Ubuntu – WordPress Install

Posted on By David Kittell

These steps are based on Ubuntu 14.10 Server 64-bit but can be applied to virtually any Debian based UNIX distribution.

  1. Download Ubuntu
  2. Install Ubuntu
  3. Configure Ubuntu
  4. Install WordPress
  5. Configure WordPress
  6. Backup/Restore MySQL Database

Download Ubuntu

First we must download the Ubuntu DVD image, it is recommended to download straight from the official Ubuntu.com site.
For this document we will use Ubuntu 14.10 64-bit downloaded from http://releases.ubuntu.com/releases/14.10/ubuntu-14.10-server-amd64.iso

Install Ubuntu

  1. Load the computer with the DVD (created from the ISO) or VM with the ISO
  2. Select the language (English)
    Note: Unless otherwise stated you can simply tap the enter/return key on your keyboard to progress to the next screen.
    Image 1
  3. Select “Install Ubuntu Server”

    Image 2
  4. Select the language again (English)

    Image 3
  5. Select your location (United States)

    Image 4
  6. Select a keyboard layout
  7. Type in a hostname for the server. This should be descriptive to the server’s purpose ex. WordPressSvr1

    Image 8
  8. Type a user’s full name, this is different than the username ex. John Doe

    Image 9
  9. Type a username, this is the login name that you will need to use.

    Image 10

    • NOTE: If you receive this screen choose “Continue”, you will need to choose a different username

      Image 11
    • Confirm the Full name and “Continue”

      Image 9
    • Correct the invalid issue and “Continue”

      Image 12
  10. Type a password, this should follow your company’s password requirements if you have any.

    Image 13
  11. Confirm the password

    Image 14
  12. Suggested But Optional – Encrypt home directory. If you select this option everything in the user’s directory will be encrypted.

    Image 15
  13. Make sure the installer detected the time zone correctly, typically you select Yes

    Image 16
  14. Similar to Microsoft Windows’ BitLocker you have the option to encrypt the entire drive and boot loader.

    Image 17
    Encrypt the drive and boot loader choose the third option “Guided – use entire disk and set up encrypted LVM”
    If you select this option you will get a prompt asking for an encryption key and to confirm that key.
  15. Select the disk you want to use (typically only one option)

    Image 18
  16. Confirm your choice, this is typically the last chance you have to cancel the format of the hard drive

    Image 19
  17. Select an Encryption passphrase

    Image 20
  18. Confirm the Encryption passphrase

    Image 21
  19. Type the amount of the volume group to use. (Typically use the amount that’s already on the screen)

    Image 22
  20. Confirm the write changes

    Image 23
  21. If you need to use a HTTP proxy type it in otherwise just tap the enter/return key to continue

    Image 24
  22. Depending on your company policies it may be best to select “No automatic updates” so an Admin can install the needed updates

    Image 25
  23. On this screen only select “OpenSSH server”, you select by using the up and down arrows to move the cursor and then the space bar to select the item.

    Image 26
  24. Typically you would say yes to the installation of the GRUB boot loader.
    NOTE: Even if this is not the primary operating system this is suggested

    Image 27
  25. Ubuntu is now installed. If you are on a non-VM system remove the DVD. Tap the enter/return key to finish and reboot

    Image 28

Configure Ubuntu

  1. If you encrypted the LVM you will start with this screen, type in the passphrase you created

    Image 29
  2. Depending on what you typed for your hostname you may see something different from “KDUbuntu” but this is your login screen.
    Login with the username you created earlier
    Image 30
  3. After you successfully login, you need to setup a root password.
    • Type “sudo passwd”
    • Type in your username’s password
    • Type in a password for root (should be different than your username’s password)
    • Confirm the password for root
    Terminal Command
    sudo passwd


    Image 31

  4. Start ssh services with “sudo service ssh restart”
    Terminal Command
    sudo service ssh restart
  5. Type “ifconfig” to get the IP address of the server, in the example below the IP is 10.0.2.15
    Terminal Command
    ifconfig

    With this IP you should now connect via Putty to make the rest of the changes.

