How to install WonderCMS with Apache and encrypt SSL on CentOS 8

How to install WonderCMS with Apache and encrypt SSL on CentOS 8

WonderCMS is a free, open source, simple and lightweight content management system for building simple websites and blogs. It is a flat file CMS and does not require any database. The installation process is very simple and does not require any initial configuration. It provides a rich feature set, including WYSIWYG support, flexible CSS frameworks, SEO friendly, and more.

In this tutorial, we will show you how to install WonderCMS on CentOS 8 and secure it with “Let’s Encrypt SSL”.

prerequisites

  • Server 8 running CentOS.
  • A root password is configured on your server.

Install Apache and PHP

First, install the Apache web server, PHP, and other PHP extensions using the following command:

dnf install httpd php php-mysqlnd php-curl php-opcache php-xml php-xmlrpc php-gd php-mbstring php-zip php-json wget unzip git -y

After the installation is complete, open the php.ini file and change some settings:

nano /etc/php.ini

Change the value according to your requirements:

memory_limit = 128M
post_max_size = 32M
upload_max_filesize = 16M
max_execution_time = 300
date.timezone = Asia/Kolkata

Save and close the file when you are finished. Then, start the Apache service and restart it with the following command to start after the system restarts:

systemctl start httpd systemctl enable httpd

Download WonderCMS

First, download the latest version of WonderCMS from the Git repository:

cd /var/www/html git clone https://github.com/robiso/wondercms.git

After the download is complete, use the following command to provide appropriate permissions to the downloaded directory:

chown -R apache:apache /var/www/html/wondercms chmod -R 775 /var/www/html/wondercms

Configure Apache for WonderCMS

First, create a new Apache virtual host configuration file for WonderCMS using the following command:

nano /etc/httpd/conf.d/wondercms.conf

Add the following lines:


  ServerName wonder.linuxbuz.com
  DirectoryIndex index.php
  DocumentRoot /var/www/html/wondercms  
  Redirect /wondercms/loginURL /loginURL

  ErrorLog /var/log/httpd/linuxbuz.com-error.log
  CustomLog /var/log/httpd/linuxbuz.com-access.log combined

  
      Options FollowSymLinks
      AllowOverride All
      Require all granted
  


Save and close the file. Then, restart the Apache service using the following command:

systemctl restart httpd

You can also check the status of the Apache service using the following command:

systemctl status httpd

You should see the following output:

? httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
  Drop-In: /usr/lib/systemd/system/httpd.service.d
           ??php-fpm.conf
   Active: active (running) since Wed 2020-02-19 08:51:34 EST; 1min 25s ago
     Docs: man:httpd.service(8)
 Main PID: 4716 (httpd)
   Status: "Total requests: 6; Idle/Busy workers 100/0;Requests/sec: 0.0759; Bytes served/sec: 812 B/sec"
    Tasks: 278 (limit: 12558)
   Memory: 43.1M
   CGroup: /system.slice/httpd.service
           ??4716 /usr/sbin/httpd -DFOREGROUND
           ??4718 /usr/sbin/httpd -DFOREGROUND
           ??4719 /usr/sbin/httpd -DFOREGROUND
           ??4720 /usr/sbin/httpd -DFOREGROUND
           ??4721 /usr/sbin/httpd -DFOREGROUND
           ??4935 /usr/sbin/httpd -DFOREGROUND

Feb 19 08:51:34 centos8 systemd[1]: Starting The Apache HTTP Server...

Let’s encrypt SSL to protect Wonder WonderCMS

Next, install the Certbot Let’s Encrypt client using the following command:

wget https://dl.eff.org/certbot-auto mv certbot-auto /usr/local/bin/certbot-auto chown root /usr/local/bin/certbot-auto chmod 0755 /usr/local/bin/certbot-auto

Now, run the following command to get and install the SSL certificate of the WonderCMS website.

certbot-auto --apache -d wonder.linuxbuz.com

The above command will first install all required dependencies on the server. After installation, you will be asked to provide an email address and accept the terms of service as follows:

note : If you encounter any errors related to the SSL certificate, restart the Apache service and run the above command again.

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): [email protected]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y 


Obtaining a new certificate
Performing the following challenges:
http-01 challenge for wonder.linuxbuz.com
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/nginx/conf.d/wondercms.conf

Next, you will need to choose whether to redirect HTTP traffic to HTTPS as follows:

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

Types of 2 And hit Enter Then go on. After the installation is complete, you should see the following output:

Redirecting all traffic on port 80 to ssl in /etc/nginx/conf.d/wondercms.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://wonder.linuxbuz.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=wonder.linuxbuz.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/wonder.linuxbuz.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/wonder.linuxbuz.com/privkey.pem
   Your cert will expire on 2020-03-23. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot-auto
   again with the "certonly" option. To non-interactively renew *all*
   of your certificates, run "certbot-auto renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Configure firewall and SELinux

Next, you will need to create firewall rules to allow HTTP and HTTPS services from external networks. You can use the following command to allow it:

firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https firewall-cmd --reload

Next, you will need to configure SELinux for WonderCMS. You can configure SELinux with the following command:

setsebool httpd_can_network_connect on -P chcon -R -u system_u -t httpd_sys_rw_content_t -r object_r /var/www/html/wondercms

Finally, restart the Apache service to apply the changes:

systemctl restart httpd

Visit WonderCMS

Now, open a web browser and enter the URL https://wonder.linuxbuz.com. You will be redirected to the WonderCMS home page:

Now copy the password from the previous page and click CLick sign Button. You should see the following page: Ads

WonderCMS login

Paste the password and click log in Button. You should see the following page:

WonderCMS admin mode

Next, click Set value => Safety. You should see the following page:

WonderCMS Dashboard

Change your login URL, password, and click change password Button.

in conclusion

Congratulations! You have successfully installed and secured WonderCMS on CentOS 8 using “Let’s Encrypt SSL”. Now you can easily host your blog and website with WonderCMS.

Related Posts