使用nginx+hexo搭建静态网站并实现加密

本地环境配置

node、git、hexo

因为插件加密之后排版非常乱，所以考虑的是使用http baisc auth简单加密一下

配置hexo

进入博客目录

$ npm install hexo-cli -g
$ hexo init blog
$ cd blog
$ npm install
$ hexo server

配置主题

安装主题

使用maupassant主题

$ git clone https://github.com/tufu9441/maupassant-hexo.git themes/maupassant
$ npm install hexo-renderer-pug --save
$ npm install hexo-renderer-sass-next --save
$ npm install hexo-generator-search --save
$ npm install hexo-wordcount --save

站点配置文件

站点配置文件

# Hexo Configuration
## Docs: https://hexo.io/docs/configuration.html
## Source: https://github.com/hexojs/hexo/

# Site
title: 01rrors' blog
subtitle: 평화롭고 자유로운 삶이 내가 원하는 삶이다
description: Coding with passion
keywords:
author: 01rrors
language: zh-CN
timezone: ''

# URL
## If your site is put in a subdirectory, set url as 'http://yoursite.com/child' and root as '/child/'
url: http://localhost:4000
root: /
permalink: :title/
permalink_defaults:
pretty_urls:
  trailing_index: true # Set to false to remove trailing 'index.html' from permalinks
  trailing_html: true # Set to false to remove trailing '.html' from permalinks

# Directory
source_dir: source
public_dir: public
tag_dir: tags
archive_dir: archives
category_dir: categories
code_dir: downloads/code
i18n_dir: :lang
skip_render: README.md

# Writing
new_post_name: :title.md # File name of new posts
default_layout: post
titlecase: false # Transform title into titlecase
external_link:
  enable: true # Open external links in new tab
  field: site # Apply to the whole site
  exclude: ''
filename_case: 0
render_drafts: false
post_asset_folder: false
relative_link: false
future: true
highlight:
  enable: true
  line_number: true
  auto_detect: false
  tab_replace: ''
  wrap: true
  hljs: false

# Home page setting
# path: Root path for your blogs index page. (default = '')
# per_page: Posts displayed per page. (0 = disable pagination)
# order_by: Posts order. (Order by date descending by default)
index_generator:
  path: ''
  per_page: 10
  order_by: -date

# Category & Tag
default_category: uncategorized
category_map:
tag_map:

# Metadata elements
## https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta
meta_generator: true

# Date / Time format
## Hexo uses Moment.js to parse and display date
## You can customize the date format as defined in
## http://momentjs.com/docs/#/displaying/format/
date_format: YYYY-MM-DD
time_format: HH:mm:ss
## Use post's date for updated date unless set in front-matter
use_date_for_updated: false

# Pagination
## Set per_page to 0 to disable pagination
per_page: 10
pagination_dir: page

# Include / Exclude file(s)
## include:/exclude: options only apply to the 'source/' folder
include:
exclude:
ignore:

# Extensions
## Plugins: https://hexo.io/plugins/
## Themes: https://hexo.io/themes/
theme: maupassant

# Deployment
## Docs: https://hexo.io/docs/deployment.html
deploy:
  type: git
  repository: https://github.com/xxx/xxx.github.io
  branch: master

注意这里的几个配置，这里的permalink是为了让需要加密的文章生成到指定的public静态页面的指定目录下

url: http://localhost:4000
root: /
permalink: :title/
permalink_defaults:

