Jump to content
Chinese IPB

Francis

Administrators
  • Content Count

    3,870
  • Joined

  • Last visited

Community Reputation

50 Good

3 Followers

About Francis

Recent Profile Visitors

10,049 profile views
  1. 瀏覽檔案 [MMO] Last Read Date Conversation Adds the date of reading the conversation. 提交者 Francis 提交於 西元2018年11月14日 分類 XenForo 2.x Add-ons  
  2. Version 2.0.0

    1 download

    Adds the date of reading the conversation.
  3. Francis

    Nginx的舊配置

    NGINX 舊配置 https://invisioncommunity.com/forums/topic/396062-v3x-v4-nginx/ I've published guides on configuring IP.Board with Nginx and PHP-FPM, but they're in a forum section only available to paying clients. This is a copy of the last guide I published, but it's a bit dated and I've been meaning to update it. Nonetheless, feel free to peek at it for reference. Installing the latest stable release of NGiNX on Debian or CentOSBasic NGiNX configurationSetting up rewrite rules for IP.Board through NGiNXInstalling and configuring PHP-FPMSetting up proper, secure permissions for your IP.Board powered website CentOS Add the following repository to /etc/yum.repos.d/nginx.repo [nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=1 enabled=1 Now import the PGP key, wget http://nginx.org/keys/nginx_signing.key rpm --import nginx_signing.key rm nginx_signing.key Install and start, yum install nginx /etc/init.d/nginx start If you have Apache installed and running, NGiNX will fail to start, so please ensure you stop Apache before proceeding further. You can confirm NGiNX is running by using . You can also have NGiNX start automatically on boot by running . /etc/init.d/nginx status chkconfig --level 345 nginx on PHP-FPM Installation Instructions CentOS Nothing complicated here. Just install, yum install php-cli php-curl php-fpm php-gd php-imap php-mysql php-xml php-pecl-apc You can also have PHP-FPM start automatically on boot by running . chkconfig --level 345 php-fpm on NGiNX Configuration Now that you have both NGiNX and PHP-FPM up and running, we can move on to configuring the web server. First, let's make some small adjustments to /etc/nginx/nginx.conf, user nginx; worker_processes 4; error_log /var/log/nginx/error.log error; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; server_tokens off; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; #tcp_nopush on; keepalive_timeout 30; #gzip on; include conf.d/*.conf; } There's not much to say here. Increase worker_processes from the default of 1 to however many processor cores your server has. For example, if your server has a single quad core processor, set this value to 4. I've also changed the error_log directive to only log errors. Now let's move on to configuring your IP.Board website. Use this as your base template for /etc/nginx/conf.d/ipboard.conf, server { listen 80; server_name yourdomain.com www.yourdomain.com; root /srv/http/yourdomain.com/root; # Basic web server configuration. index index.php #access_log off; client_max_body_size 1G; # GZIP static content not processed by IPB. gzip on; gzip_static on; gzip_http_version 1.1; gzip_vary on; gzip_comp_level 3; gzip_proxied any; gzip_types text/plain text/css application/json application/x-javascript application/xml application/xml+rss text/javascript application/javascript text/x-js; gzip_buffers 16 8k; gzip_disable "MSIE [1-6].(?!.*SV1)"; # Set up rewrite rules. location / { try_files $uri $uri/ /index.php; } location ~^(/page/).*(.php)$ { try_files $uri $uri/ /index.php; } # Stub Status module location /server_status { stub_status on; #allow 127.0.0.1; #deny all; } # Deny access to hidden files location ~ /. { deny all; } # Mask fake admin directory location ~^/admin/(.*)$ { deny all; } # Secure real admin directory location ~^(/nimda/).*(.php) { #allow 127.0.0.1; #deny all; #auth_basic "Restricted Area"; #auth_basic_user_file $document_root/nimda/.htpasswd; fastcgi_pass unix:/var/run/php-fpm/ipboard.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include /etc/nginx/fastcgi_params; } # IP.Board PHP/CGI Protection location ~^(/uploads/).*(.php)$ { deny all; } location ~^(/hooks/).*(.php)$ { deny all; } location ~^(/cache/).*(.php)$ { deny all; } location ~^(/screenshots/).*(.php)$ { deny all; } location ~^(/downloads/).*(.php)$ { deny all; } location ~^(/blog/).