Table of Contents

WordPress Build

WordPress is an excellent choice for blogging software. It's simple to set up and use, has a pretty good security record, and has lots of plugins. If you're hosting your own blog on GNU/Linux, WordPress is pretty much the way to go.

This is how we built WordPress to host several blogs.

Requirements

WordPress 3.0 requires:

This build process assumes:

Installation

Download the latest WordPress. You can get it from http://wordpress.org/latest.tar.gz, but you won't know what version you're getting. So you can see what versions are available at http://wordpress.org/download/release-archive/ and download from there. 

VERSION=2.8.2
cd /var/www
wget http://wordpress.org/wordpress-$VERSION.tar.gz

Unpack the program: 

tar xfz wordpress-$VERSION.tar.gz
mv wordpress wordpress-$VERSION
rm wordpress-$VERSION.tar.gz

Make sure that attackers cannot view directory listings (especially listing of installed plugins). 

echo 'Options -Indexes' >> /var/www/wordpress-$VERSION/.htaccess

Create a config file that will allow per-site configuration. 

cat > /var/www/wordpress-$VERSION/wp-config.php <<'EOF'
<?php
# Pull in per-site configuration. Assumes per-site config file is 1 directory up from DOCUMENT_ROOT.
include(dirname($_SERVER['DOCUMENT_ROOT']) . '/wp-config.php');
 
# Pull in all the WordPress settings and include files.
if ( !defined('ABSPATH') )
    define('ABSPATH', dirname(__FILE__) . '/');
require_once(ABSPATH . 'wp-settings.php');
EOF

Set ownership of the directory so Apache can use it, and permissions so that web admins have write access: 

sudo chown -R www-data:www-data /var/www/wordpress-$VERSION
sudo chmod -R g+w /var/www/wordpress-$VERSION
find /var/www/wordpress-$VERSION -type d | sudo xargs chmod g+s

Per-Site Installation

SITE=blog.craigbuchek.com
cd /var/www/$SITE
rm -rf public
ln -s ../wordpress-$VERSION public

Create the MySQL database (set the real database name, username, and password): 

WORDPRESS_MYSQL_DB=${SITE//[\.-]/_}
WORDPRESS_MYSQL_USER=wp_craigbuchek ;# NOTE: Must be no longer than 16 characters
WORDPRESS_MYSQL_PWD='xxxxxx'
mysqladmin create $WORDPRESS_MYSQL_DB
mysql <<EOF
  GRANT ALL PRIVILEGES ON $WORDPRESS_MYSQL_DB.* TO $WORDPRESS_MYSQL_USER@localhost IDENTIFIED BY '$WORDPRESS_MYSQL_PWD';
  FLUSH PRIVILEGES;
EOF

Save the username and password in the .my.cnf file. 

cat >>~/.my.cnf <<EOF
 
# Specify --defaults-group-suffix=$WORDPRESS_MYSQL_DB to use this group (5.0+).
[client_$WORDPRESS_MYSQL_DB]
user = $WORDPRESS_MYSQL_USER
password = '$WORDPRESS_MYSQL_PWD'
EOF
chmod 600 ~/.my.cnf

Manually create the configuration file. 

KEY1=`dd if=/dev/urandom count=1 bs=1024 | sha256sum | awk '{print $1}'`
KEY2=`dd if=/dev/urandom count=1 bs=1024 | sha256sum | awk '{print $1}'`
KEY3=`dd if=/dev/urandom count=1 bs=1024 | sha256sum | awk '{print $1}'`
KEY4=`dd if=/dev/urandom count=1 bs=1024 | sha256sum | awk '{print $1}'`
cat > /var/www/$SITE/wp-config.php <<EOF
<?php
 
# Define database access settings.
define('DB_NAME', '$WORDPRESS_MYSQL_DB');
define('DB_USER', '$WORDPRESS_MYSQL_USER');
define('DB_PASSWORD', '$WORDPRESS_MYSQL_PWD');
define('DB_HOST', 'localhost'); # Can also specify hostname:port.
define('DB_CHARSET', 'utf8');
define('DB_COLLATE', 'utf8_general_ci'); # Override the MySQL default latin1_swedish_ci.
\$table_prefix  = 'wp_'; # Prefix used on all table names.
 
