{"id":1829,"date":"2019-01-11T23:27:35","date_gmt":"2019-01-11T14:27:35","guid":{"rendered":"http:\/\/blue-bear.jp\/kb\/?p=1829"},"modified":"2019-01-13T17:05:37","modified_gmt":"2019-01-13T08:05:37","slug":"aws-ec2-wordpressbitnami-alb-cloudfront%e3%82%92ssl%e5%8c%96%e3%81%99%e3%82%8b%e6%96%b9%e6%b3%95","status":"publish","type":"post","link":"https:\/\/blue-bear.jp\/kb\/aws-ec2-wordpressbitnami-alb-cloudfront%e3%82%92ssl%e5%8c%96%e3%81%99%e3%82%8b%e6%96%b9%e6%b3%95\/","title":{"rendered":"[AWS] EC2 + WordPress(Bitnami) + ALB + Cloudfront\u3092SSL\u5316\u3059\u308b\u65b9\u6cd5(Elastic IP\u672a\u4f7f\u7528)"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-1831\" src=\"http:\/\/blue-bear.jp\/kb\/wp-content\/uploads\/2019\/01\/alb-cloudfront.png\" alt=\"alb-cloudfront\" width=\"695\" height=\"127\" srcset=\"https:\/\/blue-bear.jp\/kb\/wp-content\/uploads\/2019\/01\/alb-cloudfront.png 695w, https:\/\/blue-bear.jp\/kb\/wp-content\/uploads\/2019\/01\/alb-cloudfront-300x55.png 300w\" sizes=\"(max-width: 695px) 100vw, 695px\" \/>EC2 + WordPress(Bitnami) + ALB + Cloudfront\u3092SSL\u5316\u3059\u308b\u65b9\u6cd5\u306f\u4ee5\u4e0b\u306e\u901a\u308a<\/p>\n<p>\u30ea\u30fc\u30b8\u30e7\u30f3\u3067\u306eElastic IP\u30a2\u30c9\u30ec\u30b9\u3092\u4f7f\u3044\u5207\u3063\u3066\u3057\u307e\u3063\u305f\u304c\u3001\u5225\u9014\u7533\u8acb\u3059\u308b\u306e\u3082\u3081\u3093\u3069\u304f\u3055\u304b\u3063\u305f\u306e\u3067\u3001Cloudfront\u3068Wordpress\u306e\u9593\u306bALB\u3092\u631f\u3093\u3060<\/p>\n<p>\u3053\u308c\u3067EC2\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u306b\u56fa\u5b9aIP(static IP)\u306eElastic IP\u3092\u4f7f\u308f\u306a\u304f\u3066\u3059\u3080\u306e\u3067\u3001Elastic IP\u4e0a\u9650\u554f\u984c\u3082\u89e3\u6c7a<\/p>\n<p>&nbsp;<\/p>\n<h2>\u524d\u63d0\u6761\u4ef6<\/h2>\n<p>wordpress(Bitnami)\u306fAMI\u3092\u4f7f\u7528\u3057\u3066EC2\u4e0a\u306b\u69cb\u7bc9\u6e08\u307f\u3067\u3001\u30c9\u30e1\u30a4\u30f3\u3082\u72ec\u81ea\u30c9\u30e1\u30a4\u30f3\u3092Route53\u306b\u767b\u9332\u6e08\u307f\u3068\u3059\u308b<\/p>\n<p>\u3053\u3053\u3067\u306e\u30c9\u30e1\u30a4\u30f3\u306f\u4eee\u3067www.xxxx.com\u3068\u3059\u308b<\/p>\n<p>&nbsp;<\/p>\n<h2>Application Load Balancer (ALB)\u3092\u4f5c\u6210<\/h2>\n<p>HTTP\u3068HTTPS\u3092\u6271\u3046\u3053\u3068\u304c\u3067\u304d\u308bApplication Load Balancer (ALB)\u3092\u4f5c\u6210\u3059\u308b<\/p>\n<p>\u30ed\u30fc\u30c9\u30d0\u30e9\u30f3\u30b5\u30bf\u30a4\u30d7\u306f\u3001Application Load Balancer (ALB)\u3092\u6307\u5b9a<\/p>\n<h3>\u30ed\u30fc\u30c9\u30d0\u30e9\u30f3\u30b5\u8a2d\u5b9a<\/h3>\n<ul>\n<li>\u540d\u524d\u306f\u9069\u5f53\u306b<\/li>\n<li>Internet\u5074\u3067\u8a2d\u5b9a<\/li>\n<li>\u30ea\u30b9\u30ca\u30fc\u306f80\u756a\u3068443\u756a\u30dd\u30fc\u30c8<\/li>\n<li>\u30a2\u30d9\u30a4\u30e9\u30d3\u30ea\u30c6\u30a3\u30be\u30fc\u30f3\u306fEC2\u30db\u30b9\u30c8\u304c\u5b58\u5728\u3059\u308b\u30be\u30fc\u30f3\u3092\u6307\u5b9a<\/li>\n<li>\u6b21\u3078<\/li>\n<\/ul>\n<h3>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8a2d\u5b9a\u753b\u9762\uff0bACM\u8a3c\u660e\u66f8\u30ea\u30af\u30a8\u30b9\u30c8<\/h3>\n<ul>\n<li>SSL\u901a\u4fe1\u3055\u305b\u308b\u306e\u3067ACM\u3092\u6307\u5b9a\u2192\u300c\u65b0\u3057\u3044\u8a3c\u660e\u66f8\u3092ACM\u3067\u30ea\u30af\u30a8\u30b9\u30c8\u300d<\/li>\n<li>ACM\u3067SSL\u8a3c\u660e\u66f8\u3092\u4f5c\u6210\u2192\u30c9\u30e1\u30a4\u30f3\u306f\u300cwww.xxxx.com\u300d<\/li>\n<li>\u30c9\u30e1\u30a4\u30f3\u3092\u6301\u3063\u3066\u3044\u308b\u8a3c\u660e\u306fRoute53\u9023\u643a\u306b\u3059\u308b\u3068\u697d<\/li>\n<li>\u3057\u3070\u3089\u304f\u3059\u308b\u3068\u30ed\u30fc\u30c9\u30d0\u30e9\u30f3\u30b5\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8a2d\u5b9a\u753b\u9762\u306e\u8a3c\u660e\u66f8\u4e00\u89a7\u306b\u5148\u7a0b\u30ea\u30af\u30a8\u30b9\u30c8\u3057\u305f\u8a3c\u660e\u66f8\u304c\u51fa\u3066\u304f\u308b\u306e\u3067\u6307\u5b9a\u3059\u308b<\/li>\n<li>\u6b21\u3078<\/li>\n<\/ul>\n<h3>\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u8a2d\u5b9a<\/h3>\n<p>\u65b0\u3057\u3044\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u3092\u4f5c\u6210\u3057\u300180\u756a\u3068443\u756a\u300122\u756a\u3092\u8a31\u53ef\u3057\u3066\u304a\u304f<\/p>\n<p>\uff0a\u3059\u3067\u306b\u3042\u308b\u306e\u3067\u3042\u308c\u3070\u3001\u65e2\u5b9a\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u3067\u3082\u826f\u3044<\/p>\n<h3>\u30eb\u30fc\u30c6\u30a3\u30f3\u30b0\u8a2d\u5b9a<\/h3>\n<ul>\n<li>\u30bf\u30fc\u30b2\u30c3\u30c8\u306f80\u756a\u30dd\u30fc\u30c8<\/li>\n<li>\u30bf\u30fc\u30b2\u30c3\u30c8\u30d7\u30ed\u30c8\u30b3\u30eb\u306fHTTP<\/li>\n<li>\u30bf\u30fc\u30b2\u30c3\u30c8\u30bf\u30a4\u30d7\u306f\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9<\/li>\n<li>\u30d8\u30eb\u30b9\u30c1\u30a7\u30c3\u30af\u306f80\u756a\u3067 \/ \u3067\u3088\u3044<\/li>\n<\/ul>\n<h3>\u30bf\u30fc\u30b2\u30c3\u30c8\u306e\u767b\u9332<\/h3>\n<p>WordPress(bitnami)\u304c\u4e57\u3063\u3066\u3044\u308bEC2\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u3092\u30b0\u30eb\u30fc\u30d7\u306b\u8ffd\u52a0<\/p>\n<p>OK\u3067\u767b\u9332\u5b8c\u4e86<\/p>\n<p>\u30ed\u30fc\u30c9\u30d0\u30e9\u30f3\u30b5\u306eDNS\u540d\u3067Wordpress\u306e\u30b5\u30a4\u30c8\u304c\u958b\u3051\u308b\u304b\u78ba\u8a8d<\/p>\n<p>&nbsp;<\/p>\n<h2>Bitnami