    Image 32

  6. Within Putty, once logged in as root run the following commands:
    Update Ubuntu - Depending on network speed this could take some time
    sudo apt-get update && sudo apt-get upgrade && sudo apt-get check && sudo apt-get autoremove && sudo apt-get autoclean && sudo apt-get clean
    Install NTP Client
    sudo apt-get --assume-yes install ntp
    Set Time Zone
    sudo timedatectl set-timezone America/Detroit
    Update Date/Time
    sudo service ntp restart && sudo ntpdate -s ntp.ubuntu.com
    Install Apache
    sudo apt-get --assume-yes install apache2 apache2-mpm-prefork
    Configure Apache
    sed -i 's/#ServerName www.example.com/ServerName wpsvr/g' /etc/apache2/sites-available/000-default.conf
     
    sed -i 's|DocumentRoot /var/www/html|DocumentRoot /var/www/html\n<Directory /var/www/html/>\nAllowOverride All\n</Directory>|g' /etc/apache2/sites-available/000-default.conf
    Install Sendmail
    sudo apt-get install sendmail
    Install VSFTPD
    sudo apt-get --assume-yes install vsftpd
    Configure VSFTPD
    sed -i 's/anonymous_enable=YES/anonymous_enable=NO/g' /etc/vsftpd.conf
    sed -i 's/local_enable=NO/local_enable=YES/g' /etc/vsftpd.conf
    sed -i 's/#local_enable=YES/local_enable=YES/g' /etc/vsftpd.conf
    sed -i 's/#write_enable=YES/write_enable=YES/g' /etc/vsftpd.conf
    sed -i 's/#ftpd_banner=Welcome to blah FTP service./ftpd_banner=Welcome to the FTP service./g' /etc/vsftpd.conf
    ln -s /var/www/html /home/wpadmin/html
    sudo service vsftpd restart
    Install PHP
    sudo apt-get --assume-yes install php5 libapache2-mod-php5 php5-mcrypt php5-cli php5-cgi php5-common php5-curl php5-dbg php5-xcache php5-gd libssh2-php
    Configure PHP
    mv -i /etc/php5/conf.d/mcrypt.ini /etc/php5/mods-available/
    Configure PHP MCrypt
    php5enmod mcrypt

    Create Test PHP File
    echo ‘<?php phpinfo(); ?>’ > /var/www/html/testphp.php

    Turn On PHP Error Display - NOT RECOMMENDED FOR PRODUCTION
    sed -i 's/display_errors = Off/display_errors = On/g' /etc/php5/apache2/php.ini
    Turn Off PHP Error Display - DEFAULT & RECOMMENDED FOR PRODUCTION
    sed -i 's/display_errors = On/display_errors = Off/g' /etc/php5/apache2/php.ini
    Start/Restart Apache
    sudo /etc/init.d/apache2 restart
  7. Load the testphp.php in a web browser
    http://(IP or Hostname)/testphp.php
  8. Install MySQL, when you run the below script you will get prompted for a root password for MySQL (see screenshots)
    Install MySQL
    sudo apt-get --assume-yes install mysql-server  mysql-client libapache2-mod-auth-mysql php5-mysql phpmyadmin
    • Type a password for root access

      Image 35
    • Confirm the root password

      Image 36
    • Select apache2 (space bar selects) to configure PHPMyAdmin and continue

      Image 37
    • Select no to configure automattically and continue

      Image 38
    • Type the MySQL root password you just created

      Image 39
    • Create a default access password for PHPMyAdmin

      Image 40
    • Confirm the default access password

      Image 41
  9. Run the MySQL security installation, you get will prompted screens:
    Terminal Script
    sudo /usr/bin/mysql_secure_installation
    • Type in the root MySQL password (tap the enter/return key)
    • Type n (tap the enter/return key)
    • Type y (tap the enter/return key) to remove anonymous access
    • Type y (tap the enter/return key) to disallow root remote access
    • Type y (tap the enter/return key) to remove the test database and the access to it
    • Type y (tap the enter/return key) to reload the priviledge tables
    Restart Apache
    sudo /etc/init.d/apache2 restart

