文 bitnami wp multisite for huawei enterprise cloud · pdf fileconfigure wordpress multisite...
TRANSCRIPT
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 1页, 共 34页
Bitnami WP Multisite for Huawei
Enterprise Cloud IMPORTANT: WordPress Multisite requires that you use different domains for
each site. If you are trying to log into the WordPress application using an IP
address, you may have problems with Google Chrome (known issue) or Safari
browsers. You may get an error that "Cookies are blocked or not supported
by your browser. You must enable cookies to use WordPress". Try using
Firefox or Internet Explorer instead, but it is advisable to use domain names
instead of IP addresses when connecting through a browser. Learn how to
configure WordPress Multisite domains.
Description
WordPress is one of the most popular web publishing platforms for building
blogs and websites. WP Multisite is a collection of sites that all share the
same WordPress installation. They can share plugins and themes.
First steps with the Bitnami WP Multisite
Stack
Welcome to your new Bitnami application running on Huawei Enterprise
Cloud! Here are a few questions (and answers!) you might need when first
starting with your application.
What is the administrator username set for me to log in to the
application for the first time?
Username: user
What is the administrator password?
To obtain the administrator password, click the "Remote Login" menu option
next to the server name in the Huawei Cloud Server Console. This will launch
a new browser window with an encrypted login session. The application
password will be displayed on the login welcome screen.
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 2页, 共 34页
What SSH username should I use for secure shell access to
my application?
SSH username: root
How to connect to the MySQL database?
You can connect to the MySQL database from the same computer where it is
installed with the mysql client tool.
mysql -u root -p
You will be prompted to enter the root user password. This is the same as the
application password.
Find out how to obtain application credentials.
How to debug errors in your database?
The main log file is created at /opt/bitnami/mysql/data/mysqld.log on the
MySQL database server host.
How to start or stop the services?
Each Bitnami stack includes a control script that lets you easily stop, start and
restart services. The script is located at /opt/bitnami/ctlscript.sh. Call it without
any service name arguments to start all services:
sudo /opt/bitnami/ctlscript.sh start
Or use it to restart a single service, such as Apache only, by passing the
service name as argument:
sudo /opt/bitnami/ctlscript.sh restart apache
Use this script to stop all services:
sudo /opt/bitnami/ctlscript.sh stop
Restart the services by running the script without any arguments:
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 3页, 共 34页
sudo /opt/bitnami/ctlscript.sh restart
Obtain a list of available services and operations by running the script without
any arguments:
sudo /opt/bitnami/ctlscript.sh
How to create a full backup of WP Multisite?
Backup
The Bitnami WP Multisite Stack is self-contained and the simplest option for
performing a backup is to copy or compress the Bitnami stack installation
directory. To do so in a safe manner, you will need to stop all servers, so this
method may not be appropriate if you have people accessing the application
continuously.
Follow these steps:
Change to the directory in which you wish to save your backup:
cd /your/directory
Stop all servers:
sudo /opt/bitnami/ctlscript.sh stop
Create a compressed file with the stack contents:
sudo tar -pczvf application-backup.tar.gz /opt/bitnami
Restart all servers:
sudo /opt/bitnami/ctlscript.sh start
You should now download or transfer the application-backup.tar.gz file to a
safe location.
Restore
Follow these steps:
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 4页, 共 34页
Change to the directory containing your backup:
cd /your/directory
Stop all servers:
sudo /opt/bitnami/ctlscript.sh stop
Move the current stack to a different location:
sudo mv /opt/bitnami /tmp/bitnami-backup
Uncompress the backup file to the original directoryv
sudo tar -pxzvf application-backup.tar.gz -C /
Start all servers:
sudo /opt/bitnami/ctlscript.sh start
If you want to create only a database backup, refer to these instructions for
MySQL and PostgreSQL.
How to configure outbound email settings?
You can install or enable the "WP Mail SMTP" plugin from the WordPress
administration page. Follow these steps to activate this plugin.
Log in to the WordPress administration panel.
Navigate to "Plugins" and click the "Activate" option for the "WP-Mail-
SMTP" plugin.
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 5页, 共 34页
Go to the "Settings -> Email" panel and the "SMTP Options" section to
configure the SMTP settings of your email provider. Here is an example of
configuring WordPress to use a Gmail account.
