WordPress is an excellent choice for blogging software. It's simple to set up and use, has a pretty good security record, and has lots of plugins. If you're hosting your own blog on GNU/Linux, WordPress is pretty much the way to go.
This is how we built WordPress to host several blogs.
Note that this installation is different than a standard installation in 2 ways. First, we're installing the package into /usr/local, and /var/local. This is to improve LSB compliance, and allows the possibility of sharing /usr/local across systems, as well as making it read-only. Second, we're not using WordPress' multi-site feature, but hacking in our own simple multi-site functionality. The reason we're rolling our own here is that WordPress multi-site makes some assumptions that we don't agree with. Most critical of these is that we want our sites to be able to maintain their own domain names, users, themes, and plugins.
WordPress 3.2 requires:
This build process assumes:
sudo/var/www/www-data[mysqladmin] and [mysql] sections of .my.cnfDocumentRoot are set to /var/www/$SITE_NAME/public/var/www/$SITE_NAME/public directories are soft links to /var/www/wordpress-$VERSIONDownload the latest WordPress. You can get it from http://wordpress.org/latest.tar.gz, but you won't know what version you're getting. So you can see what versions are available at http://wordpress.org/download/release-archive/ and download from there.
VERSION=3.2 cd /var/www wget http://wordpress.org/wordpress-$VERSION.tar.gz
Unpack the program:
tar xfz wordpress-$VERSION.tar.gz rm wordpress-$VERSION.tar.gz
Make sure that attackers cannot view directory listings (especially listing of installed plugins).
echo 'Options -Indexes' >> wordpress-$VERSION/.htaccess
Create a config file that will allow per-site configuration.
cat > wordpress-$VERSION/wp-config.php <<'EOF' <?php # Pull in per-site configuration. Assumes per-site config file is 1 directory up from DOCUMENT_ROOT. include(dirname($_SERVER['DOCUMENT_ROOT']) . '/wp-config.php'); # Pull in all the WordPress settings and include files. if ( !defined('ABSPATH') ) define('ABSPATH', dirname(__FILE__) . '/'); require_once(ABSPATH . 'wp-settings.php'); EOF
Move the installation to /usr/local/lib and /var/local/lib.
sudo mv wordpress /usr/local/lib/wordpress-$VERSION sudo mkdir -p /var/local/lib/wordpress-$VERSION/wp-content sudo mv /usr/local/lib/wordpress-$VERSION/wp-content/{plugins,themse,blogs.dir} /var/local/lib/wordpress-$VERSION/wp-content/
Set ownership of the directory so Apache can use it, and permissions so that web admins have write access:
sudo chown -R www-data:www-data /usr/local/lib/wordpress-$VERSION sudo chown -R www-data:www-data /var/local/lib/wordpress-$VERSION sudo chmod -R g+w /var/local/lib/wordpress-$VERSION find /var/local/lib/wordpress-$VERSION -type d | sudo xargs chmod g+ws
SITE=blog.craigbuchek.com mkdir -p /var/www/$SITE cd /var/www/$SITE rm -rf public ln -s /usr/local/lib/wordpress-$VERSION public
Create the MySQL database (set the real database name, username, and password):
WORDPRESS_MYSQL_DB=${SITE//[\.-]/_} WORDPRESS_MYSQL_USER=wp_craigbuchek ;# NOTE: Must be no longer than 16 characters WORDPRESS_MYSQL_PWD="`dd if=/dev/urandom bs=15 count=1 | base64`" sudo mysqladmin create $WORDPRESS_MYSQL_DB sudo sh -c "mysql <<EOF GRANT ALL PRIVILEGES ON $WORDPRESS_MYSQL_DB.* TO $WORDPRESS_MYSQL_USER@localhost IDENTIFIED BY '$WORDPRESS_MYSQL_PWD'; FLUSH PRIVILEGES; EOF"
Save the username and password in the .my.cnf file.
cat >>~/.my.cnf <<EOF # Specify --defaults-group-suffix=_$WORDPRESS_MYSQL_DB to use this group. [client_$WORDPRESS_MYSQL_DB] user = $WORDPRESS_MYSQL_USER password = '$WORDPRESS_MYSQL_PWD' EOF chmod 600 ~/.my.cnf
Manually create the configuration file.
