Redhat Openshift从Openshift 上line 2更改为Online3。截止日期为2017年9月。我在Red Hat Openshift Online 2环境中托管了两年的博客www.51sec.org已从Redhat Openshift Platform迁移而来。在截止日期之前的几天前升级到AWS 的Linux Free Tier。刚开始时,迁移过程既轻松又顺畅,因为我保留了相同的域51sec.org。

也是WordPress插件 在此过程中,“多合一WP迁移”帮助很大。整个博客已导出到120M软件包中。不幸的是,稍后访问在AWS 的Linux实例上运行的www.51sec.org网站时,我仍然遇到问题。

在迁移或建立新网站时发现了几个问题。这篇文章是我发现的那些问题的摘要
1. PHP内存不足。
2. WordPress网站和家庭URL更改
3.更改上传文件限制2M


症状1 – PHP内存不足

迁移后的第二天,我收到了Monitis警报电子邮件,说我的网站已关闭。

重新启动后,服务器网站立即出现。但是几个小时后又发生了。我知道一定有问题。我开始挖掘日志。这是我从日志中找到的内容:

[[email protected] httpd]# tail /var/log/httpd/error_log -n 50

mmap() failed: [12] Cannot allocate memory

mmap() failed: [12] Cannot allocate memory

mmap() failed: [12] Cannot allocate memory

mmap() failed: [12] Cannot allocate memory

mmap() failed: [12] Cannot allocate memory

[Thu Sep 28 09:29:37.890816 2017] [mpm_prefork:notice] [pid 2853] AH00169: caught SIGTERM, shutting down
[Thu Sep 28 09:29:38.196735 2017] [suexec:notice] [pid 3692] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Sep 28 09:29:38.217716 2017] [lbmethod_heartbeat:notice] [pid 3693] AH02282: No slotmem from mod_heartmonitor
[Thu Sep 28 09:29:38.312526 2017] [mpm_prefork:notice] [pid 3693] AH00163: Apache/2.4.27 (Amazon) PHP/7.0.21 configured -- resuming normal operations
[Thu Sep 28 09:29:38.312545 2017] [core:notice] [pid 3693] AH00094: Command line: '/usr/sbin/httpd'

mmap() failed: [12] Cannot allocate memory
mmap() failed: [12] Cannot allocate memory
[Thu Sep 28 11:12:03.262604 2017] [:error] [pid 4278] [client 190.94.81.146:4505] PHP Fatal error:  Out of memory (allocated 25165824) (tried to allocate 65536 bytes) in /var/www/html/wp-content/themes/startup-blog/functions.php 上 line 132, referer: http://140.238.157.42/2016/01/cisco-switch-2960-3560-password-recovery-procedures/
[Thu Sep 28 11:12:03.262669 2017] [:error] [pid 4280] [client 190.94.81.146:4504] PHP Fatal error:  Out of memory (allocated 25165824) (tried to allocate 65536 bytes) in /var/www/html/wp-content/themes/startup-blog/functions.php 上 line 132, referer: http://140.238.157.42/2016/01/cisco-switch-2960-3560-password-recovery-procedures/
[Thu Sep 28 11:12:04.397148 2017] [:error] [pid 4277] [client 66.249.89.16:36770] PHP Fatal error:  Out of memory (allocated 20971520) (tried to allocate 32768 bytes) in /var/www/html/wp-content/plugins/jetpack/modules/sharedaddy/sharing.php 上 line 224

mmap() failed: [12] Cannot allocate memory

mmap() failed: [12] Cannot allocate memory

PHP内存不足。我从互联网上收到了很多建议。这是我采取的一些方法。

解决方案一

我的临时解决方案是设置一个计划,以使用CRON每两小时重新启动httpd服务。

[[email protected] /]# cat /etc/crontab 
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/

# For details see man 4 crontabs

# Example of job definition:
# .---------------- minute (0 - 59)
# |  .------------- hour (0 - 23)
# |  |  .---------- day of month (1 - 31)
# |  |  |  .------- month (1 - 12) 要么  jan,feb,mar,apr ...
# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) 要么  sun,mon,tue,wed,thu,fri,sat
# |  |  |  |  |
# *  *  *  *  * user-name command to be executed
2 */2 * * * root sudo service httpd restart && curl -sm 30 k.wdt.io/[email protected]/reboot_httpd?c=0_*/2_*_*_*
[[email protected] /]# 