# Set localization language. Defaults to English; otherwise specify a file within wp-content/languages/.
define('WPLANG', '');
 
# Keys for encryption of information stored in browser cookies.
define('AUTH_KEY', '$KEY1');
define('SECURE_AUTH_KEY', '$KEY2');
define('LOGGED_IN_KEY', '$KEY3');
define('NONCE_KEY', '$KEY4');
EOF
sudo chmod 660 /var/www/$SITE/wp-config.php
sudo chown www-data:www-data /var/www/$SITE/wp-config.php

Create a per-site uploads directory. (Don't forget to set the configuration below to include the full path to this directory. 

mkdir -p /var/www/$SITE/uploads
sudo chmod 770 /var/www/$SITE/uploads
sudo chown www-data:www-data /var/www/$SITE/uploads

For a new site, run the installation script by accessing http://$SITE/wp-admin/install.php in a web browser. Enter the weblog title and email address. Record the admin password that is generated. It will be needed to log in to administer the application.

Log in as the admin, and create an Editor account for yourself. Record this password as well. Use this account to post blog entries. Use the admin account to change site settings.

Post-Installation

Remove some files that aren't needed after installing: 

rm /var/www/wordpress-$VERSION/{license.txt,readme.html,wp-config-sample.php,wp-admin/import*.php}

Configuration

Log in as admin with the newly generated password.

Settings

General

Time zone: Chicago
Time format: 1:04 PM (g:i A)
Weeks in the calendar should start on: Sunday

Writing

Size of the post box: 15 lines
UNCHECK Convert emoticons
CHECK WordPress should correct invalidly nested XHTML

Reading

Syndication feeds show the most recent: 20 posts
For each article in a feed, show: Full text

Discussion

CHECK Enable threaded (nested) comments, 5 levels deep
UNCHECK E-mail me whenever anyone posts a comment
Default Avatar: blank

Permalinks

Custom Structure: /%year%/%monthnum%/%day%/%postname%

Miscellaneous

Store uploads in this folder: /var/www/$SITE/uploads

Posts / Categories

Set up a list of categories that your posts will fall within. You can add more later, but try to set up a few that you'll likely use.

Links

Delete the pre-configured links, and add your own links, if you want to use them as a blogroll.

Themes

Add some new themes, and activate them to try them out. Once you've activated a theme, it may add a options pane to the Appearance menu of the admin page.

Widgets

Add some widgets to the sidebar(s). I like to add these widgets:

Plugins

WordPress has a lot of plugins available to enhance the experience and add new features. We've installed and enabled a few. Below is the list, as well as the configuration of each.

Bad Behavior

Robots Meta

wp-Typography

Upgrading

It's highly recommended that you back up all your sites before upgrading. You can do this from the admin panel, Tools / Export. 

OLD_VER=2.9.1
NEW_VER=3.0.1
cd /var/www/
wget http://wordpress.org/wordpress-$NEW_VER.tar.gz
tar xfz wordpress-$NEW_VER.tar.gz
mv wordpress wordpress-$NEW_VER
rm wordpress-$NEW_VER.tar.gz
cp wordpress-$OLD_VER/wp-config.php wordpress-$NEW_VER/
cp wordpress-$OLD_VER/.htaccess wordpress-$NEW_VER/
cp -r wordpress-$OLD_VER/wp-content wordpress-$NEW_VER/
sudo chown -R www-data:www-data wordpress-$NEW_VER
sudo chmod -R g+w wordpress-$NEW_VER
find wordpress-$NEW_VER -type d | sudo xargs chmod g+s
rm wordpress-$NEW_VER/{license.txt,readme.html,wp-config-sample.php,wp-admin/import*.php}

Point each site to the new version: 

for SITE in blog.craigbuchek.com blog.boochtek.com toread.craigbuchek.com; do
  cd /var/www/$SITE
  rm -f public
  ln -s ../wordpress-$NEW_VER public
done

Run the /wp-admin/upgrade.php script for each site. Then test the site to make sure it's working OK. Pay special attention to plugins, as they may break between revisions.