KEY1=`dd if=/dev/urandom count=1 bs=1024 | sha256sum | awk '{print $1}'` KEY2=`dd if=/dev/urandom count=1 bs=1024 | sha256sum | awk '{print $1}'` KEY3=`dd if=/dev/urandom count=1 bs=1024 | sha256sum | awk '{print $1}'` KEY4=`dd if=/dev/urandom count=1 bs=1024 | sha256sum | awk '{print $1}'` cat > /var/www/$SITE/wp-config.php <<EOF <?php # Define database access settings. define('DB_NAME', '$WORDPRESS_MYSQL_DB'); define('DB_USER', '$WORDPRESS_MYSQL_USER'); define('DB_PASSWORD', '$WORDPRESS_MYSQL_PWD'); define('DB_HOST', 'localhost'); # Can also specify hostname:port. define('DB_CHARSET', 'utf8'); define('DB_COLLATE', 'utf8_general_ci'); # Override the MySQL default latin1_swedish_ci. \$table_prefix = 'wp_'; # Prefix used on all table names. # Set localization language. Defaults to English; otherwise specify a file within wp-content/languages/. define('WPLANG', ''); # Keys for encryption of information stored in browser cookies. define('AUTH_KEY', '$KEY1'); define('SECURE_AUTH_KEY', '$KEY2'); define('LOGGED_IN_KEY', '$KEY3'); define('NONCE_KEY', '$KEY4'); EOF sudo chmod 660 /var/www/$SITE/wp-config.php sudo chown www-data:www-data /var/www/$SITE/wp-config.php
Create a per-site uploads directory. (Don't forget to set the configuration below to include the full path to this directory.
mkdir -p /var/www/$SITE/uploads sudo chmod 770 /var/www/$SITE/uploads sudo chown www-data:www-data /var/www/$SITE/uploads
For a new site, run the installation script by accessing http://$SITE/wp-admin/install.php in a web browser.
Enter the weblog title and email address.
Record the admin password that is generated. It will be needed to log in to administer the application.
Log in as the admin, and create an Editor account for yourself. Record this password as well. Use this account to post blog entries. Use the admin account to change site settings.
Remove some files that aren't needed after installing:
rm /usr/local/lib/wordpress-$VERSION/{license.txt,readme.html,wp-config-sample.php,wp-admin/import*.php}
Log in as admin with the newly generated password.
Time zone: Chicago Time format: 1:04 PM (g:i A) Weeks in the calendar should start on: Sunday
Size of the post box: 15 lines UNCHECK Convert emoticons CHECK WordPress should correct invalidly nested XHTML
Syndication feeds show the most recent: 20 posts For each article in a feed, show: Full text
CHECK Enable threaded (nested) comments, 5 levels deep UNCHECK E-mail me whenever anyone posts a comment Default Avatar: blank
Custom Structure: /%year%/%monthnum%/%day%/%postname%
Store uploads in this folder: /var/www/$SITE/uploads Full URL path to files: /uploads
Note that this requires the following Apache configuration in the VirtualHost section for the site:
Alias /uploads /var/www/$SITE/uploads
Set up a list of categories that your posts will fall within. You can add more later, but try to set up a few that you'll likely use.
Delete the pre-configured links, and add your own links, if you want to use them as a blogroll.
Add some new themes, and activate them to try them out. Once you've activated a theme, it may add a options pane to the Appearance menu of the admin page.
Add some widgets to the sidebar(s). I like to add these widgets:
WordPress has a lot of plugins available to enhance the experience and add new features. We've installed and enabled a few. Below is the list, as well as the configuration of each.
It's highly recommended that you back up all your sites before upgrading. You can do this from the admin panel, Tools / Export.
OLD_VER=3.2 VERSION=3.2.1 cd /var/www/ wget http://wordpress.org/wordpress-$VERSION.tar.gz tar xfz wordpress-$VERSION.tar.gz rm wordpress-$VERSION.tar.gz sudo mv wordpress /usr/local/lib/wordpress-$VERSION sudo cp /usr/local/lib/wordpress-$OLD_VER/wp-config.php /usr/local/lib/wordpress-$VERSION/ sudo cp /usr/local/lib/wordpress-$OLD_VER/.htaccess /usr/local/lib/wordpress-$VERSION/ # These are currently breaking: sudo cp -r /usr/local/lib/wordpress-$OLD_VER/wp-content /usr/local/lib/wordpress-$VERSION/ sudo cp -r /var/local/lib/wordpress-$OLD_VER/wp-content /var/local/lib/wordpress-$VERSION/ sudo chown -R www-data:www-data /usr/local/libwordpress-$VERSION sudo chown -R www-data:www-data /var/local/libwordpress-$VERSION sudo chmod -R g+w /var/local/libwordpress-$VERSION find /var/local/libwordpress-$VERSION -type d | sudo xargs chmod g+ws rm /usr/local/lib/wordpress-$VERSION/{license.txt,readme.html,wp-config-sample.php,wp-admin/import*.php}
Point each site to the new version:
for SITE in blog.craigbuchek.com blog.boochtek.com toread.craigbuchek.com stllug.sluug.org stlruby.org; do cd /var/www/$SITE rm -f public ln -s /usr/local/lib/wordpress-$VERSION public done
Run the /wp-admin/upgrade.php script for each site.
