WordPress6.7.2 新版搭建教程
- 运维
- 2025-04-06
- 475热度
- 1评论
-
环境要求
php8+ mysql5.7+ -
目录结构
- 示例版本:6.7.2
wordpress ├── config │ ├── nginx │ │ ├── nginx.conf │ │ └── vhost │ │ └── blog.hukanfa.com.conf │ ├── php │ │ ├── php-fpm.conf │ │ ├── php.ini │ │ └── www.conf │ └── scripts │ └── starserver.sh ├── docker-compose.yaml ├── Dockerfile ├── html # wordpress压缩包原始内容 └── package ├── nginx-1.24.0.tar.gz └── wordpress-6.7.2-zh_CN.tar.gz- 以上目录模板下载地址
# 百度网盘链接 https://pan.baidu.com/s/1Yq5zOo7N538QSyJoWve40g?pwd=9k4g --来自百度网盘超级会员v8的分享 # 附wordpress下载地址 <blockquote class="wp-embedded-content" data-secret="6iMiHe0W3I"><a href="https://cn.wordpress.org/download/releases/">发行版本归档</a></blockquote><iframe class="wp-embedded-content" sandbox="allow-scripts" security="restricted" style="position: absolute; visibility: hidden;" title="《 发行版本归档 》—China 简体中文" src="https://cn.wordpress.org/download/releases/embed/#?secret=d164NxUCwt#?secret=6iMiHe0W3I" data-secret="6iMiHe0W3I" width="500" height="282" frameborder="0" marginwidth="0" marginheight="0" scrolling="no"></iframe>
33.1 前置准备
33.1.1 资源包及用户
-
操作如下
- 下载安装包
mkdir package # 截止202504最新版本 wget https://cn.wordpress.org/wordpress-6.7.2-zh_CN.tar.gz -P package # 解压到上级目录 tar -zxvf package/wordpress-6.7.2-zh_CN.tar.gz -C ./ mv wordpress html # nginx wget http://nginx.org/download/nginx-1.24.0.tar.gz -P package- 创建用户并指定用户ID
useradd -u 1001 www # 查看用户ID id www
33.1.2 Php 相关配置
-
操作如下
config/php/php-fpm.conf
; ============================================ ; 全局配置 ; ============================================ [global] ; 进程管理 pid = /var/run/php-fpm/php-fpm.pid error_log = /var/www/logs/fpm_error.log log_level = warning ; 生产环境建议warning级别 emergency_restart_threshold = 10 emergency_restart_interval = 1m process_control_timeout = 10s ; 系统资源限制 rlimit_files = 65535 ; 文件描述符限制(适应高并发) rlimit_core = 0 ; 禁用core dump(安全) ; 进程转储(调试用,生产环境可关闭) ; process.dumpable = no ; ============================================ ; 进程池配置 (www) ; ============================================ [www] ; 用户和组 user = www group = www listen.owner = www listen.group = www ; 监听方式(Unix Socket性能优于TCP listen = 9000 ;listen = /var/run/php-fpm/php-fpm.sock listen.mode = 0660 listen.backlog = 65535 ; 等待队列长度(预防突发流量) ; 进程管理策略 pm = dynamic pm.max_children = 10 ; 计算公式: (可用内存 - 系统预留) / 单进程内存 pm.start_servers = 4 ; 启动时进程数 = (max_spare + min_spare)/2 pm.min_spare_servers = 4 pm.max_spare_servers = 8 pm.process_idle_timeout = 120s pm.max_requests = 500 ; 防止内存泄漏 ; 资源控制 request_terminate_timeout = 120s ; 长请求超时时间 request_slowlog_timeout = 60s ; 慢日志阈值 slowlog = /var/www/logs/fpm_slow.log ; 输出缓冲 catch_workers_output = yes ; 捕获worker输出 php_flag[display_errors] = off ; 生产环境关闭错误显示 php_admin_value[error_log] = /var/www/logs/php_error.log php_admin_value[log_errors] = on ; 安全限制 security.limit_extensions = .php ; 仅允许执行php文件 php_admin_value[open_basedir] = "/var/www/html:/tmp" ; 目录访问限制 ; ============================================ ; 性能调优参数 ; ============================================ ; OPcache 加速 ; 会话配置 php_admin_value[session.save_handler] = files php_admin_value[session.save_path] = "/var/lib/php/session" php_admin_value[session.gc_maxlifetime] = 1440 ; 文件上传 php_admin_value[upload_max_filesize] = 64M php_admin_value[post_max_size] = 65Mconfig/php/php.ini