SMTP Host: smtp.gmail.com
SMTP Port: 587
Encryption: Use TLS encryption.
Authentication: Yes. Use SMTP authentication.
If you are using a different provider, remember to replace these values
with the valid data for your SMTP provider.
Send a test email to ensure that everything is working smoothly.
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 6页, 共 34页
To configure the application to use other third-party SMTP services for
outgoing email, such as SendGrid or Mandrill, refer to the FAQ.
Troubleshooting Gmail SMTP issues
If you are using Gmail as the outbound email server and you are not able to
send email correctly, Google may be blocking sign-in attempts from your apps
or devices. Depending on whether or not you use Google Apps, the steps to
correct this will differ.
For Google Apps users
If you are a Google Apps user, you will need your administrator to allow users
to change the policy for less secure apps. If you are a Google Apps
administrator, follow these steps:
Browse to the Google Apps administration panel.
Click on "Security" and then "Basic settings".
Look for the section "Less secure apps" and then click on "Go to settings
for less secure apps".
Select "Allow users to manage their access to less secure apps".
For other Google users
If you do not use Google Apps, follow the steps in the following sections,
depending on whether 2-step verification has been enabled on the account or
not.
If 2-step verification has not been enabled on the account, follow these steps:
Browse to the "Less secure apps" page and log in using the account you are
having problems with. This option is typically required by many popular
email clients, such as Outlook and Thunderbird, and should not be
considered unsafe.
Select the "Turn on" option.
If 2-step verification has been enabled on the account, you have to generate
an app password. Follow these steps:
Browse to the "App passwords" page.
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 7页, 共 34页
Click "Select app" and choose the app you're using.
Click "Select device" and choose the device you're using.
Click the "Generate" button.
Enter the app password on your device.
Click the "Done" button.
Here are other options you may try:
Browse to the web version of Gmail and sign in to your account. Once you're
signed in, try to enable access for the application again.
Browse to the "Unlock Captcha" function page and sign in with your Gmail
username and password.
Disable IMAP from the Gmail web server interface and enable it again.
How to upload files to the server with SFTP?
Although you can use any SFTP/SCP client to transfer files to your server, the
link below explains how to configure FileZilla (Windows, Linux and Mac OS
X), WinSCP (Windows) and Cyberduck (Mac OS X). It is required to use your
server's private SSH key to configure the SFTP client properly. Choose your
preferred application and follow the steps in the link below to connect to the
server through SFTP.
How to upload files to the server
How to enable HTTPS support with SSL
certificates?
NOTE: The steps below assume that you are using a custom domain name
and that you have already configured the custom domain name to point to
your cloud server.
Bitnami images come with SSL support already pre-configured and with a
dummy certificate in place. Although this dummy certificate is fine for testing
and development purposes, you will usually want to use a valid SSL certificate
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 8页, 共 34页
for production use. You can either generate this on your own (explained here)
or you can purchase one from a commercial certificate authority.
Once you obtain the certificate and certificate key files, you will need to
update your server to use them. Follow these steps to activate SSL support:
Use the table below to identify the correct locations for your certificate and
configuration files.
Variable Value
Current
application URL https://[custom-domain]/
Example: https://my-domain.com/ or https://my-
domain.com/appname
Apache
configuration file /opt/bitnami/apache2/conf/bitnami/bitnami.conf
Certificate file /opt/bitnami/apache2/conf/server.crt
Certificate key file /opt/bitnami/apache2/conf/server.key
CA certificate
bundle file (if
present)
/opt/bitnami/apache2/conf/server-ca.crt
Copy your SSL certificate and certificate key file to the specified locations.
NOTE: If you use different names for your certificate and key files, you should
reconfigure the SSLCertificateFile and SSLCertificateKeyFile directives in the
corresponding Apache configuration file to reflect the correct file names.
