Difference between revisions of "Wordpress"

From SME Server
Jump to navigationJump to search
 
(3 intermediate revisions by 3 users not shown)
Line 11: Line 11:
  
 
{{#smeversion: smeserver-wordpress }}
 
{{#smeversion: smeserver-wordpress }}
{{#smeversion: wordpress }}
 
  
 
===Description===
 
===Description===
Line 25: Line 24:
  
 
  yum install --enablerepo=smecontribs smeserver-wordpress
 
  yum install --enablerepo=smecontribs smeserver-wordpress
 +
 +
====SME10====
 +
 +
The SME10 version has been recast to download  the latest version of WordPress from the Wordpress website while installing on SME10, and does not need a support rpm containing the Wordpress php code.
 +
 +
Consequently the Wordpress site can be upgraded in place manually or automatically, rather than by an RPM update.  There is no need for any further signal-event as the install itself makes sure that all files etc are up to date.
 +
 +
If you remove the smeserver-wordpress rpm, then the current parameter file and wordpress code will be deleted, but the corresponding database will not be deleted.  If you want to delete it then you should use the phpmyadmin contrib.
 +
 +
If you re-install after a remove, without deleting the database then the old website will be re-instated, and the version of  Wordpress installed will be the latest. However you will loose any templates and plugins that you might have installed on top of the standard install.  These can be re-installed of course.
 +
 +
====SME9====
  
 
If installation shows a blank page, then refer the fix at https://bugs.contribs.org/show_bug.cgi?id=10735#c10.
 
If installation shows a blank page, then refer the fix at https://bugs.contribs.org/show_bug.cgi?id=10735#c10.
Line 186: Line 197:
  
 
==== Fail2Ban ====
 
==== Fail2Ban ====
Fail2Ban is a contrib that blocks IP addresses involved in brute force logon attempts and such. First you need to add the fail2ban plugin inside wordpress. Then see [[Fail2ban]] wiki page for initial setup of fail2ban. Then you simply need to enable the jail for wordpress by using the server-manager fail2ban page.  Basically there will be 3 jails for wordpress, one soft (auth error) and one hard ( blocked user attempt to login) and one for xmlrpc attacks.  
+
Fail2Ban is a contrib that blocks IP addresses involved in brute force logon attempts and such. First you need to add the fail2ban plugin inside wordpress. Then see [[Fail2ban]] wiki page for initial setup of fail2ban. Then you simply need to enable the jail for wordpress by using the server-manager fail2ban page.  Basically there will be 3 jails for wordpress, one soft (auth error) and one hard ( blocked user attempt to login) and one for xmlrpc attacks. Refer [https://forums.contribs.org/index.php/topic,53711.msg279902.html original post]
  
If you want more tweak you can change few options using command line. Note that by defualt they are not set in the db and will use fail2ban respective default value, which you could also set globally. Values presented are only for the purpose of example.  
+
If you want more tweak you can change few options using command line. Note that by defualt they are not set in the db and will use fail2ban respective default value, which you could also set globally. Values presented are only for the purpose of example. WPH prefix is for wordpress-hard, WPS for wordpress-soft and WPX for wordpress-xmlrpc
 
* db configuration setprop fail2ban WPHbantime 5000  
 
* db configuration setprop fail2ban WPHbantime 5000  
 
* db configuration setprop fail2ban WPSbantime 1000  
 
* db configuration setprop fail2ban WPSbantime 1000  

Latest revision as of 08:01, 29 May 2022


Is this article helpful to you?
Please consider donating or volunteering
Thank you!

Wordpress.png

Maintainer

stephdl Stéphane de Labrusse AKA Stephdl

Dungog.net (Software) : original developper

Version

Contrib 10:
Contrib 9:
smeserver-wordpress
The latest version of smeserver-wordpress is available in the SME repository, click on the version number(s) for more information.


Description

http://www.wordpress.org

WordPress is a state-of-the-art semantic personal publishing platform with a focus on aesthetics, web standards, and usability.

