This is an old revision of the document!
- selfhostedwp
- Jonathan Haack
- Haack's Networking
- netcmnd@jonathanhaack.com
selfhostedwp
This tutorial is for setting up a self-hosted WordPress instance on Debian GNU/Linux. This tutorial assumes you already have a LAMP stack with active TLS. If not, you should read the Apache Survival tutorial first and set up a virtual host - site1.com - for this instance. Once you get back over here, begin with some common php extensions needed for Word Press to function:
sudo apt install phpmyadmin apache2-utils php php-mcrypt php-xml php-curl php-gd php-cgi php-cli php-zip php-mysql php-mbstring php-intl php-fpm php-curl php-gd php-mbstring php-mcrypt php-xml php-xmlrpc wget unzip Start
Move index.php to the top priority as follows:
sudo nano /etc/apache2/mods-enabled/dir.conf <DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm>
Above, we installed phpmyadmin, which you should secure as follows:
sudo htpasswd -c /etc/apache2/.phpmyadmin phpmyadmin sudo nano /usr/share/phpmyadmin/.htaccess
Enter the following in the file that opens:
AuthType Basic AuthName "Restricted Files" AuthUserFile /etc/apache2/.phpmyadmin Require valid-user
Close and save the file. Let's set up a database now for the WordPress instance:
sudo mysql -u root -p mysql> CREATE DATABASE databasename DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci; mysql> GRANT ALL ON databasename.* TO 'databaseuser'@'localhost' IDENTIFIED BY 'passwordhere'; mysql> FLUSH PRIVILEGES; mysql> EXIT;
Next up, it is time to allow overrides in your primary apache configuration:
sudo nano /etc/apache2/apache2.conf <Directory /var/www/> ... AllowOverride All ...
Okay, let's now enable fast cgi and rewrite php modules and then check your config.
sudo a2enmod rewrite sudo a2enmod proxy_fcgi sudo apache2ctl configtest
If you have not set the fully qualified domain name, you may get an error - that can safely be ignored unless you desire it. If you want to get rid of that, navigate to ``/etc/apache2/apache.conf`` and enter a ``ServerName``. Otherwise, time to download Word Press:
cd ~/Downloads mkdir wpdownload cd wpdownload curl -O https://wordpress.org/latest.tar.gz tar xzvf latest.tar.gz touch ~/Downloads/wpdownload/wordpress/.htaccess sudo chmod 660 ~/Downloads/wpdownload/wordpress/.htaccess cp ~/Downloads/wpdownload/wordpress/wp-config-sample.php ~/Downloads/wpdownload/wordpress/wp-config.php mkdir ~/Downloads/wpdownload/wordpress/wp-content/upgrade
Okay, we will need the files and directories I created once we get it running. Now, let's move the wordpress directory to the proper location for self-hosting.
sudo cp -ar ~/Downloads/wpdownload/wordpress/* /var/www/site1.com/public_html/ sudo cp -ar ~/Downloads/wpdownload/wordpress/.htaccess /var/www/site1.com/public_html/
Now, let's set up permissions:
sudo chown -R username:www-data /var/www/site1.com/public_html
sudo find /var/www/site1.com/public_html -type d -exec chmod g+s {} \;
sudo chmod g+w /var/www/site1.com/public_html/wp-content
sudo chmod -R g+w /var/www/site1.com/public_html/wp-content/themes
sudo chmod -R g+w /var/www/site1.com/public_html/wp-content/plugins
Ok, time to grab 'secure values' from WP.com and then set up wp-config.php for the installation:
curl -s https://api.wordpress.org/secret-key/1.1/salt/ sudo nano /var/www/site1.com/public_html/wp-config.php <swap the defined values that were obtained from curl with the empty fields in the wp-config.php file>
Enter user name and password for database in wp-config.php:
sudo nano /var/www/site1.com/public_html/wp-config.php
It looks something like this:
/** The name of the database for WordPress */
define('DB_NAME', 'database1name');
/** MySQL database username */
define('DB_USER', 'databaseuser');
/** MySQL database password */
define('DB_PASSWORD', 'passwdhere');
Let's add the following line to the wp-config.php file for updates:
sudo nano /var/www/site1.com/public_html/wp-config.php
<define('FS_METHOD','direct');>
Plug-ins and other WP services can mess with the .htaccess file often, so use this default configuration below when that happens; more templates can be found here: WP Codex
sudo nano /var/www/site1.com/public_html/.htaccess
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Visit wordpress site and configure by opening a web browser of your choice and entering site1.com. Follow the instructions it provides, especially if you do not have a publicly writeable wp-config.php file (which is a good thing). If you need more than one site, but do not want to set up a separate virtual host, for example using subdomain.site1.com, then you should read Word Press Multisite.
– !old school, but good to know how to do! –
You can optionally require an sftp server instead of using the default installer with the ``define('FS_METHOD','direct');`` php line. Here's an example using proftp, which is still maintained:
sudo apt install proftpd ftp ftp-ssl <sudo apt install ftpd-ssl> (not sure if this is needed any longer) cd /etc/proftpd sudo openssl req -new -x509 -days 7305 -nodes -out ftpd-rsa.pem -keyout ftpd-rsa-key.pem sudo nano /etc/proftpd/proftpd.conf <IfModule mod_tls.c> TLSEngine on TLSLog /var/log/proftpd-tls.log TLSProtocol TLSv1 # Are clients required to use FTP over TLS when talking to this server? TLSRequired off TLSRSACertificateFile /etc/proftpd/ftpd-rsa.pem TLSRSACertificateKeyFile /etc/proftpd/ftpd-rsa-key.pem # Authenticate clients that want to use FTP over TLS? TLSVerifyClient off TLSOptions NoSessionReuseRequired </IfModule>
Put this snippet under “#Include /etc/proftpd/tls.conf” and then restart the service:
sudo systemctl restart proftpd.service
Happy content managing.
This tutorial is a designated “Invariant Section” of the “Technotronic” section of Haack's Wiki as described on the Start Page.
— oemb1905 2019/08/09 05:32
