Difference between revisions of "Joomla 3"

From SME Server
Jump to navigationJump to search
(Add suggestion to force secure connections for remote users.)
m (→‎Set the PHP version for the ibay: libmcrypt dependency is in epel repo)
 
(7 intermediate revisions by one other user not shown)
Line 1: Line 1:
{{WIP box}}
 
 
{{Level|Medium|These instructions assume familiarity with basic shell commands}}
 
{{Level|Medium|These instructions assume familiarity with basic shell commands}}
 
[[Category:Howto|J]] [[Category:Webapps]]
 
[[Category:Howto|J]] [[Category:Webapps]]
Line 7: Line 6:
 
[http://www.joomla.org/ Joomla!] is a powerful, flexible content management system (CMS) that is in wide use across the Internet.  This How-To will cover configuration of the SME 9.0 server to support Joomla! 3, and installation of Joomla! 3 on the SME 9.0 server.  It will not cover configuration or use of Joomla! itself; those subjects are covered by the Joomla! documentation and many other sources.
 
[http://www.joomla.org/ Joomla!] is a powerful, flexible content management system (CMS) that is in wide use across the Internet.  This How-To will cover configuration of the SME 9.0 server to support Joomla! 3, and installation of Joomla! 3 on the SME 9.0 server.  It will not cover configuration or use of Joomla! itself; those subjects are covered by the Joomla! documentation and many other sources.
  
As of this writing, the most recent version of Joomla! 3 is 3.3.6.  This version requires PHP 5.3.10 or greater, which is a greater version than installed by default with SME 9.0.  You can either upgrade PHP following [[Upgrade php/mysql|these instructions]], or install Joomla! 3.2.7, which will work with the stock version of PHP.
+
As of this writing, the most recent version of Joomla! 3 is 3.3.6.  This version requires PHP 5.3.10 or greater, which is a greater version than installed by default with SME 9.0.  To avoid potential conflicts with packages in SME server which depend on the stock version of PHP, you will use [[PHP Software Collections]] to install a newer version alongside the installed version. Install and configure that contrib before proceeding with these instructions.
  
Installation of Joomla! involves creating an ibay to house Joomla!, creating a MySQL user for Joomla!, downloading and extracting the Joomla! package, and going through the Joomla! web setup.
+
Installation of Joomla! involves creating an ibay to house Joomla!, creating a MySQL user for Joomla!, downloading and extracting the Joomla! package, and going through the Joomla! web setup.  In the text boxes below, commands you type will be in '''bold''', while any response from the system will be in normal print.
  
 
===Create the ibay===
 
===Create the ibay===
 
Create an ibay for Joomla! to live in.  You can call it anything you want, but I'll use joomla for this example.  I used the following settings:
 
Create an ibay for Joomla! to live in.  You can call it anything you want, but I'll use joomla for this example.  I used the following settings:
 
[[File:joomla_ibay.png]]
 
[[File:joomla_ibay.png]]
 +
 
If you expect to give remote users the ability to log in, you should probably set "Force secure connections" to "Enabled".
 
If you expect to give remote users the ability to log in, you should probably set "Force secure connections" to "Enabled".
 +
 +
===Set the PHP version for the ibay===
 +
Browse to the PHP-SCL versions panel in the server manager (if you don't see it, return to the [[PHP Software Collections]] page and complete the installation).  Select php55 as the version for your ibay.
 +
 +
You will also need to install a PHP module which doesn't come installed as a default. This also requires libmcrypt, which is available from the [[epel]] repository. So you need to enable the [[epel]] repository first, then:
 +
yum install libmcrypt --enablerepo=epel
 +
 +
Then from the command line:
 +
[root@e-smith ~]# '''yum --enablerepo=remi install php54-php-mcrypt php55-php-mcrypt php56-php-mcrypt'''
  
 
===Create the MySQL user===
 
===Create the MySQL user===
Line 42: Line 51:
  
 
===Download and extract the Joomla! package===
 
===Download and extract the Joomla! package===
Download the Joomla! package (either version 3.2.7 if you have chosen not to upgrade PHP, or the most recent version if you have upgraded PHP) to joomla/html and unzip it.  You can do this from the command line like this (substituting the link for the most recent version).  These commands will also move the .zip file out of your web-accessible space, and set ownership and permissions appropriately.
+
Download the Joomla! package to joomla/html and unzip it.  You can do this from the command line like this (substituting the link for the most recent version).  These commands will also move the .zip file out of your web-accessible space, and set ownership and permissions appropriately.
  
