Wordpress Nginx Auto Installer (WP Super Cache)
Centmin Mod has an inbuilt Wordpress + Wordpress Super Cache auto installer which is invoked via centmin.sh menu option 22
. It is recommended to always ensure your Centmin Mod installed code is up to date before running centmin.sh menu option 22
. To update follow instructions at http://centminmod.com/upgrade.html. A Wordpress7 demo site was created using this Wordpress auto installer.
Centmin Mod 123.09beta01 branch has further improved this Wordpress auto installer switching from WP Super Cache to an improved KeyCDN Cache Enable WP Plugin instead as well as general improvements in the initial Wordpress auto installation routine and Nginx security and performance setup.
This Wordpress installer uses the WP-CLI command line tool to automate the installation of Wordpress itself and Wordpress database setup along with auto installing and activating a select few Wordpress Plugins. WP-CLI tool only works for PHP versions 5.3, 5.4, 5.5, 5.6 and 7.0. PHP 7.0 is not compatible with WP-CLI tool and thus centmin.sh menu option 22
won't work properly with PHP 7.0 right now. WP-CLI issue #1842.
The auto installer routine installs some security and performance related Wordpress Plugins and auto activates some. Some other Wordpress Plugins are installed but not auto activated so you can decide yourself whether or not they are useful. You can see that Wordpress plugins are installed in the full example output at bottom of this page. The auto installed Wordpress Nginx vhost site is locked down tight out of the box with HTTP authentication password protected wp-login.php
and Nginx request based rate limiting setup for wp-login.php
and xmlrpc.php
files.
Once the installer completes, you will also have a list of steps to complete manually to properly configure your Wordpress installation to enable Wordpress Super Cache plugin support and also properly set up other auto installed Wordpress plugins.
Additional Performance & General Notes
- Guide to moving centmin.sh menu option 22 installed Wordpress to a subdirectory installation i.e. /blog. How to switch Wordpress to subdirectory
- You could also add Redis Object Caching WP Plugin to complement WP Super Cache.
- Setup Nginx level CDN usage outlined in FAQ 33
-------------------------------------------------------- Centmin Mod 1.2.3-eva2000.08 - http://centminmod.com -------------------------------------------------------- Centmin Mod Menu -------------------------------------------------------- 1). Centmin Install 2). Add Nginx vhost domain 3). NSD setup domain name DNS 4). Nginx Upgrade / Downgrade 5). PHP Upgrade / Downgrade 6). XCache Re-install 7). APC Cache Re-install 8). XCache Install 9). APC Cache Install 10). Memcached Server Re-install 11). MariaDB 5.2/5.5 & 10.x Upgrade Sub-Menu 12). Zend OpCache Install/Re-install 13). Install ioping.sh vbtechsupport.com/1239/ 14). SELinux disable 15). Install/Reinstall ImagicK PHP Extension 16). Change SSHD Port Number 17). Multi-thread compression: pigz,pbzip2,lbzip2... 18). Suhosin PHP Extension install 19). Install FFMPEG and FFMPEG PHP Extension 20). NSD Re-install 21). Update - Nginx + PHP-FPM + Siege 22). Add Wordpress Nginx vhost + WP Super Cache 23). Update Centmin Mod Code Base 24). Exit -------------------------------------------------------- Enter option [ 1 - 24 ] 22
Below is a full example output from the command for creating a new Nginx vhost site - newdomain2.com
with self-signed SSL certificated and SSL Nginx vhost and non-SSL Nginx vhost auto generated. This outout is also logged into a file at /root/centminlogs
with filename *_wordpress_addvhost.log
if you ever need to reference the information again.
ls -lArt /root/centminlogs total 4700 -rw-r--r--. 1 root root 17209 Apr 3 01:49 centminmod_1.2.3-eva2000.08_030415-114321_yuminstall_centos7.log -rw-r--r--. 1 root root 75088 Apr 3 01:50 centminmod_yumtimes_030415-114321.log -rw-r--r--. 1 root root 29291 Apr 3 02:08 centminmod_1.2.3-eva2000.08_030415-114321_yum-log.log -rw-r--r--. 1 root root 4608802 Apr 3 02:08 centminmod_1.2.3-eva2000.08_030415-114321_install.log -rw-r--r-- 1 root root 1607 Apr 5 06:46 centminmod_1.2.3-eva2000.08_050415-064607_nginx_addvhost.log -rw-r--r-- 1 root root 1205 Sep 3 04:26 centminmod_wpcli_install_030915-042610.log -rw-r--r-- 1 root root 27486 Sep 3 04:31 centminmod_1.2.3-eva2000.08_030915-042607_wordpress_addvhost.log
Of particular note are these sections of output:
The uninstall script and Wordpress auto updating cronjob which is created automatically at generation time. Also Wordpress built in cron is disabled and a system cronjob is setup in it's place as well. A random sleep time is set so that multiple Wordpress auto installs do not conflict with each other for WP Cron and Wordpress auto updating at the system level.
