Tutorials

How to Install WordPress with LAMP on Rocky Linux 8

In this guide, we will show you how to How to Install WordPress with LAMP and Let's Encrypt SSL on Rocky Linux 8.

WordPress is a free, open-source, and the world's most popular CMS built entirely in PHP. It is used by thousands of people around the globe for running blogs, business websites, and e-commerce stores. It has some great features including, a simple and easy-to-use admin panel, thousands of plugins, a huge community, in-depth theming, customization, and more.

Prerequisites

  • A server running Rocky Linux 8.
  • A valid domain name pointed with your server IP.
  • A root password is configured on the server.

Install LAMP Server

The first component that we are going to start installing is the Apache webserver. This is provided by the httpd software package. When installed, the httpd daemon runs in the background awaiting incoming HTTP requests from client devices.

To install Apache, launch your terminal and run the command.

$ sudo dnf install httpd

This installs the httpd package along with other dependencies.

Install Apache on Rocky Linux

Thereafter, enable the webserver to start at boot time.

$ sudo systemctl enable httpd

And then start the Apache httpd daemon as shown.

$ sudo systemctl start httpd

To verify that Apache is running on Rocky Linux 8, issue the command:

$ sudo systemctl status httpd
Check Apache Status on Rocky Linux

Another nifty way of verifying that Apache is active and running is by browsing the server’s IP address or Fully Qualified Domain Name (FQDN) as shown.

http://server-IP
OR
http://domain.com

This should give you the Apache HTTP test page, an indicator that all is well.

Check Apache Page on Rocky Linux

If you are getting an error on your browser when trying to access the page, then perhaps the firewall is blocking HTTP traffic. Run the commands below to allow HTTP traffic and reload the firewall.

$ sudo firewall-cmd --add-service=http --permanent
$ sudo firewall-cmd --reload

Step 2: Install MariaDB on Rocky Linux

Next, we need to install a database server. Two options can suffice – MariaDB and MySQL. We will focus on MariaDB thanks to its numerous enhancements including faster and safer replication, numerous high-performance storage engines, backward compatibility with MySQL, and better overall performance when compared to MySQL.

The AppStream repository for Rocky Linux provides MariaDB 10.3 by the time of writing down this guide.

To install MariaDB, run the command:

$ sudo dnf install mariadb-server mariadb

When the installation is complete, enable MariaDB to start upon a reboot or during booting.

$ sudo systemctl enable --now mariadb

And finally, start the MariaDB service.

$ sudo systemctl start mariadb

To confirm that MariaDB daemon is running, run the command:

$ sudo systemctl status mariadb
Check MariaDB Status

MariaDB’s default settings are weak and pose a few vulnerabilities that can be leveraged by hackers to breach the database server. As such, we need to take additional steps to harden the database server.

To achieve this, run the script shown.

$ sudo mysql_secure_installation

The first step is to set the root password. So press ENTER since no Root password is configured by default, and then ‘Y’ to set a root password. Provide a strong password and confirm it.

Set MariaDB Root Password

Type ‘Y’ for the remaining configurations. This will effectively purge or remove any anonymous users, block remote root login and remove the Test database which is not needed in a production environment.

Secure MariaDB Installation

The database server is now fully configured and secure.

Step 3: Install PHP on Rocky Linux

Finally, the last component to install will be PHPPHP, a backronym for PHP Hypertext Preprocessor, is a scripting language used in the development of dynamic web pages.

Rocky Linux AppStream provides multiple versions of PHP. To check the available versions, run the command:

$ sudo dnf module list php

This provides a list of PHP modules and Streams.

List PHP Module Stream

The default PHP stream is PHP 7.2. To install the latest module Stream from the repository, reset the PHP streams.

$ sudo dnf module reset php

Then enable the preferred PHP stream. For example, to enable PHP 7.4, execute:

$ sudo dnf module install php:7.4

This installs PHP 7.4 and associated extensions.

Install PHP on Rocky Linux

Moreover, you can install additional PHP extensions. Here, we are installing php-curl, and php-zip extensions.

$ sudo dnf install php-curl php-zip

Once installed, confirm the version of PHP installed as shown.

$ php -v
Check PHP Version

Another way of testing the version of PHP installed is to create a test PHP file in the /var/www/html path.

$ sudo vim /var/www/html/info.php

Paste the configuration shown.

<?php

phpinfo();

?>

Save the changes and restart the webserver.

$ sudo systemctl restart httpd

Then head back to your browser and follow the URL shown

http://server-ip/info.php

A page displaying the PHP version among other parameters such as details of PHP extensions enabled will be displayed.

Check PHP Info

You can now remove the test PHP file.

$ sudo rm -f /var/www/html/info.php

And there you have it. We have successfully installed the LAMP stack on Rocky Linux 8.4. You can proceed and host your web applications or configure apache to run multiple virtual hosts in the same server.

Secure WordPress with Let's Encrypt SSL

Next, you will need to install the Certbot client to install the Let's Encrypt SSL for WordPress. You can install it with the following command:

dnf install epel-release -y 
dnf install certbot python3-certbot-apache

Next, obtain and install an SSL certificate for your lets domain with the following command:

certbot --apache -d wordpress.example.com

You will be asked to provide your email address and accept the term of service:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices)
 (Enter 'c' to cancel): [email protected]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server. Do you agree?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
Account registered.
Requesting a certificate for wordpress.example.com
Performing the following challenges:
http-01 challenge for wordpress.example.com
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/httpd/conf.d/wordpress.conf
Redirecting all traffic on port 80 to ssl in /etc/httpd/conf.d/wordpress.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://wordpress.example.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Subscribe to the EFF mailing list (email: [email protected]).


IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/wordpress.example.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/wordpress.example.com/privkey.pem
   Your certificate will expire on 2022-02-09. To obtain a new or
   tweaked version of this certificate in the future, simply run
   certbot again with the "certonly" option. To non-interactively
   renew *all* of your certificates, run "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Configure Firewall

Next, you will need to allow ports 80 and 443 through the firewalld. You can allow them with the following command:

firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https

Next, reload the firewalld to apply the changes:

firewall-cmd --reload

Once you are finished, you can proceed to the next step.

Access WordPress Dashboard

Next, open your web browser and access the WordPress admin panel using the URL https://wordpress.example.com. You will be redirected to the following page:

Select your language and click on the Continue. You should see the WordPress site configuration page:

Provide your site information and click on Install WordPress button. Once the installation has been completed, you should see the following page:

Click on the Login button. You will be redirected to the WordPress login page:

Provide your admin username, password and click on the Login button. You should see the WordPress dashboard on the following page:

Conclusion

Congratulations! you have successfully installed WordPress with Apache and Let's Encrypt SSL on Rocky Linux 8. You can now create your own website easily using WordPress. Feel free to ask me if you have any questions.