I try to rely on lightweight and worry-free open source software stack as much as possible. That's why I choose Nginx over Apache HTTP server, and MariaDB over MySQL.
I use vi as a main text editor, therefore all of these steps will be based on vi.
Some of these steps are based on DigitalOcean's guideline.
Having root enabled is unsafe. We should create new user and grant administrative right to newly created user.
adduser demo
At this step, only root will have administrative right; We will give user demo a root privilleadge.
visudo
System will open sudoer file with a text editor, it's nano in my case. Find this line:
# User privilege specification
root ALL=(ALL:ALL) ALL
Then Ctrl-x and Yes to save file.
Some of these steps are based on DigitalOcean's guideline. MySQL to MariaDB migration guide is yet to be complete.
MariaDB is an open source fork of MySQL developed and worked on by the original MySQL developers, lead by Michael “Monty” Widenius. It was created and embraced by the open source community as an effective alternative to MySQL. Although MySQL is still an open source project, it is owned by Oracle, purveyors of their own enterprise software. Worries about the progress of MySQL as well as the status of MySQL as an open source project have prompted the migration to MariaDB.
Go to MariaDB's website and follow on screen instruction. In my case I go for MariaDB version 5.5 which is a stable version.
In my case, I choose Yamagata University's mirror in Japan. Please check with the link above for choosing your nearest mirror site.
sudo apt-get install python-software-properties
sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db
sudo add-apt-repository 'deb http://ftp.yz.yamagata-u.ac.jp/pub/dbms/mariadb/repo/5.5/ubuntu precise main'
Run this command.
sudo mysql_install_db
You probably encounter similar error like:
demo@server$ sudo mysql_install_db
Installing MariaDB/MySQL system tables in '/var/lib/mysql' ...
131204 8:43:27 [ERROR] mysqld: Can't lock aria control file '/var/lib/mysql/aria_log_control' for exclusive use, error: 11. Will retry for 30 seconds
...
What you could do is:
sudo killall mysqld
sudo rm /var/lib/mysql/aria_log_control
sudo mysql_install_db
And you should see this...
demo@server$ sudo mysql_install_db
Installing MariaDB/MySQL system tables in '/var/lib/mysql' ...
OK
Filling help tables...
OK
Full guide is on Digital Ocean's Guideline.
sudo mysql_secure_installation
The script will ask you MariaDB's root password.
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
Once you enter MariaDB's root password, you will see below message; Answer Y if you need to change MariaDB's root password, n if you not going to change it.
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
You already have a root password set, so you can safely answer 'n'.
Change the root password? [Y/n]
Then the script will ask you about removing anonymous users. In my case, I choose Y.
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n]
Allow only localhost connection will make MariaDB accessible from the running host only. I choose Y.
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n]
Then remove test database.
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n]
Then reload privilledge table to ensure all changes made so far will take effect immediately.
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n]
sudo apt-get install nginx
You need to configure Nginx to start automatically.
sudo service nginx start
Open your most favourite web browser (trust me, it should be Mozilla Firefox) and browse to your server's IP address. (aaa.bbb.xxx.yyy), you should see this screen.
Some of these steps are based on Digital Ocean's Guideline.
sudo apt-get install php5-fpm php5-mysql
Open php.ini
sudo vi /etc/php5/fpm/php.ini
Find cgi.fix_pathinfo=1 and replace 1 to 0 for security purpose.
cgi.fix_pathinfo=0
Open www.conf
sudo vi /etc/php5/fpm/pool.d/www.conf
Find listen = 127.0.0.1:9000 and replace 127.0.0.1:9000 to /var/run/php5-fpm.sock.
listen = /var/run/php5-fpm.sock
Then restart php-fpm
sudo service php5-fpm restart
sudo vi /etc/nginx/sites-available/default
Update /etc/nginx/sites-available/default, replace YOURDOMAIN.TLD with your domain name.
[...]
server {
listen 80; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
root /home/demo/www/YOURDOMAIN.TLD;
index index.php index.html index.htm;
# Make site accessible from http://localhost/
server_name YOURDOMAIN.TLD;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.html
try_files $uri $uri/ /index.html;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
[...]
[...]
error_page 404 /404.html;
[...]
[...]
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /home/demo/www/YOURDOMAIN.TLD;
}
[...]
[...]
location ~ \.php$ {
try_files $uri = 404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
[...]
I decided to host all of my Wordpress file in /home/demo for maintainability, therefore we need to create ~/www/YOURDOMAIN.TLD in your home directory.
mkdir -p ~/www/YOURDOMAIN.TLD
vi /home/`demo`/www/YOURDOMAIN.TLD/info.php
Add the following code
<?php
phpinfo();
?>
Save and exit, then restart Nginx
sudo service nginx restart
Open your most favourite web browser (trust me, it should be Mozilla Firefox) and browse to your server's IP address, http://aaa.bbb.xxx.yyy/info.php, you should see this screen.
