{"id":2682,"date":"2025-03-24T08:46:48","date_gmt":"2025-03-23T23:46:48","guid":{"rendered":"https:\/\/dexall.co.jp\/articles\/?p=2682"},"modified":"2025-03-24T08:47:17","modified_gmt":"2025-03-23T23:47:17","slug":"laravelxnginx%e3%82%b5%e3%83%bc%e3%83%90%e3%83%bc%e6%a7%8b%e7%af%89%e5%ae%8c%e5%85%a8%e3%82%ac%e3%82%a4%e3%83%89-2024%e5%b9%b4%e6%b1%ba%e5%ae%9a%e7%89%88%e3%82%bb%e3%83%83%e3%83%88%e3%82%a2","status":"publish","type":"post","link":"https:\/\/dexall.co.jp\/articles\/?p=2682","title":{"rendered":"Laravel\u00d7Nginx\u30b5\u30fc\u30d0\u30fc\u69cb\u7bc9\u5b8c\u5168\u30ac\u30a4\u30c9 | 2024\u5e74\u6c7a\u5b9a\u7248\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u624b\u9806\u3068\u5b9f\u8df5\u7684\u306a\u8a2d\u5b9a\u4f8b20\u9078"},"content":{"rendered":"\n<div class=\"toc\"><br \/>\n<b>Warning<\/b>:  Undefined array key \"is_admin\" in <b>\/home\/xs392991\/dexall.co.jp\/public_html\/articles\/wp-content\/themes\/sango-theme\/library\/gutenberg\/dist\/classes\/Toc.php<\/b> on line <b>116<\/b><br \/>\n<br \/>\n<b>Warning<\/b>:  Undefined array key \"is_category_top\" in <b>\/home\/xs392991\/dexall.co.jp\/public_html\/articles\/wp-content\/themes\/sango-theme\/library\/gutenberg\/dist\/classes\/Toc.php<\/b> on line <b>121<\/b><br \/>\n<br \/>\n<b>Warning<\/b>:  Undefined array key \"is_top\" in <b>\/home\/xs392991\/dexall.co.jp\/public_html\/articles\/wp-content\/themes\/sango-theme\/library\/gutenberg\/dist\/classes\/Toc.php<\/b> on line <b>128<\/b><br \/>\n    <div id=\"toc_container\" class=\"sgb-toc--bullets js-smooth-scroll\" data-dialog-title=\"\u76ee\u6b21\">\n      <p class=\"toc_title\">\u76ee\u6b21 <\/p>\n      <ul class=\"toc_list\">  <li class=\"first\">    <span><\/span>    <ul class=\"menu_level_1\">      <li class=\"first\">        <a href=\"#i-0\">Laravel\u00d7Nginx\u306e\u57fa\u790e\u77e5\u8b58<\/a>      <\/li>      <li>        <a href=\"#i-4\">Nginx\u30b5\u30fc\u30d0\u30fc\u306e\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u624b\u9806<\/a>      <\/li>      <li>        <a href=\"#i-17\">Laravel\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u306e\u30c7\u30d7\u30ed\u30a4\u624b\u9806<\/a>      <\/li>      <li>        <a href=\"#i-29\">Nginx\u306e\u5b9f\u8df5\u7684\u306a\u8a2d\u5b9a\u4f8b\u3068\u89e3\u8aac<\/a>      <\/li>      <li>        <a href=\"#i-40\">\u30c8\u30e9\u30d6\u30eb\u30b7\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0\u30ac\u30a4\u30c9<\/a>      <\/li>      <li class=\"last\">        <a href=\"#i-51\">\u672c\u756a\u74b0\u5883\u3067\u306e\u904b\u7528\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/a>      <\/li>    <\/ul>  <\/li>  <li>    <a href=\"#i-58\">!\/bin\/bash<\/a>  <\/li>  <li>    <a href=\"#i-59\">\/usr\/local\/bin\/security-check.sh<\/a>  <\/li>  <li>    <a href=\"#i-60\">\u30d5\u30a1\u30a4\u30eb\u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u306e\u78ba\u8a8d<\/a>  <\/li>  <li>    <a href=\"#i-61\">\u4e0d\u6b63\u306a\u30d7\u30ed\u30bb\u30b9\u306e\u78ba\u8a8d<\/a>  <\/li>  <li>    <a href=\"#i-62\">\u4e0d\u6b63\u306a\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u63a5\u7d9a\u306e\u78ba\u8a8d<\/a>  <\/li>  <li>    <a href=\"#i-63\">\u5931\u6557\u3057\u305f\u30ed\u30b0\u30a4\u30f3\u8a66\u884c\u306e\u78ba\u8a8d<\/a>  <\/li>  <li>    <a href=\"#i-64\">\/etc\/apt\/apt.conf.d\/50unattended-upgrades<\/a>  <\/li>  <li>    <a href=\"#i-65\">!\/bin\/bash<\/a>  <\/li>  <li>    <a href=\"#i-66\">\/usr\/local\/bin\/check-composer-security.sh<\/a>  <\/li>  <li>    <a href=\"#i-67\">\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8106\u5f31\u6027\u306e\u30c1\u30a7\u30c3\u30af<\/a>  <\/li>  <li>    <a href=\"#i-68\">\u4f9d\u5b58\u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u66f4\u65b0\u78ba\u8a8d<\/a>  <\/li>  <li class=\"last\">    <a href=\"#i-69\">\u7d50\u679c\u3092\u30e1\u30fc\u30eb\u3067\u9001\u4fe1<\/a>  <\/li><\/ul>\n      <a href=\"#\" class=\"sgb-toc-button js-toc-button\" rel=\"nofollow\" data-open-dialog=\"true\"><i class=\"fa fa-list\"><\/i><span class=\"sgb-toc-button__text\">\u76ee\u6b21\u3078<\/span><\/a>\n    <\/div><\/div><h2 class=\"wp-block-heading\" id=\"i-0\">Laravel\u00d7Nginx\u306e\u57fa\u790e\u77e5\u8b58<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-1\">Nginx\u304c\u9078\u3070\u308c\u308b3\u3064\u306e\u7406\u7531<\/h3>\n\n\n\n<p>\u30e2\u30c0\u30f3\u306aWeb\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u958b\u767a\u306b\u304a\u3044\u3066\u3001Nginx\u306f\u591a\u304f\u306e\u958b\u767a\u8005\u304b\u3089\u652f\u6301\u3055\u308c\u3066\u3044\u308bWeb\u30b5\u30fc\u30d0\u30fc\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u3067\u3059\u3002\u4ee5\u4e0b\u306e3\u3064\u306e\u4e3b\u8981\u306a\u7406\u7531\u306b\u3088\u308a\u3001\u7279\u306bLaravel\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u306b\u304a\u3044\u3066\u9078\u3070\u308c\u3066\u3044\u307e\u3059\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u512a\u308c\u305f\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u3068\u4f4e\u30ea\u30bd\u30fc\u30b9\u6d88\u8cbb<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30a4\u30d9\u30f3\u30c8\u99c6\u52d5\u578b\u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3\u306e\u63a1\u7528\u306b\u3088\u308a\u3001\u5c11\u306a\u3044\u30e1\u30e2\u30ea\u6d88\u8cbb\u3067\u591a\u6570\u306e\u540c\u6642\u63a5\u7d9a\u3092\u51e6\u7406<\/li>\n\n\n\n<li>\u9759\u7684\u30b3\u30f3\u30c6\u30f3\u30c4\u306e\u914d\u4fe1\u304c\u975e\u5e38\u306b\u9ad8\u901f<\/li>\n\n\n\n<li>\u52d5\u7684\u30b3\u30f3\u30c6\u30f3\u30c4\u306e\u30ea\u30d0\u30fc\u30b9\u30d7\u30ed\u30ad\u30b7\u3068\u3057\u3066\u3082\u512a\u308c\u305f\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u3092\u767a\u63ee<\/li>\n\n\n\n<li>CPU\u3068\u30e1\u30e2\u30ea\u306e\u4f7f\u7528\u52b9\u7387\u304c\u9ad8\u304f\u3001\u30b5\u30fc\u30d0\u30fc\u30ea\u30bd\u30fc\u30b9\u3092\u52b9\u7387\u7684\u306b\u6d3b\u7528<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u9ad8\u5ea6\u306a\u8ca0\u8377\u5206\u6563\u6a5f\u80fd<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30e9\u30a6\u30f3\u30c9\u30ed\u30d3\u30f3\u3001IP-hash\u3001\u6700\u5c0f\u63a5\u7d9a\u6570\u306a\u3069\u3001\u8907\u6570\u306e\u8ca0\u8377\u5206\u6563\u30a2\u30eb\u30b4\u30ea\u30ba\u30e0\u3092\u30b5\u30dd\u30fc\u30c8<\/li>\n\n\n\n<li>\u30a2\u30c3\u30d7\u30b9\u30c8\u30ea\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u306e\u30d8\u30eb\u30b9\u30c1\u30a7\u30c3\u30af\u6a5f\u80fd\u3092\u6a19\u6e96\u642d\u8f09<\/li>\n\n\n\n<li>\u67d4\u8edf\u306a\u30eb\u30fc\u30c6\u30a3\u30f3\u30b0\u8a2d\u5b9a\u306b\u3088\u308a\u3001\u8907\u6570\u306e\u30d0\u30c3\u30af\u30a8\u30f3\u30c9\u30b5\u30fc\u30d0\u30fc\u3078\u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u5206\u6563\u304c\u5bb9\u6613<\/li>\n\n\n\n<li>\u30de\u30a4\u30af\u30ed\u30b5\u30fc\u30d3\u30b9\u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3\u306b\u3082\u9069\u3057\u305f\u8a2d\u8a08<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u67d4\u8edf\u306a\u8a2d\u5b9a\u30aa\u30d7\u30b7\u30e7\u30f3\u3068\u62e1\u5f35\u6027<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30e2\u30b8\u30e5\u30fc\u30eb\u5f0f\u306e\u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3\u306b\u3088\u308a\u3001\u5fc5\u8981\u306a\u6a5f\u80fd\u306e\u307f\u3092\u6709\u52b9\u5316\u53ef\u80fd<\/li>\n\n\n\n<li>HTTPS\u3084HTTP\/2\u306a\u3069\u3001\u6700\u65b0\u306e\u30d7\u30ed\u30c8\u30b3\u30eb\u306b\u5bfe\u5fdc<\/li>\n\n\n\n<li>\u30ad\u30e3\u30c3\u30b7\u30e5\u5236\u5fa1\u3084Gzip\u5727\u7e2e\u306a\u3069\u3001\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u6700\u9069\u5316\u30aa\u30d7\u30b7\u30e7\u30f3\u304c\u5145\u5b9f<\/li>\n\n\n\n<li>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u95a2\u9023\u306e\u8a2d\u5b9a\u304c\u7d30\u304b\u304f\u5236\u5fa1\u53ef\u80fd<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-2\">Laravel\u3068Nginx\u306e\u76f8\u6027\u304c\u629c\u7fa4\u306a\u7406\u7531<\/h3>\n\n\n\n<p>Laravel\u3068Nginx\u306e\u7d44\u307f\u5408\u308f\u305b\u304c\u591a\u304f\u306e\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u3067\u63a1\u7528\u3055\u308c\u308b\u7406\u7531\u306f\u3001\u4ee5\u4e0b\u306e\u76f8\u4e57\u52b9\u679c\u306b\u3042\u308a\u307e\u3059\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u52b9\u7387\u7684\u306aPHP-FPM\u9023\u643a<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Nginx\u306fPHP-FPM\u3068\u306e\u9023\u643a\u304c\u6700\u9069\u5316\u3055\u308c\u3066\u304a\u308a\u3001\u30ea\u30af\u30a8\u30b9\u30c8\u51e6\u7406\u304c\u9ad8\u901f<\/li>\n\n\n\n<li>Unix