Wordpress on Linux in the Amazon Cloud with Mac
Before we beign
I believe this article is of high value to any web developer seeking a better hosting solution, and in particular, cloud hosting. Though somewhat technical, the instructions given here are easy to follow, and you don't need a background in server management or server-side development to follow the tutorial. I'm a designer, and the first time I ever opened terminal was when I was trying to connect to my amazon linux server, so if you don't feel like you're up for setting up your own linux server, then trust me, it's easier than it sounds. Because of it's length and technical nature, I've also made the article available for download in MS Word format.
Amazon EC2 Cloud Hosting
Amazon provides an incredible, ever-expanding service for cloud hosting. Their EC2 service is bundled with a fantastic CDN (S3), Site Monitoring (Cloud Watch), and a myriad of complementary tools and services that make Amazon a great option for moving your site into the cloud. This is a guide to help you take advantage of those services.
Linux vs. Windows
The reason for choosing Linux vs. Windows is simple: cost. It’s much, much cheaper in the long run, well, in any run, to host an EC2 instance with Linux over Windows. Considering the relative operating costs, the choice is easy.
Don’t worry, Be Happy
If you’re like me, you’re mildly daunted at the idea of getting your hands dirty with Linux and Terminal. Don’t worry; it’s easier than it looks. I’m a designer, and until recently knew almost nothing about Linux or Terminal. I found that after you get the basics down, it’s surprisingly easy to get moving with the rest.
Getting Started
The first thing you’ll need on this journey is an account with Amazon Web Services (AWS). Simply head to http://aws.amazon.com, and click the Create an AWS Account link at the top. They’ll have you verify your identity by giving you a PIN over the phone to complete your registration.
Setting up your Instance
After you’ve signed in with your new AWS account, you’ll want to click into the Amazon EC2 tab, and then click the Launch Instance button.
Amazon EC2 offers a multitude of Amazon Machine Image’s (AMI’s) to choose from, including both Linux and Microsoft options, but as stated before, we’ll be working with Linux. Yay!
Select the Basic 32-bit Amazon Linux AMI 2010.11.1 Beta (AMI Id: ami-76f0061f).
Next, on the Instance details section, make sure to select Launch Instances, and then select your instance type. I chose micro, because it not only defines the amount of traffic my site gets, but it’s free for a year.
From here you can also define the number of instances you’d like, and the availability zone, I kept the defaults. Hit continue.
In this section, you can configure Advanced Instance Options, including enabling CloudWatch (very handy monitoring tool), but again I left everything on their defaults.
Now you can add some tags; you can read about using tags here: Using Tags. After you’ve selected your tags, hit continue.
Now we’ll create the Key Pair for this server. Select the name, and hit the Create & Download your Key Pair. Do not loose this file, it’s important, and you can’t download it again. Keep it secret, keep it safe. After you’ve downloaded your key pair, you’ll be brought to the next step.
On the next step, select Create a new Security Group, and then give it a name and description. We’ll want to add at least two rules here, SSH and HTTP, you may want more rules depending on how you’ll be using this server. Make sure you select SSH and HTTP.
That’s it! Just hit the Launch button (makes you feel like your head of mission control for NASA), and wait for your instance to launch. You can just hit close on the next dialog box.
After your server has moved from pending status to running status, move to the left hand menu, and select Elastic IPs, where obviously we’ll be giving our server an IP address.
Click the Allocate New Address button, select the new address, and hit the associate button to assign this IP address to the Instance you created.
Configuring SSH
Now that we have an instance up and running, we can connect through Secure Shell (SSH). This article was written for Mac users, but Windows users can accomplish the same thing using a program like PuTTY. So now we’ll need to grab that .PEM file you saved in a secure spot when you downloaded your Key Pair. Again, don’t loose this file. First we need to copy that .PEM file (mines called calebogden.pem) into the .SSH folder of your mac. Open up terminal and input this command to open that hidden folder.
open ~/.ssh
Drag your .PEM file into the SSH folder.
