Life During Lockdown

I’ve been maintaining a lock down blog since the start of April. Reading through it I note with interest that there is very little there that I wouldn’t want on the public internet, and that a slightly redacted version might serve as a decent record of these difficult times. I could just dump these into my regular blog, but as with my cycling blog and my micro-KB I thought it was worth keeping it separate (because containers are still important to me). I think this might be the one that aggregates to Twitter (for now) though, as I’m hardly prolific enough anywhere else to make copying and pasting links into Buffer a particularly time consuming task.

https://andy.teknostatik.co.uk/lockdown/ is where it lives. It’s live now, and should be updated most days until we reach whatever the new normal looks like. I will still write here about music and technology, but probably at my usually sporadic rate.

Setting up WordPress

The following instructions describe how I install WordPress on Ubuntu. The instructions may differ slightly for other server environments, but the basic principles should be the same. This requires shell access to the server, but once it’s finished the WordPress instance(s) should be capable of being administered through a web browser.

Part 1 – Installing WordPress

Download WordPress and move it to /var/www/html/ so it runs from the root directory of the web server.

cd /var/www/html
sudo apt-get install unzip
sudo wget http://wordpress.org/latest.zip
sudo unzip latest.zip
cd wordpress
sudo mv * /var/www/html/
cd /var/www/html
sudo mv index.html index.html_old

Log into mysql:

mysql -u root -p

Create a new database (calling it something different to the example below)

mysql> CREATE DATABASE wordpress;
mysql> GRANT ALL PRIVILEGES ON wordpress.* TO wp_user@localhost IDENTIFIED BY "<password>";
mysql> exit

Install WordPress, following the instructions at http://codex.wordpress.org/Installing_WordPress. Remember to make a note of the username and password you set up for the admin account.

At one point in the installation (it will be obvious) you may need to issue the following command to manually create a config file.

sudo nano wp-config.php

Once WordPress is installed, navigate to /var/www (cd .. or cd /var/www/) and issue the following command:

sudo chown -R www-data html

This will ensure you can install plugins and themes through the WordPress web interface.


Part 2 – Configuring WordPress

Log in using the account you just created.

Install and activate some plugins (Acunetix WP Security, Jetpack by WordPress.com, WP-Markdown and WordPress Importer), via the web interface in WordPress (if you’ve not issued the command above then this won’t work).

Navigate to the left hand menu item for Acunetix WP Security, tick all boxes and click on “update settings”. This will apply all recommended security changes.

Use WordPress Importer to import content (posts, tags, files) from other instances of WordPress.

If you want to compose posts in markdown then you’ll need to navigate to Settings –> Writing and tick the boxes for the interfaces you want to default to markdown.

Note: you won’t be able to activate Jetpack unless the server is visible on the public internet.

Remove the “Hello World!” post and the sample page (both should be obvious if they have not been removed!)


Part 3 – WordPress Multisite (optional)

This allows you to run more than one blog/site in a single instance of WordPress. The instructions at http://codex.wordpress.org/Create_A_Network are good, and are mostly enough to get it up and running.

There are two more things to do on Ubuntu servers:

Enable mod_rewrite

 a2enmod rewrite

Open /etc/apache2/apache2.conf and find the part that says:

 <Directory /var/www/>
 Options Indexes FollowSymLinks
 AllowOverride None
 Require all granted
 </Directory>

Replace AllowOverride None with AllowOverride All


Part 4 – SSL (optional)

Enable mod_rewrite (if you’ve not already done it as part of step 3)

sudo a2enmod rewrite

Enable ssl

sudo a2enmod ssl
sudo a2ensite default-ssl.conf

Amend your apache config to enable pages to be served on port 443

sudo nano /etc/apache2/sites-available/default-ssl.conf

<VirtualHost _default_:443>
Servername yourdomain.com
DocumentRoot /var/www/html

#Enable/Disable SSL for this virtual host.
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3

Amend 80 config (e.g. 000-default.conf), to redirect to 443

sudo nano /etc/apache2/sites-available/000-default.conf

DocumentRoot /var/www/html
ServerName yourdomain.com
Redirect "/" "https://yourdomain.com"

Restart apache

sudo service apache2 restart

Change domain in WordPress settings (through UI) to yourdomain.com

Create a certificate request (csr):

sudo mkdir /etc/apache2/ssl
sudo openssl req -new -newkey rsa:2048 -nodes -keyout /etc/apache2/ssl/yourdomain.key -out /etc/apache2/ssl/yourdomain.csr

Country Name (2 letter code) [XX]:GB
State or Province Name (full name) []:West Midlands
Locality Name (eg, city) [Default City]:Your city
Organization Name (eg, company) [Default Company Ltd]:Your Company
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:yourdomain.com

Copy certificate somewhere sensible

sudo cp /etc/apache2/ssl/yourdomain.csr /home/username/yourdomain.csr

What you’ll need to do then is grab the certificate from home directory, save it somewhere safe and then do whatever you do in your organisation/environment to generate/buy/get a root certificate (there are so many different ways).

Once you have a root certificate, follow instructions at http://askubuntu.com/questions/73287/how-do-i-install-a-root-certificate

Configure apache to use certificate

sudo nano /etc/apache2/sites-available/default-ssl.conf

Then add/edit the following lines:

SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCertificateFile  /etc/apache2/ssl/yourdomain.com.cer
SSLCertificateKeyFile /etc/apache2/ssl/yourdomain.key

Restart apache

sudo service apache2 restart

At that point your site should serve web pages on https with no error messages.