wordpress\u8a2d\u5b9a\u306e\u5909\u66f4<\/h2>\n<p>SSL\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u6271\u3048\u308b\u3088\u3046\u306b\u4ee5\u4e0b\u306e\u8a2d\u5b9a\u3092\u884c\u3046<\/p>\n<p>\/opt\/bitnami\/apps\/wordpress\/conf\/httpd-prefix.conf<\/p>\n<p>\u306e\u4e00\u756a\u4e0a\u306b\u66f8\u304d\u30b3\u30fc\u30c9\u3092\u8cbc\u308a\u4ed8\u3051<\/p>\n<pre class=\"lang:default decode:true\">SetEnvIf x-forwarded-proto https HTTPS=on<\/pre>\n<p>\/opt\/bitnami\/apps\/wordpress\/htdocs\/wp-config.php<\/p>\n<p>\u306eWP_HOME \u3068 WP_SITEURL\u306e\u5b9a\u7fa9\u306e\u524d\u90e8\u5206\u306b\u8ffd\u8a18\uff08\u524d\u3067\u3042\u308c\u3070\u3069\u3053\u3067\u3082\u3088\u3044\uff09<\/p>\n<pre class=\"lang:default decode:true\">if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)\r\n $_SERVER['HTTPS']='on';<\/pre>\n<h3>DNS\u30c6\u30b9\u30c8<\/h3>\n<p>Route53\u306ewww.xxxx.com\u306eA\u30ec\u30b3\u30fc\u30c9\u3092\u5148\u7a0b\u4f5c\u6210\u3057\u305f\u30ed\u30fc\u30c9\u30d0\u30e9\u30f3\u30b5\u306e\u30a8\u30a4\u30ea\u30a2\u30b9\u306b\u5909\u66f4\u3057\u3066\u3001https:\/\/www.xxxx.com\u3067\u30b5\u30a4\u30c8\u304c\u958b\u3051\u308b\u304b\u78ba\u8a8d<\/p>\n<p>\u305f\u3060\u30b5\u30a4\u30c8\u4e0a\u306e\u30ea\u30f3\u30af\u304chttp:\/\/www.xxxx.com\u306b\u306a\u3063\u3066\u3044\u308b\u306e\u3067\u3001\u5f8c\u307b\u3069\u4fee\u6b63<\/p>\n<p>&nbsp;<\/p>\n<h2>Cloudfront\u306e\u8a2d\u5b9a<\/h2>\n<p>\u5927\u91cf\u30a2\u30af\u30bb\u30b9\u3092\u3055\u3070\u304f\u305f\u3081\u3068\u30ec\u30b9\u30dd\u30f3\u30b9\u30b9\u30d4\u30fc\u30c9\u3092\u5411\u4e0a\u3055\u305b\u308b\u305f\u3081\u306bCDN\u30b5\u30fc\u30d3\u30b9\u3067\u3042\u308bCloudfront\u306e\u8a2d\u5b9a\u3092\u884c\u3046<\/p>\n<ol>\n<li>Web\u306eCloudfront\u3092\u4f5c\u6210<\/li>\n<li>Origin Domain Name\u3068Origin ID\u3092ALB\u306eDNS\u540d\u306b\u8a2d\u5b9a<\/li>\n<li>Viewer Protocol Policy \u3092Redirect HTTP to HTTPS\u306b\u5909\u66f4<\/li>\n<li>Allowed HTTP Methods\u3092GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE\u3092\u9078\u629e<\/li>\n<li>Forward Cookies\u306b\u4e0b\u8a18\u30a2\u30a4\u30c6\u30e0\u3092\u8ffd\u52a0\n<ul>\n<li>Accept<\/li>\n<li>CloudFront-Forwarded-Proto<\/li>\n<li>CloudFront-Is-Desktop-Viewer<\/li>\n<li>CloudFront-Is-Mobile-Viewer<\/li>\n<li>CloudFront-Is-SmartTV-Viewer<\/li>\n<li>CloudFront-Is-Tablet-Viewer<\/li>\n<li>Host\n<ul>\n<li>\uff0aHost\u3092\u8ffd\u52a0\u3057\u306a\u3044\u3068\u30b5\u30a4\u30c8\u4e0a\u306e\u30ea\u30f3\u30af\u304c\u3059\u3079\u3066ALB\u306eDNS\u540d\u306b\u306a\u3063\u3066\u3057\u307e\u3046<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>Forward