If your certificate authority has also provided you with a PEM-encoded
Certificate Authority (CA) bundle, you must copy it to the correct location in
the previous table. Then, modify the Apache configuration file to include
the following line below the SSLCertificateKeyFile directive. Choose the
correct directive based on your scenario and Apache version:
Variable Value
Apache
configuration file /opt/bitnami/apache2/conf/bitnami/bitnami.conf
Directive to include
(Apache v2.4.8+)
SSLCACertificateFile
"/opt/bitnami/apache2/conf/server-ca.crt"
Directive to include
(Apache < v2.4.8)
SSLCertificateChainFile
"/opt/bitnami/apache2/conf/server-ca.crt"
NOTE: If you use a different name for your CA certificate bundle, you should
reconfigure the SSLCertificateChainFile or SSLCACertificateFile directives in
the corresponding Apache configuration file to reflect the correct file name.
Once you have copied all the server certificate files, you may make them
readable by the root user only with the following commands:
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 9页, 共 34页
sudo chown root:root /opt/bitnami/apache2/conf/server*
sudo chmod 600 /opt/bitnami/apache2/conf/server*
Open port 443 in the server firewall. Refer to the FAQ for more information.
Restart the Apache server.
You should now be able to access your application using an HTTPS URL.
How to create an SSL certificate?
You can create your own SSL certificate with the OpenSSL binary. A
certificate request can then be sent to a certificate authority (CA) to get it
signed into a certificate, or if you have your own certificate authority, you may
sign it yourself, or you can use a self-signed certificate (because you just want
a test certificate or because you are setting up your own CA).
Create your private key (if you haven't created it already):
sudo openssl genrsa -out /opt/bitnami/apache2/conf/server.key 2048
Create a certificate:
sudo openssl req -new -key /opt/bitnami/apache2/conf/server.key -out
/opt/bitnami/apache2/conf/cert.csr
IMPORTANT: Enter the server domain name when the above
command asks for the "Common Name".
Send cert.csr to the certificate authority. When the certificate authority
completes their checks (and probably received payment from you), they
will hand over your new certificate to you.
Until the certificate is received, create a temporary self-signed certificate:
sudo openssl x509 -in /opt/bitnami/apache2/conf/cert.csr -out /opt/b
itnami/apache2/conf/server.crt -req -signkey /opt/bitnami/apache2/co
nf/server.key -days 365
Back up your private key in a safe location after generating a password-
protected version as follows:
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 10页, 共 34页
sudo openssl rsa -des3 -in /opt/bitnami/apache2/conf/server.key -out
privkey.pem
Note that if you use this encrypted key in the Apache configuration file,
it will be necessary to enter the password manually every time Apache
starts. Regenerate the key without password protection from this file as
follows:
sudo openssl rsa -in privkey.pem -out /opt/bitnami/apache2/conf/s
erver.key
Find more information about certificates at http://www.openssl.org.
How to force HTTPS redirection?
Add the following to the top of the
/opt/bitnami/apps/wordpressmultisite/conf/httpd-prefix.conf file:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
After modifying the Apache configuration files, restart Apache to apply the
changes.
How to debug Apache errors?
Once Apache starts, it will create two log files at
/opt/bitnami/apache2/logs/access_log and /opt/bitnami/apache2/logs/error_log
respectively.
The access_log file is used to track client requests. When a client requests
a document from the server, Apache records several parameters
associated with the request in this file, such as: the IP address of the
client, the document requested, the HTTP status code, and the current
time.
The error_log file is used to record important events. This file includes
error messages, startup messages, and any other significant events in the
life cycle of the server. This is the first place to look when you run into a
problem when using Apache.
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 11页, 共 34页
If no error is found, you will see a message similar to:
Syntax OK
How to modify PHP settings?
The PHP configuration file allows you to configure the modules enabled, the
email settings or the size of the upload files. It is located at
/opt/bitnami/php/etc/php.ini.
After modifying the PHP configuration file, restart both Apache and PHP-FPM
for the changes to take effect:
sudo /opt/bitnami/ctlscript.sh restart apache
sudo /opt/bitnami/ctlscript.sh restart php-fpm
For example, to modify the default upload limit for PHP, update the PHP
configuration file following these instructions.
How to modify the allowed limit for uploaded
files?
Modify the following options in the /opt/bitnami/php/etc/php.ini file to increase
the allowed size for uploads:
; Maximum size of POST data that PHP will accept.
post_max_size = 16M
; Maximum allowed size for uploaded files.
upload_max_filesize = 16M
Restart PHP-FPM and Apache for the changes to take effect.
sudo /opt/bitnami/ctlscript.sh restart apache
sudo /opt/bitnami/ctlscript.sh restart php-fpm
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 12页, 共 34页
How to access phpMyAdmin?
