Select Page
Lnmp+pagespeed+brotli+redis,让你的WordPress飞起来!

Lnmp+pagespeed+brotli+redis,让你的WordPress飞起来!

从零开始架构一个全新的外贸网站,使用Ubuntu 18.04+LNMP1.6军哥包。

搭建好网站后再添加brotli+redis。

并弃用AVADA,使用新主题DIVI。

目录:

1.安装LNMP1.6

2.配置Wordpress

3.安装brotli+redis

1.安装LNMP1.6

首先到Linode新建一个VPS。然后Xshell链接。

开始进行搭建;

链接Xshell 后,输入:

#更新套件库
sudo apt-get -qy update
sudo apt-get -qy upgrade
sudo apt -y autoremove

让 Ubuntu 的安装套件库更新到最新。这里可能要花一点时间进行,所以要稍微等一下下。
接着输入:

#lnmp1.6安装lnmp包
wget http://soft.vpser.net/lnmp/lnmp1.6.tar.gz -cO lnmp1.6.tar.gz && tar zxf lnmp1.6.tar.gz && cd lnmp1.6 && ./install.sh lnmp

后面的安装步骤我就省略了,大家可以参考我之前的文章:Linode VPS+LNMP1.6+WordPress搭建外贸网站
里面已经很详细地介绍安装步骤到主题的安装。

2.配置Wordpress

WordPress的搭建和SSL的配置上面已经做了。

现在配置WordPress是为了DIVI主题而配置。

DIVI的配置并没有AVADA那么复杂,修改的东西也没那么多。

我们先安装DIVI主题及DIVI 子主题。

DIVI主题默认是开启加载Google 的字体“OpenSan”,如果你并不是使用此字体你必须在子主题的function中禁用他。

当然,如果你默认就是用OpenSan字体的 可以无视这个操作。

#禁用OpenSan
/* Translators: If there are characters in your language that are not * supported by Open Sans, translate this to ‘off’. Do not translate * into your own language. */

$open_sans = _x( ‘off’, ‘Open Sans font: on or off’, ‘Divi’ );
if ( ‘off’ !== $open_sans )
{ $font_families = array();
if ( ‘off’ !== $open_sans )
$font_families[] = ‘Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800’;
$protocol = is_ssl() ? ‘https’ : ‘http’;
$query_args = array( ‘family’ => implode( ‘%7C’, $font_families ), ‘subset’ => ‘latin,latin-ext’, );
$fonts_url = add_query_arg( $query_args, “$protocol://fonts.googleapis.com/css” ); }
return $fonts_url;

3.安装brotli+redis

3-1 安装Nginx Brotli

由谷歌开源的 Brotli 压缩算法不知道大家听过没有?现代网站大多用的压缩算法都是 gzip,它也是非常有效的一种压缩算法,可以节省网站服务器和用户之间传输数据所需要花费的时间(毕竟是压缩传送的,这么说大家应该都能懂,不懂就想想你下载原文件和下载压缩包的区别),但是这个 Brotli,据闻能比 gzip 做得更好——不仅能获得更高的压缩比率,而且对压缩/解压速度影响也比较小。

有关这个压缩算法的说明,我就不详细说了,毕竟本文主要是针对那些已经知道或了解 Brotli 却又不知道怎么启用的人来写的。如果你还不是很了解,也可以去谷歌的 GitHub 了解一下:https://github.com/google/brotli

一、下载 Nginx Brotli 源码
在下载之前,我要先跟大家提一下,源码下载地址我这里可以分享给大家两个:

  1. 谷歌官方的,源码已经很久没更新了,但是能用:https://github.com/google/ngx_brotli.git
  2. 网友 Fork 自谷歌官方的源码之后弄的,比较新,仍在更新中,也能用:https://github.com/eustas/ngx_brotli.git

具体选哪个你们自己判断吧,反正都是能用的~

下面开始说具体怎么做了,这里只说一遍,所有操作都是要你在 SSH 命令行下进行的,最好是用 Root 用户,不会出现权限之类的问题,否则自己记得适时使用 sudo 命令。

在 SSH 上找一个你想存放 Brotli 源码的目录并进入,比如 /usr/local:

#使用 Git Clone 命令下载源码,源码地址自己选上面那两个的其中一个
cd /usr/local
git clone https://github.com/eustas/ngx_brotli.git
#如果提示没有 git 命令的话,先去安装一个,这里就只说 Debian/Ubuntu 的安装方法了:
apt-get update
apt-get install git
#下载完之后什么也别动,直接执行下面的命令,本部分结束:
cd ngx_brotli
git submodule update --init --recursive

军哥包nginx编译的比较简单,直接编辑 LNMP 安装目录下的 lnmp.conf 文件(默认的话应该位于/root/lnmp1.6 这个目录):

vi /root/lnmp1.6/lnmp.conf

按 i 开启编辑模式,在如下位置加上–add-module=/usr/local/ngx_brotli 这个编译参数,再提醒一下,/usr/local/ngx_brotli 这个目录请写自己下载保存 Brotli 源码的目录:

Nginx_Modules_Options=‘--add-module=/usr/local/ngx_brotli’

按 ESC 退出编辑状态,:wq 保存并退出。然后用 LNMP 自带的脚本升级一下 Nginx,这里我们可以选择同版本 Nginx 不升级,也可以真的升级,没什么差别,我们只是借用升级脚本重新编译一下 Nginx 而已:

cd /root/lnmp1.6
./upgrade.sh nginx

注意:上面那个命令里的目录路径请根据你自己安装 LNMP 位置的路径来写,如果你的 LNMP 不是安装在 Root 目录下,路径是会不同的,总之就是找到你 LNMP 安装目录下的那个 upgrade.sh 升级脚本就对了。

升级脚本执行完成之后,就是编译完成了,此时你的 Nginx 已经加入了 Brotli 模块,用 Nginx -V 这个命令可以看到。

配置xxx.com.conf

所有的东西安装完毕然后开始配置网站的conf文件:

文件位置在/usr/local/nginx/conf/vhost。 你最好把他下载到桌面编辑。

你可以直接复制我的配置,对应修改一下自己的网站名称。

配置文件写好并上传后,输入:

lnmp restart.

3-2 安装Redis

Lnmp军哥包安装redis就简单很多。Redis是一个开源、支持网络、基于内存、键值对存储数据库。

入lnmp解压后的目录: 

cd /root/lnmp1.6/
./addons.sh install redis
#然后一直点回车,直到程序运行结束
#结束后你要修改一下redis.conf文件:
nano /usr/local/redis/etc/redis.conf

逐一修改:(可以用Ctrl+W搜索功能)

找到「daemonize no」,改成。
指令或程式码
daemonize yes
代表要啟用 pid 檔案。

找到「supervised no」,改成。
指令或程式码
supervised systemd
代表要在系统开机时同时开启 Redis。

找到「dir ./」,改成。
指令或程式码
dir /var/lib/redis
代表资料库快取要写在这边。

找到「# maxmemory 」,改成。
指令或程式码
maxmemory 60M
在 WordPress 当中,如果你使用了 20 到 30 个外挂的话,其实快取也不太可能超过 60MB 的大小。

接着找到「# maxmemory-policy noeviction」,改成。
指令或程式码
maxmemory-policy allkeys-lru
Change the policy to allkeys-lru which forces redis-server to delete old cache (least recently used objects) when the Redis server starts to run out of memory

然后找到「stop-writes-on-bgsave-error yes」,改成。
指令或程式码
stop-writes-on-bgsave-error no

最后请为 Redis 设定一个密码。避免 Redis 被不知道的人使用,需要透过密码这关才能够使用。找到「# requirepass foobared」之后,改成。
指令或程式码
requirepass [一组 Redis 专用的密码]

另外在 Redis 当中,有一些指令可能会损坏你的资料库,甚至是让你的资料库消失。所以我们要透过设定档案把这些指令给关闭。
找到「# save “”」的下方,输入以下内容。

指令或程式码
rename-command FLUSHDB “”
rename-command FLUSHALL “”
rename-command DEBUG “”
rename-command CONFIG “”

编辑完成后请按「Control」+「X」,按「Y」,再按「Enter」完成编辑。

这文件里面有一个redis.conf文件。你最好把它下载下来。然后按照我下面的配置,直接覆盖:

 

# Redis configuration file example.
#
# Note that in order to read the configuration file, Redis must be
# started with the file path as first argument:
#
# ./redis-server /path/to/redis.conf

# Note on units: when memory size is needed, it is possible to specify
# it in the usual form of 1k 5GB 4M and so forth:
#
# 1k => 1000 bytes
# 1kb => 1024 bytes
# 1m => 1000000 bytes
# 1mb => 1024*1024 bytes
# 1g => 1000000000 bytes
# 1gb => 1024*1024*1024 bytes
#
# units are case insensitive so 1GB 1Gb 1gB are all the same.

################################## INCLUDES ###################################

# Include one or more other config files here.  This is useful if you
# have a standard template that goes to all Redis servers but also need
# to customize a few per-server settings.  Include files can include
# other files, so use this wisely.
#
# Notice option "include" won't be rewritten by command "CONFIG REWRITE"
# from admin or Redis Sentinel. Since Redis always uses the last processed
# line as value of a configuration directive, you'd better put includes
# at the beginning of this file to avoid overwriting config change at runtime.
#
# If instead you are interested in using includes to override configuration
# options, it is better to use include as the last line.
#
# include /path/to/local.conf
# include /path/to/other.conf

################################## MODULES #####################################

# Load modules at startup. If the server is not able to load modules
# it will abort. It is possible to use multiple loadmodule directives.
#
# loadmodule /path/to/my_module.so
# loadmodule /path/to/other_module.so

################################## NETWORK #####################################

# By default, if no "bind" configuration directive is specified, Redis listens
# for connections from all the network interfaces available on the server.
# It is possible to listen to just one or multiple selected interfaces using
# the "bind" configuration directive, followed by one or more IP addresses.
#
# Examples:
#
# bind 192.168.1.100 10.0.0.1
# bind 127.0.0.1 ::1
#
# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the
# internet, binding to all the interfaces is dangerous and will expose the
# instance to everybody on the internet. So by default we uncomment the
# following bind directive, that will force Redis to listen only into
# the IPv4 loopback interface address (this means Redis will be able to
# accept connections only from clients running into the same computer it
# is running).
#
# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES
# JUST COMMENT THE FOLLOWING LINE.
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bind 127.0.0.1

