[SHORTCUT] Installing WordPress on New LEMP Ubuntu 18.04

We summarized our experience on setting up WordPress on LEMP Ubuntu 18.04. We use Digital Ocean as our virtual private server. It comes with PHP7.2, FPM, and Certbot pre-installed. Nice isn’t it!

  • Enable SSH to accept outside root connection. Open /etc/ssh/sshd_config, find PermitRootLogin and PasswordAuthentication lines. Set it to yes, and restart sshd by executing sudo service ssh restart.
  • Install NGINX on Ubuntu first. The point is the NGINX must be allowed by the Uncomplicated Firewall (UFW) first.
  • Install WordPress. Here is the shortlist: Create database, grant user, setting up NGINX, create configuration file for your website inside sites-available, setting up wp-config.php, restart FPM and restart NGINX.
  • Install SSL. LEMP Ubuntu 18.04 on Digital Ocean comes with Certbot pre-installed. Just type ‘certbot’ in the command line.
  • BONUS. Setting up HTTP2. This can speed up the website up to 2x.

By the way, there is question which is better upgrading from Ubuntu 14.04 to Ubuntu 18.04 to enable PHP7 for WordPress or start from fresh droplet or VPS account? The answer is better to start from the fresh one.

Upgrading from 14.04 to Ubuntu 18.04 will require you to upgrade to Ubuntu 16.04 first, in the meantime your server will be down and you’ll be firefighting the error. We don’t recommend upgrading your system. Start from a fresh droplet is easier and safer. Trust us.

Questions?

How to Find Folders and Remove It Manually with SSH

My db-cache-reloaded had made my day very bad. My site considered as Malware site. So, I asked Hostgator support to scan all my directories upon my account. Then, Krasimir (Security Administrator) guy found the obsolete db-cache-reloaded made bad effect because it allows any hacker to exploit files. That’s horrible.

I asked him about how to remove all db-cache-reloaded from my account. He recommended of using two commands in order to avoid removing files I might need. First, he told me that I can find all instances of db-cache-reloded and then remove it. Here are the commands:

Continue reading How to Find Folders and Remove It Manually with SSH

How to Change Permission of wp-config.php and Other Files/Directory Massively

Few days ago, I got troubled by some unethical hackers. They’re changing my directories and files permission to 777 which has ability to World-read-write-execute. That kind of permission is very dangerous. I don’t know how did they get into my cPanel File Manager. I thought it was WordPress, WordPress plugins, or WordPress theme failure, so they could inject malicious script into my public_html directory easily and freely.

I’ve ask HostGator using live chat support but one of them has said that I can’t change the permission of files or directories massively even using SSH. That’s totally wrong because few hours later after that, I found the way. Basically, you have to know how to connect to your hosting using SSH. I’ve created a tutorial how to connect HostGator using SSH.

Continue reading How to Change Permission of wp-config.php and Other Files/Directory Massively