aboutsummaryrefslogtreecommitdiff
path: root/build/Installing_WordPress_on_NearlyFreeSpeech/index.html
blob: 9e202a432ad78217dcf8d3eb2455be7cc84e2a2d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
<!doctype html>
<html lang="en">
<head>
	<meta charset="utf-8">
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<meta name="color-scheme" content="dark light">
	<link rel="icon" href="data:,">
	<title>Installing WordPress on NearlyFreeSpeech</title>
	<link href="/atom.xml" type="application/atom+xml" rel="alternate" title="Atom feed for blog posts" />
	<link href="/rss.xml" type="application/rss+xml" rel="alternate" title="RSS feed for blog posts" />
<style>*{box-sizing:border-box;}body{font-family:sans-serif;line-height:1.33;margin:0 auto;max-width:650px;padding:1rem;}blockquote{background:rgba(0,0,0,0.1);border-left:4px solid;padding-left:5px;}img{max-width:100%;}pre{border:1px solid;overflow:auto;padding:5px;}table{text-align:left;width:100%;}.footnotes{font-size:90%;}</style>
</head>

<nav>
	<a href="#menu">Menu &darr;</a>
</nav>

<main>
<h1 id="installing-wordpress-on-nearlyfreespeech">Installing WordPress on NearlyFreeSpeech</h1>
<p>2024-05-27</p>
<p>I recently went through the process of porting over my wife&#8217;s small business website (built off of WordPress + Woocommerce) from EasyWP to NearlyFreeSpeech. Although the process was fairly easy-going, I thought I would post my complete process here. That way, others who might wish to make the same switch can avoid running into any minor bumps along the way.</p>
<blockquote>
<p>Some of this information has been lifted from <a href="https://members.nearlyfreespeech.net/tdarb/support/wordpress">the official NFS docs</a>, but these pages require a membership to access</p>
</blockquote>
<h3 id="download-wordpress">Download WordPress</h3>
<p>We will use the <code>wp-cli</code> that comes packaged with NearlyFreeSpeech (NFS):</p>
<ol>
<li>Connect to your site via SSH.</li>
<li>Change to the directory you want to be the base of your blog (e.g. &#47;home&#47;public if WordPress will be running the whole site, or &#47;home&#47;public&#47;blog if you want to share the site with other content).</li>
</ol>
<p>For help using WP-CLI from the SSH command line, use this command:</p>
<pre><code>wp help
</code></pre>
<p>To download and unpack the latest version of WordPress, enter the following command:</p>
<pre><code>wp core download
</code></pre>
<h2 id="create-a-mysql-process-and-database">Create a MySQL Process and Database</h2>
<p>Follow the instructions in the NearlyFreeSpeech.NET FAQ to <a href="https://members.nearlyfreespeech.net/faq?q=MySQL#MySQL">create a MySQL process</a> if you haven&#8217;t already.</p>
<p>Next, <a href="https://members.nearlyfreespeech.net/faq?q=CreateDatabase#CreateDatabase">create a new database</a> within that process. Note the name of the process and the name of the database.</p>
<p><strong>Important</strong>: Do not use your own MySQL credentials to connect WordPress to your database. Instead, create a new user. This will protect your member password in the event that your site becomes compromised.</p>
<ul>
<li>Click on the <a href="https://members.nearlyfreespeech.net/mysql">MySQL tab</a> in the member interface</li>
<li>Click &#8220;[Open phpMyAdmin](<a href="https://phpmyadmin.nearlyfreespeech.net/">https:&#47;&#47;phpmyadmin.nearlyfreespeech.net&#47;</a>&#8221; in the Actions box.</li>
<li>Enter the DSN (&#8220;Server&#8221;) of your MySQL Process, MySQL username, and MySQL password. The DSN and username can be found on the Process Information page in our member UI.</li>
<li>Click on the &#8220;Users&#8221; tab.</li>
<li>Click &#8220;Add user.&#8221; (It&#8217;s toward the bottom left of the page.)</li>
<li>Give the user a descriptive name. We&#8217;ll use exampledbuser here, but you should pick something better, like wpuser or something representative of your blog.</li>
<li>Make sure to leave the Host: selectbox on &#8220;Any host.&#8221;</li>
<li>Click the &#8220;Generate&#8221; link to generate a nice strong password.</li>