# Protected mode is a layer of security protection, in order to avoid that
# Redis instances left open on the internet are accessed and exploited.
#
# When protected mode is on and if:
#
# 1) The server is not binding explicitly to a set of addresses using the
#    "bind" directive.
# 2) No password is configured.
#
# The server only accepts connections from clients connecting from the
# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain
# sockets.
#
# By default protected mode is enabled. You should disable it only if
# you are sure you want clients from other hosts to connect to Redis
# even if no authentication is configured, nor a specific set of interfaces
# are explicitly listed using the "bind" directive.
protected-mode yes

# Accept connections on the specified port, default is 6379 (IANA #815344).
# If port 0 is specified Redis will not listen on a TCP socket.
port 6379

# TCP listen() backlog.
#
# In high requests-per-second environments you need an high backlog in order
# to avoid slow clients connections issues. Note that the Linux kernel
# will silently truncate it to the value of /proc/sys/net/core/somaxconn so
# make sure to raise both the value of somaxconn and tcp_max_syn_backlog
# in order to get the desired effect.
tcp-backlog 511

# Unix socket.
#
# Specify the path for the Unix socket that will be used to listen for
# incoming connections. There is no default, so Redis will not listen
# on a unix socket when not specified.
#
# unixsocket /tmp/redis.sock
# unixsocketperm 700

# Close the connection after a client is idle for N seconds (0 to disable)
timeout 0

# TCP keepalive.
#
# If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence
# of communication. This is useful for two reasons:
#
# 1) Detect dead peers.
# 2) Take the connection alive from the point of view of network
#    equipment in the middle.
#
# On Linux, the specified value (in seconds) is the period used to send ACKs.
# Note that to close the connection the double of the time is needed.
# On other kernels the period depends on the kernel configuration.
#
# A reasonable value for this option is 300 seconds, which is the new
# Redis default starting with Redis 3.2.1.
tcp-keepalive 300

################################# GENERAL #####################################

# By default Redis does not run as a daemon. Use 'yes' if you need it.
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
daemonize yes

# If you run Redis from upstart or systemd, Redis can interact with your
# supervision tree. Options:
#   supervised no      - no supervision interaction
#   supervised upstart - signal upstart by putting Redis into SIGSTOP mode
#   supervised systemd - signal systemd by writing READY=1 to $NOTIFY_SOCKET
#   supervised auto    - detect upstart or systemd method based on
#                        UPSTART_JOB or NOTIFY_SOCKET environment variables
# Note: these supervision methods only signal "process is ready."
#       They do not enable continuous liveness pings back to your supervisor.
supervised systemd

# If a pid file is specified, Redis writes it where specified at startup
# and removes it at exit.
#
# When the server runs non daemonized, no pid file is created if none is
# specified in the configuration. When the server is daemonized, the pid file
# is used even if not specified, defaulting to "/var/run/redis.pid".
#
# Creating a pid file is best effort: if Redis is not able to create it
# nothing bad happens, the server will start and run normally.
pidfile /var/run/redis.pid

# Specify the server verbosity level.
# This can be one of:
# debug (a lot of information, useful for development/testing)
# verbose (many rarely useful info, but not a mess like the debug level)
# notice (moderately verbose, what you want in production probably)
# warning (only very important / critical messages are logged)
loglevel notice

# Specify the log file name. Also the empty string can be used to force
# Redis to log on the standard output. Note that if you use standard
# output for logging but daemonize, logs will be sent to /dev/null
logfile ""

# To enable logging to the system logger, just set 'syslog-enabled' to yes,
# and optionally update the other syslog parameters to suit your needs.
# syslog-enabled no

# Specify the syslog identity.
# syslog-ident redis

# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7.
# syslog-facility local0

# Set the number of databases. The default database is DB 0, you can select
# a different one on a per-connection basis using SELECT <dbid> where
# dbid is a number between 0 and 'databases'-1
databases 16

# By default Redis shows an ASCII art logo only when started to log to the
# standard output and if the standard output is a TTY. Basically this means
# that normally a logo is displayed only in interactive sessions.
#
# However it is possible to force the pre-4.0 behavior and always show a
# ASCII art logo in startup logs by setting the following option to yes.
always-show-logo yes

################################ SNAPSHOTTING  ################################
#
# Save the DB on disk:
#
#   save <seconds> <changes>
#
#   Will save the DB if both the given number of seconds and the given
#   number of write operations against the DB occurred.
#
#   In the example below the behaviour will be to save:
#   after 900 sec (15 min) if at least 1 key changed
#   after 300 sec (5 min) if at least 10 keys changed
#   after 60 sec if at least 10000 keys changed
#
#   Note: you can disable saving completely by commenting out all "save" lines.
#
#   It is also possible to remove all the previously configured save
#   points by adding a save directive with a single empty string argument
#   like in the following example:
#
#   save ""
#rename-command FLUSHDB ""
#rename-command FLUSHALL ""
#rename-command DEBUG ""
#rename-command CONFIG ""

save 900 1
save 300 10
save 60 10000

# By default Redis will stop accepting writes if RDB snapshots are enabled
# (at least one save point) and the latest background save failed.
# This will make the user aware (in a hard way) that data is not persisting
# on disk properly, otherwise chances are that no one will notice and some
# disaster will happen.
#
# If the background saving process will start working again Redis will
# automatically allow writes again.
#
# However if you have setup your proper monitoring of the Redis server
# and persistence, you may want to disable this feature so that Redis will
# continue to work as usual even if there are problems with disk,
# permissions, and so forth.
stop-writes-on-bgsave-error no

# Compress string objects using LZF when dump .rdb databases?
# For default that's set to 'yes' as it's almost always a win.
# If you want to save some CPU in the saving child set it to 'no' but
# the dataset will likely be bigger if you have compressible values or keys.
rdbcompression yes

# Since version 5 of RDB a CRC64 checksum is placed at the end of the file.
# This makes the format more resistant to corruption but there is a performance
# hit to pay (around 10%) when saving and loading RDB files, so you can disable it
# for maximum performances.
#
# RDB files created with checksum disabled have a checksum of zero that will
# tell the loading code to skip the check.
rdbchecksum yes

# The filename where to dump the DB
dbfilename dump.rdb

# The working directory.
#
# The DB will be written inside this directory, with the filename specified
# above using the 'dbfilename' configuration directive.
#
# The Append Only File will also be created inside this directory.
#
# Note that you must specify a directory here, not a file name.
dir ./

################################# REPLICATION #################################

# Master-Replica replication. Use replicaof to make a Redis instance a copy of
# another Redis server. A few things to understand ASAP about Redis replication.
#
#   +------------------+      +---------------+
#   |      Master      | ---> |    Replica    |
#   | (receive writes) |      |  (exact copy) |
#   +------------------+      +---------------+
#
# 1) Redis replication is asynchronous, but you can configure a master to
#    stop accepting writes if it appears to be not connected with at least
#    a given number of replicas.
# 2) Redis replicas are able to perform a partial resynchronization with the
#    master if the replication link is lost for a relatively small amount of
#    time. You may want to configure the replication backlog size (see the next
#    sections of this file) with a sensible value depending on your needs.
# 3) Replication is automatic and does not need user intervention. After a
#    network partition replicas automatically try to reconnect to masters
#    and resynchronize with them.
#
# replicaof <masterip> <masterport>

# If the master is password protected (using the "requirepass" configuration
# directive below) it is possible to tell the replica to authenticate before
# starting the replication synchronization process, otherwise the master will
# refuse the replica request.
#
# masterauth <master-password>

# When a replica loses its connection with the master, or when the replication
# is still in progress, the replica can act in two different ways:
#
# 1) if replica-serve-stale-data is set to 'yes' (the default) the replica will
#    still reply to client requests, possibly with out of date data, or the
#    data set may just be empty if this is the first synchronization.
#
# 2) if replica-serve-stale-data is set to 'no' the replica will reply with
#    an error "SYNC with master in progress" to all the kind of commands
#    but to INFO, replicaOF, AUTH, PING, SHUTDOWN, REPLCONF, ROLE, CONFIG,
#    SUBSCRIBE, UNSUBSCRIBE, PSUBSCRIBE, PUNSUBSCRIBE, PUBLISH, PUBSUB,
#    COMMAND, POST, HOST: and LATENCY.
#
replica-serve-stale-data yes

# You can configure a replica instance to accept writes or not. Writing against
# a replica instance may be useful to store some ephemeral data (because data
# written on a replica will be easily deleted after resync with the master) but
# may also cause problems if clients are writing to it because of a
# misconfiguration.
#
# Since Redis 2.6 by default replicas are read-only.
#
# Note: read only replicas are not designed to be exposed to untrusted clients
# on the internet. It's just a protection layer against misuse of the instance.
# Still a read only replica exports by default all the administrative commands
# such as CONFIG, DEBUG, and so forth. To a limited extent you can improve
# security of read only replicas using 'rename-command' to shadow all the
# administrative / dangerous commands.
replica-read-only yes

# Replication SYNC strategy: disk or socket.
#
# -------------------------------------------------------
# WARNING: DISKLESS REPLICATION IS EXPERIMENTAL CURRENTLY
# -------------------------------------------------------
#
# New replicas and reconnecting replicas that are not able to continue the replication
# process just receiving differences, need to do what is called a "full
# synchronization". An RDB file is transmitted from the master to the replicas.
# The transmission can happen in two different ways:
#
# 1) Disk-backed: The Redis master creates a new process that writes the RDB
#                 file on disk. Later the file is transferred by the parent
#                 process to the replicas incrementally.
# 2) Diskless: The Redis master creates a new process that directly writes the
#              RDB file to replica sockets, without touching the disk at all.
#
# With disk-backed replication, while the RDB file is generated, more replicas
# can be queued and served with the RDB file as soon as the current child producing
# the RDB file finishes its work. With diskless replication instead once
# the transfer starts, new replicas arriving will be queued and a new transfer
# will start when the current one terminates.
#
# When diskless replication is used, the master waits a configurable amount of
# time (in seconds) before starting the transfer in the hope that multiple replicas
# will arrive and the transfer can be parallelized.
#
# With slow disks and fast (large bandwidth) networks, diskless replication
# works better.
repl-diskless-sync no

