Contents
1. MariaDB
1.1 Install
|
1 |
# apt -y install mariadb-server |
MariaDB version confirmation
|
1 2 |
# mariadb -V mariadb from 11.8.2-MariaDB, client 15.2 for debian-linux-gnu (x86_64) using EditLine wrapper |
1.2 MariaDB Server Security Settings
MariaDB comes with a default security script, mariadb-secure-installation, which can be used to improve the security of your MariaDB installation, including
Set a password for the root account (if necessary).
Disable remote root login to the database.
Delete anonymous user accounts.
Delete the test database to which anonymous users have access by default.
|
1 2 |
# systemctl restart mariadb # mariadb-secure-installation |
Installation Status
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.
Enter current password for root (enter for none): [Enter]
OK, successfully used password, moving on…
Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.
You already have your root account protected, so you can safely answer 'n'.
Switch to unix_socket authentication [Y/n] y
Enabled successfully!
Reloading privilege tables..
… Success!
You already have your root account protected, so you can safely answer 'n'.
Change the root password? [Y/n] y
New password: [Any Password]
Re-enter new password: [Any Password again]
Password updated successfully!
Reloading privilege tables..
… Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
… Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y
… Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database…
… Success! - Removing privileges on test database…
… Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
… Success!
Cleaning up…
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
After that, use the following commands when accessing MariaDB
|
1 2 |
# mariadb -u root -p Enter password: (Enter the new password set above) |
1.3 phpMyAdmin
Installed phpMyAdmin and configured it to operate MariaDB via web browser
①Install
|
1 |
# apt -y install phpmyadmin |
Select a web server to use phpMyAdmin, this time Apache2
MariaDB password
Confirm password again
apache.conf edit
|
1 2 3 4 |
# vi /etc/phpmyadmin/apache.conf Line 8 : Add the range of permitted access Require ip 127.0.0.1 192.168.11.0/24 ←adapt to each environment |
Apache restart
|
1 |
# systemctl restart apache2 |
②Access http://[IP address]/phpmyadmin in your browser
The following login screen will appear
Username : root
Password: Password for the root user set in the MariaDB security installation
Log in click
The following phpMyAdmin settings screen appears
2.WordPress
2.1 Database Creation
Create a database for Word Press (for example, in this case, the database name is "wp_db", the user name is "wp_user", and the password is "?Y123456y")
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
# mariadb -u root -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 67 Server version: 10.11.6-MariaDB-0+deb12u1 Debian 12 Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> create database wp_db; Query OK, 1 row affected (0.000 sec) MariaDB [(none)]> create user 'wp_user'@'localhost' identified by '?Y123456y'; Query OK, 0 rows affected (0.001 sec) MariaDB [(none)]> grant all on wp_db.* to 'wp_user'@'localhost'; Query OK, 0 rows affected (0.001 sec) MariaDB [(none)]> flush privileges; Query OK, 0 rows affected (0.001 sec) MariaDB [(none)]> exit Bye |
2.2 WordPress Download and Installation
①Download and Deployment
|
1 2 3 |
# cd /var/www/html/<FQDN> # wget http://wordpress.org/latest.tar.gz # tar xvf latest.tar.gz |
②Edit WordPress configuration file
|
1 2 3 |
# cd wordpress/ # cp wp-config-sample.php wp-config.php # vi wp-config.php |
Edit contents of wp-config.php
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 |
<?php /** * The base configuration for WordPress * * The wp-config.php creation script uses this file during the installation. * You don't have to use the web site, you can copy this file to "wp-config.php" * and fill in the values. * * This file contains the following configurations: * * * Database settings * * Secret keys * * Database table prefix * * ABSPATH * * @link https://wordpress.org/support/article/editing-wp-config-php/ * * @package WordPress */// ** Database settings - You can get this info from your web host ** // /** The name of the database for WordPress */ define( 'DB_NAME', 'wp_db' ); /** Database username */ define( 'DB_USER', 'wp_user' ); /** Database password */ define( 'DB_PASSWORD', '?Y123456y' ); /** Database hostname */ define( 'DB_HOST', 'localhost' ); /** Database charset to use in creating database tables. */ define( 'DB_CHARSET', 'utf8' ); /** The database collate type. Don't change this if in doubt. */ define( 'DB_COLLATE', '' ); /**#@+ * Authentication unique keys and salts. * * Change these to different unique phrases! You can generate these using * the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}. * * You can change these at any point in time to invalidate all existing cookies. * This will force all users to have to log in again. * * @since 2.6.0 */ define( 'AUTH_KEY', 'put your unique phrase here' ); define( 'SECURE_AUTH_KEY', 'put your unique phrase here' ); define( 'LOGGED_IN_KEY', 'put your unique phrase here' ); define( 'NONCE_KEY', 'put your unique phrase here' ); define( 'AUTH_SALT', 'put your unique phrase here' ); define( 'SECURE_AUTH_SALT', 'put your unique phrase here' ); define( 'LOGGED_IN_SALT', 'put your unique phrase here' ); define( 'NONCE_SALT', 'put your unique phrase here' ); /**#@-*/ /** * WordPress database table prefix. * * You can have multiple installations in one database if you give each * a unique prefix. Only numbers, letters, and underscores please! */ $table_prefix = 'wp_'; /** * For developers: WordPress debugging mode. * * Change this to true to enable the display of notices during development. * It is strongly recommended that plugin and theme developers use WP_DEBUG * in their development environments. * * For information on other constants that can be used for debugging, * visit the documentation. * * @link https://wordpress.org/support/article/debugging-in-wordpress/ */ define( 'WP_DEBUG', false ); /* Add any custom values between this line and the "stop editing" line. */ /* That's all, stop editing! Happy publishing. */ /** Absolute path to the WordPress directory. */ if ( ! defined( 'ABSPATH' ) ) { define( 'ABSPATH', __DIR__ . '/' ); } /** Sets up WordPress vars and included files. /*Add the following to the last line*/ /*If you do not do this, you will be asked for FTP connection information when you add the plugin.*/ define('FS_METHOD', 'direct'); |
|
1 2 |
# cd /var/www/html/<FQDN> # mv wordpress/* . |
After confirming that the files have been moved, delete the wordpress directory and the downloaded latest.tar.gz
|
1 2 3 |
# ls -l # rm -R -f wordpress # rm latest.tar.gz |
④Make apache the owner of the wordpress directory
|
1 |
# chown -R www-data:www-data /var/www/html/<FQDN> |
⑤Access from a browser
Access http://<FQDN>/wp-admin.
On the following input screen
- Site Title Any name
- Username Any name
- Password Any password
- Your Email Administrator's email address
Enter the information and click "Install WordPress". Remember to enter y