socket\u3092\u4f7f\u7528\u3057\u305f\u901a\u4fe1\u306b\u3088\u308a\u3001\u30aa\u30fc\u30d0\u30fc\u30d8\u30c3\u30c9\u3092\u6700\u5c0f\u9650\u306b\u6291\u5236<\/li>\n\n\n\n<li>\u30d7\u30ed\u30bb\u30b9\u7ba1\u7406\u304c\u52b9\u7387\u7684\u3067\u3001\u30e1\u30e2\u30ea\u4f7f\u7528\u91cf\u3092\u6291\u3048\u306a\u304c\u3089\u9ad8\u3044\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u3092\u5b9f\u73fe<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u9759\u7684\u30a2\u30bb\u30c3\u30c8\u914d\u4fe1\u306e\u6700\u9069\u5316<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Laravel\u306e\u30d1\u30d6\u30ea\u30c3\u30af\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306b\u3042\u308b\u9759\u7684\u30d5\u30a1\u30a4\u30eb\u3092\u9ad8\u901f\u306b\u914d\u4fe1<\/li>\n\n\n\n<li>\u753b\u50cf\u3001CSS\u3001JavaScript\u30d5\u30a1\u30a4\u30eb\u306e\u30ad\u30e3\u30c3\u30b7\u30e5\u5236\u5fa1\u304c\u5bb9\u6613<\/li>\n\n\n\n<li>\u30a2\u30bb\u30c3\u30c8\u30d1\u30a4\u30d7\u30e9\u30a4\u30f3\u3068\u306e\u76f8\u6027\u304c\u826f\u304f\u3001\u672c\u756a\u74b0\u5883\u3067\u306e\u6700\u9069\u5316\u304c\u7c21\u5358<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5f37\u5316\u306e\u5bb9\u6613\u3055<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>.env<\/code>\u30d5\u30a1\u30a4\u30eb\u306a\u3069\u3001\u6a5f\u5bc6\u60c5\u5831\u3092\u542b\u3080\u30d5\u30a1\u30a4\u30eb\u3078\u306e\u30a2\u30af\u30bb\u30b9\u3092\u7c21\u5358\u306b\u30d6\u30ed\u30c3\u30af<\/li>\n\n\n\n<li>HTTPS\u8a2d\u5b9a\u304c\u5bb9\u6613\u3067\u3001Let\u2019s Encrypt\u3068\u306e\u9023\u643a\u3082\u30b9\u30e0\u30fc\u30ba<\/li>\n\n\n\n<li>XSS\u5bfe\u7b56\u3084CSRF\u5bfe\u7b56\u306a\u3069\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d8\u30c3\u30c0\u30fc\u3092\u7c21\u5358\u306b\u8a2d\u5b9a\u53ef\u80fd<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-3\">Apache\u304b\u3089Nginx\u3078\u306e\u79fb\u884c\u30e1\u30ea\u30c3\u30c8<\/h3>\n\n\n\n<p>\u591a\u304f\u306eLaravel\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u3067Apache\u304b\u3089Nginx\u3078\u306e\u79fb\u884c\u304c\u9032\u3093\u3067\u3044\u308b\u7406\u7531\u3092\u3001\u4ee5\u4e0b\u306e\u89b3\u70b9\u304b\u3089\u89e3\u8aac\u3057\u307e\u3059\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30b7\u30b9\u30c6\u30e0\u30ea\u30bd\u30fc\u30b9\u306e\u52b9\u7387\u5316<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30e1\u30e2\u30ea\u4f7f\u7528\u91cf\u304c\u5927\u5e45\u306b\u524a\u6e1b\uff08\u540c\u3058\u6761\u4ef6\u4e0b\u3067\u7d0440-60%\u306e\u524a\u6e1b\u304c\u4e00\u822c\u7684\uff09<\/li>\n\n\n\n<li>CPU\u4f7f\u7528\u7387\u306e\u4f4e\u4e0b\u306b\u3088\u308a\u3001\u3088\u308a\u591a\u304f\u306e\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u51e6\u7406\u53ef\u80fd<\/li>\n\n\n\n<li>\u540c\u6642\u63a5\u7d9a\u6570\u306e\u5236\u9650\u304c\u5b9f\u8cea\u7684\u306b\u306a\u304f\u3001C10K\u554f\u984c\u3078\u306e\u5bfe\u5fdc\u304c\u5bb9\u6613<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u8a2d\u5b9a\u306e\u7c21\u7d20\u5316\u3068\u30e1\u30f3\u30c6\u30ca\u30f3\u30b9\u6027\u5411\u4e0a<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u76f4\u611f\u7684\u306a\u8a2d\u5b9a\u69cb\u6587\u306b\u3088\u308a\u3001\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u306e\u7ba1\u7406\u304c\u5bb9\u6613<\/li>\n\n\n\n<li>\u30d0\u30fc\u30c1\u30e3\u30eb\u30db\u30b9\u30c8\u306e\u8a2d\u5b9a\u304c\u5358\u7d14\u660e\u5feb<\/li>\n\n\n\n<li>\u30e2\u30b8\u30e5\u30fc\u30eb\u306e\u4f9d\u5b58\u95a2\u4fc2\u304c\u5c11\u306a\u304f\u3001\u30b7\u30b9\u30c6\u30e0\u306e\u5b89\u5b9a\u6027\u304c\u5411\u4e0a<\/li>\n\n\n\n<li>\u30ea\u30d0\u30fc\u30b9\u30d7\u30ed\u30ad\u30b7\u306e\u8a2d\u5b9a\u304c\u7c21\u5358\u3067\u67d4\u8edf<\/li>\n<\/ul>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u30c1\u30e5\u30fc\u30cb\u30f3\u30b0\u306e\u67d4\u8edf\u6027<\/strong><\/li>\n<\/ol>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30de\u30a4\u30af\u30ed\u30ad\u30e3\u30c3\u30b7\u30e5\u306a\u3069\u3001\u9ad8\u5ea6\u306a\u30ad\u30e3\u30c3\u30b7\u30e5\u6226\u7565\u306e\u5b9f\u88c5\u304c\u5bb9\u6613<\/li>\n\n\n\n<li>\u52d5\u7684\u30b3\u30f3\u30c6\u30f3\u30c4\u3068\u9759\u7684\u30b3\u30f3\u30c6\u30f3\u30c4\u306e\u914d\u4fe1\u3092\u6700\u9069\u5316<\/li>\n\n\n\n<li>\u30d5\u30a1\u30a4\u30eb\u30b7\u30b9\u30c6\u30e0\u3078\u306e\u30a2\u30af\u30bb\u30b9\u304c\u5c11\u306a\u304f\u3001I\/O\u8ca0\u8377\u3092\u8efd\u6e1b<\/li>\n\n\n\n<li>\u30ea\u30af\u30a8\u30b9\u30c8\u306e\u512a\u5148\u9806\u4f4d\u4ed8\u3051\u304c\u53ef\u80fd\u3067\u3001\u91cd\u8981\u306a\u30ea\u30af\u30a8\u30b9\u30c8\u306e\u51e6\u7406\u3092\u6700\u9069\u5316<\/li>\n<\/ul>\n\n\n\n<p>\u3053\u306e\u3088\u3046\u306b\u3001Laravel\u00d7Nginx\u306e\u7d44\u307f\u5408\u308f\u305b\u306f\u3001\u73fe\u4ee3\u306eWeb\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u958b\u767a\u306b\u304a\u3051\u308b\u591a\u304f\u306e\u8981\u4ef6\u3092\u6e80\u305f\u3059\u7406\u60f3\u7684\u306a\u9078\u629e\u80a2\u3068\u306a\u3063\u3066\u3044\u307e\u3059\u3002\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3001\u904b\u7528\u6027\u306e\u30d0\u30e9\u30f3\u30b9\u304c\u53d6\u308c\u3066\u304a\u308a\u3001\u30b9\u30b1\u30fc\u30e9\u30d6\u30eb\u306a\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u958b\u767a\u3092\u652f\u63f4\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-4\">Nginx\u30b5\u30fc\u30d0\u30fc\u306e\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u624b\u9806<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-5\">Ubuntu\u74b0\u5883\u3067\u306eNginx\u5c0e\u5165\u624b\u9806<\/h3>\n\n\n\n<p>Ubuntu\u30b5\u30fc\u30d0\u30fc\u3067\u5b89\u5168\u304b\u3064\u6700\u9069\u5316\u3055\u308c\u305fNginx\u74b0\u5883\u3092\u69cb\u7bc9\u3059\u308b\u624b\u9806\u3092\u89e3\u8aac\u3057\u307e\u3059\u3002\u3053\u306e\u624b\u9806\u306f\u3001Ubuntu 22.04 LTS\u4ee5\u964d\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u3092\u5bfe\u8c61\u3068\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-6\">1. \u4e8b\u524d\u6e96\u5099<\/h4>\n\n\n\n<p>\u307e\u305a\u3001\u30b7\u30b9\u30c6\u30e0\u3092\u6700\u65b0\u306e\u72b6\u614b\u306b\u66f4\u65b0\u3057\u307e\u3059\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30d1\u30c3\u30b1\u30fc\u30b8\u30ea\u30b9\u30c8\u306e\u66f4\u65b0\u3068\u30b7\u30b9\u30c6\u30e0\u306e\u66f4\u65b0\nsudo apt update\nsudo apt upgrade -y\n\n# \u5fc5\u8981\u306a\u30c4\u30fc\u30eb\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\nsudo apt install -y curl wget gnupg2 ca-certificates lsb-release ubuntu-keyring<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-7\">2. Nginx\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3068\u521d\u671f\u8a2d\u5b9a<\/h4>\n\n\n\n<p>\u6700\u65b0\u306e\u5b89\u5b9a\u7248Nginx\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u307e\u3059\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u516c\u5f0fNginx\u30ea\u30dd\u30b8\u30c8\u30ea\u306e\u8ffd\u52a0\ncurl https:\/\/nginx.org\/keys\/nginx_signing.key | gpg --dearmor \\\n    | sudo tee \/usr\/share\/keyrings\/nginx-archive-keyring.gpg &gt;\/dev\/null\n\necho \"deb [signed-by=\/usr\/share\/keyrings\/nginx-archive-keyring.gpg] \\\nhttp:\/\/nginx.org\/packages\/ubuntu `lsb_release -cs` nginx\" \\\n    | sudo tee \/etc\/apt\/sources.list.d\/nginx.list\n\n# \u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u66f4\u65b0\u3068Nginx\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\nsudo apt update\nsudo apt install nginx -y<\/pre>\n\n\n\n<p>\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u5f8c\u306e\u521d\u671f\u78ba\u8a8d\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># Nginx\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u78ba\u8a8d\nnginx -v\n\n# \u30b5\u30fc\u30d3\u30b9\u306e\u72b6\u614b\u78ba\u8a8d\nsudo systemctl status nginx\n\n# \u81ea\u52d5\u8d77\u52d5\u306e\u6709\u52b9\u5316\nsudo systemctl enable nginx<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-8\">3. \u57fa\u672c\u7684\u306a\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u69cb\u9020\u306e\u8a2d\u5b9a<\/h4>\n\n\n\n<p>Laravel\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u7528\u306e\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u3092\u9069\u5207\u306a\u6a29\u9650\u3067\u4f5c\u6210\u3057\u307e\u3059\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306e\u4f5c\u6210\nsudo mkdir -p \/var\/www\/laravel\nsudo chown -R $USER:www-data \/var\/www\/laravel\nsudo chmod -R 755 \/var\/www\/laravel\n\n# Nginx\u30ed\u30b0\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306e\u4f5c\u6210\nsudo mkdir -p \/var\/log\/nginx\/laravel\nsudo chown -R www-data:www-data \/var\/log\/nginx\/laravel<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-9\">PHP-FPM\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3068\u8a2d\u5b9a<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-10\">1. PHP 8.2\u3068\u5fc5\u8981\u306a\u30e2\u30b8\u30e5\u30fc\u30eb\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># PHP\u30ea\u30dd\u30b8\u30c8\u30ea\u306e\u8ffd\u52a0\nsudo