Configuring your Instance
This series will help you create a WordPress website on AWS. This first part will help you configure your EC2 instance by installing LAMP (Linux Apache MySQL PHP) on it. We will move on to set virtual host on the instance to use multiple domains if needed. In the third part, we will be installing phpMyAdmin and will follow some steps to secure it. We will install WordPress on the server in the fourth part followed by configuring the WordPress site contents to be loaded from AWS CDN using S3 bucket and CloudFront.
The first and foundational step is to create a new instance followed by installing and configuring the required software. Creating an instance in AWS is simple and you can follow their documentation if you are not familiar.
https://docs.aws.amazon.com/efs/latest/ug/gs-step-one-create-ec2-resources.html
CentOS is considered to be a more stable distribution mainly because package updates are less frequent compared to Ubuntu. Control Panels like cPanel offered to web hosting is mainly focused on CentOS and RHEL. On the other hand, Ubuntu has more support and solution can be found easily. If you are a beginner, you can go for Ubuntu. Here, we will be choosing the CentOS AMI (Amazon Machine Image).
Installing Apache
Apache is the most common and popular web server, which makes it a great choice for hosting a website. SSH into your server by the key you have made. Switch to root and make the package list up to date and then install Apache.
$ ssh -i Downloads/a_xx1.pem centos@xxx.xxx.xxx.xxx $ sudo -i # yum update -y # yum install httpd -y
Once installed, you can start Apache and make it start on boot. You can verify everything is okay by calling the IP address in the browser (http://xxx.xxx.xxx.xxx) and the default Apache web page. Here, we will be denoting the IP address as xxx.xxx.xxx.xxx.
# systemctl start httpd.service # systemctl enable httpd.service
Installing MySQL
Next, we will be installing MariaDB, a drop-in replacement for MySQL. After the installation is complete, we will need to start and enable MariaDB.
# yum install mariadb-server mariadb -y # systemctl start mariadb # systemctl enable mariadb
After installation, we will need to run a security script that will remove some dangerous defaults and lock down access to our database system.
# mysql_secure_installation
You will be asked current root password. Leave it blank by pressing enter and set a new root password in the next prompt. Go ahead and enter Y
and follow the instructions. You will be removing some sample users and databases, disabling remote root logins, and load these new rules so that MySQL immediately respects the changes we have made.
# mysql_secure_installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and you haven't set the root password yet, the password will be blank, so you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on... Setting the root password ensures that nobody can log into the MariaDB root user without the proper authorisation. Set root password? [Y/n] y New password: Re-enter new password: Password updated successfully! Reloading privilege tables.. ... Success! By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] y ... Success! Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] y ... Success! By default, MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] y - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] y ... Success! Cleaning up... All done! If you've completed all of the above steps, your MariaDB installation should now be secure. Thanks for using MariaDB!
Installing PHP
PHP will be processing the code to display dynamic content. It can connect to the database and get needed data. We will be installing PHP 7.2 here.
PHP 7.x packages are available in several different repositories. We will be using the Remi repository which provides newer versions of various software packages including PHP. The Remi repository depends on the EPEL repository, and we need to install the EPEL repository first.
# yum install epel-release -y # yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
Start by enabling the PHP 7.2 Remi repository and move on to install some common PHP modules.
# yum-config-manager --enable remi-php72 # yum install php php-common php-opcache php-mcrypt php-cli php-gd php-curl php-mysqlnd -y # php -v PHP 7.2.15 (cli) (built: Feb 5 2019 19:50:47) ( NTS ) Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies with Zend OPcache v7.2.15, Copyright (c) 1999-2018, by Zend Technologies
After restarting Apache, you can test PHP by creating a new info page, Inf.php with the below content and accessing it via the browser (http://xxx.xxx.xxx.xxx/Inf.php).
# systemctl restart httpd.service # vi /var/www/html/Inf.php
Note:
For quick setup, run the below command. However, you will be prompted during the MySQL script running.
yum update -y && yum install httpd mariadb-server mariadb -y && systemctl start httpd.service && systemctl enable httpd.service && systemctl start mariadb && systemctl enable mariadb && yum install epel-release -y && yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y && yum-config-manager --enable remi-php72 && yum install php php-common php-opcache php-mcrypt php-cli php-gd php-curl php-mysqlnd -y && systemctl restart httpd.service && mysql_secure_installation
You have now installed the LAMP stack. This will allow you to install most kinds of websites and web software on your server.
We will be discussing other aspects of building a WordPress website with AWS in the next article.