主题配置文件

disqus:
  enable: false ## If you want to use Disqus comment system, please set the value to true.
  shortname: ## Your disqus_shortname, e.g. username
  api: ## You can visit Disqus comments in China mainland without barriers using Disqus API, e.g. https://disqus.skk.moe/disqus/
  apikey: ## Your API key obtained in Disqus API Application, e.g. yk00ZB1fjYGRkrCrDDRYDUjpp26GJWJiJRZQZ5SY0r3th5FMW6pnSzQMnWH7ua7r
  admin: ## Username of your Disqus moderator, e.g. username
  admin_label: ## The text of Disqus moderator badge, e.g. Mod
uyan: ## Your uyan_id. e.g. 1234567
livere: ## Your livere data-uid, e.g. MTAyMC8zMDAxOC78NTgz
changyan: ## Your changyan appid, e.g. cyrALsXc8
changyan_conf: ## Your changyan conf, e.g. prod_d8a508c2825ab57eeb43e7c69bba0e8b
gitalk: ## See: https://github.com/gitalk/gitalk
  enable: false ## If you want to use Gitment comment system please set the value to true.
  owner: ## Your GitHub ID, e.g. username
  repo: ## The repository to store your comments, make sure you're the repo's owner, e.g. gitalk.github.io
  client_id: ## GitHub client ID, e.g. 75752dafe7907a897619
  client_secret: ## GitHub client secret, e.g. ec2fb9054972c891289640354993b662f4cccc50
  admin: ## Github repo owner and collaborators, only these guys can initialize github issues.
valine: ## See: https://valine.js.org
  enable: false ## If you want to use Valine comment system, please set the value to true.
  appid: ## Your LeanCloud application App ID, e.g. pRBBL2JR4N7kLEGojrF0MsSs-gzGzoHsz
  appkey: ## Your LeanCloud application App Key, e.g. tjczHpDfhjYDSYddzymYK1JJ
  serverURLs: ## If you are the "LeanCloud" in China, then this option is not mandatory to fill out. REST API Server Url" of your "LeanCloud, e.g. https://prbbl2jr.api.lncldglobal.com
  notify: false ## Mail notifier, see https://github.com/xCss/Valine/wiki/Valine-评论系统中的邮件提醒设置
  verify: false ## Validation code.
  placeholder: Just so so ## Comment box placeholders.
  avatar: "mm" ## Gravatar type, see https://github.com/xCss/Valine/wiki/avatar-setting-for-valine
  pageSize: 10 ## Number of comments per page.
  guest_info: nick,mail,link ## Attributes of reviewers.
minivaline: ## See: https://github.com/MiniValine/MiniValine
  enable: false ## If you want to use MiniValine comment system, please set the value to true.
  appId: ## Your LeanCloud application App ID, e.g. pRBBL2JR4N7kLEGojrF0MsSs-gzGzoHsz
  appKey: ## Your LeanCloud application App Key, e.g. tjczHpDfhjYDSYddzymYK1JJ
  placeholder: Write a Comment ## Comment box placeholder.
  adminEmailMd5: ## The MD5 of Admin Email to show Admin Flag.
  math: true ## Support MathJax.
  md: true ## Support Markdown.
  # MiniValine's display language depends on user's browser or system environment
  # If you want everyone visiting your site to see a uniform language, you can set a force language value
  # Available values: en  | zh-CN | (and many more)
  # More i18n info: https://github.com/MiniValine/minivaline-i18n
  lang:
waline: ## See: https://waline.js.org/
  enable: false ## If you want to use Waline comment system, please set the value to true.
  serverURL: ## Your server url, e.g. https://your-domain.vercel.app
  pageSize: 30 ## The desired number of comments shown in each page.
  wordLimit: 500 ## Limit the number of words in comments, 0 means no limit.
  requiredMeta: ['nick','mail'] ## Required user information, e.g. ['nick','mail','link']
  count: 5 ## The number comments displayed in the recent_comments widget, default is 10.
utterances: ## See: https://utteranc.es
  enable: false ## If you want to use Utterances comment system, please set the value to true.
  repo: ## The repository utterances will connect to, e.g. tufu9441/comments
  identifier: title ## The mapping between blog posts and GitHub issues.
  theme: github-light ## Choose an Utterances theme which matches your blog.
twikoo: ## See: https://twikoo.js.org
  enable: false ## If you want to use twikoo comment system, please set the value to true.
  envId: ## Tencent CloudBase envId
  region: ## Tencent CloudBase region, e.g. ap-shanghai
  path: ## Article path, e.g. window.location.pathname