add-apt-repository ppa:ondrej\/php -y\nsudo apt update\n\n# PHP 8.2\u3068\u30e2\u30b8\u30e5\u30fc\u30eb\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\nsudo apt install -y php8.2-fpm php8.2-cli php8.2-common php8.2-mysql \\\n    php8.2-xml php8.2-curl php8.2-gd php8.2-mbstring php8.2-bcmath \\\n    php8.2-zip php8.2-intl php8.2-redis php8.2-opcache<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-11\">2. PHP-FPM\u306e\u6700\u9069\u5316\u8a2d\u5b9a<\/h4>\n\n\n\n<p>PHP-FPM\u306e\u8a2d\u5b9a\u3092\u672c\u756a\u74b0\u5883\u5411\u3051\u306b\u6700\u9069\u5316\u3057\u307e\u3059\u3002<code>\/etc\/php\/8.2\/fpm\/php.ini<\/code>\u3092\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u7de8\u96c6\u3057\u307e\u3059\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">; \u30e1\u30e2\u30ea\u3068\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u306e\u8a2d\u5b9a\nmemory_limit = 256M\nmax_execution_time = 60\nmax_input_time = 60\npost_max_size = 64M\nupload_max_filesize = 64M\n\n; OPcache\u306e\u8a2d\u5b9a\nopcache.enable=1\nopcache.memory_consumption=256\nopcache.interned_strings_buffer=16\nopcache.max_accelerated_files=10000\nopcache.validate_timestamps=0\nopcache.save_comments=1\nopcache.fast_shutdown=1\n\n; \u30a8\u30e9\u30fc\u8a2d\u5b9a\uff08\u672c\u756a\u74b0\u5883\u7528\uff09\nerror_reporting = E_ALL &amp; ~E_DEPRECATED &amp; ~E_STRICT\ndisplay_errors = Off\ndisplay_startup_errors = Off\nlog_errors = On\nerror_log = \/var\/log\/php\/error.log<\/pre>\n\n\n\n<p>PHP-FPM\u30d7\u30fc\u30eb\u306e\u8a2d\u5b9a\uff08<code>\/etc\/php\/8.2\/fpm\/pool.d\/www.conf<\/code>\uff09\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">[www]\nuser = www-data\ngroup = www-data\n\n; Unix socket\u306e\u8a2d\u5b9a\nlisten = \/run\/php\/php8.2-fpm.sock\nlisten.owner = www-data\nlisten.group = www-data\nlisten.mode = 0660\n\n; \u30d7\u30ed\u30bb\u30b9\u7ba1\u7406\uff08\u4e2d\u898f\u6a21\u30b5\u30a4\u30c8\u5411\u3051\u8a2d\u5b9a\u4f8b\uff09\npm = dynamic\npm.max_children = 50\npm.start_servers = 5\npm.min_spare_servers = 5\npm.max_spare_servers = 10\npm.max_requests = 500\n\n; \u30b9\u30ed\u30fc\u5b9f\u884c\u306e\u30ed\u30b0\u8a2d\u5b9a\nrequest_slowlog_timeout = 10s\nslowlog = \/var\/log\/php-fpm\/slow.log<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-12\">SSL\u30b5\u30fc\u30d0\u30fc\u8a3c\u660e\u66f8\u306e\u8a2d\u5b9a\u65b9\u6cd5<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-13\">1. Let\u2019s Encrypt\u306e\u8a2d\u5b9a<\/h4>\n\n\n\n<p>Certbot\u3092\u4f7f\u7528\u3057\u3066SSL\u8a3c\u660e\u66f8\u3092\u53d6\u5f97\u30fb\u8a2d\u5b9a\u3057\u307e\u3059\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># Certbot\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\nsudo apt install -y certbot python3-certbot-nginx\n\n# \u8a3c\u660e\u66f8\u306e\u53d6\u5f97\nsudo certbot --nginx -d your-domain.com --non-interactive \\\n    --agree-tos --email your-email@example.com \\\n    --redirect --hsts --staple-ocsp\n\n# \u81ea\u52d5\u66f4\u65b0\u306e\u8a2d\u5b9a\nsudo systemctl enable certbot.timer\nsudo systemctl start certbot.timer<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-14\">2. Nginx\u306e SSL\/TLS \u6700\u9069\u5316\u8a2d\u5b9a<\/h4>\n\n\n\n<p><code>\/etc\/nginx\/conf.d\/ssl.conf<\/code>\u306b\u4ee5\u4e0b\u306e\u8a2d\u5b9a\u3092\u8ffd\u52a0\u3057\u307e\u3059\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># SSL\u8a2d\u5b9a\u306e\u6700\u9069\u5316\nssl_session_timeout 1d;\nssl_session_cache shared:SSL:50m;\nssl_session_tickets off;\n\n# \u73fe\u4ee3\u7684\u306aTLS\u306e\u8a2d\u5b9a\nssl_protocols TLSv1.2 TLSv1.3;\nssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;\nssl_prefer_server_ciphers off;\n\n# DH\u30d1\u30e9\u30e1\u30fc\u30bf\uff08\u4e8b\u524d\u306b\u751f\u6210\u304c\u5fc5\u8981\uff09\nssl_dhparam \/etc\/nginx\/dhparam.pem;\n\n# OCSP\u30b9\u30c6\u30fc\u30d7\u30ea\u30f3\u30b0\nssl_stapling on;\nssl_stapling_verify on;\nresolver 8.8.8.8 8.8.4.4 valid=300s;\nresolver_timeout 5s;\n\n# \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d8\u30c3\u30c0\u30fc\nadd_header Strict-Transport-Security \"max-age=63072000\" always;\nadd_header X-Frame-Options SAMEORIGIN;\nadd_header X-Content-Type-Options nosniff;\nadd_header X-XSS-Protection \"1; mode=block\";\nadd_header Referrer-Policy strict-origin-when-cross-origin;<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-15\">3. \u6700\u7d42\u78ba\u8a8d\u3068\u30b5\u30fc\u30d3\u30b9\u306e\u518d\u8d77\u52d5<\/h4>\n\n\n\n<p>\u8a2d\u5b9a\u5b8c\u4e86\u5f8c\u3001\u4ee5\u4e0b\u306e\u30b3\u30de\u30f3\u30c9\u3067\u69cb\u6587\u30c1\u30a7\u30c3\u30af\u3068\u518d\u8d77\u52d5\u3092\u884c\u3044\u307e\u3059\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># Nginx\u8a2d\u5b9a\u306e\u30c6\u30b9\u30c8\nsudo nginx -t\n\n# PHP-FPM\u306e\u518d\u8d77\u52d5\nsudo systemctl restart php8.2-fpm\n\n# Nginx\u306e\u518d\u8d77\u52d5\nsudo systemctl restart nginx\n\n# \u5404\u30b5\u30fc\u30d3\u30b9\u306e\u72b6\u614b\u78ba\u8a8d\nsudo systemctl status nginx\nsudo systemctl status php8.2-fpm<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-16\">\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u5f8c\u306e\u78ba\u8a8d\u30dd\u30a4\u30f3\u30c8\uff1a<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><code>curl -I https:\/\/your-domain.com<\/code> \u3067HTTPS\u30ec\u30b9\u30dd\u30f3\u30b9\u3092\u78ba\u8a8d<\/li>\n\n\n\n<li><a href=\"https:\/\/www.ssllabs.com\/ssltest\/\">SSL Labs<\/a>\u3067SSL\u8a2d\u5b9a\u306e\u8a55\u4fa1\u3092\u78ba\u8a8d<\/li>\n\n\n\n<li>\u30d6\u30e9\u30a6\u30b6\u306e\u958b\u767a\u8005\u30c4\u30fc\u30eb\u3067\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d8\u30c3\u30c0\u30fc\u306e\u5b9f\u88c5\u3092\u78ba\u8a8d<\/li>\n\n\n\n<li><code>\/var\/log\/nginx\/error.log<\/code>\u3067\u30a8\u30e9\u30fc\u30ed\u30b0\u3092\u78ba\u8a8d<\/li>\n<\/ol>\n\n\n\n<p>\u3053\u308c\u3089\u306e\u8a2d\u5b9a\u306b\u3088\u308a\u3001\u30bb\u30ad\u30e5\u30a2\u3067\u9ad8\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u306aNginx\u74b0\u5883\u304c\u69cb\u7bc9\u3067\u304d\u307e\u3057\u305f\u3002\u6b21\u306e\u30bb\u30af\u30b7\u30e7\u30f3\u3067\u306f\u3001\u3053\u306e\u74b0\u5883\u306bLaravel\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092\u30c7\u30d7\u30ed\u30a4\u3059\u308b\u65b9\u6cd5\u3092\u89e3\u8aac\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-17\">Laravel\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u306e\u30c7\u30d7\u30ed\u30a4\u624b\u9806<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-18\">Composer\u306b\u3088\u308b\u4f9d\u5b58\u95a2\u4fc2\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-19\">1. Composer\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3068\u8a2d\u5b9a<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># Composer\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\nphp -r \"copy('https:\/\/getcomposer.org\/installer', 'composer-setup.php');\"\nphp composer-setup.php\nphp -r \"unlink('composer-setup.php');\"\nsudo mv composer.phar \/usr\/local\/bin\/composer\n\n# Composer\u306e\u30b0\u30ed\u30fc\u30d0\u30eb\u8a2d\u5b9a\ncomposer config -g process-timeout 3000\ncomposer config -g repos.packagist composer https:\/\/packagist.org<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-20\">2. \u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u306e\u30c7\u30d7\u30ed\u30a4<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u3078\u306e\u79fb\u52d5\ncd \/var\/www\/laravel\n\n# Git\u304b\u3089\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u306e\u30af\u30ed\u30fc\u30f3\uff08\u4f8b\uff09\ngit clone https:\/\/github.com\/your-username\/your-project.git .