# When diskless replication is enabled, it is possible to configure the delay
# the server waits in order to spawn the child that transfers the RDB via socket
# to the replicas.
#
# This is important since once the transfer starts, it is not possible to serve
# new replicas arriving, that will be queued for the next RDB transfer, so the server
# waits a delay in order to let more replicas arrive.
#
# The delay is specified in seconds, and by default is 5 seconds. To disable
# it entirely just set it to 0 seconds and the transfer will start ASAP.
repl-diskless-sync-delay 5

# Replicas send PINGs to server in a predefined interval. It's possible to change
# this interval with the repl_ping_replica_period option. The default value is 10
# seconds.
#
# repl-ping-replica-period 10

# The following option sets the replication timeout for:
#
# 1) Bulk transfer I/O during SYNC, from the point of view of replica.
# 2) Master timeout from the point of view of replicas (data, pings).
# 3) Replica timeout from the point of view of masters (REPLCONF ACK pings).
#
# It is important to make sure that this value is greater than the value
# specified for repl-ping-replica-period otherwise a timeout will be detected
# every time there is low traffic between the master and the replica.
#
# repl-timeout 60

# Disable TCP_NODELAY on the replica socket after SYNC?
#
# If you select "yes" Redis will use a smaller number of TCP packets and
# less bandwidth to send data to replicas. But this can add a delay for
# the data to appear on the replica side, up to 40 milliseconds with
# Linux kernels using a default configuration.
#
# If you select "no" the delay for data to appear on the replica side will
# be reduced but more bandwidth will be used for replication.
#
# By default we optimize for low latency, but in very high traffic conditions
# or when the master and replicas are many hops away, turning this to "yes" may
# be a good idea.
repl-disable-tcp-nodelay no

# Set the replication backlog size. The backlog is a buffer that accumulates
# replica data when replicas are disconnected for some time, so that when a replica
# wants to reconnect again, often a full resync is not needed, but a partial
# resync is enough, just passing the portion of data the replica missed while
# disconnected.
#
# The bigger the replication backlog, the longer the time the replica can be
# disconnected and later be able to perform a partial resynchronization.
#
# The backlog is only allocated once there is at least a replica connected.
#
# repl-backlog-size 1mb

# After a master has no longer connected replicas for some time, the backlog
# will be freed. The following option configures the amount of seconds that
# need to elapse, starting from the time the last replica disconnected, for
# the backlog buffer to be freed.
#
# Note that replicas never free the backlog for timeout, since they may be
# promoted to masters later, and should be able to correctly "partially
# resynchronize" with the replicas: hence they should always accumulate backlog.
#
# A value of 0 means to never release the backlog.
#
# repl-backlog-ttl 3600

# The replica priority is an integer number published by Redis in the INFO output.
# It is used by Redis Sentinel in order to select a replica to promote into a
# master if the master is no longer working correctly.
#
# A replica with a low priority number is considered better for promotion, so
# for instance if there are three replicas with priority 10, 100, 25 Sentinel will
# pick the one with priority 10, that is the lowest.
#
# However a special priority of 0 marks the replica as not able to perform the
# role of master, so a replica with priority of 0 will never be selected by
# Redis Sentinel for promotion.
#
# By default the priority is 100.
replica-priority 100

# It is possible for a master to stop accepting writes if there are less than
# N replicas connected, having a lag less or equal than M seconds.
#
# The N replicas need to be in "online" state.
#
# The lag in seconds, that must be <= the specified value, is calculated from
# the last ping received from the replica, that is usually sent every second.
#
# This option does not GUARANTEE that N replicas will accept the write, but
# will limit the window of exposure for lost writes in case not enough replicas
# are available, to the specified number of seconds.
#
# For example to require at least 3 replicas with a lag <= 10 seconds use:
#
# min-replicas-to-write 3
# min-replicas-max-lag 10
#
# Setting one or the other to 0 disables the feature.
#
# By default min-replicas-to-write is set to 0 (feature disabled) and
# min-replicas-max-lag is set to 10.

# A Redis master is able to list the address and port of the attached
# replicas in different ways. For example the "INFO replication" section
# offers this information, which is used, among other tools, by
# Redis Sentinel in order to discover replica instances.
# Another place where this info is available is in the output of the
# "ROLE" command of a master.
#
# The listed IP and address normally reported by a replica is obtained
# in the following way:
#
#   IP: The address is auto detected by checking the peer address
#   of the socket used by the replica to connect with the master.
#
#   Port: The port is communicated by the replica during the replication
#   handshake, and is normally the port that the replica is using to
#   listen for connections.
#
# However when port forwarding or Network Address Translation (NAT) is
# used, the replica may be actually reachable via different IP and port
# pairs. The following two options can be used by a replica in order to
# report to its master a specific set of IP and port, so that both INFO
# and ROLE will report those values.
#
# There is no need to use both the options if you need to override just
# the port or the IP address.
#
# replica-announce-ip 5.5.5.5
# replica-announce-port 1234

################################## SECURITY ###################################

# Require clients to issue AUTH <PASSWORD> before processing any other
# commands.  This might be useful in environments in which you do not trust
# others with access to the host running redis-server.
#
# This should stay commented out for backward compatibility and because most
# people do not need auth (e.g. they run their own servers).
#
# Warning: since Redis is pretty fast an outside user can try up to
# 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break.
#
 requirepass ljp030838

# Command renaming.
#
# It is possible to change the name of dangerous commands in a shared
# environment. For instance the CONFIG command may be renamed into something
# hard to guess so that it will still be available for internal-use tools
# but not available for general clients.
#
# Example:
#
# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52
#
# It is also possible to completely kill a command by renaming it into
# an empty string:
#
# rename-command CONFIG ""
#
# Please note that changing the name of commands that are logged into the
# AOF file or transmitted to replicas may cause problems.

################################### CLIENTS ####################################

# Set the max number of connected clients at the same time. By default
# this limit is set to 10000 clients, however if the Redis server is not
# able to configure the process file limit to allow for the specified limit
# the max number of allowed clients is set to the current file limit
# minus 32 (as Redis reserves a few file descriptors for internal uses).
#
# Once the limit is reached Redis will close all the new connections sending
# an error 'max number of clients reached'.
#
# maxclients 10000

############################## MEMORY MANAGEMENT ################################

# Set a memory usage limit to the specified amount of bytes.
# When the memory limit is reached Redis will try to remove keys
# according to the eviction policy selected (see maxmemory-policy).
#
# If Redis can't remove keys according to the policy, or if the policy is
# set to 'noeviction', Redis will start to reply with errors to commands
# that would use more memory, like SET, LPUSH, and so on, and will continue
# to reply to read-only commands like GET.
#
# This option is usually useful when using Redis as an LRU or LFU cache, or to
# set a hard memory limit for an instance (using the 'noeviction' policy).
#
# WARNING: If you have replicas attached to an instance with maxmemory on,
# the size of the output buffers needed to feed the replicas are subtracted
# from the used memory count, so that network problems / resyncs will
# not trigger a loop where keys are evicted, and in turn the output
# buffer of replicas is full with DELs of keys evicted triggering the deletion
# of more keys, and so forth until the database is completely emptied.
#
# In short... if you have replicas attached it is suggested that you set a lower
# limit for maxmemory so that there is some free RAM on the system for replica
# output buffers (but this is not needed if the policy is 'noeviction').
#
 maxmemory 60M

# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory
# is reached. You can select among five behaviors:
#
# volatile-lru -> Evict using approximated LRU among the keys with an expire set.
# allkeys-lru -> Evict any key using approximated LRU.
# volatile-lfu -> Evict using approximated LFU among the keys with an expire set.
# allkeys-lfu -> Evict any key using approximated LFU.
# volatile-random -> Remove a random key among the ones with an expire set.
# allkeys-random -> Remove a random key, any key.
# volatile-ttl -> Remove the key with the nearest expire time (minor TTL)
# noeviction -> Don't evict anything, just return an error on write operations.
#
# LRU means Least Recently Used
# LFU means Least Frequently Used
#
# Both LRU, LFU and volatile-ttl are implemented using approximated
# randomized algorithms.
#
# Note: with any of the above policies, Redis will return an error on write
#       operations, when there are no suitable keys for eviction.
#
#       At the date of writing these commands are: set setnx setex append
#       incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd
#       sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby
#       zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby
#       getset mset msetnx exec sort
#
# The default is:
#
 maxmemory-policy allkeys-lru

# LRU, LFU and minimal TTL algorithms are not precise algorithms but approximated
# algorithms (in order to save memory), so you can tune it for speed or
# accuracy. For default Redis will check five keys and pick the one that was
# used less recently, you can change the sample size using the following
# configuration directive.
#
# The default of 5 produces good enough results. 10 Approximates very closely
# true LRU but costs more CPU. 3 is faster but not very accurate.
#
# maxmemory-samples 5

# Starting from Redis 5, by default a replica will ignore its maxmemory setting
# (unless it is promoted to master after a failover or manually). It means
# that the eviction of keys will be just handled by the master, sending the
# DEL commands to the replica as keys evict in the master side.
#
# This behavior ensures that masters and replicas stay consistent, and is usually
# what you want, however if your replica is writable, or you want the replica to have
# a different memory setting, and you are sure all the writes performed to the
# replica are idempotent, then you may change this default (but be sure to understand
# what you are doing).
#
# Note that since the replica by default does not evict, it may end using more
# memory than the one set via maxmemory (there are certain buffers that may
# be larger on the replica, or data structures may sometimes take more memory and so
# forth). So make sure you monitor your replicas and make sure they have enough
# memory to never hit a real out-of-memory condition before the master hits
# the configured maxmemory setting.
#
# replica-ignore-maxmemory yes

