Installation of WordPress in Ubuntu 22.04

 

Perform Ubuntu 22.04 update

First, of all, run the system update command to ensure all the packages on our system are up to date and also the APT package index cache is its latest state.

Install Apache

We need an Apache web server and PHP programming language for setting WordPress CMS, Lets install both in this step.

                root@sandip:~# apt install apache2

Once the Apache installation is completed, enable and start its service.

Check status:

We can also check the working of the Apache webserver by accessing its default page. For that open your local system browser that can access the IP address/ domain name of the Ubuntu 22.04 server where you have installed Apache.

Note: server-IP-address with your actual address

                http://103.133.218.68 or http:sandip.sherubtse.edu.bt

 

 

Install MySQL

To install MySQL, which is a database management system that will store all the data for your WordPress site. To install MySQL, run the following command:

During the installation, you will be prompted to set a root password for the MySQL server. Choose a strong password and remember it as you will need it later.

 

Secure the MySQL

After the installation is complete, run the following command to secure the MySQL installation:

 

If you're prompted with the message "Remove anonymous users? (Press y|Y for Yes, any other key for No)", and you want to enhance security, you should press 'y' or 'Y' to remove the anonymous users.

However, before doing this, make sure you have a proper backup and that you understand the implications of removing anonymous users. Ensure that it won't disrupt the functionality of your system if anonymous access is currently required for some legitimate purposes.

If you're prompted with the message "Disallow root login remotely? (Press y|Y for Yes, any other key for No)" and you want to enhance security, you should press 'y' or 'Y' to disallow remote root login.

Here are some reasons why you should disallow root login remotely:

Security: The root user has unrestricted access to all system resources, which makes it a prime target for attackers. Disallowing remote root login reduces the attack surface and makes it harder for malicious actors to gain control of your system.

Logging: By disallowing remote root login, you can enforce a policy of logging in as a regular user and then using sudo or su to escalate privileges when necessary. This allows you to maintain an audit trail of who performed privileged actions on the system.

Protection Against Brute Force Attacks: The root account is often targeted in brute force attacks. Disabling remote root login can help protect your system from these types of attacks.

Principle of Least Privilege: It follows the security principle of least privilege, which means that users should have the minimum level of access necessary to perform their tasks. Allowing root login remotely violates this principle.

Before making this change, ensure that you have alternative methods for gaining root access when necessary, such as using SSH keys or allowing specific users to use the sudo command to execute commands with root privileges.

Remember that changing remote access settings can impact system administration, so make sure you understand the implications and have tested your access methods thoroughly after making this change.

 If you're in a production environment or you're serious about security, it's generally a good idea to remove the test database and access to it. The test database is often created by default during database server installation and might contain sample data and tables that are not needed in a production environment. Allowing access to this database can potentially pose a security risk if it's left exposed.

So, you should press 'y' or 'Y' to remove the test database and access to it, especially in a production or secure environment. This step is part of the process of hardening your database server's security by reducing potential points of vulnerability.

pressing 'y' or 'Y' to reload privilege tables is typically the correct action to apply your changes, but exercise caution and review the changes you've made before confirming.

 

 

 

 

 

After the installation is complete, restart the Apache service by running:

 

 

 

 

Install WordPress

To install the WordPress, first Navigate to the Apache Web root directory by running:

Then, download the latest version of WordPress by running the following command:

Extract the downloaded archive by running:

Ensure the webserver user is given ownership over the entire root directory for the domain.

 

Configure MySQL

WordPress uses a separate SQL database to store the site’s contents and configuration. Use the following commands to create a database and a database user. These steps apply to both MySQL and MariaDB.

Log in to MySQL as root.

Create a database named sandip_db.

Create a new user for the sandip_db database and grant the user all rights. Flush all privileges at the end.

Exit the database.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Completing the installation through the web Interface

Now that the server configuration is complete, you can complete the installation through the web interface.

In your web browser, navigate to your server’s domain name(sandip.sherubtse.edu.bt) or public IP address (103.133.218.68).

                https://server_domain_or_IP

You will be prompted to select the language you would like to use:

Next, you will come to the main setup page.

Select a name for your WordPress site and choose a username. It is recommended to choose something unique and avoid common usernames like “admin” for security purposes. A strong password is generated automatically. Save this password or select an alternative strong password.