If you want to create a site in Wordpress and host it as your primary domain on SME Server you should not use this contrib. This contrib will only allow site visitors to type in yourdomain.com/wordpress to get to the wordpress site.

Installation in an iBay is more flexible and is recommended. See the PART ONE steps at Wordpress Multisite. At the completion of PART ONE, you will have a fully functional Wordpress site with the exception of automatic updating. Automatic Updating requires FTP access to the core files. You can manage FTP access to iBays with the contrib located here.

Installation

yum install --enablerepo=smecontribs smeserver-wordpress

SME10

The SME10 version has been recast to download the latest version of WordPress from the Wordpress website while installing on SME10, and does not need a support rpm containing the Wordpress php code.

Consequently the Wordpress site can be upgraded in place manually or automatically, rather than by an RPM update. There is no need for any further signal-event as the install itself makes sure that all files etc are up to date.

If you remove the smeserver-wordpress rpm, then the current parameter file and wordpress code will be deleted, but the corresponding database will not be deleted. If you want to delete it then you should use the phpmyadmin contrib.

If you re-install after a remove, without deleting the database then the old website will be re-instated, and the version of Wordpress installed will be the latest. However you will loose any templates and plugins that you might have installed on top of the standard install. These can be re-installed of course.

SME9

If installation shows a blank page, then refer the fix at https://bugs.contribs.org/show_bug.cgi?id=10735#c10.

After installation, you need to make the installation effective. If you do not want to reboot your server then enter:

signal-event wordpress-update ; config set UnsavedChanges no

or for a full reboot:

signal-event post-upgrade; signal-event reboot

Initial Setup

To setup wordpress start your browser with the URL http://www.yourmaindomain/wordpress and complete the forms.

To make basic setup just enter a blog name and an administrator email address then click Setup. On the next screen you will be presented with the admin user name and a randomly generated admin password. Record these somewhere safe now !

Then click the Log in button, and enter your admin username (ie admin) and password, ie the ones just displayed on the previous screen.

The initial setup is done in the Settings link at the top right corner of the blog screen.

Configure as required, and save your changes before exiting.

Optional: If you want to change the domain URL that wordpress will be accessed with, apply any changes to the URL property before setting up wordpress, refer to options below, default is wordpress.

Fail2ban can help protect your new Wordpress site from common attacks, using a Wordpress plugin, but you will probably need to change the backend to "polling" as described here.

Upgrade Wordpress version

Important.png Note:
The in place update process of Wordpress is not available per se, you need to update rpm as we rely on EPEL for SME8 and SME9.


yum update wordpress --enablerepo=smecontribs

If the version you want is not yet available in smecontribs, and you do not want to wait, you can do

yum update wordpress --enablerepo=smetest

or you can install Epel repo for your SME version and issue

yum update wordpress --enablerepo=epel

then go to

http://www.yourmaindomain/wordpress/wp-admin/upgrade.php

and follow the instructions given.

Upgrade from previous SME7/SME8 contrib smeserver-wordpress <1.0-10

Important.png Note:
according to bugzilla:8007, when you upgrade your wordpress website from the old version of Noble/Stephdl to the newer (=>3.7.1) of smecontribs, you may have a blank page, do not panic, it is mainly due to the lack of your theme/template in the new location (/usr/share/wordpress). You can either install another theme or play with rsync to copy your old wp-content folder to the new location

before to proceed, you NEED all your backups (DB and /opt/wordpress folder)

rsync -avz /opt/wordpress/wp-content/* /usr/share/wordpress/wp-content/


Usage

Normal access by bloggers -> www.yourdomain.com/wordpress/

Admin or backend user access -> www.yourdomain.com/wordpress/wp-login.php

Options

  • You can fine tune access to wordpress with DB settings.

http://wiki.contribs.org/Web_Application_RPM#New_DB_settings

# config show wordpress 
wordpress=service
   AllowOverrideAll=disabled
   BackupFiles=enabled
   DbName=wordpress
   DbPassword=804896988746808
   DbUser=wordpress
   Https=enabled
   Indexes=disabled
   Name=Wordpress weblog
   PublicAccess=global
   SymLinks=disabled
   WpLang=en
   status=enabled


