Installing WordPress on CentOS

Install Nginx Web Server

By default, the Nginx package is included in the CentOS 8 default repo. You can install it using the following command:

dnf install nginx -y

Once the Nginx server has been installed, start the Nginx service and enable it to start after the system reboot.

systemctl start nginx

systemctl enable nginx

You can also check the Nginx version using the following command:

nginx -v

Sample output:

nginx version: nginx/1.14.1

Install MariaDB Database Server

WordPress uses MySQL or MariaDB as a database backend. You can install the MariaDB database by just running the following command:

dnf install mariadb-server -y

After installing the MariaDB database, start the MariaDB service and enable it to start at system reboot:

systemctl start mariadb
systemctl enable mariadb

Next, you will need to secure the MariaDB installation and set a MariaDB root password. You can do it by running the following script:

mysql_secure_installation

You will be asked to set a root password, remove anonymous users, disallow root login remotely and remove the test database as shown below:

Enter current password for root (enter for none):

Set root password? [Y/n] Y
New password:
Re-enter new password:
Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

Install PHP 8

PHP version 8 has significant performance improvements and new features so it is recommended to use PHP 8 for WordPress. By default, PHP 8 is not included in the CentOS 8 default repo. So you will need to install the EPEL and Remi PHP repository to your system.

First, install EPEL and Remi repository package with the following command:

dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
dnf install https://rpms.remirepo.net/enterprise/remi-release-8.rpm

Next, disable the default PHP repository and enable the PHP Remi repository using the following command:

dnf module reset php
dnf module install php:remi-8.0 -y

Next, install PHP 8 with other necessary PHP extensions using the following command:

dnf install php php-mysqlnd php-fpm php-opcache php-curl php-json php-gd php-xml php-mbstring php-zip -y

Once the installation is completed, verify the PHP version using the following command:

php -v

Sample output:

PHP 8.0.9 (cli) (built: Jul 29 2021 12:53:58) ( NTS gcc x86_64 )

Nginx uses a PHP-FPM to process the PHP files. By default, PHP-FPM is configured to run as an Apache user. So you will need to configure it for Nginx.

nano /etc/php-fpm.d/www.conf

Change the user and group from apache to nginx as shown below:

user = nginx
group = nginx

Save and close the file then start the PHP-FPM service and enable it to start at system reboot:

systemctl start php-fpm
systemctl enable php-fpm

Step 2 - Create a Database for WordPress

Next, you will need to create a database and user for WordPress. First, log in to MariaDB shell with the following command:

mysql -u root -p

Once you are log in, create a database and user with the following command:

CREATE DATABASE wordpressdb;
CREATE USER `wordpressuser`@`localhost` IDENTIFIED BY 'wordpresssecurepassword';

Next, grant all the privileges to the WordPress database with the following command:

GRANT ALL ON wordpressdb.* TO `wordpressuser`@`localhost`;

Next, flush the privileges and exit from the MariaDB shell with the following command:

FLUSH PRIVILEGES;
EXIT;

Step 3 - Download WordPress

It is always recommended to download the latest version of WordPress from its official website. You can download it inside the Nginx default root directory using the following command:

cd /var/www/html
wget https://wordpress.org/latest.tar.gz

Once the download is completed, extract the downloaded file with the following command:

tar -xvzf latest.tar.gz

Next, rename the extracted directory with yourdomain name.

mv wordpress bear.cloud

Next, change the ownership of yourdomain.com directory to nginx:

chown -R nginx:nginx /var/www/html/bears.cloud

Step 4 - Create Nginx Virtual Host for WordPress

Next, you will need to create a separate Nginx virtual host configuration file to serve the WordPress website.

nano /etc/nginx/conf.d/yourdomain.conf

Add the following lines:

server {

   listen 80;

   server_name bear.cloud www.bear.cloud;

   root /var/www/html/yourdomain.com;

   index index.php index.html index.htm;

   location / {

      try_files $uri $uri/ =404;

   }

   error_page 404 /404.html;

   error_page 500 502 503 504 /50x.html;

   location = /50x.html {

      root /usr/share/nginx/html;

   }

server {

        listen 443 ssl default_server;

        listen [::]:443 ssl default_server;

        ssl_certificate /etc/nginx/certificate/nginx-certificate.crt;

        ssl_certificate_key /etc/nginx/certificate/nginx.key;

        root  /var/www/html/bear.cloud

;

        index index.html index.htm index.nginx-debian.html;

        server_name _bear.cloud www.bear.cloud;

        location / {

                try_files $uri $uri/ =404;

       }


   location ~ \.php$ {

      try_files $uri =404;

      fastcgi_pass unix:/var/run/php-fpm/www.sock;

      fastcgi_index index.php;

      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

      include fastcgi_params;

   }

}

Save and close the file then run the following command to verify the Nginx for any syntax error.

nginx -t

Sample output:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Finally, reload the Nginx service to apply the configuration changes:

systemctl restart nginx

Step 5 - Configure SELinux and Firewall

By default, SELinux is enabled on CentOS 8 server. It is always recommended to disable the SELinux. To disable the SELinux, edit the /etc/selinux/config file:

nano /etc/selinux/config

Change the following line:

SELINUX=disabled

Save and close the file then restart your system to apply the changes.

Next, you will also need to allow HTTP and HTTPS service through the firewall. You can allow them by running the following command:

firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https

Next, reload the firewall daemon to apply the changes:

firewall-cmd --reload

Step 6 - Enable HTTPS for WordPress

Let’s Encrypt is a non profit certificate authority that provides a free SSL certificate to create a more secure and privacy respecting Web.

To download the Let’s Encrypt server SSL and implement it on your website, you will need to install the Certbot client package on your server.

Run the following command to install the Certbot client package for Nginx:

dnf install certbot python3-certbot-nginx -y

Once the Certbot package is installed, run the following command to enable the SSL on your WordPress website.

certbot --nginx --agree-tos --redirect --hsts --uir --staple-ocsp --email wordpress@bears.cloud -d bears.cloud,www.bears.cloud

This command will download the Let’s Encrypt SSL and configure your Nginx virtual host configuration file to use those SSL certificates. 

Next, you will need to set up a cron job to renew the Let’s Encrypt certificate automatically. To do so edit the cron job with the following command:

crontab -e

Add the following line:

@daily certbot renew --quiet && systemctl reload apache2

Save and close the file when you are finished.

Previous Post Next Post

Ω†Ω…ΩˆΨ°Ψ¬ Ψ§Ω„Ψ§ΨͺΨ΅Ψ§Ω„