Now we can test our ssh connection through terminal. Launch terminal, and input this command:
ssh -i ~/.ssh/YOUR_KEYPAIR_FILE.pem ec2-user@YOUR_IP_ADDRESS
When asked about the authenticity of the host, type yes and hit enter. You’ll likely also see a warning that says WARNING: UNPROTECTED PRIVATE KEY FILE!, in which case run this command to give your .PEM file the proper permissions.
sudo chmod 600 ~/.ssh/YOUR_KEYPAIR_FILE.pem
If you had to change the file permissions, then run your connection again. You should see this beautiful welcome text.
Connecting as the Root User
Now that we’re in, we want to work as the root user, but we’ll have to jump through some hoops to be able to connect as the root every time. If you try to connect with root at first, instead of ec2-user, you’ll hit a roadblock. To fix this, become a superuser (I know how awesome that sounds) by running this command.
sudo su
Now we’ll open the SSH config and change some settings. As with all things in Linux, you want to be very careful to only change / edit what’s listed here. To open the config we’ll be using the Linux Vim editor by running this command.
vi /etc/ssh/sshd_config
Find the line that has the setting PermitRootLogin forced-commands-only, comment that out by putting a # sign before it, and then add PermitRootLogin without-password beneath it. This will allow us to connect as a root user.
Note: To start editing, just hit the ‘I’ key while in VIM, to exit the insert mode, it the ESC key.
After you’ve fixed the config file, hit ESC to exit insert mode, and then run the command :w to write, and the :q to quit, alternatively :wq.
Now we have to change the authorized_keys SSH file to not run commands in the first line. Open that config file with the command:
vi /root/.ssh/authorized_keys
Once its open, delete the command command="echo 'Please login as the ec2-user user rather than root user.';echo;sleep 10, all the way until you reach, ssh-rsa. Now it ESC and :wq to leave vim.
We now need to restart the SSH service, this is done by using the command:
service sshd restart
Now open a new terminal window without closing the old one, and test the connection.
ssh -i ~/.ssh/YOUR_KEYPAIR_FILE.pem root@YOUR_IP_ADDRESS
You should see the beautiful welcome message again; you’ll now be connected as a root user. Awesome.
Exhausted yet? Well we’re just getting started. Now, head back to the hidden .SSH folder on your computer, create a new file called config (no extension), you’ll need to use a text editor when making change to this file. We’ll just create a shortcut that will allow us to connect easily with programs like Coda and Transmit, and an easy entrance with SSH through terminal.
In this config file, we’ll define a Host, User, IdentityFile, and HostName
Host HOST_NICKNAME_HERE User root IdentityFile "~/.ssh/YOUR_KEYPAIR_FILE.pem" HostName YOUR_IP_ADDRESS
Now head back to terminal, open a new window, and test the connection with this line:
ssh HOST_NICKNAME_HERE
You’ll see the familiar welcome text, and now we’re now ready to start pumping in software!
Installing Server Software
Programs can be easily installed with the yum command. So lets start by installing Apache with the command line:
yum install httpd
And then start apache with command:
service httpd start
Now we’ll install PHP and some needed libraries:
yum install php libmcrypt libmcrypt-devel php-mcrypt php-mbstring
After which we’ll want to restart Apache:
service httpd restart
Install MySQL
yum install mysql
yum install –y mysql-server
Start MySQL Server
service mysqld start
Now we can assign a MySQL Server password
/usr/bin/mysqladmin -u root password ‘SUPERSECUREPASSWORD’
And that’s it! You have your basic webserver, php, and mysql installed. At this point you can see things coming together by browsing to: http://YOUR_IP_ADDRESS. You should see the Amazon Linux AMI Test Page.
Installing phpMyAdmin
Now since phpMyAdmin isn’t in Amazon’s yum, and since some older copies are buggy, we’ll install the latest version by hand.
First lets go to the Document Root (where apaches loads files for the web from), which should be /var/www/html, but you can verify by running the command grep DocumentRoot /etc/httpd/conf/httpd.conf.
