If you can’t already install an LNMP environment on your server and Laravel can’t figure out how to do it, I’ve done a very detailed tutorial on the process. 👉 [2020 年 latest] Newbie from zero configuration server LNMP and Laravel environment super pure error free (Linux, Nginx, MySQL, PHP, Laravel)

Materials:

  • Server (I usealiyun EcsYou can use any platform)
  • The server isLinuxThe system (I use itUbuntu 18.04)
  • Had applied for domain name (the word that does not put on record seems to cannot use you also can try, put on record quite simple the platform that goes you buy directly they have step basically is examine and verify time is long20Days or so)
  • The command line,Windows, MacBring your own)
  • SSL certificate(Don’t worry if you don’t, here’s how to apply for a free one.)
  • FileZilla FTP tool(If not, download it below)

Same old rule. Heat the pot

After reading this chapter, you can learn: why to configure Https, how to configure the website domain name, how to configure domain name resolution on the cloud platform you buy, applySSL certificate, implementation,Httpsaccess

Why configure HTTPS? Anti-traffic hijacking: HTTPS establishes an anti-hijacking encrypted communication tunnel to solve the problem of traffic hijacking. It not only eliminates small advertisements displayed on the web page, but also protects user privacy. Improve search ranking: Baidu, Google officials have made a statement that will give priority to include HTTPS websites, HTTPS can improve the search ranking, improve site credibility, brand image to eliminate phishing websites: The green icon in the HTTPS address bar helps users identify phishing websites, protecting the interests of users and enterprises, and enhancing user trust.Copy the code

The text 👇

1. InTencent CloudApply for freeSSL certificate

Enter the console of Tencent’s official website

Login in the upper right corner => After login, tap the console in the upper right corner => The console page is displayed

SSL certificate found in cloud product

Without second word, click it!!

Don’t say three words, apply for it!!

Four words do not say, confirm it!!

Information will fill it, will not fill please manually delete your server ➕ company resign

The next step is to wait for the application to come down

After good application 👇

Download it to your computer, chop some scallions and save for later use

2. Configure aliyun port to enable port 22FileZillaThe connection

Let’s configure port let hereFileZillaThe connection is mainly used to transfer certificatescopyGo to the server and download the configuration port againFileZillaTrouble can go to the web search directly through the command line file copy to the Linux host

The security group configuration is displayed

You can see I’ve already set up port 22

If no: In the upper right corner => Add a security group rule

There is also a tutorial that teaches you how to connect to FileZilla

Use 3.FileZillaConnecting to the server

Go to the Quick Download Links website, go to the Quick Download Links two big buttons, click Download FileZilla Client, download your system version, install it mindlessly and open it

File in the upper right corner of the Mac => Site Management => Create a site => Notice Select the same protocol on the SFTP diagram. Enter the IP address, port 22, username, and password. Then => Connect => The host key does not match

Until the connection is complete

4. WillSSL certificateCopy to the server

The SSL certificate package you download from Tencent Cloud contains the following files: Apache, IIS, Nginx, Tomcat, www.xxx.xxx.csrCopy the code

Nginx is usually installed in the /etc/nginx/ directory of the server, especially as described in my other blog post at the top of this tutorial. If yours is not, please find your Nginx installation directory

FileZilla is used to copy the files 1_www.xxx.xxx_bundle. CRT 2_www.xxx.xxx.key in the Nginx folder of the downloaded SSL certificate to /etc/nginx on the server. Here are the steps. First, open FileZilla and connect to your server 👇

At this point, we have put the SSL certificate at the specified location on the server through the steps shown above

5. Configure the SSL certificate for normal use

If you go to the directory 👉 /etc/nginx/site-available in FileZilla, you’ll see a file called default that we’re going to edit (again, if you can’t find the default file in this directory, So if you don’t follow my other LNMP installation tutorial recommended at the top of this tutorial then you need to find the corresponding configuration file in your Nginx directory.)