------------------------------------------------------------ Created uninstall script /root/tools/wp_uninstall_newdomain2.com.sh ------------------------------------------------------------ ------------------------------------------------------------ Created wp_updater_newdomain2.com.sh script /root/tools/wp_updater_newdomain2.com.sh ------------------------------------------------------------ */4 * * * * /usr/bin/cminfo_updater */15 * * * * sleep 119s ; wget -O - -q -t 1 http://newdomain2.com/wp-cron.php?doing_wp_cron=1 > /dev/null 2>&1 0 */8 * * * sleep 214s ;/root/tools/wp_updater_newdomain2.com.sh 2>/dev/null
The Pure-Ftpd virtual FTP username/login details, Wordpress site admin and MySQL database login details and the paths to whether the Nginx non-https and https vhost files are and your public web root path - /home/nginx/domains/newdomain2.com/public
and where the self-signed SSL certificates are located - /usr/local/nginx/conf/ssl/newdomain2.com
. The Wordpress Admin userid is also changed automatically at install time to a random generated user id instead of user id = 1.
------------------------------------------------------------- FTP hostname : IPADDRESS FTP port : 21 FTP mode : FTP (explicit SSL) FTP Passive (PASV) : ensure is checked/enabled FTP username created for newdomain2.com : wpftpuser01 FTP password created for newdomain2.com : SxxQgOdV1v1PSBweqo57M ------------------------------------------------------------- vhost for newdomain2.com created successfully domain: http://newdomain2.com vhost conf file for newdomain2.com created: /usr/local/nginx/conf/conf.d/newdomain2.com.conf vhost ssl for newdomain2.com created successfully domain: https://newdomain2.com vhost ssl conf file for newdomain2.com created: /usr/local/nginx/conf/conf.d/newdomain2.com.ssl.conf /usr/local/nginx/conf/ssl_include.conf created Self-signed SSL Certificate: /usr/local/nginx/conf/ssl/newdomain2.com/newdomain2.com.crt SSL Private Key: /usr/local/nginx/conf/ssl/newdomain2.com/newdomain2.com.key SSL CSR File: /usr/local/nginx/conf/ssl/newdomain2.com/newdomain2.com.csr upload files to /home/nginx/domains/newdomain2.com/public vhost log files directory is /home/nginx/domains/newdomain2.com/log ------------------------------------------------------------ SSH commands to uninstall created Wordpress install and Nginx vhost: /root/tools/wp_uninstall_newdomain2.com.sh ------------------------------------------------------------ ------------------------------------------------------------ Wordpress Auto Updater created at: /root/tools/wp_updater_newdomain2.com.sh cronjob set for every 8 hours update (3x times per day) ------------------------------------------------------------ Wordpress domain: newdomain2.com Wordpress DB Name: wp20480db_8333 Wordpress DB User: wpdb8333u21571 Wordpress DB Pass: wpdbskyTckdBbFJSp7982 Wordpress Admin User ID: 265902 Wordpress Admin User: zfDawCEvFRqn0U4VQ+wp28801 Wordpress Admin Pass: zNOnATs3Mutwps15760 Wordpress Admin Email: MY@EMAILADDRESS Wordpress wp-login.php password protection info: wp-login.php protection file /home/nginx/domains/newdomain2.com/htpasswd_wplogin wp-login.php protection Username: ueZ7ghBHIxMlTnx6972 wp-login.php protection Password: pTRnQhwn6Vin6o6mRlY2y6972 http://ueZ7ghBHIxMlTnx6972:[email protected]/wp-login.php
Rate limiting by requests/s. Rate limiting per IP connections is commented out by default.
location ~* /(wp-login\.php) { limit_req zone=xwplogin burst=1 nodelay; #limit_conn xwpconlimit 30; auth_basic "Private"; auth_basic_user_file /home/nginx/domains/newdomain2.com/htpasswd_wplogin; include /usr/local/nginx/conf/php-wpsc.conf; } location ~* /(xmlrpc\.php) { limit_req zone=xwplogin burst=2 nodelay; #limit_conn xwpconlimit 30; include /usr/local/nginx/conf/php-wpsc.conf; }
Full example output below:
------------------------------------------------------------ Installing wpcli.sh ------------------------------------------------------------ installing... Error: /usr/bin/wp not found !!! Downloading now...... 2015-09-03 04:26:12 URL:https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar [1386662/1386662] -> "/usr/bin/wp" [1] Download done. Error: /root/wpcli/wp-completion.bash not found !!! Downloading now...... 2015-09-03 04:26:13 URL:https://raw.githubusercontent.com/wp-cli/wp-cli/master/utils/wp-completion.bash [495/495] -> "/root/wpcli/wp-completion.bash" [1] Download done. ------------------------------------------------------------- PHP binary: /usr/local/bin/php PHP version: 5.4.44 php.ini used: /usr/local/lib/php.ini WP-CLI root dir: phar://wp-cli.phar WP-CLI global config: WP-CLI project config: WP-CLI version: 0.20.0 ------------------------------------------------------------- ------------------------------------------------------------- wp-cli install completed Read http://wp-cli.org/ for full usage info ------------------------------------------------------------- Please log out of SSH session and log back in You can then call wp-cli via command: wp i.e. wp --info --allow-root ------------------------------------------------------------- ------------------------------------------------------------- Setup full Nginx vhost + Wordpress + WP Super Cache ------------------------------------------------------------- Enter vhost domain name you want to add (without www. prefix): newdomain2.com Create a self-signed SSL certificate Nginx vhost? [y/n]: y Enter email address for Wordpress Installation: MY@EMAILADDRESS Create FTP username for vhost domain (enter username): wpftpuser01 Do you want to auto generate FTP password (recommended) [y/n]: y FTP username you entered: wpftpuser01 FTP password auto generated: SxxQgOdV1v1PSBweqo57M