\n\n# \u4f9d\u5b58\u95a2\u4fc2\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\uff08\u672c\u756a\u74b0\u5883\u7528\uff09\ncomposer install --no-dev --optimize-autoloader --no-interaction\n\n# \u30ad\u30e3\u30c3\u30b7\u30e5\u306e\u6700\u9069\u5316\nphp artisan config:cache\nphp artisan route:cache\nphp artisan view:cache<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-21\">3. \u30ad\u30e3\u30c3\u30b7\u30e5\u3068\u30ed\u30b0\u306e\u8a2d\u5b9a<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30b9\u30c8\u30ec\u30fc\u30b8\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306e\u6e96\u5099\nphp artisan storage:link\n\n# \u30ad\u30e3\u30c3\u30b7\u30e5\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306e\u6a29\u9650\u8a2d\u5b9a\nsudo chown -R www-data:www-data storage bootstrap\/cache\nsudo chmod -R 775 storage bootstrap\/cache\n\n# \u30ed\u30b0\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u306e\u8a2d\u5b9a\nsudo nano \/etc\/logrotate.d\/laravel<\/pre>\n\n\n\n<p>\u30ed\u30b0\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u306e\u8a2d\u5b9a\u4f8b\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">\/var\/www\/laravel\/storage\/logs\/*.log {\n    daily\n    missingok\n    rotate 7\n    compress\n    delaycompress\n    notifempty\n    create 0640 www-data www-data\n    sharedscripts\n    postrotate\n        \/usr\/bin\/kill -USR1 $(cat \/var\/run\/php\/php8.2-fpm.pid 2&gt;\/dev\/null) 2&gt;\/dev\/null || true\n    endscript\n}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-22\">\u74b0\u5883\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u306e\u69cb\u6210\u65b9\u6cd5<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-23\">1. \u74b0\u5883\u5909\u6570\u306e\u8a2d\u5b9a<\/h4>\n\n\n\n<p><code>.env<\/code>\u30d5\u30a1\u30a4\u30eb\u306e\u57fa\u672c\u8a2d\u5b9a\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">APP_NAME=\"Your Application Name\"\nAPP_ENV=production\nAPP_KEY=base64:your-encrypted-key\nAPP_DEBUG=false\nAPP_URL=https:\/\/your-domain.com\n\nLOG_CHANNEL=stack\nLOG_DEPRECATIONS_CHANNEL=null\nLOG_LEVEL=warning\n\nDB_CONNECTION=mysql\nDB_HOST=127.0.0.1\nDB_PORT=3306\nDB_DATABASE=your_database\nDB_USERNAME=your_username\nDB_PASSWORD=your_secure_password\n\nBROADCAST_DRIVER=log\nCACHE_DRIVER=redis\nFILESYSTEM_DISK=local\nQUEUE_CONNECTION=redis\nSESSION_DRIVER=redis\nSESSION_LIFETIME=120\n\nREDIS_HOST=127.0.0.1\nREDIS_PASSWORD=null\nREDIS_PORT=6379\n\nMAIL_MAILER=smtp\nMAIL_HOST=smtp.your-mail-server.com\nMAIL_PORT=587\nMAIL_USERNAME=your-email@example.com\nMAIL_PASSWORD=your-mail-password\nMAIL_ENCRYPTION=tls\nMAIL_FROM_ADDRESS=no-reply@your-domain.com\nMAIL_FROM_NAME=\"${APP_NAME}\"<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-24\">2. \u672c\u756a\u74b0\u5883\u56fa\u6709\u306e\u8a2d\u5b9a<\/h4>\n\n\n\n<p><code>config\/app.php<\/code>\u3067\u306e\u63a8\u5968\u8a2d\u5b9a\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">return [\n    \/\/ \u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u57fa\u672c\u8a2d\u5b9a\n    'name' =&gt; env('APP_NAME', 'Laravel'),\n    'env' =&gt; env('APP_ENV', 'production'),\n    'debug' =&gt; env('APP_DEBUG', false),\n    'url' =&gt; env('APP_URL', 'https:\/\/your-domain.com'),\n\n    \/\/ \u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u6700\u9069\u5316\n    'timezone' =&gt; 'Asia\/Tokyo',\n    'locale' =&gt; 'ja',\n    'fallback_locale' =&gt; 'en',\n\n    \/\/ \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8a2d\u5b9a\n    'cipher' =&gt; 'AES-256-CBC',\n    'key' =&gt; env('APP_KEY'),\n\n    \/\/ \u30bb\u30c3\u30b7\u30e7\u30f3\u8a2d\u5b9a\n    'providers' =&gt; [\n        \/\/ \u672c\u756a\u74b0\u5883\u3067\u4e0d\u8981\u306a\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\u3092\u30b3\u30e1\u30f3\u30c8\u30a2\u30a6\u30c8\n        \/\/ Illuminate\\Broadcasting\\BroadcastServiceProvider::class,\n    ],\n];<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-25\">\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u8a2d\u5b9a<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-26\">1. \u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u6a29\u9650\u306e\u8a2d\u5b9a<\/h4>\n\n\n\n<p>\u57fa\u672c\u7684\u306a\u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u8a2d\u5b9a\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30a6\u30a7\u30d6\u30b5\u30fc\u30d0\u30fc\u306e\u30e6\u30fc\u30b6\u30fc\u3068\u30b0\u30eb\u30fc\u30d7\u3092\u8a2d\u5b9a\nsudo chown -R www-data:www-data \/var\/www\/laravel\n\n# \u57fa\u672c\u7684\u306a\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u306e\u8a2d\u5b9a\nfind \/var\/www\/laravel -type f -exec chmod 644 {} \\;\nfind \/var\/www\/laravel -type d -exec chmod 755 {} \\;\n\n# \u7279\u5b9a\u306e\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306e\u66f8\u304d\u8fbc\u307f\u6a29\u9650\u8a2d\u5b9a\nsudo chown -R www-data:www-data storage bootstrap\/cache\nsudo chmod -R 775 storage bootstrap\/cache<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-27\">2. \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5f37\u5316\u8a2d\u5b9a<\/h4>\n\n\n\n<p>Nginx\u306e\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\uff08<code>\/etc\/nginx\/conf.d\/laravel.conf<\/code>\uff09\u3067\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8a2d\u5b9a\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">server {\n    listen 443 ssl http2;\n    server_name your-domain.com;\n    root \/var\/www\/laravel\/public;\n\n    # SSL\u8a2d\u5b9a\u306f\u524d\u8ff0\u306e\u8a2d\u5b9a\u3092\u4f7f\u7528\n\n    # \u57fa\u672c\u7684\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d8\u30c3\u30c0\u30fc\n    add_header X-Frame-Options \"SAMEORIGIN\";\n    add_header X-XSS-Protection \"1; mode=block\";\n    add_header X-Content-Type-Options \"nosniff\";\n    add_header Referrer-Policy \"strict-origin-when-cross-origin\";\n\n    # Content Security Policy\n    add_header Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline';\";\n\n    # \u6a5f\u5bc6\u30d5\u30a1\u30a4\u30eb\u3078\u306e\u30a2\u30af\u30bb\u30b9\u5236\u9650\n    location ~ \/\\.env {\n        deny all;\n        return 404;\n    }\n\n    location ~ \/\\.git {\n        deny all;\n        return 404;\n    }\n\n    # PHP\u30d5\u30a1\u30a4\u30eb\u306e\u51e6\u7406\n    location ~ \\.php$ {\n        fastcgi_split_path_info ^(.+\\.php)(\/.+)$;\n        fastcgi_pass unix:\/var\/run\/php\/php8.2-fpm.sock;\n        fastcgi_index index.php;\n        include fastcgi_params;\n        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;\n        fastcgi_param PATH_INFO $fastcgi_path_info;\n        fastcgi_buffer_size 128k;\n        fastcgi_buffers 4 256k;\n        fastcgi_busy_buffers_size 256k;\n    }\n\n    # \u9759\u7684\u30d5\u30a1\u30a4\u30eb\u306e\u30ad\u30e3\u30c3\u30b7\u30e5\u8a2d\u5b9a\n    location ~* \\.(jpg|jpeg|png|gif|ico|css|js)$ {\n        expires 30d;\n        add_header Cache-Control \"public, no-transform\";\n    }\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-28\">3. \u30c7\u30d7\u30ed\u30a4\u5f8c\u306e\u6700\u7d42\u78ba\u8a8d<\/h4>\n\n\n\n<p>\u30c7\u30d7\u30ed\u30a4\u5b8c\u4e86\u5f8c\u306e\u30c1\u30a7\u30c3\u30af\u30ea\u30b9\u30c8\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u52d5\u4f5c\u78ba\u8a8d<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u30b9\u30c6\u30fc\u30bf\u30b9\u306e\u78ba\u8a8d\nphp artisan --version\nphp artisan route:list\nphp artisan migrate:status\n\n# \u30ad\u30e3\u30c3\u30b7\u30e5\u306e\u78ba\u8a8d\nphp artisan cache:clear\nphp artisan config:clear\nphp artisan route:clear\nphp artisan view:clear<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li>\u30ed\u30b0\u3068\u30b9\u30c8\u30ec\u30fc\u30b8\u306e\u78ba\u8a8d<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30ed\u30b0\u30d5\u30a1\u30a4\u30eb\u306e\u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u78ba\u8a8d\nls -la storage\/logs\/\n\n# \u30b9\u30c8\u30ec\u30fc\u30b8\u30ea\u30f3\u30af\u306e\u78ba\u8a8d\nls -la public\/storage<\/pre>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30c1\u30a7\u30c3\u30af<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u306e\u78ba\u8a8d\nphp artisan config:check\n\n# \u4f9d\u5b58\u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30c1\u30a7\u30c3\u30af\ncomposer audit<\/pre>\n\n\n\n<p>\u3053\u308c\u3089\u306e\u624b\u9806\u3092\u5b8c\u4e86\u3059\u308b\u3053\u3068\u3067\u3001\u30bb\u30ad\u30e5\u30a2\u3067\u9ad8\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u306aLaravel\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u672c\u756a\u74b0\u5883\u304c\u69cb\u7bc9\u3067\u304d\u307e\u3059\u3002\u6b21\u306e\u30bb\u30af\u30b7\u30e7\u30f3\u3067\u306f\u3001\u3088\u308a\u5b9f\u8df5\u7684\u306aNginx\u306e\u8a2d\u5b9a\u4f8b\u3068\u6700\u9069\u5316\u65b9\u6cd5\u306b\u3064\u3044\u3066\u89e3\u8aac\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-29\">Nginx\u306e\u5b9f\u8df5\u7684\u306a\u8a2d\u5b9a\u4f8b\u3068\u89e3\u8aac<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-30\">\u9ad8\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u3092\u5b9f\u73fe\u3059\u308bNginx\u8a2d\u5b9a<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-31\">1. \u30ef\u30fc\u30ab\u30fc\u30d7\u30ed\u30bb\u30b9\u306e\u6700\u9069\u5316<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \/etc\/nginx\/nginx.conf\n\n# \u30ef\u30fc\u30ab\u30fc\u30d7\u30ed\u30bb\u30b9\u306e\u8a2d\u5b9a\nworker_processes auto;  # CPU\u30b3\u30a2\u6570\u306b\u5fdc\u3058\u3066\u81ea\u52d5\u8a2d\u5b9a\nworker_rlimit_nofile 65535;  # \u30b7\u30b9\u30c6\u30e0\u30ea\u30bd\u30fc\u30b9\u5236\u9650\u306e\u7de9\u548c\n\nevents {\n    worker_connections 2048;  # 1\u30ef\u30fc\u30ab\u30fc\u3042\u305f\u308a\u306e\u6700\u5927\u63a5\u7d9a\u6570\n    