google_search: false ## Use Google search, true/false.
baidu_search: false ## Use Baidu search, true/false.
swiftype: ## Your swiftype_key, e.g. m7b11ZrsT8Me7gzApciT
self_search: true ## Use a jQuery-based local search engine, true/false.
google_analytics: ## Your Google Analytics tracking id, e.g. UA-42425684-2
baidu_analytics: ## Your Baidu Analytics tracking id, e.g. 8006843039519956000
microsoft_clarity: ## Your Microsoft Clarity tracking id, e.g. zg2ctuea9j
fancybox: true ## If you want to use fancybox please set the value to true.
show_category_count: false ## If you want to show the count of categories in the sidebar widget please set the value to true.
toc_number: true ## If you want to add list number to toc please set the value to true.
shareto: false ## If you want to use the share button please set the value to true, and you must have hexo-helper-qrcode installed.
busuanzi: false ## If you want to use Busuanzi page views please set the value to true.
wordcount: true ## If you want to display the word counter and the reading time expected to spend of each post please set the value to true, and you must have hexo-wordcount installed.
widgets_on_small_screens: false ## Set to true to enable widgets on small screens.
canvas_nest:
  enable: false ## If you want to use dynamic background please set the value to true, you can also fill the following parameters to customize the dynamic effect, or just leave them blank to keep the default effect.
  color: ## RGB value of the color, e.g. "100,99,98"
  opacity: ## Transparency of lines, e.g. "0.7"
  zIndex: ## The z-index property of the background, e.g. "-1"
  count: ## Quantity of lines, e.g. "150"
donate:
  enable: false ## If you want to display the donate button after each post, please set the value to true and fill the following items on your need. You can also enable donate button in a page by adding a "donate: true" item to the front-matter.
  github: ## GitHub URL, e.g. https://github.com/Kaiyuan/donate-page
  alipay_qr: ## Path of Alipay QRcode image, e.g. /img/AliPayQR.png
  wechat_qr: ## Path of Wechat QRcode image, e.g. /img/WeChatQR.png
  btc_qr: ## Path of Bitcoin QRcode image, e.g. /img/BTCQR.png
  btc_key: ## Bitcoin key, e.g. 1KuK5eK2BLsqpsFVXXSBG5wbSAwZVadt6L
  paypal_url: ## Paypal URL, e.g. https://www.paypal.me/tufu9441
post_copyright:
  enable: false ## If you want to display the copyright info after each post, please set the value to true and fill the following items on your need.
  author: ## Your author name, e.g. tufu9441
  copyright_text: ## Your copyright text, e.g. The author owns the copyright, please indicate the source reproduced.
love: false ## If you want the love to appear when you click anywhere, set the value to true.
plantuml: ## Using PlantUML to generate UML diagram, must install hexo-filter-plantuml (https://github.com/miao1007/hexo-filter-plantuml).
  render: "PlantUMLServer" ## Local or PlantUMLServer.
  outputFormat: "svg" ## Common options: svg/png
copycode: true ## If you want to enable one-click copy of the code blocks, set the value to true.
dark: false ## If you want to toggle between light/dark themes, set the value to true.
totop: true ## If you want to use the rocketship button to return to the top, set the value to true.
external_css: false ## If you want to load an external CSS file, set the value to true and create a file named "external.css" in the source/css folder.
post_content_length: 180 ## Set the length of the post summary displayed on home page when no description written.
icp: ## China mainland only, show icp info on the bottom.

menu:
  - page: home
    directory: .
    icon: fa-home
  - page: archive
    directory: archives/
    icon: fa-archive
  - page: about
    directory: about/
    icon: fa-user
  - page: rss
    directory: atom.html
    icon: fa-rss

widgets: ## Seven widgets in sidebar provided: search, info, category, tag, recent_posts, recent_comments and links.
  - search
  - info
  - category
  - recent_posts
  - recent_comments
  - links

info:
  avatar: /img/avatar.png
  discription: Coding with passion
  outlinkitem:
    - name: twitter
      outlink: https://www.baidu.com/123123123123fffasdasd
      message: Twitter
    - name: envelope
      outlink: mailto:admin@domain.com
      message: Email
    - name: github
      outlink: https://www.baidu.com/123123123123fffasdasd
      message: Github
    - name: rss
      outlink: /atom.xml
      message: RSS

links:
  - title: 아이유
    url: https://www.instagram.com/dlwlrma/
    src: https://www.instagram.com/dlwlrma/
    desc: IU
  - title: 문채원
    url: https://www.instagram.com/moonchaewon_official/
    src: https://www.instagram.com/moonchaewon_official/
    desc: Mun Chae-won
  - title: 신혜선
    url: https://www.instagram.com/shinhs831/
    src: https://www.instagram.com/shinhs831/
    desc: shinhs

timeline:
  - num: 1
    word: 2014/06/12-Start
  - num: 2
    word: 2014/11/29-XXX
  - num: 3
    word: 2015/02/18-DDD
  - num: 4
    word: More

# Static files
js: js
css: css

# Theme version
version: 1.0.0

注意这里的

- page: rss
  directory: atom.html
  icon: fa-rss

需要在source目录下新建一个atom.html，是为了点击rss订阅的时候访问到这个html，至于这个html里面是什么内容就自定义了

网站头像

themes\maupassant\source\img下的avatar.png是头像，要求200*200

归档页等

$ hexo new page about
$ hexo new page tags
$ hexo new page categories
$ hexo new page search

categories中的md文件

---
title: categories
date: 2020-06-01 13:28:26
type: categories
---

search中的md文件

---
title: search
date: 2020-06-01 13:42:39
layout: search
---

tags中的md文件

---
title: tags
date: 2020-06-01 13:27:39
type: tags
---

markdown格式

如果是一般的（非加密访问的）

---
title: 32位进程注入64位payload的方法
date: 2024-05-20 00:00:00
categories: 
- Windows逆向
toc: true
---