; =========================================== ; PHP 核心生产配置 ; =========================================== [PHP] ; 安全与基础性能 expose_php = Off ; 隐藏PHP版本信息(安全要求) disable_functions = exec,passthru,shell_exec,system,proc_open,popen ; 禁用危险函数 memory_limit = 256M ; WordPress建议≥128M,大型站点可设为512M max_execution_time = 120 ; 后台操作/导入需更长时间(默认30秒) max_input_time = 90 ; 请求解析最大时间(秒) max_input_vars = 3000 ; 避免复杂表单(如菜单设置)提交失败 ; 文件上传配置 upload_max_filesize = 64M ; 媒体上传限制(需≥实际需求) post_max_size = 65M ; 必须略大于upload_max_filesize file_uploads = On ; 确保文件上传功能开启 ; 错误处理 display_errors = Off ; 生产环境禁止显示错误 log_errors = On ; 启用错误日志 error_log = /var/www/logs/php_error.log ; 集中记录错误 log_errors = On error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED ; 忽略提示和弃用警告 ; 会话配置 session.gc_maxlifetime = 1440 ; 会话有效期(秒) session.cookie_secure = 1 ; 仅HTTPS传输Cookie(需SSL) session.cookie_httponly = 1 ; 防止JS访问Cookie ; =========================================== ; OPcache 加速配置 ; =========================================== [opcache] opcache.enable = 1 ; 必须启用加速 opcache.memory_consumption = 256 ; 分配内存(MB),建议128-256 opcache.interned_strings_buffer = 16 ; 字符串缓存大小(减少内存碎片) opcache.max_accelerated_files = 20000 ; 缓存文件数(WordPress核心+插件约2000+) opcache.fast_shutdown = 1 ; 快速关闭机制 opcache.enable_cli = 0 ; CLI模式禁用缓存 opcache.save_comments = 0 ; 不保存注释(节省内存) opcache.validate_timestamps = 0 ; 生产环境禁用自动检查(需手动清除缓存) ; =========================================== ; 文件系统与路径优化 ; =========================================== [Session] session.save_path = "/var/lib/php/session" ; 会话文件存储路径 [Realpath] realpath_cache_size = 4096K ; 文件路径缓存(默认16K,WordPress需增大) realpath_cache_ttl = 600 ; 缓存有效期(秒)config/php/www.conf
; =========================================== ; PHP-FPM 进程池配置 (生产环境) ; =========================================== [global] error_log = /var/www/logs/fpm_error.log log_level = warning [www] ; 基础配置 user = www ; 专用低权限用户 group = www listen = 9000 ;listen = /var/run/php-fpm/php-fpm.sock ; Unix Socket性能优于TCP listen.owner = www ; Socket文件所有者 listen.group = www listen.mode = 0660 ; Socket权限设置 listen.backlog = 65536 ; 等待队列长度(预防突发流量) ; 进程管理(动态模式) pm = dynamic ; 适应流量波动 pm.max_children = 10 ; 最大子进程数(根据内存计算) pm.start_servers = 4 ; 启动时进程数 = (max_spare + min_spare)/2 pm.min_spare_servers = 4 ; 空闲时最小进程数 pm.max_spare_servers = 8 ; 空闲时最大进程数 pm.process_idle_timeout = 120s ; 空闲进程超时回收 pm.max_requests = 500 ; 每个进程处理请求后重启(防内存泄漏) ; 资源控制 request_terminate_timeout = 120s ; 单请求超时时间 rlimit_files = 65536 ; 文件描述符限制(高并发需要) rlimit_core = 0 ; 禁用core dump(安全) ; 慢日志记录 access.log = /var/www/logs/fpm_access.log slowlog = /var/www/logs/fpm_slow.log request_slowlog_timeout = 60s ; 记录超过15秒的请求 catch_workers_output = yes ; 环境变量 env[HOSTNAME] = $HOSTNAME env[PATH] = /usr/local/bin:/usr/bin:/bin env[TMP] = /tmp env[TMPDIR] = /tmp env[TEMP] = /tmp ; 安全限制 security.limit_extensions = .php ; 仅允许执行.php文件 php_admin_value[doc_root] = /var/www/html ; 限制文件访问范围 php_admin_value[open_basedir] = "/var/www/html:/tmp" ; 目录访问限制
33.1.3 Nginx相关配置
-
操作如下
config/nginx/nginx.conf
