Difference between revisions of "Wordpress"
m (→Fail2Ban: correct formatting) |
Unnilennium (talk | contribs) |
||
(10 intermediate revisions by 4 users not shown) | |||
Line 11: | Line 11: | ||
{{#smeversion: smeserver-wordpress }} | {{#smeversion: smeserver-wordpress }} | ||
− | |||
===Description=== | ===Description=== | ||
Line 26: | Line 25: | ||
yum install --enablerepo=smecontribs smeserver-wordpress | yum install --enablerepo=smecontribs smeserver-wordpress | ||
+ | ====SME10==== | ||
+ | |||
+ | The SME10 version has been recast to download the latest version of WordPress from the Wordpress website while installing on SME10, and does not need a support rpm containing the Wordpress php code. | ||
+ | |||
+ | Consequently the Wordpress site can be upgraded in place manually or automatically, rather than by an RPM update. There is no need for any further signal-event as the install itself makes sure that all files etc are up to date. | ||
+ | |||
+ | If you remove the smeserver-wordpress rpm, then the current parameter file and wordpress code will be deleted, but the corresponding database will not be deleted. If you want to delete it then you should use the phpmyadmin contrib. | ||
+ | |||
+ | If you re-install after a remove, without deleting the database then the old website will be re-instated, and the version of Wordpress installed will be the latest. However you will loose any templates and plugins that you might have installed on top of the standard install. These can be re-installed of course. | ||
+ | |||
+ | ====SME9==== | ||
+ | |||
+ | If installation shows a blank page, then refer the fix at https://bugs.contribs.org/show_bug.cgi?id=10735#c10. | ||
After installation, you need to make the installation effective. If you do not want to reboot your server then enter: | After installation, you need to make the installation effective. If you do not want to reboot your server then enter: | ||
Line 185: | Line 197: | ||
==== Fail2Ban ==== | ==== Fail2Ban ==== | ||
− | Fail2Ban is a contrib that blocks IP addresses involved in brute force logon attempts and such. | + | Fail2Ban is a contrib that blocks IP addresses involved in brute force logon attempts and such. First you need to add the fail2ban plugin inside wordpress. Then see [[Fail2ban]] wiki page for initial setup of fail2ban. Then you simply need to enable the jail for wordpress by using the server-manager fail2ban page. Basically there will be 3 jails for wordpress, one soft (auth error) and one hard ( blocked user attempt to login) and one for xmlrpc attacks. Refer [https://forums.contribs.org/index.php/topic,53711.msg279902.html original post] |
− | + | If you want more tweak you can change few options using command line. Note that by defualt they are not set in the db and will use fail2ban respective default value, which you could also set globally. Values presented are only for the purpose of example. WPH prefix is for wordpress-hard, WPS for wordpress-soft and WPX for wordpress-xmlrpc | |
− | + | * db configuration setprop fail2ban WPHbantime 5000 | |
− | + | * db configuration setprop fail2ban WPSbantime 1000 | |
− | + | * db configuration setprop fail2ban WPXbantime 10000 | |
− | + | * db configuration setprop fail2ban WPHfindtime 800 | |
− | + | * db configuration setprop fail2ban WPSfindtime 800 | |
− | + | * db configuration setprop fail2ban WPXfindtime 800 | |
− | + | * db configuration setprop fail2ban WPHmaxretry 1 | |
− | + | * db configuration setprop fail2ban WPSmaxretry 3 | |
− | + | * db configuration setprop fail2ban WPXmaxretry 2 | |
− | + | then you will need a signal-event fail2ban-update | |
− | |||
− | |||
− | |||
===Backup of Wordpress=== | ===Backup of Wordpress=== | ||
− | {{Warning box|You are responsible | + | {{Warning box|You are responsible for the backup process :)}} |
the folder 'wp-content' and the mysql database are now included in the official backup of smeserver. If you use that backup way you will retrieve the mysql database and the folder wp-content. | the folder 'wp-content' and the mysql database are now included in the official backup of smeserver. If you use that backup way you will retrieve the mysql database and the folder wp-content. | ||
Line 234: | Line 243: | ||
rm -rf /usr/share/wordpress | rm -rf /usr/share/wordpress | ||
