如何在Apache 20.04上使用Apache2安装Joomla并进行加密

发表于 2020年6 月3日星期三上午 5:30:46

Joomla是用于发布在线应用程序和网站的开源内容管理系统。它是用PHP编写的，并使用MySQL / MariaDB作为数据库后端。它是一个简单，用户友好的工具，建立在可移动的模型-视图-控制器Web应用程序框架上。 Joomla具有大量功能和设计，使其成为建设专业网站的理想选择。

在本教程中，我们将向您展示如何使用Apache安装Joomla CMS以及如何在Ubuntu 20.04上使用Let’s Encrypt SSL进行安全保护。

先决条件

运行带有2 GB RAM的Ubuntu 20.04的服务器。
服务器指向的有效域名。
在您的服务器上配置了root密码。

安装LAMP服务器

首先，您需要在系统中安装Apache网络服务器，MariaDB，PHP和其他PHP扩展。您可以使用以下命令安装它们：

apt-get install apache2 mariadb-server php7.4 libapache2-mod-php7.4 php7.4-cli php7.4-mysql php7.4-json php7.4-opcache php7.4-mbstring php7.4-intl php7.4-xml php7.4-gd php7.4-zip php7.4-curl php7.4-xmlrpc unzip -y

一旦安装了所有软件包，请编辑php.ini文件并修改一些设置。

nano /etc/php/7.4/apache2/php.ini

更改以下值：

memory_limit = 512M
upload_max_filesize = 256M
post_max_size = 256M
output_buffering = Off
max_execution_time = 300
date.timezone = Asia/Kolkata

完成后，保存并关闭文件。

创建一个数据库

首先，保护MariaDB的安装并使用以下命令设置MariaDB的root密码：

mysql_secure_installation

回答所有问题，如下所示：

Enter current password for root (enter for none):
Set root password? [Y/n] Y
New password:
Re-enter new password:
Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

接下来，使用以下命令登录到MariaDB shell：

mysql -u root -p

在提示时提供您的MariaDB根密码，然后使用以下命令为Joomla创建数据库和用户：

MariaDB [(none)]> CREATE DATABASE joomladb CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
MariaDB [(none)]> GRANT ALL ON joomladb.* TO 'joomla'@'localhost' IDENTIFIED BY 'password';

接下来，刷新特权并使用以下命令从MariaDB shell退出：

MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> EXIT;

下载并安装Joomla

首先，使用以下命令从其官方网站下载最新版本的Joomla：

wget https://downloads.joomla.org/cms/joomla3/3-9-18/Joomla_3-9-18-Stable-Full_Package.zip

下载完成后，使用以下命令将下载的文件解压缩到Apache Web根目录：

unzip Joomla_3-9-18-Stable-Full_Package.zip -d /var/www/html/joomla

接下来，使用以下命令将joomla目录的所有权更改为www-data：

chown -R www-data:www-data /var/www/html/joomla

完成后，您可以继续下一步。

为Joomla配置Apache

接下来，创建一个新的Apache虚拟主机配置文件以服务Joomla。

nano /etc/apache2/sites-available/joomla.conf

添加以下内容：


  ServerName joomla.linuxbuz.com
  DirectoryIndex index.html index.php
  DocumentRoot /var/www/html/joomla

  ErrorLog ${APACHE_LOG_DIR}/joomla-error.log
  CustomLog ${APACHE_LOG_DIR}/joomla-access.log combined

  
      Options FollowSymLinks
      AllowOverride All
      Require all granted

保存并关闭文件，然后启用Apache虚拟主机并使用以下命令重新启动Apache服务：

a2ensite joomla
systemctl restart apache2

完成后，您可以继续下一步。

让我们加密货币SSL保护Joomla

首先，您需要安装Certbot客户端以安装和管理“让我们加密货币SSL”。您可以使用以下命令进行安装：Advertisements.banner-1 {text-align：center; padding-top：10pximportant; padding-bottom：10pximportant; padding-left：0pximportant; padding-right：0pximportant; width：100％important; box-sizing：border-boximportant; background -color：#eeeeeeimportant; border：1px实心#dfdfdf}

apt-get install certbot python3-certbot-apache -y

一旦安装了Certbot，请运行以下命令为您的网站下载并安装“让我们加密货币SSL”：

certbot --apache -d joomla.linuxbuz.com

系统将要求您提供电子邮件地址并接受服务条款，如下所示：

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): [email protected]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y

Obtaining a new certificate
Performing the following challenges:
http-01 challenge for joomla.linuxbuz.com
Enabled Apache rewrite module
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/apache2/sites-available/joomla-le-ssl.conf
Enabled Apache socache_shmcb module
Enabled Apache ssl module
Deploying Certificate to VirtualHost /etc/apache2/sites-available/joomla-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/joomla-le-ssl.conf

接下来，选择是否将HTTP通信重定向到HTTPS，如下所示：

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

键入2，然后按Enter键以完成安装，如下所示。

Redirecting vhost in /etc/apache2/sites-enabled/joomla.conf to ssl vhost in /etc/apache2/sites-available/joomla-le-ssl.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://joomla.linuxbuz.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=joomla.linuxbuz.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/joomla.linuxbuz.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/joomla.linuxbuz.com/privkey.pem
   Your cert will expire on 2020-08-19. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

 - We were unable to subscribe you the EFF mailing list because your
   e-mail address appears to be invalid. You can try again later by
   visiting https://act.eff.org.

目前，您的Joomla网站已使用“让我们加密货币SSL”保护。现在，您可以继续执行下一步。Advertisements.large-leaderboard-2{text-align：center; padding-top：10pximportant; padding-bottom：10pximportant; padding-left：0pximportant; padding-right：0pximportant; width：100％important; box-sizing：border-boximportant; background -color：#eeeeeeimportant; border：1px实心#dfdfdf}

访问Joomla CMS

现在，打开Web浏览器，然后输入URL https://joomla.linuxbuz.com。您将被重定向到基于Joomla基于Web的安装向导：

提供您的站点名称，管理员电子邮件，密码，然后单击下一步按钮。您应该看到数据库配置向导：

提供您的Joomla数据库名称，数据库用户名，密码，然后单击“下一步”按钮。您应该看到Joomla完成页面：

选择所需的选项，然后单击“安装”按钮。您应该看到以下页面：

查看所有配置，然后单击“安装”按钮。安装完Joomla之后，您应该会看到以下屏幕：

Advertisements.leader-1 {text-align：center; padding-top：10pximportant; padding-bottom：10pximportant; padding-left：0pximportant; padding-right：0pximportant; width：100％important; box-sizing：border-boximportant; background -color：#eeeeeeimportant; border：1px实心#dfdfdf}