Install on Debian 11¶

Use sudo -i command is used to open a root shell & update the system.

sudo -i
apt update
apt upgrade -y

Install Apache, MariaDB, PHP, and necessary PHP extensions:

apt install apache2 mariadb-server php libapache2-mod-php php-mysql php-curl php-gd php-xml php-mbstring

Start the Apache and MariaDB services:

systemctl enable apache2
systemctl start apache2
systemctl enable mariadb
systemctl start mariadb

Secure the MariaDB installation:

mysql_secure_installation

Follow the on-screen prompts to set a root password, remove anonymous users, disable remote root login, and remove the test database.

Create a new database and user for WordPress:

mysql -u root -p

Enter your MariaDB root password when prompted.

Then, run the following SQL commands to create a new database and user for WordPress:

NOTE: Replace wordpressuser and password with your desired username and password.

CREATE DATABASE wordpress;
GRANT ALL ON wordpress.* TO 'wordpressuser'@'localhost' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
EXIT;

Download and extract WordPress:

cd /tmp
wget https://wordpress.org/latest.tar.gz
tar xzvf latest.tar.gz

Move the WordPress files to the Apache web root directory:

mv /tmp/wordpress/* /var/www/html/

For WordPress, it is recommended to set file permissions to 644 and directory permissions to 755. This is because WordPress needs to read and write files in its installation directory and subdirectories, but does not require execute permissions on these files.

Setting file permissions to 644 allows the web server to read and write files, while preventing unauthorized modification. This is important for security reasons, as it prevents attackers from modifying important files like PHP scripts or configuration files.

Setting directory permissions to 755 allows the web server to read and execute directories, while preventing unauthorized access or modification of files in the directory.

chown -R www-data:www-data /var/www/html/
find /var/www/html/ -type d -exec chmod 755 {} \;
find /var/www/html/ -type f -exec chmod 644 {} \;

This will set the ownership of the WordPress files and directories to the www-data user and group, and set the file permissions to 644 and directory permissions to 755.

Edit the WordPress configuration file:

cp /var/www/html/wp-config-sample.php /var/www/html/wp-config.php
nano /var/www/html/wp-config.php

Update the following lines with your database details:
Replace the following lines with the appropriate credentials

define('DB_NAME', 'wordpress');
define('DB_USER', 'wordpressuser');
define('DB_PASSWORD', 'password');
define('DB_HOST', 'localhost');

Save and exit the file.

Restart Apache to apply the changes:

systemctl restart apache2

NOTES:

While setting directory permissions to 755 and file permissions to 644 is a good practice for security and performance reasons, it is possible that some plugins or themes may require different permissions. In such cases, you may need to adjust the permissions accordingly.

Additionally, running the chown command may cause issues if you have modified the ownership of files or directories within /var/www/html/ manually. In such cases, you may need to restore the original ownership or take additional steps to ensure that your files and directories are accessible to the web server.

If you have already manually modified the ownership of any files or directories in /var/www/html/, running the chown command again may cause issues. In such cases, you may need to restore the original ownership of those files or directories before running the chown command.

To avoid this issue, it is recommended that you do not manually modify the ownership of files or directories in /var/www/html/ and instead rely on the chown command to set the correct ownership for all files and directories in that directory.

It is also worth noting that while securing your WordPress installation is important, it is just one aspect of website security. You should also take other measures such as using strong passwords, keeping your software up to date, and regularly backing up your data.