22) Installing WordPress

<-- Previous    Next –>

Installing WordPress should be straight forward and should follow the normal method now that you have PHP, Apache and MySQL setup.

Create a new database for your WordPress installation in MySQL using phpMyAdmin web interface.

You will need to create a user / password and one way to do that is to go into phpMyAdmin and run an SQL statement as follows:

GRANT ALL privileges ON wordpressdatabase.* TO ‘username@localhost’ IDENTIFIED BY ‘password’;

(When I did this with mine I did find that I could not connect to the database with the username and password and found that the privileges had not been set in the MySQL database user table. After editing the priviliges to Yes manuaually it did then work so I am not really clear why the privileges statement did not work as expected).

Now download the latest WordPress files from the wordpress.org web site and upload them to your web site area. In my case I am placing them at the root of the web server which is /websites/www/html/

Once you have a working user name you can put that into your WordPress configuration file and then run the WordPress installation script in the normal way.

Correct file permissions

We need to change the file permissions on files and folders for the WordPress site to make sure that the site is secure and also that we can install plugins, themes and to do upgrades.

All files should be 664
All folders should be 775
wp-config.php should be 660

This is what we achieve by setting these permissions:

  • Users may read and modify our files
  • WordPress may create, modify or delete files and folders
  • Other people must not see our database credentials in wp-config.php

Change directory to the root of your web server files then:

sudo find . -type d -exec chmod 0755 {} \;
sudo find . -type f -exec chmod 0644 {} \;
sudo chmod 600 wp-config.php

Why does WordPress ask for ftp details and how to fix it?

You may find that when you install a plugin it returns an error saying that the uploads folder is not writable or it may ask you to enter ftp details. It is doing this probably because WordPress is not running under the correct owner which should be the same owner that Apache is running under.

The easiest way to fix this is to find out what user Apache is running as and change ownership of the WordPress directory to that user. For example, if Apache is running as ‘www-data’, you could use the following commands on your WordPress installation directory:

sudo chown -R www-data: /website/www/html

assuming that the WordPress directory is at /website/www/html

To find out the owner, create a PHP file with the following text:

<?php echo(exec(“whoami”)); ?>

Upload this to your server, display it in your browser and it will show the owner.

Improvements to speed of WordPress

Install a cache plugin such as WP Super Cache.

Security with WordPress

Refer to: http://codex.wordpress.org/Hardening_WordPress

Why are my Pages and Posts prefixed with index.php in the url

This is probably because you have not set the permalinks option. Go to Settings -> Permalinks and select the Post name option.

<-- Previous    Next –>

16) Install phpMyAdmin

<-- Previous    Next –>

So far we have PHP, MySQL and Apache 2 installed on the server now we can install Install phpMyAdmin which is a web application to administer MySQL.

The easiest way to install phpMyAdmin is through apt-get:

sudo apt-get install phpmyadmin

During the installation, phpMyAdmin will walk you through a basic configuration. Once the process starts up, follow these steps:

  • Select Apache2 for the server
  • Choose YES when asked about whether to Configure the database for phpMyAdmin with dbconfig-common
  • Enter your MySQL password when prompted
  • Enter the password that you want to use to log into phpMyAdmin web interface
  • After the installation has completed, add phpMyAdmin to the Apache configuration.
sudo nano /etc/apache2/apache2.conf

Add the following line to the file:

Include /etc/phpmyadmin/apache.conf

This can be placed at the end of the file.

Restart Apache using:

sudo service apache2 restart

You can then access phpMyAdmin by going to http://youripaddress/phpmyadmin.

Security of phpMyAdmin

To add an extra level of security it is recommended to use the htaccess / htpasswd system to stop anyone accessing the web pages.

Set Up the .htaccess File

To set this up, start off by allowing the .htaccess file to work within the phpMyAdmin directory.

sudo nano /etc/phpmyadmin/apache.conf

Under the directory section, add the line “AllowOverride All” under “Directory Index”, so the section will look like this:

<Directory /usr/share/phpmyadmin>
Options FollowSymLinks
DirectoryIndex index.php
AllowOverride All

Configure the .htaccess file

With the .htaccess file allowed, we can proceed to set up an login to access the phpmyadmin web page.

Start by creating the .htaccess page in the phpMyAdmin directory:

sudo nano /usr/share/phpmyadmin/.htaccess

Then enter the following:

AuthType Basic
AuthName “Restricted Files”
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user

Below you’ll see a quick explanation of each line:

AuthType: This refers to the type of authentication that will be used to the check the passwords. The passwords are checked via HTTP and the keyword Basic should not be changed.
AuthName: This is text that will be displayed at the password prompt. You can put anything here.
AuthUserFile: This line designates the server path to the password file (which we will create in the next step.)
Require valid-user: This line tells the .htaccess file that only users defined in the password file can access the phpMyAdmin login screen.

Create the htpasswd file

Now we will go ahead and create the valid user / password information.

Start by creating a htpasswd file. Use the htpasswd command, and place the file in a directory of your choice as long as it is not accessible from a browser. Although you can name the password file whatever you prefer, the convention is to name it .htpasswd.

sudo htpasswd -c /etc/phpmyadmin/.htpasswd username

Where username is the username of your choice.

A prompt will ask you to provide and confirm your password.

Once the username and passwords pair are saved you can see that the password is encrypted in the file.

Now restart Apache:

sudo service apache2 restart

Accessing phpMyAdmin

Now when you go to the web page http://servername/phpmyadmin a login box will be displayed.

Fill it in with the username and password that you generated. After you login you can access phpmyadmin with the MySQL username and password as before.

<-- Previous    Next –>