Go to Document Root
cd /var/www/html
Download phpMyAdmin 3.3.9.1 (or latest version, if you update a later version, remember to change your folder/file paths to the correct version)
wget http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.3.9.1/phpMyAdmin-3.3.9.1-all-languages.tar.gz
Extract to Document Root
tar -xzvf phpMyAdmin-3.3.9.1-all-languages.tar.gz -C /var/www/html
Rename folder to phpmyadmin, and delete downloaded file.
mv phpMyAdmin-3.3.9.1-all-languages phpmyadmin
rm -rf phpMyAdmin-3.3.9.1-all-languages.tar.gz
We now need to add a user and give that user permission for this folder:
adduser phpmyadmin
passwd phpmyadmin
After you set a password, find the user group (should be apache) with this command:
egrep 'User|Group' /etc/httpd/conf/httpd.conf
Which will return:
User apache
Group apache
And last, run this command to associate that user with the phpmyadmin folder:
chown -R phpmyadmin.apache phpmyadmin/
Now we need to go the that folder, and set some permissions:
cd /var/www/html/phpmyadmin/
mkdir config
chmod o+rw config
cp config.sample.inc.php config/config.inc.php
chmod o+w config/config.inc.php
And now we should restart Apache…
service httpd restart
Finally! You can head over and configure your phpMyAdmin!
Browse to: http://YOUR_SERVER_IP/phpmyadmin/setup/index.php, and hit the new server button.
The only values you need to input are the Verbose name of the server, and Password for config auth.
Now you can login by browsing to: http://YOUR_SERVER_IP/phpmyadmin/index.php. Username will be root and password is whatever you set as your super secure password for MySQL above.
NOTE: If you see an error that says “Cannot load mysql extension. Please check your PHP configuration”, then run the commands below, and then reload the page. You may have to wait a few seconds after you restart it. If the message still displays, try restarting a final time after waiting a few minutes.
yum -y install php-mysql
service httpd restart
After you log in, as the warning near the bottom of the page says, the last step is to remove the config folder we created above, and adjust some other options.
cd /var/www/html/phpmyadmin/
rm -rf config
Now use VIM to rename, and edit the main config file:
mv config.sample.inc.php config.inc.php
vi config.inc.php
Add a BlowFish Secret as shown below:
$cfg['blowfish_secret'] = 'SuckBird'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
Hit ESC, and then :wq to save and quit.
Now, we head back into the world of GUI, and setup our Wordpress Database. Getting close!
Browse to: http://YOUR_IP_ADDRESS/phpmyadmin/index.php, after you log into phpMyAdmin again, create a new table called wordpress.
After this table is created, head to the privileges tab, and add a new user. Fill in the User name, and password / confirm. For the Database for user section, select the option Grant all privileges on database "wordpress”.
Whew! That was intense. Okay, just a few more minutes and you’ll have your Wordpress Platform running on Linux.
Installing Wordpress
Now the easy (and fun) part of the process, getting wordpress installed. Head back to the root:
cd /
Execute these commands to download wordpress, extract it to your Document Root, and install wordpress in the main root of your site.
wget http://wordpress.org/latest.tar.gz
tar -xzvf latest.tar.gz -C /var/www/html
cp -avr /var/www/html/wordpress/* /var/www/html
rm -rf /var/www/html/wordpress
Lastly, we need to give Apache some permissions for the Document Root folder.
chown -R apache /var/www/html
chmod -R 755 /var/www/html
Now lets do a restart on apache, and start setting up Wordpress!
service httpd restart
Browse to your wordpress site: http://YOUR_IP_ADDRESS. You should see a Create Configuration File button, click that, and then click the Lets Go button.
Input your credentials
Input your Wordpress Site information…
Success!
From this point, you can connect easily with programs like Coda and Transmit to start working on your code!
Conclusion
Amazon Cloud is, by far, the best option I’ve found for Cloud Hosting, and this article barley scratches the surface of the power found in the variety of AWS products.
As for hosting on a Linux server, there is a reason Microsoft is so dang expensive to operate; it’s a lot easier to get things started, however, the cost savings with operating on Linux vastly outweighs the rigors of using it.
Once you’ve gone through this process a single time, you can launch additional images based on the AMI you created, which in turn means you can get your clients hosted in the cloud on their own server, free for a year, with a few seconds of work. Now that’s incentive.
Additional Help and Resources Used
This article could not have been possible without the stellar work of the people who own the resources below. In addition I've turned on comments for this article to answer any questions.