config delete wordpress | config delete wordpress | ||
+ | db accounts delete wordpress | ||
signal-event console-save | signal-event console-save | ||
Line 239: | Line 249: | ||
These instructions assume you have installed this contrib as described on this page and that you understand how to use Wordpress. If you have done anything else these instructions are not for you. | These instructions assume you have installed this contrib as described on this page and that you understand how to use Wordpress. If you have done anything else these instructions are not for you. | ||
− | The Wordpress files are installed to /usr/share/wordpress by the wordpress contrib. The main configuration file wp-config.php in this location is a symlink to /etc/wordpress/wp-config.php. The template for the wp-config.php file is located at /etc/e-smith/templates/etc/wordpress/wp-config.php and creates the /etc/wordpress/wp-config.php file. After completing these steps, you will not be able to use the wordpress events or information in the configuration database to regenerate your site's wp-config.php file. You will have to manually modify the wp-config.php file to suit your needs. | + | The Wordpress files are installed to <tt>/usr/share/wordpress</tt> by the wordpress contrib. The main configuration file '''wp-config.php''' in this location is a symlink to <tt>/etc/wordpress/wp-config.php</tt>. The template for the ''wp-config.php'' file is located at <tt>/etc/e-smith/templates/etc/wordpress/wp-config.php</tt> and creates the /etc/wordpress/wp-config.php file. After completing these steps, you will not be able to use the wordpress events or information in the configuration database to regenerate your site's wp-config.php file. You will have to manually modify the ''wp-config.php'' file to suit your needs. |
Follow the steps at [[Wordpress_Multisite|Wordpress Multisite]] with the exception of steps A4, A5, and A7. | Follow the steps at [[Wordpress_Multisite|Wordpress Multisite]] with the exception of steps A4, A5, and A7. | ||
Line 245: | Line 255: | ||
A4 step: If you are moving an existing install, the database and user already exist. Backup the Wordpress database using phpmyadmin ([[PHPMyAdmin]]) and get the database user and password from /etc/wordpress/wp-config.php. | A4 step: If you are moving an existing install, the database and user already exist. Backup the Wordpress database using phpmyadmin ([[PHPMyAdmin]]) and get the database user and password from /etc/wordpress/wp-config.php. | ||
− | A5 step: You are going to be using an existing installation so use midnight commander (mc at the terminal) to copy the files from /usr/share/wordpress/ to the ibay directory. Once copied, navigate to the ibay directory and delete the symlink for wp-config.php. Copy wp-config.php from /etc/wordpress to the ibay directory. You should now have all of the wordpress base, config file, plugins, and content located in the new ibay you created. | + | A5 step: You are going to be using an existing installation so use midnight commander (mc at the terminal) to copy the files from <tt>/usr/share/wordpress/</tt> to the ibay directory. Once copied, navigate to the ibay directory and delete the symlink for wp-config.php. Copy wp-config.php from /etc/wordpress to the ibay directory. You should now have all of the wordpress base, config file, plugins, and content located in the new ibay you created. |
Edit the wp-config.php file and find the line that references the definition of ABSPATH. Edit the directory to match your ibay location. The default entry created by the contrib is: | Edit the wp-config.php file and find the line that references the definition of ABSPATH. Edit the directory to match your ibay location. The default entry created by the contrib is: | ||
Line 262: | Line 272: | ||
Once you are satisfied with the site's performance, you can remove the wordpress contrib. Do not remove the mysql database or your site will not function. | Once you are satisfied with the site's performance, you can remove the wordpress contrib. Do not remove the mysql database or your site will not function. | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
=== Bugs === | === Bugs === |
Latest revision as of 08:01, 29 May 2022
Is this article helpful to you?
