Software engineer | lateral thinker | continuos learner

Guide for setup WordPress on AWS EC2 instance

-

WordPress

Wordpress server design
WordPress server design

WordPress is a widely used CMS (content management system) written in PHP, which gives an intuitive interface for creating content, modifying, and managing all-in-one a site.

WordPress is a free open-source software with no hidden prices, you can modify source code or use it as-is without none limitations.

WordPress expands functionality with a simple but genial model: plugins can be added for every feature you want. There are a thousand plugins free or paid for for every task, you choose that based on your skill level or if you want to pay for professional plugins.

As tradeoff, I want to advise many functionalities can be done with a configuration server if you have an hosting it can be possible and your skill have a correct knowledge about that.

In general I prefer a configuration server than a plugin doing the exact things. Security is higher and it consideraly speed up the site.

Every installed plugins must choosen after an evaluation more deeply from advantanges and disavantages. You can have a unknown slow site and must search disabling one time plugin for see if it speed up the site.

Remember the speed of site it connects with SEO, it influences directly your organic search hints, so don’t dumb verify more attently every choose you do it, and don’t be lazy if you can do that with configurations.

What’s Apache?

Apache Web Server is a free, open-source web server for delivering contents trough internet.

In few years Apache is defined well-known world-wide most used http client, as named Apache and remaining a standard de facto for delivering contents.

How to install Apache

What we want discuss about installing on AWS EC2 instance server a Apache Web Server .

Before we could be up-to-date all software on instance and flag autoset on YES for all updates you have.

sudo yum update -y

We must install httpd service (as known Apache) using yum package manager.

sudo yum install -y httpd.x86_64

We could be start the httpd service:

sudo systemctl start httpd.service

We configure httpd as service automatically running at reboot

sudo systemctl enable httpd.service

If you configure httpd, in particular httpd.conf, httpd-le-ssl.conf it’s useful before to launch httpd start command, launch this command for testing if httpd configuration is correct.

It very useful because it show verbose logs regarding error configurations files, more deeply than normal logs starting.

apachectl configtest

Let’s Encrypt

Let’s Encrypt it’s a free open certificate authority, it permits to install on your web browser a TLS certificate with a few command-line terminal.

Let’s Encrypt it’s a necessary tool for making our site delivered on SSL if we use apache on AWS EC2 instance.

We must before installing certbot and the module for configuring apache

sudo yum install -y certbot python2-certbot-apache

Certbot permits to automate the creation of  Let’s Encrypt certificate, if you execute it with parameter –apache and apache it’s running you can simply verified the ownership of website.

After installation, we can run through the wizard to generate the certificate. In this step certbot show all virtual host configured in httpd.conf file

sudo certbot --apache
Certbot-installation
Certbot installation showing virtual host in apache configuration

We can issue certificate for any number of domain, so Let’s Encrypt can provides SSL certificate for every public websites.

Manage HTTPS

Httpd ensure management https and SSL very well, for achieve that you can use Open SSL, if you use website in Intranet you can generate ones from terminal, or if you have a public website you can use Let’s Encrypt how we discuss in previous chapter.

For setup httpd you need to add on head of httpd.conf and include a conf files for defining all virtual host regardings 443 port configurations.

LoadModule ssl_module modules/mod_ssl.so 
Include conf/extra/httpd-ssl.conf

If you want to edit the configuration file about SSL you can use “vi” command

vi /etc/httpd/conf/httpd-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
   DocumentRoot "/var/www/html-example"
   ServerName "http://example.com"
   Include /etc/letsencrypt/options-ssl-apache.conf
   ServerAlias "http://www.example.com"
   SSLCertificateFile /etc/letsencrypt/live/www.example.com/fullchain.pem
   SSLCertificateKeyFile /etc/letsencrypt/live/www.example.com/privkey.pem
</VirtualHost>
</IfModule>

MariaDB install on AWS EC2 instance

MariaDB is an open-source database forked from MySQL. It’s fast and work with SQL query, sharing the same driver connection as ODBC, and mantain until 8.0 retrocompatibility from same version with Mysql.

You can see what are the MariaDB version installable using amazon extra

sudo amazon-linux-extras | grep mariadb

For installing MariaDB it’s necessary

sudo yum install MariaDB-server MariaDB-client

Enable autostart after reboot, enable that services system

sudo systemctl enable --now mariadb

Start the database server.

sudo systemctl start mariadb

Log in to the database server as the root user. Enter your database root password when prompted;
One best practice is run Mysql secure installation, disabling anonymous users, remote logging, test database and more.

sudo mysql_secure_installation

It’s necessary to stop the service and restart for make active all changes.

sudo systemctl restart mariadb

After that we can connect to the database with root user and password we just choose.

mysql -u root -p
CREATE USER 'wordpress-user'@'localhost' IDENTIFIED BY 'your_password';

Create your database. Give your database a descriptive, meaningful name, such as `wordpress-db`.

CREATE DATABASE `wordpress-db`;

Grant full privileges for your database to the WordPress user that you created earlier.

GRANT ALL PRIVILEGES ON `wordpress-db`.* TO "wordpress-user"@"localhost";

Flush the database privileges to pick up all of your changes.

FLUSH PRIVILEGES;

PHP

Confirm that the amazon-linux-extras package is installed:
which amazon-linux-extras
If the command doesn’t return any output, then install the package that will configure the repository:
sudo yum install -y amazon-linux-extras
Install PHP 7.4, 7.3, 7.2 on Amazon AWS EC2
Let’s confirm that PHP 7.x topic is available in our AWS EC2 machine:
sudo amazon-linux-extras | grep php
sudo amazon-linux-extras enable php7.4
Now install PHP packages from the repository.
sudo yum clean metadata

sudo yum install php php {pear,cgi,common,curl,mbstring,gd,mysqlnd,gettext,bcmath,json,xml,fpm,intl,zip,imap}
Accept installation of PHP 7 packages on AWS EC2.

WordPress backup script on AWS EC2 on AWS bucket S3

WordPress backup directory, make daily dump of WordPress database, have a copy of configuration files it’s a first principle for manage server and make relialable a website.

I make a good point to start write a backup script, feel free to copy modify, but write me what are the changes you made and what are the improvement you add.

nano backup.sh

chmod u+x backup.sh

#!/bin/bash

# Get the bucket name from an argument passudo sed to the script
BUCKET_NAME=allerenitalie.com
DIRECTORY_PATH=/home/ec2-user/backups

NOW=$(date +%Y%m%d%H%M%S)
SQL_BACKUP=${NOW}_database.sql
FILES_BACKUP=${NOW}_files.tar.gz

DB_NAME=$(sudo sed -n "s/define( *'DB_NAME', *'\\([^']*\\)'.*/\\1/p" wp-config.php)
DB_USER=$(sudo sed -n "s/define( *'DB_USER', *'\\([^']*\\)'.*/\\1/p" wp-config.php)
DB_PASSWORD=$(sudo sed -n "s/define( *'DB_PASSWORD', *'\\([^']*\\)'.*/\\1/p" wp-config.php)
DB_HOST=$(sudo sed -n "s/define( *'DB_HOST', *'\\([^']*\\)'.*/\\1/p" wp-config.php)

# Backup database
mysqldump --add-drop-table -u$DB_USERNAME -p$DB_PASSWORD -h$DB_HOST $DB_NAME > ./backups/$SQL_BACKUP 2>&1

# Compress the database dump file
gzip ./backups/$SQL_BACKUP

# Backup the entire public directory
sudo tar -zcf ./backups/$FILES_BACKUP /var/www/html

sudo tar -cvpzf /home/ec2-user/backups/httpd.tar.gz /etc/httpd

# Remove backup files that are a month old
rm -f ./backups/$(date +%Y%m%d* --date='1 month ago').gz

# Copy files to S3 if bucket given
aws s3 cp $DIRECTORY_PATH/$SQL_BACKUP.gz s3://$BUCKET_NAME/ --quiet --storage-class STANDARD
aws s3 cp $DIRECTORY_PATH/$FILES_BACKUP s3://$BUCKET_NAME/ --quiet --storage-class STANDARD
aws s3 cp $DIRECTORY_PATH/httpd.tar.gz s3://$BUCKET_NAME/ --quiet --storage-class STANDARD

After create file bash you can edit crontabss:

Add a line:
24 18 28 * * cd /home/ec2-user/; /home/ec2-user/backup.sh

Share this article

Recent posts

Popular categories

Recent comments