  • To disable wordpress. (default is enabled)
config setprop wordpress status disabled 
signal-event wordpress-update
  • Force HTTP (it is a bad idea)
config setprop wordpress Https disabled
signal-event wordpress-update
  • Enable Indexes
config setprop wordpress Indexes enabled
signal-event wordpress-update
  • Enabled FollowSymLinks
config setprop wordpress Symlinks enabled
signal-event wordpress-update
  • Enabled AllowOverrideAll
config setprop wordpress AllowOverrideAll enabled
signal-event wordpress-update
  • To limit access to wordpress.
config setprop wordpress PublicAccess OPTION

OPTION is either of the following.

       none             => No access
       local            => Local network  (no password required)
       local-pw         => Local network  (password required)
       global           => Entire Internet(no password required)
       global-pw        => Entire Internet(password required)
       global-pw-remote => Entire Internet(password required outside local network)


  • To add a different URL eg. yourserver.net/different-url

Note, this adds another url, it doesn't remove the default yourserver.net/wordpress

config setprop wordpress URL new-url-wordpress

This setting writes a new Alias to the httpd.conf file. Whatever you enter as new-url-wordpress is appended to your domain(s).

  • Disconnect all users and force them to reconnect (default enabled)
config setprop wordpress Salt enabled
signal-event wordpress-update

or

signal-event console-save

every time you do a signal-event you change the random 'salt' in cookies, all users will be forced to log again.

  • Local Settings

The config file is now templated, so changes need to be made in a new fragment, eg

 # ls /etc/e-smith/templates/etc/wordpress/wp-config.php/
 10db  20inc_dist  template-begin  template-end

check which setting you want to change with

 cat /usr/share/wordpress/wp-config-sample.php

then add the new setting in the new fragment and expand, it will overrule the old

expand-template /etc/wordpress/wp-config.php

If you think your setting should be the default raise a bug

Recommended Plugins

Spam filtering is a popular plugin and recommended to prevent excessive spam being added to your wordpress blogsite. To configure the Akismet plugin offered by Wordpress do the following.

Login as admin.

Click on the Plugins link at top right of page.

The Plugin Management page will appear, and a list of Inactive Plugins is shown.

Check the tick box next to Akismet and then click on Activate

To complete the process you will need to enter your Wordpress.com API key

Click on the "enter your WordPress.com API key" link at the top of the page. If you do not already have a key, then click on the (Get your key) link.

This will take you to the wordpress.com site. You need to create a new user account (if you don't already have one). Click the Signup link and enter required details. Select the option to create "Just a username please" and do not create a blog site at wordpress.com.

You will receive a email confirmation to activate your account. After confirming your account creation, you will receive another email advising your new account details, and giving you the API key details.

Return to the admin page of your new wordpress blog site and click on the Plugins link. Select Akismet configuration and enter your API key details. If preferred, tick the check box next to "Automatically discard spam comments on posts older than a month"

Click the Update options button, and you should then see a confirmation notice that your key has been verified. Configure other Akismet settings as required. Save your changes, exit as admin user, and start using your blogsite.

Fail2Ban

Fail2Ban is a contrib that blocks IP addresses involved in brute force logon attempts and such. First you need to add the fail2ban plugin inside wordpress. Then see Fail2ban wiki page for initial setup of fail2ban. Then you simply need to enable the jail for wordpress by using the server-manager fail2ban page. Basically there will be 3 jails for wordpress, one soft (auth error) and one hard ( blocked user attempt to login) and one for xmlrpc attacks. Refer original post

If you want more tweak you can change few options using command line. Note that by defualt they are not set in the db and will use fail2ban respective default value, which you could also set globally. Values presented are only for the purpose of example. WPH prefix is for wordpress-hard, WPS for wordpress-soft and WPX for wordpress-xmlrpc

