WordPress/Installation
From r00tedvw.com wiki
(Difference between revisions)
Line 35: | Line 35: | ||
download the latest version from their latest version URL | download the latest version from their latest version URL | ||
~$ wget http://wordpress.org/latest.tar.gz | ~$ wget http://wordpress.org/latest.tar.gz | ||
+ | As of 10/4/2014 There are no MD5 or GPG verification methods to make sure the copy you've downloaded hasn't been tampered with. Maybe one day the devs of WordPress can join the rest of the Dev community and start taking security seriously. |
Revision as of 16:17, 4 October 2014
Installation done on a VM running Ubuntu 14.04LTS
Download required packages
On a LAMP setup make sure to download the standard packages
~$ sudo apt-get update && sudo apt-get install -y apache2 mysql-server php5-mysql php5 libapache2-mod-php5 php5-mcrypt
If you already have LAMP installed, all WordPress needs is
~$ sudo apt-get update && sudo apt-get install -y php5-gd libssh2-php
Configure MySQL
login to db
~$ mysql -u root -p
Create mysql wordpress user
~$ mysql> CREATE USER 'wordpress'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED'; ~$ mysql> exit
login as new user to verify account works
~$ mysql -u wordpress -p ~$ mysql> exit
create DB
~$ mysql -u root -p ~$ mysql> CREATE DATABASE wordpress;
verify DB creation
~$ mysql> SHOW DATABASES;
assign rights to wiki user for new database created
~$ mysql> GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpress'@'localhost' IDENTIFIED BY 'phpBBuserpassword' WITH GRANT OPTION; ~$ mysql> exit
verify permissions have been granted
~$ mysql -u wordpress -p ~$ mysql> SHOW GRANTS; +------------------------------------------------------------------------------------------------------------------+ | Grants for wordpress@localhost | +------------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'wordpress'@'localhost' IDENTIFIED BY PASSWORD '*XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' | | GRANT ALL PRIVILEGES ON `wordpress`.* TO 'wordpress'@'localhost' WITH GRANT OPTION | +------------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec)
Download Wordpress
download the latest version from their latest version URL
~$ wget http://wordpress.org/latest.tar.gz
As of 10/4/2014 There are no MD5 or GPG verification methods to make sure the copy you've downloaded hasn't been tampered with. Maybe one day the devs of WordPress can join the rest of the Dev community and start taking security seriously.