Twenty Seventeen 是一个开源的 WordPress 主题,非常适合目录较多的网站,首页能够巧妙地将图片和文字结合在一起。
All In One WP Security 是一个开源的 WordPress 安全插件,比较全面地对 WordPress 进行安全加强,安装了这个插件以后,基本上就不需要再安装其他安全插件。
Easy WP SMTP 是一个开源的 WordPress 邮件插件,可以实现 WordPress 通过 SMTP 发送邮件。
Simply Static 是一个开源的 WordPress 动态网站转静态网站插件,可以将动态网站转换成静态网站。
(步骤略)
# yum -y install certbot(补充:这里以在 Fedora 35 上安装 certbot 为例)
# certbot certonly --email mingyu.zhu@eternalcenter.com -n --agree-tos --webroot -w /usr/share/nginx/html/ -d eternalcenter.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Requesting a certificate for eternalcenter.com
Performing the following challenges:
http-01 challenge for eternalcenter.com
Using the webroot path /usr/share/nginx/html for all unmatched domains.
Waiting for verification...
Cleaning up challenges
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/eternalcenter.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/eternalcenter.com/privkey.pem
Your certificate will expire on 2022-03-20. To obtain a new or
tweaked version of this certificate in the future, simply run
certbot again. To non-interactively renew *all* of your
certificates, run "certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le(
补充:这里以
1) 使用 mingyu.zhu@eternalcenter.com 邮箱
2) 以非交互式的方式
3) 通过给 /usr/share/nginx/html/ 网站目录里添加验证文件进行验证
4) 给 eternalcenter.com 域名
申请 Let’s Encrypt SSL 证书为例
)
# certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
Certificate Name: eternalcenter.com
Serial Number: 3e8cdb74a1abfbf3d535ec1c3f8cb3e4e4c
Key Type: RSA
Domains: eternalcenter.com
Expiry Date: 2022-03-20 13:48:48+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/eternalcenter.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/eternalcenter.com/privkey.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(
补充:
1) /etc/letsencrypt/live/eternalcenter.com/fullchain.pem 是公钥
2) /etc/letsencrypt/live/eternalcenter.com/privkey.pem 是私钥
)
# cat /etc/letsencrypt/renewal/eternalcenter.com.conf
# renew_before_expiry = 30 days
version = 1.20.0
archive_dir = /etc/letsencrypt/archive/eternalcenter.com
cert = /etc/letsencrypt/live/eternalcenter.com/cert.pem
privkey = /etc/letsencrypt/live/eternalcenter.com/privkey.pem
chain = /etc/letsencrypt/live/eternalcenter.com/chain.pem
fullchain = /etc/letsencrypt/live/eternalcenter.com/fullchain.pem(补充:可以看出 Let’s Encrypt SSL 证书是在过期前 30 天才能更新)
# /usr/bin/certbot renew(补充:这里以延期 Let’s Encrypt SSL 证书为例)
# crontab -e添加以下内容:
......