Password: Enter it again: /usr/local/nginx/conf/htpasswd.sh create /home/nginx/domains/newdomain2.com/htpasswd_wplogin ueZ7ghBHIxMlTnx6972 pTRnQhwn6Vin6o6mRlY2y6972 /home/nginx/domains/newdomain2.com/htpasswd_wplogin contents: ueZ7ghBHIxMlTnx6972:$apr1$7AKvqTxS$nkfr5kBdLhnuW.sIwrGVu0 --------------------------------------------------------------- SSL Vhost Setup... --------------------------------------------------------------- --------------------------------------------------------------- Generating self signed SSL certificate... CSR file can also be used to be submitted for paid SSL certificates If using for paid SSL certificates be sure to keep both private key and CSR safe creating CSR File: newdomain2.com.csr creating private key: newdomain2.com.key creating self-signed SSL certificate: newdomain2.com.crt Generating a 2048 bit RSA private key .+++ ...............................................................................................................................................................................+++ writing new private key to 'newdomain2.com.key' ----- Signature ok subject=/C=US/ST=California/L=Los Angeles/O=newdomain2.com/OU=newdomain2.com/CN=newdomain2.com Getting Private key --------------------------------------------------------------- Generating dhparam.pem file - can take a few minutes... Generating DH parameters, 2048 bit long safe prime, generator 2 This is going to take a long time .....+....................................................++*++* dhparam file generation time: 21.867212782 ------------------------------------------------------------ Setup Wordpress + Super Cache for newdomain2.com ------------------------------------------------------------ Downloading WordPress 4.3 (en_US)... Success: WordPress downloaded. Success: Generated wp-config.php file. */4 * * * * /usr/bin/cminfo_updater */15 * * * * sleep 119s ; wget -O - -q -t 1 http://newdomain2.com/wp-cron.php?doing_wp_cron=1 > /dev/null 2>&1 Success: WordPress installed successfully. ------------------------------------------------------------ Installing Responsive (1.9.7.7) Downloading install package from https://downloads.wordpress.org/theme/responsive.1.9.7.7.zip... Unpacking the package... Installing the theme... Theme installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'responsive'... Success: Switched to 'Responsive' theme. ------------------------------------------------------------ ------------------------------------------------------------ Installing WP Super Cache (1.4.4) Downloading install package from https://downloads.wordpress.org/plugin/wp-super-cache.1.4.4.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'wp-super-cache'... Success: Plugin 'wp-super-cache' activated. ------------------------------------------------------------ Installing WP Super Cache - Clear all cache (1.3.1) Downloading install package from https://downloads.wordpress.org/plugin/wp-super-cache-clear-cache-menu.1.3.1.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'wp-super-cache-clear-cache-menu'... Success: Plugin 'wp-super-cache-clear-cache-menu' activated. ------------------------------------------------------------ Installing Autoptimize (1.9.4) Downloading install package from https://downloads.wordpress.org/plugin/autoptimize.1.9.4.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'autoptimize'... Success: Plugin 'autoptimize' activated. ------------------------------------------------------------ Installing Rocket Lazy Load (1.0.4) Downloading install package from https://downloads.wordpress.org/plugin/rocket-lazy-load.1.0.4.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'rocket-lazy-load'... Success: Plugin 'rocket-lazy-load' activated. ------------------------------------------------------------ Installing Acunetix WP Security (4.0.5) Downloading install package from https://downloads.wordpress.org/plugin/wp-security-scan.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'wp-security-scan'... Success: Plugin 'wp-security-scan' activated. ------------------------------------------------------------ Installing Sucuri Security - Auditing, Malware Scanner and Security Hardening (1.7.13) Downloading install package from https://downloads.wordpress.org/plugin/sucuri-scanner.1.7.13.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'sucuri-scanner'... Success: Plugin 'sucuri-scanner' activated. ------------------------------------------------------------ Installing Disable XML-RPC (1.0.1) Downloading install package from https://downloads.wordpress.org/plugin/disable-xml-rpc.1.0.1.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'disable-xml-rpc'... Success: Plugin 'disable-xml-rpc' activated. ------------------------------------------------------------ Installing Limit Login Attempts (1.7.1) Downloading install package from https://downloads.wordpress.org/plugin/limit-login-attempts.1.7.1.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'limit-login-attempts'... Success: Plugin 'limit-login-attempts' activated. ------------------------------------------------------------ Installing WP Updates Notifier (1.4.3) Downloading install package from https://downloads.wordpress.org/plugin/wp-updates-notifier.1.4.3.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'wp-updates-notifier'... Success: Plugin 'wp-updates-notifier' activated. ------------------------------------------------------------ Installing No Longer in Directory (1.0.43) Downloading install package from https://downloads.wordpress.org/plugin/no-longer-in-directory.