WordPress 101 with Digital Ocean

WordPress 101 with Digital Oceanwordpress-developer-ct

I use Digital Ocean a great deal for standing up VPS’s in quick time, and having flexibility to kill them when I’m done. When I don’t want to partition off some space on bare-metal and setup dedicated hosting that way, I find virtual VPS’s a good choice. Digital Ocean are exceptional.

I wanted to talk today about the process I go through when setting one up. You can think about this as a beginners guide. At the end, I also go through some of the troubleshooting & problems I often see, for WordPress sites & migrations.

Setting up your WordPress on your VPS

At this stage, I’m going to assume you’ve set up your Linux based VPS (in this example I’m going to assume Ubuntu 14.x) and you’re not quite sure what to do next. You want to set up WordPress though, PHPMyadmin, and you want it to be secure & easily administrable.

Firstly, you’ll need to install WordPress.

Wget http://wordpress.org/latest.tar.gz

This command, or your Linux equivalent, will download the zipped WordPress package right into your home directly.

Now you’ll need to unzip it using;

Tar – xzvf latest.tar.gz

The next thing you will need to do is build a sql user & database. So assuming you have installed SQL you can go ahead and log into the MySQL shell;

Mysql –u –root –p

Once you’re logged in, you will need to create a wordpress database, a user for that database & give that user a password. Let’s build a database called ‘maindatabase’ (obviously you can call it whatever you wish)

CREATE DATABASE wordpress;

Then you need to build a user. Make sure you replace the database with whatever name you have chosen to call your database.

CREATE USER sampleuser@localhost;

The above command will create the user ‘sampleuser’. You should then set the password;

SET PASSWORD FOR sampleuser@localhost= PASSWORD(“passwordhere”);

The command above creates a password called ‘password here’ but obviously you should pick a better password.

Finish up by granting all privileges to this user. This command is really important so don’t forget to run it.

GRANT ALL PRIVILEGES ON wordpressdatabase.* TO sampleuser@localhost IDENTIFIED BY ‘passwordhere’;

Now flush the MySQL instance,

FLUSH PRIVILEGES;

And exit out of MySQL

Exit;

Copying the files

So now we need to move the unzipped files from earlier into the root of the web server. Ready to run WordPress for the first time!

Sudo rsync – avP ~/wordpress/ /var/www/

Finally we need to set the correct permission on the installation. So go to the web directly,

Cd /var/www
Sudo chown sampleuser:www-data /var/www –R
Sudo chmod g+w /var/www –R

From here, you’re very nearly done. You’ll need a specific PHP module installed, so to install that;

Sudo apt-get install php-5.gd

Getting your default SQL password

Now if you’re using a DO VPS, (droplet) you’ll have MySQL installed by default. To install PHPmyadmin you’ll need the default password. You can find this by touching the following file;

Sudo nano /root/.my.cnf 

You’ll see something like the below

1

 

From here, make a note of this as it’s important.

Setting up PHPMyadmin

So go ahead and install PHPMyadmin by running the following command;

Apt-get install –y phpmyadmin

You will have to then touch the apache.conf file to add the following line of code.

Sudo nano /etc/phpmyadmin/apache.conf
‘Include /etc/phpmyadmin/apache.conf 

Once you’ve added that line, restart apache in the normal way

Service apache2 restart

You will then be able to access phpmyadmin by going to %yourIP%/phpmyadmin

phpmyadmin-structure

Login with Root, and the password you made a note of previously.

Pre-installed WP on a DO VPS (Droplet)

You may often spin up a VPS with the majority of the above steps already completed. If this is so then you’ll need to be aware of the following step you’ll just need to do to get to the WP login screen;

Edit the apache.conf file by running the command;

Nano /etc/apache2/apache.conf

Inside this file, you’ll need to find the section which is handling the wp-admin area & serves that page, as it setup for SSH by default, so you’ll need to comment it out. Look for this;

<DirectoryMatch ^.*/wp-admin/>

AuthType Basic

AuthName “Please login to your droplet via SSH for login details.”

AuthUserFile /etc/apache2/.htpasswd

Require valid-user

</DirectoryMatch>

 

Comment the entire section by placing a ‘#’ before each line so it becomes

 

#<DirectoryMatch ^.*/wp-admin/>
#   AuthType Basic
#   AuthName "Please login to your droplet via SSH for login #details."
#   AuthUserFile /etc/apache2/.htpasswd
#   Require valid-user
#</DirectoryMatch>

 

You will then just need to restart apache,

 

Service apache2 restart

 

This will remove the additional password prompt from the administrative areas which is fine, as WordPress is quite capable handling authentication on its own.

Setting up MySQL

When the need arises to install MySQL by yourself on a fresher than fresh virgin VPS, run the following;

Sudo apt-get install mysql-server
Sudo apt-get install mysql-client

But if you already have mysql installed, you’ll get an error first if you don’t purge the existing installation

Sudo apt-get purge mysql-client-core-5.5

You can also check the status of whether the service is running by grepping the service;

Sudo netstat –tap | grep mysql

If you want to start it, you can run the command

Sudo /etc/init.d/mysql restart

 

Setting up a firewall

Using IPTables is out of the scope of this post, you can read about it here but we will use UFW which is an easy front end to managing the IPTables directly. UFW or (Uncomplicated Firewall) is excellent if you’re a Linux newbie but are still wanting to understand security concepts.

So the first thing you will need to do if you don’t already have it installed, is install it;

Sudo apt-get install ufw

Checking the status of the firewall is easy running the command;

Sudo ufw status

You’re expecting it to tell you it’s inactive on first run. That’s ok. We will set it up. So let’s set up some default firewall rules, for allowing and denying connections. UFW’s defaults are to deny all incoming connections and allow all outgoing connections. That’s probably fine for quite a lot of simple web servers.

Sudo ufw default deny incoming
Sudo ufw default allow outgoing

You want to make sure at this stage you don’t end up locking yourself out of your own server. A common newbie error. So do to this, we’ll set up some specific inbound connections, namely TCP/IP, FTP and SSH

Sudo ufw allow ssh
Sudo ufw allow 22/tcp

I also like to allow

Sudo ufw allow www
Sudo ufw allow 21/tcp

There’s heaps more to read about setting up UFW here, but this should get you going. You just now need to switch it on.

Sudo ufw enable

Using WP Cli

There will be times when you need greater flexibility over your WordPress install at server level. Maybe you’re locked out. Maybe you’ve buggered up your Theme or settings file. WP Cli is your friend here & it’s well worth setting it up and getting to know it.

By default, I always like to install it on new client installations of WordPress, as it helps me out when WordPress invariably falls over. So;

Download wp-cli.phar using wget or curl.

curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar

Then, check if it works

php wp-cli.phar --info

To be able to use ‘wp’ as a command, instead of running php wp-cli.phar you need to make the file executable and move it to somewhere in your local path. So for example;

chmod +x wp-cli.phar
sudo mv wp-cli.phar /usr/local/bin/wp

Now you’ll be able to run ‘wp’. Try ‘wp –info’ to test. You’ll most likely need to do run wp –allow-root if you don’t set up the security.

One of my favourite commands is using the search and replace to toggle settings in the database for when you are migrating installation locations & domain bindings

Wp –allow-root search-replace ‘yourdomain’ ‘111.111.111.111’ ---dry-run

 

 

Leave a Reply

Your e-mail address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.