JeffreySambells http://jeffreysambells.com/posts/2010/08/04/connecting-to-amazon-ec2-using-transmit
How-To Geek http://www.howtogeek.com/wiki/Fixing_%22WARNING:_UNPROTECTED_PRIVATE_KEY_FILE!%22_on_Linux
The Geek Stuff http://www.thegeekstuff.com/2010/09/install-phpmyadmin/
2Bit Coder http://www.2bit-coder.com/2010/09/wordpress-in-the-cloud-amazon-ec2/
Whirix Blog http://blog.whirix.com/2011/02/root-login-to-amazon-ec2-instance.html
Linux Blog Magazine http://www.jonboy60.com/2010/08/23/howto-install-mcrypt-and-recompile-php/
nixCraft http://www.cyberciti.biz/faq/howto-find-unix-linux-apache-documentroot
283 Responses to Wordpress on Linux in the Amazon Cloud with Mac
@Dave Thanks, we should have a linux party at Hard Times :)
@Pablo To launch multiple sites on the same instance you have to configure a vhost file, which I'm adding to the documentation soon.
You could SSH into the server from your mac? If you get that far it's very important to make sure you're connecting as the Root user (see Connecting as the Root User section) or you wont be able to move forward.
If you're still stuck after that shoot me an email.
Your effort is much appreciated.
Cheers
I managed to get wordpress running,
But how can we point our domain .com to the wordpress installed site?
Great post, followed it and it worked perfectly. Now, how would you use the same ec2 beta instance to host multiple hosts (vhosts) in apache and have the same phpmyadmin access to all of them. For example, havinging www.site1.com/phpmyadmin, www.site2.com/phpmyadmin, www.site3.com/phpmyadmin
Thanks,
Ibrahim
@Santel Point your DNS A record to the Elastic IP that Amazon provided you (what you connect to with SSH).
/etc/httpd/conf.d/vhost.confAnd then you can define VirtualHosts like this:
ServerName www.XXX.com
DocumentRoot /var/www/html/XXX
ServerName www.YYY.com
DocumentRoot /var/www/html/YYY
ServerName www.ZZZ.com
DocumentRoot /var/www/html/ZZZ
If you google that syntax you can find more options than I included there.
- Make sure you have your security groups setup to include SSH (see above), including correct ports.
- Make sure you're connected as root user, instead of ec2user
- Make sure you can use VIM in other capacities
Thank for your clear tutorials. I can now manage to have few blogs hosted on EC2.
I have another question, By following these steps, where are the root stored? Is it on local Instance or EBS?
I don't know if we can verify this.
THanks
Slight problem when downloading phpMyAdmin using your syntax given.
It only worked when I changed the version from 3.3.9.1 to 3.4.2 (latest release at time of writing).
So I assume that for anyone following this guide in future, they should be changing the version number to the latest release?
Cheers
@Zihui Exactly, thanks for the note, I've updated the article to reflect your comment.
The only item I tripped up on was changing the permissions for apache, I found that the username was not "apache" but "www-data", so I replaced your above chown to:
chown -R www-data /var/www/html
And it works perfectly now!
Thanks again!!
David-J-Labourdettes-MacBook-Pro:~ David_Labourdette$ ssh webserver
/Users/David_Labourdette/.ssh/config: line 1: Bad configuration option: {rtf1ansiansicpg1252cocoartf1038cocoasubrtf350
/Users/David_Labourdette/.ssh/config: line 2: Bad configuration option: {fonttblf0fswissfcharset0
/Users/David_Labourdette/.ssh/config: line 3: Bad configuration option: {colortbl;red255green255blue255;}
/Users/David_Labourdette/.ssh/config: line 4: Bad configuration option: margl1440margr1440vieww9000viewh8400viewkind0
/Users/David_Labourdette/.ssh/config: line 5: Bad configuration option: pardtx720tx1440tx2160tx2880tx3600tx4320tx5040tx5760tx6480tx7200tx7920tx8640qlqnaturalpardirnatural
/Users/David_Labourdette/.ssh/config: line 7: Bad configuration option: f0fs24
/Users/David_Labourdette/.ssh/config: terminating, 6 bad configuration options
...any ideas on why? and how I can fix that?
