2019-05-01_Linux_Format

(singke) #1

72 LXF249 May 2019 http://www.linuxformat.com


TUTORIALS WordPress to static HTML


selectthe$5instance.Chooseanappropriate
datacentre(wesuggestchoosingtheonethat’smost
geographicallyclosetoyou)andclickthegreenSubmit
bar.Shortlyaftersubmittingtherequestyoushould
receiveanemailwiththerootpassword.
It’spossibletousepublic/privatekeystologin,but
thespecificsmayvarybyvendor.We’llimplementa
public/privatekeysetupforourservermanually.
TheemailshouldcontainboththeserverIPand
addressandrootpassword.Logintotheserverusing
thefollowingcommandintheterminalwindow:
sshroot@<ipaddress>
AssumingyoutrustthisIP,it willaskyoutoaccept
thefingerprint.Oninitialloginyou’llneedtochangethe
password.Enterthepasswordandconfirmit.Allbeing
wellyou’llbeloggedintotheserverasroot.Thiscanbe
confirmedbyusingthecommandwhoami. Thiswill
confirmthecurrentuserloggedin.
Thefirststepistoupdatetheservertoinclude
thelatestpatchesandreboot.Performthiswiththe
following commands:
apt-get update && apt-get upgrade -y
reboot
The next step is to configure users, because being
logged in as the root user for most purposes is not a
good idea from a security stance. Create a user with
the following command and set a password for it.
useradd -m adminuser -s /bin/bash
passwd adminuser
The next step is to add the user to the sudoers,
the users who can elevate their rights and run
administrative command using the sudo command.
Luckily, this is quite straightforward:
usermod -aG sudo adminuser
Verify this is working by using the command:
id adminuser
This command should give a list of the groups the
user belongs to: one of them should be sudo. It should
now be quite straightforward to log in using the admin
user and the new password, using SSH as we did
before: ssh adminuser@ip_address. Test that the sudo
elevation works by using the command sudo su. If it
does work, you can move on to making the environment
a bit more secure. One of the first things to do is to
disable the abilities of the root user. Open the

neofthegreatthingsaboutdealingwithstatic
contentisthathavingnoPHPordatabase
dependencies,thismeansthatnotonlyare
thesitesmoreperformant,theyconsumeless
resourcesandthereforearenotonlylessexpensivebut
backinguptheimportantdataistrivial.Therearemany
VPS(VirtualPrivateServer)providersyoucanchoose
forthistask.Forthisinstancewearegoingtouse
DigitalOcean(www.digitalocean.com) astheyarevery
fast,easilyaccessibleandinexpensive.
Thissecondinstalmentbuildsontheprevious
tutorialaroundcreatingperformantstaticwebsites
froma localWordPressinstance.It isassumedatthis
pointthereaderisabletocreateandsuccessfully
exporttheWordPresssiteasa zipfilecontainingthe
staticWorpressexportfilesusingtheSimplyStatic
tool.Thenextstepistocreateaninternetfacing
webserverforthispurpose,whichiswhatwe’regoing
tocoverhere.
Thefirststepistocreateanaccountwith
DigitalOcean, which is pretty simple and straightforward


  • you can also use an existing Google account if you
    prefer. Once you’ve signed up, select Ubuntu 16.04 LTS
    as the distribution choice. Select the starting plan and


Simply Static’s
output generation.

Building a secure


website to host sites


Stuart Burnsshows you how to create a secure web server on which you


canhoststatically generated WordPress sites on a secure Apache server.


StuartBurns
specialises in
large-scale
infrastructure
management and
virtualisation
technologies, and
writes about new
and emerging
technologies.


O


APACHE


OUR
EXPERT

Part Two!
Missed part one
in LXF248? See
p66 for back
issues!
Free download pdf