WordPress in Ubuntu 18 (LiteSpeed, MariaDB, PHP, Redis)

Last revision: 25 of April of 2020

Table of contents

Here we left a small manual you of installation from an installation of basic operating system of Ubuntu 18.

Forming the Operating system

Once the operating system is installed, first that we will form will be the hour of the servant. In this case we will form the hour zone of Madrid.

timedatectl set-timezone €˜Europe/Madrid€™ timedatectl set-NTP on

The following thing that we will do is to verify the version of the operating system and, later, to make a complete update of the same.

update lsb_release - to apt - and && apt - and upgrade && apt - and dist-upgrade && apt - and autoremove

Once this all updated, we installed some tools and software base that can be useful to have in the system.

apt - and install software-properties-common curl vim unzip ufw

Installation of MariaDB

The following step will be the installation of the data base. In this case we are going to use MariaDB 10.3. First that we will do will be to form the unloading, and later its installation.

apt-key adv --recv-keys --to keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8 add-apt-repository €˜deb [arch=amd64, arm64, ppc64el] http://tedeco.fi.upm.es/mirror/mariadb/repo/10.3/ubuntu bionic main€™ apt - and update && apt - and upgrade && apt - and dist-upgrade && apt - and autoremove apt - and install mariadb-server mariadb-client

Now that is installed, we will come to the initial configuration. For it we will use the system safe installation, that it will do some questions to us.

mysql_secure_installation

To the question of if we want to change the password, following if we have put or not in the installation, we will change it. In case of not to have put no, is very recommendable to put a safe password to him.

Set root password? [Y/n]: And

The rest of questions, we will answer the following thing:

Remove anonymous users? [Y/n]: And Disallow root login remotely? [Y/n]: And Remove test database and Access to it? [Y/n]: And Reload privilege tables now? [Y/n]: And

At this moment already we will have the data base formed. Now we will cause that one executes in re homes of the system and we will initiate it.

systemctl stop mysql.service systemctl start mysql.service

Installation of LiteSpeed

At this moment we have the data base formed and are going to come to the installation from the Web server. In this case we are going to use LiteSpeed. It is necessary to remember that for the use of this Web server it is necessary to have a license. In order to see the last version of the system he is very recommendable to visit the card of unloadings (in this case stable is going away to use version 5.3.8).

CD /root/ bash < (curl https://get.litespeed.sh) 1234-abcd-5678-EFGH

NOTE: Please, 1234-abcd-5678-EFGH by your license replaces the code.

And the round of questions begins

Does Do you agree with stupefy license? YES Destination [/usr/local/lsws]: User yam [admin]: Password: Email addresses [root@localhost]: john@example.com Please select (0-7) [0]? 0 User [nobody]: Group [nogroup]: HTTP port [8088]: 80 Admin HTTP port [7080]: Setup up PHP [Y/n]: And for Suffix PHP script (comma separated list) [php]: Inable chroot [y/N]: and Chroot directory without trailing €˜/€™: Does /usr/local/lsws Would you like to install AWStats Add-on modulate [y/N]? n Would does you like to have LiteSpeed Web server started automatically when the server restarts [Y/n]? and Would you like to start it right now [Y/n]? and

Now that we have nginx installed, we are going it to form so that one automatically begins in re homes of the system.

/usr/local/lsws/bin/lswsctrl stop /usr/local/lsws/bin/lswsctrl start

At this moment already we have the Web server, reason why we are going to install and to form PHP so that he correctly works with the Web server and data base. In this case we are going to install version PHP 7.3. It is necessary to consider that LiteSpeed works with its own versions of PHP; so we will have to install his own system.

wget - Or - http://rpms.litespeedtech.com/debian/enable_lst_debain_repo.sh | bash apt - and update && apt - and upgrade && apt - and dist-upgrade && apt - and autoremove

Installation of PHP

Now we will define the list of libraries to install.

apt - and install lsphp73 lsphp73-common lsphp73-dev lsphp73-curl lsphp73-imap lsphp73-intl lsphp73-json lsphp73-memcached lsphp73-mysql lsphp73-opcache lsphp73-redis php-imagick php-libsodium libgeoip-dev

Installation of Redis

In order to work with some improvements in the yield of the cache of objects, we are going to let ready Redis as storage system.

apt - and update && apt - and upgrade && apt - and dist-upgrade && apt - and autoremove apt - and install redis-server

Later, and of the same form that the rest of elements, we are going it to form so that one begins automatically if the servant is reinitiated.

systemctl stop redis-server.service systemctl inable redis-server.service systemctl start redis-server.service

In order to avoid problems with other Web servers we will review and eliminate possible incompatibilities.

apt - and remove nginx apache2

Configuration of the HTTPS

As we are going to mount our Web on a safe Web server (HTTPS), we will need to install the certificate generator of Let's Encrypt, previously so that we will prepare the systems for the creation of safe keys.

openssl dhparam - out /etc/ssl/certs/dhparam.pem 2048

And at this moment we will install the system of certificate creation certbot.

add-apt-repository ppa: certbot/certbot apt - and update && apt - and upgrade && apt - and dist-upgrade && apt - and autoremove apt - and install python-certbot-nginx

So that the certificates are updated automatically, we will once activate a task programmed (cron) to the day that automatically renews certificates.

crontab - e

Once inside, we will form, for example, that executes to the 06:45 every morning.

45 6 * * * certbot renew --dry-run

Configuration of firewall

In order to finish, we are going to activate the Firewall and to later let only open to the ports of SSH (by which we are working at the moment) and the ports Web, leaving the inactive rest.

ufw app list ufw allow ssh ufw allow HTTP ufw allow https ufw allow 8088/tcp ufw allow 7080/tcp ufw inable

As of this moment we can reinitiate the machine if we want, and we will already have it list to begin its use and to mount the websites.