1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Tutorial: Install WordPress using Nginx and HHVM on Fedora.

Install WordPress using Nginx and HHVM on Fedora.

  1. sbagmeijer
    In this guide I will show how you can install WordPress (https://wordpress.org/) on Fedora using Nginx and HHVM (old HipHop php).

    For this guide I used the following:
    blog01 (1x cpu, 512mb ram)
    Fedora 21 (HHVM does not support Fedora 22 yet)
    WordPress
    SSL Certificate

    This guide should also work on RHEL and CentOS but you might need to change some directory locations or use slightly different commands.


    Step 1: Add the Ulyaoth repository

    For Fedora use:
    Code:
    $ sudo
    yum install -y https://downloads.ulyaoth.net/rpm/Fedora/x86_64/ulyaoth-1.0.6-1.fc21.x86_64.rpm
    
    For RHEL or CentOS see my repository for more information:
    https://www.ulyaoth.net/resources/ulyaoth-repository.6/

    Step 2: install the required packages
    Code:
    $ sudo yum install ulyaoth-nginx ulyaoth-hhvm mariadb mariadb-server policycoreutils-python
    
    Step 3: Create the following directories
    Code:
    $ sudo mkdir -p /etc/nginx/access-lists
    $ sudo mkdir -p /etc/nginx/ssl
    $ sudo mkdir -p /srv/nginx/wordpress/public
    $ sudo mkdir -p /var/log/nginx/wordpress
    
    Step 4: Download WordPress
    Code:
    $ sudo wget https://wordpress.org/latest.tar.gz
    
    Step 5: Unzip your WordPress tar.gz file.
    Code:
    $ tar xvf latest.tar.gz
    
    You should now have a folder "wordpress".

    Step 6: Move all wordpress files to the right directory
    Code:
    $ sudo mv wordpress/* /srv/nginx/wordpress/public/
    
    Step 7: Download the vhost and access-list file for nginx
    Code:
    $ sudo wget -q https://raw.githubusercontent.com/sbagmeijer/ulyaoth/master/guides/wordpress/nginx/wordpress.conf -O /etc/nginx/sites-available/wordpress.conf
    $ sudo wget -q https://raw.githubusercontent.com/sbagmeijer/ulyaoth/master/guides/wordpress/nginx/wordpress-accesslist.conf -O /etc/nginx/access-lists/wordpress-accesslist.conf
    
    Step 8: Install your certificates
    Get the certificates from where you bought them or yourself generated one and place them in:
    /etc/nginx/ssl

    To create your dhparams file please use the following command:
    Code:
    sudo $ openssl dhparam -out /etc/nginx/ssl/dhparam.pem 4096
    Remember if your certificate files are not called "ulyaoth-blog.crt", "ulyaoth-blog.key" and "ulyaoth-blog.ca" then you have to rename them in your wordpress.conf vhost file so it will use the right certificates.

    Step 9: Edit the Wordpress vhost and the access list.
    Code:
    $ sudo vi /etc/nginx/sites-available/wordpress.conf
    
    Now change all the domain names from "ulyaoth.net" to your domain name, please make sure to double check your whole file.

    Then double check all the certficiate names and name them how your certificates are names (check the whole file):
    Code:
    ssl_certificate             /etc/nginx/ssl/ulyaoth-phpbb.pem;
    ssl_certificate_key         /etc/ssl/certs/ulyaoth-phpbb.key;
    ssl_trusted_certificate /etc/ssl/certs/ulyaoth-phpbb.ca;
    Now as final you have to create a "sha256 pin" with the following command: (update so it uses your key)
    Code:
    $sudo openssl rsa -in /etc/nginx/ssl/ulyaoth-phpbb.key -outform der -pubout | openssl dgst -sha256 -binary | openssl enc -base64
    It should give an output like this:
    Code:
    writing RSA key
    zcoKJuisd789hasddasasd32k4VUxsof3d3w22332b7k=
    Then in the vhost update this bit with your key:
    Code:
    add_header Public-Key-Pins "pin-sha256=\"zcoKJuisd789hasddasasd32k4VUxsof3d3w22332b7k=\"; max-age=172800;";
    Now save that file and open the wordpress-accesslist file:
    Code:
    $ sudo vi /etc/nginx/access-lists/wordpress-accesslist.conf
    
    and add now all ip's you want to have access to the "wp-admin" control panel of WordPress:
    #allow your ip below something like "allow 1.1.1.1;"
    allow ;

    As it already explains just add your ip's like this for example:
    #allow your ip below something like "allow 1.1.1.1;"
    allow 192.168.1.3;
    allow 192.168.1.4;
    Just make sure that the "deny all;" is always at the bottom of the file.

    Now save the access list and continue the guide.