Then test the site to make sure it's working OK.
Pay special attention to plugins, as they may break between revisions.
When you're sure that the upgrade was successful, remove the old version:
cd /var/www sudo rm -rf wordpress-$OLD_VER
cd /var/www/wordpress-$VERSION/wp-content/themes wget http://sandbox-theme.googlecode.com/files/sandbox.1.6.zip unzip sandbox.1.6.zip cd sandbox # Make some changes so that it will work with Matthew James Taylor's 3-column layout. sed -i -e 's|<div id="container">|<div class="holygrail"><div class="colmid"><div class="colleft"><div id="container">|' *.php sed -i -e 's|</div><!-- #secondary .sidebar -->|</div></div></div></div><!-- #secondary .sidebar -->|' *.php
cd /var/www/wordpress-$VERSION/wp-content/themes wget http://www.themelab.com/download/60 -O stylevantage.zip unzip stylevantage.zip sed -i -e 's/Orange/Blue/' stylevantage/header.php
cd /var/www/wordpress-$VERSION/wp-content/themes wget http://thematic.googlecode.com/files/thematic-0.5.zip unzip thematic-0.5.zip
cd /var/www/wordpress-$VERSION/wp-content/themes wget http://sndbx.org/first/downloads/diurnal.zip unzip diurnal.zip
cd /var/www/wordpress-$VERSION/wp-content/themes wget http://sndbx.org/first/downloads/mix.zip unzip mix.zip
cd /var/www/wordpress-$VERSION/wp-content/themes wget http://sndbx.org/first/downloads/moo-point.zip unzip moo-point.zip
cd /var/www/wordpress-$VERSION/wp-content/themes wget http://sndbx.org/first/downloads/potassium.zip unzip potassium.zip
cd /var/www/wordpress-$VERSION/wp-content/themes mkdir testing cd testing
Add the following to a new file named style.css:
/*
THEME NAME: Testing
THEME URI: http://boochtek.com/testing-theme/
DESCRIPTION: Basic theme, based on Sandbox
VERSION: 0.1
AUTHOR: Craig Buchek
AUTHOR URI: http://boochtek.com
TAGS: three columns
TEMPLATE: sandbox
*/
@import url("reset-meyer.css");
@import url("fonts-yahoo.css");
@import url("layout.css");
@import url("booch.css");
a {
color: green;
}
/* Make Firefox always show vertical scrollbar, like IE does. */
html {
overflow-y: scroll;
}
/* Fix problem w/ Firefox not showing underlines if line-height is 1em. */
/* Note: note needed if using fonts-yahoo. */
a {
line-height: 1.01em;
}
Add the following to a new file named reset-meyer.css:
/* From Eric Meyer - http://meyerweb.com/eric/tools/css/reset/ */
/* v1.0 | 20080212 */
html, body, div, span, applet, object, iframe,
h1, h2, h3, h4, h5, h6, p, blockquote, pre,
a, abbr, acronym, address, big, cite, code,
del, dfn, em, font, img, ins, kbd, q, s, samp,
small, strike, strong, sub, sup, tt, var,
b, u, i, center,
dl, dt, dd, ol, ul, li,
fieldset, form, label, legend,
table, caption, tbody, tfoot, thead, tr, th, td {
margin: 0;
padding: 0;
border: 0;
outline: 0;
font-size: 100%;
vertical-align: baseline;
background: transparent;
}
body {
line-height: 1;
}
ol, ul {
list-style: none;
}
blockquote, q {
quotes: none;
}
blockquote:before, blockquote:after,
q:before, q:after {
content: '';
content: none;
}
/* remember to define focus styles! */
:focus {
outline: 0;
}
/* remember to highlight inserts somehow! */
ins {
text-decoration: none;
}
del {
text-decoration: line-through;
}
/* tables still need 'cellspacing="0"' in the markup */
table {
border-collapse: collapse;
border-spacing: 0;
}
Add the following to a new file named fonts-yahoo.css:
/*
Copyright (c) 2008, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
http://developer.yahoo.net/yui/license.txt
version: 2.5.2
*/
/**
* Percents could work for IE, but for backCompat purposes, we are using keywords.
* x-small is for IE6/7 quirks mode.