Enter your email address and select whether you want to discourage search engines from indexing your site:

 

 

WordPress confirms the account has been successfully created. Click the Log In button to continue to the login screen.

At the login page, enter the user’s name and password for the WordPress account and click Log In.

 

 

 

 

 

 

 

 

Once you log in, you will be taken to the WordPress administration dashboard:

 

At this point, you can begin to design your WordPress website. If this is your first-time using WordPress, explore the interface to get acquainted with your new CMS.

 

 

 

 

 

 

 

 

How to Secure Apache?

Installing Certbot

 

To obtain an SSL certificate with Let’s Encrypt, you need to install the Certbot software on your server.

You need two packages: certbot, and python3-certbot-apache. The latter is a plugin that integrates Certbot with Apache, making it possible to automate obtaining a certificate and configuring HTTPS within your web server with a single command:

 

 

 

 

 

 

 

 

 

 

 

Obtaining an SSL Certificate

Certbot provides a variety of ways to obtain SSL certificates through plugins. The Apache plugin will take care of reconfiguring Apache and reloading the configuration whenever necessary. To use this plugin, run the following:

This script will prompt you to answer a series of questions in order to configure your SSL certificate. First, it will ask you for a valid email address. This email will be used for renewal notifications and security notices:

After providing a valid email address, press ENTER to proceed to the next step. You will then be prompted to confirm if you agree to Let’s Encrypt terms of service. You can confirm by pressing Y and then ENTER:

Next, you’ll be asked if you would like to share your email with the Electronic Frontier Foundation to receive news and other information. If you do not want to subscribe to their content, write N. Otherwise, write Y then press ENTER to proceed to the next step:

Your certificate is now installed and loaded into Apache’s configuration. Try reloading your website using https:// and notice your browser’s security indicator. It should indicate that your site is properly secured, typically by a lock icon in the address bar

 

 

Comments

Post a Comment

Popular posts from this blog

Install Moodle 4.3 on Ubuntu 23.10

Image
Moodle, an acronym for Modular Object-Oriented Dynamic Learning Environment, is a robust open-source platform designed to facilitate online learning and course management. Developed by Martin Dougiamas in 2002, Moodle has evolved into one of the most widely used Learning Management Systems (LMS) globally. Whether you are an educator, administrator, or learner, Moodle offers a robust and flexible environment for creating and participating in online courses. In this tutorial, we will learn how to install Moodle 4.3 with the following specifications: ·          Virtual Cloud Server:  1 CPU, 1 GB RAM, 32 GB Storage ·          Operating System:  Ubuntu 22.04 LTS ·          Subdomain:  admission.sherubtse.edu.bt ·          SSL:  Let’s Encrypt ·          Web Server:...
Read more

Activate window and MS-Office with PowerShell

Image
Step 1: Open PowerShell as Administrator Press the Windows +R key on your keyboard. Type  powershell .                    2.  Right-click Windows PowerShell and choose:           👉 "Run as administrator"               3.   If prompted by the system, click Yes to allow changes.               Step 2: Copy and Paste the Command In the PowerShell window that opens, type or copy-paste this command: C:\Users\San_Deep> irm https://get.activated.win |iex Then press Enter . click 5 on your keyboard to Activate Online using KMS for both window and Office To activate only window, click 1 . And same for activation office only, Click 2 . Otherwise click 4 to activate both office and Window. Step 3:  The script will run. It may show progress bars or status messages like: "Checking Windows version...
Read more

GNS3 installation in Linux

Image
 GNS3 Installation in Linux These instructions are for Ubuntu and all distributions based on it (like Linux Mint).        sandip@MyLap:~$ sudo add-apt-repository ppa:gns3/ppa      sandip@MyLap:~$ sudo apt update      sandip@MyLap:~$ sudo apt install gns3-gui gns3-server (when prompted whether non-root users should be allowed to use wireshark and ubridge, select ‘Yes’ both times) If you want IOU support      sandip@MyLap:~$ sudo dpkg --add-architecture i386      sandip@MyLap:~$ sudo apt update      sandip@MyLap:~$ sudo apt install gns3-iou Install the following packages:      sandip@MyLap:~$ sudo apt-get install apt-transport-https ca-certificates curl software-properties-                common   Import the official Docker GPG key:      sandip@MyLap:~$ curl -fsSL https://download.docker.co...
Read more