Skip to content

Instantly share code, notes, and snippets.

@EngKhaledB

EngKhaledB/Setup WordPress on LEMP on Ubuntu 18.04 .md

Last active February 12, 2023 21:27
Show Gist options
  • Save EngKhaledB/afd7a0dc3ae165cc232c73f609c48038 to your computer and use it in GitHub Desktop.
Save EngKhaledB/afd7a0dc3ae165cc232c73f609c48038 to your computer and use it in GitHub Desktop.
Download ZIP
This will Setup WordPress with LEMP Stack, on Ubuntu Server 18.04 with support of SSL
Raw
Setup WordPress on LEMP on Ubuntu 18.04 .md

This will Setup WordPress with LEMP Stack, on Ubuntu Server 18.04 with support of SSL

Update Ubuntu Packages Index

sudo apt update

Install NGINX

sudo apt install nginx

Install MariaDB

sudo apt-get install software-properties-common
sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://mirror.truenetwork.ru/mariadb/repo/10.3/ubuntu bionic main'
sudo apt update
sudo apt install mariadb-server

To set the root password, and secure mariadb

sudo mysql_secure_installation
sudo systemctl restart mariadb.service

Install PHP

Add PHP Sources

sudo apt-add-repository ppa:ondrej/php
sudo add-apt-repository universe
sudo apt-get update

Install PHP Packages

sudo apt install php-fpm php-mysql
sudo apt install php-curl php-gd php-intl php-mbstring php-soap php-xml php-xmlrpc php-zip

Configure NGINX

Create The Website Config File

sudo nano /etc/nginx/sites-available/example.com

Add PHP & WordPress Support

server {
        listen 80;
        root /var/www/html;
        index index.php index.html index.htm index.nginx-debian.html;
        server_name example.com;

        location = /favicon.ico { log_not_found off; access_log off; }
        location = /robots.txt { log_not_found off; access_log off; allow all; }

        location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
                expires max;
                log_not_found off;
        }

        location / {
                #try_files $uri $uri/ =404;
                try_files $uri $uri/ /index.php$is_args$args;
        }

        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
        }

        location ~ /\.ht {
                deny all;
        }
}

Enable the Website

sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/

Test Configurations & Apply

sudo nginx -t
sudo systemctl reload nginx

Add Read/Write Permissions for the NGINX

sudo chown -R www-data:www-data /var/www/html

Setup The Self-Signed SSL Certificate

Create a self-signed key and certificate pair with OpenSSL

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt

Create a strong Diffie-Hellman group

sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048

Create self-signed.conf file

sudo nano /etc/nginx/snippets/self-signed.conf

and add this two lines to the file & Save:

ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;

Create ssl-params.conf file

sudo nano /etc/nginx/snippets/ssl-params.conf

Add this lines to the file and save:

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
ssl_dhparam /etc/ssl/certs/dhparam.pem;

Backup the nginx default config:

sudo cp /etc/nginx/sites-available/example.com /etc/nginx/sites-available/example.com.bak

Edit the config

sudo nano /etc/nginx/sites-available/example.com

Use this config

server {
    listen 80;
    listen [::]:80;

    server_name example.com www.example.com;

    return 302 https://$server_name$request_uri;
}

server {
        listen 443 ssl;
        listen [::]:443 ssl;
        include snippets/self-signed.conf;
        include snippets/ssl-params.conf;

        server_name example.com www.example.com;

        root /var/www/html;
        index index.php index.html index.htm index.nginx-debian.html;

        location = /favicon.ico { log_not_found off; access_log off; }
        location = /robots.txt { log_not_found off; access_log off; allow all; }

        location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
                expires max;
                log_not_found off;
        }

        location / {
                #try_files $uri $uri/ =404;
                try_files $uri $uri/ /index.php$is_args$args;
        }

        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
        }

        location ~ /\.ht {
                deny all;
        }
}

Apply NGINX Changes

sudo systemctl reload nginx

Create WordPress MySQL Database:

mysql -u root -p
CREATE USER 'wordpress'@'localhost' IDENTIFIED BY 'wordpress';
CREATE DATABASE wordpress CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
GRANT ALL PRIVILEGES ON wordpress. * TO 'wordpress'@'localhost';
FLUSH PRIVILEGES;

Import Database?

mysql -u user_name -p database_name < file.sql

Install Mailhog?

Follow this link [https://www.lullabot.com/articles/installing-mailhog-for-ubuntu-1604]

References

https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-ubuntu-18-04 https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-lemp-on-ubuntu-18-04 https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-nginx-in-ubuntu-16-04

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment