Installing Joomla 3.5 on Freebsd 10.3
To begin with, of all the cms, joomla is my favorite, so I decided to write just such an article. First you need to install the packages that you need to install joomla, run the command:
After the installation is complete, you need to add apache and mysql to autorun with the commands:
Run apache and mysql:
')
In mysql there is a useful script to configure mysql, run:
In this script, you can create a password for root access to mysql, delete test databases, delete anonymous users. After executing this script, you need to create a database for joomla and create rights for it, go to mysql with the command:
Enter the password you just created. Create a database with the command:
Let's provide full access to this database to the joomlauser user, and create a password for this user password:
This completes the mysql configuration. Now we’ll download joomla directly, go to the server’s web directory using the command:
Delete the index.html file:
Joomla can always be downloaded from here , copy the link to the archive with joomla and execute:
At the time of writing, the current version of joomla 3.5.1. Be sure to specify --no-check-certificate if downloading occurs via https. Extract the contents of the archive to the root of the “web” server:
Delete the archive:
And now the most important thing is PHP. If you don’t want to mess around with the ports, install the following packages and go on to editing httpd.conf:
This is the desirable minimum for joomla (in my opinion). Now install the ports:
This command will download the ports and unpack them into the / usr / ports directory, move to the directory with the php70 port (joomla since version 3.5 supports php70):
From this directory, run the command:
After executing this command, the php “configurator” will appear on the screen, if necessary, you can turn off the CLI, CGI, IPV6, or vice versa add something. After installing php70, you must install the mod_php70 extension from the directory:
After moving to this directory, run:
After the installation is complete, you need to put in the httpd.conf lines from the screenshot below. Open the httpd.conf file with the command:
Enter these lines, as well as add index.php and replace AllowOverride None with AllowOverride All.
Remove the # on line against the lines:
Delete the # character next to the line (if you intend to use an SSL certificate, see below):
If you connect via Putty, then press F2 and ENTER twice, and if directly from the computer, then ESC and ENTER twice (these actions will save the changes in the ee editor). With php almost everything, it remains only to install some add-ons for php, for this you need to go to the folder with the port php70-extensions:
Perform:
In the configuration of this port, mark the extensions:
After installing this port, the php configuration is complete. We block access to the administrator directory, run:
Enter the lines:
Instead of XXX.XXX.XXX.XXX, enter ip, which will need access to this directory. You also need to rename htaccess.txt to .htaccess with the command:
Now you can take care of encrypting traffic between the site and the visitor, if this is not necessary, then put the # character in front of the lines in httpd.conf:
I prefer the certificate free from WoSign . By what criteria the deadline for the certificate is determined, I do not know, for the domain ru I was granted a certificate for 1 year, and for the domain su for three years. All that is needed is to register, confirm ownership of the domain using a letter to the admin mail, or “upload” the file to the root of the site. The method of receipt is not important, after the archive is downloaded, open this archive. The archive will be attached archive "for Apache.zip", open it using the password that was created on the site. There are three files in this archive:
1_root_bundle.crt
2_mydomain.su.crt
3_mydomain.su.key
These files must be “uploaded” to the / usr / local / etc / apache24 folder in any convenient way, for example, via SFTP protocol. After that you need to edit the file /usr/local/etc/apache24/extra/httpd-ssl.conf, to do this, enter:
Delete the # character next to the line:
Give the lines:
To the form:
By default, obsolete encryption methods are used, fix this. Remove the # character in front of the lines:
You can also comment out the lines:
In this case, only the TLS 1.2 protocol will be used. Save the changes to the file. This completes the SSL setup.
Returning to the installation of joomla. In order for the joomla installation to proceed correctly, it is necessary for the / usr / local / www / folder and its contents to set the owner of the www group with the command:
After these manipulations, open the Internet browser, enter the ip-address of your server.
On this page, enter the site name, the administrator’s email, the administrator’s login, the administrator’s password, and click the Next button.
On this page, you must enter the data to mysql, which were created earlier. User name joomlauser, password password, database name joomla.
Click the "Install" button.
Once the installation is complete, click on the “Delete installation directory” button.
Let's Russify Joomla. In order to Russify Joomla, you need to go to the admin panel of the site. In the browser address bar, type mysite.ru/administrator. On the page that opens, enter your username and password. Go to the menu extensions> Language (s). On the page that opens, click the "Install Languages" button, enter rus in the search bar. Check the box next to Russian and click "Install". Next, you need to activate the Russian language. Again, go to the menu extensions> Language (s), put a dot in front of “Russian” and click the “Deafult” button. These actions Russify only the site, in order to Russify the admin panel, you need to do the action, as shown in the screenshot.
