Thursday, 31 May 2012

How to set up WordPress on Amazon EC2

First of all, you need to get yourself an Amazon Web Services account. You need to attach a credit card to the account but they won't charge you until you use something. If you choose to create a 'Micro' instance, which I'll cover in just a moment, you may indeed be able to host your website or blog for a whole year for free!

OK... so now you've got your account set up, lets get started...

1. Create your Instance (Virtual Server)

Open up your AWS Management Console and on the EC2 tab, we need to create an Instance. Select the region you'd like to host your website, and then select 'Launch Instance'.

Go with the 'Classic Wizard', and then you can get straight on choosing your preferred OS. I chose Amazon Linux (64-bit) for my server, which I assume is going to be more closely married to the EC2 service as a whole.

Once selected, your next option is to choose the Instance type you require. This is basically how much grunt you're going to need. For a small blog site or if you are just testing stuff out, you should be OK with a Micro instance, but for anything else you'll need to choose something more powerful.

All the remaining instance details can be left default, and you can add descriptive tags if you like. Next you need to create a key pair; this essentially works like a password to access your server. Just give it a name and click 'Create and Download your Key Pair', saving it in a safe place.

The final step is to create a security group, which is a set of firewall port rules. Name the group 'WordPress', add a description (I just repeated 'WordPress'), and then add the following Inbound rules:

HTTP (0.0.0.0/0)
SSH (0.0.0.0/0)
Custom Rule, Port Range 20-21 (0.0.0.0/0)
Custom Rule, Port Range 14000-14050 (0.0.0.0/0)

Those rules deal with access for web traffic, terminal access and FTP. Finish up the wizard and in just a few moments you will see your server up and running under 'Instances'

2. Connect to your Instance

In the AWS Console select the running instance and, under 'Instance Actions', click 'Connect'. A Java based SSH client will open up and, once you've provided the path to the key file you saved earlier, you'll have a linux shell ready and we can get on with configuring the server.

First, lets install all the available updates. Type:
sudo yum update

A lot of the commands in this article also require root access, so each time I connect to the instance I'll just run one command to elevate my permissions. Otherwise I would need to prefix everything with 'sudo'.

Type:
sudo su

3. Install Apache Web Server

To install apache, type:
yum install httpd

Start the service:
service httpd start

Set the service to start automatically:
chkconfig httpd on

4. Install PHP

To install PHP, Type:
yum install php php-mysql

Restart apache:
service httpd restart

5. Install MySQL

To install MySQL, type:
yum install mysql-server

Start MySQL:
service mysqld start

Set the service to start automatically:
chkconfig mysqld on

Create your wordpress database:
mysqladmin -uroot create wordpress

Secure your database:
mysql_secure_installation

Answer the wizard questions as follows:
Enter current password for root:  Press return for none
Change Root Password:  Y
New Password:  Set a strong password and make sure you document it!
Remove anonymous user:  Y
Disallow root login remotely:  Y
Remove test database and access to it:  Y
Reload privilege tables now:  Y

6. Install WordPress

Most of the articles I found covering this suggested installing WordPress in a directory called 'blog' or 'site' or something similar within /var/www/html, however in this case I am going to install it directly into the root folder as I do not like having those extra bits in my website URL.

Change directory:
cd /var/www

Download WordPress:
wget http://wordpress.org/latest.tar.gz

Extract WordPress:
tar -xzvf latest.tar.gz

Move WordPress into the html folder:
rmdir html
mv wordpress html

Clean up:
rm latest.tar.gz

Create and edit the config file:
cd html
mv wp-config-sample.php wp-config.php
vi wp-config.php

That last command will open the config file for view. You can scroll up and down with the cursor keys and if you press i on your keyboard it will go into edit mode. You need to edit the following lines:

define(‘DB_NAME’, ‘wordpress’);
define(‘DB_USER’, ‘root’);
define(‘DB_PASSWORD’, ‘YOUR_PASSWORD’);
define(‘DB_HOST’, ‘localhost’);

When you are finished editing, you press Esc on your keyboard, and then type :wq and press enter to save the file and quit vi.