Cookies\u3092Whitelist\u306b\u8a2d\u5b9a<\/li>\n<li>Whitelist Cookies\u306b\n<ul>\n<li>wordpress_logged_in*<\/li>\n<li>wp-settings*<\/li>\n<\/ul>\n<\/li>\n<li>Query String Forwarding and Caching\u306bForward all, cache based on all\u3092\u8a2d\u5b9a<\/li>\n<li>Alternate Domain Names(CNAMEs)\u306b\u72ec\u81ea\u30c9\u30e1\u30a4\u30f3\u3067\u3042\u308bwww.xxxx.com\u3092\u8a2d\u5b9a<\/li>\n<li>SSL\u8a3c\u660e\u66f8\u306fCustom SSL Certificate\u3092\u6307\u5b9a\u3057\u3001ACM\u306b\u8a3c\u660e\u66f8\u3092\u30ea\u30af\u30a8\u30b9\u30c8\u3059\u308b<\/li>\n<li>\u8a3c\u660e\u66f8\u304c\u30ea\u30b9\u30c8\u306b\u51fa\u3066\u304d\u305f\u3089\u6307\u5b9a<\/li>\n<li>Comment\u306b\u308f\u304b\u308a\u3084\u3059\u3044\u6587\u5b57\u3092\u5165\u308c\u3066\u304a\u304f\u3068\u5f8c\u3067\u4fbf\u5229<\/li>\n<li>OK\u3067\u4f5c\u6210<\/li>\n<\/ol>\n<h3>Behaviors\u3092\u8ffd\u52a0<\/h3>\n<p>Behaviors\u3092\u8ffd\u52a0\u3057\u3066\u7ba1\u7406\u30da\u30fc\u30b8\u306f\u30ad\u30e3\u30c3\u30b7\u30e5\u3057\u306a\u3044\u3088\u3046\u306b\u8a2d\u5b9a\u3057\u3066\u304a\u304f<\/p>\n<ul>\n<li>\/wp-login.php<\/li>\n<li>\/wp-admin\/*<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ol>\n<li>Cache Based on Selected Request Headers\u3092ALL\u306b<\/li>\n<li>Forward Cookies\u3092ALL\u306b<\/li>\n<li>Query String Forwarding and Caching\u3092Forward all, cache based on all\u306b<\/li>\n<\/ol>\n<h3>Route53\u306e\u5909\u66f4<\/h3>\n<p>Status\u304cDeployed\u306b\u306a\u3063\u305f\u3089Route53\u306eA\u30ec\u30b3\u30fc\u30c9\u3092CloudFront\u306e\u30a8\u30a4\u30ea\u30a2\u30b9\u306b\u5909\u66f4<\/p>\n<p>\u305f\u3060\u30b5\u30a4\u30c8\u4e0a\u306e\u30ea\u30f3\u30af\u304chttp:\/\/www.xxxx.com\u306b\u306a\u3063\u3066\u3044\u308b\u306e\u3067Wordpress\u306ePlugin\u3092\u8ffd\u52a0\u3059\u308b<\/p>\n<p>&nbsp;<\/p>\n<h2>SSL Insecure Content Fixer Plugin\u306e\u6709\u52b9\u5316<\/h2>\n<p>wordpress\u306e\u7ba1\u7406\u753b\u9762\u306b\u30ed\u30b0\u30a4\u30f3\u3057\u3066\u3001Plugin\u2192SSL Insecure Content Fixer\u3092\u6709\u52b9\u5316\u3059\u308b<\/p>\n<p>\uff0aBitnami\u306b\u306f\u4e88\u3081SSL Insecure Content Fixer\u304c\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u308b\u3002\u306a\u3051\u308c\u3070Plugin\u3092\u8ffd\u52a0\u3059\u308b<\/p>\n<p>\u8a2d\u5b9a\u2192SSL Insecure Content\u3067HTTPS \u306e\u691c\u51fa\u65b9\u6cd5\u3092HTTP_CLOUDFRONT_FORWARDED_PROTO (Amazon CloudFront HTTPS \u30ad\u30e3\u30c3\u30b7\u30e5\u6e08\u307f\u30b3\u30f3\u30c6\u30f3\u30c4)\u306b\u5909\u66f4<\/p>\n<p>\uff0aPlugin\u304c\u52dd\u624b\u306b\u69cb\u6210\u3092\u89e3\u91c8\u3057\u3066\u63a8\u5968\u306e\u9805\u76ee\u306b\u30de\u30fc\u30af\u3092\u4ed8\u3051\u3066\u304a\u3044\u3066\u304f\u308c\u3066\u3044\u308b<\/p>\n<p>&nbsp;<\/p>\n<p>\u3053\u308c\u3067\u3001\u72ec\u81ea\u30c9\u30e1\u30a4\u30f3\u306b\u30a2\u30af\u30bb\u30b9\u3059\u308b\u3068Cloudfront\u2192ALB\u2192EC2(wordpress bitnami)\u3068\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u304c\u6d41\u308c\u308b<\/p>\n<p>&nbsp;<\/p>\n<p>AMIMOTO\u306eWordpress\u3092SSL\u5316\u3057\u305f\u3044\u5834\u5408\u306f\u3053\u3061\u3089<\/p>\n<blockquote class=\"wp-embedded-content\" data-secret=\"7ecknsUCZd\"><p><a href=\"https:\/\/blue-bear.jp\/kb\/%e6%a1%88%e5%a4%96%e7%b0%a1%e5%8d%98%e3%81%aaaws%e4%b8%8a%e3%81%aewordpress%e3%81%aessl%e5%8c%96\/\">[AMIMOTO] AWS\u4e0a\u306eWordPress\u306eSSL\u5316<\/a><\/p><\/blockquote>\n<p><iframe class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; clip: rect(1px, 1px, 1px, 1px);\" title=\"&#8220;[AMIMOTO] AWS\u4e0a\u306eWordPress\u306eSSL\u5316&#8221; &#8212; Bluebear I\/O\" src=\"https:\/\/blue-bear.jp\/kb\/%e6%a1%88%e5%a4%96%e7%b0%a1%e5%8d%98%e3%81%aaaws%e4%b8%8a%e3%81%aewordpress%e3%81%aessl%e5%8c%96\/embed\/#?secret=7ecknsUCZd\" data-secret=\"7ecknsUCZd\" width=\"600\" height=\"338\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe><\/p>\n<p>&nbsp;<\/p>\n<h2>\u53c2\u8003<\/h2>\n<p><a href=\"https:\/\/docs.bitnami.com\/aws\/how-to\/configure-elb-ssl-aws\/\" target=\"_blank\">https:\/\/docs.bitnami.com\/aws\/how-to\/configure-elb-ssl-aws\/<\/a><\/p>\n<p>https:\/\/dev.classmethod.jp\/cloud\/aws\/cloudfront_elb_ssl_traffic\/<\/p>\n<p>https:\/\/dev.classmethod.jp\/cloud\/cloudfront-elb-ec2-apache-directoryname-redirect\/<\/p>\n","protected":false},"excerpt":{"rendered":"<p>EC2 + WordPress(Bitn<\/p>\n","protected":false},"author":1,"featured_media":45,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2,7],"tags":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/posts\/1829"}],"collection":[{"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/comments?post=1829"}],"version-history":[{"count":6,"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/posts\/1829\/revisions"}],"predecessor-version":[{"id":1836,"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/posts\/1829\/revisions\/1836"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/media\/45"}],"wp:attachment":[{"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/media?parent=1829"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/categories?post=1829"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/tags?post=1829"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}