############################# LAZY FREEING ####################################

# Redis has two primitives to delete keys. One is called DEL and is a blocking
# deletion of the object. It means that the server stops processing new commands
# in order to reclaim all the memory associated with an object in a synchronous
# way. If the key deleted is associated with a small object, the time needed
# in order to execute the DEL command is very small and comparable to most other
# O(1) or O(log_N) commands in Redis. However if the key is associated with an
# aggregated value containing millions of elements, the server can block for
# a long time (even seconds) in order to complete the operation.
#
# For the above reasons Redis also offers non blocking deletion primitives
# such as UNLINK (non blocking DEL) and the ASYNC option of FLUSHALL and
# FLUSHDB commands, in order to reclaim memory in background. Those commands
# are executed in constant time. Another thread will incrementally free the
# object in the background as fast as possible.
#
# DEL, UNLINK and ASYNC option of FLUSHALL and FLUSHDB are user-controlled.
# It's up to the design of the application to understand when it is a good
# idea to use one or the other. However the Redis server sometimes has to
# delete keys or flush the whole database as a side effect of other operations.
# Specifically Redis deletes objects independently of a user call in the
# following scenarios:
#
# 1) On eviction, because of the maxmemory and maxmemory policy configurations,
#    in order to make room for new data, without going over the specified
#    memory limit.
# 2) Because of expire: when a key with an associated time to live (see the
#    EXPIRE command) must be deleted from memory.
# 3) Because of a side effect of a command that stores data on a key that may
#    already exist. For example the RENAME command may delete the old key
#    content when it is replaced with another one. Similarly SUNIONSTORE
#    or SORT with STORE option may delete existing keys. The SET command
#    itself removes any old content of the specified key in order to replace
#    it with the specified string.
# 4) During replication, when a replica performs a full resynchronization with
#    its master, the content of the whole database is removed in order to
#    load the RDB file just transferred.
#
# In all the above cases the default is to delete objects in a blocking way,
# like if DEL was called. However you can configure each case specifically
# in order to instead release memory in a non-blocking way like if UNLINK
# was called, using the following configuration directives:

lazyfree-lazy-eviction no
lazyfree-lazy-expire no
lazyfree-lazy-server-del no
replica-lazy-flush no

############################## APPEND ONLY MODE ###############################

# By default Redis asynchronously dumps the dataset on disk. This mode is
# good enough in many applications, but an issue with the Redis process or
# a power outage may result into a few minutes of writes lost (depending on
# the configured save points).
#
# The Append Only File is an alternative persistence mode that provides
# much better durability. For instance using the default data fsync policy
# (see later in the config file) Redis can lose just one second of writes in a
# dramatic event like a server power outage, or a single write if something
# wrong with the Redis process itself happens, but the operating system is
# still running correctly.
#
# AOF and RDB persistence can be enabled at the same time without problems.
# If the AOF is enabled on startup Redis will load the AOF, that is the file
# with the better durability guarantees.
#
# Please check http://redis.io/topics/persistence for more information.

appendonly no

# The name of the append only file (default: "appendonly.aof")

appendfilename "appendonly.aof"

# The fsync() call tells the Operating System to actually write data on disk
# instead of waiting for more data in the output buffer. Some OS will really flush
# data on disk, some other OS will just try to do it ASAP.
#
# Redis supports three different modes:
#
# no: don't fsync, just let the OS flush the data when it wants. Faster.
# always: fsync after every write to the append only log. Slow, Safest.
# everysec: fsync only one time every second. Compromise.
#
# The default is "everysec", as that's usually the right compromise between
# speed and data safety. It's up to you to understand if you can relax this to
# "no" that will let the operating system flush the output buffer when
# it wants, for better performances (but if you can live with the idea of
# some data loss consider the default persistence mode that's snapshotting),
# or on the contrary, use "always" that's very slow but a bit safer than
# everysec.
#
# More details please check the following article:
# http://antirez.com/post/redis-persistence-demystified.html
#
# If unsure, use "everysec".

# appendfsync always
appendfsync everysec
# appendfsync no

# When the AOF fsync policy is set to always or everysec, and a background
# saving process (a background save or AOF log background rewriting) is
# performing a lot of I/O against the disk, in some Linux configurations
# Redis may block too long on the fsync() call. Note that there is no fix for
# this currently, as even performing fsync in a different thread will block
# our synchronous write(2) call.
#
# In order to mitigate this problem it's possible to use the following option
# that will prevent fsync() from being called in the main process while a
# BGSAVE or BGREWRITEAOF is in progress.
#
# This means that while another child is saving, the durability of Redis is
# the same as "appendfsync none". In practical terms, this means that it is
# possible to lose up to 30 seconds of log in the worst scenario (with the
# default Linux settings).
#
# If you have latency problems turn this to "yes". Otherwise leave it as
# "no" that is the safest pick from the point of view of durability.

no-appendfsync-on-rewrite no

# Automatic rewrite of the append only file.
# Redis is able to automatically rewrite the log file implicitly calling
# BGREWRITEAOF when the AOF log size grows by the specified percentage.
#
# This is how it works: Redis remembers the size of the AOF file after the
# latest rewrite (if no rewrite has happened since the restart, the size of
# the AOF at startup is used).
#
# This base size is compared to the current size. If the current size is
# bigger than the specified percentage, the rewrite is triggered. Also
# you need to specify a minimal size for the AOF file to be rewritten, this
# is useful to avoid rewriting the AOF file even if the percentage increase
# is reached but it is still pretty small.
#
# Specify a percentage of zero in order to disable the automatic AOF
# rewrite feature.

auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb

# An AOF file may be found to be truncated at the end during the Redis
# startup process, when the AOF data gets loaded back into memory.
# This may happen when the system where Redis is running
# crashes, especially when an ext4 filesystem is mounted without the
# data=ordered option (however this can't happen when Redis itself
# crashes or aborts but the operating system still works correctly).
#
# Redis can either exit with an error when this happens, or load as much
# data as possible (the default now) and start if the AOF file is found
# to be truncated at the end. The following option controls this behavior.
#
# If aof-load-truncated is set to yes, a truncated AOF file is loaded and
# the Redis server starts emitting a log to inform the user of the event.
# Otherwise if the option is set to no, the server aborts with an error
# and refuses to start. When the option is set to no, the user requires
# to fix the AOF file using the "redis-check-aof" utility before to restart
# the server.
#
# Note that if the AOF file will be found to be corrupted in the middle
# the server will still exit with an error. This option only applies when
# Redis will try to read more data from the AOF file but not enough bytes
# will be found.
aof-load-truncated yes

# When rewriting the AOF file, Redis is able to use an RDB preamble in the
# AOF file for faster rewrites and recoveries. When this option is turned
# on the rewritten AOF file is composed of two different stanzas:
#
#   [RDB file][AOF tail]
#
# When loading Redis recognizes that the AOF file starts with the "REDIS"
# string and loads the prefixed RDB file, and continues loading the AOF
# tail.
aof-use-rdb-preamble yes

################################ LUA SCRIPTING  ###############################

# Max execution time of a Lua script in milliseconds.
#
# If the maximum execution time is reached Redis will log that a script is
# still in execution after the maximum allowed time and will start to
# reply to queries with an error.
#
# When a long running script exceeds the maximum execution time only the
# SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be
# used to stop a script that did not yet called write commands. The second
# is the only way to shut down the server in the case a write command was
# already issued by the script but the user doesn't want to wait for the natural
# termination of the script.
#
# Set it to 0 or a negative value for unlimited execution without warnings.
lua-time-limit 5000

################################ REDIS CLUSTER  ###############################

# Normal Redis instances can't be part of a Redis Cluster; only nodes that are
# started as cluster nodes can. In order to start a Redis instance as a
# cluster node enable the cluster support uncommenting the following:
#
# cluster-enabled yes

# Every cluster node has a cluster configuration file. This file is not
# intended to be edited by hand. It is created and updated by Redis nodes.
# Every Redis Cluster node requires a different cluster configuration file.
# Make sure that instances running in the same system do not have
# overlapping cluster configuration file names.
#
# cluster-config-file nodes-6379.conf

# Cluster node timeout is the amount of milliseconds a node must be unreachable
# for it to be considered in failure state.
# Most other internal time limits are multiple of the node timeout.
#
# cluster-node-timeout 15000

# A replica of a failing master will avoid to start a failover if its data
# looks too old.
#
# There is no simple way for a replica to actually have an exact measure of
# its "data age", so the following two checks are performed:
#
# 1) If there are multiple replicas able to failover, they exchange messages
#    in order to try to give an advantage to the replica with the best
#    replication offset (more data from the master processed).
#    Replicas will try to get their rank by offset, and apply to the start
#    of the failover a delay proportional to their rank.
#
# 2) Every single replica computes the time of the last interaction with
#    its master. This can be the last ping or command received (if the master
#    is still in the "connected" state), or the time that elapsed since the
#    disconnection with the master (if the replication link is currently down).
#    If the last interaction is too old, the replica will not try to failover
#    at all.
#
# The point "2" can be tuned by user. Specifically a replica will not perform
# the failover if, since the last interaction with the master, the time
# elapsed is greater than:
#
#   (node-timeout * replica-validity-factor) + repl-ping-replica-period
#
# So for example if node-timeout is 30 seconds, and the replica-validity-factor
# is 10, and assuming a default repl-ping-replica-period of 10 seconds, the
# replica will not try to failover if it was not able to talk with the master
# for longer than 310 seconds.
#
# A large replica-validity-factor may allow replicas with too old data to failover
# a master, while a too small value may prevent the cluster from being able to
# elect a replica at all.
#
# For maximum availability, it is possible to set the replica-validity-factor
# to a value of 0, which means, that replicas will always try to failover the
# master regardless of the last time they interacted with the master.
# (However they'll always try to apply a delay proportional to their
# offset rank).
#
# Zero is the only value able to guarantee that when all the partitions heal
# the cluster will always be able to continue.
#
# cluster-replica-validity-factor 10

# Cluster replicas are able to migrate to orphaned masters, that are masters
# that are left without working replicas. This improves the cluster ability
# to resist to failures as otherwise an orphaned master can't be failed over
# in case of failure if it has no working replicas.
#
# Replicas migrate to orphaned masters only if there are still at least a
# given number of other working replicas for their old master. This number
# is the "migration barrier". A migration barrier of 1 means that a replica
# will migrate only if there is at least 1 other working replica for its master
# and so forth. It usually reflects the number of replicas you want for every
# master in your cluster.
#
# Default is 1 (replicas migrate only if their masters remain with at least
# one replica). To disable migration just set it to a very large value.
# A value of 0 can be set but is useful only for debugging and dangerous
# in production.
#
# cluster-migration-barrier 1

# By default Redis Cluster nodes stop accepting queries if they detect there
# is at least an hash slot uncovered (no available node is serving it).
# This way if the cluster is partially down (for example a range of hash slots
# are no longer covered) all the cluster becomes, eventually, unavailable.
# It automatically returns available as soon as all the slots are covered again.
#
# However sometimes you want the subset of the cluster which is working,
# to continue to accept queries for the part of the key space that is still
# covered. In order to do so, just set the cluster-require-full-coverage
# option to no.
#
# cluster-require-full-coverage yes