Please consider donating or volunteering
Thank you!
Maintainer
stephdl Stéphane de Labrusse AKA Stephdl
Dungog.net (Software) : original developper
Version
Description
WordPress is a state-of-the-art semantic personal publishing platform with a focus on aesthetics, web standards, and usability.
If you want to create a site in Wordpress and host it as your primary domain on SME Server you should not use this contrib. This contrib will only allow site visitors to type in yourdomain.com/wordpress to get to the wordpress site.
Installation in an iBay is more flexible and is recommended. See the PART ONE steps at Wordpress Multisite. At the completion of PART ONE, you will have a fully functional Wordpress site with the exception of automatic updating. Automatic Updating requires FTP access to the core files. You can manage FTP access to iBays with the contrib located here.
Installation
yum install --enablerepo=smecontribs smeserver-wordpress
SME10
The SME10 version has been recast to download the latest version of WordPress from the Wordpress website while installing on SME10, and does not need a support rpm containing the Wordpress php code.
Consequently the Wordpress site can be upgraded in place manually or automatically, rather than by an RPM update. There is no need for any further signal-event as the install itself makes sure that all files etc are up to date.
If you remove the smeserver-wordpress rpm, then the current parameter file and wordpress code will be deleted, but the corresponding database will not be deleted. If you want to delete it then you should use the phpmyadmin contrib.
If you re-install after a remove, without deleting the database then the old website will be re-instated, and the version of Wordpress installed will be the latest. However you will loose any templates and plugins that you might have installed on top of the standard install. These can be re-installed of course.
SME9
If installation shows a blank page, then refer the fix at https://bugs.contribs.org/show_bug.cgi?id=10735#c10.
After installation, you need to make the installation effective. If you do not want to reboot your server then enter:
signal-event wordpress-update ; config set UnsavedChanges no
or for a full reboot:
signal-event post-upgrade; signal-event reboot
Initial Setup
To setup wordpress start your browser with the URL http://www.yourmaindomain/wordpress and complete the forms.
To make basic setup just enter a blog name and an administrator email address then click Setup. On the next screen you will be presented with the admin user name and a randomly generated admin password. Record these somewhere safe now !
Then click the Log in button, and enter your admin username (ie admin) and password, ie the ones just displayed on the previous screen.
The initial setup is done in the Settings link at the top right corner of the blog screen.
Configure as required, and save your changes before exiting.
Optional: If you want to change the domain URL that wordpress will be accessed with, apply any changes to the URL property before setting up wordpress, refer to options below, default is wordpress.
Fail2ban can help protect your new Wordpress site from common attacks, using a Wordpress plugin, but you will probably need to change the backend to "polling" as described here.
Upgrade Wordpress version
yum update wordpress --enablerepo=smecontribs
If the version you want is not yet available in smecontribs, and you do not want to wait, you can do
yum update wordpress --enablerepo=smetest
or you can install Epel repo for your SME version and issue
yum update wordpress --enablerepo=epel
then go to
http://www.yourmaindomain/wordpress/wp-admin/upgrade.php
and follow the instructions given.
Upgrade from previous SME7/SME8 contrib smeserver-wordpress <1.0-10
Usage
Normal access by bloggers -> www.yourdomain.com/wordpress/
Admin or backend user access -> www.yourdomain.com/wordpress/wp-login.php
Options
- You can fine tune access to wordpress with DB settings.
http://wiki.contribs.org/Web_Application_RPM#New_DB_settings
# config show wordpress wordpress=service AllowOverrideAll=disabled BackupFiles=enabled DbName=wordpress DbPassword=804896988746808 DbUser=wordpress Https=enabled Indexes=disabled Name=Wordpress weblog PublicAccess=global SymLinks=disabled WpLang=en status=enabled
- To disable wordpress. (default is enabled)
config setprop wordpress status disabled signal-event wordpress-update
- Force HTTP (it is a bad idea)
config setprop wordpress Https disabled signal-event wordpress-update
- Enable Indexes
config setprop wordpress Indexes enabled signal-event wordpress-update
- Enabled FollowSymLinks
config setprop wordpress Symlinks enabled signal-event wordpress-update
- Enabled AllowOverrideAll
config setprop wordpress AllowOverrideAll enabled signal-event wordpress-update
- To limit access to wordpress.