7. Assign an Elastic IP Address

One mistake I made in my early attempts was to rush on with configuring WordPress before I had assigned an Elastic IP address to the server in the AWS console. If you don't assign an Elastic IP, when you restart the server, its public DNS will change and your WordPress configuration will be broken. It's easy to fix, but can be avoided, so lets assign an Elastic IP so that we have a permanent address to work with:

In the AWS console, choose Elastic IPs and then 'Allocate New Address'. Once allocated, associate it with the server instance.

8. Configure WordPress

We are now ready to configure WordPress, so just put http://xxx.xxx.xxx.xxx (replacing with your Elastic IP address of course) into your web browser and that will trigger the WordPress configuration process:



It's simple, just give your website a name and set up an admin password and your site is ready!

9. Install an FTP Server

If you want to be able to easily update the files in your WordPress installation, then you'll need an FTP server.

Back in the SSH terminal, install the FTP server by typing:
yum install vsftpd

Edit the config file at /etc/vsftpd/vsftpd.conf
cd /etc/vsftpd
vi vsftpd.conf

That last command will open the config file for view. You can scroll up and down with the cursor keys and if you press i on your keyboard it will go into edit mode. You need to edit the following lines:

Disable anonymous access:
anonymous_enable=NO

These next 6 lines will need to be added to the config file.
Configure the FTP server for passive connections:
pasv_enable=YES
pasv_min_port=14000
pasv_max_port=14050
port_enable=YES

Configure the FTP Server to send your Elastic IP address to clients for passive connections:
pasv_address=xxx.xxx.xxx.xxx (Replace with your Elastic IP)
pasv_addr_resolve=NO

When you are finished editing, you press Esc on your keyboard, and then type :wq and press enter to save the file and quit vi.

Start the FTP service:
service vsftpd start

Set the service to start automatically:
chkconfig vsftpd on

10. Configure an FTP User

Add an FTP user, giving access only to the WordPress files and for additional security ensuring the user can not open a shell:
useradd ftpuser -d /var/www/html -s /sbin/nologin

Set the password for ftpuser:
passwd ftpuser

Set a strong password and make sure you document it!

To stop WordPress continually asking for your FTP login details every time you update a plugin or theme, edit the config file:
cd /var/www/html
vi wp-config.php

That last command will open the config file for view. You can scroll up and down with the cursor keys and if you press i on your keyboard it will go into edit mode. You need to add the following lines after the MySQL database settings:

/** FTP Settings */
define("FTP_HOST", "YOUR_ELASTIC_IP");
define("FTP_USER", "ftpuser");
define("FTP_PASS", "YOUR_PASSWORD");

When you are finished editing, you press Esc on your keyboard, and then type :wq and press enter to save the file and quit vi.

11. Set Permissions on WordPress Files and Folders

To change the permissions on WordPress files and folders to recommended values, type:
find /var/www/html/ -type d -exec chmod 755 {} \;
find /var/www/html/ -type f -exec chmod 644 {} \;

Change the ownership of the files to 'ftpuser'. Because PHP runs in the identity of the file owner, this will ensure that WordPress can modify files as needed as well maintaining our own access and ensuring read-only access for everyone else:
chown -R ftpuser /var/www/html

12. Back Up Your Instance

As always, we should take regular backups, and so with the initial build and configuration all complete, lets take an image of the server so that if something goes wrong in the future, we never have to go through this process again!

In the AWS console, select your server and then under Instance Actions, choose 'Stop'. Once the server has shut down, again under Instance Actions, choose 'Create Image':

Fill in the details, and then press 'Yes, Create'. Once complete, this will be available in the console under Images and Snapshots and you can use it to either roll back or create a new server.

When you start your instance up again, you might have to re-associate the Elastic IP, otherwise that's it...

All done!
Post a Comment