Changes

Jump to navigation Jump to search
1,537 bytes added ,  09:01, 29 May 2022
Line 11: Line 11:     
{{#smeversion: smeserver-wordpress }}
 
{{#smeversion: smeserver-wordpress }}
{{#smeversion: wordpress }}
      
===Description===
 
===Description===
Line 25: Line 24:     
  yum install --enablerepo=smecontribs smeserver-wordpress
 
  yum install --enablerepo=smecontribs smeserver-wordpress
 +
 +
====SME10====
 +
 +
The SME10 version has been recast to download  the latest version of WordPress from the Wordpress website while installing on SME10, and does not need a support rpm containing the Wordpress php code.
 +
 +
Consequently the Wordpress site can be upgraded in place manually or automatically, rather than by an RPM update.  There is no need for any further signal-event as the install itself makes sure that all files etc are up to date.
 +
 +
If you remove the smeserver-wordpress rpm, then the current parameter file and wordpress code will be deleted, but the corresponding database will not be deleted.  If you want to delete it then you should use the phpmyadmin contrib.
 +
 +
If you re-install after a remove, without deleting the database then the old website will be re-instated, and the version of  Wordpress installed will be the latest. However you will loose any templates and plugins that you might have installed on top of the standard install.  These can be re-installed of course.
 +
 +
====SME9====
    
If installation shows a blank page, then refer the fix at https://bugs.contribs.org/show_bug.cgi?id=10735#c10.
 
If installation shows a blank page, then refer the fix at https://bugs.contribs.org/show_bug.cgi?id=10735#c10.
Line 186: Line 197:     
==== Fail2Ban ====
 
==== Fail2Ban ====
Fail2Ban is a contrib that blocks IP addresses involved in brute force logon attempts and such. See [[Fail2ban]]. In order to make Fail2Ban work with WordPress, the user "holck" posted the following code in thread https://forums.contribs.org/index.php/topic,53711.msg279902.html in the SME 9 Contribs forum. Holck notes that the standard jail for WordPress appears to work, but does not block the offending IP addresses.
+
Fail2Ban is a contrib that blocks IP addresses involved in brute force logon attempts and such. First you need to add the fail2ban plugin inside wordpress. Then see [[Fail2ban]] wiki page for initial setup of fail2ban. Then you simply need to enable the jail for wordpress by using the server-manager fail2ban page.  Basically there will be 3 jails for wordpress, one soft (auth error) and one hard ( blocked user attempt to login) and one for xmlrpc attacks. Refer [https://forums.contribs.org/index.php/topic,53711.msg279902.html original post]
 
  −
The following needs to be added the file /etc/fail2ban/jail.conf.
  −
 
  −
<pre>[wordpress-hard]
  −
enabled = true
  −
filter = wordpress-hard
  −
logpath = /var/log/messages
  −
maxretry = 3
  −
action = smeserver-iptables[port="80,443",protocol=tcp,bantime=1800]
  −
backend = polling
     −
[wordpress-soft]
+
If you want more tweak you can change few options using command line. Note that by defualt they are not set in the db and will use fail2ban respective default value, which you could also set globally. Values presented are only for the purpose of example. WPH prefix is for wordpress-hard, WPS for wordpress-soft and WPX for wordpress-xmlrpc
enabled  = true
+
* db configuration setprop fail2ban WPHbantime 5000
filter = wordpress-soft
+
* db configuration setprop fail2ban WPSbantime 1000
logpath = /var/log/messages
+
* db configuration setprop fail2ban WPXbantime 10000
action = smeserver-iptables[port="80,443",protocol=tcp,bantime=1800]
+
* db configuration setprop fail2ban WPHfindtime 800
backend = polling</pre>
+
* db configuration setprop fail2ban WPSfindtime 800
 +
* db configuration setprop fail2ban WPXfindtime 800
 +
* db configuration setprop fail2ban WPHmaxretry 1
 +
* db configuration setprop fail2ban WPSmaxretry 3
 +
* db configuration setprop fail2ban WPXmaxretry 2
 +
then you will need a signal-event fail2ban-update
    
===Backup of Wordpress===
 
===Backup of Wordpress===
Super Admin, Wiki & Docs Team, Bureaucrats, Interface administrators, Administrators
3,250

edits

Navigation menu