3. Paste Server details and passwords into the spreadsheet
adduser deployer
visudo
Add:
deployer ALL=(ALL:ALL) ALL
sudo vim /etc/ssh/sshd_config
Update:
Port 25000
Restart server
service ssh reload
su deployer
cd
mkdir .ssh
cd .ssh
touch authorized_keys
vim authorized_keys
Paste in key here and save
exit
Please note to use second generated password for mysql when it pops up.
sudo apt-get update
sudo apt-get install -y nginx php-fpm php-mysql php-curl php-gd php-mbstring php-mcrypt php-xml php-xmlrpc mysql-server
Fix path info:
This is an extremely insecure setting because it tells PHP to attempt to execute the closest file it can find if the requested PHP file cannot be found. This basically would allow users to craft PHP requests in a way that would allow them to execute scripts that they shouldn't be allowed to execute.
sudo vim /etc/php/7.0/fpm/php.ini
Replace:
cgi.fix_pathinfo=0
Restart php:
sudo systemctl restart php7.0-fpm
sudo vim /etc/nginx/sites-available/default
Delete contents and paste in the following: Make sure you change "server_domain_or_IP" to appropriate.
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name server_domain_or_IP; // replace this
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
location = /robots.txt { log_not_found off; access_log off; allow all; }
location ~* \.(txt|xml|js)$ {
expires 8d;
}
location ~* \.(css)$ {
expires 8d;
}
location ~* \.(flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav|mp4|m4v|ogg|webm|aac|eot|ttf|otf|woff|svg)$ {
expires 8d;
}
location ~* \.(jpg|jpeg|png|gif|swf|webp)$ {
expires 8d;
}
}
And then restart nginx
service nginx restart
- Configure database
mysql -u root -p
Paste in password set earlier.
Create new database for website. Change "sitename_wp" to something appropriate.
CREATE DATABASE sitename_wp;
- Wordpress installation
cd /tmp
curl -O https://wordpress.org/latest.tar.gz
tar xzvf latest.tar.gz
cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
mkdir /tmp/wordpress/wp-content/upgrade
sudo cp -a /tmp/wordpress/. /var/www/html
sudo chown -R deployer:www-data /var/www/html
sudo find /var/www/html -type d -exec chmod g+s {} \;
sudo find /var/www/html -type f -exec chmod 644 {} \;
sudo chmod g+w /var/www/html/wp-content
sudo chmod -R g+w /var/www/html/wp-content/themes
sudo chmod -R g+w /var/www/html/wp-content/plugins
- Configure wp-config.php Copy results from:
curl -s https://api.wordpress.org/secret-key/1.1/salt/
Open wp-config.php
sudo vim /var/www/html/wp-config.php
Paste in results from curl request above over the following:
define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
define('AUTH_SALT', 'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT', 'put your unique phrase here');
define('NONCE_SALT', 'put your unique phrase here');
Then fill in the following fields
. . .
define('DB_NAME', 'wordpress');
/** MySQL database username */
define('DB_USER', 'root');
/** MySQL database password */
define('DB_PASSWORD', 'password');
. . .
define('FS_METHOD', 'direct');
- Visit website from the URL set in the nginx profile.