For security reasons, phpMyAdmin is accessible only when using 127.0.0.1
as the hostname. To access it from a remote system, you must create an
SSH tunnel that routes requests to the Apache Web server from 127.0.0.1.
This implies that you must be able to connect to your server over SSH in
order to access these applications remotely.
IMPORTANT: Before following the steps below, ensure that your Apache and
MySQL servers are running.
NOTE: The steps below suggest using port 8888 for the SSH tunnel. If this
port is already in use by another application on your local machine, replace it
with any other port number greater than 1024 and modify the steps below
accordingly. Similarly, if you have enabled Varnish, your stack's Apache Web
server might be running on port 81. In this case, modify the steps below to
use port 81 instead of port 80 for the tunnel endpoint.
Windows
To access the application using your Web browser, create an SSH tunnel, as
described below.
Download PuTTY and make sure you can log in to the server console with
it following the instructions in the FAQ. Once you have confirmed you are
able to log in successfully, log back out.
Reconnect to the server using PuTTY, this time adapting the steps to
include an additional SSH tunnel. When configuring the new SSH session
in PuTTY, additionally navigate to the "Connection -> SSH -> Tunnels"
section and create a secure tunnel by forwarding port 80 on the server to
port 8888 on the local host (127.0.0.1 or localhost).
Click the "Add" button to add the secure tunnel configuration to the
session. Here is an example:
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 13页, 共 34页
Go back to the "Session" section and save your changes by clicking the
"Save" button.
Click the "Open" button to open an SSH session to the server. The SSH
session will now include a secure SSH tunnel between the two specified
ports.
While the tunnel is active, you should be able to access the phpMyAdmin
console through the secure SSH tunnel you created, by browsing to
http://127.0.0.1:8888/phpmyadmin.
To log in, use username root for MySQL and the application password from
the detail page for your cloud server.
If you are unable to access phpMyAdmin, verify that the SSH tunnel was
created by checking the PuTTY event log (accessible via the "Event Log"
menu):
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 14页, 共 34页
Linux and Mac OS X
To access the application using your Web browser, create an SSH tunnel, as
described below.
Open a new terminal window on your local system (for example, using
"Finder -> Applications -> Utilities -> Terminal" in Mac OS X or the Dash in
Ubuntu).
Make sure you can log in to the server console following the instructions in
the FAQ. Once you have confirmed you are able to log in successfully, log
back out.
Run the following command to configure the SSH tunnel. Remember to
replace SERVER-IP with the public IP address or hostname of your
server. Enter your SSH password when prompted.
ssh -N -L 8888:127.0.0.1:80 bitnami@SERVER-IP
If you are using a private key to connect to the server, use the following
command instead, remembering to replace KEYFILE with the path to
your private key and SERVER-IP with the public IP address or
hostname of your server:
ssh -N -L 8888:127.0.0.1:80 -i KEYFILE bitnami@SERVER-IP
NOTE: If successful, the above commands will create an SSH tunnel
but will not display any output on the server console.
While the tunnel is active, you should be able to access the phpMyAdmin
console through the secure SSH tunnel you created, by browsing to
http://127.0.0.1:8888/phpmyadmin.
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 15页, 共 34页
To log in, use username root for MySQL and the application password from
the detail page for your cloud server.
How to add more than one user to the
Apache authentication file?
Follow these steps:
Create a group file. This group file associates a group name with a list of
persons in that group and has the following syntax.
GroupName: bitnami user admin user2
Add the user(s) to your password file:
htpasswd /path/to/your/password/file user2
Modify the Apache configuration as below:
AuthType Basic
AuthName "By Invitation Only"
# Optional line:
AuthBasicProvider file
AuthUserFile /path/to/your/password/file
AuthGroupFile /path/to/your/groups/file
Require group GroupName
Restart the Apache server.
How to configure WordPress Multisite?
Common usage scenarios
SCENARIO 1: You want multiple websites/blogs at subdomains of your
primary domain eg. your primary domain is our-planets.com and you have
separate websites/blogs at mercury.our-planets.com, mars.our-
planets.com and earth.our-planets.com.
