Brain Dumps For All

How to install FreeBSD 8 for WordPress. It’s a basic LAMP install but since we’re not using linux it should be called BAMP or maybe FAMP? Who cares.. here are the steps to install FreeBSD 8 with apache, mySQL, PHP then install wordpress.

I’ll be using ports of course for this entire install. I’m assuming that you have the proper hardware for this type installation.

Start with a minimal installation of freeBSD 8

Bypass the headache and host on vps or dedicated servers with pre-installed LAMP here.

Update the server ports – freebsd guide on ports

First update your port tree

portsnap fetch update *if this is the first time do a portsnap fetch extract

List available update

pkg_version -vIL=

Once you have updated your Ports Collection, before attempting a port upgrade, you should check /usr/ports/UPDATING. This file describes various issues and additional steps users may encounter and need to perform when updating a port, including such things as file format changes, changes in locations of configuration files, or other such incompatibilities with previous versions.

Upgrade your ports with

portupgrade -rR

Okay now that your freeBSD server ports are updates lets do Binary updates freebsd-update.

freebsd-update fetch

freebsd-update install

Then reboot

shutdown -r now

Verify update took place

uname -a

Rollback if necessary

freebsd-update rollback

Now lets install Apache, PHP, mysql and phpMyAdmin on your freeBSD 8 web server.

First install the latest apache from ports.

cd /usr/ports/www/apache22/
make config install clean
echo 'apache22_enable="YES"' << /etc/rc.conf
echo 'apache22ssl_enable="YES"' << /etc/rc.conf
echo 'accf_http_ready="YES"' << /etc/rc.conf &amp;&amp; kldload accf_http

Now install PHP

cd /usr/ports/lang/php5
make config install clean
cd /usr/ports/lang/php5-extensions  ** enable <strong>mysql </strong>extensions **
make config install clean

Now modify your httpd.conf – Add the following entries to /usr/local/etc/apache22/httpd.conf directly after all the LoadModule lines

AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps

now locate IfModule mod_dir.c and add index.php

DirectoryIndex index.php index.html index.htm

Last but not least get a good php.ini file setup

cp /usr/local/etc/php.ini-recommended /usr/local/etc/php.ini

Restart apache and

/usr/local/etc/rc.d/apache22 start

Now its time for mySQL installation, configuration and setup

cd /usr/ports/databases/mysql50-server
make install WITH_OPENSSL=yes
make distclean
echo 'mysql_enable="YES"' << /etc/rc.conf

Start mysql server and change root password

/usr/local/etc/rc.d/mysql-server start
mysqladmin -u root password sumcrazypaswrd
mysql -u root -p    *make sure you can log in*
rm /root/.history  *remove history so password isn't exposed*

Create a configuration file for mysql in /etc/my.cnf

[client]
port=29912
[mysqld]
port=29912
bind-address=127.0.0.1

Now lets install configure and setup phpMyAdmin

cd /usr/ports/databases/phpmyadmin
make config install clean
cd /usr/local/www/phpMyAdmin && cp config.sample.inc.php
config.inc.php
vi config.inc.php
$cfg['blowfish_secret'] = 'sdf934sdfgHijh98Y';

open httpd.conf and Alias

Alias /phpmyadmin /usr/local/www/phpMyAdmin

Now allow who you want to access it

        <Directory "/usr/local/www/phpmyadmin'<
Order allow,deny
        Allow from all   *or allow from 222.114.123.0/12*
</Directory<

you’ll want https when you connect to phpmyadmin so lets enable https and make some httpd.conf changes

Create your certificate

In order to access phpmyadmin of ssl you need to get https going on apache. You can buy an SSL certificate generated by a trusted CA such as Thwate or Verisign, or you can generate one yourself using OpenSSL. I borrowed a ton of infor from freebsdmadeeasy.com

lets get the openssl.cnf file ready

vi /etc/ssl/openssl.cnf
dir = /root/sslCA
default_days = 3650

Now set up the directories

cd ~root/
mkdir sslCA
chmod 700 sslCA
chmod 700 sslCA
mkdir certs private newcerts
echo 1000 < serial
touch index.txt
cd ~root/sslCA
openssl req -new -x509 -days 3650 -extensions v3_ca -keyout private/cakey.pem -out cacert.pem -config /etc/ssl/openssl.cnf

The CA should now be all set.. test with more;

more ~root/sslCA/cacert.pem
more ~root/sslCA/private/cakey.pem

Now lets generate an SSL certificate for apache

cd ~root/sslCA
openssl req -new -nodes -out yourhostname-req.pem -keyout private/yourhostname-key.pem -config /etc/ssl/openssl.cnf
openssl ca -config /etc/ssl/openssl.cnf -out yourhostname-cert.pem -infiles yourhostname-req.pem

Lets put everything where it needs to be.

mkdir /etc/ssl/crt
mkdir /etc/ssl/key
cp ~root/sslCA/yourhostname-cert.pem /etc/ssl/crt
cp ~root/sslCA/private/yourhostname-key.pem /etc/ssl/key

And finally add the SSL virtual host

Find the below line in your httpd.conf and take the comment hash out.

# Secure (SSL/TLS) connections
Include etc/apache22/extra/httpd-ssl.conf

Now modify your httpd-ssl.conf

ServerName ssl.yourhostname.com
SSLCertificateFile /etc/ssl/crt/yourhostname-cert.pem
SSLCertificateKeyFile /etc/ssl/key/yourhostname-key.pem
DocumentRoot "/etc/www/apache22/data"      ** whatever your location is**
ErrorLog "/var/log/httpd-error.log"
TransferLog "/var/log/httpd-access.log"

In /usr/local/etc/apache22/extra/httpd-default.conf, disable ServerSignature to prevent the server from showing more information than it has to. Make sure the server-status and the server-info sections in /usr/local/etc/apache22/extra/httpd-info.conf are commented out.

Finally restart apache

/usr/local/etc/rc.d/apache22 restart

Now install wordpress

cd /usr/ports/wordpress
make install clean

do a locate wordpress and move file to web root

locate wordpress
cp /usr/local/www/data/wordpress/* /usr/local/whatever web root is

go into web root and copy wp-config-sample.php to wp-config.php

navigate to https://hostname/phpmyadmin and create wordpress db – add that name to wp-config.php