Thanks!
I'm using TextEdit to edit it, is this ok?
In the config file is there a special nickname that I am supposed to use, or can I just make one up? and is the IP address the one that was assigned to me in the Elastic IP section of the EC2 page?
...it's not even letting me get to the welcome screen in terminal anymore- I'm still getting the bad configuration options message, but this time there seems to be 8 errors on 9 lines... so maybe it has nothing to do with the config file???
I get stuck at the "NOTE: If you see an error that says “Cannot load mysql extension. Please check your PHP configuration”, then run the commands below, and then reload the page. You may have to wait a few seconds after you restart it. If the message still displays, try restarting a final time after waiting a few minutes."
I've tried running the extra 2 lines, and restarted httpd, and mysqld, but still get the error.
Anything else I could possibly try?
http://YOUR_IP_ADDRESS/phpmyadmin/ instead of http://YOUR_IP_ADDRESS/phpmyadmin/index.php
and it worked… I'm guessing it wasn't a coincidence in time waited after a httpd restart!
Thanks again, all up and running. Will venture into the Virtual Hosts tute next!
when i go to http://MYIP/phpmyadmin/index.php
it said " the mysqli extension is missing.Please check your PHP configuration"
Can anyone help me?
#1045 Cannot log in to the MySQL server
But the supersecurepassword I was entering was the one I set for config auth but it has to be your MySqladmin password.
@David Labourdette Yes I've had the same problem before, and that was the only solution I could find.
@Jake Glad it worked!
@Jordan Please see my note in regards to the error "Cannot load mysql extension. Please check your PHP configuration". Follow those instructions and it should work.
@AT, @SS Yes you need to be careful while setting your passwords, but as SS mentioned you need to use your MySQLAdmin password.
Keep in mind that typos and spelling mistakes will a lot of problems, everything in my tutorial above should be copy/paste.
]# mysql -uroot
>SET PASSWORD FOR 'root'@'localhost' = PASSWORD('your password here');
>flush privileges;
q
then
]# mysql -uroot -p
One question: after configuring the phpmyadmin, the ip/phpmyadmin/setup/index.html is still available and apparently without a password protection.... Is that the way it is supposed to be?
Great tutorial, very helpful. I have run into a problem though when trying to upload a theme through the admin interface. I get a message saying 'The uploaded file could not be moved to /var/www/html/wp-content/uploads/2011/10.' It is just a regular zip file.
I've used it before on my other WP install. I've tried changing the owner of the uploads folder and the themes folder. I've tried to delete those folders and have them be recreated automatically, as well as recreated manually.
I know a new Amazon AMI just came out this week, any chance that has caused something to change (can't think of what though.) Any feedback would be very helpful.
Thanks,
Marc
I've had similar issues, and I believe that was the fix was getting the correct config on permissions, which, if I remember, was 777 on the month folder.
I am new to WP (and linux, aws etc.) but does it seem odd that it is trying to move the zip of the theme to the uploads folder and not the themes folder?
One the first installation I uploaded the file manually and unzipped it to the themes folder. It worked (more or less), but when I imported my images from my original WP site (export -> import) I could no longer change the sizes. Not sure if that is a sign that there is an issue with the permissions or what.
Hmm... other than that, I log in as root. The folders both show apache|apache as Owner|Group. Any other ideas? I mainly want to get this set up so I can do your next tutorial and host my few small websites on AWS on the same server rather than 1 server for each.
I googled this stuff, and only things I found other than the chmod was checking PHP to make sure it wasn't in safemode, which it isn't.
Thanks again for the quick reply... any idea's are worth a shot.
Cheers,
Marc
Thanks for doing the hard work for me!
On the next screen i get the following error:
'#2002 Cannot log in to the MySQL server'
and at the bottom it shows:
'Cannot load mcrypt extension. Please check your PHP configuration.'
I'm completely new to Linus and php so followed the instructions word by word...Please
Try that out, and it should fix your issue. Good Luck!
also what is the error regarding mycrypt extension?