如果是加密的，需要通过permalink属性指定生成的静态html文件的路径，注意这里的encrypt前面没有/，便于后续通过http basic authentication保护目录

---
title: 安卓逆向-某点app的so层逆向
date: 2025-05-28 00:00:00
categories: 
- 实战
toc: true
permalink: encrypt/安卓逆向-某点app的so层逆向/
---

批量处理md文件加上前缀信息的代码如下，因为我懒得一个个加了，批量处理目录，因为hexo默认不显示一级目录

import os
from datetime import datetime, timedelta

# 起始日期
base_date = datetime(2025, 5, 20, 0, 0, 0)

# 分类名
category = "实战"

# 获取当前目录下所有 .md 文件（不递归）
md_files = [f for f in os.listdir('.') if f.endswith('.md') and os.path.isfile(f)]
md_files.sort()

# 创建 output 目录
output_dir = 'output'
os.makedirs(output_dir, exist_ok=True)

for idx, filename in enumerate(md_files):
    with open(filename, 'r', encoding='utf-8') as f:
        content = f.read()

    if content.strip().startswith('---'):
        print(f"❌ 跳过已有 front-matter 的文件：{filename}")
        continue

    # 构建 front-matter
    title = os.path.splitext(filename)[0]
    file_date = base_date + timedelta(days=idx)
    front_matter = f"""---\ntitle: {title}\ndate: {file_date.strftime('%Y-%m-%d %H:%M:%S')}\ncategories: \n- {category}\ntoc: true\npermalink: encrypt/{title}/\n---\n\n"""

    # 处理内容：下调标题等级，跳过代码块
    lines = content.splitlines()
    in_code_block = False
    processed_lines = []

    for line in lines:
        stripped = line.strip()

        # 判断代码块起止 ``` 或 ```lang
        if stripped.startswith("```"):
            in_code_block = not in_code_block
            processed_lines.append(line)
            continue

        if not in_code_block and stripped.startswith("#"):
            # 是标题：逐级加一个 #，最多加到6个
            level = len(line) - len(line.lstrip('#'))
            rest = line.lstrip('#')
            new_level = min(level + 1, 6)
            new_line = '#' * new_level + rest
            processed_lines.append(new_line)
        else:
            processed_lines.append(line)

    modified_content = '\n'.join(processed_lines)
    new_content = front_matter + modified_content

    # 写入 output 目录中的新文件
    output_path = os.path.join(output_dir, filename)
    with open(output_path, 'w', encoding='utf-8') as f:
        f.write(new_content)

    print(f"已生成：{output_path}")

服务器配置

创建普通权限用户

# 登录 VPS，创建低权限用户 webuser
adduser webuser

# 创建网站目录
mkdir -p /home/webuser/site

# 修改所有者为 webuser
chown -R webuser:webuser /home/webuser/site

用低权限用户登陆ssh，把public下的所有文件拖到目录下

然后root执行（后面不说明都是默认root执行）

apt update
apt install nginx apache2-utils -y

创建认证文件

# 替换 your-username 为你想要的用户名
htpasswd -c /etc/nginx/conf.d/.htpasswd your-username

用root把证书文件丢到服务器上

网站配置文件如下zeroerrors.xyz.conf

server {
    listen 80;
    server_name zeroerrors.xyz;
    return 301 https://$host$request_uri;  # 自动跳转 HTTPS
}

server {
    listen 443 ssl;
    server_name zeroerrors.xyz;

    ssl_certificate     /etc/nginx/ssl/zeroerrors.xyz.pem;
    ssl_certificate_key /etc/nginx/ssl/zeroerrors.xyz.key;

    root /home/ibcsyYHYAC_cvYTDxq/site;
    index index.html;

    location / {
        try_files $uri $uri/ =404;
    }

    location /encrypt/ {
        auth_basic "who are you? ¬_¬ ";
        auth_basic_user_file /etc/nginx/conf.d/.htpasswd;
        try_files $uri $uri/ =404;
    }
}

普通用户下修改目录权限

# 给主目录执行权限（允许 nginx 进入）
chmod +x /home/webuser

# 给 site 目录读取权限
chmod -R o+r /home/webuser/site
chmod -R o+x /home/webuser/site

最好直接把环境搭建在服务器上，把web目录指向public

root执行

curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
sudo apt install -y nodejs
node -v
npm -v
sudo apt install git
sudo npm install -g hexo-cli

普通用户直接npm安装包之后同上