0 0 */30 * * /usr/bin/certbot renew(补充:这里以每过 30 天的 0 时 0 分延期 Let’s Encrypt SSL 证书为例)
1) 一个域名申请次数不能超过 5 次/周
2) 允许申请失败次数不能超过 5 次/时
3) 属于同一个顶级域名的二级域名申请次数不能超过 20 次/周
4) 申请请求频率不能超过 20 次/秒
5) 一个 IP 地址创建用户个数不能超过 10 个/3 小时
6) 一个用户最多 pending 审核的数不能超过 300 个
作者:朱明宇
名称:Shell 博客 WordPress 数据去隐私化
作用:修改 WordPress 备份中某个用户的密码并再次进行备份
使用方法:
1. 在此脚本的分割线内写入相应的内容
2. 给此脚本添加执行权限
3. 执行此脚本
脚本分割线里的变量:
1. path=/home/zhumingyu/EternalCenter #本地备份目录
2. filename=eternalcenter-backup #本地备份文件
3. cpath=”/srv/www/htdocs” #网站程序目录
4. sqlfile=eternalcenter/eternalcenter.sql #网站数据库数据备份
5. tarfile=eternalcenter/eternalcenter.tar.gz #网站网页数据备份
6. newfilename=clone-eternalcenter-backup #新备份的文件名
7. user=’Mingyu Zhu’ #要修改密码的用户
8. newpw=eternalcenter #新的用户密码
9. dbuser=ec #用于连接数据库的用户
10. dbuserpw=eternalcenter #用于连接数据库的密码
11. db=ec #网站数据库数据在数据库中的库
注意:
1. 本地需要已经搭建好 LNMP 平台
2. 执行此脚本的用户需要有远程服务器的 sudo tar 和 sudo rm 权限
3. 脚本 ”mysql -uroot -p’eternalcenter’ -e “drop database $db;”“ 中 “eternalcenter“ 是指远程 MariaDB 数据库 root 用户的密码,需要修改成远程 MariaDB 数据库的 root 用户密码
#!/bin/bash
####################### Separator ########################
path=/home/zhumingyu/EternalCenter
filename=eternalcenter-backup
cpath="/srv/www/htdocs"
sqlfile=eternalcenter/eternalcenter.sql
tarfile=eternalcenter/eternalcenter.tar.gz
newfilename=clone-eternalcenter-backup
user='Mingyu Zhu'
newpw=eternalcenter
dbuser=ec
dbuserpw=eternalcenter
db=ec
####################### Separator ########################
date=$(date +%Y-%m-%d-%H)
dir=`pwd`
sudo systemctl stop nginx
sudo systemctl stop php-fpm
mkdir -p $path/$newfilename-$date &> /dev/null
mysql -uroot -p'eternalcenter' -e "drop database $db;"
mysql -uroot -p'eternalcenter' -e "create database $db;"
mysql -uroot -e "create user \"$dbuser\"@\"localhost\" identified by \"$dbuserpw\";"
mysql -uroot -p'eternalcenter' -e "grant all privileges on $db.* to \"$dbuser\"@'localhost';"
mysql -uroot -p'eternalcenter' ec < $sqlfile
mysql -uroot -p'eternalcenter' -e "update $db.ec_users set user_pass = md5(\'$newpw\') where user_login = \'$user\';"
sudo rm -rf $cpath/*
sudo tar -zxvf $tarfile -C $cpath &> /dev/null
cd $cpath
sudo sed -i "s/define('DB_PASSWORD', .*);/define('DB_PASSWORD', \'$dbuserpw\');/" wp-config.php
mysqldump -uroot -p'eternalcenter' $db > $path/$newfilename-$date/$newfilename-$date.sql
sudo tar -zcvf $path/$newfilename-$date/$newfilename-$date.tar.gz .[!.]* * &> /dev/null
cd $dir
sudo systemctl start nginx
sudo systemctl start php-fpm
cd $dirimport subprocess
def script_space(space_server_name):
space_all_out = subprocess.check_output('ansible -m shell -a \'df\' %s | egrep -v \'Filesystem|tmpfs|CHANGED\' | grep \/ '%space_server_name, shell=True)
return space_all_outimport subprocess
def script_os_distributor(os_distributor_server):
distributor_out = subprocess.check_output('ansible -m shell -a \'lsb_release -a\' %s | grep \'Distributor ID:\' | awk -F\':\' \'{print $2}\''%os_distributor_server, shell=True)
return distributor_out
def script_os_release(os_release_server):
release_out = subprocess.check_output('ansible -m shell -a \'lsb_release -a\' %s | grep \'Release:\' | awk -F\':\' \'{print $2}\''%os_release_server, shell=True)
return release_out
def script_os_kernel(os_kernel_server):
kernel_out = subprocess.check_output('ansible -m shell -a \'uname -r\' %s | grep \-'%os_kernel_server, shell=True)
return kernel_out
def script_os_uptime(os_uptime_server):
uptime_out = subprocess.check_output('ansible -m shell -a \'uptime\' %s | grep \, | awk \'{print $3,$4}\' | awk -F\',\' \'{print $1}\''%os_uptime_server, shell=True)
return uptime_out