WordPress – Wenzlaff.de – all about programming

23.01.2022 Ad

How to create a running Windows XP machine (or Raspberry Pi) on Debian 8 Jessie using WordPress 4.3 (SSL), Apache2 (SSL, https), MySql and phpMyadmin? Here is the desired architecture:

All data on the Windows computer must be backed up beforehand, as the entire system will be overwritten with Linux.

to install
eg tools/win32-loader/stable/win32-loader.exe load and install with SSH access, without GUI
With the Raspberry Pi, proceed in the same way as already described here in the blog.

install with:

apt-get install apache2 mysql-client mysql-server php5 php5-mysql php5-curl php5-gd unzip phpmyadmin

create

mysql -u root -p # password # choose wpdatabase, wpuser and password yourself # evl. Delete database with DROP DATABASE wpdatabase; CREATE DATABASE wpdatabase; CREATE USER wpuser@localhost IDENTIFIED BY ‘wppass’; GRANT ALL PRIVILEGES ON wpdatabase.* TO wpuser@localhost; FLUSH PRIVILEGES; exit # Restart Apache and MySql service apache2 restart service mysql restart

mysql -u root -p

# Password

# Choose wpdatabase, wpuser and password yourself

# possibly Delete database with

DROP DATABASE wpdatabase;

CREATE DATABASE wpdatabase;

CREATE USER wpuser@localhost IDENTIFIED BY ‘wppass’;

GRANT ALL PRIVILEGES ON wpdatabase.* TO wpuser@localhost;

FLUSH PRIVILEGES;

exit

# Restart Apache and MySql

service apache2 restart

service mysql restart

4.3 load create

# go to tmp directory cd /tmp # load wordpress latest version wget -c http://wordpress.org/latest.zip # unzip archives unzip -q latest.zip -d /var/www/html/ # or if there is a tar.gz is then tar zxf wordpress-4.5.3-de_DE.tar.gz -C /var/www/html/ # assign rights chown -R www-data.www-data /var/www/html/wordpress chmod – R 755 /var/www/html/wordpress mkdir -p /var/www/html/wordpress/wp-content/uploads chown -R www-data.www-data /var/www/html/wordpress/wp-content/ uploads cd /var/www/html/wordpress/ # copy the example cp wp-config-sample.php wp-config.php # enter the database name, user and password in wp-config.php nano wp-config.php # im Open browser and select language and user http://localhost/wordpress/ # test it # increase the file upload size # make the following entries in /var/www/html/wordpress/.htaccess: vi /var/www/ html/wordpress/.htaccess php_value upload_max_filesize 64M php_value post_max_size 64M php_value max_execution_time 300 php_value max_input_time 300 # delete unnecessary files rm wp-config-sample.php rm readme.html rm readme.html rm /wp-admin/install.php # Optional: generate new security keys (salt) via https://api.wordpress. org/secret-key/1.1/salt/ # and add this generated block to wp-config.php file # #define(‘AUTH_KEY’, ‘-+jiH||`2);cZjy .Vy5C|!NX{KNv,Ov@=XK|SALR8++C.axK4b(Ep4U_RWAV|Ir;’); #define(‘SECURE_AUTH_KEY’, ‘.+WZ>Ul&)Qak2uhZ-.(Y^]},n!.&R.VRl~+o*~7*dP{{4s*iyMO7L^{o/#lq7Xs1’) ; #define(‘LOGGED_IN_KEY’, ‘_T)TC.YN6r9wxM*lRbjGc0dy2;

# ins tmp Verzeichnis gehen

cd /tmp

# WordPress aktuelle Version laden

wget -c http://wordpress.org/latest.zip

# Archive auspacken

unzip -q latest.zip -d /var/www/html/

# oder wenn es ein tar.gz ist dann

tar zxf wordpress-4.5.3-de_DE.tar.gz -C /var/www/html/

# Rechte vergeben

chown -R www-data.www-data /var/www/html/wordpress

chmod -R 755 /var/www/html/wordpress

mkdir -p /var/www/html/wordpress/wp-content/uploads

chown -R www-data.www-data /var/www/html/wordpress/wp-content/uploads

cd /var/www/html/wordpress/

# kopieren des Beispiel

cp wp-config-sample.php wp-config.php

# in wp-config.php den Databasenamen, User und Passwort eintragen

nano wp-config.php

# im Browser aufruen und Sprache und User wählen

http://localhost/wordpress/

# testen

# gleich noch den Datei upload Size vergrößern

# in der /var/www/html/wordpress/.htaccess die folgenden Einträge machen:

vi /var/www/html/wordpress/.htaccess

php_value upload_max_filesize 64M

php_value post_max_size 64M

php_value max_execution_time 300

php_value max_input_time 300

# unnötige Dateien löschen

rm wp-config-sample.php

rm readme.html

rm liesmich.html

rm /wp-admin/install.php

# Optional: Neue Sicherheitsschlüssel (Salt) generieren über https://api.wordpress.org/secret-key/1.1/salt/

# und diesen generierten Block in die <strong>wp-config.php</strong> Datei einfügen

#define(‘AUTH_KEY’, ‘-+jiH||`2);cZjy.Vy5C|!NX{KNv,Ov@=XK|SALR8++C.axK4b(Ep4U_RWAV|Ir;’);