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 16页, 共 34页
SCENARIO 2: You want multiple websites/blogs at different domains eg. a
website at our-planets.com and another at space-is-awesome.com.
SCENARIO 3: You want a combination of the two previous scenarios eg. a
primary domain at our-planets.com with separate blogs for Earth and Mars
at earth.our-planets.com and mars.our-planets.com, another blog at
space-is-awesome.com, and yet another blog at photos.space-is-
awesome.com.
The following sections will guide you through configuring WordPress Multisite
to handle these different scenarios.
How to configure the domain for the WordPress Multisite main
blog?
NOTE: This is a mandatory step regardless of how you plan to use
WordPress Multisite.
This section assumes that:
You have a working WordPress Multisite installation.
Your server has a static IP address.
You are able to log in to your server console using a tool like PuTTY
(Windows) or SSH (Linux and Mac OS X).
You own at least one custom domain name for which you can configure
DNS settings.
The first step is to define the primary domain for your WordPress Multisite
instance. To do this, follow the steps below:
Log in to your server console.
Change to the /opt/bitnami/apps/wordpress directory.
Execute the following command to update the domain name. In this
example, let's assume the primary domain is our-planets.com.
sudo ./bnconfig --machine_hostname our-planets.com
The bnconfig tool runs automatically every time the server starts to reset
the machine hostname to its IP address. Obviously this is undesirable
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 17页, 共 34页
when using a custom domain name, so you must also execute the
following command to disable the bnconfig tool for subsequent restarts.
sudo mv bnconfig bnconfig.disabled
Update your domain's DNS settings, specifically adding an A record that
points your domain to the static IP address of your cloud server. If you're in
a hurry, or just testing things out, you can instead modify your local hosts
file to map your domain to your server's IP address. For more information
on both these options, refer to the section on testing your installation.
Following these changes, entering your custom domain name into the
browser address bar should take you to the WordPress Multisite default blog,
as shown below:
You should also be able to log in to the WordPress dashboard by visiting
http://SERVER-IP/wp-login.php.
Troubleshooting
If you have problems with redirection when you log in to the WordPress
dashboard, check that the domain was successfully updated in these
database tables:
wp_options table: siteurl and home options
wp_blogs table: domain option
An easy way to check these database tables is with phpMyAdmin.
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 18页, 共 34页
Then, clear your browser cache and try to log in again to the application.
Remember that if you are using an IP address instead of a domain name, you
will have problems with some browsers; it is advisable to use the custom
domain name only.
You can now choose from the following sections based on your requirements.
How to add several WordPress Multisite blogs with
subdomains?
This section assumes that:
You have a working WordPress Multisite installation.
Your server has a static IP address.
You are able to log in to your server console using a tool like PuTTY
(Windows) or SSH (Linux and Mac OS X).
You own at least one custom domain name for which you can configure
DNS settings.
You have defined your primary domain and blog as described in the
previous section and you are able to log in to the WordPress Multisite
dashboard.
WordPress Multisite is designed for subdomains, so it's easy to add a
separate blog for each subdomain of your primary domain (Scenario 1). In this
example, let's assume we're adding two blogs: earth.our-planet.com and
mars.our-planet.com.
Follow these steps to associate a new blog with a subdomain:
In the WordPress Multisite dashboard, select the "My Sites -> Network
Admin -> Sites" option.
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 19页, 共 34页
Select "Add New" to add a new blog.
Enter the subdomain name (the primary domain will already be filled in),
together with a site title and administrator email address.
Click "Add Site" to create the new blog or website.
Repeat the above steps for all the subdomains and blogs you wish to create.
Once you're done, you can see a list by selecting the "My Sites -> Network
Admin -> Sites" option.
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 20页, 共 34页
At this point, you also need to update your domain's DNS settings, specifically
adding A records for your subdomains that point to the static IP address of
your cloud server. If you're in a hurry, or just testing things out, you can
instead modify your local hosts file to map each subdomains to your server's
IP address. For more information on both these options, refer to the section
on testing your installation.
Following these changes, entering the subdomain name into the browser
address bar should take you to the blog for that subdomain, as shown below:
How to add several WordPress Multisite blogs with different
domains?