user www; worker_processes auto; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /dev/stdout main; error_log /dev/stderr warn; sendfile on; tcp_nopush on; keepalive_timeout 65; # 隐藏 Nginx 版本号 server_tokens off; # Gzip压缩配置 gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_comp_level 2; gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; gzip_vary on; gzip_disable "MSIE [1-6]."; # 会话保持相关配置 proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; server { listen 80; server_name localhost; location / { root html; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } include vhost/*.conf; }config/nginx/vhost/blog.hukanfa.com
server { listen 80; server_name blog.hukanfa.com; location / { root /var/www/html; index index.php; } location /.well-known/acme-challenge/ { alias /var/www/challenges/; try_files $uri = 404; } location ~ .*.php?$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /var/www/html/$fastcgi_script_name; include fastcgi_params; } location ~* .(css|js|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ { root /var/www/html; expires 7d; access_log off; add_header Cache-Control "public"; try_files $uri =404; } }
31.1.4 启动脚本
-
操作如下
config/scripts/startserver.sh
#!/bin/bash # 1. 输出版本信息 echo "========================================" echo "• PHP-FPM 版本: $(php-fpm -v | head -n 1)" echo "• Nginx 版本: $(/usr/local/nginx/sbin/nginx -v 2>&1)" echo "========================================" echo "" # 2. 启动 PHP-FPM(后台模式) echo "正在启动 PHP-FPM..." /usr/sbin/php-fpm -D if [ $? -ne 0 ]; then echo "【错误】PHP-FPM 启动失败!" >&2 exit 1 else echo "✓ PHP-FPM 启动成功" fi # 3. 启动 Nginx(前台模式,日志直接输出到控制台) echo "正在启动 Nginx(日志输出到控制台)..." exec /usr/local/nginx/sbin/nginx -g "daemon off;"注意:启动脚本中,会将nginx访问日志输出到容器控制台,需要nginx主配置文件有以下配置
# /usr/local/nginx/config/nginx.conf http { ... access_log /dev/stdout main; error_log /dev/stderr warn; }
33.2 创建镜像
-
操作步骤如下
Dockerfile
# 第一阶段:仅编译 Nginx FROM rockylinux:9.3 as nginx-builder # 安装编译工具 RUN dnf -y install epel-release && dnf -y install gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel make # 解压并编译 Nginx ADD package/nginx-1.24.0.tar.gz /usr/local RUN cd /usr/local/nginx-1.24.0 && ./configure --prefix=/usr/local/nginx --with-http_sub_module --with-http_gzip_static_module && make && make install COPY config/nginx/* /usr/local/nginx/ # 第二阶段:最终镜像 FROM rockylinux:9.3 # 创建 www 用户(仅在此阶段执行) RUN groupadd www && useradd -u 1001 -g www www # 安装 PHP 及相关扩展 RUN dnf -y install epel-release && dnf -y install wget telnet vim net-tools procps-ng iputils php-fpm php-cli php-opcache php-pear lz4 lz4-devel php-pecl-redis php-mysqlnd php-pdo php-json php-xml php-curl php-gd php-mbstring php-zip php-pecl-igbinary && echo "extension=igbinary.so" > /etc/php-fpm.d/igbinary.ini && dnf clean all # 从 nginx-builder 复制编译好的 Nginx COPY --from=nginx-builder /usr/local/nginx /usr/local/nginx # 配置 PHP-FPM COPY config/php/php-fpm.conf config/php/php.ini /etc/ COPY config/php/www.conf /etc/php-fpm.d/ # 安装 WordPress ADD package/wordpress-6.7.2-zh_CN.tar.gz /tmp RUN mkdir -p /var/www/{logs,html,scripts} && mv /tmp/wordpress/* /var/www/html && chown -R www:www /var/www && rm -rf /tmp/wordpress* && mkdir -p /run/php-fpm && chown -R www:www /run/php-fpm COPY config/scripts/startserver.sh /var/www/scripts RUN chmod +x /var/www/scripts/startserver.sh WORKDIR /var/www/html EXPOSE 80 9000 # 启动 PHP-FPM 和 Nginx CMD ["/bin/sh", "/var/www/scripts/startserver.sh"]- 创建镜像命令
docker build -t registry.cn-guangzhou.aliyuncs.com/hukanfa/wordpress:6.7.2 .
