HTTPS迁移：Dreamhost上托管的WordPress博客

本文主要是介绍HTTPS迁移：Dreamhost上托管的WordPress博客，希望对大家解决编程问题提供一定的参考价值，需要的开发者们随着小编来一起学习吧！

I use Dreamhost. Have been since 2008. If you're not using Dreamhost... well, go sign up and here's $50 off of the $97 yearly plan.

我使用Dreamhost。自2008年以来一直。如果您不使用Dreamhost ...那么，快去注册吧，这是$ 97年度计划的$ 50折扣。

Now some folks reminded me recently that the Perf calendar was not yet migrated to HTTPS... True enough. I have to do it. Eventually. In any normal situation I'll procrastinate indefinitely, but since I had more pressing things to do and "Anyone can do any amount of work, provided it isn’t the work he is supposed to be doing at that moment"... I bit the bullet.

现在有些人最近提醒我， Perf日历尚未迁移到HTTPS ...确实如此。我必须做。最终。在任何正常情况下，我都会无限期拖延，但是由于我要做的事情更紧迫，并且“任何人都可以做任何工作，只要那不是他当时应该做的工作”……我咬住子弹。

Below are the steps that worked for me with a WordPress blog, hosted on DreamHost. The steps are still relevant to any WordPress site, just using Dreamhost as an example and since Dreamhost makes many of the steps easy. Also note that Dreamhost offers automated install of WordPress ("one-click installs") and something called Dreampress. My case wasn't any of those, just a plain old self-install. So some of the steps might be different if you use any of those services.

以下是在DreamHost上托管的WordPress博客对我有用的步骤。这些步骤仍然与任何WordPress网站相关，仅以Dreamhost为例，因为Dreamhost使许多步骤变得容易。还要注意，Dreamhost提供WordPress的自动安装(“一键安装”)和称为Dreampress的东西。我的情况并非如此，只是一个普通的旧式自安装程序。因此，如果您使用任何这些服务，则某些步骤可能会有所不同。

脚步 (Steps)

Setup free SSL certificate thanks to Let's Encrypt
借助Let's Encrypt设置免费的SSL证书
Backup all the things (or just the blog's database or just the table with the posts)
备份所有内容(或仅备份博客数据库或仅包含帖子的表)
Search and replace internal references (images and links)
搜索和替换内部参考(图像和链接)
WP settings
WP设置
Redirect http to https permanently in .htaccess
将.htaccess http永久重定向到https
Test/tweak?
测试/调整？

SSL证书 (SSL certificate)

Thanks to Let's Encrypt you can have a free certificate. Dreamhost makes it trivial to use.

多亏了“让我们加密”，您可以拥有免费证书。 Dreamhost使它使用起来很简单。

Under Domains/Secure Hosting you go add a new Let's Encrypt cert:

在“域/安全托管”下，添加一个新的“加密”证书：

Then pick a domain.

然后选择一个域。

Done!

做完了！

Give it a coupla minutes (while you're doing backups, next step), then go visit your site with https:// in front.

给它一个coupla分钟(在执行备份时，下一步)，然后使用前面的https://来访问您的站点。

后备 (Backup)

One of the least favorite parts when it comes to anything computer-y...

涉及计算机领域的东西中最不喜欢的部分之一。

备份所有内容(可选) (Backup everything (optional))

Dreamhost lets you backup all your things - mail and databases and files and everything. You should probably do that at one point or another but it's not required here.

Dreamhost使您可以备份所有内容-邮件，数据库，文件以及所有内容。您可能应该在一处或另一处执行此操作，但这不是必需的。

You'll find the option under Billing and Account

您会在“帐单和帐户”下找到该选项

备份数据库(可选)(Backup the database (optional))

Backing up your whole WP DB is a good practice, not required for the HTTPS migration but it won't hurt. Let's see how.

备份整个WP DB是一个好习惯，HTTPS迁移不需要这样做，但这不会造成伤害。让我们看看如何。

You need phpMyAdmin. You'll find "MySQL databases" under "Goodies"

您需要phpMyAdmin。您将在“ Goodies”下找到“ MySQL数据库”

Click "phpMyAdmin" next to the database you need.

单击所需数据库旁边的“ phpMyAdmin”。

Drag, what is this password? Well, go to your wp-config.php file and copy from there.

拖动，此密码是什么？好吧，转到您的wp-config.php文件并从那里复制。

After you login, go to the Export tab in phpMyAdmin and ... export!

登录后，转到phpMyAdmin中的“导出”选项卡，然后导出。

No need to touch any of the defaults. Keep the generated file handy in case all hell breaks lose.