<li>Use cut and paste to copy the new password somewhere, you&#8217;ll need it later. (We&#8217;ll use dbpassword here.)</li>
<li>Grant the following permissions to the new user:
<ul>
<li>All the permissions except &#8220;file&#8221; in the &#8220;data&#8221; box,</li>
<li>Everything in the &#8220;structure&#8221; box, and</li>
<li>&#8220;LOCK TABLES&#8221; in the &#8220;administration&#8221; box.</li>
</ul></li>
<li>Click the &#8220;Go&#8221; button in the lower right.</li>
<li>Exit phpMyAdmin.</li>
</ul>
<h2 id="generate-a-wordpress-configuration-file">Generate a WordPress Configuration File</h2>
<p>At the SSH command line (replace the examples with the info for the database and user you created above):</p>
<pre><code>wp core config --dbhost=example.db --dbname=exampledb --dbuser=exampledbuser --dbpass=dbpassword
chmod 644 wp-config.php
</code></pre>
<h2 id="run-the-wordpress-installation-and-setting-permissions">Run the WordPress Installation and Setting Permissions</h2>
<p>To get your permalinks to work properly, you must set up an .htaccess file. </p>
<ol>
<li>Go to the Dashboard for your WordPress site. (e.g. <a href="https://www.example.com/wp-admin/index.php">https:&#47;&#47;www.example.com&#47;wp-admin&#47;index.php</a>)</li>
<li>In the navigation sidebar, find Settings and, under that, Permalinks.</li>
<li>Select your preferred link style under &#8220;Common Settings.&#8221; (We like &#8220;Day and name.&#8221;)</li>
<li>Scroll down and select the &#8220;Save Changes&#8221; button.</li>
</ol>
<p>Next, create an <code>.htaccess</code> file for your WordPress site. We suggest doing this directly from the SSH command line using the cat shell command:</p>
<pre><code>cat &#62;.htaccess &#60;&#60;NFSNRULES # This line is a shell command, not part of .htaccess!
RewriteEngine On
RewriteBase &#47;
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . &#47;index.php [L]
NFSNRULES
</code></pre>
<p>If you prefer, you can copy-paste the text into an editor:</p>
<pre><code>RewriteEngine On
RewriteBase &#47;
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . &#47;index.php [L]
</code></pre>
<p>We need to run the following commands in order to install, uninstall, activate, and deactivate plugins&#47;themes from within the admin web GUI of WordPress:</p>
<pre><code>chgrp web .htaccess
chmod 664 .htaccess
chgrp -R web *
find . -type d -exec chmod 775 {} \;
find . -type f -exec chmod 664 {} \;
wp config set FS_METHOD direct
</code></pre>
<h2 id="enable-file-uploading">Enable File Uploading</h2>
<p>In your main WordPress installation folder enter the following SSH commands:</p>
<pre><code>cd wp-content
mkdir -p uploads
chgrp -R web uploads
chmod -R 775 uploads
</code></pre>
<h2 id="keeping-wordpress-up-to-date-automatically-via-command-line">Keeping WordPress Up-To-Date Automatically via Command Line</h2>
<p>It is <strong>critically</strong> important to keep your WordPress installation up-to-date including, if applicable, your theme and plugins. PHP, WordPress, and WordPress themes and plugins all have a track record of security problems. Most of those get fixed quickly, but if you don&#8217;t update, you don&#8217;t get the fixes.</p>
<p>To help you keep WordPress up-to-date, NFS provides a streamlined script.</p>
<p>This command, which must be run from an interactive ssh session, will set up our system to check your WordPress install (and themes &#38; plugins) for you every day, and update them automatically when needed:</p>
<pre><code>wp-update.sh -a
</code></pre>
<p>By default, it will tell you via email when updates happen. If you don&#8217;t want that, just add <code>-q</code> (for &#8220;quiet&#8221;) to the command. It will work silently unless there is an error.</p>
<p>If you get errors from wp-cron (not wp-update) about failed automatic updates, you may also wish to add this to your wp-config.php file:</p>
<pre><code>define( &#39;AUTOMATIC_UPDATER_DISABLED&#39;, true );
</code></pre>
<p>This disables the insecure automatic updater bundled with recent versions of WordPress.</p>
