网站管理

xpclove

使得网站支持SSL和https访问

apache2 开启 ssl
sudo a2enmod ssl # Ubuntu/Debian
sudo systemctl restart apache2
开启 443 端口
sudo ufw allow 443 # Ubuntu防火墙
检查SSL状态
openssl s_client -connect qlabs.top:443 | openssl x509 -dates -noout

安装Let's Encrypt证书
sudo apt update && sudo apt install certbot -y
sudo certbot certonly --webroot -w /var/www/html/flarum/public -d qblas.top -d www.qblas.top

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for qlabs.top and www.qlabs.top

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/qlabs.top/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/qlabs.top/privkey.pem
This certificate expires on 2025-10-09.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
 * Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
 * Donating to EFF:                    https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Apache2 配置同时支持http和https
http配置：
vim /etc/apache2/sites-available/flarum.conf

<VirtualHost *:80>

 ServerAdmin xpclove@126.com

 DocumentRoot /var/www/html/flarum/public

 ServerName qlabs.top

 DirectoryIndex index.php

 <Directory /var/www/html/flarum/public/>

Options +FollowSymLinks

AllowOverride All

Order allow,deny

allow from all

 </Directory>

 ErrorLog /var/log/apache2/flarum-error_log

 CustomLog /var/log/apache2/flarum-access_log common

</VirtualHost>

https配置：
vim /etc/apache2/sites-available/flarum_ssl.conf

<VirtualHost *:443>
    ServerName qlabs.top
    DocumentRoot /var/www/html/flarum/public  # 或你的网站根目录

    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/qlabs.top/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/qlabs.top/privkey.pem
 DirectoryIndex index.php
 <Directory /var/www/html/flarum/public/>
Options +FollowSymLinks
AllowOverride All
Order allow,deny
allow from all
 </Directory>
 ErrorLog /var/log/apache2/flarum-error_log
 CustomLog /var/log/apache2/flarum-access_log common
</VirtualHost>

6.
sudo a2enmod ssl
sudo a2ensite flarum flarum_ssl# 或你的 SSL 配置文件名（不带.conf后缀）
sudo systemctl reload apache2

7.
修改Flarum根目录下的 config.php 文件：
// 将固定协议改为协议相对路径 'url' => '//your_domain.com', // 去掉 http: 或 https: 前缀
原理‌：// 自动匹配当前访问协议（HTTP/HTTPS），避免资源链接强制使用HTTP‌3。

vim /var/www/html/flarum/public/.htaccess 增加

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)$ index.php [L]
</IfModule>