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 21页, 共 34页
This section assumes that:
You have a working WordPress Multisite installation
Your server has a static IP address
You are able to log in to your server console using a tool like PuTTY
(Windows) or SSH (Linux and Mac OS X)
You own at least one custom domain name for which you can configure
DNS settings
You have defined your primary domain and blog as described in the
previous section and you are able to log in to the WordPress Multisite
dashboard.
The WordPress MU Domain Mapping plugin allows users of a WordPress
Multisite installation to map their blogs or websites to other domains or
subdomains (Scenarios 2 and 3). This plugin is already installed in your
Bitnami WordPress Multisite stack since v3.5.1-1. If you're using an older
version, you must manually install the plugin using the plugin installation guide.
First, you must activate and configure the WordPress MU Domain Mapping
plugin as follows:
In the WordPress Multisite dashboard, select the "My Sites -> Network
Admin -> Plugins" option.
Find the plugin named "WordPress MU Domain Mapping" and select
"Network Activate" to activate it.
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 22页, 共 34页
In the same dashboard, select the "Settings -> Domain Mapping" option.
Enable the "Permanent redirect" option. This makes your blogs redirect to
their mapped domains.
In this example, let's assume we're adding a blog for the domain space-is-
awesome.com. Create and associate a new blog for the domain as follows:
In the WordPress Multisite dashboard, select the "My Sites -> Network
Admin -> Sites" option.
Select "Add New" to add a new blog.
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 23页, 共 34页
Enter the new domain name (ignore the primary domain which will appear
as a suffix), together with a site title and administrator email address.
Click "Add Site" to create the new blog.
Select the "My Sites -> Network Admin -> Sites" option and you should
see the new blog in the list.
Hover over the new blog's name in the list, you will see that the URL for
the blog includes a numeric site ID. Make a note of the site ID, as you will
need it in the next step.
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 24页, 共 34页
NOTE: You can also obtain the numeric site ID from the wp_blogs table in the
database. An easy way to check this database table is with phpMyAdmin.
In the WordPress Multisite dashboard, select the "Settings -> Domains"
option.
Associate the new blog with the domain by entering the new blog's site ID
together with the domain name in the fields provided.
Save the association by clicking "Save".
Repeat these steps for each domain or subdomain you wish to associate with
a separate blog. Once you're done, select the "My Sites -> Network Admin ->
Sites" option and verify the domain mapping for each blog.
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 25页, 共 34页
At this point, you also need to update each domain or subdomain's DNS
settings, specifically adding A records that point them to the static IP address
of your cloud server. If you're in a hurry, or just testing things out, you can
instead modify your local hosts file to map each domain or subdomain to your
server's IP address. For more information on both these options, refer to the
section on testing your installation.
Following these changes, entering the domain name into the browser address
bar should take you to the associated blog, as shown below:
You might find that although you're now able to access the new blog using the
domain or subdomain name, you're not able to access the blog's dashboard.
Typically, this is because WordPress still considers the new site to be a
subdomain of the primary domain and tries to access it using a invalid URL
(following the above example, space-is-awesome.our-planets.com). To
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 26页, 共 34页
resolve this, you can either update the DNS records for your primary domain
and add an A record for this subdomain, or you can edit the entry for the site
in the "My Sites -> Network Admin -> Sites" list and modify the domain URL,
as shown below:
How to test WordPress Multisite?
Testing with DNS
As a general rule, every domain or subdomain that you use in WordPress
Multisite should have a DNS entry pointing to your server. This requires a
change to each domain's DNS settings, specifically the addition of an A record
that points the domain to the static IP address of your server.
This change can only be accomplished through your domain name provider; it
cannot be made through Bitnami's hosting dashboard or through local
commands on your server. You will therefore need to log in to your domain
name provider's management console and make the necessary changes.
Step-by-step instructions for some popular providers are listed below:
EasyDNS
DNS Made Easy
GoDaddy
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 27页, 共 34页
Namecheap
Remember that once you make the necessary changes, it can take up to 48
hours for the change to propagate across other DNS servers. You can verify
the new DNS record by using the Global DNS Propagation Checker and entering
your domain name into the search field.