multi_accept on;         # \u8907\u6570\u306e\u63a5\u7d9a\u3092\u540c\u6642\u306b\u53d7\u3051\u4ed8\u3051\n    use epoll;              # Linux\u3067\u306e\u9ad8\u6027\u80fd\u30a4\u30d9\u30f3\u30c8\u30cf\u30f3\u30c9\u30ea\u30f3\u30b0\n}\n\nhttp {\n    # \u57fa\u672c\u8a2d\u5b9a\n    sendfile on;\n    tcp_nopush on;\n    tcp_nodelay on;\n    keepalive_timeout 65;\n    types_hash_max_size 2048;\n    server_tokens off;\n\n    # \u30d0\u30c3\u30d5\u30a1\u30b5\u30a4\u30ba\u306e\u6700\u9069\u5316\n    client_body_buffer_size 16k;\n    client_max_body_size 64m;\n    client_header_buffer_size 1k;\n    large_client_header_buffers 4 8k;\n    output_buffers 1 32k;\n    postpone_output 1460;\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-32\">2. \u30de\u30a4\u30af\u30ed\u30ad\u30e3\u30c3\u30b7\u30e5\u306e\u5b9f\u88c5<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \/etc\/nginx\/conf.d\/microcache.conf\n\n# \u30de\u30a4\u30af\u30ed\u30ad\u30e3\u30c3\u30b7\u30e5\u306e\u30be\u30fc\u30f3\u5b9a\u7fa9\nfastcgi_cache_path \/tmp\/nginx_cache levels=1:2 \n    keys_zone=laravel_cache:100m max_size=10g \n    inactive=60m use_temp_path=off;\n\nserver {\n    # \u30ad\u30e3\u30c3\u30b7\u30e5\u306e\u8a2d\u5b9a\n    fastcgi_cache laravel_cache;\n    fastcgi_cache_key \"$request_method$request_uri$query_string\";\n    fastcgi_cache_use_stale error timeout http_500 http_503;\n    fastcgi_cache_valid 200 60m;  # \u6210\u529f\u30ec\u30b9\u30dd\u30f3\u30b9\u309260\u5206\u30ad\u30e3\u30c3\u30b7\u30e5\n    fastcgi_cache_valid 404 1m;   # Not Found\u30921\u5206\u30ad\u30e3\u30c3\u30b7\u30e5\n\n    # \u30ad\u30e3\u30c3\u30b7\u30e5\u30d0\u30a4\u30d1\u30b9\u6761\u4ef6\n    set $skip_cache 0;\n\n    # POST\u30ea\u30af\u30a8\u30b9\u30c8\u306f\u30ad\u30e3\u30c3\u30b7\u30e5\u3057\u306a\u3044\n    if ($request_method = POST) {\n        set $skip_cache 1;\n    }\n\n    # \u30ed\u30b0\u30a4\u30f3\u6e08\u307f\u30e6\u30fc\u30b6\u30fc\u306f\u30ad\u30e3\u30c3\u30b7\u30e5\u3057\u306a\u3044\n    if ($http_cookie ~* \"laravel_session\") {\n        set $skip_cache 1;\n    }\n\n    location ~ \\.php$ {\n        fastcgi_cache_bypass $skip_cache;\n        fastcgi_no_cache $skip_cache;\n\n        # \u30ad\u30e3\u30c3\u30b7\u30e5\u30b9\u30c6\u30fc\u30bf\u30b9\u3092\u30d8\u30c3\u30c0\u30fc\u306b\u8ffd\u52a0\n        add_header X-Cache-Status $upstream_cache_status;\n    }\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-33\">3. Gzip\u5727\u7e2e\u306e\u6700\u9069\u5316<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \/etc\/nginx\/conf.d\/gzip.conf\n\ngzip on;\ngzip_vary on;\ngzip_proxied any;\ngzip_comp_level 6;\ngzip_types\n    application\/javascript\n    application\/json\n    application\/ld+json\n    application\/manifest+json\n    application\/xml\n    font\/eot\n    font\/otf\n    font\/ttf\n    image\/svg+xml\n    text\/css\n    text\/javascript\n    text\/plain\n    text\/xml;\ngzip_buffers 16 8k;\ngzip_min_length 1000;<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-34\">\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3092\u5f37\u5316\u3059\u308b\u305f\u3081\u306e\u8a2d\u5b9a<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-35\">1. \u57fa\u672c\u7684\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d8\u30c3\u30c0\u30fc<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \/etc\/nginx\/conf.d\/security.conf\n\n# \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d8\u30c3\u30c0\u30fc\u306e\u8a2d\u5b9a\nadd_header X-Frame-Options \"SAMEORIGIN\" always;\nadd_header X-XSS-Protection \"1; mode=block\" always;\nadd_header X-Content-Type-Options \"nosniff\" always;\nadd_header Referrer-Policy \"strict-origin-when-cross-origin\" always;\nadd_header Permissions-Policy \"camera=(), microphone=(), geolocation=(), payment=()\" always;\n\n# Content Security Policy\nadd_header Content-Security-Policy \"\n    default-src 'self';\n    script-src 'self' 'unsafe-inline' 'unsafe-eval' https:\/\/cdn.jsdelivr.net;\n    style-src 'self' 'unsafe-inline' https:\/\/fonts.googleapis.com;\n    img-src 'self' data: https:;\n    font-src 'self' https:\/\/fonts.gstatic.com;\n    frame-ancestors 'none';\n    base-uri 'self';\n    form-action 'self'\n\" always;\n\n# SSL\u8a2d\u5b9a\u306e\u5f37\u5316\nssl_protocols TLSv1.2 TLSv1.3;\nssl_prefer_server_ciphers off;\nssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;\n\n# DDoS\u5bfe\u7b56\nlimit_req_zone $binary_remote_addr zone=one:10m rate=1r\/s;\nlimit_req_status 429;<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-36\">2. \u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u3068\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5236\u9650<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \/etc\/nginx\/conf.d\/restrictions.conf\n\n# \u5371\u967a\u306a\u8981\u6c42\u306e\u5236\u9650\nlocation ~* (?:\\.(?:bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ {\n    deny all;\n    access_log off;\n    log_not_found off;\n}\n\n# Word Press\u306a\u3069\u306e\u653b\u6483\u30d1\u30bf\u30fc\u30f3\u306e\u30d6\u30ed\u30c3\u30af\nlocation ~* wp-admin|wp-login\\.php {\n    deny all;\n    access_log off;\n    log_not_found off;\n}\n\n# \u30d0\u30fc\u30b8\u30e7\u30f3\u60c5\u5831\u306e\u975e\u8868\u793a\nserver_tokens off;\n\n# \u30b7\u30f3\u30dc\u30ea\u30c3\u30af\u30ea\u30f3\u30af\u306e\u5236\u9650\ndisable_symlinks on;\n\n# \u30d0\u30c3\u30d5\u30a1\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u5bfe\u7b56\nclient_body_buffer_size 10K;\nclient_header_buffer_size 1k;\nclient_max_body_size 64m;\nlarge_client_header_buffers 2 1k;<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-37\">\u30ad\u30e3\u30c3\u30b7\u30e5\u5236\u5fa1\u306e\u6700\u9069\u5316\u65b9\u6cd5<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-38\">1. \u9759\u7684\u30d5\u30a1\u30a4\u30eb\u306e\u30ad\u30e3\u30c3\u30b7\u30e5\u8a2d\u5b9a<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \/etc\/nginx\/conf.d\/caching.conf\n\n# \u9759\u7684\u30d5\u30a1\u30a4\u30eb\u306e\u30ad\u30e3\u30c3\u30b7\u30e5\u5236\u5fa1\nlocation ~* \\.(css|js|jpg|jpeg|png|gif|ico|svg|woff2?|ttf|eot)$ {\n    expires 30d;\n    add_header Cache-Control \"public, no-transform\";\n\n    # ETags\u7121\u52b9\u5316\uff08If-None-Match\u30d8\u30c3\u30c0\u30fc\u3092\u4f7f\u7528\uff09\n    etag off;\n\n    # \u30a2\u30af\u30bb\u30b9\u30ed\u30b0\u306e\u7121\u52b9\u5316\n    access_log off;\n\n    # 404\u30a8\u30e9\u30fc\u306e\u30ed\u30b0\u3092\u7121\u52b9\u5316\n    log_not_found off;\n}\n\n# HTML\/XML\u30d5\u30a1\u30a4\u30eb\u306e\u30ad\u30e3\u30c3\u30b7\u30e5\u5236\u5fa1\nlocation ~* \\.(html|xml)$ {\n    expires 1h;\n    add_header Cache-Control \"public, no-transform\";\n}\n\n# API\u30ec\u30b9\u30dd\u30f3\u30b9\u306e\u30ad\u30e3\u30c3\u30b7\u30e5\u5236\u5fa1\nlocation \/api\/ {\n    add_header Cache-Control \"no-store, no-cache, must-revalidate\";\n    expires 0;\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-39\">2. \u52d5\u7684\u30b3\u30f3\u30c6\u30f3\u30c4\u306e\u30ad\u30e3\u30c3\u30b7\u30e5\u6226\u7565<\/h4>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \/etc\/nginx\/conf.d\/dynamic-cache.conf\n\n# FastCGI\u30ad\u30e3\u30c3\u30b7\u30e5\u306e\u8a73\u7d30\u8a2d\u5b9a\nfastcgi_cache_path \/tmp\/nginx_cache \n    levels=1:2 \n    keys_zone=laravel_page_cache:100m \n    max_size=10g \n    inactive=60m \n    use_temp_path=off;\n\n# \u30ad\u30e3\u30c3\u30b7\u30e5\u30ad\u30fc\u306e\u8a2d\u5b9a\nfastcgi_cache_key \"$request_method$request_uri$query_string\";\n\n# \u30ad\u30e3\u30c3\u30b7\u30e5\u306e\u4f8b\u5916\u8a2d\u5b9a\nmap $request_uri $no_cache {\n    default 0;\n    ~*^\/admin\/ 1;\n    ~*^\/api\/ 1;\n    ~*^\/user\/ 1;\n}\n\nserver {\n    location ~ \\.php$ {\n        # \u30ad\u30e3\u30c3\u30b7\u30e5\u30d0\u30a4\u30d1\u30b9\u306e\u6761\u4ef6\n        fastcgi_cache_bypass $no_cache;\n        fastcgi_no_cache $no_cache;\n\n        # \u30ad\u30e3\u30c3\u30b7\u30e5\u306e\u6709\u52b9\u671f\u9650\u8a2d\u5b9a\n        fastcgi_cache_valid 200 60m;\n        fastcgi_cache_valid 404 1m;\n\n        # \u30ad\u30e3\u30c3\u30b7\u30e5\u30b9\u30c6\u30fc\u30bf\u30b9\u306e\u8868\u793a\n        add_header X-Cache-Status $upstream_cache_status;\n\n        # \u30ad\u30e3\u30c3\u30b7\u30e5\u306e\u30ed\u30c3\u30af\uff08\u540c\u6642\u30ea\u30af\u30a8\u30b9\u30c8\u306e\u5236\u5fa1\uff09\n        fastcgi_cache_lock on;\n        fastcgi_cache_lock_timeout 5s;\n\n        # \u53e4\u3044\u30ad\u30e3\u30c3\u30b7\u30e5\u306e\u4f7f\u7528\n        fastcgi_cache_use_stale error timeout http_500 http_503;\n\n        # \u30ad\u30e3\u30c3\u30b7\u30e5\u306e\u6700\u5c0f\u4f7f\u7528\u56de\u6570\n        fastcgi_cache_min_uses 1;\n    }\n}<\/pre>\n\n\n\n<p>\u3053\u308c\u3089\u306e\u8a2d\u5b9a\u3092\u9069\u7528\u3059\u308b\u969b\u306e\u6ce8\u610f\u70b9\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\u8a2d\u5b9a\u5909\u66f4\u524d\u306b\u5fc5\u305a\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u3092\u53d6\u308b<\/li>\n\n\n\n<li><code>nginx -t<\/code>\u3067\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u306e\u69cb\u6587\u30c1\u30a7\u30c3\u30af\u3092\u884c\u3046<\/li>\n\n\n\n<li>\u6bb5\u968e\u7684\u306b\u8a2d\u5b9a\u3092\u9069\u7528\u3057\u3001\u90fd\u5ea6\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u3068\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3092\u30c6\u30b9\u30c8\u3059\u308b<\/li>\n\n\n\n<li>\u672c\u756a\u74b0\u5883\u306b\u9069\u7528\u3059\u308b\u524d\u306b\u30b9\u30c6\u30fc\u30b8\u30f3\u30b0\u74b0\u5883\u3067\u30c6\u30b9\u30c8\u3092\u884c\u3046<\/li>\n<\/ol>\n\n\n\n<p>\u307e\u305f\u3001\u3053\u308c\u3089\u306e\u8a2d\u5b9a\u306f\u30b5\u30fc\u30d0\u30fc\u306e\u30ea\u30bd\u30fc\u30b9\u3068\u8981\u4ef6\u306b\u5fdc\u3058\u3066\u9069\u5207\u306b\u8abf\u6574\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u30e2\u30cb\u30bf\u30ea\u30f3\u30b0\u30c4\u30fc\u30eb\u3092\u4f7f\u7528\u3057\u3066\u3001\u8a2d\u5b9a\u5909\u66f4\u306e\u52b9\u679c\u3092\u7d99\u7d9a\u7684\u306b\u6e2c\u5b9a\u3059\u308b\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-40\">\u30c8\u30e9\u30d6\u30eb\u30b7\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0\u30ac\u30a4\u30c9<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-41\">\u3088\u304f\u3042\u308b\u30a8\u30e9\u30fc\u3068\u89e3\u6c7a\u65b9\u6cd5<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-42\">1. 502 Bad Gateway \u30a8\u30e9\u30fc<\/h4>\n\n\n\n<p><strong>\u75c7\u72b6:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30d6\u30e9\u30a6\u30b6\u3067502 Bad Gateway\u30a8\u30e9\u30fc\u304c\u8868\u793a\u3055\u308c\u308b<\/li>\n\n\n\n<li>Nginx\u306e\u30a8\u30e9\u30fc\u30ed\u30b0\u306b<code>connect() failed (111: Connection refused)<\/code>\u304c\u8a18\u9332\u3055\u308c\u308b<\/li>\n<\/ul>\n\n\n\n<p><strong>\u78ba\u8a8d\u624b\u9806:<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># PHP-FPM\u306e\u72b6\u614b\u78ba\u8a8d\nsudo systemctl status php8.2-fpm\n\n# Nginx\u306e\u30a8\u30e9\u30fc\u30ed\u30b0\u78ba\u8a8d\nsudo tail -f \/var\/log\/nginx\/error.log\n\n# PHP-FPM\u306e\u30ed\u30b0\u78ba\u8a8d\nsudo tail -f \/var\/log\/php8.2-fpm.log<\/pre>\n\n\n\n<p><strong>\u4e00\u822c\u7684\u306a\u539f\u56e0\u3068\u89e3\u6c7a\u7b56:<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>PHP-FPM\u306e\u8a2d\u5b9a\u30df\u30b9<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \/etc\/nginx\/conf.d\/default.conf \u306e\u78ba\u8a8d\u30dd\u30a4\u30f3\u30c8\nlocation ~ \\.php$ {\n    # \u30bd\u30b1\u30c3\u30c8\u30d5\u30a1\u30a4\u30eb\u306e\u30d1\u30b9\u304c\u6b63\u3057\u3044\u304b\u78ba\u8a8d\n    fastcgi_pass unix:\/run\/php\/php8.2-fpm.sock;\n    # \u307e\u305f\u306f TCP\/IP\u63a5\u7d9a\u306e\u5834\u5408\n    # fastcgi_pass 127.0.0.1:9000;\n}<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li>\u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u306e\u554f\u984c<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30bd\u30b1\u30c3\u30c8\u30d5\u30a1\u30a4\u30eb\u306e\u6a29\u9650\u78ba\u8a8d\nls -la \/run\/php\/php8.2-fpm.sock\n\n# \u6a29\u9650\u306e\u4fee\u6b63\nsudo chown www-data:www-data \/run\/php\/php8.2-fpm.sock<\/pre>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li>PHP-FPM\u306e\u30d7\u30ed\u30bb\u30b9\u6570\u4e0d\u8db3<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">; \/etc\/php\/8.2\/fpm\/pool.d\/www.conf\npm = dynamic\npm.max_children = 50\npm.start_servers = 5\npm.min_spare_servers = 5\npm.max_spare_servers = 35<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-43\">2. 504 Gateway Timeout \u30a8\u30e9\u30fc<\/h4>\n\n\n\n<p><strong>\u75c7\u72b6:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u30ea\u30af\u30a8\u30b9\u30c8\u304c\u9577\u6642\u9593\u5fdc\u7b54\u3092\u8fd4\u3055\u306a\u3044<\/li>\n\n\n\n<li>Nginx\u306e\u30bf\u30a4\u30e0\u30a2\u30a6\u30c8\u30a8\u30e9\u30fc\u304c\u767a\u751f<\/li>\n<\/ul>\n\n\n\n<p><strong>\u78ba\u8a8d\u624b\u9806:<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30b9\u30ed\u30fc\u30af\u30a8\u30ea\u306e\u78ba\u8a8d\nsudo tail -f \/var\/log\/mysql\/slow-query.log\n\n# PHP\u30d7\u30ed\u30bb\u30b9\u306e\u72b6\u614b\u78ba\u8a8d\nps aux | grep php<\/pre>\n\n\n\n<p><strong>\u89e3\u6c7a\u7b56:<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\u30bf\u30a4\u30e0\u30a2\u30a6\u30c8\u8a2d\u5b9a\u306e\u8abf\u6574<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \/etc\/nginx\/conf.d\/timeout.conf\nfastcgi_connect_timeout 300;\nfastcgi_send_timeout 300;\nfastcgi_read_timeout 300;\nproxy_connect_timeout 300;\nproxy_send_timeout 300;\nproxy_read_timeout 300;<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li>PHP\u5b9f\u884c\u6642\u9593\u306e\u5ef6\u9577<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">; \/etc\/php\/8.2\/fpm\/php.ini\nmax_execution_time = 300\nmax_input_time = 300<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-44\">\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u554f\u984c\u306e\u8a3a\u65ad\u3068\u6539\u5584<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-45\">1. \u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u6e2c\u5b9a\u30c4\u30fc\u30eb<\/h4>\n\n\n\n<p><strong>\u57fa\u672c\u7684\u306a\u8a3a\u65ad\u30b3\u30de\u30f3\u30c9:<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30b5\u30fc\u30d0\u30fc\u30ea\u30bd\u30fc\u30b9\u306e\u76e3\u8996\nhtop\n\n# Nginx\u306e\u63a5\u7d9a\u72b6\u614b\u78ba\u8a8d\nnetstat -an | grep :80 | wc -l\n\n# PHP-FPM\u30d7\u30ed\u30bb\u30b9\u306e\u78ba\u8a8d\nps aux | grep php-fpm | wc -l<\/pre>\n\n\n\n<p><strong>\u9ad8\u5ea6\u306a\u8a3a\u65ad\u30c4\u30fc\u30eb:<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># ab\u30b3\u30de\u30f3\u30c9\u306b\u3088\u308b\u8ca0\u8377\u30c6\u30b9\u30c8\nab -n 1000 -c 10 https:\/\/your-domain.com\/\n\n# nginx\u306e\u30b9\u30c6\u30fc\u30bf\u30b9\u30da\u30fc\u30b8\u8a2d\u5b9a\nlocation \/nginx_status {\n    stub_status on;\n    access_log off;\n    allow 127.0.0.1;\n    deny all;\n}<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-46\">2. \u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u6700\u9069\u5316\u30c1\u30a7\u30c3\u30af\u30ea\u30b9\u30c8<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>OPcache\u306e\u6700\u9069\u5316<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">; \/etc\/php\/8.2\/fpm\/php.ini\nopcache.enable=1\nopcache.memory_consumption=256\nopcache.max_accelerated_files=20000\nopcache.validate_timestamps=0\nopcache.revalidate_freq=0\nopcache.save_comments=1<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>MySQL\u306e\u30c1\u30e5\u30fc\u30cb\u30f3\u30b0<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \/etc\/mysql\/mysql.conf.d\/mysqld.cnf\ninnodb_buffer_pool_size = 1G\ninnodb_buffer_pool_instances = 4\ninnodb_read_io_threads = 4\ninnodb_write_io_threads = 4\ninnodb_flush_log_at_trx_commit = 2<\/pre>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li><strong>Redis\u306e\u30bb\u30c3\u30b7\u30e7\u30f3\u7ba1\u7406<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># .env\nSESSION_DRIVER=redis\nCACHE_DRIVER=redis\n\nREDIS_HOST=127.0.0.1\nREDIS_PASSWORD=null\nREDIS_PORT=6379<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-47\">\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8106\u5f31\u6027\u3078\u306e\u5bfe\u51e6\u65b9\u6cd5<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-48\">1. \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u76e3\u67fb\u30c4\u30fc\u30eb<\/h4>\n\n\n\n<p><strong>\u57fa\u672c\u7684\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30c1\u30a7\u30c3\u30af:<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># SSL\u8a2d\u5b9a\u306e\u78ba\u8a8d\nsudo nmap --script ssl-enum-ciphers -p 443 your-domain.com\n\n# \u30aa\u30fc\u30d7\u30f3\u30dd\u30fc\u30c8\u306e\u30b9\u30ad\u30e3\u30f3\nsudo nmap -sS -sV your-domain.com\n\n# \u30d5\u30a1\u30a4\u30eb\u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u306e\u76e3\u67fb\nfind \/var\/www\/laravel -type f -exec stat -c \"%a %n\" {} \\;<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-49\">2. \u4e00\u822c\u7684\u306a\u8106\u5f31\u6027\u5bfe\u7b56<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>XSS\u5bfe\u7b56<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">\/\/ Laravel\u306eBlade\u30c6\u30f3\u30d7\u30ec\u30fc\u30c8\u3067\u306e\u5bfe\u7b56\n{{ $userInput }}  \/\/ \u81ea\u52d5\u3067\u30a8\u30b9\u30b1\u30fc\u30d7\n{!! $trustedHtml !!