Environment
WordPress CMS, AFS virtual host
Issue
How to install WordPress CMS in an AFS-based virtual host
Resolution
PREREQUISITES:
PROCEDURE:
- You'll need to requisition a MySQL database at https://its.umich.edu/data/data-database/midatabase -- note the Data Security link on that page for meeting your requirements. Ensure you select "MySQL" for Database Type. When it's created, you'll need to have the database information for it handy during this installation.
- Start by establishing an SSH session to "login.itd.umich.edu", then run these commands. (Substitute your actual directory name for [group home directory] !)
cd ~[group home directory]/Public/html
wget https://www.wordpress.org/latest.tar.gz
tar zxf latest.tar.gz
rm latest.tar.gz
- By default, WordPress installs into a "wordpress" subdirectory. You'll want to move the installation files up a level:
mv wordpress/* ./
rm -r wordpress
Note that recent versions of WordPress have PHP minimum version requirements. Contact the ITS Web Team if you're concerned about the PHP version for your host (we offer up to version 8.1, as of August 2022).
- Once you've downloaded the WordPress software, you'll need to make some changes to permissions. This will let the install.php script edit wp-config.php, with your database info. Since this is AFS, unix permissions mentioned in the WordPress documentation aren't significant:
fs sa . umweb:servers write
- In a web browser, access your website. This should run the installer.
- Enter your database info. Make sure to specify the proper mySQL database hostname (e.g., webapps-db.web.itd.umich.edu, webapps2-db.miserver.it.umich.edu, etc) as the host; localhost will not work here.
If that fails, the installer may give you text you can copy/paste into wp-config.php instead (see the vi/emacs suggestions below to use that content).
- After setting up the DB, you'll see an additional page to set the admin password for the blog along with other details.
- Once that's complete, the install.php script will not need to run again, so remove the permissions you set for it. Bypassing this step will result in security issues with your installation.
fs sa . umweb:servers read
- Alternately, you can skip the permission commands above, and set up wp-config.php at the command line with an editor like "vi" or "emacs" if you're comfortable with those:
cp wp-config-sample.php wp-config.php
vi wp-config.php
Permissions for file uploads in WordPress
The first time you try uploading an image file, etc., WordPress will try to create wp-content/uploads, and subdirectories therein. The 'uploads' directory will likely need to retain write permissions long-term, but wp-content should never have write access to prevent site security issues. We recommend performing the following commands to support WordPress uploads:
mkdir wp-content/uploads
fs sa wp-content/uploads umweb:servers write
Generally, our servers should be configured not to execute PHP out of any writable directory. Please contact us to disable PHP if you leave a location writable after the installation process is finished.
OIDC login for your WordPress site
You can configure your WordPress site to use OpenID Connect (OIDC) for authentication. See the Knowledge Article #8341, "Install and Configure OpenID Connect (OIDC) Client for WordPress in an AFS-based Virtual Host", for installation and configuration instructions.
Keeping WordPress up-to-date
If you'd like to use the WordPress dashboard to manage updates and plugin/theme installations, see this related Knowledge Article: #3148 Updating ITS Web Hosting WordPress Sites Within the WP Dashboard.
Additional Information
Need additional information or assistance? Contact the ITS Service Center.