# This option, when set to yes, prevents replicas from trying to failover its
# master during master failures. However the master can still perform a
# manual failover, if forced to do so.
#
# This is useful in different scenarios, especially in the case of multiple
# data center operations, where we want one side to never be promoted if not
# in the case of a total DC failure.
#
# cluster-replica-no-failover no

# In order to setup your cluster make sure to read the documentation
# available at http://redis.io web site.

########################## CLUSTER DOCKER/NAT support  ########################

# In certain deployments, Redis Cluster nodes address discovery fails, because
# addresses are NAT-ted or because ports are forwarded (the typical case is
# Docker and other containers).
#
# In order to make Redis Cluster working in such environments, a static
# configuration where each node knows its public address is needed. The
# following two options are used for this scope, and are:
#
# * cluster-announce-ip
# * cluster-announce-port
# * cluster-announce-bus-port
#
# Each instruct the node about its address, client port, and cluster message
# bus port. The information is then published in the header of the bus packets
# so that other nodes will be able to correctly map the address of the node
# publishing the information.
#
# If the above options are not used, the normal Redis Cluster auto-detection
# will be used instead.
#
# Note that when remapped, the bus port may not be at the fixed offset of
# clients port + 10000, so you can specify any port and bus-port depending
# on how they get remapped. If the bus-port is not set, a fixed offset of
# 10000 will be used as usually.
#
# Example:
#
# cluster-announce-ip 10.1.1.5
# cluster-announce-port 6379
# cluster-announce-bus-port 6380

################################## SLOW LOG ###################################

# The Redis Slow Log is a system to log queries that exceeded a specified
# execution time. The execution time does not include the I/O operations
# like talking with the client, sending the reply and so forth,
# but just the time needed to actually execute the command (this is the only
# stage of command execution where the thread is blocked and can not serve
# other requests in the meantime).
#
# You can configure the slow log with two parameters: one tells Redis
# what is the execution time, in microseconds, to exceed in order for the
# command to get logged, and the other parameter is the length of the
# slow log. When a new command is logged the oldest one is removed from the
# queue of logged commands.

# The following time is expressed in microseconds, so 1000000 is equivalent
# to one second. Note that a negative number disables the slow log, while
# a value of zero forces the logging of every command.
slowlog-log-slower-than 10000

# There is no limit to this length. Just be aware that it will consume memory.
# You can reclaim memory used by the slow log with SLOWLOG RESET.
slowlog-max-len 128

################################ LATENCY MONITOR ##############################

# The Redis latency monitoring subsystem samples different operations
# at runtime in order to collect data related to possible sources of
# latency of a Redis instance.
#
# Via the LATENCY command this information is available to the user that can
# print graphs and obtain reports.
#
# The system only logs operations that were performed in a time equal or
# greater than the amount of milliseconds specified via the
# latency-monitor-threshold configuration directive. When its value is set
# to zero, the latency monitor is turned off.
#
# By default latency monitoring is disabled since it is mostly not needed
# if you don't have latency issues, and collecting data has a performance
# impact, that while very small, can be measured under big load. Latency
# monitoring can easily be enabled at runtime using the command
# "CONFIG SET latency-monitor-threshold <milliseconds>" if needed.
latency-monitor-threshold 0

############################# EVENT NOTIFICATION ##############################

# Redis can notify Pub/Sub clients about events happening in the key space.
# This feature is documented at http://redis.io/topics/notifications
#
# For instance if keyspace events notification is enabled, and a client
# performs a DEL operation on key "foo" stored in the Database 0, two
# messages will be published via Pub/Sub:
#
# PUBLISH __keyspace@0__:foo del
# PUBLISH __keyevent@0__:del foo
#
# It is possible to select the events that Redis will notify among a set
# of classes. Every class is identified by a single character:
#
#  K     Keyspace events, published with __keyspace@<db>__ prefix.
#  E     Keyevent events, published with __keyevent@<db>__ prefix.
#  g     Generic commands (non-type specific) like DEL, EXPIRE, RENAME, ...
#  $     String commands
#  l     List commands
#  s     Set commands
#  h     Hash commands
#  z     Sorted set commands
#  x     Expired events (events generated every time a key expires)
#  e     Evicted events (events generated when a key is evicted for maxmemory)
#  A     Alias for g$lshzxe, so that the "AKE" string means all the events.
#
#  The "notify-keyspace-events" takes as argument a string that is composed
#  of zero or multiple characters. The empty string means that notifications
#  are disabled.
#
#  Example: to enable list and generic events, from the point of view of the
#           event name, use:
#
#  notify-keyspace-events Elg
#
#  Example 2: to get the stream of the expired keys subscribing to channel
#             name __keyevent@0__:expired use:
#
#  notify-keyspace-events Ex
#
#  By default all notifications are disabled because most users don't need
#  this feature and the feature has some overhead. Note that if you don't
#  specify at least one of K or E, no events will be delivered.
notify-keyspace-events ""

############################### ADVANCED CONFIG ###############################

# Hashes are encoded using a memory efficient data structure when they have a
# small number of entries, and the biggest entry does not exceed a given
# threshold. These thresholds can be configured using the following directives.
hash-max-ziplist-entries 512
hash-max-ziplist-value 64

# Lists are also encoded in a special way to save a lot of space.
# The number of entries allowed per internal list node can be specified
# as a fixed maximum size or a maximum number of elements.
# For a fixed maximum size, use -5 through -1, meaning:
# -5: max size: 64 Kb  <-- not recommended for normal workloads
# -4: max size: 32 Kb  <-- not recommended
# -3: max size: 16 Kb  <-- probably not recommended
# -2: max size: 8 Kb   <-- good
# -1: max size: 4 Kb   <-- good
# Positive numbers mean store up to _exactly_ that number of elements
# per list node.
# The highest performing option is usually -2 (8 Kb size) or -1 (4 Kb size),
# but if your use case is unique, adjust the settings as necessary.
list-max-ziplist-size -2

# Lists may also be compressed.
# Compress depth is the number of quicklist ziplist nodes from *each* side of
# the list to *exclude* from compression.  The head and tail of the list
# are always uncompressed for fast push/pop operations.  Settings are:
# 0: disable all list compression
# 1: depth 1 means "don't start compressing until after 1 node into the list,
#    going from either the head or tail"
#    So: [head]->node->node->...->node->[tail]
#    [head], [tail] will always be uncompressed; inner nodes will compress.
# 2: [head]->[next]->node->node->...->node->[prev]->[tail]
#    2 here means: don't compress head or head->next or tail->prev or tail,
#    but compress all nodes between them.
# 3: [head]->[next]->[next]->node->node->...->node->[prev]->[prev]->[tail]
# etc.
list-compress-depth 0

# Sets have a special encoding in just one case: when a set is composed
# of just strings that happen to be integers in radix 10 in the range
# of 64 bit signed integers.
# The following configuration setting sets the limit in the size of the
# set in order to use this special memory saving encoding.
set-max-intset-entries 512

# Similarly to hashes and lists, sorted sets are also specially encoded in
# order to save a lot of space. This encoding is only used when the length and
# elements of a sorted set are below the following limits:
zset-max-ziplist-entries 128
zset-max-ziplist-value 64

# HyperLogLog sparse representation bytes limit. The limit includes the
# 16 bytes header. When an HyperLogLog using the sparse representation crosses
# this limit, it is converted into the dense representation.
#
# A value greater than 16000 is totally useless, since at that point the
# dense representation is more memory efficient.
#
# The suggested value is ~ 3000 in order to have the benefits of
# the space efficient encoding without slowing down too much PFADD,
# which is O(N) with the sparse encoding. The value can be raised to
# ~ 10000 when CPU is not a concern, but space is, and the data set is
# composed of many HyperLogLogs with cardinality in the 0 - 15000 range.
hll-sparse-max-bytes 3000

# Streams macro node max size / items. The stream data structure is a radix
# tree of big nodes that encode multiple items inside. Using this configuration
# it is possible to configure how big a single node can be in bytes, and the
# maximum number of items it may contain before switching to a new node when
# appending new stream entries. If any of the following settings are set to
# zero, the limit is ignored, so for instance it is possible to set just a
# max entires limit by setting max-bytes to 0 and max-entries to the desired
# value.
stream-node-max-bytes 4096
stream-node-max-entries 100

# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in
# order to help rehashing the main Redis hash table (the one mapping top-level
# keys to values). The hash table implementation Redis uses (see dict.c)
# performs a lazy rehashing: the more operation you run into a hash table
# that is rehashing, the more rehashing "steps" are performed, so if the
# server is idle the rehashing is never complete and some more memory is used
# by the hash table.
#
# The default is to use this millisecond 10 times every second in order to
# actively rehash the main dictionaries, freeing memory when possible.
#
# If unsure:
# use "activerehashing no" if you have hard latency requirements and it is
# not a good thing in your environment that Redis can reply from time to time
# to queries with 2 milliseconds delay.
#
# use "activerehashing yes" if you don't have such hard requirements but
# want to free memory asap when possible.
activerehashing yes

# The client output buffer limits can be used to force disconnection of clients
# that are not reading data from the server fast enough for some reason (a
# common reason is that a Pub/Sub client can't consume messages as fast as the
# publisher can produce them).
#
# The limit can be set differently for the three different classes of clients:
#
# normal -> normal clients including MONITOR clients
# replica  -> replica clients
# pubsub -> clients subscribed to at least one pubsub channel or pattern
#
# The syntax of every client-output-buffer-limit directive is the following:
#
# client-output-buffer-limit <class> <hard limit> <soft limit> <soft seconds>
#
# A client is immediately disconnected once the hard limit is reached, or if
# the soft limit is reached and remains reached for the specified number of
# seconds (continuously).
# So for instance if the hard limit is 32 megabytes and the soft limit is
# 16 megabytes / 10 seconds, the client will get disconnected immediately
# if the size of the output buffers reach 32 megabytes, but will also get
# disconnected if the client reaches 16 megabytes and continuously overcomes
# the limit for 10 seconds.
#
# By default normal clients are not limited because they don't receive data
# without asking (in a push way), but just after a request, so only
# asynchronous clients may create a scenario where data is requested faster
# than it can read.
#
# Instead there is a default limit for pubsub and replica clients, since
# subscribers and replicas receive data in a push fashion.
#
# Both the hard or the soft limit can be disabled by setting them to zero.
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit replica 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60