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'no-longer-in-directory'... Success: Plugin 'no-longer-in-directory' activated. ------------------------------------------------------------ Installing WP-Optimize (1.8.9.10) Downloading install package from https://downloads.wordpress.org/plugin/wp-optimize.1.8.9.10.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'wp-optimize'... Success: Plugin 'wp-optimize' activated. ------------------------------------------------------------ Installing TPC! Memory Usage (0.9.1) Downloading install package from https://downloads.wordpress.org/plugin/tpc-memory-usage.0.9.1.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'tpc-memory-usage'... Success: Plugin 'tpc-memory-usage' activated. ------------------------------------------------------------ Installing GTmetrix for WordPress (0.4.1) Downloading install package from https://downloads.wordpress.org/plugin/gtmetrix-for-wordpress.0.4.1.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'gtmetrix-for-wordpress'... Success: Plugin 'gtmetrix-for-wordpress' activated. ------------------------------------------------------------ Installing P3 (Plugin Performance Profiler) (1.5.3.9) Downloading install package from https://downloads.wordpress.org/plugin/p3-profiler.1.5.3.9.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'p3-profiler'... Success: Plugin 'p3-profiler' activated. ------------------------------------------------------------ Installing Yoast SEO (2.3.4) Downloading install package from https://downloads.wordpress.org/plugin/wordpress-seo.2.3.4.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'wordpress-seo'... Success: Plugin 'wordpress-seo' activated. ------------------------------------------------------------ Installing UpdraftPlus Backup and Restoration (1.11.5) Downloading install package from https://downloads.wordpress.org/plugin/updraftplus.1.11.5.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'updraftplus'... Success: Plugin 'updraftplus' activated. ------------------------------------------------------------ Installing Google Analytics by Yoast (5.4.6) Downloading install package from https://downloads.wordpress.org/plugin/google-analytics-for-wordpress.5.4.6.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. Activating 'google-analytics-for-wordpress'... Success: Plugin 'google-analytics-for-wordpress' activated. ------------------------------------------------------------ ------------------------------------------------------------ Installing Query Monitor (2.7.4) Downloading install package from https://downloads.wordpress.org/plugin/query-monitor.2.7.4.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. ------------------------------------------------------------ Installing Gigaom New Relic (0.3) Downloading install package from https://downloads.wordpress.org/plugin/go-newrelic.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. PHP Warning: An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums. (WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.) in /home/nginx/domains/newdomain2.com/public/wp-includes/update.php on line 302 Warning: An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums. (WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.) in /home/nginx/domains/newdomain2.com/public/wp-includes/update.php on line 302 ------------------------------------------------------------ Installing DB Cache Reloaded Fix (2.3) Downloading install package from https://downloads.wordpress.org/plugin/db-cache-reloaded-fix.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. ------------------------------------------------------------ Installing Google Authenticator (0.47) Downloading install package from https://downloads.wordpress.org/plugin/google-authenticator.0.47.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. ------------------------------------------------------------ Installing Smart Layers by AddThis (1.0.10) Downloading install package from https://downloads.wordpress.org/plugin/addthis-smart-layers.1.0.10.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. ------------------------------------------------------------ Installing Search Regex (1.4.15) Downloading install package from https://downloads.wordpress.org/plugin/search-regex.zip... Unpacking the package... Installing the plugin... Plugin installed successfully. Success: Translations updates are not needed for the 'English (US)' locale. ------------------------------------------------------------ Success: Updated 0/0 plugins. 26 installed plugins: A wp-security-scan 4.0.5 I addthis-smart-layers 1.0.10 I akismet 3.1.3 A autoptimize 1.9.4 I db-cache-reloaded-fix 2.3 A disable-xml-rpc 1.0.1 I go-newrelic 0.3 A google-analytics-for-wordpress 5.4.6 I google-authenticator 0.47 A gtmetrix-for-wordpress 0.4.1 I hello 1.6 A limit-login-attempts 1.7.1 A no-longer-in-directory 1.0.43 A p3-profiler 1.5.3.9 I query-monitor 2.7.4 A rocket-lazy-load 1.0.4 I search-regex 1.4.15 A sucuri-scanner 1.7.13 A tpc-memory-usage 0.9.1 A updraftplus 1.11.5 A wp-optimize 1.8.9.10 A wp-super-cache 1.4.4 A wp-super-cache-clear-cache-menu 1.3.1 A wp-updates-notifier 1.4.3 A wordpress-seo 2.3.4 M p3-profiler Legend: A = Active, I = Inactive, M = Must Use ------------------------------------------------------------ ------------------------------------------------------------ Created uninstall script /root/tools/wp_uninstall_newdomain2.com.sh ------------------------------------------------------------ ------------------------------------------------------------ Created wp_updater_newdomain2.com.sh script /root/tools/wp_updater_newdomain2.com.sh ------------------------------------------------------------ */4 * * * * /usr/bin/cminfo_updater */15 * * * * sleep 119s ; wget -O - -q -t 1 http://newdomain2.com/wp-cron.php?doing_wp_cron=1 > /dev/null 2>&1 0 */8 * * * sleep 214s ;/root/tools/wp_updater_newdomain2.com.sh 2>/dev/null ------------------------------------------------------------- service nginx reload systemctl restart pure-ftpd.service ------------------------------------------------------------- FTP hostname : IPADDRESS FTP port : 21 FTP mode : FTP (explicit SSL) FTP Passive (PASV) : ensure is checked/enabled FTP username created for newdomain2.com : wpftpuser01 FTP password created for newdomain2.com : SxxQgOdV1v1PSBweqo57M ------------------------------------------------------------- vhost for newdomain2.com created successfully domain: http://newdomain2.com vhost conf file for newdomain2.com created: /usr/local/nginx/conf/conf.d/newdomain2.com.conf vhost ssl for newdomain2.com created successfully domain: https://newdomain2.com vhost ssl conf file for newdomain2.com created: /usr/local/nginx/conf/conf.d/newdomain2.com.ssl.conf /usr/local/nginx/conf/ssl_include.conf created Self-signed SSL Certificate: /usr/local/nginx/conf/ssl/newdomain2.com/newdomain2.com.crt SSL Private Key: /usr/local/nginx/conf/ssl/newdomain2.com/newdomain2.com.key SSL CSR File: /usr/local/nginx/conf/ssl/newdomain2.com/newdomain2.com.csr upload files to /home/nginx/domains/newdomain2.com/public vhost log files directory is /home/nginx/domains/newdomain2.com/log ------------------------------------------------------------ SSH commands to uninstall created Wordpress install and Nginx vhost: /root/tools/wp_uninstall_newdomain2.com.sh ------------------------------------------------------------ ------------------------------------------------------------ Wordpress Auto Updater created at: /root/tools/wp_updater_newdomain2.com.sh cronjob set for every 8 hours update (3x times per day) ------------------------------------------------------------ Wordpress domain: newdomain2.com Wordpress DB Name: wp20480db_8333 Wordpress DB User: wpdb8333u21571 Wordpress DB Pass: wpdbskyTckdBbFJSp7982 Wordpress Admin User ID: 265902 Wordpress Admin User: zfDawCEvFRqn0U4VQ+wp28801 Wordpress Admin Pass: zNOnATs3Mutwps15760 Wordpress Admin Email: MY@EMAILADDRESS Wordpress wp-login.php password protection info: wp-login.php protection file /home/nginx/domains/newdomain2.com/htpasswd_wplogin wp-login.php protection Username: ueZ7ghBHIxMlTnx6972 wp-login.php protection Password: pTRnQhwn6Vin6o6mRlY2y6972 http://ueZ7ghBHIxMlTnx6972:[email protected]/wp-login.php Resetting wp-login.php protection: Step 1. remove protection file at /home/nginx/domains/newdomain2.com/htpasswd_wplogin rm -rf /home/nginx/domains/newdomain2.com/htpasswd_wplogin Step 2. run command: /usr/local/nginx/conf/htpasswd.sh create /home/nginx/domains/newdomain2.com/htpasswd_wplogin YOURUSERNAME YOURPASSWORD Step 3. restart Nginx + PHP-FPM services nprestart ------------------------------------------------------------- Current vhost listing at: /usr/local/nginx/conf/conf.d/ Apr 3 01:58 798 ssl.conf Apr 3 01:58 1.1K demodomain.com.conf Apr 5 07:48 1.1K newdomain1.com.conf Apr 5 11:42 1.4K virtual.conf Sep 3 04:27 2.1K newdomain2.com.conf Sep 3 04:27 3.7K newdomain2.com.ssl.conf ------------------------------------------------------------- Current vhost ssl files listing at: /usr/local/nginx/conf/ssl/newdomain2.com Sep 3 04:27 1.7K newdomain2.com.key Sep 3 04:27 1.1K newdomain2.com.csr Sep 3 04:27 1.3K newdomain2.com.crt Sep 3 04:27 424 dhparam.pem ------------------------------------------------------------ To complete setup: 1. Enable Permalinks (DO NOT use links with .html extensions for performance reasons) i.e. /%post_id%/%postname%/ 2. Settings Menu > Super Cache > Easy tab and enable it by checking Caching On (Recommended) and hit Update Status 3. Advanced tab & check Use mod_rewrite serve cache files & Don’t cache pages with GET parameters and Known User. (Recommended), Cache rebuild for anonymous users, clear all cache when a post or page updated & hit Update Status 4. WP Security Menu > Settings > Check All except Enable Live Traffic tool and hit Update settings 5. Settings Menu > Updates Notifier and setup your notify email address and cronjob (save and test button to check) 6. Settings Mnenu > Autoptimize and check Optimize HTML, JavaScript and CSS options (show advanced settings) 7. Settings Menu > Limit Login Attempts and configure as desired or leave as defaults 8. Sucuri Security Menu and top left click Generate API key for your domain/email and configure your Settings tab 9. WP-Optimize Menu and configure as needed 10. Memory Usage Menu > Settings and adjust accordingly 11. GTmetrix Menu > setup and register your GTmetrix Account and API Key 12. go-newrelic plugin installed but not activated read https://wordpress.org/plugins/go-newrelic/installation/ 13. Tools > P3 Plugin Profiler > Start Scan to profile all your plugins 14. Plugins > Query Monitor is disabled by default, enable to check MySQL query stats 15. Plugins > DB Cache Reloaded disabled by default unsure if works with Wordpress 4.x ? 16. Appearance > Theme Options (Responsive theme) > Home Page nav bar > Uncheck Overrides Wordpress front page option 17. Seo Menu (Yoast SEO) > configure accordingly 18. Settings > UpdraftPlus Backups > Settings set file/database backup intervals & optional backup to remote storage 19. Analytics > Settings > configure your Google Analytics UA Code ------------------------------------------------------------
Additionl Steps
Once installed at bottom of output you will see the steps needed to complete WP Super Cache setup along with configuring and setting up the other automatically installed WP Plugins. The first three steps are important for a working Wordpress + WP Super Cache setup.