When you're sure that the upgrade was successful, remove the old version: 

cd /var/www
sudo rm -rf wordpress-$OLD_VER

Themes

cd /var/www/wordpress-$VERSION/wp-content/themes
wget http://sandbox-theme.googlecode.com/files/sandbox.1.6.zip
unzip sandbox.1.6.zip
cd sandbox
# Make some changes so that it will work with Matthew James Taylor's 3-column layout.
sed -i -e 's|<div id="container">|<div class="holygrail"><div class="colmid"><div class="colleft"><div id="container">|'  *.php
sed -i -e 's|</div><!-- #secondary .sidebar -->|</div></div></div></div><!-- #secondary .sidebar -->|'  *.php
cd /var/www/wordpress-$VERSION/wp-content/themes
wget http://www.themelab.com/download/60 -O stylevantage.zip
unzip stylevantage.zip
sed -i -e 's/Orange/Blue/' stylevantage/header.php
cd /var/www/wordpress-$VERSION/wp-content/themes
wget http://thematic.googlecode.com/files/thematic-0.5.zip
unzip thematic-0.5.zip
cd /var/www/wordpress-$VERSION/wp-content/themes
wget http://sndbx.org/first/downloads/diurnal.zip
unzip diurnal.zip
cd /var/www/wordpress-$VERSION/wp-content/themes
wget http://sndbx.org/first/downloads/mix.zip
unzip mix.zip
cd /var/www/wordpress-$VERSION/wp-content/themes
wget http://sndbx.org/first/downloads/moo-point.zip
unzip moo-point.zip
cd /var/www/wordpress-$VERSION/wp-content/themes
wget http://sndbx.org/first/downloads/potassium.zip
unzip potassium.zip

Custom Theme

cd /var/www/wordpress-$VERSION/wp-content/themes
mkdir testing
cd testing

Add the following to a new file named style.css: 

/*
THEME NAME: Testing
THEME URI: http://boochtek.com/testing-theme/
DESCRIPTION: Basic theme, based on Sandbox
VERSION: 0.1
AUTHOR: Craig Buchek
AUTHOR URI: http://boochtek.com
TAGS: three columns
TEMPLATE: sandbox
*/

@import url("reset-meyer.css");
@import url("fonts-yahoo.css");
@import url("layout.css");
@import url("booch.css");

a {
  color: green;
}

/* Make Firefox always show vertical scrollbar, like IE does. */
html {
  overflow-y: scroll;
}

/* Fix problem w/ Firefox not showing underlines if line-height is 1em. */
/* Note: note needed if using fonts-yahoo. */
a {
  line-height: 1.01em;
}

Add the following to a new file named reset-meyer.css: 

/* From Eric Meyer - http://meyerweb.com/eric/tools/css/reset/ */
/* v1.0 | 20080212 */

html, body, div, span, applet, object, iframe,
h1, h2, h3, h4, h5, h6, p, blockquote, pre,
a, abbr, acronym, address, big, cite, code,
del, dfn, em, font, img, ins, kbd, q, s, samp,
small, strike, strong, sub, sup, tt, var,
b, u, i, center,
dl, dt, dd, ol, ul, li,
fieldset, form, label, legend,
table, caption, tbody, tfoot, thead, tr, th, td {
  margin: 0;
  padding: 0;
  border: 0;
  outline: 0;
  font-size: 100%;
  vertical-align: baseline;
  background: transparent;
}
body {
  line-height: 1;
}
ol, ul {
  list-style: none;
}
blockquote, q {
  quotes: none;
}
blockquote:before, blockquote:after,
q:before, q:after {
  content: '';
  content: none;
}

/* remember to define focus styles! */
:focus {
  outline: 0;
}

/* remember to highlight inserts somehow! */
ins {
  text-decoration: none;
}
del {
  text-decoration: line-through;
}

/* tables still need 'cellspacing="0"' in the markup */
table {
  border-collapse: collapse;
  border-spacing: 0;
}

Add the following to a new file named fonts-yahoo.css: 

/*
Copyright (c) 2008, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
http://developer.yahoo.net/yui/license.txt
version: 2.5.2
*/
/**
 * Percents could work for IE, but for backCompat purposes, we are using keywords.
 * x-small is for IE6/7 quirks mode.
 */
body {font:13px/1.231 arial,helvetica,clean,sans-serif;*font-size:small;*font:x-small;}
table {font-size:inherit;font:100%;}
/**
 * Bump up IE to get to 13px equivalent
 */
pre,code,kbd,samp,tt {font-family:monospace;*font-size:108%;line-height:100%;}

Add the following to a new file named layout.css: 

/* These are from Matthew James Taylor's Perfect 3 Column Liquid Layout. */
/* http://matthewjamestaylor.com/blog/ultimate-3-column-holy-grail-ems.htm */
@import url('holygrail.css');