我用了 //crontab.guru 服务以获取正确的命令 和wdt.io以获得有关cron作业的警报电子邮件。它确实起作用并且有所帮助。


[[email protected] /]# tail /var/log/cron 
Sep 28 13:00:01 ip-10-10-0-50 CROND[4990]: (root) CMD (sudo service httpd restart && curl -sm 30 k.wdt.io/[email protected]/reboot_httpd?c=0_*_*_*_*)
Sep 28 13:01:01 ip-10-10-0-50 CROND[5071]: (root) CMD (run-parts /etc/cron.hourly)
Sep 28 13:01:01 ip-10-10-0-50 run-parts(/etc/cron.hourly)[5071]: starting 0anacron
Sep 28 13:01:01 ip-10-10-0-50 run-parts(/etc/cron.hourly)[5080]: finished 0anacron
Sep 28 13:50:01 ip-10-10-0-50 crond[2864]: (*system*) RELOAD (/etc/crontab)
Sep 28 14:00:01 ip-10-10-0-50 CROND[5279]: (root) CMD (sudo service httpd restart && curl -sm 30 k.wdt.io/[email protected]/reboot_httpd?c=0_*/2_*_*_*)
Sep 28 14:01:01 ip-10-10-0-50 CROND[5344]: (root) CMD (run-parts /etc/cron.hourly)
Sep 28 14:01:01 ip-10-10-0-50 run-parts(/etc/cron.hourly)[5344]: starting 0anacron
Sep 28 14:01:01 ip-10-10-0-50 run-parts(/etc/cron.hourly)[5353]: finished 0anacron
Sep 28 14:19:01 ip-10-10-0-50 crond[2864]: (*system*) RELOAD (/etc/crontab)
[[email protected] /]# 

从httpd / error_log中,我可以看到该服务已关闭并在计划的时间恢复。

[[email protected] /]# tail /var/log/httpd/error_log -n 20
[[email protected] /]# tail /var/log/httpd/error_log -n 20
[Thu Sep 28 12:00:01.375912 2017] [suexec:notice] [pid 4673] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Sep 28 12:00:01.402479 2017] [lbmethod_heartbeat:notice] [pid 4674] AH02282: No slotmem from mod_heartmonitor
[Thu Sep 28 12:00:01.420712 2017] [mpm_prefork:notice] [pid 4674] AH00163: Apache/2.4.27 (Amazon) PHP/7.0.21 configured -- resuming normal operations
[Thu Sep 28 12:00:01.420736 2017] [core:notice] [pid 4674] AH00094: Command line: '/usr/sbin/httpd'
[Thu Sep 28 12:39:01.020101 2017] [:error] [pid 4889] [client 45.43.101.69:59405] PHP Warning:  mysqli_query(): MySQL server has gone away in /var/www/html/wp-includes/wp-db.php 上 line 1887, referer: http://140.238.157.42/2015/10/advanced-checkpoint-gaia-cli-commands-tips-and-tricks/
[Thu Sep 28 12:39:01.028056 2017] [:error] [pid 4889] [client 45.43.101.69:59405] PHP Warning:  mysqli_query(): Error reading result set's header in /var/www/html/wp-includes/wp-db.php 上 line 1887, referer: http://140.238.157.42/2015/10/advanced-checkpoint-gaia-cli-commands-tips-and-tricks/
[Thu Sep 28 12:39:01.044760 2017] [:error] [pid 4756] [client 45.43.101.69:58628] PHP Warning:  Error while sending QUERY packet. PID=4756 in /var/www/html/wp-includes/wp-db.php 上 line 1887, referer: http://140.238.157.42/2015/10/advanced-checkpoint-gaia-cli-commands-tips-and-tricks/
[Thu Sep 28 13:00:02.531359 2017] [mpm_prefork:notice] [pid 4674] AH00169: caught SIGTERM, shutting down
[Thu Sep 28 13:00:03.123712 2017] [suexec:notice] [pid 5019] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Sep 28 13:00:03.145836 2017] [lbmethod_heartbeat:notice] [pid 5020] AH02282: No slotmem from mod_heartmonitor
[Thu Sep 28 13:00:03.198017 2017] [mpm_prefork:notice] [pid 5020] AH00163: Apache/2.4.27 (Amazon) PHP/7.0.21 configured -- resuming normal operations
[Thu Sep 28 13:00:03.198034 2017] [core:notice] [pid 5020] AH00094: Command line: '/usr/sbin/httpd'
[Thu Sep 28 14:00:01.734292 2017] [mpm_prefork:notice] [pid 5020] AH00169: caught SIGTERM, shutting down
[Thu Sep 28 14:00:02.141090 2017] [suexec:notice] [pid 5307] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Sep 28 14:00:02.169154 2017] [lbmethod_heartbeat:notice] [pid 5308] AH02282: No slotmem from mod_heartmonitor
[Thu Sep 28 14:00:02.236204 2017] [mpm_prefork:notice] [pid 5308] AH00163: Apache/2.4.27 (Amazon) PHP/7.0.21 configured -- resuming normal operations
[Thu Sep 28 14:00:02.236230 2017] [core:notice] [pid 5308] AH00094: Command line: '/usr/sbin/httpd'


解决方案二

有些文章提到与XML-RPC相关的某种攻击, 可以被利用在短时间内向WordPress发送数千个请求。

为了识别这种攻击,我从httpd访问日志中进行了一些搜索:

[[email protected] ec2-user]# grep xmlrpc /var/log/httpd/access_log 
180.191.61.7 - - [27/Sep/2017:02:24:09 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"
97.73.96.19 - - [27/Sep/2017:02:43:52 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"
112.200.195.163 - - [27/Sep/2017:02:46:41 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"
115.79.220.211 - - [27/Sep/2017:02:54:56 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"
160.238.72.10 - - [27/Sep/2017:03:00:06 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"
39.46.183.191 - - [27/Sep/2017:03:06:05 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"
2.24.37.37 - - [27/Sep/2017:03:08:31 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"
115.178.26.232 - - [27/Sep/2017:03:15:42 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"
112.210.202.81 - - [27/Sep/2017:03:16:09 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"
98.124.36.154 - - [27/Sep/2017:03:19:52 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"
..........

有成千上万个类似的日志。

基于 发布 建议,安装jetpack插件有助于减少这种攻击。

保护功能会自动启用。现在,您可以看到一个Jetpack仪表板,该仪表板还将保护功能显示为处于活动状态。运行几个小时后,我们可以看到有47个 Jetpack插件阻止了恶意攻击。




解决方案三

在Google上在线之后,发现有很多帖子建议更改php.ini文件上的某些设置。

这是我所做的:

[[email protected] html]# echo "<?php phpinfo(); ?>" > /var/www/html/phpinfo.php

by access http://140.238.157.42/phpinfo.php I got the php.ini’s location /etc/php.ini

[[email protected] etc]# vi php.ini
; Maximum amount of memory a script may consume (128MB is Default)
; http://php.net/memory-limit
memory_limit = 256M

我还尝试通过wp-config.php文件增加我的PHP内存限制。该文件位于/ var / www / html /目录中。

[[email protected] html]# vi wp-config.php
define('WP_MEMORY_LIMIT', '256M');

将其添加到文件wp-config.php的最后一行。

症状2 – WordPress URL更改
During testing, you might use public ip such as http://54.32.104.11 as your WordPress Address and Site Address. Sometimes, your website might be wrong after you changed to your domain name and you will need to change it back but your Web Admin is not reachable.

这是在wp-config.php文件中对WP 首页和WP SiteURL进行硬编码的方法。

[[email protected] html]# sudo nano wp-config.php
define('WP_HOME','http://140.238.157.42');
define('WP_SITEURL','http://140.238.157.42');

症状3 –更改上传文件限制2M

您将需要找出正确的文件夹来放入此.user.ini文件,通常是/ var / www / html,而您的wordpress文件夹是/ var / www / html / wordpress。您需要将其放在/ var / www / html文件夹下,而不是wordpress文件夹下。

转到您网站的根目录,然后使用vi或nano打开或创建一个.user.ini文件。然后,您可以粘贴以下代码并保存更改:

upload_max_filesize = 64M
post_max_size = 13M
memory_limit = 64M

注意:
默认情况下,新安装仅允许上传2MB。此更改不需要重新启动任何服务,例如php,nginix。

症状4。 WordPress永久链接问题


安装新的Ubuntu和wordpress时遇到了这个问题。这是我从中找到的解决方案 发布:

可能有多种因素导致重写规则无法正常工作。我的ubuntu服务器需要更改3件事才能使永久链接正常工作。
在较新版本的apache2中,您需要启用以下模块:
sudo a2enmod rewrite
sudo service apache2 restart
您可能还需要修改apache2.conf文件。
sudo nano /etc/apache2/apache2.conf
将您的Web目录覆盖规则更改为 允许全部覆盖.
<Directory /var/www/>
    Options Indexes FollowSymLinks
    允许全部覆盖
    Require all granted
</Directory>
之后,重新启动服务。
WordPress安装目录中的.htaccess文件需要由网络服务器拥有或可读/可修改。
这可以通过将所有者更改为www-data(通常是Web服务器用户)或更改权限来实现。
sudo chown www-data /var/www/wordpress-install/.htaccess 
要么
sudo chmod 664 /var/www/wordpress-install/.htaccess
登录到您的WordPress管理员后端并保存永久链接设置,希望它们可以正常工作。

症状5.更新插件时提示输入FTP详细信息
通常,它与文件权限问题有关。但是有时,您使用具有权限chmod 755的正确用户www-data或nginx,仍然出现ftp屏幕提示,要求您输入ftp用户名和密码。

1.使用apache

sudo chown -R www-data:www-data /var/www/html/
sudo chmod -R 755 /var/www/html/

2.使用Nginx

sudo chown -R nginx:nginx /var/www/html/
sudo chmod -R 755 /var/www/html/



您将需要设置 define('FS_METHOD', 'direct'); in wp-config.php.
实际上,在wp-config.php文件中看起来像这样:’

define( 'DB_COLLATE', '' );
define('FS_METHOD', 'direct');

参考文献:

通过 约翰

发表评论