config setprop wordpress PublicAccess OPTION
OPTION is either of the following.
none => No access local => Local network (no password required) local-pw => Local network (password required) global => Entire Internet(no password required) global-pw => Entire Internet(password required) global-pw-remote => Entire Internet(password required outside local network)
- To add a different URL eg. yourserver.net/different-url
Note, this adds another url, it doesn't remove the default yourserver.net/wordpress
config setprop wordpress URL new-url-wordpress
This setting writes a new Alias to the httpd.conf file. Whatever you enter as new-url-wordpress is appended to your domain(s).
- Disconnect all users and force them to reconnect (default enabled)
config setprop wordpress Salt enabled signal-event wordpress-update
or
signal-event console-save
every time you do a signal-event you change the random 'salt' in cookies, all users will be forced to log again.
- Local Settings
The config file is now templated, so changes need to be made in a new fragment, eg
# ls /etc/e-smith/templates/etc/wordpress/wp-config.php/ 10db 20inc_dist template-begin template-end
check which setting you want to change with
cat /usr/share/wordpress/wp-config-sample.php
then add the new setting in the new fragment and expand, it will overrule the old
expand-template /etc/wordpress/wp-config.php
If you think your setting should be the default raise a bug
Recommended Plugins
Spam filtering is a popular plugin and recommended to prevent excessive spam being added to your wordpress blogsite. To configure the Akismet plugin offered by Wordpress do the following.
Login as admin.
Click on the Plugins link at top right of page.
The Plugin Management page will appear, and a list of Inactive Plugins is shown.
Check the tick box next to Akismet and then click on Activate
To complete the process you will need to enter your Wordpress.com API key
Click on the "enter your WordPress.com API key" link at the top of the page. If you do not already have a key, then click on the (Get your key) link.
This will take you to the wordpress.com site. You need to create a new user account (if you don't already have one). Click the Signup link and enter required details. Select the option to create "Just a username please" and do not create a blog site at wordpress.com.
You will receive a email confirmation to activate your account. After confirming your account creation, you will receive another email advising your new account details, and giving you the API key details.
Return to the admin page of your new wordpress blog site and click on the Plugins link. Select Akismet configuration and enter your API key details. If preferred, tick the check box next to "Automatically discard spam comments on posts older than a month"
Click the Update options button, and you should then see a confirmation notice that your key has been verified. Configure other Akismet settings as required. Save your changes, exit as admin user, and start using your blogsite.
Fail2Ban
Fail2Ban is a contrib that blocks IP addresses involved in brute force logon attempts and such. First you need to add the fail2ban plugin inside wordpress. Then see Fail2ban wiki page for initial setup of fail2ban. Then you simply need to enable the jail for wordpress by using the server-manager fail2ban page. Basically there will be 3 jails for wordpress, one soft (auth error) and one hard ( blocked user attempt to login) and one for xmlrpc attacks. Refer original post
If you want more tweak you can change few options using command line. Note that by defualt they are not set in the db and will use fail2ban respective default value, which you could also set globally. Values presented are only for the purpose of example. WPH prefix is for wordpress-hard, WPS for wordpress-soft and WPX for wordpress-xmlrpc
- db configuration setprop fail2ban WPHbantime 5000
- db configuration setprop fail2ban WPSbantime 1000
- db configuration setprop fail2ban WPXbantime 10000
- db configuration setprop fail2ban WPHfindtime 800
- db configuration setprop fail2ban WPSfindtime 800
- db configuration setprop fail2ban WPXfindtime 800
- db configuration setprop fail2ban WPHmaxretry 1
- db configuration setprop fail2ban WPSmaxretry 3
- db configuration setprop fail2ban WPXmaxretry 2
then you will need a signal-event fail2ban-update
Backup of Wordpress
the folder 'wp-content' and the mysql database are now included in the official backup of smeserver. If you use that backup way you will retrieve the mysql database and the folder wp-content.