  • db configuration setprop fail2ban WPHbantime 5000
  • db configuration setprop fail2ban WPSbantime 1000
  • db configuration setprop fail2ban WPXbantime 10000
  • db configuration setprop fail2ban WPHfindtime 800
  • db configuration setprop fail2ban WPSfindtime 800
  • db configuration setprop fail2ban WPXfindtime 800
  • db configuration setprop fail2ban WPHmaxretry 1
  • db configuration setprop fail2ban WPSmaxretry 3
  • db configuration setprop fail2ban WPXmaxretry 2

then you will need a signal-event fail2ban-update

Backup of Wordpress

Warning.png Warning:
You are responsible for the backup process :)


the folder 'wp-content' and the mysql database are now included in the official backup of smeserver. If you use that backup way you will retrieve the mysql database and the folder wp-content.

if you dont want to use that backup way you can do

config setprop wordpress BackupFiles disabled
signal-event wordpress-update

Uninstallation

To remove the package issue the following command on the SME Server shell:

rpm -e wordpress smeserver-wordpress

or

yum remove smeserver-wordpress
yum remove wordpress.noarch

To remove mysql database and user, both are named wordpress, see MySQL#Remove a database and MySQL#Remove a user. There is no need to reboot.

1. Delete MySQL database:

mysql
drop database wordpress;

2. Delete MySQL user:

mysql
USE mysql;
DELETE FROM user WHERE user = 'wordpress';
FLUSH PRIVILEGES;

3. Cleanup filesystem

rm -rf /etc/wordpress
rm -rf /usr/share/wordpress
config delete wordpress
db accounts delete wordpress
signal-event console-save

Move Contrib to iBay

These instructions assume you have installed this contrib as described on this page and that you understand how to use Wordpress. If you have done anything else these instructions are not for you.

The Wordpress files are installed to /usr/share/wordpress by the wordpress contrib. The main configuration file wp-config.php in this location is a symlink to /etc/wordpress/wp-config.php. The template for the wp-config.php file is located at /etc/e-smith/templates/etc/wordpress/wp-config.php and creates the /etc/wordpress/wp-config.php file. After completing these steps, you will not be able to use the wordpress events or information in the configuration database to regenerate your site's wp-config.php file. You will have to manually modify the wp-config.php file to suit your needs.

Follow the steps at Wordpress Multisite with the exception of steps A4, A5, and A7.

A4 step: If you are moving an existing install, the database and user already exist. Backup the Wordpress database using phpmyadmin (PHPMyAdmin) and get the database user and password from /etc/wordpress/wp-config.php.

A5 step: You are going to be using an existing installation so use midnight commander (mc at the terminal) to copy the files from /usr/share/wordpress/ to the ibay directory. Once copied, navigate to the ibay directory and delete the symlink for wp-config.php. Copy wp-config.php from /etc/wordpress to the ibay directory. You should now have all of the wordpress base, config file, plugins, and content located in the new ibay you created.

Edit the wp-config.php file and find the line that references the definition of ABSPATH. Edit the directory to match your ibay location. The default entry created by the contrib is:

 /** Absolute path to the WordPress directory. */
define('ABSPATH', '/usr/share/wordpress/');

Using phpmyadmin, go into the wordpress database wp_options table and change the siteurl and home records to reflect your new url. You do not have to use https if you created the ibay using the steps outlined in the Wordpress Multisite wiki page.

A7 step: Navigate to yourdomain.com/wp-admin and login using the same credentials setup when you installed the contrib. Verify the settings are correct and save the configuration. No reconfiguration necessary.

You can disable the wordpress contrib with

config setprop wordpress status disabled
signal-event post-upgrade; signal-event reboot

Once you are satisfied with the site's performance, you can remove the wordpress contrib. Do not remove the mysql database or your site will not function.

Bugs

Please raise bugs under the SME-Contribs section in bugzilla and select the smeserver-wordpress component or use this link .

IDProductVersionStatusSummary (3 tasks)
12766SME Contribs11.0UNCONFIRMEDchange php version to contrib smeserver-wordpress
12201SME Contribs10.0UNCONFIRMEDLimit log noise in /var/log/httpd/error_log
12176SME Contribs10.0UNCONFIRMEDphp version hard coded to 73 in httpd.conf