Click on this link if you are Apache, IIS, Tomcat, etc

Let’s open it and edit it (the full file contents are shown below), adding 👇

The SSL port number is 443
listen 443;
ssl on;
Enter the domain name of the binding certificate
server_name www.xxx.xxx;
The private key file is the same file that you copied to /etc/nginx
# Name of the certificate file
ssl_certificate 1_www.xxx.xxx_bundle.crt;
# Private key file name
ssl_certificate_key 2_www.xxx.xxx.key;
ssl_session_timeout 5m;
Please configure according to the following protocolSsl_protocols TLSv1 TLSv1.1 TLSv1.2;Configure the encryption suite as follows, written in accordance with the OpenSSL standard.ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:! aNULL:! MD5:! RC4:! DHE; ssl_prefer_server_ciphers on;Note: Configuration files may be written differently due to versioning. For example, if the Nginx version is Nginx /1.15.0, replace listen 443 SSL with SSL on.
# You can view your version via nginx -v
Copy the code

Ok, save and close, FileZilla will prompt you whether to post back to the server, ok, and the configuration is complete

Nginx service nginx restart // Run a test to check whether the configuration is correct. the configuration file /etc/nginx/nginx.conf syntax is ok // nginx: configuration file /etc/nginx/nginx.conftestIs successful // All ok and successful indicate that the configuration is successfulCopy the code

I want to show you the configuration of my entire default file. Of course, you can go to the other blog I recommend at the top to see what I looked like before configuration

server {
	listen 80 default_server;
	listen [::]:80 default_server;

	The SSL port number is 443
	listen 443;
	ssl on;
	Enter the domain name of the binding certificate
	server_name www.xxxx.com;
	# Name of the certificate file
	ssl_certificate 1_www.xxxx.com_bundle.crt;
	# Private key file name
     	ssl_certificate_key 2_www.xxxx.com.key;
     	ssl_session_timeout 5m;
     	Please configure according to the following protocolSsl_protocols TLSv1 TLSv1.1 TLSv1.2;Configure the encryption suite as follows, written in accordance with the OpenSSL standard.ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:! aNULL:! MD5:! RC4:! DHE; ssl_prefer_server_ciphers on;#location / {
        # # Site home page path. This directory is for reference only. For details, follow the actual directory.
        # root /var/www/Laravel60/public;
        # index index.php index.html index.htm;
     	#}

	# SSL configuration
	#
	# listen 443 ssl default_server;
	# listen [::]:443 ssl default_server;
	#
	# Note: You should disable gzip for SSL traffic.
	# See: https://bugs.debian.org/773332
	#
	# Read up on ssl_ciphers to ensure a secure configuration.
	# See: https://bugs.debian.org/765782
	#
	# Self signed certs generated by the ssl-cert package
	# Don't use them in a production server!
	#
	# include snippets/snakeoil.conf;

	root /var/www/Laravel60/public;

	# Add index.php to the list if you are using PHP
	index index.php index.html index.htm index.nginx-debian.html;

	server_name _;

	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
		# try_files $uri $uri/ =404;
		try_files $uri $uri/ /index.php?$query_string;
	}

	# pass PHP scripts to FastCGI server
	#
	location ~ \.php$ {
		include snippets/fastcgi-php.conf;
	#
	#	# With php-fpm (or other unix sockets):Fastcgi_pass Unix: / var/run/PHP/php7.2 - FPM. The sock.#	# With php-cgi (or other tcp sockets):
	#	fastcgi_pass 127.0.0.1:9000;
	}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#location ~ /\.ht { deny all; }}# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
#	listen 80;
#	listen [::]:80;
#
#	server_name example.com;
#
#	root /var/www/example.com;
#	index index.html;
#
#	location / {
# try_files $uri $uri/ =404;
#}
#}
Copy the code

6. Configure domain name resolution

Why do you need to configure domain name resolution? Commonly speaking, it is to bind your domain name to your IP address. After binding, the domain name will know which IP server to enter

First, go to your cloud console (I’m using Aliyun here)

Aliyun console => Domain name => Domain name resolution => Add Configuration Configure the corresponding contentCopy the code

Click OK and you are configured

7. You’re done

Next, you can access your website via Https. If you have any questions, please leave a comment below

Is a rookie? it doesn’t matter To learn how to configure the LNMP environment and Laravel on your server from scratch, I have done a very detailed tutorial on this process. 👉 [2020 年 latest] Newbie from zero configuration server LNMP and Laravel environment super pure error free (Linux, Nginx, MySQL, PHP, Laravel)

Writing is not easy, do not say more, finger still in the thumbs-up!

It’s not easy to write. If the finger is still on your hand, Please tap the like button on the website.

Thank you!