WordPress Install Configuration Files

The following are the WordPress configuration files that we are going to customize in order to allow WordPress to work properly.

 

etc-finished

 To configure phpmyadmin to allow it to be accessible from localhost only for security enhancement:

 

1) Go to this web page from the server and download the following file

https://rawcell.com/wp-content/uploads/apache.conf.tar.gz

or from a command line do a

wget https://rawcell.com/wp-content/uploads/apache.conf.tar.gz

2) tar -zxvf apache.conf.tar.gz

3) sudo chown root:root apache.conf

4) mv apache.conf /etc/phpmyadmin/apache.conf

5) rm apache.conf.tar.gz (for security reasons)

6) perform an

ls -al /etc/phpmyadmin

to confirm it has been properly placed

7) make sure there is a hard link to the file by doing an

ls -al  /etc/apache2/conf.d/phpmyadmin.conf

8) for security reasons perform a

sudo gedit /etc/phpmyadmin/apache.conf

and review its contents.

 

 

Script for Setting Permissions on Your WordPress Website

1) You need to download this script to your web server

2) change the permissions to make it executable with chmod a+x set-website-permissions.sh

3) gedit set-website-permissions.sh and with the search and replace command wherever it says mydomain.com with the name of your purchased domain name. For instance, on my site, I would replace mydomain.com with rawcell.com.

set-website-permissions.zip

#!/bin/bash +x
chown -vR apache:apache /var/www/mydomain.com #APACHE USERNAME YOU HAVE CHOSEN and yourdomain.com
chmod -vR 740 /var/www/mydomain.com #yourdomain.com
chmod -vR 740 /var/www/mydomain.com/wp-admin #yourdomain.com
chmod -vR 740 /var/www/mydomain.com/wp-admin/css #yourdomain.com
chmod -vR 740 /var/www/mydomain.com/wp-admin/images #yourdomain.com
chmod -vR 740 /var/www/mydomain.com/wp-admin/images/screenshots #yourdomain.com
chmod -vR 740 /var/www/mydomain.com/wp-admin/includes #yourdomain.com
chmod -vR 740 /var/www/mydomain.com/wp-admin/js #yourdomain.com
chmod -vR 740 /var/www/mydomain.com/wp-admin/maint #yourdomain.com
chmod -vR 740 /var/www/mydomain.com/wp-admin/network #yourdomain.com
chmod -vR 740 /var/www/mydomain.com/wp-admin/user #yourdomain.com
chmod -vR 740 /var/www/mydomain.com/wp-content #yourdomain.com
chmod -vR 740 /var/www/mydomain.com/wp-content/cache #yourdomain.com
chmod -vR 740 /var/www/mydomain.com/wp-content/plugins #yourdomain.com
chmod -vR 740 /var/www/mydomain.com/wp-content/themes #yourdomain.com
chmod -vR 740 /var/www/mydomain.com/wp-content/upgrade #yourdomain.com
chmod -vR 740 /var/www/mydomain.com/wp-content/uploads #yourdomain.com
chmod -vR 740 /var/www/mydomain.com/wp-includes #yourdomain.com

WORDPRESS CONFIGURATION FILES

(Each is shown and customization areas are bolded)

WARNING: DO NOT JUST HIGHLIGHT AND COPY THESE CONFIGURATIONS-INSTEAD DOWNLOAD AND CUSTOMIZE THE FILES WE HAVE PROVIDED

NOTE: WHERE I REFER TO yourdomain.com, whateveryourdomain.com, please substitute the name of the domain you have purchased and have pointed to your static IP address or DynDNS address.