------------------------------------------------------------ To complete setup: 1. Enable Permalinks (DO NOT use links with .html extensions for performance reasons) i.e. /%post_id%/%postname%/ 2. Settings Menu > Super Cache > Easy tab and enable it by checking Caching On (Recommended) and hit Update Status 3. Advanced tab & check Use mod_rewrite serve cache files & Don’t cache pages with GET parameters and Known User. (Recommended), Cache rebuild for anonymous users, clear all cache when a post or page updated & hit Update Status 4. WP Security Menu > Settings > Check All except Enable Live Traffic tool and hit Update settings 4. WP Security Menu > Settings > Check All except Enable Live Traffic tool and hit Update settings 5. Settings Menu > Updates Notifier and setup your notify email address and cronjob (save and test button to check) 6. Settings Mnenu > Autoptimize and check Optimize HTML, JavaScript and CSS options (show advanced settings) 7. Settings Menu > Limit Login Attempts and configure as desired or leave as defaults 8. Sucuri Security Menu and top left click Generate API key for your domain/email and configure your Settings tab 9. WP-Optimize Menu and configure as needed 10. Memory Usage Menu > Settings and adjust accordingly 11. GTmetrix Menu > setup and register your GTmetrix Account and API Key 12. go-newrelic plugin installed but not activated read https://wordpress.org/plugins/go-newrelic/installation/ 13. Tools > P3 Plugin Profiler > Start Scan to profile all your plugins 14. Plugins > Query Monitor is disabled by default, enable to check MySQL query stats 15. Plugins > DB Cache Reloaded disabled by default unsure if works with Wordpress 4.x ? 16. Appearance > Theme Options (Responsive theme) > Home Page nav bar > Uncheck Overrides Wordpress front page option 17. Seo Menu (Yoast SEO) > configure accordingly 18. Settings > UpdraftPlus Backups > Settings set file/database backup intervals & optional backup to remote storage 19. Analytics > Settings > configure your Google Analytics UA Code ------------------------------------------------------------
Verifying WP Super Cache is Working
To verify if Wordpress Super Cache is working you can in a private incognito web browser session view a Wordpress page's source code and at bottom near the footer you should see something like this
<!-- Dynamic page generated in 0.209 seconds. --> <!-- Cached page generated by WP-Super-Cache on 2015-09-03 17:58:31 -->
Or from SSH command line type
curl -s http://yourwpdomain.com | tail -5
output would be something like below - of particular need to ensure there is a line that says Cached page generated by WP-Super-Cache
curl -s http://yourwpdomain.com | tail -5 <!-- Dynamic page generated in 0.209 seconds. --> <!-- Cached page generated by WP-Super-Cache on 2015-09-03 17:58:31 -->
Wordpress Nginx Vhost Contents
The contents of auto generated Nginx vhost for non-https site at /usr/local/nginx/conf/conf.d/newdomain2.com.conf
# Centmin Mod Getting Started Guide # must read http://centminmod.com/getstarted.html # redirect from non-www to www # uncomment, save file and restart Nginx to enable # if unsure use return 302 before using return 301 #server { # listen 80; # server_name newdomain2.com; # return 301 $scheme://www.newdomain2.com$request_uri; # } server { server_name newdomain2.com www.newdomain2.com; # ngx_pagespeed & ngx_pagespeed handler #include /usr/local/nginx/conf/pagespeed.conf; #include /usr/local/nginx/conf/pagespeedhandler.conf; #include /usr/local/nginx/conf/pagespeedstatslog.conf; # limit_conn limit_per_ip 16; # ssi on; access_log /home/nginx/domains/newdomain2.com/log/access.log combined buffer=256k flush=5m; error_log /home/nginx/domains/newdomain2.com/log/error.log; root /home/nginx/domains/newdomain2.com/public; # prevent access to ./directories and files #location ~ (?:^|/)\. { # deny all; #} include /usr/local/nginx/conf/wpsupercache_newdomain2.com.conf; location / { # Enables directory listings when index file not found #autoindex on; # for wordpress super cache plugin try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?q=$uri&$args; # Wordpress Permalinks #try_files $uri $uri/ /index.php?q=$uri&$args; } location ~* /(wp-login\.php) { limit_req zone=xwplogin burst=1 nodelay; #limit_conn xwpconlimit 30; auth_basic "Private"; auth_basic_user_file /home/nginx/domains/newdomain2.com/htpasswd_wplogin; include /usr/local/nginx/conf/php-wpsc.conf; } location ~* /(xmlrpc\.php) { limit_req zone=xwplogin burst=2 nodelay; #limit_conn xwpconlimit 30; include /usr/local/nginx/conf/php-wpsc.conf; } include /usr/local/nginx/conf/wpsecure_newdomain2.com.conf; include /usr/local/nginx/conf/php-wpsc.conf; include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/drop.conf; #include /usr/local/nginx/conf/errorpage.conf; include /usr/local/nginx/conf/vts_server.conf; }
The contents of auto generated Nginx vhost for https self-signed SSL certificate site at /usr/local/nginx/conf/conf.d/newdomain2.com.ssl.conf
.