33.3 创建容器
-
操作如下
- 先创建数据库
CREATE DATABASE IF NOT EXISTS wordpress DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci; CREATE USER 'wordpress'@'%' IDENTIFIED BY 'n1*****VmSa'; GRANT ALL ON wordpress.* TO 'wordpress'@'%'; flush privileges;docker-compose.yaml内容如下
services: wordpress: image: registry.cn-guangzhou.aliyuncs.com/hukanfa/wordpress:6.7.2 user: "root" restart: unless-stopped extra_hosts: - "major.nei.hukanfa.com:10.0.12.10" volumes: - ./html:/var/www/html - ./config/php/php.ini:/etc/php.ini - ./config/php/www.conf:/etc/php-fpm.d/www.conf - ./config/php/php-fpm.conf:/etc/php-fpm.conf - ./config/nginx/nginx.conf:/usr/local/nginx/conf/nginx.conf - ./config/nginx/vhost:/usr/local/nginx/conf/vhost ports: - "9001:9000" - "8088:80" healthcheck: test: ["CMD-SHELL", "timeout 5 bash -c 'cat < /dev/null > /dev/tcp/127.0.0.1/9000' || exit 1"] interval: 30s timeout: 5s retries: 3 networks: wd_net: ipv4_address: 172.168.0.2 networks: wd_net: driver: bridge ipam: config: - subnet: 172.168.0.0/24- 创建容器
docker-compose up -d
33.4 基础配置
-
操作如下
- 宿主机nginx配置
# /usr/local/nginx/vhost/blog.hukanfa.com.conf server { listen 80; server_name blog.hukanfa.com hukanfa.com www.hukanfa.com; rewrite ^(.*)$ https://$host$1 permanent; } server { listen 443 ssl; server_name blog.hukanfa.com hukanfa.com www.hukanfa.com; ssl_certificate ../certs/hukanfa.com.crt; ssl_certificate_key ../certs/hukanfa.com.key; access_log logs/blog_access.log main; error_log logs/blog_error.log; # 添加安全头解决混合内容问题 add_header Content-Security-Policy "upgrade-insecure-requests"; location / { proxy_pass http://172.168.0.2; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } # 处理静态文件 - 直接传递给后端 location ~* .(css|js|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ { proxy_pass http://172.168.0.2; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # 禁用缓存,确保从后端获取最新版本 proxy_no_cache 1; proxy_cache_bypass 1; } }- 访问域名
blog.hukanfa.com,将进行一些初始化配置
- 填写数据库信息
- 点击下一步
- 最后填写站点信息
- 完成登陆
33.5 缓存配置
- 说明
- 发现 WordPress 很 慢,是因为 WordPress 本身的 PHP 运行机制导致的,每篇文章都要去数据库读取
- 了支持各种功能,现在已经非常臃肿,每次请求都要加载很多东西。
33.5.1 Object Cache Pro 插件
-
操作如下
- 提前安装 Redis
# 主机 密码 端口信息如下 major.nei.hukanfa.com 26*****joNF 6389html/wp-config.php更新配置
# 行首添加 Object Cache Pro 配置,这里需要具体token信息,可联系博主获取,或者到官网购买正式版本 # Redis相关信息请替换 // Object Cache Pro configuration define('WP_REDIS_CONFIG', [ 'token' => '******', 'password' => '26*****joNF', // for Redis service - strongly recommended 'host' => 'major.nei.hukanfa.com', 'port' => 6389, 'database' => 11, // change for each site 'maxttl' => 3600, // Seconds (1 hour) 'network_flush' => 