#define(‘SECURE_AUTH_KEY’, ‘.+WZ>Ul&)Qak2uhZ-.(Y^]},n!.&R.VRl~+o*~7*dP{{4s*iyMO7L^{o/#lq7Xs1’);

#define(‘LOGGED_IN_KEY’, ‘_T)TC.YN6r9wxM*lRbjGc0dy2;

#define(‘NONCE_KEY’, ‘vVrz#TDgM[,Te(v[hStvF][>ZfI;$K.^ IstOP`k>IfNo3j8h~|2rvxU&%=[eJ@w’);

#define(‘AUTH_SALT’, ‘/ qC?UB4&>H&hy#=:;sP6m 0}[u~oDJGhBdqskc{gY+j1yJU~/>rBL91P8kGtnG_’);

#define(‘SECURE_AUTH_SALT’, ‘tUd3QTYMV.g|86`=!-?EN_P~N+jB$LwD|q-b?g[G@E!9.,{G2n|1X1_2-+Fv,y=:’);

#define(‘LOGGED_IN_SALT’, ‘?d`pE;|nVH?81n2#@[VYOB__Nh.l:v=4F5_uajQ4jp.,h$Z8#N2DZ}^=|sQi7?d4’);

#define(‘NONCE_SALT’, ‘C*-+6P_j/o0FTQC1.(GHJ[tXNCpou<RyB.@:mx&spG@{-9< Wk|r!zoJUiwY@:M:’);

# Optional die wp-config.php sichern mit folgenden Eintrag in der <strong>.htaccess</strong> Datei:

order deny,allow

deny from all

</FilesMatch>

Optional ein paar gute Plugins installieren. Hier mal eine kleine Auswahl z.B.:

Schon alt, läuft aber noch „Limit Login Attempts„.
Wenn man sich da selbst aussperrt, einfach in der DB folgenden SQL absetzen:

UPDATE wp_options SET option_value=”” WHERE option_name=”limit_login_lockouts”

UPDATE wp_options SET option_value = ” WHERE option_name = ‘limit_login_lockouts’

Hier noch ein paar:

Optional kann noch ein PDF Export für die Tabellen integriert werden, wie hier beschrieben und auch gleich die Extension für das automatische URL converting.

installieren
In /etc/phpmyadmin/apache.conf den Eintrag

#<Directory /usr/share/phpmyadmin>
# Options FollowSymLinks
# DirectoryIndex index.php
Require ip 127.0.0.1 10.0.0.0/24
# Apache restart
service apache2 restart
# Aufruf im Browser
(IP)/phpmyadmin
# Anmelden mit MySql Datenbankuser und Passwort

#<Directory /usr/share/phpmyadmin>

# Options FollowSymLinks

# DirectoryIndex index.php

Require ip 127.0.0.1 10.0.0.0/24

# Apache restart

service apache2 restart

# Aufruf im Browser

(IP)/phpmyadmin

# Anmelden mit MySql Datenbankuser und Passwort

erzeugen und installieren

mkdir .ssl
cd .ssl
openssl req -new -days 999 -newkey rsa:4096bits -sha512 -x509 -nodes -out server.crt -keyout server.key
# Diese Fragen beantworten
# Country Name (2 letter code) [AU]:EN # State or Province Name (full name) [Some-State]:Lower Saxony # Locality Name (eg, city) []:Hanover # Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Blog # Organizational Unit Name (eg, section) []:Dept of Blogging # Common Name (eg server FQDN or YOUR name) []:kleinhirn.eu # Email Address []:webmaster@yourdomain.com sudo cp server.crt /etc/ssl/certs sudo cp server.key /etc/ssl/private service apache2 restart # Activate SSL module a2enmod ssl service apache2 restart # Activate rewrite module for later a2enmod rewrite service apache2 restart # View status systemctl status apache2.service # Add generated certificates in sudo vi /etc/apache2/sites-available/default-ssl.conf # ServerName mydomain.com:443 SSLEngine on SSLCertificateFile /etc/apache2/ssl/server. crt SSLCertificateKeyFile /etc/apache2/ssl/server.key # Enable default site a2ensite default-ssl.conf # Server Restart service apache2 restart # Disable http and set https in /etc/apache2/sites-enabled/titled 000-default.conf vi /etc/apache2/sites-enabled/titled 000-default.conf # Contents of the file: ServerName xxx ServerAlias www.xxx Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all Require all granted ServerAdmin webmaster@xxx.de DocumentRoot /var/www/ html/wordpress SSLEngine on SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key #SSLCACertificateFile /home/me/domain.com.crt ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog $ {APACHE_LOG_DIR}/access.log combined # Test whether the blog is running with https and the certificates in the browser https://(IP)/wordpress/wp-login.php