if you dont want to use that backup way you can do
config setprop wordpress BackupFiles disabled signal-event wordpress-update
Uninstallation
To remove the package issue the following command on the SME Server shell:
rpm -e wordpress smeserver-wordpress
or
yum remove smeserver-wordpress yum remove wordpress.noarch
To remove mysql database and user, both are named wordpress, see MySQL#Remove a database and MySQL#Remove a user. There is no need to reboot.
1. Delete MySQL database:
mysql drop database wordpress;
2. Delete MySQL user:
mysql USE mysql; DELETE FROM user WHERE user = 'wordpress'; FLUSH PRIVILEGES;
3. Cleanup filesystem
rm -rf /etc/wordpress rm -rf /usr/share/wordpress config delete wordpress db accounts delete wordpress signal-event console-save
Move Contrib to iBay
These instructions assume you have installed this contrib as described on this page and that you understand how to use Wordpress. If you have done anything else these instructions are not for you.
The Wordpress files are installed to /usr/share/wordpress by the wordpress contrib. The main configuration file wp-config.php in this location is a symlink to /etc/wordpress/wp-config.php. The template for the wp-config.php file is located at /etc/e-smith/templates/etc/wordpress/wp-config.php and creates the /etc/wordpress/wp-config.php file. After completing these steps, you will not be able to use the wordpress events or information in the configuration database to regenerate your site's wp-config.php file. You will have to manually modify the wp-config.php file to suit your needs.
Follow the steps at Wordpress Multisite with the exception of steps A4, A5, and A7.
A4 step: If you are moving an existing install, the database and user already exist. Backup the Wordpress database using phpmyadmin (PHPMyAdmin) and get the database user and password from /etc/wordpress/wp-config.php.
A5 step: You are going to be using an existing installation so use midnight commander (mc at the terminal) to copy the files from /usr/share/wordpress/ to the ibay directory. Once copied, navigate to the ibay directory and delete the symlink for wp-config.php. Copy wp-config.php from /etc/wordpress to the ibay directory. You should now have all of the wordpress base, config file, plugins, and content located in the new ibay you created.
Edit the wp-config.php file and find the line that references the definition of ABSPATH. Edit the directory to match your ibay location. The default entry created by the contrib is:
/** Absolute path to the WordPress directory. */ define('ABSPATH', '/usr/share/wordpress/');
Using phpmyadmin, go into the wordpress database wp_options table and change the siteurl and home records to reflect your new url. You do not have to use https if you created the ibay using the steps outlined in the Wordpress Multisite wiki page.
A7 step: Navigate to yourdomain.com/wp-admin and login using the same credentials setup when you installed the contrib. Verify the settings are correct and save the configuration. No reconfiguration necessary.
You can disable the wordpress contrib with
config setprop wordpress status disabled signal-event post-upgrade; signal-event reboot
Once you are satisfied with the site's performance, you can remove the wordpress contrib. Do not remove the mysql database or your site will not function.
Bugs
Please raise bugs under the SME-Contribs section in bugzilla and select the smeserver-wordpress component or use this link .
ID | Product | Version | Status | Summary (3 tasks) ⇒ |
---|---|---|---|---|
12766 | SME Contribs | 11.0 | UNCONFIRMED | change php version to contrib smeserver-wordpress |
12201 | SME Contribs | 10.0 | UNCONFIRMED | Limit log noise in /var/log/httpd/error_log |
12176 | SME Contribs | 10.0 | UNCONFIRMED | php version hard coded to 73 in httpd.conf |