*(.php)$ { deny all; } location ~^(/public/style_).*(.php)$ { deny all; } # Caching directives for static files. location ~^(/uploads/profile/).*.(jpg|jpeg|gif|png)$ { access_log off; expires 1d; } location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml|htm|txt|swf|cur)$ { access_log off; expires 1w; } # Pass PHP scripts to php-fpm location ~ .php$ { fastcgi_pass unix:/var/run/php-fpm/ipboard.sock; fastcgi_index index.php; fastcgi_buffers 16 8k; fastcgi_buffer_size 16k; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include /etc/nginx/fastcgi_params; } } There are a lot of things to cover here. First things first, replace yourdomain.com www.yourdomain.com in the server_name directive with your forums domain name. Include both the www and non-www version of the domain as above, regardless of which you actually use. You'll also need to replace yourdomain.com in the root and error_log directives. Next, let's cover where we're going to be installing the forum to. You'll notice I'm not using a /home/someuser heirachy as you're likely used to. There are two main reasons for this. Neatness and security. If you have your own server, you should keep your personal user account seperated from the actual web server. This is simply good practice in general. /srv/ on the Linux filesystem is for site-specific data which is served by the system. On all of my servers, I use a /srv/http/{host}/{subhost} hierarchy. "root" referrences the domains root. If you ever host another service on your forum (such as a wiki at wiki.yourdomain.com), you could store it in /srv/http/yourdomain.com/wiki Let's go ahead and set this up for your IP.Board website now. Remember to replace yourdomain.com! mkdir -p /srv/http/yourdomain.com/root useradd --system ipboard groupadd --system http gpasswd -a nginx http chown -R ipboard:http /srv/http/yourdomain.com If you want to disable access logging on your site to reduce disk load, just uncomment the access_log directive under the basic web server configuration section. Either way, we'll be setting NGiNX up to not waste log entries for static resources further down. Now adjust client_max_body_size to the maximum allowed file size users can upload to your site. So if your highest allowed upload size for any of your members anywhere on your site is 750 MegaBytes, set this to 750M. Next, we get into configuring rewrite rules. There's nothing you really need to do here. All we have to do with NGiNX is pass a try_files directive, which is better than relying on the rewrite method required with Apache. The Stub Status module allows you to see how many active connections your server has by visiting yourdomain.com/server_status. If you have a static IP address, you can set it up to ensure that only you will have access to this page, though leaving it public isn't really a vulnerability. Next, we want a secure installation, right? So that means we're not going to be using /admin anymore. Come up with something creative that you can easily remember to replace /admin. The example above uses "nimda" (which is just "admin" backwards), so replace that with whatever you come up with. Going a step further, there are two primary ways you can further secure your ACP. The most secure way would be to only allow connections from your IP. Though this will obviously not be feasible if you or another one of your administrators have an IP that constantly changes. If you do have a static IP that you can use, however, uncomment the "allow" and "deny" lines while adding an allow directive for your IP address bellow allow 127.0.0.1. The second option is to use .htpasswd authentication. IP.Board has a built in function to set this up for you in the security center. You can configure this after installing your forum. After creating the .htpasswd file in your ACP, all you will need to do is uncomment the auth_basic directives and restart NGiNX. The caching directives are split for user avatars and everything else not processed by IP.Board. I have avatars set to expire after one day. For everything else it's one week. Feel free to adjust this to your own personal prefference. PHP-FPM Configuration On to PHP-FPM! First, let's go ahead and get rid of the default/example configuration we don't need. This is /etc/php5/fpm/pool.d/www.conf on Debian and /etc/php-fpm.d/www.conf on CentOS. Now, create