Going to this menu item, also put a dot in front of “Russian” and click “Default”.
Remove index.php from the address bar. To do this, go to the “System”> “General Settings” menu and switch the “URL Redirection” to “Yes” and click the “Save” button. This will work if the line:
was uncommented. Line:
was replaced by:
and the htaccess.txt file is renamed to .htaccess.
This completes the installation of Jomla, it remains only to configure a firewall based on ipfw. The following lines will add ipfw to autorun and specify the script with the rules you want to use:
Create the file firewall.sc with the command:
Enter these lines in the file firewall.sc
Save firewall.sc and launch ipfw with the command:
After these manipulations, it is possible to open the site through both 80 (http) port and 443 (https).
Thanks for attention.
pkg install apache24 mysql56-server wget unzip After the installation is complete, you need to add apache and mysql to autorun with the commands:
sysrc apache24_enable="YES" sysrc mysql_enable="YES" Run apache and mysql:
')
service apache24 start service mysql-server start In mysql there is a useful script to configure mysql, run:
mysql_secure_installation In this script, you can create a password for root access to mysql, delete test databases, delete anonymous users. After executing this script, you need to create a database for joomla and create rights for it, go to mysql with the command:
mysql -p -r Enter the password you just created. Create a database with the command:
create database joomla; Let's provide full access to this database to the joomlauser user, and create a password for this user password:
GRANT ALL PRIVILEGES ON joomla.* TO 'joomlauser'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION; This completes the mysql configuration. Now we’ll download joomla directly, go to the server’s web directory using the command:
cd /usr/local/www/apache24/data Delete the index.html file:
rm index.html Joomla can always be downloaded from here , copy the link to the archive with joomla and execute:
wget --no-check-certificate https://github.com/joomla/joomla-cms/releases/download/3.5.1/Joomla_3.5.1-Stable-Full_Package.zip At the time of writing, the current version of joomla 3.5.1. Be sure to specify --no-check-certificate if downloading occurs via https. Extract the contents of the archive to the root of the “web” server:
unzip Joomla_3.5.1-Stable-Full_Package.zip Delete the archive:
rm Joomla_3.5.1-Stable-Full_Package.zip And now the most important thing is PHP. If you don’t want to mess around with the ports, install the following packages and go on to editing httpd.conf:
pkg install php70 mod_php70 php70-curl php70-json php70-mysqli php70-opcache php70-openssl php70-session php70-simplexml php70-xml php70-zlib This is the desirable minimum for joomla (in my opinion). Now install the ports:
portsnap fetch extract This command will download the ports and unpack them into the / usr / ports directory, move to the directory with the php70 port (joomla since version 3.5 supports php70):
cd /usr/ports/lang/php70 From this directory, run the command:
make install clean After executing this command, the php “configurator” will appear on the screen, if necessary, you can turn off the CLI, CGI, IPV6, or vice versa add something. After installing php70, you must install the mod_php70 extension from the directory:
cd /usr/ports/www/mod_php70 After moving to this directory, run:
make install clean After the installation is complete, you need to put in the httpd.conf lines from the screenshot below. Open the httpd.conf file with the command:
ee /usr/local/etc/apache24/httpd.conf Enter these lines, as well as add index.php and replace AllowOverride None with AllowOverride All.
