Cloudbooklet
  • News
  • Artificial Intelligence
  • Applications
  • Linux
No Result
View All Result
Cloudbooklet
  • News
  • Artificial Intelligence
  • Applications
  • Linux
No Result
View All Result
Cloudbooklet
No Result
View All Result
Home Linux

How to Secure WordPress Installation with Bedrock – Google Cloud

by Cloudbooklet
2 years ago
in Linux, Compute Engine, Google Cloud
How To Secure Wordpress Installation With Bedrock - Google Cloud
ShareTweetSendShare
Readers like you help support Cloudbooklet. When you make a purchase using links on our site, we may earn an affiliate commission.

How to Secure WordPress Installation with Bedrock on Google Cloud Platform. Bedrock is a WordPress boilerplate with a different improved directory structure and easier configuration. It is more secure by isolating the web root and limit access to non-web files and more secure passwords using wp-password-becrypt which replaces the MD5 hashing with modern bcrypt method. […]

ADVERTISEMENT

How to Secure WordPress Installation with Bedrock on Google Cloud Platform. Bedrock is a WordPress boilerplate with a different improved directory structure and easier configuration.

It is more secure by isolating the web root and limit access to non-web files and more secure passwords using wp-password-becrypt which replaces the MD5 hashing with modern bcrypt method.

In this guide you are going to learn how to install and configure WordPress using Bedrock. This setup is tested on Google Cloud Platform.

ADVERTISEMENT

Prerequisites

  • If you are on Google Cloud you need to setup a VM Instance with Ubuntu 20.04.
  • Complete LAMP setup with Let’sEncrypt SSL

Once you have the above prerequisites completed you can proceed to setup Bedrock.

You might also like

&Quot; Systemd Service On Linux

How to Create a New systemd Service on Linux: A Step-by-Step Guide

3 months ago
List Groups In Linux

How to List Groups in Linux: A Guide for Beginners

3 months ago

Install Composer

Composer is required to install and configure Bedrock. You can install composer using the following command.

curl -sS https://getcomposer.org/installer | sudo php -- --install-dir=/usr/bin --filename=composer

Setup Bedrock based WordPress

Navigate yo your web root directory.

ADVERTISEMENT
cd /var/www/html/yourpath/public

Download Bedrock based WordPress using Composer.

sudo composer create-project roots/bedrock .

Notice the . at the end, which means setup the WordPress contents directly inside this folder without creating a subdirectory named bedrock.

ADVERTISEMENT

Now if you check the structure using ls command, you will see the structure as below.

├── composer.json
├── config
│   ├── application.php
│   └── environments
│       ├── development.php
│       ├── staging.php
│       └── production.php
├── vendor
└── web
    ├── app
    │   ├── mu-plugins
    │   ├── plugins
    │   ├── themes
    │   └── uploads
    ├── wp-config.php
    ├── index.php
    └── wp
  • The web directory is the web root of your WordPress.
  • The app directory will have your uploads, themes and plugins.

With this directory structure you wont have wp-content and instead of that your will have app directory.

ADVERTISEMENT

Your admin files will be located inside the wp directory.

Configure Bcrypt for Secure Password

Install Bcrypt using composer to secure your passwords using bcrypt.

ADVERTISEMENT
sudo composer require roots/wp-password-bcrypt

This command will include a file namedwp-password-bcrypt.php which will be automatically autoloaded by Composer and it won’t appear in your plugins.

Configure Apache to use the Correct Web Root

Now you need to update the Documentroot and Directory paths to point to the web directory.

Edit your virtual host configuration with the command below.

sudo nano /etc/apache2/sites-available/domainname.conf

Make sure your file looks same as below.

<VirtualHost *:80>
     ServerAdmin [email protected]
     ServerName domainname.com
     ServerAlias www.domainname.com

     DocumentRoot /var/www/html/domainname/public/web

     <Directory /var/www/html/domainname/public/web>
         Options Indexes FollowSymLinks
         AllowOverride All
         Require all granted
     </Directory>

     ErrorLog ${APACHE_LOG_DIR}/error.log 
     CustomLog ${APACHE_LOG_DIR}/access.log combined 
 </VirtualHost>

Hit CRTL + X followed by Y and ENTER to save and exit the file.