a new file replacing www.conf with ipboard.conf and using this as the base template: [ipboard] ; Set the prefix directory and the user/group to run under prefix = /var/run/php-fpm user = php-fpm group = http ; Configure listen(2) directives listen = ipboard.sock listen.backlog = 4096 listen.owner = php-fpm listen.group = http listen.mode = 0660 ; Set up the process manager pm = static pm.max_children = 10 pm.max_requests = 250 pm.status_path = /fpm.php ; The timeout for serving a single request. Prevents runaway scripts. request_terminate_timeout = 5m ; Only execute .php scripts. chdir = /srv/http/yourdomain.com/root security.limit_extensions = .php ; Environment variables. ;env[HOSTNAME] = $HOSTNAME ;env[TMP] = /tmp ;env[TMPDIR] = /tmp ;env[TEMP] = /tmp env[DOCUMENT_ROOT] = /srv/http/yourdomain.com/root ; PHP flags and security directives for just this site php_flag[display_errors] = off php_admin_value[open_basedir] = /srv/http/yourdomain.com/root:/tmp:/usr/bin php_admin_value[disable_functions] = escapeshellarg,escapeshellcmd,exec,ini_alter,parse_ini_file,passthru,pcntl_exec,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,show_source,shell_exec,symlink php_admin_value[upload_max_filesize] = 1G php_admin_value[post_max_size] = 1G First, replace all instances of "yourdomain.com" accordingly again. Next, let's go ahead and set up everything we need for PHP-FPM to run properly, mkdir /var/run/php-fpm useradd --system php-fpm chown php-fpm:root /var/run/php-fpm You can skip creating the directory on CentOS, as it will have already been created, but you will still need to apply the new permissions. Finding the optimal setting for pm.max_children is a bit of trial and error. I have it set to 10 as a default. You may need to increase or lower this setting depending on how constrained your server is and how much traffic your site receives. IP.Board tends to use an average of about ~52MB per process for me. So if you have 2GB of memory to spare on your server after accounting for MySQL and any other services you run, you could probably safely support up to 35 static processes, though you may not need nearly this many. Setting this too high may result in your server running out of memory, so be careful. At this point, let's go ahead and test to make sure everything works. (Use /etc/init.d/php5-fpm restart for Debian) /etc/init.d/nginx restart /etc/init.d/php-fpm restart No problems? Good! Problems? Double check your work and check your error logs. Let's create /srv/http/yourdomain.com/root/test.php as a test file with a simple phpinfo() call, <?php phpinfo(); ?> Now visit yourdomain.com/test.php. You should see a PHPINFO page containing the open_basedir and other directives we set. If you don't, you did something wrong. Go back and review. If all is well, delete the test.php file. (Really, delete it. Security audit tools scan for files like this, and you don't want to needlessly expose your server information to malicious parties.) Setting Up IP.Board If you're setting up a new IP.Board website, you'll need to install mysql-server, set up a new database and so on. There are plenty of resources available for learning how to do this if you don't know how already. After you copy your entire forum directory into /srv/http/yourdomain.com/root, we just need to set up proper permissions, chown -R ipboard:http /srv/http/yourdomain.com httproot=/srv/http/yourdomain.com/root find $httproot -type d -exec chmod 0750 {} ; find $httproot -type f -exec chmod 0640 {} ; find $httproot/{uploads,cache,downloads,hooks,screenshots,blog,public/style_*} -type d -exec chmod 0770 {} ; find $httproot/{uploads,cache,downloads,hooks,screenshots,blog,public/style_*} -type f -exec chmod 0660 {} ; If you haven't already, rename your /admin directory to whatever you chose earlier. Afterwards, create the following constants.php file in your forums root, replacing "nimda" appropriately, <?php define( 'CP_DIRECTORY', 'nimda' ); ?> Update the permissions, chmod 0640 constants.php chown ipboard:http constants.php And that's it! IP.Board should be up and running. If you're having trouble, review all of the above steps and check your error log (/var/log/nginx/error.log). If you need help setting things up, feel free to shoot me a message as well. I can try and help in my free time.
  4. Francis

