Note

The Funtoo Linux project has transitioned to "Hobby Mode" and this wiki is now read-only.

Difference between revisions of "Package:Wordpress"

From Funtoo
Jump to navigation Jump to search
m (clean up database info to the point where page functions)
m (put notices that wordpress has hidden admin levels assigned to the first registered account.)
 
(3 intermediate revisions by the same user not shown)
Line 5: Line 5:
|Homepage=http://wordpress.org/
|Homepage=http://wordpress.org/
}}
}}
Wordpress is a blog [[web-server-stack]] application content management system.
Wordpress is a blog [[web-server-stack]] application content management system.  Wordpress powers much of the internet, and can be converted into several other systems.  Wordpress can be a blog, forum, bug tracker, social media platform, or even a web store.  There are several plugins available, and it has a large community backing it.


== Install ==
== Install ==
<console>###i## emerge wordpress</console>
<console>###i## emerge wordpress</console>
=== Nginx Server Configuration ===
Nginx does not respect the .htaccess files generated by wordpress.  To manually insert url rewrite rules:
{{file|name=/etc/nginx/sites-available/localhost|lang=|desc=nginx rewrite rules|body=
        location /wordpress {
                try_files $uri $uri/ /wordpress/index.php?$args;
        }
}}
More information can be found here: http://wiki.nginx.org/WordPress
=== Permission Adjustments ===
{{note| if using nginx change permissions to nobody:nobody instead of apache:apache}}
==== Plugins, Themes & Images ====
Wordpress needs some directories to be run under the webserver or php-fpm user for uploading images, and installing themes & plugins.
Fix permissions to enable uploading content such as banners:
<console>###i## chown apache:apache /var/www/localhost/htdocs/wordpress/wp-content</console>
Fix permissions to enable themes, and plugins:
<console>###i## chown -R apache:apache /var/www/localhost/htdocs/wordpress/wp-admin/
###i## chown -R apache:apache /var/www/localhost/htdocs/wordpress/wp-includes/
###i## chown -R apache:apache /var/www/localhost/htdocs/wordpress/wp-content/</console>
==== Security ====
<code>/var/www/localhost/htdocs/wordpress/wp-config.php</code> contains plaintext sql database passwords.  we should change the permissions to lock this file down.
<console>###i## chmod 640 /var/www/localhost/htdocs/wordpress/wp-config.php
###i## chown apache:apache /var/www/localhost/htdocs/wordpress/wp-config.php</console>


=== MySQL ===
=== MySQL ===
{{fancywarning|default "changeme" passwords are insecure, change them!}}
{{warning|default "changeme" passwords are insecure, change them!}}


To create a database for wordpress to interact with:
To create a database for wordpress to interact with:
Line 58: Line 88:
Point your browser @ http://localhost/wordpress/
Point your browser @ http://localhost/wordpress/


Name your website, and make a default administrator password.
Name your website, and make a default administrator username, and password.
 
{{important|Wordpress has hidden admin levels assigned to the first registered account.  Make sure you leave it as a generic admin account.}}


== Administration & Use ==
== Administration & Use ==
Line 65: Line 97:
Your shiny new blog is located @ http://localhost/wordpress/
Your shiny new blog is located @ http://localhost/wordpress/


=== Plugins & Themes & Images ===
Your new blogs rss feed is located @ http://localhost/wordpress/feed/


{{SectionNeedsUpdates}}
=== Suggested Themes ===
{{fancywarning|this section is out of date and designed for the dso php handler}}
* Responsive
 
Wordpress is a bit of a permissions nightmare.  Themes and plugins will ask for ftp access due to permission problems.  For now [[User:Threesixes|Threesixes]] ([[User talk:Threesixes|talk]]) is getting around it by.
 
Fix permissions to enable uploading content such as banners:
<console>###i## chown apache:apache /var/www/localhost/htdocs/wordpress/wp-content</console>
 
Fix permissions to enable themes, and plugins:
<console>###i## chown -R apache:apache /var/www/localhost/htdocs/wordpress/wp-admin/</console>
<console>###i## chown -R apache:apache /var/www/localhost/htdocs/wordpress/wp-includes/</console>
<console>###i## chown -R apache:apache /var/www/localhost/htdocs/wordpress/wp-content/</console>


This clearly is breaking the security of the webapp.  To "restore" security once all is set how you want it.
=== Suggested Plugins ===
* Add Meta Tags
* Disqus Comment System
* Google XML Sitemaps
* Share Buttons by AddToAny
* WooCommerce
* Wordfence Security
* YouTube widget responsive


<console>###i## chown -R root:root /var/www/localhost/htdocs/wordpress</console>
== Media ==
{{#widget:YouTube|playlist=PLpcSpRrAaOaqMA4RdhSnnNcaqOVpX7qi5}}


This is probably not enough, and probably not correct.
{{EbuildFooter}}
{{EbuildFooter}}

Latest revision as of 08:57, November 21, 2014

Wordpress

   Tip

We welcome improvements to this page. To edit this page, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.