# Client query buffers accumulate new commands. They are limited to a fixed
# amount by default in order to avoid that a protocol desynchronization (for
# instance due to a bug in the client) will lead to unbound memory usage in
# the query buffer. However you can configure it here if you have very special
# needs, such us huge multi/exec requests or alike.
#
# client-query-buffer-limit 1gb

# In the Redis protocol, bulk requests, that are, elements representing single
# strings, are normally limited ot 512 mb. However you can change this limit
# here.
#
# proto-max-bulk-len 512mb

# Redis calls an internal function to perform many background tasks, like
# closing connections of clients in timeout, purging expired keys that are
# never requested, and so forth.
#
# Not all tasks are performed with the same frequency, but Redis checks for
# tasks to perform according to the specified "hz" value.
#
# By default "hz" is set to 10. Raising the value will use more CPU when
# Redis is idle, but at the same time will make Redis more responsive when
# there are many keys expiring at the same time, and timeouts may be
# handled with more precision.
#
# The range is between 1 and 500, however a value over 100 is usually not
# a good idea. Most users should use the default of 10 and raise this up to
# 100 only in environments where very low latency is required.
hz 10

# Normally it is useful to have an HZ value which is proportional to the
# number of clients connected. This is useful in order, for instance, to
# avoid too many clients are processed for each background task invocation
# in order to avoid latency spikes.
#
# Since the default HZ value by default is conservatively set to 10, Redis
# offers, and enables by default, the ability to use an adaptive HZ value
# which will temporary raise when there are many connected clients.
#
# When dynamic HZ is enabled, the actual configured HZ will be used as
# as a baseline, but multiples of the configured HZ value will be actually
# used as needed once more clients are connected. In this way an idle
# instance will use very little CPU time while a busy instance will be
# more responsive.
dynamic-hz yes

# When a child rewrites the AOF file, if the following option is enabled
# the file will be fsync-ed every 32 MB of data generated. This is useful
# in order to commit the file to the disk more incrementally and avoid
# big latency spikes.
aof-rewrite-incremental-fsync yes

# When redis saves RDB file, if the following option is enabled
# the file will be fsync-ed every 32 MB of data generated. This is useful
# in order to commit the file to the disk more incrementally and avoid
# big latency spikes.
rdb-save-incremental-fsync yes

# Redis LFU eviction (see maxmemory setting) can be tuned. However it is a good
# idea to start with the default settings and only change them after investigating
# how to improve the performances and how the keys LFU change over time, which
# is possible to inspect via the OBJECT FREQ command.
#
# There are two tunable parameters in the Redis LFU implementation: the
# counter logarithm factor and the counter decay time. It is important to
# understand what the two parameters mean before changing them.
#
# The LFU counter is just 8 bits per key, it's maximum value is 255, so Redis
# uses a probabilistic increment with logarithmic behavior. Given the value
# of the old counter, when a key is accessed, the counter is incremented in
# this way:
#
# 1. A random number R between 0 and 1 is extracted.
# 2. A probability P is calculated as 1/(old_value*lfu_log_factor+1).
# 3. The counter is incremented only if R < P.
#
# The default lfu-log-factor is 10. This is a table of how the frequency
# counter changes with a different number of accesses with different
# logarithmic factors:
#
# +--------+------------+------------+------------+------------+------------+
# | factor | 100 hits   | 1000 hits  | 100K hits  | 1M hits    | 10M hits   |
# +--------+------------+------------+------------+------------+------------+
# | 0      | 104        | 255        | 255        | 255        | 255        |
# +--------+------------+------------+------------+------------+------------+
# | 1      | 18         | 49         | 255        | 255        | 255        |
# +--------+------------+------------+------------+------------+------------+
# | 10     | 10         | 18         | 142        | 255        | 255        |
# +--------+------------+------------+------------+------------+------------+
# | 100    | 8          | 11         | 49         | 143        | 255        |
# +--------+------------+------------+------------+------------+------------+
#
# NOTE: The above table was obtained by running the following commands:
#
#   redis-benchmark -n 1000000 incr foo
#   redis-cli object freq foo
#
# NOTE 2: The counter initial value is 5 in order to give new objects a chance
# to accumulate hits.
#
# The counter decay time is the time, in minutes, that must elapse in order
# for the key counter to be divided by two (or decremented if it has a value
# less <= 10).
#
# The default value for the lfu-decay-time is 1. A Special value of 0 means to
# decay the counter every time it happens to be scanned.
#
# lfu-log-factor 10
# lfu-decay-time 1

########################### ACTIVE DEFRAGMENTATION #######################
#
# WARNING THIS FEATURE IS EXPERIMENTAL. However it was stress tested
# even in production and manually tested by multiple engineers for some
# time.
#
# What is active defragmentation?
# -------------------------------
#
# Active (online) defragmentation allows a Redis server to compact the
# spaces left between small allocations and deallocations of data in memory,
# thus allowing to reclaim back memory.
#
# Fragmentation is a natural process that happens with every allocator (but
# less so with Jemalloc, fortunately) and certain workloads. Normally a server
# restart is needed in order to lower the fragmentation, or at least to flush
# away all the data and create it again. However thanks to this feature
# implemented by Oran Agra for Redis 4.0 this process can happen at runtime
# in an "hot" way, while the server is running.
#
# Basically when the fragmentation is over a certain level (see the
# configuration options below) Redis will start to create new copies of the
# values in contiguous memory regions by exploiting certain specific Jemalloc
# features (in order to understand if an allocation is causing fragmentation
# and to allocate it in a better place), and at the same time, will release the
# old copies of the data. This process, repeated incrementally for all the keys
# will cause the fragmentation to drop back to normal values.
#
# Important things to understand:
#
# 1. This feature is disabled by default, and only works if you compiled Redis
#    to use the copy of Jemalloc we ship with the source code of Redis.
#    This is the default with Linux builds.
#
# 2. You never need to enable this feature if you don't have fragmentation
#    issues.
#
# 3. Once you experience fragmentation, you can enable this feature when
#    needed with the command "CONFIG SET activedefrag yes".
#
# The configuration parameters are able to fine tune the behavior of the
# defragmentation process. If you are not sure about what they mean it is
# a good idea to leave the defaults untouched.

# Enabled active defragmentation
# activedefrag yes

# Minimum amount of fragmentation waste to start active defrag
# active-defrag-ignore-bytes 100mb

# Minimum percentage of fragmentation to start active defrag
# active-defrag-threshold-lower 10

# Maximum percentage of fragmentation at which we use maximum effort
# active-defrag-threshold-upper 100

# Minimal effort for defrag in CPU percentage
# active-defrag-cycle-min 5

# Maximal effort for defrag in CPU percentage
# active-defrag-cycle-max 75

# Maximum number of set/hash/zset/list fields that will be processed from
# the main dictionary scan
# active-defrag-max-scan-fields 1000

所有步骤完成后,回到WP 后台下载一个叫Redis Object Cache 的插件。 记得 先别重启 lnmp.

是的,没错。就是这么长。先别管为什么这么去修改,现在不展开来说,以后我另外写一篇关于Redis的文章。现在,先按照复制上去。但有一个你可以自己先去修改的,就是第511项,所设置的密码。你可以修改为自己的密码。我的是ljp030838.

然后把文件扔去(看好路径)/usr/local/redis/bin/ 里面。

接着操作:

./redis-cli
#然后输入
shutdown 回车
再输入:
exit
#现在已经把Redis停掉了,再次开启并运用我们刚才修改的redis.conf
./redis-server redis.conf
#我们验证一下我们的是否启动成功新的配置文件
./redis-cli
auth ljp030838(你的密码)
keys *
#应该会提示数据库为空,等你开启了插件就会显示缓存了的文件了。Ok,成功了。退出。
exit

接着 输入:nginx -t 

看看有没有问题,没问题的话。输入:lnmp restart. (有问题的,留言问)

重启完后,回到网站目录下,修改一下wp-config.php文件。

大概在文件的第60行输入:

cd /home/wwwroot/www.XXXX.com/

#在这文件夹里面找到wp-config.php。在60行左右插入:

/**
     * redis object cache配置
     */
define('WP_REDIS_HOST', '127.0.0.1');  # redis 服务器地址
define('WP_REDIS_PORT', '6379');  # redis 服务器端口
define('WP_REDIS_DATABASE', '0');  # redis 数据库(第一个0 ,第一个1,依次类推)
define('WP_REDIS_PASSWORD', 'ljp030838');  # redis 数据库密码,就是刚才你想修改的密码
define('WP_REDIS_CLIENT', 'pecl');

还没有完结,你还要修改网站的conf 文件。

cd /usr/local/nginx/conf/vhost/

#就是这个文件夹里面的文件,你最好下载下来去修改。

把下面的配置文件覆盖你的,然后把域名改为你自己的。

  配置文件
  upstream redis {
  server 127.0.0.1:6379;
  keepalive 512;
  }

  server
{
  listen 80;
  #listen [::]:80;
  server_name www.fuenituresourcing.com fuenituresourcing.com;
  root /home/wwwroot/www.fuenituresourcing.com;

  location / {
  return 301 https://www.fuenituresourcing.com$request_uri;
  }
}

  server
{
  listen 443 ssl http2;
  #listen [::]:443 ssl http2;
  server_name www.fuenituresourcing.com fuenituresourcing.com;
  index index.html index.htm index.php default.html default.htm default.php;
  root /home/wwwroot/www.fuenituresourcing.com;

  #证书部分
  ssl_certificate /usr/local/nginx/conf/ssl/www.fuenituresourcing.com/fullchain.cer;
  ssl_certificate_key /usr/local/nginx/conf/ssl/www.fuenituresourcing.com/www.fuenituresourcing.com.key;

  #TLS 握手优化
  ssl_session_cache shared:SSL:10m;
  ssl_session_timeout 10m;
  keepalive_timeout 75s;
  keepalive_requests 100;

  #TLS 版本控制
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
  ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AES128:EECDH+aRSA+AES128:RSA+AES128:EECDH+ECDSA+AES256:EECDH+aRSA+AES256:RSA+AES256:EECDH+ECDSA+3DES:EECDH+aRSA+3DES:RSA+3DES:!MD5";
  ssl_prefer_server_ciphers on;

  # 开启 1.3 o-RTT
  #ssl_early_data on;

  # openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
  ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;

  #WordPress伪静态

  include rewrite/wordpress.conf;
  #error_page 404 /404.html;