    Step 10: symbolic link your vhost
    Code:
    $ sudo ln -s /etc/nginx/sites-available/wordpress.conf /etc/nginx/sites-enabled/wordpress.conf
    
    Step 11: Copy the example config for a small MariaDB database to real config location.
    Code:
    $ sudo cp /usr/share/mariadb/my-small.cnf /etc/my.cnf
    
    Of-course if you expect a large database you have to or make your own MariaDB config or in the location "/usr/share/mysql/" you have more examples:
    my-huge.cnf
    my-large.cnf
    my-medium.cnf
    my-small.cnf
    my-innodb-heavy-4G.cnf

    Step 12: Start the MariaDB database
    Code:
    $ sudo systemctl start mariadb.service
    
    Step 13: run the MariaDB secure installation script
    Code:
    $ sudo /usr/bin/mysql_secure_installation
    
    I would recommend to do the steps I did below:
    Enter current password for root (enter for none): (ENTER)
    Set root password? [Y/n] Y
    New password:
    Re-enter new password:
    Password updated successfully!
    Remove anonymous users? [Y/n] y
    Disallow root login remotely? [Y/n] y
    Remove test database and access to it? [Y/n] y
    Reload privilege tables now? [Y/n] y

    Step 14: Login to the MariaDB database
    Code:
    $ sudo mysql -uroot -p
    
    (you have to use the password from Step 13 that you created)

    Step 15: In the MariaDB client create the following user and database
    Code:
    CREATE DATABASE wordpress;
    GRANT ALL PRIVILEGES ON wordpress.* TO "wordpress"@"localhost" IDENTIFIED BY "ulyaoth007";
    GRANT ALL PRIVILEGES ON wordpress.* TO "wordpress"@"127.0.0.1" IDENTIFIED BY "ulyaoth007";
    FLUSH PRIVILEGES;
    
    (Make sure to change to example password "ulyaoth007" to something random)

    Step 16: exit the MariaDB client
    Code:
    exit
    
    Step 17: Put everything on autostart
    Code:
    $ sudo systemctl enable mariadb.service
    $ sudo systemctl enable hhvm.service
    $ sudo systemctl enable nginx.service
    
    Step 18: Chown the web directory to wordpress:nginx
    Code:
    $ sudo chown -R hhvm:nginx /srv/nginx/wordpress/
    
    Step 19: Fix directory permissions
    Code:
    $ sudo find /srv/nginx/wordpress/public/ -type d -exec chmod 755 {} \;
    $ sudo find /srv/nginx/wordpress/public/ -type f -exec chmod 644 {} \;
    $ sudo  chmod 0775 /srv/nginx/wordpress/public/wp-content/
    $ sudo  chmod 0775 /srv/nginx/wordpress/public/wp-content/themes/
    
    Step 20: fix Selinux
    Code:
    $ sudo setsebool -P httpd_can_network_connect on
    $ sudo chcon -R -t httpd_sys_content_t /srv/nginx/wordpress/public/
    $ sudo chcon -R -t httpd_sys_rw_content_t /srv/nginx/wordpress/public/wp-content
    $ sudo chcon -R -t httpd_sys_rw_content_t /srv/nginx/wordpress/public/wp-includes
    $ sudo chcon -R -t httpd_sys_rw_content_t /srv/nginx/wordpress/public/wp-admin
    $ sudo semanage port -a -t http_port_t -p tcp 80
    $ sudo restorecon /etc/nginx/ssl/*
    

    Step 21: configure firewalld
    Code:
    $ sudo firewall-cmd --permanent --zone=public --add-service=http
    $ sudo firewall-cmd --permanent --zone=public --add-port=443/tcp
    $ sudo firewall-cmd --reload
    
    You can check with this command to see it is all added:
    Code:
    $ sudo firewall-cmd --zone=public --list-all
    
    You probably have to change "zone=public" to your servers setup.

    Step 22: Start nginx and hhvm
    Code:
    $ sudo systemctl start hhvm.service
    $ sudo systemctl start nginx.service
    
    Congratulations this should be everything your require to do on the server so now lets start with the installation of WordPress!

    Step 23: Start and finish the installation of WordPress
    Start by going to your website for me "https://blog.ulyaoth.net" and you should see the following:
    [​IMG]

    Choose your language and then you should see a website as below:
    [​IMG]

    On this page click on the "Let's go!" button and you should see the following site:
    [​IMG]

    As you can see you have to fill in the database information from step 15:

    Database Name: Wordpress
    User Name: wordpress
    Password: ulyaoth007

    Of-course change it to your information and then press on the button "Submit" and you will see the following page:
    [​IMG]
    If you followed my guide you probably allowed to write the wp-config.php if you made it slightly more secure then you see a page where it shows you the content you have to copy paste into a "wp-config.php" file yourself:

    Code:
    $ sudo vi /srv/nginx/wordpress/public/wp-config.php
    
    Now paste all the information from the site and safe the file and the run the following commands:
    Code:
    $ sudo chown -R hhvm:nginx /srv/nginx/wordpress/
    $ sudo find /srv/nginx/wordpress/public/ -type f -exec chmod 644 {} \;
    
    Make sure your config file is always secure so no one can write to it in anyway.

    Now back on the website press the "Run the install" button and if everything did go well you should see this page now:
    [​IMG]

    On this page fill in your information as you wish, I would suggest not to use the username "Admin" or "Administrator" as this are the first user names bots and scripts will try to access.

    Once filled in press on the "Install WordPress" button to finish the installation and if everything did install correctly you will see the following page:
    [​IMG]

    What next? well press the "Log in" button and play around with your website or browse to your website url to see the front page of your newly installed WordPress blog.

    It should look like this:

    [​IMG]

    As always if you have any improvements or your see any mistakes please let me know so I can update the guide.

    [​IMG]

Recent Updates

  1. Updated text and pictures.