8th

mkdir .ssl

cd .ssl

openssl req -new -days 999 -newkey rsa:4096bits -sha512 -x509 -nodes -out server.crt -keyout server.key

# Answer these questions

# Country Name (2 letter code) [AU]:DE

# State or Province Name (full name) [Some-State]:Lower Saxony

# Locality Name (eg, city) []:Hanover

# Organization Name (eg, company) [Internet Widgits Pty Ltd]:my blog

# Organizational Unit Name (eg, section) []:Dept of Blogging

# Common Name (e.g. server FQDN or YOUR name) []:kleinhirn.eu

# Email Address []:webmaster@yourdomain.com

sudo cp server.crt /etc/ssl/certs

sudo cp server.key /etc/ssl/private

service apache2 restart

# Enable SSL module

a2enmod ssl

service apache2 restart

# Enable rewrite module for later

a2enmod rewrite

service apache2 restart

# View status

systemctl status apache2.service

# complete the generated certificates in

sudo vi /etc/apache2/sites-available/default-ssl.conf

ServerName mydomain.com:443

SSL Engine on

SSLCertificateFile /etc/apache2/ssl/server.crt

SSLCertificateKeyFile /etc/apache2/ssl/server.key

# Activate default page

a2ensite default-ssl.conf

# Server restart

service apache2 restart

# Disable http and set https in /etc/apache2/sites-enabled/titled 000-default.conf

vi /etc/apache2/sites-enabled/titled000-default.conf

# Contents of the file:

server name xxx

Server alias www.xxx

Options Indexes FollowSymLinks MultiViews

AllowOverrideAll

Order allow deny

allow from all

Require all granted

ServerAdmin webmaster@xxx.de

DocumentRoot /var/www/html/wordpress

SSL Engine on

SSLCertificateFile /etc/ssl/certs/server.crt

SSLCertificateKeyFile /etc/ssl/private/server.key

#SSLCACertificateFile /home/me/domain.com.crt

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

# Test whether the blog with https and the certificates is running in the browser

https://(IP)/wordpress/wp-login.php

which ports are open and disable!

nmap ip # or sudo nmap -sT -O -v ip # if port 80 is still open, in vi /etc/apache2/ports.conf # comment out or delete the line # listen 80 # if port 111 rpcbind is open ( is needed for Samba), it can also be switched off with the tool sysv-rc-conf # Install tool sudo apt-get install sysv-rc-conf # Start tool sysv-rc-conf # in the last column where the S is with switch off the space key # in the line with rpcbind # restart computer reboot # new check with nmap nmap ip # everything ok, only the desired ports are open # check which modules are installed with apache2ctl -M # disable unnecessary modules, e.g. the status_module (shared ) a2dismod status # Server restart service apache2 restart # Check if the status module has been disabled apache2ctl -M

8th

nmap ip

# or

sudo nmap -sT -O -v ip

# if port 80 is still open, in

vi /etc/apache2/ports.conf

# Comment out or delete the line

# Lists 80

# If port 111 rpcbind is open (needed for Samba), it can also be turned off with the tool sysv-rc-conf

# Install tools

sudo apt-get install sysv-rc-conf

# Start tool

sysv-rc-conf

# in the last column where the S is turn off with the space key

# on the line with rpcbind

# Reboot computer

reboot

# new check with nmap

nmap ip

# everything ok, only the desired ports are open

# Check which modules are installed

apache2ctl -M

# Disable unnecessary modules e.g. the status_module (shared)

a2dismod status

# Server restart

service apache2 restart

# Check if the status module has been disabled

apache2ctl -M

Optional: Existing blog with the WP plugin

export and import, as already described here.
When exporting in “Find (text) Replace with (another-text) in the database” replace the entry xxx.OLD-DOMAINE with YYY-NEW-DOMAINE.
Then import the *.wpress file.

Optionally test which Apache version is running with:

apachectl -V # Result: Apache/2.4.10 (Debian)

apachectl -V

# Result: Apache/2.4.10 (Debian)

Optionally, delete the history so that the passwords created cannot be read out

Great, the WordPress blog is now overflowing in encrypted form https 😉