wiki:WordPress

Version 34 (modified by admin, 4 years ago) (diff)

--

Install notes

Packages

sudo apt-get install mcrypt php5-curl
  • Purpose: FIXME: what needs this?
sudo apt-get install php5-gd
  • Purpose: the wordpress installation form requires this.

MySQL

sudo apt-get install mysql-server
mysql -u root -p
CREATE DATABASE wordpress;
CREATE USER wordpressuser@localhost;
SET PASSWORD FOR wordpressuser@localhost= PASSWORD("PASSWORD_GOES_HERE");
GRANT ALL PRIVILEGES ON wordpress.* TO wordpressuser@localhost IDENTIFIED BY 'PASSWORD_GOES_HERE_TOO';
FLUSH PRIVILEGES;
exit
  • Purpose: WordPress uses mysql as a database engine.

Apache

Module Configuration

sudo a2dismod autoindex
sudo a2enmod rewrite
sudo service apache2 restart
  • Purpose: this disables autoindex (lowering the information we provide to a potential attacker), and adds 'rewrite' rule support, which wordpress uses for permalinks.

Remove lines containing 'allowoverride' from /etc/apache2/sites-available/000-default. these cause apache to ignore .htaccess files, breaking wordpress permalinks.

  • purpose: to allow for permalinks to function correctly.

index.html

sudo rm -f /var/www/index.html
  • Purpose: so that index.php is the default page served when wordpress is running.

SSH

sudo apt-get install fail2ban
  • Purpose: to block out 'dictionary attacks' on SSH.

proftpd

sudo apt-get install proftpd
  • select 'stand alone' when prompted.

add a name for the local host to /etc/hosts. make sure there is an entry for looking up the output name from hostname.

  • Purpose: WordPress uses FTP to modify its own configuration files, and upload modules.

Proftpd Permission Fixups

change Umask line to 002 in /etc/proftpd/proftpd.conf

Add the following sections to proftpd.conf

<directory /var/www/>
GroupOwner www-data
UserOwner $UNPRIVILEGED_USER
Umask 002
<Limit SITE_CHMOD>
       DenyAll
</Limit>
</directory>

<directory /disk1/>
GroupOwner www-data
UserOwner $UNPRIVILEGED_USER
Umask 002
<Limit SITE_CHMOD>
       DenyAll
</Limit>
</directory>

Don't forget to change out the UNPRIVILEGED_USER above.

  • purpose: wordpress uses this FTP access to update files. adding these configurations forces wordpress to not 'step on its own toes' when updating files.
  • purpose: we also add files which wordpress needs to get access to on the /disk1/ partition.

/disk1

Find a large partition, or large raid array, and mount it at /disk1/ .

  • Purpose: a large file store.

User Permission Modifications

sudo usermod -a -G www-data $UNPRIVILEDGED_USER
  • purpose: to add our unprivileged user to the www-data group, allowing this user and www-data access to the same files.

Ubuntu Changes

WordPress Installation on Ubuntu

follow the directions at http://www.digitalocean.com/community/articles/how-to-install-wordpress-on-ubuntu-12-04

  • purpose: to allow david to use this server for wordpress sites.

php.ini Changes

  • Change max_file_uploads to 40.
  • Change upload_max_filesize to 2.5G.
  • Change post_max_size to 2G.
  • Change memory_limit to 256M.
  • Change max_execution_time to 300.
  • purpose: woocommerce is larger than the default 8M/2M, and therefore requires upping the post_max_size and the upload_max_filesize.
  • purpose: FIXME, much of this is untested magic.

Debian Changes

WordPress Installation on Debian

Following a modified version of the ubuntu directions above.

cd ~
wget http://wordpress.org/latest.tar.gz
tar -xzvf latest.tar.gz
cp ~/wordpress/wp-config-sample.php ~/wordpress/wp-config.php

Edit the file ~/wordpress/wp-config.php

  • Change the DB_NAME, DB_USER, and DB_PASSWORD configurations appropriately.
sudo rsync -avP ~/wordpress/ /var/www/

Common Changes, round 2

wordpress memory allocation

sudo vi /var/www/wp-config.php

add the following 2 lines:

/* changes for required wordpress modules */
define('WP_MAX_MEMORY_LIMIT', '192M');
define('WP_MEMORY_LIMIT', '128M');

FTP Variables

AFTER following the below wordpress installation directions, add the following 3 lines(and 1 comment) to /var/www/wp-config.php:

/* changes for ftp */
define('FTP_USER', 'USERNAME_GOES_HERE');
define('FTP_PASS', 'PASSWORD_GOES_HERE');
define('FTP_HOST', 'localhost');

don't forget to swap out the username and the password.

File System Permissions

After the wordpress installation:

sudo chmod -R 775 /var/www/
sudo chown -R $UNPRIVILEGED_USER.www-data /var/www/

Don't forget to change out the UNPRIVILEGED_USER above.

  • Purpose: this forces files updated by our user / wordpress to be editable by both, through the group permissions.

Speed Improvements

  • Install bind9.
  • modify /etc/resolv.conf to use 127.0.0.1 for dns lookups.
  • purpose: this will prevent us from depending on comcast's DNS servers, and instead cache values ourselves, and use the root DNS servers.

Ubuntuism

  • turn off dnssec in /etc/bind9/named.conf.local

createvmisms

  • translate to the real outside address:
    • edit /var/www/wp-config.php, and add the following:
      $_SERVER['HTTP_HOST'] = $_SERVER['HTTP_X_FORWARDED_HOST'];
      define('WP_HOME', 'http://3dp.faikvm.com/');
      define('WP_SITEURL', 'http://3dp.faikvm.com');
      
      $_SERVER['REQUEST_URI'] = str_replace("wordpress","" , $_SERVER['REQUEST_URI']);