  # GZip 和 Brotli
  gzip on;
  gzip_comp_level 6;
  gzip_min_length 1k;
  gzip_types text/plain text/css text/xml text/javascript text/x-component application/json application/javascript application/x-javascript application/xml application/xhtml+xml application/rss+xml application/atom+xml application/x-font-ttf application/vnd.ms-fontobject image/svg+xml image/x-icon font/opentype;

  brotli on;
  brotli_static off;
  brotli_min_length 100;
  brotli_buffers 16 8k;
  brotli_comp_level 5;
  brotli_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript image/svg+xml;

  # Deny access to PHP files in specific directory
  #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

  include enable-php-pathinfo.conf;

  add_header Strict-Transport-Security max-age=63072000;
  # add_header X-Frame-Options DENY;
  add_header X-Content-Type-Options nosniff;
  add_header "Access-Control-Allow-Origin" *;

  #redis开启
  set $skip_cache 0;

  #POST请求直接调用后端

  if ($request_method = POST) {
  set $skip_cache 1;
  }
  if ($query_string != "") {
  set $skip_cache 1;
  }

  #不要缓存以下部分
  if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
  set $skip_cache 1;
  }

  #不缓存登陆用户和最近评论的用户
  if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
  set $skip_cache 1;
  }

  location /redis-fetch {
  internal ;
  set $redis_key $args;
  #redis_pass 127.0.0.1:6379;
  }

  location ~ [^/]\.php(/|$) {
  set $key "nginx-cache:$scheme$request_method$host$request_uri";
  try_files $uri =404;

  #PHP版本号有出入的别弄错了
  fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
  fastcgi_index index.php;
  include fastcgi.conf;
  fastcgi_param PHP_VALUE "open_basedir=$document_root:/tmp/:/proc/";
  }

  #Yoast sitemap
  location ~ ([^/]*)sitemap(.*)\.x(m|s)l$ {
  ## this redirects sitemap.xml to /sitemap_index.xml
  rewrite ^/sitemap\.xml$ /sitemap_index.xml permanent;
  ## this makes the XML sitemaps work
  rewrite ^/([a-z]+)?-?sitemap\.xsl$ /index.php?xsl=$1 last;
  rewrite ^/sitemap_index\.xml$ /index.php?sitemap=1 last;
  rewrite ^/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;
  ## The following lines are optional for the premium extensions
  ## News SEO
  rewrite ^/news-sitemap\.xml$ /index.php?sitemap=wpseo_news last;
  ## Local SEO
  rewrite ^/locations\.kml$ /index.php?sitemap=wpseo_local_kml last;
  rewrite ^/geo-sitemap\.xml$ /index.php?sitemap=wpseo_local last;
  ## Video SEO
  rewrite ^/video-sitemap\.xsl$ /index.php?xsl=video last;
  }

  location ~* \.(ico|gif|bmp|jpg|jpeg|png|swf|js|css|gz|svg|svgz|ttf|otf|woff|eot|mp4|ogg|ogv|webm) {
  expires 30d;
  add_header Pragma public;
  add_header Cache-Control "public, must-revalidate, proxy-revalidate";
  }

  location ~* ^/wp-content/.*.(php|phps)$ {
  deny all;
  }
  location ~* ^/wp-includes/.*\.(php|phps)$ {
  internal;
  }

  location = /wp-config.php {
  deny all;
  }
  location ~* ^/wp-content/.*.(txt|md|exe)$ {
  deny all;
  }

  location ~* /xmlrpc.php {
  deny all;
  }

  location ~ /.well-known {
  allow all;
  }

  location ~ /\.
  {
  deny all;
  }

  access_log /home/wwwlogs/www.fuenituresourcing.com.log;
}

完成以后,把修改的文件覆盖之前的。然后回到网站后台,开启redis插件。

打完收工。

Linode VPS+LNMP1.5+WordPress搭建外贸网站

Linode VPS+LNMP1.5+WordPress搭建外贸网站

本文写使用的搭建环境与软件是CentOS 7 + LNMP1.5 + WordPress + AVADA主题,根据本文步骤操作,你可以架设出自己的个人外贸网站。本文主要内容如下:

  1. VPS和域名的配置
  2. 安装lnmp包
  3. 部署虚拟主机+安装WordPress
  4. 设置SSL证书

[sta_anchor id=”vps”]1.VPS和域名的配置[/sta_anchor]

VPS中我选用了Linode VPS的5刀配置的,当然你可以选择其他的VPS也是可以的。但我个人喜欢Linode,毕竟操作简单。至于如何购买Linode,我这里就不说了。如果你真的不懂的话可以参考hunk或者料神的博客。

https://www.imhunk.com/linode-faq/

https://www.liaosam.com/linode-vps-intro.html

调过购买教程后,直接配置VPS。

linode vps

我选了新加坡地区的。

linode vps

Root Password 尽量设置复杂一点,而且必须记下来!记下来!记下来!等下要用到。

linode vps

点了Rebuild后等个10几秒初次化。

linode vps

初次化后直接点Boot,开启!

一切准备好,拿起你的SSH工具,准备开波。Skr,skr

[sta_anchor id=”lnmp”]2.安装lnmp包[/sta_anchor]

工具:Xshell + Xftp,自行去官网下载。官网地址:www.netsarang.com 下载时选择一下你是 home use,即可免费下载。

打开xshell点新建。

xshell

输入自己喜欢的名称,主机填刚才vps的IP地址,端口22,间隔45。然后先别急点确定!

xshell

点击左上角‘用户身份验证’用户名输入root,密码:输入刚才开通配置vps时的密码(就是刚才说记住的那个密码)。然后点确定。

xshell

然后点击链接刚才新建的,在弹框的这里点击“接受并保存”下次链接就不会再弹出来。除非你更改了密码。

xshell

链接后就开始表演真正的技术了…

A.安装Lnmp1.5

LNMP一般来说指的是Linux + Nginx + Mysql + PHP,用这个组合可以快速搭建出轻量级的网站,因此深受喜爱。而LNMP一键安装包(https://lnmp.org/)则是一个集成了安装、配置过程的第三方包,为了快速建站,此处我们选择一键安装包。

此文写作时,LNMP最新的是1.5版本,优化了对SSL的支持,若希望快速完成SSL证书生成+部署到WordPress,使用https协议,建议使用此版本。

CentOS 6.8/ CentOS 7 系统默认未安装 Wget 指令程序,那么执行一下这条命令先安装 wget: (CentOs 系统)

sudo yum -y install wget

 

首先,运行如下代码,通过wget将压缩包下载到本地并解压,并运行install.sh安装。复制下面代码,右键粘贴进Xshell然后回车。

#lnmp1.5安装lnmp包
wget -c http://soft.vpser.net/lnmp/lnmp1.5.tar.gz
tar zxf lnmp1.5.tar.gz
cd lnmp1.5
./install.sh lnmp

安装配置时注意的点:

  • 安装的Mysql版本(直接回车选择默认的5.5.60或者输入2)
  • 设置Mysql的root账户的密码(建议设置刚才VPS的root一样的密码,或重新设置复杂的密码。必须记下来!)
  • 是否开启InnoDB,支持并发与表间引用(直接回车默认开启或输入Y)
  • 安装的PHP版本(选择php7.1.18,我听说PHP7.2现在有BUG。)
  • 是否开启存储分配器(直接回车默认不开启或输入N)

lnmp1.5

接着就是按任意键开始安装了。安装过程需要三十分钟左右。

B.域名解释

趁着安装的时候,我们就去做一下域名DNS的解释。

域名我一般都在namesilo上面购买。这里有个优惠码:030838。购买域名时输入便是。

DNS解释我一般会在cloudflare上做解释,原因是快!5分钟内就解析完成。

namesilo

先在namesilo上的nameserver指向cloudflare.然后去DNS设置那边吧之前默认的解释全部删除。

cloudflare

在cloudflare上添加网址,然后设置NDS解释。做两个A记录:一个是泛解析@,一个是www.都指向刚才的VPS IP地址。

[sta_anchor id=”wordpress”]3.部署虚拟主机+安装WordPress[/sta_anchor]

lnmp1.5 成功安装

等待了大约35分钟,终于安装好!

同时你打开网址会看见这样的显示:

lnmp 成功安装

验证完毕后,我们就可以删除lnmp安装包存放在本地的网页了,删除后,将不会再出现上面的页面。

cd /home/wwwroot/default
sudo rm *.php *.html *.gif

A.配置虚拟主机

虚拟私有服务器VPS和虚拟主机vhost的区别是什么呢?

一个服务器可以被分为多个虚拟主机,每个虚拟主机存放不同网站的数据。

所以,现在我们要做的是,创建一个虚拟主机,用来存放www.fuenituresourcing.com网站的数据。

我们需要借助lnmp帮我们进行配置:

lnmp vhost add

你需要配置下面的选项,请牢记配置中的数据库名字、账号、密码

  1. 输入域名:www.fuenituresourcing.com (你可以用1级域名,而不使用www. 我习惯使用。)
  2. 是否需要输入更多的域名?:fuenituresourcing.com  (若不输入,直接回车,则以后需要自己通过301重定向,把没有www的域名定向到www域名)
  3. 输入存放网站数据的目录(直接回车,默认是/home/wwwroot/www.fuenituresourcing.com)
  4. 是否开启rewrite规则?这里输入y,会问你是什么类型的框架,输入wordpress
  5. 是否允许phpinfo:我选择y(pathinfo的原理就是将index.php/xxxx/xxx类似的网址当做php来执行)
  6. 是否开启数据库日志:虽然日志记录是比较安全、规范的做法,但是会占用大量存储空间,我们的小VPS就不要开启了。
  7. 是否为网站创建数据库,并且创建一个和数据库同名的数据库账号:输入y
  8. 请输出mysql的root密码(这时的密码是不可见的,你直接输入就是,输入正确会说OK。)
  9. 输入想要使用的名字:输入wordpress (你可以输入其他自己喜欢的名字),这样,你的mysql里面名为wordpress的数据库就专门用于存放www.fuenituresourcing.com的网站数据了。你可以通过名为wordpress的账号来管理名为wordpress的数据库。
  10. 输入想要为新账户设置的密码:用来登录上面创建的新账户
  11. 是否使用SSL认证:选择y(我们需要使用https协议,而不是明文传输的http)
  12. 使用自己已有的证书还是使用Let’s Encrypt申请一个:选择2使用Let’s Encrypt申请。
  13. 接着按任意键创建就行了。

