7684\u914d\u7f6e\u4e2d\u67092\u4e2alisten\u6307\u4ee4\uff0c\u65e2\u53ef\u4ee5\u76d1\u542cHTTP\u8bf7\u6c42\u4e5f\u53ef\u4ee5\u76d1\u542cHTTPS\u8bf7\u6c42\uff08\u672c\u6765\u60f3\u7740\u662f\u5728nginx\u7684\u914d\u7f6e\u6587\u4ef6\u4e2d\u901a\u8fc7rewrite\u6307\u4ee4\u5b9e\u73b0\u6307\u5b9a\u7684\u9875\u9762\u91c7\u7528HTTPS\u534f\u8bae\u7684\uff0c\u4f46\u662f\u65e0\u5948\u73b0\u5728\u5bf9\u8fd9\u8fd8\u4e0d\u591f\u719f\u6089\uff0c\u914d\u7f6e\u4e86\u5f88\u591a\u6b21\u4e4b\u540e\u8fd8\u662f\u6709\u95ee\u9898\uff0c\u540e\u6765\u53ea\u6709\u91c7\u7528\u53e6\u4e00\u79cdWordPress\u652f\u6301\u7684\u65b9\u6cd5\u6765\u8fbe\u5230\u76ee\u7684\uff09\u3002<\/p>\n<p>\u7136\u540e\u91cd\u65b0\u52a0\u8f7dNginx\u7684\u914d\u7f6e\u6587\u4ef6{# service nginx reload}\u3002<\/p>\n<h6>\u8bbe\u7f6eWordPress\u540e\u53f0\u7ba1\u7406\/\u767b\u5f55\u9875\u9762\u5f3a\u5236\u52a0\u5bc6\uff1a<\/h6>\n<p>\u4fee\u6539WordPress\u7f51\u7ad9\u6839\u76ee\u5f55\u4e0b\u7684wp-config.php\u6587\u4ef6<br \/>\n\u5728<br \/>\n<span style=\"color: #ff0000;\">require_once(ABSPATH . &#8216;wp-settings.php&#8217;);<\/span><br \/>\n<strong>\u4e4b\u524d<\/strong>\uff0c\u82e5\u6dfb\u52a0\uff1a<br \/>\n<span style=\"color: #ff0000;\"><strong>define(&#8216;FORCE_SSL_ADMIN&#8217;, true);<\/strong><\/span><br \/>\n\u5c31\u80fd\u4f7f\u5f97\u540e\u53f0\u5f3a\u5236\u52a0\u5bc6\u4e86\uff1b<br \/>\n\u800c\u6dfb\u52a0\uff1a<br \/>\n<span style=\"color: #ff0000;\"><strong>define(&#8216;FORCE_SSL_LOGIN&#8217;, true);<\/strong><\/span><br \/>\n\u5c31\u53ef\u4ee5\u4f7f\u767b\u5f55\u9875\u9762\u5f3a\u5236\u52a0\u5bc6\u4e86\u3002<\/p>\n<p>PS\uff1a\u5982\u679c\u6709\u8c01\u77e5\u9053\u5982\u4f55\u5728nginx\u7684\u914d\u7f6e\u6587\u4ef6\u4e2d\u76f4\u63a5\u5b9e\u73b0\u6307\u5b9a\u9875\u9762(\u5982\uff1a\u767b\u5f55\u9875\u9762)\u91c7\u7528HTTPS\u8fde\u63a5\u7684\u8bdd\uff0c\u671b\u4e0d\u541d\u544a\u77e5\uff0c\u8c22\u8c22\u3002<\/p>\n<h6>\u53c2\u8003\u94fe\u63a5\uff1a<\/h6>\n<ul>\n<li><a href=\"http:\/\/nginx.org\/en\/docs\/http\/configuring_https_servers.html\" target=\"_blank\">http:\/\/nginx.org\/en\/docs\/http\/configuring_https_servers.html<\/a><\/li>\n<li><a href=\"http:\/\/zyan.cc\/startssl\/\" target=\"_blank\">http:\/\/zyan.cc\/startssl\/<\/a><\/li>\n<li><a href=\"http:\/\/m114.org\/https-for-wordpress-admin-and-login\/\" target=\"_blank\">http:\/\/m114.org\/https-for-wordpress-admin-and-login\/<\/a><\/li>\n<li><a href=\"http:\/\/codex.wordpress.org\/Administration_Over_SSL\" target=\"_blank\">http:\/\/codex.wordpress.org\/Administration_Over_SSL<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>\u5176\u5b9e\u65e9\u5c31\u60f3\u5f04\u4e2aHTTPS\u4e86\u7684\uff0c\u660e\u6587\u4f20\u8f93\u4ec0\u4e48\u7684\u592a\u4e0d\u5b89\u5168\u4e86\uff0c\u81ea\u5df1\u5728\u5bb6\u91cc\u53ef\u80fd\u8fd8\u7a0d\u5fae\u597d\u70b9\uff0c\u4f46\u5230\u65f6\u5019\u5230\u4e86\u5916\u9762\u7528\u7684\u7f51\u7edc\u7684\u5b89 [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23,25],"tags":[273,75,277,99],"class_list":["post-764","post","type-post","status-publish","format-standard","hentry","category-knowledgebase-2","category-security","tag-https","tag-nginx","tag-openssl","tag-wordpress"],"views":6075,"_links":{"self":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts\/764","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/comments?post=764"}],"version-history":[{"count":0,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts\/764\/revisions"}],"wp:attachment":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/media?parent=764"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/categories?post=764"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/tags?post=764"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}