Testing with the hosts File
Given that DNS propagation takes some time, you can use a shortcut to test
that your WordPress Multisite installation is working correctly. The shortcut
involves manually adding entries for your domain(s) and subdomain(s) in your
local system's hosts file, which is always checked before a query is sent to a
DNS server.
To do this, open the hosts file in a text editor and add a line like the one below
to it.
54.224.97.204 our-planets.com
Remember to update the IP address on the left to reflect the IP address of
your server, and the domain name on the right to reflect the domain or
subdomain you wish to test. If you have multiple domains to test, add a
separate line for each domain.
Once done, save the file. This takes care of mapping the our-planets.com
domain name to the IP address 54.224.97.204.
If you now open your browser and type in the URL to your domain, such as
http://our-planets.com, it should redirect to your server.
How to disable the WordPress Multisite cron
script?
The wp-cron.php script will run once a user visits your site. If you get a lot of
traffic, this could be a problem. This cron task is really necessary when you
make updates in the blog. You can move this cron script to a system cron task
to help lower resource usage on the server.
Disable the wp-cron.php script in the /opt/bitnami/apps/wordpress/htdocs/wp-
config.php file. The location is important - add the line below just before the
database settings:
define('DISABLE_WP_CRON', true);
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 28页, 共 34页
Then, add the cron task to the system. There are two options:
Create a cron task for each WordPress site and set a different execution
interval for each. For example, the cron tasks shown below will run every
15 minutes and 30 minutes respectively. This is fine if there aren't a large
number of sites.
sudo crontab -u daemon -e
*/15 * * * * wget -q -O - "http://our-planets.com/wp-cron.php?t=`da
te +\%s`" > /dev/null 2>&1
*/30 * * * * wget -q -O - "http://earth.com/wp-cron.php?t=`date +\%
s`" > /dev/null 2>&1
Create a unique cron task for all the domains and share the execution
interval. This option is better if you have a large number of WordPress
sites and all of them share the same tasks.
Create the following script at /opt/bitnami/apps/wordpress/wp-cron-
multisite.php:
<?php
require('/opt/bitnami/apps/wordpress/htdocs/wp-load.php');
global $wpdb;
$sql = $wpdb->prepare("SELECT domain, path FROM $wpdb->blogs WHERE
archived='0' AND deleted ='0' LIMIT 0,300", '');
$blogs = $wpdb->get_results($sql);
foreach($blogs as $blog) {
$command = "http://" . $blog->domain . ($blog->path ? $blog->p
ath : '/') . 'wp-cron.php';
$ch = curl_init($command);
$rc = curl_setopt($ch, CURLOPT_RETURNTRANSFER, FALSE);
$rc = curl_exec($ch);
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 29页, 共 34页
curl_close($ch);
}
?>
Set the correct permissions:
cd /opt/bitnami/apps/wordpress/htdocs/
sudo chown bitnami:daemon wp-cron-multisite.php
Add the task to the system crontab. For example, this cron task will
run the script for each domain every hour. Add it using the following
command:
sudo crontab -u daemon -e
0 * * * * wget -q -O - "http://our-planets.com/wp-cron-multi
site.php?t=`date +\%s`" > /dev/null 2>&1
For more information, refer to this blog post.
How to install the WP Encrypt plugin for
Let's Encrypt certificate generation?
NOTE: The steps below assume that you have already registered a domain
name and set a DNS record pointing that domain name to the public IP
address of your WordPress server.
Install the WP Encrypt plugin as follows:
Log in to your server console.
Create a directory for the Let's Encrypt data:
sudo mkdir -p /opt/bitnami/apps/wordpress/letsencrypt/live
sudo chown -R bitnami:daemon /opt/bitnami/apps/wordpress/letsencrypt
sudo find /opt/bitnami/apps/wordpress/letsencrypt -type d -exec chmo
d 0775 {} \;
sudo find /opt/bitnami/apps/wordpress/letsencrypt -type f -exec chmo
d 0664 {} \;
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 30页, 共 34页
Edit the /opt/bitnami/apps/wordpress/wp-config.php file and add the line
below to the end of the file. Save the changes.
define('WP_ENCRYPT_SSL_CERTIFICATES_DIR_PATH', '/opt/bitnami/apps/w
ordpress/letsencrypt/live');
Log in to your WordPress dashboard.
