How to Install ElkArte Forum with Apache and Encrypt on Debian 10

How to Install ElkArte Forum with Apache and Encrypt on Debian 10

ElkArte is a free, open source, and powerful forum software that lets you create your own online forum community. It is a simple, lightweight and modern forum platform based on PHP and uses MySQL / MariaDB to store its data. ElkArte has a wealth of features including notifications, post likes, drafts, autosave, drag and drop file attachments, YouTube’s integrated video embedding, posting via email, improved anti-spam measures, and more.

In this tutorial, we will explain how to install ElkArte on a Debian 10 server.

Claim

  • A server running Debian 10.
  • A root password is set for your server.

getting Started

Before you begin, you need to update your system with the latest version. You can do this by running the following command:

apt-get update -y apt-get upgrade -y

After updating the server, restart the server to apply the changes.

Install Apache, MariaDB and PHP

First, you will need to install the Apache web server, MariaDB database server, PHP, and other required libraries on the server. You can install them all by running:

apt-get install apache2 mariadb-server php libapache2-mod-php php-common php-curl php-intl php-mbstring php-xmlrpc php-mysql php-gd php-pgsql php-xml php-cli php-imagick php-bcmath php-gmp php-zip unzip -y

After installing all packages, open the php.ini file and make some settings:

nano /etc/php/7.3/apache2/php.ini

Change the following lines:

memory_limit = 256M
upload_max_filesize = 100M
max_execution_time = 360
date.timezone = America/Chicago

Save and close the file when you are finished. Then, restart the Apache web server using the following command:

systemctl restart apache2

Configure the database for ElkArte

Next, you will need to create a database and users for ElkArte. To do this, log in to the MariaDB shell using the following command:

mysql -u root -p

Provide your root password when prompted, then use the following command to create the database and user:

MariaDB [(none)]> CREATE DATABASE elkartedb; MariaDB [(none)]> CREATE USER 'elkarte'@'localhost' IDENTIFIED BY 'password';

Next, grant all privileges to ElkArte using the following command:

MariaDB [(none)]> GRANT ALL ON elkartedb.* TO 'elkarte'@'localhost' WITH GRANT OPTION;

Next, refresh the privileges and exit from the MariaDB shell using the following command:

MariaDB [(none)]> FLUSH PRIVILEGES; MariaDB [(none)]> EXIT;

When you are done, you can proceed to the next step.

Download ElkArte

First, you need to download the latest version of ElkArte from the Git repository. To download it, run the following command:

wget https://github.com/elkarte/Elkarte/archive/master.zip

After the download is complete, use the following command to unzip the downloaded file:

unzip master.zip

Next, move the extracted directory to the Apache web root directory:

mv Elkarte-master /var/www/html/elkarte

Next, use the following command to change the ownership of the elkarte directory and provide the necessary permissions:

chown -R www-data:www-data /var/www/html/elkarte chmod -R 755 /var/www/html/elkarte

When you are done, you can proceed to the next step.

Create a virtual host for ElkArte

Next, you will need to create an Apache virtual host profile to serve ElkArte. You can create it using:

nano /etc/apache2/sites-available/elkarte.conf

Add the following lines:


     ServerAdmin [email protected]
     DocumentRoot /var/www/html/elkarte
     ServerName example.com

     
          Options FollowSymlinks
          AllowOverride All
          Require all granted
     

     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined
    

Save and close the file when you are finished. Then, enable the virtual host file and the Apache rewrite module using the following command:

a2ensite elkarte.conf a2enmod rewrite

Finally, restart the Apache web server to apply the changes:

systemctl restart apache2

Access ElkArte web interface

ElkArte is now installed and configured. It’s time to access the ElkArte Web interface.

Open your web browser and enter the URL http://example.com. You will be redirected to the ElkArte welcome page:

Click carry on Button. You should see the following page:

Database settings

Provide your database name, database username, password, and click carry on Button. You should see the following page:

Forum settings

Provide your forum name, forum URL, and click the “Continue” button. You should see the following page:

Populate the database

Now click carry on Button. You should see the admin creation page:

Create an administrator account

Provide the required administrator name, password, email, database password and click carry on Button. When the installation is complete, you will see the following page:

finish installation

Now, click “Your newly installed forum“. You should see the ElkArte dashboard on the following pages:

ElkArte Forum

Let’s Encrypt to Protect ElkArte

First, you need to install Certbot on the server. Certbot is used to obtain an SSL certificate from “encryption” and configure Apache to use this certificate.

By default, the latest version of Certbot is not available in the Debian 10 default repository. So you will need to add a Certbot repository on the server.

First, add the Certbot repository using the following command:

add-apt-repository ppa:certbot/certbot

After adding the repository, update the repository and install Certbot using the following command:

apt-get update -y apt-get install certbot python-certbot-apache -y

Certbot is now installed and ready to use.

Run the following command to get the SSL certificate for your domain:

certbot --apache -d example.com

First, you need to provide a valid email address and agree to the terms of service as shown below:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): [email protected]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for example.com
Enabled Apache rewrite module
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/apache2/sites-available/example.com-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/example.com-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/example.com-le-ssl.conf

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

Next, select options 2 Download and install a free SSL certificate for your domain. After successfully completing the installation. You should get the following output:

Enabled Apache rewrite module
Redirecting vhost in /etc/apache2/sites-enabled/example.com.conf to ssl vhost in /etc/apache2/sites-available/
example.com-le-ssl.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://example.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=example.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/example.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/example.com/privkey.pem
   Your cert will expire on 2019-10-22. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
 - If you like Certbot, please consider supporting our work by:
   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Congratulations! Your ElkArte is now protected by an SSL certificate. You can now access it securely by visiting the URL https://example.com.

Source

Sidebar