Now do the same for the virtual host which has the SSL configuration to point to the correct web root.

Restart Apache for the changes to take effect.

sudo service apache2 restart

Create Database for WordPress

If you already have database and user you can skip to configure .env file.

Login to your MySQL console.

mysql -u root -p

Use the password you used while setting up the server.

Execute the below command to create new database.

CREATE DATABASE database_name /*\!40100 DEFAULT CHARACTER SET utf8mb4 */;

Create new user and assign it to the above created database.

CREATE USER 'username'@'localhost' IDENTIFIED BY 'secure_password';
GRANT ALL PRIVILEGES ON database_name.* TO 'username'@'localhost';

Flush Privileges.

FLUSH PRIVILEGES;

Now you have a new database, username and the password for your WordPress.

Configure WordPress with Database

Edit the .env file that is located outside the web root.

sudo nano /var/www/html/yourpath/public/.env

Update the following with the details you used before.

  • DB_NAME => database_name
  • DB_USER => username
  • DB_PASSWORD => secure_password
  • Uncomment the DB_HOST and DB_PREFIX.
  • Modify the DB_PREFIX with the one you wish.

Generate salts using this URL (https://roots.io/salts.html) and replace the keys below.

Configure .htaccess

Now you configure .htaccess file or you can also refresh the permalinks to have pretty URLs

sudo nano /var/www/html/yourpath/public/web/.htaccess

Add the below configuration to it.

#BEGIN WordPress

RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

#END WordPress

Now you can check your website on web browser and follow the on screen instructions to complete the installation.

Conclusion

Now you have learned how to install WordPress securely with Bedrock

Thanks for your time. If you face any problem or any feedback, please leave a comment below.

Tags: Google Cloud PlatformUbuntuWordPress
Share1Tweet1SendShare
Cloudbooklet

Cloudbooklet

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Related Posts

Hostname In Linux

How to Modify the Hostname in Linux

3 months ago
Linux Systems

Linux systems Hacked with OpenSSH Malware

3 months ago
Install Iptables On Ubuntu

How to Install Iptables on Linux

3 months ago
Open Port In Linux

How to Open Port in Linux: Simple Step-by-Step Guide

3 months ago

Follow Us

Trending Articles

Ai Trainer

How to Become an AI Trainer: Skills, Salary, and Career Opportunities

September 15, 2023

AI Annotation Jobs: Everything You Need to Know

5 Best Laptop for Minecraft in 2023: Top Picks for All Budgets

How to Delete Netflix Account Permanently

5 Free AI Soulmate Maker: Create Your Perfect Match

HeyGen AI: Free AI Video Generator to Create Amazing Videos

Popular Articles

Ai Album Cover Generator

7 Best AI Album Cover Generators to Create Stunning Artwork

September 9, 2023

10 FREE Cleanup AI Tools to Remove Objects and Cleanup Pictures

Bigjpg AI: Best AI Image Upscaler for Super Resolution

How to Make an AI Cover Song with Singify: A Step-by-Step Guide

How Adobe Express AI Can Boost Your Creativity and Productivity

How to Make Money with AI: A Step-by-Step Guide

Subscribe Now

loader

Subscribe to our mailing list to receives daily updates!

Email Address*

Name

Cloudbooklet Logo

Welcome to our technology blog, where we explore the latest advancements in the field of artificial intelligence (AI) and how they are revolutionizing cloud computing. In this blog, we dive into the powerful capabilities of cloud platforms like Google Cloud Platform (GCP), Amazon Web Services (AWS), and Microsoft Azure, and how they are accelerating the adoption and deployment of AI solutions across various industries. Join us on this exciting journey as we explore the endless possibilities of AI and cloud computing.

  • About
  • Contact
  • Disclaimer
  • Privacy Policy

Cloudbooklet © 2023 All rights reserved.

No Result
View All Result
  • News
  • Artificial Intelligence
  • Applications
  • Linux

Cloudbooklet © 2023 All rights reserved.