Install WordPress

  1. Download the latest released version of WordPress
    Download WordPress
    mkdir /var/www/serversetup/
    wget --no-check-certificate http://wordpress.org/latest.tar.gz -O /var/www/serversetup/WordPress_`date +"%m-%d-%Y"`.tar.gz
  2. Create the database and a user for WordPress to use.
    For our purposes the values we use can be changed to suit your needs:

    • Database: Site1WPDB
    • Username: Site1WPUSR
    • Password: Site1WPUSRPWD
    MySQL
    mysql -h localhost -u root -p
    CREATE DATABASE IF NOT EXISTS Site1WPDB;
    CREATE USER 'Site1WPUSR'@'localhost' IDENTIFIED BY 'Site1WPUSRPWD';
    GRANT ALL ON Site1WPDB.* TO 'Site1WPUSR'@'localhost';
    FLUSH PRIVILEGES;
    Exit;
  3. Extract WordPress
    tar zxvf /var/www/serversetup/WordPress_`date +"%m-%d-%Y"`.tar.gz -C /var/www/serversetup
  4. Configure WordPress
    For our purposes the values we use can be changed to suit your needs:

    • Database: Site1WPDB
    • Username: Site1WPUSR
    • Password: Site1WPUSRPWD
    Configure WordPress
    cd /var/www/serversetup/wordpress
    cp wp-config-sample.php wp-config.php
    sed -i 's/database_name_here/Site1WPDB/g' wp-config.php
    sed -i 's/username_here/Site1WPUSR/g' wp-config.php
    sed -i 's/password_here/Site1WPUSRPWD/g' wp-config.php
    rm /var/www/html/index.html && rm /var/www/html/testphp.php
    mv -v /var/www/serversetup/wordpress/* /var/www/html/
    cd /var/www/html
    echo '<IfModule mod_rewrite.c>' > .htaccess
    echo 'RewriteEngine On' >> .htaccess
    echo 'RewriteBase /' >> .htaccess
    echo 'RewriteRule ^index.php$ - [L]' >> .htaccess
    echo 'RewriteCond %{REQUEST_FILENAME} !-f' >> .htaccess
    echo 'RewriteCond %{REQUEST_FILENAME} !-d' >> .htaccess
    echo 'RewriteRule . /index.php [L]' >> .htaccess
    echo '</IfModule>' >> .htaccess
    sudo adduser wpadmin www-data
    chown wpadmin:www-data -R /var/www
    chmod 0775 -R /var/www
    chmod g+s -R /var/www
    chmod -v 604 /var/www/html/.htaccess
    chmod -v 600 /var/www/html/wp-config.php
    chmod -R 777 /var/www/html/wp-content/uploads
  5. Now go to http://(IP or Hostname)/ to finish the setup

    Image 42

    • “Site Title” is the title of the site
    • “Username” is the admin user that you will primary use for administration tasks
      Suggestion: Do not use admin, webmaster, administrator
    • “Password”, type your desired password
      If you do not have a strong password it will warn you but you can check a check box to allow the weak password – NOT RECOMMENDED
    • “Your E-mail” is the email address for the admin of the site, best to make this a distribution list of trusted individuals otherwise the email of the administrator account
    • “Privacy”, typically if the site is internal you want to uncheck the check box otherwise you want search engines to see you.
    • When ready click on the “Install WordPress” button
    • You are now ready to login

Configure WordPress

Two Factor Auth

This plugin is to add security to the WordPress site by requiring all users to use a two factor authentication so that simply having the password won’t let a potential hacker in.

Setup

  1. Install from http://(IP or Hostname)/wp-admin/plugin-install.php?tab=plugin-information&plugin=two-factor-auth&TB_iframe=true&width=772&height=799
  2. On the Plugins page, activate the Two Factor Auth plugin
  3. Click on the Settings link, by default all user types are required to use the two factor process
  4. Click on “Two Factor Auth” link just above the “Tools” menu link

    Image 43

    There are two delivery types; Email and Third Party Apps
    Note: Whether you choose Email or Third Party Apps the users will initially get emailed their one time code when they login for the first time.

