Skip to content

Instantly share code, notes, and snippets.

@mattpatterson94
Last active July 1, 2021 08:26
Show Gist options
  • Save mattpatterson94/3475d7e706c1642ed21cb7e832a8f626 to your computer and use it in GitHub Desktop.
Save mattpatterson94/3475d7e706c1642ed21cb7e832a8f626 to your computer and use it in GitHub Desktop.
WP Server Setup

Set up server for Wordpress

Part 1: Initial Configuration

1. Create new 1GB Digital Ocean Box with Backups enabled.

2. Generate two passwords. One will be used for new user and one for mysql root.

3. Paste Server details and passwords into the spreadsheet

4. ssh into server

5. Create new user deployer. Use one of the passwords generated in step 2.

adduser deployer

6. Add the user to the sudo list

visudo

Add:

deployer    ALL=(ALL:ALL) ALL

7. Update the ssh port to 25000

sudo vim /etc/ssh/sshd_config

Update:

Port 25000

Restart server

service ssh reload

8. Copy your public key to deployer

su deployer
cd
mkdir .ssh
cd .ssh
touch authorized_keys
vim authorized_keys

Paste in key here and save

9 Exit out of deployer session

exit

Part 2: Dependencies

1. Install necessary packages

Please note to use second generated password for mysql when it pops up.

sudo apt-get update
sudo apt-get install -y nginx php-fpm php-mysql php-curl php-gd php-mbstring php-mcrypt php-xml php-xmlrpc mysql-server

2. Configure php

Fix path info:

This is an extremely insecure setting because it tells PHP to attempt to execute the closest file it can find if the requested PHP file cannot be found. This basically would allow users to craft PHP requests in a way that would allow them to execute scripts that they shouldn't be allowed to execute.

sudo vim /etc/php/7.0/fpm/php.ini

Replace:

cgi.fix_pathinfo=0

Restart php:

sudo systemctl restart php7.0-fpm

3. Configure NGINX

sudo vim /etc/nginx/sites-available/default

Delete contents and paste in the following: Make sure you change "server_domain_or_IP" to appropriate.

server {
    listen 80 default_server;
    listen [::]:80 default_server;

    root /var/www/html;
    index index.php index.html index.htm index.nginx-debian.html;

    server_name server_domain_or_IP; // replace this

    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    }

    location ~ /\.ht {
        deny all;
    }
    
    location = /robots.txt { log_not_found off; access_log off; allow all; }
    
    location ~* \.(txt|xml|js)$ {
        expires 8d;
    }

    location ~* \.(css)$ {
        expires 8d;
    }

    location ~* \.(flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav|mp4|m4v|ogg|webm|aac|eot|ttf|otf|woff|svg)$ {
        expires 8d;
    }

    location ~* \.(jpg|jpeg|png|gif|swf|webp)$ {
        expires 8d;
    }
}

And then restart nginx

service nginx restart

Part 3: Setup Wordpress

  1. Configure database
mysql -u root -p

Paste in password set earlier.

Create new database for website. Change "sitename_wp" to something appropriate.

CREATE DATABASE sitename_wp;
  1. Wordpress installation
cd /tmp
curl -O https://wordpress.org/latest.tar.gz
tar xzvf latest.tar.gz
cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
mkdir /tmp/wordpress/wp-content/upgrade
sudo cp -a /tmp/wordpress/. /var/www/html
sudo chown -R deployer:www-data /var/www/html
sudo find /var/www/html -type d -exec chmod g+s {} \;
sudo find /var/www/html -type f -exec chmod 644 {} \;
sudo chmod g+w /var/www/html/wp-content
sudo chmod -R g+w /var/www/html/wp-content/themes
sudo chmod -R g+w /var/www/html/wp-content/plugins
  1. Configure wp-config.php Copy results from:
curl -s https://api.wordpress.org/secret-key/1.1/salt/

Open wp-config.php

sudo vim /var/www/html/wp-config.php

Paste in results from curl request above over the following:

define('AUTH_KEY',         'put your unique phrase here');
define('SECURE_AUTH_KEY',  'put your unique phrase here');
define('LOGGED_IN_KEY',    'put your unique phrase here');
define('NONCE_KEY',        'put your unique phrase here');
define('AUTH_SALT',        'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT',   'put your unique phrase here');
define('NONCE_SALT',       'put your unique phrase here');

Then fill in the following fields

. . .

define('DB_NAME', 'wordpress');

/** MySQL database username */
define('DB_USER', 'root');

/** MySQL database password */
define('DB_PASSWORD', 'password');

. . .

define('FS_METHOD', 'direct');
  1. Visit website from the URL set in the nginx profile.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment