WordPress + Reverse Proxy + SSL + LetsEncrypt
目前找到比較詳細也測試Ok的是這篇
https://www.vdv-it.nl/?p=53
1. 先安裝SSL Insecure Content Fixer
2. 設定頁啟用 HTTP_X-Forwarded-Prot
3. Apache http reverse proxy config
4. 設定Wordpress 網頁網站https://xxxx
5.reload httpd
補充1:
如果需要使用Certbot憑證更新
只要在conf.d設定認證的資料夾不轉拋即可
補充2:
承1,如果開啟htaccesss的狀況下
要記得打開一些選項,否則可能無法正確更新
SSL ERROR Log: AH00670: Options FollowSymLinks and SymLinksIfOwnerMatch are both off, so the RewriteRule directive is also forbidden due to its similar ability to circumvent directory restrictions
這時參考下列
https://stackoverflow.com/questions/11901993/options-followsymlinks-or-symlinksifownermatch-is-off
將option打開
https://www.vdv-it.nl/?p=53
1. 先安裝SSL Insecure Content Fixer
2. 設定頁啟用 HTTP_X-Forwarded-Prot
3. Apache http reverse proxy config
<VirtualHost *:443>
ServerName xxxx
<Location "/">
Options None
Require all granted
</Location>
<Location "/wp-admin">
Options None
Require all granted
</Location>
## Logging
(略)
## Request header rules
## as per http://httpd.apache.org/docs/2.2/mod/mod_headers.html#requestheader
RequestHeader set X-Forwarded-Proto "https"
## Proxy rules
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://123.45.67.8/ timeout=120
ProxyPassReverse / http://123.45.67.8/
## SSL directives
SSLEngine on
SSLCertificateFile "xxxxx.pem"
SSLCertificateKeyFile "xxxxx.pem"
SSLCertificateChainFile "xxxxxchain.pem"
SSLCACertificatePath "/etc/pki/tls/certs"
SSLOptions +StdEnvVars +ExportCertData
# SSL Proxy directives
SSLProxyEngine On
</VirtualHost>
4. 設定Wordpress 網頁網站https://xxxx
5.reload httpd
補充1:
如果需要使用Certbot憑證更新
只要在conf.d設定認證的資料夾不轉拋即可
DocumentRoot /var/www/html ProxyPass /.well-known !
補充2:
承1,如果開啟htaccesss的狀況下
要記得打開一些選項,否則可能無法正確更新
SSL ERROR Log: AH00670: Options FollowSymLinks and SymLinksIfOwnerMatch are both off, so the RewriteRule directive is also forbidden due to its similar ability to circumvent directory restrictions
這時參考下列
https://stackoverflow.com/questions/11901993/options-followsymlinks-or-symlinksifownermatch-is-off
將option打開
Indexes FollowSymLinks
留言