*/
body {font:13px/1.231 arial,helvetica,clean,sans-serif;*font-size:small;*font:x-small;}
table {font-size:inherit;font:100%;}
/**
* Bump up IE to get to 13px equivalent
*/
pre,code,kbd,samp,tt {font-family:monospace;*font-size:108%;line-height:100%;}
Add the following to a new file named layout.css:
/* These are from Matthew James Taylor's Perfect 3 Column Liquid Layout. */
/* http://matthewjamestaylor.com/blog/ultimate-3-column-holy-grail-ems.htm */
@import url('holygrail.css');
.skip-link, #access {
display: none;
}
Add the following to a new file named booch.css:
body, html {
margin: 0; /* Remove white space along the page borders. */
}
#header h1 {
margin: 0; /* Remove white space above header. */
font-size: 2em; /* Use a large font for the header title. */
}
#header {
background-color: #ccffcc;
padding: 1em; /* Add space inside header. */
border-bottom: 2px solid black;
}
#blog-title a {
text-decoration: none; /* Don't underline the blog title. */
}
#blog-description {
}
#container {
margin-top: 1em; /* Put a bit of space above main content. */
}
.sidebar {
margin-top: 1em; /* Put a bit of space above top item in sidebars. */
}
.sidebar ul {
list-style-type: none; /* Remove bullets from lists in sidebars. */
}
.comment.alt {
background-color: #EEEEEE; /* Use a light gray for odd-numbred comments. */
}
.comment.bypostauthor { /* NOTE: Put this after .comment.alt, so it has preccendence. */
background-color: #DDFFDD; /* Set special color for comments by the author of the post. */
}
.sidebar ul.xoxo {
}
.sidebar ul.xoxo li {
margin-bottom: 1em; /* Separate sidebar items a bit */
/* border: 1px #ccc solid; /* Put a border around all sidebar items. */
/* background-color: red; /* */
}
.sidebar ul.xoxo li li {
border: 0;
}
.widget {
margin-top: 0;
}
.sidebar h3 {
font-size: 1.2em; /* Make the sidebar item titles a bit smaller. */
margin: 0; /* Move the sidebar items closer together. */
/* border-bottom: 1px #ccc solid; */
}
Add the following to a new file named holygrail.css:
/* General styles */
body {
border:0; /* This removes the border around the viewport in old versions of IE */
min-width:600px; /* Minimum width of layout - remove line if not required */
/* The min-width property does not work in old versions of Internet Explorer */
}
/* holy grail 3 column settings */
.holygrail {
position:relative; /* This fixes the IE7 overflow hidden bug and stops the layout jumping out of place */
clear:both;
float:left;
width:100%; /* width of whole page */
overflow:hidden; /* This chops off any overhanging divs */
background:#CDEAFF; /* Right column background colour */
}
.holygrail .colmid {
float:left;
width:200%;
margin-left:-12em; /* Width of right column */
position:relative;
right:100%;
background:#fff; /* Centre column background colour */
}
.holygrail .colleft {
float:left;
width:100%;
margin-left:-50%;
position:relative;
left:24em; /* Left column width + right column width */
background:#cdeaff; /* Left column background colour */
}
/* IE6-only hack required if using Standards-mode (i.e. not using an XML prolog.) */
* html .holygrail .colleft {
margin-left:-100%;
}
.holygrail #container {
float:left;
width:50%;
position:relative;
right:12em; /* Width of left column */
padding-bottom:1em; /* Centre column bottom padding. Leave it out if it's zero */
}
.holygrail #content {
margin:0 13em; /* Centre column side padding:
Left padding = left column width + centre column left padding width
Right padding = right column width + centre column right padding width */
position:relative;
left:200%;
overflow:hidden;
}
.holygrail #primary.sidebar {
float:left;
float:right; /* This overrides the float:left above */
width:10em; /* Width of left column content (left column width minus left and right padding) */
position:relative;
right:1em; /* Width of the left-had side padding on the left column */
}
.holygrail #secondary.sidebar {
float:left;
float:right; /* This overrides the float:left above */
width:10em; /* Width of right column content (right column width minus left and right padding) */
margin-right:3em; /* Width of right column right-hand padding + left column left and right padding */
position:relative;
left:50%;
}
You can reset an account password from the command line:
WP_DATABASE=my_wp_blog WP_LOGIN=admin NEW_PASSWORD="xxxxxx" NEW_PASSWORD=`echo -n $NEW_PASSWORD | md5sum | cut -f1 -d' '` mysql --defaults-group-suffix=_$WP_DATABASE $WP_DATABASE <<EOF UPDATE wp_users SET user_pass="$NEW_PASSWORD" WHERE user_login="$WP_LOGIN" EOF
Complete configuration.
Add some plugins.
Complete my custom theme.