无需触摸任何默认值。将生成的文件放在手边，以防万一。

备份帖子 (Backup the posts)

This is the required step so that you can then replace all internal references to http content.

这是必需的步骤，以便您可以替换对http内容的所有内部引用。

Find the table that ends with posts (in case you're like me and have added weird prefix to all tables) on the left menu. Click. Go to Export tab. Click. Click "Go" button.

在左侧菜单中找到以posts结尾的表格(以防您和我一样，并且在所有表格中添加了怪异的前缀)。单击。转到导出选项卡。单击。点击“开始”按钮。

Save the file.

保存文件。

替换内部参考 (Replace internal references)

All <img src="http://yourdomain and <a href="http://yourdomain need to turn into https. Actually links are optional (if you do the next steps with permanent redirect), but why not? Images are not optional, otherwise loading images over HTTP when the page is HTTPS triggers "mixed content" warning.

所有<img src="http://yourdomain和<a href="http://yourdomain 。实际上，链接是可选的(如果您使用永久重定向执行后续步骤)，但是为什么不呢？图像不是可选的，否则当页面为HTTPS时通过HTTP加载图像会触发“混合内容”警告。

Open the *posts.sql file you downloaded in the previous step in a regular text editor. I just did a search/replace of "http://calendar.perfplanet.com" with "https://calendar.perfplanet.com". It's possible I've replaced more than img src and a href. But that's ok as far as I know. If you want to be more surgical in replacements... knock yourself out.

在常规文本编辑器中打开在上一步中下载的*posts.sql文件。我只是用“ https://calendar.perfplanet.com”搜索/替换了“ http://calendar.perfplanet.com”。我可能已替换了img src和a href 。但是据我所知这没关系。如果您想在替换手术方面更具手术性，请把自己打倒。

Save this file with the http-to-https replaced.

保存此文件，并替换http-to-https。

Go back to phpMyAdmin and click the Operations tab (while still working with the "posts" table). You'll see an option to rename the table. Do it. Add "_backup" or something at the end.

返回phpMyAdmin并单击“操作”选项卡(同时仍在使用“帖子”表)。您会看到一个重命名表的选项。做吧在末尾添加“ _backup”或其他内容。

At this point your blog is broken, as there is no table to read the posts from. So not the best time to walk the dog or take a vacation.

此时，您的博客已损坏，因为没有表格可以读取帖子。因此，不是not狗或休假的最佳时间。

Go back to the database level (as opposed to individual table). Click Import tab.

返回数据库级别(而不是单个表)。单击导入选项卡。

Select your *posts.sql file for upload, leave all defaults. Click "Go" button.

选择要上传的*posts.sql文件，保留所有默认设置。点击“开始”按钮。

Your blog is now back up.

您的博客现在已备份。

Not the best time to walk the dog yet, but not the worst either.

现在还不是狗的最佳时间，但也不是最糟糕的时间。

WordPress设置 (WordPress settings)

登录到您的WordPress管理区域。转到设置/常规。将URL内容更改为https。

重定向到https (Redirect to https)

Open your .htaccess file. It probably has an area that looks something like:

打开您的.htaccess文件。它可能有一个看起来像这样的区域：

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

Now above this section, add another section:

现在在本部分上方，添加另一部分：

# BEGIN HTTPS redirect
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*) https://%{HTTP_HOST}/$1 [R=301,L]
</IfModule>
# END redirect

测试/调整？(Test/tweak?)

Now everything should be working. Go to your site (with http). It should redirect to https. And you should see some congratulatory green in the address bar.

现在一切都应该正常工作。转到您的网站(带有http)。它应该重定向到https。并且您应该在地址栏中看到一些可喜的绿色。

And more:

和更多：

But what if it's not green? You may have the dreaded "Mixed content". I know I did.

但是，如果不是绿色怎么办？您可能拥有可怕的“混合内容”。我知道我做到了

In Chrome. Expected picture:

在Chrome中。预期图片：

Actual picture - an i icon. Whaa! Click it.

实际图片-一个i图标。哇！点击它。

Click Details. Chrome tells you what's wrong.

单击详细信息。 Chrome告诉您出了什么问题。

Click "View requests in Network Panel". Figure out what's wrong.

单击“在网络面板中查看请求”。找出问题所在。

In my case I had gravatars enabled. And a default image over http if there's no gravatar for the person commenting (in a call to get_avatar()). Updating this in the comments.php of my theme fixed it.

就我而言，我启用了gravatars。如果没有人发表评论，请使用http上的默认图片(在对get_avatar()的调用中)。在我主题的comments.php中更新了此问题。