'site', // site or all or global 'timeout' => 2.5, 'read_timeout' => 2.5, 'retry_interval' => 10, 'retries' => 3, 'backoff' => 'smart', 'compression' => 'lz4', // `zstd` compresses smaller, `lz4` compresses faster 'serializer' => 'igbinary', 'async_flush' => true, 'split_alloptions' => true, 'client' => 'phpredis', 'prefetch' => true, 'strict' => true, 'debug' => false, 'save_commands' => false, 'updates' => false, 'prefix' => 'wordpress', // to change 'non_persistent_groups' => [ 'wc_session_id', '*-queries', // wildcard are supported // '_transient*', ], 'non_prefetchable_groups' => [ 'wc_session_id', '*-queries', // wildcard are supported // '_transient*', ], ]); define('WP_REDIS_DISABLED', false); // END Object Cache Pro configuration- 配置插件
# 使用插件需具备的环境 PhpRedis v4.0 或以上版本,PHP 版本 >= 7.2,安装 igbinary 和 lz4,在 Dockerfile 中上述环境已经具备 # 下载插件,请联系博主获取或谷歌搜索 # 将插件解压到以下目录,后重启容器 $ ls -l html/wp-content/plugins/ object-cache-pro- 页面启用插件
- 设置 -> Object Cache 中查看Dashboard
33.4 安装主题
-
操作如下
- 主题开发者博客链接
https://nicen.cn/1552.html#h21- 主题风格如下图,功能还是比较全面
-
主题下载
- 开发者在其博客中已经开源了该主题源代码,可直接到以下路径下载主题
# Github https://github.com/friend-nicen/theme-document # Gitee https://gitee.com/friend-nicen/theme-document # 百度网盘下载链接 https://pan.baidu.com/s/10OchPJaGhNLaWxGoSfHEnA?pwd=1111- 主题下载后上传到以下路径,并解压
# 解压路径 /data/wordpress/html/wp-content/themes- 重启容器
-
启用主题
- 登陆wordpress管理后台,路径:外观 -- 主题 。选择document主题并启用
- 查看主题启用后的初步效果,点击下面两处任一地方
- 该主题的更多用法会在后续专题详细讲解
33.5 安装插件
- 说明
- 如果wordpress是一栋毛坯房,那插件就是那些家具了。通过安装合适的插件,能够让wordpress功能更加强大
- 本节以markdown编辑插件
wp-editormd为例,下面将介绍该插件的安装过程
33.5.1 WP Editor.md
注:此插件不推荐安装,因为已经停止维护,不兼容新版本 wordpress 了
-
插件安装方式一
- 通过下载插件包,上传到服务器插件目录并解压授权
# 官网下载 <blockquote class="wp-embedded-content" data-secret="O19QCHexgY"><a href="https://wordpress.org/plugins/wp-editormd/">WP Editor.md – The Perfect WordPress Markdown Editor</a></blockquote><iframe class="wp-embedded-content" sandbox="allow-scripts" security="restricted" style="position: absolute; visibility: hidden;" title="“WP Editor.md – The Perfect WordPress Markdown Editor” — Plugin Directory" src="https://wordpress.org/plugins/wp-editormd/embed/#?secret=dzHpIxPzcE#?secret=O19QCHexgY" data-secret="O19QCHexgY" width="500" height="282" frameborder="0" marginwidth="0" marginheight="0" scrolling="no"></iframe>
# 百度网盘,10.2.1 版本 完全兼容wordpress 6.1.4 https://pan.baidu.com/s/1W6Mi8wacQftp1RpTiddXjg?pwd=1111 # 上传并解压到 html/wp-content/plugins index.php wp-editormd- 随后在界面启用插件
33.5.2 Markup Markdown (推荐)
-
说明
-
这是一款支持markdown格式的编辑器插件,且持续更新。
- 目前该插件已支持 wordpress 最新版本 6.7.2
-
操作如下
- 可直接在wordpress插件管理界面搜索安装
靓仔可以的喔