Select the "Plugins -> Add New" option.
Type "wp encrypt" in the search box.
Install the "WP Encrypt" plugin by clicking the "Install Now" button.
Once installed, click the "Activate" button to activate the plugin.
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 31页, 共 34页
On the "Settings -> WP Encrypt -> Account Settings" page, enter the
organization name, country name and country code. These values are
required to generate a certificate. Click "Save Changes" to save the
settings.
Click the "Register Account" button to register an account with Let's
Encrypt.
Once the account has been successfully registered, click the "Generate
Certificate" button to generate the actual certificate.
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 32页, 共 34页
How to manage roles and permissions for
different blogs?
By default, all users will have subscriber access to all sites on your network.
You can add new users and also assign different roles for each site in the
WordPress Multisite dashboard. If you use the "Multisite User Management"
plugin, you can set the default role for each site and this plugin applies it.
Administrators cannot install new themes or plugins in their assigned blogs.
Only the "Network Admin" role or "Super Admin" role will be able to install and
activate them, either per-site or for the entire network.
Is WordPress Multisite right for you?
If you plan to have more than one WordPress-powered website or blog, there
are different ways to accomplish this. One option is to install multiple
independent WordPress instances on the same server. Another option is to
install WordPress Multisite, which lets you create and manage multiple
WordPress blogs/websites from a single WordPress instance.
WordPress Multisite might be a good option for you if you have multiple
websites or blogs focused on the same industry or topic - for example, a
network of food or travel blogs. In this scenario, WordPress Multisite lets
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 33页, 共 34页
you manage multiple websites from a common dashboard, and you have
the added advantage of being able to share themes and plugins between
your WordPress Multisite sites.
If, on the other hand, you have multiple websites or blogs, each with a
different focus area, it would be better to use a separate WordPress
instance for each website. This means, for example, that you would run
one WordPress instance for your personal blog, another for your company
website and a third for your family's photoblog. This would maximize your
flexibility and allow you to configure each WordPress website or blog
differently, with independent themes, plugins and settings.
How to configure blogs with different
domains with different SSL certificates?
This section assumes:
You have a working WordPress Multisite installation
Your server has a static IP address
You are able to log in to your server console using a tool like PuTTY
(Windows) or SSH (Linux and Mac OS X)
You own at least one custom domain name for which you can configure
DNS settings
You have defined your primary domain and blog as described here and you
are able to log in to the WordPress Multisite dashboard.
You have added one or more WordPress Multisite blogs with different
domains as described here .
In order to set different SSL certificates for each new domain, configure each
domain as a virtual host. Edit the /opt/bitnami/apps/wordpress/conf/httpd-
vhosts.conf file and add a new virtual host for each new domain. The following
code could be taken as an example:
<VirtualHost *:80>
ServerName yourserverdomain.com
ServerAlias *.yourserverdomain.com
文档名称 文档密级
2017-4-12 华为保密信息,未经授权禁止扩散 第 34页, 共 34页
DocumentRoot "/opt/bitnami/apps/wordpress/htdocs"
Include "/opt/bitnami/apps/wordpress/conf/httpd-app.conf"
</VirtualHost>
<VirtualHost *:443>
ServerName yourserverdomain.com
ServerAlias *.yourserverdomain.com
DocumentRoot "/opt/bitnami/apps/wordpress/htdocs"
SSLEngine on
SSLCertificateFile "/opt/bitnami/apps/wordpress/conf/certs/new_serv
er.crt"
SSLCertificateKeyFile "/opt/bitnami/apps/wordpress/conf/certs/new_s
erver.key"
Include "/opt/bitnami/apps/wordpress/conf/httpd-app.conf"
</VirtualHost>
Remember to change the ServerName and ServerAlias directives to the
correct values.
To specify a different SSL certificate for each domain, update the paths to the
corresponding certificate files in the SSLCertificateFile *and
*SSLCertificateKeyFile directives.
Related guides
Combine Multiple Independent WordPress Websites/Blogs into a Single
WordPress Multisite Instance
Separate a Single WordPress Multisite Instance into Multiple Independent
WordPress Websites/Blogs