Oct 092012
 

Time for a new blog and already have a Rackspace cloud account?  If you are going with a brand new server, you will need to set up some basic things first.  Lets get started:

Login to Rackspace’s cloud control panel. Create a server: pick a server name, something short and sweet!  I picked OS: Centos 6.3, because it is the closest to RedHat and because it does not require RedHat license fee. Region: the default is probably fine!

Pick a size: smallest should work.

Click “Create Server”.  You will be presented with “Root Admin Password”. Copy the password, and store it in a safe place.  You will need it later.

Go get coffee, it will take a few minutes for the server to be created.

Copy the ip of your server and ssh into it: root@your.ip.  It will ask you a yes/no question, if it is the first time you are logging in.  Say yes!

computer:~ eglute$ ssh root@198.61.213.25
The authenticity of host '198.61.213.25 (198.61.213.25)' can't be established.
RSA key fingerprint is 27:e4:7f:5e:25:f8:e6:90:e4:c3:1b:4d:6f:c6:f2:b3.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '198.61.213.25' (RSA) to the list of known hosts.
root@198.61.213.25's password:

Since you just created this server, it is missing a few things. Fun with updates:

Check whether server needs updating:

[root@blog ~]# yum check-update

It probably needs updating:

[root@blog ~]# yum update

Don’t want to do updates manually? Well, you are in luck! Just configure cron to take care of this for you:

[root@blog ~]# yum -y install yum-cron
[root@blog ~]# chkconfig --list yum-cron
yum-cron 0:off 1:off 2:off 3:off 4:off 5:off 6:off
[root@blog ~]# service yum-cron status
Nightly yum update is disabled.
[root@blog ~]# service yum-cron start
Enabling nightly yum update: [ OK ]
[root@blog ~]#

Install mysql server:

[root@blog ~]# yum -y install mysql-server

Start mysql:

[root@blog ~]# service mysqld start

Secure mysql installation:

[root@blog ~]# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
 SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we'll need the current
password for the root user. If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): 
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
Set root password? [Y/n] Y
New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] Y
 ... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y
 ... Success!
By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] Y
 ... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MySQL
installation should now be secure. Thanks for using MySQL!

Install apache:

[root@blog ~]# yum -y install httpd
[root@tempserver ~]# service httpd status
httpd is stopped
[root@blog ~]# chkconfig --list httpd
httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
[root@blog ~]# service httpd start

Create user for database:

[root@blog ~]# useradd press
[root@blog ~]# passwd press
Changing password for user press.
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.
[root@blog ~]# mysql -p
 Enter password:
 Welcome to the MySQL monitor. Commands end with ; or \g.
 Your MySQL connection id is 12
 Server version: 5.1.61 Source distribution
Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
 affiliates. Other names may be trademarks of their respective
 owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> CREATE DATABASE blog;
 Query OK, 1 row affected (0.00 sec)
mysql> GRANT ALL PRIVILEGES ON blog.* TO press@localhost IDENTIFIED BY 'verysecretpassword';
 Query OK, 0 rows affected (0.00 sec)
mysql> FLUSH PRIVILEGES;
 Query OK, 0 rows affected (0.00 sec)
mysql> EXIT
 Bye
 [root@tempserver ~]#

Install php:

yum -y install php php-mysql
cd /var/www/html/

Download wordpress:

wget http://wordpress.org/latest.tar.gz

Uncompress:

tar -xzvf latest.tar.gz

Move all files a directory up:

mv wordpress/* .
[root@blog html]# ls
 index.php license.txt wordpress wp-admin wp-blog-header.php wp-config-sample.php wp-cron.php wp-links-opml.php wp-login.php wp-settings.php wp-trackback.php
 latest.tar.gz readme.html wp-activate.php wp-app.php wp-comments-post.php wp-content wp-includes wp-load.php wp-mail.php wp-signup.php xmlrpc.php

You currently have all the pieces installed, yet while trying to go to http://example.com/wp-admin/install.php page, your browser won’t be able to connect to your server.  Check your iptables:

[root@blog html]# cat /etc/sysconfig/iptables
 # Firewall configuration written by system-config-firewall
 # Manual customization of this file is not recommended.
 *filter
 :INPUT ACCEPT [0:0]
 :FORWARD ACCEPT [0:0]
 :OUTPUT ACCEPT [0:0]
 -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 -A INPUT -p icmp -j ACCEPT
 -A INPUT -i lo -j ACCEPT
 -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
 -A INPUT -j REJECT --reject-with icmp-host-prohibited
 -A FORWARD -j REJECT --reject-with icmp-host-prohibited
 COMMIT

The problem is that port 80 is not accesible!

Edit iptables to open port 80. Since you are there, you might need 443 as well:

vi /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

You should have ipv6 address, so as such, change your ip6tables:

vi /etc/sysconfig/ip6tables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p ipv6-icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp6-adm-prohibited
-A FORWARD -j REJECT --reject-with icmp6-adm-prohibited
COMMIT

Restart services:

[root@blog html]# service iptables restart
iptables: Flushing firewall rules: 
 [ OK ]
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]
[root@blog html]# service ip6tables restart
ip6tables: Flushing firewall rules: [ OK ]
ip6tables: Setting chains to policy ACCEPT: filter [ OK ]
ip6tables: Unloading modules: [ OK ]
ip6tables: Applying firewall rules: 
 [ OK ]
[root@blog html]#

At this point, if you check http://example.com/wp-admin/install.php page, your browser will be connecting to the server, but you will be getting “Error: PHP is not running” message.  Still a couple steps left!

[root@blog html]# pwd
/var/www/html
[root@blog html]# ls
index.php license.txt wordpress wp-admin wp-blog-header.php wp-config-sample.php wp-cron.php wp-links-opml.php wp-login.php wp-settings.php wp-trackback.php
latest.tar.gz readme.html wp-activate.php wp-app.php wp-comments-post.php wp-content wp-includes wp-load.php wp-mail.php wp-signup.php xmlrpc.php

Make a copy of wp-config-sample.php:

[root@blog html]# cp wp-config-sample.php wp-config.php

Edit wp-config.php.  For this example, it would look like this:

// ** MySQL settings - You can get this info from your web host ** //
 /** The name of the database for WordPress */
 define('DB_NAME', 'blog');
/** MySQL database username */
 define('DB_USER', 'press');
/** MySQL database password */
 define('DB_PASSWORD', 'verysecretpassword');
/** MySQL hostname */
 define('DB_HOST', 'localhost');

The rest of the values can stay as is in the file.

One last time:

service httpd restart

Proceed to the browser http://example.com/wp-admin/install.php , and follow directions on the screen.  Happy blogging!

-eglute

 

 

 

 Posted by at 5:15 am