WordPress 优化与安全提升,低配云服务器频繁宕机处理

misswellCategories 你好世界

修改 MySQL 配置

vi /etc/my.cnf

[client]
#password   = your_password
port        = 3306
socket      = /tmp/mysql.sock
bind-address=0.0.0.0

[mysqld]
port        = 3306
socket      = /tmp/mysql.sock
datadir = /usr/local/mysql/var
skip-external-locking
key_buffer_size = 16M
max_allowed_packet = 1M
table_open_cache = 128
sort_buffer_size = 256K
net_buffer_length = 8K
read_buffer_size = 768K
read_rnd_buffer_size = 512K
myisam_sort_buffer_size = 8M
thread_cache_size = 16
query_cache_size = 16M
tmp_table_size = 32M
performance_schema_max_table_instances = 1000

explicit_defaults_for_timestamp = true
#skip-networking
max_connections = 100
max_connect_errors = 100
open_files_limit = 65535

log-bin=mysql-bin
binlog_format=mixed
server-id   = 1
expire_logs_days = 10
early-plugin-load = ""

default_storage_engine = InnoDB
innodb_file_per_table = 1
innodb_data_home_dir = /usr/local/mysql/var
innodb_data_file_path = ibdata1:10M:autoextend
innodb_log_group_home_dir = /usr/local/mysql/var
innodb_buffer_pool_size = 256M
innodb_log_file_size = 32M
innodb_log_buffer_size = 8M
innodb_flush_log_at_trx_commit = 1
innodb_lock_wait_timeout = 50
sql_mode=NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
max_allowed_packet=16M
performance_schema=off

[mysqldump]
quick
max_allowed_packet = 16M

[mysql]
no-auto-rehash

[myisamchk]
key_buffer_size = 32M
sort_buffer_size = 768K
read_buffer_size = 768K
write_buffer_size = 2M

[mysqlhotcopy]
interactive-timeout

修改 PHP 配置

vim /usr/local/php/etc/php-fpm.conf
[global]
pid = /usr/local/php/var/run/php-fpm.pid
error_log = /usr/local/php/var/log/php-fpm.log
log_level = notice

[www]
listen = /tmp/php-cgi.sock
listen.backlog = -1
listen.allowed_clients = 127.0.0.1
listen.owner = www
listen.group = www
listen.mode = 0666
user = www
group = www
pm = dynamic
pm.max_children = 10
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 10
pm.max_requests = 500
pm.process_idle_timeout = 10s
request_terminate_timeout = 60
request_slowlog_timeout = 0
slowlog = var/log/slow.log

配置 2GB Swap 交换分区

# 1. 创建一个 2G 的交换文件
dd if=/dev/zero of=/swapfile bs=1M count=2048

# 2. 设置正确的权限(安全必备)
chmod 600 /swapfile

# 3. 将文件格式化为交换分区
mkswap /swapfile

# 4. 启用交换分区
swapon /swapfile

# 5. 设置开机自启
echo '/swapfile swap swap defaults 0 0' >> /etc/fstab

使用 WPS Hide Login 插件

通过更改登录URL并在未登录时阻止访问wp-login.php页面和wp-admin目录来保护您的网站

安装 Fail2Ban

# CentOS 安装示例
yum install epel-release -y
yum install fail2ban -y
systemctl enable fail2ban
systemctl start fail2ban

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注