}  \/\/ \u4fe1\u983c\u3067\u304d\u308bHTML\u306e\u5834\u5408\u306e\u307f\u4f7f\u7528<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>SQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u5bfe\u7b56<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">\/\/ \u30af\u30a8\u30ea\u30d3\u30eb\u30c0\u30fc\u306e\u4f7f\u7528\n$users = DB::table('users')\n    -&gt;where('status', '=', $status)\n    -&gt;get();\n\n\/\/ \u30d7\u30ea\u30da\u30a2\u30c9\u30b9\u30c6\u30fc\u30c8\u30e1\u30f3\u30c8\u306e\u4f7f\u7528\n$results = DB::select('select * from users where id = ?', [$id]);<\/pre>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li><strong>CSRF\u5bfe\u7b56<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">\/\/ \u30d5\u30a9\u30fc\u30e0\u3067\u306eCSRF\u30c8\u30fc\u30af\u30f3\n@csrf\n\n\/\/ \u30df\u30c9\u30eb\u30a6\u30a7\u30a2\u3067\u306e\u4fdd\u8b77\nprotected $middleware = [\n    \\App\\Http\\Middleware\\VerifyCsrfToken::class,\n];<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-50\">3. \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a4\u30f3\u30b7\u30c7\u30f3\u30c8\u767a\u751f\u6642\u306e\u5bfe\u5fdc\u624b\u9806<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u30a4\u30f3\u30b7\u30c7\u30f3\u30c8\u306e\u521d\u671f\u5bfe\u5fdc<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30a2\u30af\u30bb\u30b9\u30ed\u30b0\u306e\u4fdd\u5b58\nsudo cp \/var\/log\/nginx\/access.log \/var\/log\/nginx\/access.log.incident\nsudo cp \/var\/log\/nginx\/error.log \/var\/log\/nginx\/error.log.incident\n\n# \u4e0d\u5be9\u306a\u30d7\u30ed\u30bb\u30b9\u306e\u78ba\u8a8d\nps aux | grep -i suspicious\n\n# \u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u63a5\u7d9a\u306e\u78ba\u8a8d\nnetstat -tupln<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>\u30b7\u30b9\u30c6\u30e0\u306e\u5fa9\u65e7\u624b\u9806<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u304b\u3089\u306e\u5fa9\u5143\nsudo systemctl stop nginx\nsudo systemctl stop php8.2-fpm\n\n# \u30d5\u30a1\u30a4\u30eb\u306e\u5fa9\u5143\nrsync -avz backup\/laravel\/ \/var\/www\/laravel\/\n\n# \u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u306e\u518d\u8a2d\u5b9a\nsudo chown -R www-data:www-data \/var\/www\/laravel\nsudo chmod -R 755 \/var\/www\/laravel\nsudo chmod -R 775 \/var\/www\/laravel\/storage\n\n# \u30b5\u30fc\u30d3\u30b9\u306e\u518d\u8d77\u52d5\nsudo systemctl start php8.2-fpm\nsudo systemctl start nginx<\/pre>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li><strong>\u518d\u767a\u9632\u6b62\u7b56\u306e\u5b9f\u65bd<\/strong><\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\nsudo apt update\nsudo apt upgrade -y\n\n# \u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u306e\u5f37\u5316\nsudo ufw default deny incoming\nsudo ufw allow ssh\nsudo ufw allow 'Nginx Full'\nsudo ufw enable<\/pre>\n\n\n\n<p>\u3053\u308c\u3089\u306e\u30c8\u30e9\u30d6\u30eb\u30b7\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0\u624b\u9806\u306f\u3001\u4e00\u822c\u7684\u306a\u554f\u984c\u306b\u5bfe\u3059\u308b\u57fa\u672c\u7684\u306a\u30a2\u30d7\u30ed\u30fc\u30c1\u3092\u63d0\u4f9b\u3057\u307e\u3059\u3002\u5b9f\u969b\u306e\u74b0\u5883\u3067\u306f\u3001\u30b7\u30b9\u30c6\u30e0\u306e\u69cb\u6210\u3084\u8981\u4ef6\u306b\u5fdc\u3058\u3066\u9069\u5207\u306b\u30ab\u30b9\u30bf\u30de\u30a4\u30ba\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u307e\u305f\u3001\u91cd\u8981\u306a\u5909\u66f4\u3092\u884c\u3046\u524d\u306b\u306f\u5fc5\u305a\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u3092\u53d6\u5f97\u3057\u3001\u30c6\u30b9\u30c8\u74b0\u5883\u3067\u306e\u691c\u8a3c\u3092\u63a8\u5968\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"i-51\">\u672c\u756a\u74b0\u5883\u3067\u306e\u904b\u7528\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-52\">\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u30e2\u30cb\u30bf\u30ea\u30f3\u30b0\u306e\u5b9f\u88c5<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-53\">1. \u30b7\u30b9\u30c6\u30e0\u30e2\u30cb\u30bf\u30ea\u30f3\u30b0\u306e\u8a2d\u5b9a<\/h4>\n\n\n\n<p><strong>\u57fa\u672c\u7684\u306a\u30e2\u30cb\u30bf\u30ea\u30f3\u30b0\u30b9\u30af\u30ea\u30d7\u30c8:<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">#!\/bin\/bash\n# \/usr\/local\/bin\/server-monitor.sh\n\n# \u30b7\u30b9\u30c6\u30e0\u30ea\u30bd\u30fc\u30b9\u4f7f\u7528\u72b6\u6cc1\u306e\u8a18\u9332\nlog_file=\"\/var\/log\/server-monitor.log\"\ndate_format=$(date '+%Y-%m-%d %H:%M:%S')\n\n# CPU\u4f7f\u7528\u7387\ncpu_usage=$(top -bn1 | grep \"Cpu(s)\" | awk '{print $2}')\n\n# \u30e1\u30e2\u30ea\u4f7f\u7528\u7387\nmemory_usage=$(free -m | awk 'NR==2{printf \"%.2f%%\", $3*100\/$2}')\n\n# \u30c7\u30a3\u30b9\u30af\u4f7f\u7528\u7387\ndisk_usage=$(df -h \/ | awk 'NR==2{print $5}')\n\n# Nginx\u306e\u63a5\u7d9a\u6570\nnginx_connections=$(netstat -an | grep :80 | wc -l)\n\n# PHP-FPM\u30d7\u30ed\u30bb\u30b9\u6570\nphp_processes=$(ps aux | grep php-fpm | wc -l)\n\n# \u30ed\u30b0\u306e\u8a18\u9332\necho \"$date_format - CPU: $cpu_usage%, Memory: $memory_usage, Disk: $disk_usage, Nginx Connections: $nginx_connections, PHP-FPM Processes: $php_processes\" &gt;&gt; $log_file<\/pre>\n\n\n\n<p><strong>\u30e2\u30cb\u30bf\u30ea\u30f3\u30b0\u306e\u81ea\u52d5\u5316\u8a2d\u5b9a:<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># cron\u3078\u306e\u767b\u9332\n*\/5 * * * * \/usr\/local\/bin\/server-monitor.sh\n\n# \u30a2\u30e9\u30fc\u30c8\u95be\u5024\u306e\u8a2d\u5b9a\nif [ $(echo \"$cpu_usage &gt; 80\" | bc) -eq 1 ]; then\n    echo \"High CPU Usage Alert: $cpu_usage%\" | mail -s \"Server Alert\" admin@example.com\nfi<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-54\">2. \u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u306e\u76e3\u8996<\/h4>\n\n\n\n<p><strong>Laravel\u306e\u30d1\u30d5\u30a9\u30fc\u30de\u30f3\u30b9\u76e3\u8996\u8a2d\u5b9a:<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">\/\/ config\/logging.php\n'channels' =&gt; [\n    'performance' =&gt; [\n        'driver' =&gt; 'daily',\n        'path' =&gt; storage_path('logs\/performance.log'),\n        'level' =&gt; 'debug',\n        'days' =&gt; 14,\n    ],\n];\n\n\/\/ app\/Providers\/AppServiceProvider.php\npublic function boot()\n{\n    DB::listen(function ($query) {\n        if ($query-&gt;time &gt; 100) { \/\/ 100ms\u4ee5\u4e0a\u306e\u30af\u30a8\u30ea\u3092\u30ed\u30b0\n            Log::channel('performance')-&gt;warning(\n                'Slow Query: ' . $query-&gt;sql,\n                [\n                    'bindings' =&gt; $query-&gt;bindings,\n                    'time' =&gt; $query-&gt;time,\n                ]\n            );\n        }\n    });\n}<\/pre>\n\n\n\n<p><strong>Nginx\u306e\u30a2\u30af\u30bb\u30b9\u30ed\u30b0\u89e3\u6790:<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># \/etc\/nginx\/conf.d\/logging.conf\nlog_format detailed '$remote_addr - $remote_user [$time_local] '\n                    '\"$request\" $status $body_bytes_sent '\n                    '\"$http_referer\" \"$http_user_agent\" '\n                    '$request_time $upstream_response_time';\n\naccess_log \/var\/log\/nginx\/detailed_access.log detailed;<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"i-55\">\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u3068\u5fa9\u65e7\u6226\u7565<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-56\">1. \u81ea\u52d5\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u306e\u5b9f\u88c5<\/h4>\n\n\n\n<p><strong>\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u30b9\u30af\u30ea\u30d7\u30c8:<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">#!\/bin\/bash\n# \/usr\/local\/bin\/backup-database.sh\n\nBACKUP_DIR=\"\/var\/backups\/mysql\"\nDATE=$(date +%Y%m%d_%H%M%S)\nDB_USER=\"your_db_user\"\nDB_PASS=\"your_db_password\"\nDB_NAME=\"your_database\"\n\n# \u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306e\u4f5c\u6210\nmkdir -p $BACKUP_DIR\n\n# \u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u306e\u30c0\u30f3\u30d7\nmysqldump --user=$DB_USER --password=$DB_PASS --single-transaction \\\n    --quick --lock-tables=false $DB_NAME | gzip &gt; $BACKUP_DIR\/$DB_NAME\\_$DATE.sql.gz\n\n# \u53e4\u3044\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u306e\u524a\u9664\uff0830\u65e5\u4ee5\u4e0a\u524d\uff09\nfind $BACKUP_DIR -type f -name \"*.sql.gz\" -mtime +30 -delete<\/pre>\n\n\n\n<p><strong>\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u30d5\u30a1\u30a4\u30eb\u306e\u30d0\u30c3\u30af\u30a2\u30c3\u30d7:<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">#!