Wordpress is a blog web-server-stack application content management system. Wordpress powers much of the internet, and can be converted into several other systems. Wordpress can be a blog, forum, bug tracker, social media platform, or even a web store. There are several plugins available, and it has a large community backing it.

Install

root # emerge wordpress

Nginx Server Configuration

Nginx does not respect the .htaccess files generated by wordpress. To manually insert url rewrite rules:

   /etc/nginx/sites-available/localhost - nginx rewrite rules
location /wordpress {
                try_files $uri $uri/ /wordpress/index.php?$args;
        }

More information can be found here: http://wiki.nginx.org/WordPress

Permission Adjustments

   Note
if using nginx change permissions to nobody:nobody instead of apache:apache

Plugins, Themes & Images

Wordpress needs some directories to be run under the webserver or php-fpm user for uploading images, and installing themes & plugins.

Fix permissions to enable uploading content such as banners:

root # chown apache:apache /var/www/localhost/htdocs/wordpress/wp-content

Fix permissions to enable themes, and plugins:

root # chown -R apache:apache /var/www/localhost/htdocs/wordpress/wp-admin/
root # chown -R apache:apache /var/www/localhost/htdocs/wordpress/wp-includes/
root # chown -R apache:apache /var/www/localhost/htdocs/wordpress/wp-content/

Security

/var/www/localhost/htdocs/wordpress/wp-config.php contains plaintext sql database passwords. we should change the permissions to lock this file down.

root # chmod 640 /var/www/localhost/htdocs/wordpress/wp-config.php
root # chown apache:apache /var/www/localhost/htdocs/wordpress/wp-config.php

MySQL

   Warning

default "changeme" passwords are insecure, change them!

To create a database for wordpress to interact with:

root # mysql -u root -p
mysql> CREATE DATABASE IF NOT EXISTS `wordpress` DEFAULT CHARACTER SET `utf8` COLLATE `utf8_unicode_ci`;
mysql> CREATE USER 'wordpress'@'localhost' IDENTIFIED BY 'changeme';
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER ON `wordpress`.* TO 'wordpress'@'localhost' IDENTIFIED BY 'changeme';
mysql> \q
   /var/www/localhost/htdocs/wordpress/wp-config.php (php source code) - insert database information
// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'wordpress');
/** MySQL database username */
define('DB_USER', 'wordpress');
/** MySQL database password */
define('DB_PASSWORD', 'changeme');
/** MySQL hostname */
define('DB_HOST', 'localhost');
/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');
/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

acquire your own salts and insert them into your configuration file. https://api.wordpress.org/secret-key/1.1/salt/

   /var/www/localhost/htdocs/wordpress/wp-config.php (php source code) - add a salt
define('AUTH_KEY',         '5%#gO!G+miM;(Jt8U^12SAh');
define('SECURE_AUTH_KEY',  'hJ~Hi:(R/:^l$M;(Vfp:+04$A');
define('LOGGED_IN_KEY',    'f^%jl;[9~8],LA^Eq]-5*');
define('NONCE_KEY',        '&IX,NkKM;M;(Jt(Jt8U^j;(m7');
define('AUTH_SALT',        'TX^29j/P7[q0GhM;(Jt8U^-ug&mh');
define('SECURE_AUTH_SALT', '<p@0$;jThph,2M6e8i<UAW=');
define('LOGGED_IN_SALT',   'O0TY<>%eIAs/=;O&7@LkhxduYhg6');
define('NONCE_SALT',       'VQ^-BR7YM;(Jt8U^D4ZRMY#[');

Database and database user are "wordpress" and passwords are what you set in your mysql database generation step. (changeme fields)

5 minute installer

Point your browser @ http://localhost/wordpress/

Name your website, and make a default administrator username, and password.

   Important

Wordpress has hidden admin levels assigned to the first registered account. Make sure you leave it as a generic admin account.

Administration & Use

Administer your WordPress @ http://localhost/wordpress/wp-admin/

Your shiny new blog is located @ http://localhost/wordpress/

Your new blogs rss feed is located @ http://localhost/wordpress/feed/

Suggested Themes

  • Responsive

Suggested Plugins

  • Add Meta Tags
  • Disqus Comment System
  • Google XML Sitemaps
  • Share Buttons by AddToAny
  • WooCommerce
  • Wordfence Security
  • YouTube widget responsive

Media