<p><strong>Do not attempt</strong> to use WordPress&#8217;s built-in ability to update itself through its admin panel. That insecure, outdated approach should not still exist. It does not work on NFS, which is a feature, not a bug. Getting it to work requires almost completely destroying your site&#8217;s security, thereby ensuring that any undiscovered security flaw can enable hackers to completely obliterate your site. The update methods described here are faster, easier, and safer.</p>
<h2 id="logging-in">Logging In</h2>
<p>You should be able to navigate to <code>yourwebsite.com&#47;wp-admin</code>, login and have everything work as expected. Congrats - enjoy your blog!</p>
<p>Below you can find more advanced configuration to get the most out of your WordPress project.</p>
<hr/>
<h2 id="backing-up-wordpress">Backing up WordPress</h2>
<p>NFS recommends backing up your WordPress setup on a regular basis.</p>
<p>This is a two-step process. You must back up both the files and the database.</p>
<h3 id="backing-up-wordpress-files">Backing up WordPress Files</h3>
<p>To back up your WordPress files directly from a Unix-like system of your own, you can use a command like:</p>
<pre><code>ssh yourmembername_siteshortname@ssh.phx.nearlyfreespeech.net tar -C &#47;home&#47;public -cvf - . | gzip &#62;name-of-wordpress-backup.tar.gz
</code></pre>
<p>To back up WordPress to a file on our system that you can transfer via SFTP to your own computer, you can use a command like:</p>
<pre><code>tar -C &#47;home&#47;public -cvzf &#47;home&#47;tmp&#47;name-of-wordpress-backup.tar.gz .
</code></pre>
<p>This assumes that your WordPress install is in the default location (<code>&#47;home&#47;public</code>). It will put your backup file in your <code>&#47;home&#47;tmp</code> directory.</p>
<p>Do not try to back up your WordPress folder into your WordPress folder, as that occasionally results in attempts to use infinite disk space by trying to back up the backup of the backup of the backup of the&#8230;</p>
<h3 id="backing-up-the-wordpress-database">Backing up the WordPress Database</h3>
<p>If you have a Unix-like system of your own (e.g. macOS or Linux), you can do the backup directly from there using your local command prompt using the MySQL username and password you created for WordPress:</p>
<pre><code>ssh yourmembername_siteshortname@ssh.phx.nearlyfreespeech.net wp db export - | gzip &#62;wordpress-backup.sql.gz
</code></pre>
<p>Or you can do it from the SSH command line via WP-CLI:</p>
<pre><code>wp db export &#47;home&#47;tmp&#47;wordpress-backup.sql
</code></pre>
<p>The <code>wordpress-backup.sql</code> file this generates will be stored in your site&#8217;s <code>&#47;home&#47;tmp</code> directory. Download it from there to have a local copy.</p>
<h2 id="thats-it">That&#8217;s It!</h2>
<p>Your WordPress site should be up-and-running now. Further customization or extra plugins&#47;services can be freely added if so desired. Enjoy your site!</p>
<footer role="contentinfo">
    <h2>Menu Navigation</h2>
    <ul id="menu">
        <li><a href="/">Home</a></li>
        <li><a href="/projects">Projects</a></li>
        <li><a href="/uses">Uses</a></li>
        <li><a href="/wiki">Wiki</a></li>
        <li><a href="/resume">Resume</a></li>
        <li><a href="/colophon">Colophon</a></li>
        <li><a href="/now">Now</a></li>
        <li><a href="/donate">Donate</a></li>
        <li><a href="/atom.xml">RSS</a></li>
        <li><a href="#top">&uarr; Top of the page</a></li>
    </ul>
    <small>
        Built with <a href="https://git.sr.ht/~bt/barf">barf</a>. <br>
        Maintained with ♥ for the web. <br>
        Proud supporter of <a href="https://usefathom.com/ref/DKHJVX">Fathom</a> &amp; <a href="https://nextdns.io/?from=74d3p3h8">NextDNS</a>. <br>
        The content for this site is <a href="https://creativecommons.org/licenses/by-sa/2.0/">CC-BY-SA</a>.<br> The <a href="https://git.sr.ht/~bt/bt.ht">code for this site</a> is <a href="https://git.sr.ht/~bt/bt.ht/tree/master/item/LICENSE">MIT</a>.
    </small>
</footer>