/etc/apach2/sites-available/default

<VirtualHost 192.168.2.100:80>  #points to internal server web ip and port
	ServerAdmin myemail@gmail.com #points to server admins email
	ServerName  mydomain.com #points to the domain name you have purchased
	ServerAlias web-srv-wordpress www.mydomain.com #substitute the name of your server and the name of your domain
        CustomLog /var/log/apache2/mydomain.com-access.log svn_log env=SVN-ACTION 
#change mydomain.com-access.log to whateveryourdomainthatyouhavepurchased.com-access.log
	DocumentRoot /var/www/
	<Directory /var/www/>
		Options Indexes FollowSymLinks MultiViews
		AllowOverride All
		Order allow,deny
		allow from all
	</Directory>

	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
	<Directory "/usr/lib/cgi-bin">
		AllowOverride None
		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
		Order allow,deny
		Allow from all
	</Directory>

	ErrorLog ${APACHE_LOG_DIR}/error.log

	# Possible values include: debug, info, notice, warn, error, crit,
	# alert, emerg.
	LogLevel warn

	CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

 /etc/apache2/sites-available/mydomain

<VirtualHost 192.168.2.100:80>#YOUR WEB SERVERS INTERNAL IP

	ServerAdmin myemail@mydomain.com #YOUR EMAIL ADDRESS @ YOUR DOMAIN--YOU NEED AN MX RECORD SETUP TO USE IT EFFECTIVELY
	ServerName www.mydomain.com #CHANGE TO www.YOURDOMAIN.com
	ServerAlias mydomain.com #CHANGE TO yourdomain.com

	Redirect http://72.173.222.12/ http://mydomain.com/ #POINT TO YOUR EXTERNAL IP and yourdomain.com, respectively
	Redirect http://72.173.222.12/wp-admin http://mydomain.com/wp-admin #POINT TO YOUR EXTERNAL IP and yourdomain.com, respectively

        ErrorLog /var/log/apache2/mydomain.com-error.log CustomLog #CHANGE TO yourdomain.com
        /var/log/apache2/mydomain.com-access.log svn_log env=SVN-ACTION #CHANGE TO yourdomain.com  
        DocumentRoot /var/www/mydomain.com/ #CHANGE TO yourdomain.com
<Directory /var/www/mydomain.com/>  #CHANGE TO yourdomain.com
        Options Indexes FollowSymLinks MultiViews 
        AllowOverride All 
        Order allow,deny 
        allow from all 
</Directory> 

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ 
<Directory "/usr/lib/cgi-bin"> 
             AllowOverride None 
             Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch 
             Order allow,deny 
             Allow from all 
</Directory> 
ErrorLog ${APACHE_LOG_DIR}/error-mydomain.log #CHANGE TO yourdomain
# Possible values include: debug, info, notice, warn, error, crit, 
# alert, emerg. 
LogLevel warn 
CustomLog ${APACHE_LOG_DIR}/access-mydomain.log combined #CHANGE TO yourdomain
</VirtualHost>

/etc/apache2/sites-enabled

../sites-available/mydomain.com #CHANGE to yourdomain.com

apache.conf #NO CHANGES REQUIRED BUT REVIEW FOR SECURITY PEACE OF MIND ALSO sym-linked AS phpmyadmin.conf

 

# phpMyAdmin default Apache configuration

Alias /phpmyadmin /usr/share/phpmyadmin

<Directory /usr/share/phpmyadmin>
	Options Indexes FollowSymLinks
	DirectoryIndex index.php

	Order deny,allow
	Deny from all
	Allow from 127.0.0.1
	<IfModule mod_php5.c>
		AddType application/x-httpd-php .php

		php_flag magic_quotes_gpc Off
		php_flag track_vars On
		php_flag register_globals Off
		php_admin_flag allow_url_fopen Off
		php_value include_path .
		php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
		php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/
	</IfModule>

</Directory>

# Authorize for setup
<Directory /usr/share/phpmyadmin/setup>
    <IfModule mod_authn_file.c>
    AuthType Basic
    AuthName "phpMyAdmin Setup"
    AuthUserFile /etc/phpmyadmin/htpasswd.setup
    </IfModule>
    Require valid-user
</Directory>

# Disallow web access to directories that don't need it
<Directory /usr/share/phpmyadmin/libraries>
    Order Deny,Allow
    Deny from All
</Directory>
<Directory /usr/share/phpmyadmin/setup/lib>
    Order Deny,Allow
    Deny from All
</Directory>