 
  [root@e-smith ~]# '''cd ~joomla/../html'''
 
  [root@e-smith ~]# '''cd ~joomla/../html'''
Line 72: Line 81:
  
 
===Security===
 
===Security===
I wanted to restrict access to the administration backend to my LAN, so an outside user couldn't even get to the login page.  To do this, I created an .htaccess file like this:
+
Two possible security measures are to restrict access to the administration backend to users on your LAN, and to enable two-factor authentication.
  
  [root@e-smith html]# '''nano administrator/.htaccess'''
+
====Restrict access to backend====
 +
I wanted to restrict access to the administration backend to my LAN, so an outside user couldn't even get to the login page.  To do this, I created a custom template fragment:
 +
 
 +
[root@e-smith ~]# '''mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf'''
 +
  [root@e-smith ~]# '''cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf'''
 +
[root@e-smith httpd.conf]# '''nano -w 92Joomla'''
  
 
The contents of the file look like this:
 
The contents of the file look like this:
  
 +
# /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/92Joomla
 +
<Directory /home/e-smith/files/ibays/'''joomla'''/html/administrator>
 
  Order Deny,Allow
 
  Order Deny,Allow
 
  Deny from all
 
  Deny from all
  Allow from 192.168.x.0/24
+
  Allow from 192.168.'''0'''.0/24
 +
</Directory>
 +
 
 +
You'll need to change the directory name to reflect your ibay name, and the "Allow" IP range to reflect your LAN IP address range.  Then, expand the template and restart Apache:
 +
 
 +
[root@e-smith httpd.conf]# '''expand-template /etc/httpd/conf/httpd.conf'''
 +
[root@e-smith httpd.conf]# '''service httpd-e-smith restart'''
 +
Restarting httpd-e-smith                                  [  OK  ]
 +
 
 +
====Enable two-factor authentication====
 +
Two-factor authentication allows you to use Google Authenticator, or any compatible app or device, to further secure your installation by requiring a six-digit PIN that changes every 30 seconds.  You can require this for all users, or specific users.  Enabling this is part of the Joomla! configuration, and is not discussed here.
 +
 
 +
==Removing Joomla!==
 +
 
 +
To remove Joomla! from your system, you will need to remove the ibay, the database, the database user, and the httpd.conf template fragment, if you added one.
 +
 
 +
===Remove the ibay===
 +
Remove the ibay using the server-manager
 +
 
 +
===Remove the database and database user===
 +
[root@e-smith html]# '''mysql'''
 +
mysql> '''revoke all privileges from joomla@localhost;'''
 +
mysql> '''drop user joomla@localhost;'''
 +
mysql> '''drop database joomla;'''
 +
mysql> '''quit'''
 +
 
 +
===Remove the httpd.conf template fragment===
 +
[root@e-smith html]# '''rm /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/92Joomla'''
 +
[root@e-smith httpd.conf]# '''expand-template /etc/httpd/conf/httpd.conf'''
 +
[root@e-smith httpd.conf]# '''service httpd-e-smith restart'''
 +
Restarting httpd-e-smith                                  [  OK  ]
  
--[[User:DanB35|DanB35]] ([[User talk:DanB35|talk]]) 20:01, 10 October 2014 (CEST)
+
--[[User:DanB35|DanB35]] ([[User talk:DanB35|talk]]) 23:54, 10 October 2014 (CEST)

Latest revision as of 10:20, 13 March 2016

PythonIcon.png Skill level: Medium
These instructions assume familiarity with basic shell commands


Installing Joomla! 3 on SME Server 9.0

Overview

Joomla! is a powerful, flexible content management system (CMS) that is in wide use across the Internet. This How-To will cover configuration of the SME 9.0 server to support Joomla! 3, and installation of Joomla! 3 on the SME 9.0 server. It will not cover configuration or use of Joomla! itself; those subjects are covered by the Joomla! documentation and many other sources.

As of this writing, the most recent version of Joomla! 3 is 3.3.6. This version requires PHP 5.3.10 or greater, which is a greater version than installed by default with SME 9.0. To avoid potential conflicts with packages in SME server which depend on the stock version of PHP, you will use PHP Software Collections to install a newer version alongside the installed version. Install and configure that contrib before proceeding with these instructions.

Installation of Joomla! involves creating an ibay to house Joomla!, creating a MySQL user for Joomla!, downloading and extracting the Joomla! package, and going through the Joomla! web setup. In the text boxes below, commands you type will be in bold, while any response from the system will be in normal print.

Create the ibay

Create an ibay for Joomla! to live in. You can call it anything you want, but I'll use joomla for this example. I used the following settings: Joomla ibay.png

If you expect to give remote users the ability to log in, you should probably set "Force secure connections" to "Enabled".

