This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
computing:selfhostedwp [2019/08/18 15:42] – oemb1905 | computing:selfhostedwp [2023/06/29 04:29] – oemb1905 | ||
---|---|---|---|
Line 11: | Line 11: | ||
------------------------------------------- | ------------------------------------------- | ||
- | This tutorial is for setting up a self-hosted WordPress instance on Debian GNU/ | + | This tutorial is for setting up a self-hosted WordPress instance on Debian GNU/Linux. This tutorial assumes you have some familiarity setting up a LAMP stack. If you need help with that, check out [[https:// |
- | sudo apt install php-cgi php-cli php-zip php-mysql php-mbstring php-intl php-fpm php-curl php-gd | + | sudo apt install |
| | ||
- | Okay, let' | + | Sometimes dpkg can choose which version of php you want and it' |
| | ||
+ | sudo apt-get install php8.2-{common, | ||
+ | | ||
+ | In this particular configuration, | ||
+ | | ||
+ | sudo apt remove libapache2-mod-php --purge | ||
+ | sudo a2enmod ssl | ||
+ | sudo a2enmod headers | ||
+ | sudo a2enmod cache | ||
sudo a2enmod rewrite | sudo a2enmod rewrite | ||
+ | sudo a2enmod setenvif | ||
+ | sudo a2dismod php8.2 | ||
+ | sudo a2dismod mpm_prefork | ||
+ | sudo a2enmod mpm_event | ||
+ | sudo a2enmod proxy | ||
sudo a2enmod proxy_fcgi | sudo a2enmod proxy_fcgi | ||
- | sudo a2enconf | + | sudo a2enconf |
+ | sudo a2enconf php8.2-cgi | ||
sudo apache2ctl configtest | sudo apache2ctl configtest | ||
+ | sudo systemctl restart apache2 | ||
+ | sudo systemctl restart php8.2-fpm | ||
| | ||
Move index.php to the top priority as follows: | Move index.php to the top priority as follows: | ||
Line 42: | Line 58: | ||
sudo mysql -u root -p | sudo mysql -u root -p | ||
- | | + | CREATE DATABASE databasename DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci; |
- | | + | GRANT ALL ON databasename.* TO ' |
- | | + | FLUSH PRIVILEGES; |
- | | + | EXIT; |
Next up, it is time to allow overrides in your primary apache configuration: | Next up, it is time to allow overrides in your primary apache configuration: | ||
Line 82: | Line 98: | ||
sudo nano / | sudo nano / | ||
| | ||
- | Let's also add the following line to the '' | + | Let's also add the following line to the '' |
sudo nano / | sudo nano / | ||
< | < | ||
- | | ||
- | Plug-ins and other WP services can mess with the '' | ||
- | sudo nano /var/www/site1.com/public_html/.htaccess | + | Visit wordpress site and configure by opening a web browser of your choice and entering |
+ | |||
+ | apt install memcached | ||
+ | nano / | ||
+ | a2enmod cache | ||
| | ||
- | | + | Put this snippet under '' |
+ | |||
+ | sudo systemctl restart proftpd.service | ||
+ | |||
+ | Optimizing and securing | ||
+ | |||
+ | apt install memcached | ||
+ | nano / | ||
+ | a2enmod cache | ||
+ | a2enmod expires | ||
+ | |||
+ | < | ||
+ | ExpiresActive On | ||
+ | ExpiresByType image/jpg " | ||
+ | ExpiresByType image/jpeg " | ||
+ | ExpiresByType image/gif " | ||
+ | ExpiresByType image/png " | ||
+ | ExpiresByType text/css " | ||
+ | ExpiresByType text/html " | ||
+ | ExpiresByType text/ | ||
+ | ExpiresDefault " | ||
+ | </ | ||
+ | |||
+ | Enable re-writes: | ||
+ | |||
+ | a2enmod rewrite | ||
< | < | ||
- | | + | |
- | RewriteBase / | + | |
- | RewriteRule ^index\.php$ - [L] | + | |
- | RewriteCond %{REQUEST_FILENAME} !-f | + | RewriteRule ^index\.php$ - [L] |
- | RewriteCond %{REQUEST_FILENAME} !-d | + | RewriteCond %{REQUEST_FILENAME} !-f |
- | RewriteRule . /index.php [L] | + | RewriteCond %{REQUEST_FILENAME} !-d |
+ | RewriteRule . /index.php [L] | ||
+ | < | ||
+ | Header set Timing-Allow-Origin " | ||
+ | </ | ||
+ | </ | ||
+ | |||
+ | Enable headers: | ||
+ | |||
+ | a2enmod headers | ||
+ | < | ||
+ | Header always set X-Content-Type-Options " | ||
+ | < | ||
+ | SetEnvIf Origin " | ||
+ | </ | ||
+ | Header set Access-Control-Allow-Origin %{CORS}e env=CORS | ||
+ | Header set Access-Control-Allow-Credentials " | ||
+ | < | ||
+ | Header set X-Frame-Options " | ||
+ | Header set X-XSS-Protection " | ||
+ | Header set X-Download-Options " | ||
+ | Header set X-Permitted-Cross-Domain-Policies " | ||
+ | Header set X-DNS-Prefetch-Control " | ||
+ | Header set Pragma " | ||
+ | Header set Age " | ||
+ | Header set Cache-Control "" | ||
+ | Header set Strict-Transport-Security " | ||
+ | Header set Referrer-Policy "" | ||
+ | Header set Cross-Origin-Embedder-Policy " | ||
+ | Header set Cross-Origin-Opener-Policy " | ||
+ | Header set Report-To ' | ||
+ | Header set Content-Security-Policy " | ||
+ | Header set Referrer-Policy " | ||
+ | Header set Feature-Policy " | ||
+ | </ | ||
</ | </ | ||
- | # END WordPress | ||
- | Visit wordpress site and configure by opening a web browser of your choice and entering site1.com. If you need more than one site, but do not want to set up a separate virtual host, for example using '' | + | Personally, I don't think anyone should be using ftp or even sftp right now, but many still do. If so, here's how to make an sftp server |
You can optionally require an sftp server instead of using the default installer. | You can optionally require an sftp server instead of using the default installer. | ||
Line 110: | Line 186: | ||
sudo openssl req -new -x509 -days 7305 -nodes -out ftpd-rsa.pem -keyout ftpd-rsa-key.pem | sudo openssl req -new -x509 -days 7305 -nodes -out ftpd-rsa.pem -keyout ftpd-rsa-key.pem | ||
sudo nano / | sudo nano / | ||
+ | a2enmod tls | ||
| | ||
< | < | ||
Line 123: | Line 200: | ||
| | ||
</ | </ | ||
- | | ||
- | Put this snippet under ''# | ||
- | | ||
- | sudo systemctl restart proftpd.service | ||
- | |||
- | Happy hacking! | ||
- | --- //[[oemb1905@jonathanhaack.com|oemb1905]] | + | --- //[[jonathan@haacksnetworking.org|oemb1905]] |