Remove the # on line against the lines:
LoadModule rewrite_module libexec/apache24/mod_rewrite.so LoadModule ssl_module libexec/apache24/mod_ssl.so LoadModule socache_shmcb_module libexec/apache24/mod_socache_shmcb.so Delete the # character next to the line (if you intend to use an SSL certificate, see below):
Include etc/apache24/extra/httpd-ssl.conf If you connect via Putty, then press F2 and ENTER twice, and if directly from the computer, then ESC and ENTER twice (these actions will save the changes in the ee editor). With php almost everything, it remains only to install some add-ons for php, for this you need to go to the folder with the port php70-extensions:
cd /usr/ports/lang/php70-extensions Perform:
make install clean In the configuration of this port, mark the extensions:
curl json mysqli opcache openssl session simplexml xml zlib After installing this port, the php configuration is complete. We block access to the administrator directory, run:
ee /usr/local/www/apache24/data/administrator/.htaccess Enter the lines:
order deny,allow deny from all allow from XXX.XXX.XXX.XXX Instead of XXX.XXX.XXX.XXX, enter ip, which will need access to this directory. You also need to rename htaccess.txt to .htaccess with the command:
mv /usr/local/www/apache24/data/htaccess.txt /usr/local/www/apache24/data/.htaccess Now you can take care of encrypting traffic between the site and the visitor, if this is not necessary, then put the # character in front of the lines in httpd.conf:
Include etc/apache24/extra/httpd-ssl.conf LoadModule ssl_module libexec/apache24/mod_ssl.so LoadModule socache_shmcb_module libexec/apache24/mod_socache_shmcb.so I prefer the certificate free from WoSign . By what criteria the deadline for the certificate is determined, I do not know, for the domain ru I was granted a certificate for 1 year, and for the domain su for three years. All that is needed is to register, confirm ownership of the domain using a letter to the admin mail, or “upload” the file to the root of the site. The method of receipt is not important, after the archive is downloaded, open this archive. The archive will be attached archive "for Apache.zip", open it using the password that was created on the site. There are three files in this archive:
1_root_bundle.crt
2_mydomain.su.crt
3_mydomain.su.key
These files must be “uploaded” to the / usr / local / etc / apache24 folder in any convenient way, for example, via SFTP protocol. After that you need to edit the file /usr/local/etc/apache24/extra/httpd-ssl.conf, to do this, enter:
ee /usr/local/etc/apache24/extra/httpd-ssl.conf Delete the # character next to the line:
SSLCertificateChainFile "/usr/local/etc/apache24/server-ca.crt" Give the lines:
SSLCertificateFile "/usr/local/etc/apache24/server.crt" SSLCertificateKeyFile "/usr/local/etc/apache24/server.key" SSLCertificateChainFile "/usr/local/etc/apache24/server-ca.crt" To the form:
SSLCertificateFile "/usr/local/etc/apache24/2_mydomain.su.crt" SSLCertificateKeyFile "/usr/local/etc/apache24/3_mydomain.su.key" SSLCertificateChainFile "/usr/local/etc/apache24/1_root_bundle.crt" By default, obsolete encryption methods are used, fix this. Remove the # character in front of the lines:
SSLCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA SSLProxyCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA You can also comment out the lines:
SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4 SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4 In this case, only the TLS 1.2 protocol will be used. Save the changes to the file. This completes the SSL setup.
Returning to the installation of joomla. In order for the joomla installation to proceed correctly, it is necessary for the / usr / local / www / folder and its contents to set the owner of the www group with the command:
chown -R www:www /usr/local/www After these manipulations, open the Internet browser, enter the ip-address of your server.
On this page, enter the site name, the administrator’s email, the administrator’s login, the administrator’s password, and click the Next button.
On this page, you must enter the data to mysql, which were created earlier. User name joomlauser, password password, database name joomla.
Click the "Install" button.
Once the installation is complete, click on the “Delete installation directory” button.
Let's Russify Joomla. In order to Russify Joomla, you need to go to the admin panel of the site. In the browser address bar, type mysite.ru/administrator. On the page that opens, enter your username and password. Go to the menu extensions> Language (s). On the page that opens, click the "Install Languages" button, enter rus in the search bar. Check the box next to Russian and click "Install". Next, you need to activate the Russian language. Again, go to the menu extensions> Language (s), put a dot in front of “Russian” and click the “Deafult” button. These actions Russify only the site, in order to Russify the admin panel, you need to do the action, as shown in the screenshot.
Going to this menu item, also put a dot in front of “Russian” and click “Default”.
Remove index.php from the address bar. To do this, go to the “System”> “General Settings” menu and switch the “URL Redirection” to “Yes” and click the “Save” button. This will work if the line:
LoadModule rewrite_module libexec/apache24/mod_rewrite.so was uncommented. Line:
AllowOverride None was replaced by:
AllowOverride All and the htaccess.txt file is renamed to .htaccess.
This completes the installation of Jomla, it remains only to configure a firewall based on ipfw. The following lines will add ipfw to autorun and specify the script with the rules you want to use:
sysrc firewall_enable="YES" sysrc firewall_script="/etc/firewall.sc" Create the file firewall.sc with the command:
ee /etc/firewall.sc Enter these lines in the file firewall.sc
ipfw -q -f flush c="ipfw -q add " $c 00001 allow all from any to any via lo0 $c 00010 allow tcp from any to me 22,80,443 setup keep-state $c 00020 allow tcp from me to any 443 setup keep-state $c 00030 allow tcp from me to any 80 setup keep-state $c 00040 allow tcp from me to any 21 setup keep-state $c 00050 allow icmp from me to any keep-state $c 00060 allow udp from me to any 53 keep-state $c 40533 deny all from any to any frag $c 40534 allow all from any to any established $c 40535 deny all from any to any Save firewall.sc and launch ipfw with the command:
service ipfw start After these manipulations, it is possible to open the site through both 80 (http) port and 443 (https).
Thanks for attention.
Source: https://habr.com/ru/post/282664/
All Articles