To switch to using paid and web browser trusted SSL certificates follow instructions at http://centminmod.com/nginx_domain_dns_setup.html#switchssl and http://centminmod.com/nginx_configure_https_ssl_spdy.html to switch the following parameters:
ssl_certificate /usr/local/nginx/conf/ssl/newdomain2.com/newdomain2.com.crt; ssl_certificate_key /usr/local/nginx/conf/ssl/newdomain2.com/newdomain2.com.key;
and enable (uncomment - remove hash # in front of the lines for the following)
#resolver 8.8.8.8 8.8.4.4 valid=10m; #resolver_timeout 10s; #ssl_stapling on; #ssl_stapling_verify on; #ssl_trusted_certificate /usr/local/nginx/conf/ssl/newdomain2.com/newdomain2.com-trusted.crt;
Note, Nginx now has switched from SPDY to HTTP/2 for SSL, so need to follow the changes outlined at http://centminmod.com/http2-nginx.html#http2spdy
listen directive changes with replacing spdy
with http2
parameter
listen 443 ssl spdy;
becomes
listen 443 ssl http2;
If you do not replace the listen directive and have Nginx HTTP/2 compiled, you will receive an error on Nginx restart similar to the one below.
ngxrestart nginx: [emerg] invalid parameter "spdy": the SPDY module was deprecated, use the HTTP/2 module instead in /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf:15 nginx: configuration file /usr/local/nginx/conf/nginx.conf test failed
Some SPDY specific options will need to be removed for Nginx HTTP/2 patched server to start up properly. These options include:
- spdy_headers_comp - HTTP/2 doesn't use gzip compression but HPACK for header compression.
- spdy_keepalive_timeout
Error on Nginx restart after HTTP/2 patch applied for unsupported SPDY options
nginx: [emerg] unknown directive "spdy_keepalive_timeout"
contents of /usr/local/nginx/conf/conf.d/newdomain2.com.ssl.conf
for HTTP/2
# Centmin Mod Getting Started Guide # must read http://centminmod.com/getstarted.html # For SPDY or HTTP/2 SSL Setup # read http://centminmod.com/nginx_configure_https_ssl_spdy.html # redirect from www to non-www forced SSL # uncomment, save file and restart Nginx to enable # if unsure use return 302 before using return 301 # server { # server_name newdomain2.com www.newdomain2.com; # return 302 https://$server_name$request_uri; # } server { listen 443 ssl http2; server_name newdomain2.com www.newdomain2.com; ssl_dhparam /usr/local/nginx/conf/ssl/newdomain2.com/dhparam.pem; ssl_certificate /usr/local/nginx/conf/ssl/newdomain2.com/newdomain2.com.crt; ssl_certificate_key /usr/local/nginx/conf/ssl/newdomain2.com/newdomain2.com.key; include /usr/local/nginx/conf/ssl_include.conf; # mozilla recommended ssl_ciphers TLS13-AES-128-GCM-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS; ssl_prefer_server_ciphers on; #add_header Alternate-Protocol 443:npn-spdy/3; #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;"; #add_header X-Content-Type-Options "nosniff"; #add_header X-Frame-Options DENY; #spdy_headers_comp 5; ssl_buffer_size 1369; ssl_session_tickets on; # enable ocsp stapling #resolver 8.8.8.8 8.8.4.4 valid=10m; #resolver_timeout 10s; #ssl_stapling on; #ssl_stapling_verify on; #ssl_trusted_certificate /usr/local/nginx/conf/ssl/newdomain2.com/newdomain2.com-trusted.crt; # ngx_pagespeed & ngx_pagespeed handler #include /usr/local/nginx/conf/pagespeed.conf; #include /usr/local/nginx/conf/pagespeedhandler.conf; #include /usr/local/nginx/conf/pagespeedstatslog.conf; # limit_conn limit_per_ip 16; # ssi on; access_log /home/nginx/domains/newdomain2.com/log/access.log combined buffer=256k flush=5m; error_log /home/nginx/domains/newdomain2.com/log/error.log; root /home/nginx/domains/newdomain2.com/public; # prevent access to ./directories and files #location ~ (?:^|/)\. { # deny all; #} include /usr/local/nginx/conf/wpsupercache_newdomain2.com.conf; location / { # Enables directory listings when index file not