  5. Select “Third party apps (Duo Mobile, Google Authenticator etc)”
  6. With your phone scan the QR-Code on the screen using one of the tested apps
    • Android – Duo Mobile or Google Authenticator
    • iPhone – Duo Mobile
    • Windows Phone – Windows Authenticator
  7. Scroll to the bottom of the page to find “Advanced”, click on “Show advanced info” it is suggested to keep it on “TOTP (time based)”
  8. Click on “Save Changes” button.
  9. Log out of the site
  10. Log back in, type in your username and password then click on the “Log In” button

    Image 44
  11. Type in the six digit number on your phone app or that you recieved in your email

    Image 45

Support

If you forget/lose the authentication codes you need to terminal into the server and run the disable script.

Disable Script
mv /var/www/html/wp-content/plugins/two-factor-auth/ /var/www/html/wp-content/plugins/two-factor-auth_disabled/

Once you are able to get back in run the enable script

Enable Script
mv /var/www/html/wp-content/plugins/two-factor-auth_disabled/ /var/www/html/wp-content/plugins/two-factor-auth/

Backup/Restore MySQL Database

The purpose of this step is to have a quick repeatable command to backup and restore a database.
Log in a your username (not root) and run this command
For our purposes the values we use can be changed to suit your needs:

  • Database: Site1WPDB
  • Username: Site1WPUSR
  • Password: Site1WPUSRPWD
Secure Login Credentials
echo '[mysqldump]'> ~/.my.cnf;
echo 'user=Site1WPUSR'>> ~/.my.cnf;
echo 'password=Site1WPUSRPWD' >> ~/.my.cnf;
chmod 0600 ~/.my.cnf
Backup Script
mysqldump -u Site1WPUSR Site1WPDB > ~/WordPress_DB_Backup_`date +"%m-%d-%Y_%I-%M-%S"`.sql
tar -zcvf WordPress_Site_Backup_`date +"%m-%d-%Y_%I-%M-%S"`.tar.gz /var/www/html

Make sure you modify the date of the file to what you want to restore from.

Restore Script
mysql -u Site1WPUSR Site1WPDB < ~/WordPress_DB_Backup_08-27-2015.sql
Originally Posted on September 2, 2015
Last Updated on May 31, 2017
All information on this site is shared with the intention to help. Before any source code or program is ran on a production (non-development) system it is suggested you test it and fully understand what it is doing not just what it appears it is doing. I accept no responsibility for any damage you may do with this code.
Code MySQL PHP Ubuntu UNIX Shell Scripts WordPress

Related Posts

Ektron Find Replace In Library

Posted on

This script will search and replace specific library links SET XACT_ABORT ON DECLARE @currurl NVARCHAR(500) DECLARE @newurl NVARCHAR(500) DECLARE @search NVARCHAR(500) DECLARE @replace VARCHAR(500) SET @search = ” –string to find SET @replace = ” –replacement string DECLARE @pos INT DECLARE @id BIGINT BEGIN TRAN DECLARE curs CURSOR LOCAL FAST_FORWARD…

Read More

PowerShell – Lock Workstation

Posted on

This is a great script to add to a setup script to lock the workstation after everything is done or before everything starts Function Lock-WorkStation { $signature = @" [DllImport("user32.dll", SetLastError = true)] public static extern bool LockWorkStation(); "@ $LockWorkStation = Add-Type -memberDefinition $signature -name "Win32LockWorkStation" -namespace Win32Functions -passthru $LockWorkStation::LockWorkStation()…

Read More

Alter Table Column Data Type

Posted on

ALTER TABLE <schemaName>.<tableName> ALTER COLUMN <columnName> nvarchar(200) [NULL|NOT NULL] Example: ALTER TABLE datatable1 Alter column datatable1column1 varchar(255) null Originally Posted on October 10, 2013Last Updated on October 26, 2015 All information on this site is shared with the intention to help. Before any source code or program is ran on…

Read More