Thanks
Amit
after login with ec2-user type:
sudo sh
then type:
passwd:
set root password
retype root password
then
vi /etc/ssh/sshd_config
Uncomment PermitRootLogin yes
then change
PasswordAuthentication yes
to
PasswordAuthentication yes
done!
after login with ec2-user type:
sudo sh
then type:
passwd
it will prompt you to set "root"
set root password
retype root password
then
vi /etc/ssh/sshd_config
Uncomment PermitRootLogin yes
then change
PasswordAuthentication no
to
PasswordAuthentication yes
done!
@cloudhost.vn Grand!
@Marcus That's awesome! Glad it's easy to follow :-)
If you copy that file to the phpmyadmin folder after configuring you won't have to set the blowfish secret anymore - it happens automatically as part of the setup configuration.
I had one problem that I am trying to work out. After going through your tutorial, I stopped my EC2 and went to bed. When I restarted the server the next morning and tried to log in with Putty, I received an error message back from the server: "server refused our key." This is the same key I used the night before for both the ec2-user and root.
There seem to a lot of people that get that error message, but apparently for different reasons, so I was unable to find anything that seem to fit my circumstance.
Was I supposed to go back and restore the root config files, or did I miss a step that was supposed to prevent this after a reboot?
Good job!
Pez
Nice tutorial, thanks!!
I've done all the stuff but when I try to acces to http://XX.XX.XX.XX/phpmyadmin/ or http://XX.XX.XX.XX/phpmyadmin/index.php or http://XX.XX.XX.XX/phpmyadmin/setup/index.php I get the following error:
Forbidden
You don't have permission to access /phpmyadmin/index.php on this server.
Any idea?
Thanks!!
Thanks!
I'm about to follow your guide to migrate my wordpress site to EC2 and was just wondering why you didn't go 64-bit.
Thanks,
Dan
It took me about 30 minutes to get the 64-bit instance up and running with wordpress installed by following this guide. Amazing.
You literally saved me $24/mo. that I was ready to pay for an automated cloud management solution.
Thank you!
* @copyright Copyright (c) 2008, Piotr Przybylski * @license http://www.gnu.org/licenses/gpl.html GNU GPL 2.0 * @version $Id$ */ /** * Core libraries. */ require './lib/common.inc.php'; $page = filter_input(INPUT_GET, 'page'); $page = preg_replace('/[^a-z]/', '', $page); if ($page === '') { $page = 'index'; } if (!file_exists("./setup/frames/$page.inc.php")) { // it will happen only when enterung URL by hand, we don't care for these cases die('Wrong GET file attribute value'); } // send no-cache headers require './libraries/header_http.inc.php'; ?>
phpMyAdmin get('PMA_VERSION'); ?> setup
http://corpocrat.com/2008/09/28/how-to-fix-phpmyadmin-403-forbidden-error/
I believe your procedure can be simplified a bit by installing wordpress before adding phpMyAdmin. You might want to add the command: mysql_secure_installation to lock down the database. I've also heard it is a good idea to remove the Admin user --- after first giving admin privileges to another account.
The steps for adding phpMyAdmin were very helpful for me.
Thank you!
sudo yum install vsftpd -y-Andrew
Wonderful guide! I know you have answered a bunch of questions, but Would you mind answering one more question?
I get as far as:
adduser phpmyadmin passwd phpmyadmin
After you set a password, find the user group (should be apache) with this command:
egrep 'User|Group' /etc/httpd/conf/httpd.conf
For the adduser phpmyadminpasswd phpmyadmin I get permission denied
And for the egrep 'User|Group' /etc/httpd/conf/httpd.conf
I get this:
ser/Group: The name (or #number) of the user/group to run httpd as.
# . On SCO (ODT 3) use "User nouser" and "Group nogroup".
# NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
# when the value of (unsigned)Group is above 60000;
# don't use Group #-1 on these systems!
User apache
Group apache
# UserDir: The name of the directory that is appended onto a user's home
# UserDir is disabled by default since it can confirm the presence
UserDir disabled
# directory, remove the "UserDir disabled" line above, and uncomment
#UserDir public_html
# Control access to UserDir directories. The following is an example
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
Please help? :)
Please create web server writable folder config in phpMyAdmin top level directory as described in documentation. Otherwise you will be only able to download or display it.