found #autoindex on; # for wordpress super cache plugin try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?q=$uri&$args; # Wordpress Permalinks #try_files $uri $uri/ /index.php?q=$uri&$args; } location ~* /(wp-login\.php) { limit_req zone=xwplogin burst=1 nodelay; #limit_conn xwpconlimit 30; auth_basic "Private"; auth_basic_user_file /home/nginx/domains/newdomain2.com/htpasswd_wplogin; include /usr/local/nginx/conf/php-wpsc.conf; } location ~* /(xmlrpc\.php) { limit_req zone=xwplogin burst=2 nodelay; #limit_conn xwpconlimit 30; include /usr/local/nginx/conf/php-wpsc.conf; } include /usr/local/nginx/conf/wpsecure_newdomain2.com.conf; include /usr/local/nginx/conf/php-wpsc.conf; include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/drop.conf; #include /usr/local/nginx/conf/errorpage.conf; include /usr/local/nginx/conf/vts_server.conf; }
contents of /usr/local/nginx/conf/conf.d/newdomain2.com.ssl.conf
for SPDY/3.1
# Centmin Mod Getting Started Guide # must read http://centminmod.com/getstarted.html # For SPDY or HTTP/2 SSL Setup # read http://centminmod.com/nginx_configure_https_ssl_spdy.html # redirect from www to non-www forced SSL # uncomment, save file and restart Nginx to enable # if unsure use return 302 before using return 301 # server { # server_name newdomain2.com www.newdomain2.com; # return 302 https://$server_name$request_uri; # } server { listen 443 ssl spdy; server_name newdomain2.com www.newdomain2.com; ssl_dhparam /usr/local/nginx/conf/ssl/newdomain2.com/dhparam.pem; ssl_certificate /usr/local/nginx/conf/ssl/newdomain2.com/newdomain2.com.crt; ssl_certificate_key /usr/local/nginx/conf/ssl/newdomain2.com/newdomain2.com.key; include /usr/local/nginx/conf/ssl_include.conf; # mozilla recommended ssl_ciphers TLS13-AES-128-GCM-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS; ssl_prefer_server_ciphers on; add_header Alternate-Protocol 443:npn-spdy/3; #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;"; #add_header X-Content-Type-Options "nosniff"; #add_header X-Frame-Options DENY; spdy_headers_comp 5; ssl_buffer_size 1369; ssl_session_tickets on; # enable ocsp stapling #resolver 8.8.8.8 8.8.4.4 valid=10m; #resolver_timeout 10s; #ssl_stapling on; #ssl_stapling_verify on; #ssl_trusted_certificate /usr/local/nginx/conf/ssl/newdomain2.com/newdomain2.com-trusted.crt; # ngx_pagespeed & ngx_pagespeed handler #include /usr/local/nginx/conf/pagespeed.conf; #include /usr/local/nginx/conf/pagespeedhandler.conf; #include /usr/local/nginx/conf/pagespeedstatslog.conf; # limit_conn limit_per_ip 16; # ssi on; access_log /home/nginx/domains/newdomain2.com/log/access.log combined buffer=256k flush=5m; error_log /home/nginx/domains/newdomain2.com/log/error.log; root /home/nginx/domains/newdomain2.com/public; # prevent access to ./directories and files #location ~ (?:^|/)\. { # deny all; #} include /usr/local/nginx/conf/wpsupercache_newdomain2.com.conf; location / { # Enables directory listings when index file not found #autoindex on; # for wordpress super cache plugin try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?q=$uri&$args; # Wordpress Permalinks #try_files $uri $uri/ /index.php?q=$uri&$args; } location ~* /(wp-login\.php) { limit_req zone=xwplogin burst=1 nodelay; #limit_conn xwpconlimit 30; auth_basic "Private"; auth_basic_user_file /home/nginx/domains/newdomain2.com/htpasswd_wplogin; include /usr/local/nginx/conf/php-wpsc.conf; } location ~* /(xmlrpc\.php) { limit_req zone=xwplogin burst=2 nodelay; #limit_conn xwpconlimit 30; include /usr/local/nginx/conf/php-wpsc.conf; } include /usr/local/nginx/conf/wpsecure_newdomain2.com.conf; include /usr/local/nginx/conf/php-wpsc.conf; include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/drop.conf; #include /usr/local/nginx/conf/errorpage.conf; include /usr/local/nginx/conf/vts_server.conf; }