Set the PHP version for the ibay

Browse to the PHP-SCL versions panel in the server manager (if you don't see it, return to the PHP Software Collections page and complete the installation). Select php55 as the version for your ibay.

You will also need to install a PHP module which doesn't come installed as a default. This also requires libmcrypt, which is available from the epel repository. So you need to enable the epel repository first, then:

yum install libmcrypt --enablerepo=epel

Then from the command line:

[root@e-smith ~]# yum --enablerepo=remi install php54-php-mcrypt php55-php-mcrypt php56-php-mcrypt

Create the MySQL user

You should set up a database user just for Joomla!, rather than using the root user. To do this, log in to your SME server as root and do the following:

[root@e-smith ~]# mysql
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 110981
Server version: 5.1.73 Source distribution

Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> grant all on joomla.* to joomla@localhost identified by 'password';
Query OK, 0 rows affected (0.05 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.01 sec)

mysql> quit
Bye

You should, of course, replace 'password' above with a secure password.

Download and extract the Joomla! package

Download the Joomla! package to joomla/html and unzip it. You can do this from the command line like this (substituting the link for the most recent version). These commands will also move the .zip file out of your web-accessible space, and set ownership and permissions appropriately.

[root@e-smith ~]# cd ~joomla/../html
[root@e-smith html]# wget https://github.com/joomla/joomla-cms/releases/download/3.3.6/Joomla_3.3.6-Stable-Full_Package.zip
[root@e-smith html]# unzip Joomla_3.3.6-Stable-Full_Package.zip
[root@e-smith html]# rm index.html
[root@e-smith html]# mv Joomla_3.3.6-Stable-Full_Package.zip ../files/
[root@e-smith html]# chown -R apache:www *
[root@e-smith html]# find . -type f -exec chmod 644 {} \;
[root@e-smith html]# find . -type d -exec chmod 755 {} \;

Configure Joomla! using its web installer

Using a web browser, browse to http://yourserver/joomla. The installer is pretty self-explanatory, as shown below: Joomla installer1.png Joomla installer2.png Joomla installer3.png Joomla installer4.png

If you receive an error message when you click on the "Remove installation folder" button, you may need to remove it from the command line, like this:

[root@e-smith html]# rm -rf installation

Now you can browse to your Joomla! site at http://yourserver/joomla. It should look like this: Joomla site.png

You can go to the administration backend at http://yourserver/joomla/administrator. Once you log in with the admin user and password you specified in the installer, it should look like this:

Joomla backend.png

Security

Two possible security measures are to restrict access to the administration backend to users on your LAN, and to enable two-factor authentication.

Restrict access to backend

I wanted to restrict access to the administration backend to my LAN, so an outside user couldn't even get to the login page. To do this, I created a custom template fragment:

[root@e-smith ~]# mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
[root@e-smith ~]# cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
[root@e-smith httpd.conf]# nano -w 92Joomla

The contents of the file look like this:

# /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/92Joomla 
<Directory /home/e-smith/files/ibays/joomla/html/administrator>
Order Deny,Allow
Deny from all
Allow from 192.168.0.0/24
</Directory>

You'll need to change the directory name to reflect your ibay name, and the "Allow" IP range to reflect your LAN IP address range. Then, expand the template and restart Apache:

[root@e-smith httpd.conf]# expand-template /etc/httpd/conf/httpd.conf 
[root@e-smith httpd.conf]# service httpd-e-smith restart
Restarting httpd-e-smith                                   [  OK  ]

Enable two-factor authentication

Two-factor authentication allows you to use Google Authenticator, or any compatible app or device, to further secure your installation by requiring a six-digit PIN that changes every 30 seconds. You can require this for all users, or specific users. Enabling this is part of the Joomla! configuration, and is not discussed here.

Removing Joomla!

To remove Joomla! from your system, you will need to remove the ibay, the database, the database user, and the httpd.conf template fragment, if you added one.

Remove the ibay

Remove the ibay using the server-manager

Remove the database and database user

[root@e-smith html]# mysql
mysql> revoke all privileges from joomla@localhost;
mysql> drop user joomla@localhost;
mysql> drop database joomla;
mysql> quit

Remove the httpd.conf template fragment

[root@e-smith html]# rm /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/92Joomla
[root@e-smith httpd.conf]# expand-template /etc/httpd/conf/httpd.conf 
[root@e-smith httpd.conf]# service httpd-e-smith restart
Restarting httpd-e-smith                                   [  OK  ]

--DanB35 (talk) 23:54, 10 October 2014 (CEST)