如何建立WordPress的雙因素身份驗證

 

在本指南中,我們會為您提供關於如何設置雙因素身份驗證上一個WordPress網站一步一步的指示, hosted on CentOS的 7 VPS. 有許多雙因素認證的WordPress可以在WordPress.org插件庫插件, but for the purpose of this tutorial, we will install and set up the Google Authenticator plugin for WordPress.

1. Update OS packages

Before starting with the installation procedure, update the server OS packages with the latest available packages by running the following commands:

sudo yum clean all
sudo yum update

2. 安裝PHP 7

CentOS的 7 has PHP 5.4 installed by default. We can remove PHP 5.4 並安裝PHP 7.1 版本. 要做到這一點, check which PHP 5.4 packages are installed on the server and remove them:

sudo rpm -qa | grep php
php-cli-5.4.16-42.el7.x86_64
php-pdo-5.4.16-42.el7.x86_64
php-common-5.4.16-42.el7.x86_64
php-5.4.16-42.el7.x86_64
sudo yum remove php php-cli php-common php-pdo

然後, install PHP 7.1 version:

sudo rpm -Uvh https://dl.iuscommunity.org/pub/ius/stable/CentOS/7/x86_64/ius-release-1.0-15.ius.centos7.noarch.rpm
sudo yum update
sudo yum install php71u php71u-devel php71u-gd php71u-pdo php71u-mysqlnd php71u-xml php71u-mcrypt php71u-intl php71u-mbstring php71u-json php71u-iconv php71u-opcache php71u-imap php71u-soap

3. Create a new database

mysql -u root -p
MariaDB [(none)]> CREATE DATABASE wordpress;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpress'@'localhost' IDENTIFIED BY 'Y0urPa55w0rd';
MariaDB [(none)]> flush privileges;
MariaDB [(none)]> quit;

4. Create a new virtual host in Apache:

vi /etc/httpd/conf.d/wordpress.conf

Add the following lines and save the file:

<虛擬主機 *:80>
ServerName yourdomain.com
ServerAlias www.yourdomain.com
ServerAdmin [email protected]
DocumentRoot /var/www/html/wordpress/

<Directory /var/www/html/wordpress>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
</目錄 >

ErrorLog /var/www/html/wordpress/logs/yourdomain.com_error.log
CustomLog /var/www/html/wordpress/logs/yourdomain.com_access.log combined

</虛擬主機>

5. Install WordPress

Download the latest version of WordPress, and extract it on the server:

cd /opt/
wget https://wordpress.org/latest.zip 
unzip latest.zip
mv wordpress /var/www/html/wordpress/

Set proper permissions to the files and directories of WordPress:

sudo chown -R apache:apache /var/www/html/

Edit the PHP configuration file and add/modify the following settings (change the timezone according to your actual timezone):

memory_limit = 512M
date.timezone = US/Chicago

重新啟動Apache服務以使更改生效:

sudo systemctl restart httpd

Open http://yourdomain.com in your favorite web browser and follow the easy instructions to finish the WordPress installation.

6. Install Google Authenticator plugin

Log in to your WordPress dashboard and install the Google Authenticator plugin by clicking on the ‘Add New’ button from the Plugins menu, then activate it.

Go to Users -> your user (Admin) >> 編輯 >> 谷歌身份驗證器設置 >> check ‘Active’ and ‘Relaxed mode’ >> Create new secret , write down the secret on a piece of paper and store it in a safe place. 然後, click on the ‘Show QR code’ button next to the ‘Create new secret’ button and scan the generated QR code with your phone.

Set-up-WordPress-Two-Factor-Authentication

Click on the ‘Update profile’ button at the bottom of the page for the changes to take effect.

7. Verify if the WordPress Two-Factor Authenticator is working

To test if the two-step authentication is set properly, log out from the WordPress back-end, open http://yourdomain.com/wp-admin and enter your username, password and Google Authenticator code.

WordPress-two-way-authenticator-wordpress-login

就是這樣, your WordPress website is now using a two-factor authentication and it is a little more secure now.

Google Authenticator for WordPressIf you use one of our WordPress Hosting Services, you can simply ask our expert Linux admins to enable two-factor authentication on your WordPress site for you. 他們提供24×7,將立即照顧您的要求.

 

資源

沒有標籤為這個職位.