\/bin\/bash\n# \/usr\/local\/bin\/backup-app.sh\n\nAPP_DIR=\"\/var\/www\/laravel\"\nBACKUP_DIR=\"\/var\/backups\/laravel\"\nDATE=$(date +%Y%m%d_%H%M%S)\n\n# \u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u306e\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\ntar -czf $BACKUP_DIR\/config_$DATE.tar.gz \\\n    $APP_DIR\/.env \\\n    $APP_DIR\/config\/*.php\n\n# \u30b9\u30c8\u30ec\u30fc\u30b8\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306e\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\ntar -czf $BACKUP_DIR\/storage_$DATE.tar.gz \\\n    $APP_DIR\/storage\/app \\\n    $APP_DIR\/storage\/framework\n\n# \u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u306e\u6697\u53f7\u5316\uff08\u30aa\u30d7\u30b7\u30e7\u30f3\uff09\ngpg -e -r admin@example.com $BACKUP_DIR\/config_$DATE.tar.gz<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"i-57\">2. \u5fa9\u65e7\u624b\u9806\u306e\u6587\u66f8\u5316<\/h4>\n\n\n\n<p><strong>\u30b7\u30b9\u30c6\u30e0\u5fa9\u65e7\u30c1\u30a7\u30c3\u30af\u30ea\u30b9\u30c8:<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">1. \u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u306e\u5fa9\u5143<\/pre>\n\n\n\n<p>bash<br>gunzip &lt; backup.sql.gz | mysql -u user -p database_name<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">2. \u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u30d5\u30a1\u30a4\u30eb\u306e\u5fa9\u5143<\/pre>\n\n\n\n<p>bash<br>tar -xzf config_backup.tar.gz -C \/var\/www\/laravel<br>tar -xzf storage_backup.tar.gz -C \/var\/www\/laravel<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">3. \u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u306e\u518d\u8a2d\u5b9a<\/pre>\n\n\n\n<p>bash<br>sudo chown -R www-data:www-data \/var\/www\/laravel<br>sudo chmod -R 755 \/var\/www\/laravel<br>sudo chmod -R 775 \/var\/www\/laravel\/storage<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">4. \u30ad\u30e3\u30c3\u30b7\u30e5\u306e\u30af\u30ea\u30a2<\/pre>\n\n\n\n<p>bash<br>php artisan cache:clear<br>php artisan config:clear<br>php artisan route:clear<br>php artisan view:clear<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">5. \u30b5\u30fc\u30d3\u30b9\u306e\u518d\u8d77\u52d5<\/pre>\n\n\n\n<p>bash<br>sudo systemctl restart php8.2-fpm<br>sudo systemctl restart nginx<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">```\n\n### \u7d99\u7d9a\u7684\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56\n\n#### 1. \u81ea\u52d5\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u76e3\u67fb\u306e\u5b9f\u88c5\n\n**\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30c1\u30a7\u30c3\u30af\u30b9\u30af\u30ea\u30d7\u30c8:**<\/pre>\n\n\n\n<p>bash<\/p>\n\n\n\n<h1 class=\"wp-block-heading\" id=\"i-58\">!\/bin\/bash<\/h1>\n\n\n\n<h1 class=\"wp-block-heading\" id=\"i-59\">\/usr\/local\/bin\/security-check.sh<\/h1>\n\n\n\n<h1 class=\"wp-block-heading\" id=\"i-60\">\u30d5\u30a1\u30a4\u30eb\u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u306e\u78ba\u8a8d<\/h1>\n\n\n\n<p>find \/var\/www\/laravel -type f -perm \/o+w -ls &gt; \/var\/log\/security\/file_perms.log<\/p>\n\n\n\n<h1 class=\"wp-block-heading\" id=\"i-61\">\u4e0d\u6b63\u306a\u30d7\u30ed\u30bb\u30b9\u306e\u78ba\u8a8d<\/h1>\n\n\n\n<p>ps aux | grep -i \u201csuspicious\u201d &gt; \/var\/log\/security\/processes.log<\/p>\n\n\n\n<h1 class=\"wp-block-heading\" id=\"i-62\">\u4e0d\u6b63\u306a\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u63a5\u7d9a\u306e\u78ba\u8a8d<\/h1>\n\n\n\n<p>netstat -tupln | grep ESTABLISHED &gt; \/var\/log\/security\/connections.log<\/p>\n\n\n\n<h1 class=\"wp-block-heading\" id=\"i-63\">\u5931\u6557\u3057\u305f\u30ed\u30b0\u30a4\u30f3\u8a66\u884c\u306e\u78ba\u8a8d<\/h1>\n\n\n\n<p>grep \u201cFailed password\u201d \/var\/log\/auth.log &gt; \/var\/log\/security\/failed_logins.log<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">#### 2. \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u7ba1\u7406\n\n**\u81ea\u52d5\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u306e\u8a2d\u5b9a:**<\/pre>\n\n\n\n<p>bash<\/p>\n\n\n\n<h1 class=\"wp-block-heading\" id=\"i-64\">\/etc\/apt\/apt.conf.d\/50unattended-upgrades<\/h1>\n\n\n\n<p>Unattended-Upgrade::Allowed-Origins {<br>\u201c${distro_id}:${distro_codename}-security\u201d;<br>\u201c${distro_id}:${distro_codename}-updates\u201d;<br>};<\/p>\n\n\n\n<p>Unattended-Upgrade::Package-Blacklist {<br>};<\/p>\n\n\n\n<p>Unattended-Upgrade::Mail \u201cadmin@example.com\u201d;<br>Unattended-Upgrade::MailOnlyOnError \u201ctrue\u201d;<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">**Composer\u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u5b89\u5168\u6027\u30c1\u30a7\u30c3\u30af:**<\/pre>\n\n\n\n<p>bash<\/p>\n\n\n\n<h1 class=\"wp-block-heading\" id=\"i-65\">!\/bin\/bash<\/h1>\n\n\n\n<h1 class=\"wp-block-heading\" id=\"i-66\">\/usr\/local\/bin\/check-composer-security.sh<\/h1>\n\n\n\n<p>cd \/var\/www\/laravel<\/p>\n\n\n\n<h1 class=\"wp-block-heading\" id=\"i-67\">\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8106\u5f31\u6027\u306e\u30c1\u30a7\u30c3\u30af<\/h1>\n\n\n\n<p>composer audit<\/p>\n\n\n\n<h1 class=\"wp-block-heading\" id=\"i-68\">\u4f9d\u5b58\u30d1\u30c3\u30b1\u30fc\u30b8\u306e\u66f4\u65b0\u78ba\u8a8d<\/h1>\n\n\n\n<p>composer outdated \u2013direct<\/p>\n\n\n\n<h1 class=\"wp-block-heading\" id=\"i-69\">\u7d50\u679c\u3092\u30e1\u30fc\u30eb\u3067\u9001\u4fe1<\/h1>\n\n\n\n<p>if [ $? -ne 0 ]; then<br>echo \u201cSecurity vulnerabilities found\u201d | mail -s \u201cComposer Security Alert\u201d admin@example.com<br>fi<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">#### 3. \u5b9a\u671f\u7684\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30ec\u30d3\u30e5\u30fc\u9805\u76ee<\/pre>\n\n\n\n<p>markdown<br>\u9031\u6b21\u30ec\u30d3\u30e5\u30fc\u9805\u76ee\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\u30a8\u30e9\u30fc\u30ed\u30b0\u306e\u78ba\u8a8d<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   sudo tail -n 1000 \/var\/log\/nginx\/error.log\n   sudo tail -n 1000 \/var\/log\/php8.2-fpm.log<\/pre>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li>\u30a2\u30af\u30bb\u30b9\u30d1\u30bf\u30fc\u30f3\u306e\u5206\u6790<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   sudo goaccess \/var\/log\/nginx\/access.log<\/pre>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li>\u30d5\u30a1\u30a4\u30eb\u30b7\u30b9\u30c6\u30e0\u306e\u6574\u5408\u6027\u78ba\u8a8d<\/li>\n<\/ol>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">   sudo aide --check<\/pre>\n\n\n\n<p>\u6708\u6b21\u30ec\u30d3\u30e5\u30fc\u9805\u76ee\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>SSL\u8a3c\u660e\u66f8\u306e\u6709\u52b9\u671f\u9650\u78ba\u8a8d<\/li>\n\n\n\n<li>\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u30eb\u30fc\u30eb\u306e\u898b\u76f4\u3057<\/li>\n\n\n\n<li>\u30e6\u30fc\u30b6\u30fc\u30a2\u30ab\u30a6\u30f3\u30c8\u3068\u6a29\u9650\u306e\u76e3\u67fb<\/li>\n\n\n\n<li>\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u306e\u5fa9\u5143\u30c6\u30b9\u30c8<br>\u201c`<\/li>\n<\/ol>\n\n\n\n<p>\u3053\u308c\u3089\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\u3092\u5b9f\u88c5\u3059\u308b\u3053\u3068\u3067\u3001\u5b89\u5b9a\u3057\u305f\u672c\u756a\u74b0\u5883\u306e\u904b\u7528\u304c\u53ef\u80fd\u306b\u306a\u308a\u307e\u3059\u3002\u305f\u3060\u3057\u3001\u3053\u308c\u3089\u306e\u8a2d\u5b9a\u306f\u74b0\u5883\u3084\u8981\u4ef6\u306b\u5fdc\u3058\u3066\u9069\u5207\u306b\u30ab\u30b9\u30bf\u30de\u30a4\u30ba\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u307e\u305f\u3001\u5b9a\u671f\u7684\u306a\u898b\u76f4\u3057\u3068\u66f4\u65b0\u3092\u884c\u3044\u3001\u65b0\u3057\u3044\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8105\u5a01\u3084\u904b\u7528\u8ab2\u984c\u306b\u5bfe\u5fdc\u3059\u308b\u3053\u3068\u304c\u91cd\u8981\u3067\u3059\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Warning: Undefined array key &#8220;is_admin&#8221; in \/home\/xs392991\/dexall.co.jp\/public_html\/articles\/wp-content\/themes\/ &#8230; <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[33,12],"tags":[],"class_list":{"0":"post-2682","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-php-laravel","7":"category-php","8":"nothumb"},"_links":{"self":[{"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/posts\/2682","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2682"}],"version-history":[{"count":2,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/posts\/2682\/revisions"}],"predecessor-version":[{"id":2684,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=\/wp\/v2\/posts\/2682\/revisions\/2684"}],"wp:attachment":[{"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2682"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2682"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dexall.co.jp\/articles\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2682"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}