Mudanças entre as edições de "WordPress"
De MochilaWiki
Ir para navegaçãoIr para pesquisarLinha 23: | Linha 23: | ||
</source> | </source> | ||
− | Exemplo para Nginx | + | === Exemplo para Nginx === |
em /etc/nginx/sites-enabled/seusite.com.br.conf | em /etc/nginx/sites-enabled/seusite.com.br.conf | ||
+ | |||
+ | <source lang="nginx"> | ||
+ | server { | ||
+ | listen 80; | ||
+ | server_name seusite.com.br www.seusite.com.br; | ||
+ | root /var/www/html/seusite.com.br; | ||
+ | |||
+ | client_max_body_size 100M; | ||
+ | add_header Content-Security-Policy "default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'" always; | ||
+ | |||
+ | add_header "Referrer-Policy" "strict-origin"; | ||
+ | add_header Feature-Policy "geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;"; | ||
+ | add_header Permissions-Policy "geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()"; | ||
+ | |||
+ | add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; | ||
+ | add_header X-Content-Type-Options nosniff; | ||
+ | add_header X-XSS-Protection "1; mode=block"; | ||
+ | add_header X-Frame-Options "SAMEORIGIN"; | ||
+ | add_header Vary "Accept-Encoding"; | ||
+ | |||
+ | gzip on; | ||
+ | gzip_min_length 1100; | ||
+ | gzip_buffers 4 32k; | ||
+ | gzip_types text/plain application/javascript application/x-javascript text/javascript text/xml text/css; | ||
+ | gzip_vary on; | ||
+ | |||
+ | index index.php index.html; | ||
+ | |||
+ | location ~ ^/\.user\.ini { | ||
+ | deny all; | ||
+ | } | ||
+ | |||
+ | location / { | ||
+ | try_files $uri $uri/ /index.php?$args; | ||
+ | } | ||
+ | |||
+ | location ~* \.(?:ico|css|js|gif|jpe?g|png)$ { | ||
+ | expires max; | ||
+ | add_header Pragma public; | ||
+ | add_header Cache-Control "public, must-revalidate, proxy-revalidate"; | ||
+ | add_header Vary "Accept-Encoding"; | ||
+ | } | ||
+ | |||
+ | location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ { | ||
+ | expires 24h; | ||
+ | log_not_found off; | ||
+ | add_header Vary "Accept-Encoding"; | ||
+ | gzip on; | ||
+ | } | ||
+ | |||
+ | location ~ \.php$ { | ||
+ | fastcgi_split_path_info ^(.+\.php)(/.+)$; | ||
+ | try_files $uri =404; | ||
+ | fastcgi_pass unix:/run/php/php7.4-fpm.sock; | ||
+ | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | ||
+ | fastcgi_param WP_NGINX_CONFIG done; | ||
+ | fastcgi_index index.php; | ||
+ | include fastcgi_params; | ||
+ | } | ||
+ | } | ||
+ | </source> | ||
+ | |||
Certificado SSL | Certificado SSL | ||
Linha 33: | Linha 95: | ||
Dicas: rodar o mysql_secure_installation | Dicas: rodar o mysql_secure_installation | ||
− | |||
− | |||
== Links oficiais == | == Links oficiais == |
Edição das 22h23min de 22 de fevereiro de 2022
Instalação de WordPress em Ubuntu 20.04
Dependências do sistema + LEMP
apt update
apt upgrade
apt remove apache2
apt install locales locales-all
dpkg-reconfigure locales
dpkg-reconfigure tzdata
apt-get install php7.4-{bcmath,bz2,intl,gd,mbstring,mysql,zip,fpm,ssh2,xml,mysql}
apt install mariadb-server
apt install nginx
Instalando
wget https://br.wordpress.org/latest-pt_BR.tar.gz
tar zxvf latest-pt_BR.tar.gz
mv wordpress/ /var/www/html/seusite.com.br
chown -R www-data: /var/www/html/seusite.com.br
Exemplo para Nginx
em /etc/nginx/sites-enabled/seusite.com.br.conf
server {
listen 80;
server_name seusite.com.br www.seusite.com.br;
root /var/www/html/seusite.com.br;
client_max_body_size 100M;
add_header Content-Security-Policy "default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'" always;
add_header "Referrer-Policy" "strict-origin";
add_header Feature-Policy "geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;";
add_header Permissions-Policy "geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Frame-Options "SAMEORIGIN";
add_header Vary "Accept-Encoding";
gzip on;
gzip_min_length 1100;
gzip_buffers 4 32k;
gzip_types text/plain application/javascript application/x-javascript text/javascript text/xml text/css;
gzip_vary on;
index index.php index.html;
location ~ ^/\.user\.ini {
deny all;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
add_header Vary "Accept-Encoding";
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 24h;
log_not_found off;
add_header Vary "Accept-Encoding";
gzip on;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
try_files $uri =404;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param WP_NGINX_CONFIG done;
fastcgi_index index.php;
include fastcgi_params;
}
}
Certificado SSL
apt install certbot python3-certbot-nginx
certbot --nginx
Dicas: rodar o mysql_secure_installation