WordPress/Installation
Line 48: | Line 48: | ||
~$ tar -C /home/admin/ -zxf wordpress4.0.tar.gz | ~$ tar -C /home/admin/ -zxf wordpress4.0.tar.gz | ||
~$ sudo cp -r /home/admin/wordpress/* /var/www/yoursite.com/ | ~$ sudo cp -r /home/admin/wordpress/* /var/www/yoursite.com/ | ||
+ | ==Configure WordPress== | ||
+ | within the wordpress directory, or your site directory, copy the sample config file so it becomes the base wp config file | ||
+ | ~$ cp wp-config-sample.php wp-config.php | ||
+ | edit the config file to add DB info. You can also make other changes if you like, but they are not needed in a default install. | ||
+ | ~$ vi wp-config.php | ||
+ | ... | ||
+ | // ** MySQL settings - You can get this info from your web host ** // | ||
+ | /** The name of the database for WordPress */ | ||
+ | define('DB_NAME', 'database_name_here'); | ||
+ | |||
+ | /** MySQL database username */ | ||
+ | define('DB_USER', 'username_here'); | ||
+ | |||
+ | /** MySQL database password */ | ||
+ | define('DB_PASSWORD', 'password_here'); | ||
+ | |||
+ | /** MySQL hostname */ | ||
+ | define('DB_HOST', 'localhost'); | ||
+ | |||
+ | /** Database Charset to use in creating database tables. */ | ||
+ | define('DB_CHARSET', 'utf8'); | ||
+ | it would also be a good idea to SALT your authentication and cookies. go to https://api.wordpress.org/secret-key/1.1/salt/ and it will auto generate random salts. You can change these at any time to invalidate all cookies given out forcing users to log back in. | ||
+ | define('AUTH_KEY', 'mMHx%-{<+&.P~c27Yw;jQ*,bp*%W4vPF#/vo_[Q`My07j*zXj27PRumC-|4mhCV)'); | ||
+ | define('SECURE_AUTH_KEY', 'cu#`Jh,?^}jh%~#NE/:hzB<iCMf$@D| 4/ov|-OHrA=`/%? k15|T}k^kl2%ZaGP'); | ||
+ | define('LOGGED_IN_KEY', 'w!Ur~brqVe~B]-M^^YQ]gc[oo9oKsg.M//TH=k#mf_#Kq>AKbMih|B(8yuE`~dlI'); | ||
+ | define('NONCE_KEY', '(+1vx]Q;)%&3Z}j1[${Q#/F5i465kTrOEG{hyM<|dv hfV2U%|@M6m|Fn9EnE1}^'); | ||
+ | define('AUTH_SALT', 'W((kWAX/0`-VZ`#30)0]:&D}c0KZg|aMhF5=L6wtJotRA2}DeD;,(YC_m67aq) W'); | ||
+ | define('SECURE_AUTH_SALT', 'D?fyi DhO&98g,R^+h[= XyeEp+Y?WcNDUv@!:1^PoNUD4xa|ko/a}mK*0i!w3{b'); | ||
+ | define('LOGGED_IN_SALT', '}=JeV6A!uhkMC2hYH2Bwr-ME%|nnr!rvPH9Lt/S8Z%i>Z5s=<%x4F[NsUl3`Q.m{'); | ||
+ | define('NONCE_SALT', 'H4{=At.DFY+rUv{~L|fKbn/]W_UY-`EcUc`Su$LU|wdI@qi/>*z~g!qB+;/K|asG'); |
Revision as of 16:59, 4 October 2014
Installation done on a VM running Ubuntu 14.04LTS
Contents |
Download required packages
On a LAMP setup make sure to download the standard packages
~$ sudo apt-get update && sudo apt-get install -y apache2 mysql-server php5-mysql php5 libapache2-mod-php5 php5-mcrypt
If you already have LAMP installed, all WordPress needs is
~$ sudo apt-get update && sudo apt-get install -y php5-gd libssh2-php
Configure MySQL
login to db
~$ mysql -u root -p
Create mysql wordpress user
~$ mysql> CREATE USER 'wordpress'@'localhost' IDENTIFIED BY 'THISpasswordSHOULDbeCHANGED'; ~$ mysql> exit
login as new user to verify account works
~$ mysql -u wordpress -p ~$ mysql> exit
create DB
~$ mysql -u root -p ~$ mysql> CREATE DATABASE wordpress;
verify DB creation
~$ mysql> SHOW DATABASES;
assign rights to wiki user for new database created
~$ mysql> GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpress'@'localhost' IDENTIFIED BY 'phpBBuserpassword' WITH GRANT OPTION; ~$ mysql> exit
verify permissions have been granted
~$ mysql -u wordpress -p ~$ mysql> SHOW GRANTS; +------------------------------------------------------------------------------------------------------------------+ | Grants for wordpress@localhost | +------------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'wordpress'@'localhost' IDENTIFIED BY PASSWORD '*XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' | | GRANT ALL PRIVILEGES ON `wordpress`.* TO 'wordpress'@'localhost' WITH GRANT OPTION | +------------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec)
Download Wordpress
download the latest version from their latest version URL
~$ wget http://wordpress.org/latest.tar.gz
probably would be a good idea to rename the tarball as it's not very descriptive
~$ $ mv ./latest.tar.gz ./wordpress4.0.tar.gz
As of 10/4/2014 There are no MD5 or GPG verification methods to make sure the copy you've downloaded hasn't been tampered with. Maybe one day the devs of WordPress can join the rest of the Dev community and start taking security seriously.
create your site's directory where wordpress will live. If you're using a subsite design make sure to create the directories in the same path structure.
~$ mkdir /var/www/yoursite.com/
make sure your apache user has appropriate permissions to write to this directory
~$ chown www-data:www-data /var/www/yoursite.com/
export the downloaded tar to the site directory
~$ tar -C /var/www/yoursite.com/ -zxf wordpress4.0.tar.gz
this will create a directory called wordpress. If you dont want this and prefer the wordpress files to live in the parent directory, i'd instead do it this way
~$ tar -C /home/admin/ -zxf wordpress4.0.tar.gz ~$ sudo cp -r /home/admin/wordpress/* /var/www/yoursite.com/
Configure WordPress
within the wordpress directory, or your site directory, copy the sample config file so it becomes the base wp config file
~$ cp wp-config-sample.php wp-config.php
edit the config file to add DB info. You can also make other changes if you like, but they are not needed in a default install.
~$ vi wp-config.php ... // ** MySQL settings - You can get this info from your web host ** // /** The name of the database for WordPress */ define('DB_NAME', 'database_name_here'); /** MySQL database username */ define('DB_USER', 'username_here'); /** MySQL database password */ define('DB_PASSWORD', 'password_here'); /** MySQL hostname */ define('DB_HOST', 'localhost'); /** Database Charset to use in creating database tables. */ define('DB_CHARSET', 'utf8');
it would also be a good idea to SALT your authentication and cookies. go to https://api.wordpress.org/secret-key/1.1/salt/ and it will auto generate random salts. You can change these at any time to invalidate all cookies given out forcing users to log back in.
define('AUTH_KEY', 'mMHx%-{<+&.P~c27Yw;jQ*,bp*%W4vPF#/vo_[Q`My07j*zXj27PRumC-|4mhCV)'); define('SECURE_AUTH_KEY', 'cu#`Jh,?^}jh%~#NE/:hzB<iCMf$@D| 4/ov|-OHrA=`/%? k15|T}k^kl2%ZaGP'); define('LOGGED_IN_KEY', 'w!Ur~brqVe~B]-M^^YQ]gc[oo9oKsg.M//TH=k#mf_#Kq>AKbMih|B(8yuE`~dlI'); define('NONCE_KEY', '(+1vx]Q;)%&3Z}j1[${Q#/F5i465kTrOEG{hyM<|dv hfV2U%|@M6m|Fn9EnE1}^'); define('AUTH_SALT', 'W((kWAX/0`-VZ`#30)0]:&D}c0KZg|aMhF5=L6wtJotRA2}DeD;,(YC_m67aq) W'); define('SECURE_AUTH_SALT', 'D?fyi DhO&98g,R^+h[= XyeEp+Y?WcNDUv@!:1^PoNUD4xa|ko/a}mK*0i!w3{b'); define('LOGGED_IN_SALT', '}=JeV6A!uhkMC2hYH2Bwr-ME%|nnr!rvPH9Lt/S8Z%i>Z5s=<%x4F[NsUl3`Q.m{'); define('NONCE_SALT', 'H4{=At.DFY+rUv{~L|fKbn/]W_UY-`EcUc`Su$LU|wdI@qi/>*z~g!qB+;/K|asG');