.skip-link, #access {
  display: none;
}

Add the following to a new file named booch.css: 

body, html {
  margin: 0; /* Remove white space along the page borders. */
}
#header h1 {
  margin: 0; /* Remove white space above header. */
  font-size: 2em; /* Use a large font for the header title. */
}

#header {
  background-color: #ccffcc;
  padding: 1em; /* Add space inside header. */
  border-bottom: 2px solid black;
}

#blog-title a {
  text-decoration: none; /* Don't underline the blog title. */
}

#blog-description {
}

#container {
  margin-top: 1em; /* Put a bit of space above main content. */
}

.sidebar {
  margin-top: 1em; /* Put a bit of space above top item in sidebars. */
}

.sidebar ul {
  list-style-type: none; /* Remove bullets from lists in sidebars. */
}

.comment.alt {
  background-color: #EEEEEE; /* Use a light gray for odd-numbred comments. */
}
.comment.bypostauthor { /* NOTE: Put this after .comment.alt, so it has preccendence. */
  background-color: #DDFFDD; /* Set special color for comments by the author of the post. */
}

.sidebar ul.xoxo {
}

.sidebar ul.xoxo li {
  margin-bottom: 1em; /* Separate sidebar items a bit */
/*  border: 1px #ccc solid; /* Put a border around all sidebar items. */
/*  background-color: red; /* */
}
.sidebar ul.xoxo li li {
  border: 0;
}

.widget {
  margin-top: 0;
}

.sidebar h3 {
  font-size: 1.2em; /* Make the sidebar item titles a bit smaller. */
  margin: 0; /* Move the sidebar items closer together. */
/*  border-bottom: 1px #ccc solid; */
}

Add the following to a new file named holygrail.css: 

/* General styles */
body {
  border:0;           /* This removes the border around the viewport in old versions of IE */
  min-width:600px;    /* Minimum width of layout - remove line if not required */
                      /* The min-width property does not work in old versions of Internet Explorer */
}

/* holy grail 3 column settings */
.holygrail {
  position:relative;      /* This fixes the IE7 overflow hidden bug and stops the layout jumping out of place */
  clear:both;
  float:left;
  width:100%;             /* width of whole page */
  overflow:hidden;        /* This chops off any overhanging divs */
  background:#CDEAFF;     /* Right column background colour */
}
.holygrail .colmid {
  float:left;
  width:200%;
  margin-left:-12em;      /* Width of right column */
  position:relative;
  right:100%;
  background:#fff;        /* Centre column background colour */
}
.holygrail .colleft {
  float:left;
  width:100%;
  margin-left:-50%;
  position:relative;
  left:24em;              /* Left column width + right column width */
  background:#cdeaff;     /* Left column background colour */
}
/* IE6-only hack required if using Standards-mode (i.e. not using an XML prolog.) */
* html .holygrail .colleft {
  margin-left:-100%;
}
.holygrail #container {
  float:left;
  width:50%;
  position:relative;
  right:12em;             /* Width of left column */
  padding-bottom:1em;     /* Centre column bottom padding. Leave it out if it's zero */
}
.holygrail #content {
  margin:0 13em;          /* Centre column side padding:
                          Left padding = left column width + centre column left padding width
                          Right padding = right column width + centre column right padding width */
  position:relative;
  left:200%;
  overflow:hidden;
}
.holygrail #primary.sidebar {
  float:left;
  float:right;            /* This overrides the float:left above */
  width:10em;             /* Width of left column content (left column width minus left and right padding) */
  position:relative;
  right:1em;              /* Width of the left-had side padding on the left column */
}
.holygrail #secondary.sidebar {
  float:left;
  float:right;            /* This overrides the float:left above */
  width:10em;             /* Width of right column content (right column width minus left and right padding) */
  margin-right:3em;       /* Width of right column right-hand padding + left column left and right padding */
  position:relative;
  left:50%;
}

Notes

Password Reset

You can reset an account password from the command line: 

WP_DATABASE=my_wp_blog
WP_LOGIN=admin
NEW_PASSWORD="xxxxxx"
NEW_PASSWORD=`echo -n $NEW_PASSWORD | md5sum | cut -f1 -d' '`
mysql $WP_DATABASE <<EOF
UPDATE wp_users SET user_pass="$NEW_PASSWORD" WHERE user_login="$WP_LOGIN"
EOF

TODO

Complete configuration.

Add some plugins.

Complete my custom theme.