    花俏的文章之會員徽章,獎杯

    Enhanced User Info Panel 為文章內容旁的會員資訊頁增強功能 - 插件 / 中文語言檔
  5. Francis

    IPB第三方插件中文語言包一覽表

    Enhanced User Info Panel 為文章內容旁的會員資訊頁增強功能 - 插件 / 中文語言檔
  6. Version 2.0.6

    2 downloads

    這只是純語言檔,沒包含插件程式 Enhanced User Info Panel 繁體中文 / 简体中文 語言檔 為文章內容旁的會員資訊頁增強功能 注意:這插件是舊版本,有些功能一開啟後,你的模板會壞掉 插件在這裡
  7. 瀏覽檔案 Enhanced User Info Panel 中文語言檔 這只是純語言檔,沒包含插件程式 Enhanced User Info Panel 繁體中文 / 简体中文 語言檔 為文章內容旁的會員資訊頁增強功能 注意:這插件是舊版本,有些功能一開啟後,你的模板會壞掉 插件在這裡 提交者 Francis 提交於 西元2018年11月11日 分類 IPB Plugins  
  8. Francis

    Resource feed

    瀏覽檔案 Resource feed Provides a Resource feed function. Options page: In the Options page you will want to enter the Title of your feed. How to use: Add 'resourcefeed' to your forum URL. Database changes: This add-on adds a table called xf_andy_resource_feed to your database. Questions and Answers: Q: How often does the feed update? A: Every hour. 提交者 Francis 提交於 西元2018年11月11日 分類 XenForo 2.x Add-ons  
  9. Francis

    Resource feed

    Version 1.0

    1 download

    Provides a Resource feed function. Options page: In the Options page you will want to enter the Title of your feed. How to use: Add 'resourcefeed' to your forum URL. Database changes: This add-on adds a table called xf_andy_resource_feed to your database. Questions and Answers: Q: How often does the feed update? A: Every hour.
  10. Francis

    Post Flood Permissions

    瀏覽檔案 Post Flood Permissions Provides user group permissions for the following post/like rate limiting options: Post Reply - Enable Per thread rate limiting Post Reply - Per thread rate limiting - delay between posts in seconds Post Reply - Enable Per node rate limiting Post Reply - Per node post rate limiting - delay between posts in seconds Post Reply - General rate limiting - delay between posts in seconds Like - Enable Per thread rate limiting Like - Per thread rate limiting - delay between posts in seconds Like - Enable Per node rate limiting Like - Per node post rate limiting - delay between posts in seconds Like - General rate limiting - delay between posts in seconds This permits the posting/liking rate to be managed per node, and per user group. The number is the delay in seconds between actions. Minimum supported delay is 1 second. A value of zero disables that rate limiter (ie falls through to the next check), and a value of unlimited causes it to be the equivalent of zero seconds delay. This is due to how XenForo permissions inherited with numeric. The per thread/node option allows decoupling of the global flood limiter from posting in different sections. Matching order, the first match wins: Per thread rate limiting. Per node rate limiting. General post rate limiting. XF Global post rate limiting (reports/posts/profile posts/etc). No extra queries required. 提交者 Francis 提交於 西元2018年11月11日 分類 XenForo 2.x Add-ons  
  11. Version 2.0.0

    1 download

    Provides user group permissions for the following post/like rate limiting options: Post Reply - Enable Per thread rate limiting Post Reply - Per thread rate limiting - delay between posts in seconds Post Reply - Enable Per node rate limiting Post Reply - Per node post rate limiting - delay between posts in seconds Post Reply - General rate limiting - delay between posts in seconds Like - Enable Per thread rate limiting Like - Per thread rate limiting - delay between posts in seconds Like - Enable Per node rate limiting Like - Per node post rate limiting - delay between posts in seconds Like - General rate limiting - delay between posts in seconds This permits the posting/liking rate to be managed per node, and per user group. The number is the delay in seconds between actions. Minimum supported delay is 1 second. A value of zero disables that rate limiter (ie falls through to the next check), and a value of unlimited causes it to be the equivalent of zero seconds delay. This is due to how XenForo permissions inherited with numeric. The per thread/node option allows decoupling of the global flood limiter from posting in different sections. Matching order, the first match wins: Per thread rate limiting. Per node rate limiting. General post rate limiting. XF Global post rate limiting (reports/posts/profile posts/etc). No extra queries required.
  12. Francis

    BBCode parser

    瀏覽檔案 BBCode parser Removes undesired BBCode tags from messages. When a member saves a message, this add-on will remove any undesired tags. 提交者 Francis 提交於 西元2018年11月11日 分類 XenForo 2.x Add-ons  
  13. Francis

    BBCode parser

    Version 1.1

    1 download

    Removes undesired BBCode tags from messages. When a member saves a message, this add-on will remove any undesired tags.
  14. Francis

    [XenGenTr] Rm Notice

    瀏覽檔案 [XenGenTr] Rm Notice XenGenTr Resource Manager Custom Notice Add-on 提交者 Francis 提交於 西元2018年11月11日 分類 XenForo 2.x Add-ons  
  15. Francis

    [XenGenTr] Rm Notice

    Version 1.0

    1 download

    XenGenTr Resource Manager Custom Notice Add-on
×