添加虚拟主机

 

添加虚拟主机

安装成功后,把这一段信息截图或者复制下来,等下安装WordPress要用到。

B.安装WordPress

去下载最新版本的 WordPress 程序文件。

cd /home/wwwroot/www.fuenituresourcing.com
wget https://wordpress.org/latest.zip

下载完成后,解压文件:

unzip latest.zip

接着在 Xftp 里刷新一下,可以看到已经解压完成。解压出来一个 WordPress 文件夹。

在 Xftp 里双击 WordPress 文件夹,可以看到 WordPress 程序文件都已经成功解压。

接下来,我们要把所有程序文件移动到上一层,保持在 fuenituresourcing.com 目录之下。并把 wordpress这个文件夹删除。

注意,这里要用到移动文件的命令 “mv” 。在 Xshell 上输入:

mv wordpress/* . (注意:星号后有一个空格,一个点)  回车

这样就完成了所有程序文件的移动。至于wordpress这个空文件夹,你可以直接在 Xftp 里面删除了。

xftp

这时候,在浏览器输入自己的网址。进入WordPress 最后安装:

wordpress 安装

Let’s go!

wordpress 安装

输入刚才安装虚拟主机的信息!

wordpress 安装

继续下一步!

wordpress 安装

这里的Site Title 可以先随便填,进去后台可以改。用户名,密码是用来登录你的WordPress后台的。

邮箱地址是用来收一些网站的信息。最后的选项请打上勾,先不要给搜索引擎收录。因为是新网站!先把所有的东西建好才去收录。

wordpress 安装

下一步后,就可以进入后台了。WordPress 安装成功!

现在你的个人网站已经正式上线了,但是如果你尝试安装主题或者安装插件,你可能会发现安装失败,并且向你索要ftp信息,但是,我们不需要安装FTP。

安装失败的原因是,WordPress无法在/home/wwwroot/www.fuenituresourcing.com下进行数据目录的创建和删除,因此尝试使用FTP进行数据操作。我们最好避免这类明文协议安装在我们的服务器上。这时我们只要将目录的所有者改为www,并且增加各用户对此目录的操作权限就行了,-R代表递归操作子目录:

chattr -i /home/wwwroot/www.fuenituresourcing.com/.user.ini
chmod -R 755 /home/wwwroot/www.fuenituresourcing.com
chown -R www /home/wwwroot/www.fuenituresourcing.com

搞定,一切正常!Skr,Skr…

[sta_anchor id=”ssl”]4.设置SSL证书[/sta_anchor]

目前,你的个人网站已经实现了基本功能,其他功能可以通过在各种WordPress社区寻找插件来实现了。但是,你的网站目前默认使用的是http明文传输。正如尽量避免ftp一样,我们也应该避免http协议。

如果你输入www.fuenituresourcing.com和https://www.fuenituresourcing.com,你会发现地址栏上一个是不安全的,一个是带锁的,也就是说我们现在同时支持两种协议,那么接下来我们需要将通过http协议进行的访问请求重定向到https协议访问上。如果你的网站不能进行https访问,请先解决它,不要进行以下操作(一般可能是某个依赖库没安装,安装后通过lnmp ssl add重新申请,或搜索手工配置的技术博客,但一般情况下并不会出现)。

A.301重定向进行全站https传输

目前使用较多的代理服务器有Nginx和Apache,我们使用的是Nginx。如果你使用的是Apache,请通过关键词搜索其他方案。

为了配置代理服务器,我们需要知道本机的Nginx安装在何处,通过whereis命令执行:

whereis nginx.conf

你会看到这样的提示:nginx: /usr/bin/nginx /usr/local/nginx

可以看到,目录在/usr/local/nginx,那么我们进入其配置文件:

cd /usr/local/nginx/conf

你会发现目录下有很多.conf文件,这些都是配置信息,那么怎么修改呢?

代理服务器的对一个网站的服务流程可以概述如下:设置一个server,其中设置了监听端口、服务的域名等配置信息,当监听到对应访问时,通过配置信息进行处理。要注意的是,(域名,端口)组合的server应该是独一的,否则会出现冲突。

基于上述理由,我们在添加配置前要先确认,是否已有对应server:若没有,我们可以直接添加;若有,则需要到对应地方修改。用grep命令进行搜索:

grep -r "fuenituresourcing.com" *
ssl/www.fuenituresourcing.com/www.fuenituresourcing.com.csr.conf:subjectAltName=DNS:www.fuenituresourcing.com,DNS:fuenituresourcing.com
ssl/www.fuenituresourcing.com/www.fuenituresourcing.com.conf:Le_Domain='www.fuenituresourcing.com'
ssl/www.fuenituresourcing.com/www.fuenituresourcing.com.conf:Le_Alt='fuenituresourcing.com'
ssl/www.fuenituresourcing.com/www.fuenituresourcing.com.conf:Le_Webroot='/home/wwwroot/www.fuenituresourcing.com'
vhost/www.fuenituresourcing.com.conf: server_name www.fuenituresourcing.com fuenituresourcing.com;
vhost/www.fuenituresourcing.com.conf: root /home/wwwroot/www.fuenituresourcing.com;
vhost/www.fuenituresourcing.com.conf: server_name www.fuenituresourcing.com fuenituresourcing.com;
vhost/www.fuenituresourcing.com.conf: root /home/wwwroot/www.fuenituresourcing.com;
vhost/www.fuenituresourcing.com.conf: ssl_certificate /usr/local/nginx/conf/ssl/www.fuenituresourcing.com/fullchain.cer;
vhost/www.fuenituresourcing.com.conf: ssl_certificate_key /usr/local/nginx/conf/ssl/www.fuenituresourcing.com/www.fuenituresourcing.com.key;

 

这下我们看到了,vhost/www.fuenituresourcing.com.conf里存在相关server,我们直接进入修改,实现301重定向的模板如下:

server {
 listen 80;
 server_name www.fuenituresourcing.com fuenituresourcing.com;
 return 301 https://www.fuenituresourcing.com$request_uri;
}

在server 段修改。当然你也可以用XFTP把文件下载到本地去修改,再重新上传。

这个模板的意思是:对于www.fuenituresourcing.com:80的访问,server的处理方式是直接return 301+ url ,告诉访问者到这个url。80端口是http端口,433是https端口,所以你也可以return www.fuenituresourcing.com:433$request_uri。

通过这个模板,你可以实现多个域名映射到同一域名,设置无www域名到有www域名的映射等。你甚至可以重定向到百度。

或者你可以直接复制我的配置,只要把网址改回自己的:

server
    {
      listen 80;
      #listen [::]:80;
      server_name www.fuenituresourcing.com fuenituresourcing.com;
      return 301 https://www.fuenituresourcing.com$request_uri;
    }	

server
    {
        listen 443 ssl http2;
        #listen [::]:443 ssl http2;
        server_name www.fuenituresourcing.com fuenituresourcing.com;
        index index.html index.htm index.php default.html default.htm default.php;
        root  /home/wwwroot/www.fuenituresourcing.com;
        ssl on;
        ssl_certificate /usr/local/nginx/conf/ssl/www.fuenituresourcing.com/fullchain.cer;
        ssl_certificate_key /usr/local/nginx/conf/ssl/www.fuenituresourcing.com/www.fuenituresourcing.com.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_ciphers "EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
        ssl_session_cache builtin:1000 shared:SSL:10m;
        # openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
        ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;

        include rewrite/wordpress.conf;
        #error_page   404   /404.html;

        # Deny access to PHP files in specific directory
        #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

        include enable-php-pathinfo.conf;

        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
        {
            expires      30d;
        }

        location ~ .*\.(js|css)?$
        {
            expires      12h;
        }

        location ~ /.well-known {
            allow all;
        }

        location ~ /\.
        {
            deny all;
        }

        access_log off;
    }

 

修改完毕后,我们需要重启Nginx服务使配置生效:

sudo nginx -s reload

当然也可以使用lnmp一键包将NM重启:

lnmp restart

此外,我们还要配置WordPress的相关信息.

  • 通过WordPress后台管理“设置”中“常规”里面把“WordPress地址(URL)”、“站点地址(URL)”两个地址的http修改为https,“设置”中“多媒体”的“文件的完整URL地址”改为https。

B.SSL证书的自动续期

lnmp1.5版以后,安装包使用更便捷的acme.sh进行申请SSL证书,而不是certbot(因为certbot需要的依赖包较多。不过现在也有certbot-auto版,能自动安装所需依赖库)。

需要注意的是,SSL证书具有有效期,我们需要按时续期。Lnmp1.5 使用的acme.sh它是自动80天续期的,不必操作。

至此,一套完整的使用https访问的个人网站就搭建完成了。

C.安装AVADA主题

直接到wordpress后台上传AVADA主题,而且我建议也吧AVADA的子主题也同时安装。

其中安装成功后,必须安装Fusion Core,与Fusion Builder这两个插件。不然AVADA无法使用。

AVADA设置

安装完必要插件后,安装子主题并启用。

AVADA设置

然后去到AVADA的System Status 看红字情况。这里是要求把PHP Max Input Vars最小调到1500.

AVADA设置

我们点击他的建议查看PHP Max Input Vars究竟在哪里改。这里明显可以在php.ini里面修改。

AVADA设置

如何查找这个文件?很简单。先去网站目录新建一个123.php的文件。(名字随便改)

如何找到php.ini

然后在文件里面输入以下内容,并保存:

<?php phpinfo(); ?>

然后到浏览器去键入www.fuenituresourcing.com/123.php。这时候在打开的页面按Ctrl+F查找php.ini就可以找到该文件的位置:

如何找到php.ini

这里显示文件在/usr/local/php/etc/php.ini。

你可以用Vi命令去修改,也可以直接把文件下载到本地。

我选择下载到本地修改后上传。打开文件查找”max_input_vars” 把数值改为3000(大概在代码段400位置),并把前面的分号去掉。

PHP

修改完上传,然后重启一下lnmp:

lnmp restart

回到刚才的红字页面,刷新。你会发现已经OK了。

如果你还有其他红字问题照样按照它给你的提示去操作,或者参考这两篇文章:

https://www.imhunk.com/fix-avada-red-system-status/

https://www.liaosam.com/lnmp-wordpres-problems-records.html