Hello,

In this week’s feature highlight, we look at How to How to Install Composer on Rocky Linux 9

Composer is a dependency manager for the programming language, PHP. It functions as some sort of project manager that helps the programmer manage dependencies that will be used on a project-to-project basis.

Installing PHP

Install PHP using the dnf package manager as shown below,

dnf install php

Output:

[root@server ~]# dnf install php
Last metadata expiration check: 2:53:03 ago on Tue 19 Jul 2022 08:34:16 PM CEST.
Package php-8.0.13-1.el9.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!

Download Composer Installer

Install wget package to download files from the internet.

dnf -y install wget

Download the installer file from their official site using the wget command as shown below,

wget https://getcomposer.org/installer -O composer-installer.php

Output:

[root@server ~]#     wget https://getcomposer.org/installer -O composer-installer.php
--2022-07-19 23:29:07--  https://getcomposer.org/installer
Resolving getcomposer.org (getcomposer.org)... 54.36.53.46, 2001:41d0:302:1100::8:104f
Connecting to getcomposer.org (getcomposer.org)|54.36.53.46|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 58140 (57K) [application/octet-stream]
Saving to: ‘composer-installer.php’

composer-installer.php        100%[=================================================>]  56.78K  --.-KB/s    in 0.009s

2022-07-19 23:29:08 (6.32 MB/s) - ‘composer-installer.php’ saved [58140/58140]

Installing PHP Composer

Run the downloaded composer installation file with the below command,

php composer-installer.php --filename=composer --install-dir=/usr/local/bin 

Output:

[root@server ~]# php composer-installer.php --filename=composer --install-dir=/usr/local/bin
All settings are correct for using Composer
Downloading...

Composer (version 2.3.10) successfully installed to: /usr/local/bin/composer
Use it: php /usr/local/bin/composer

Verify the PHP Composer version once the installation is done

composer --version

Output:

[root@server ~]# composer --version
Do not run Composer as root/super user! See https://getcomposer.org/root for details
Continue as root/super user [yes]? y
Composer version 2.3.10 2022-07-13 15:48:23

Testing Composer

To test your installation, run the following command.

composer

Output:

[root@server ~]# composer
Do not run Composer as root/super user! See https://getcomposer.org/root for details
Continue as root/super user [yes]? y
   ______
  / ____/___  ____ ___  ____  ____  ________  _____
 / /   / __ \/ __ `__ \/ __ \/ __ \/ ___/ _ \/ ___/
/ /___/ /_/ / / / / / / /_/ / /_/ (__  )  __/ /
\____/\____/_/ /_/ /_/ .___/\____/____/\___/_/
                    /_/
Composer version 2.3.10 2022-07-13 15:48:23

Usage:
  command [options] [arguments]

Hello,

In this week’s feature highlight, we look at How to Install Let’s Encrypt SSL with LAMP Stack on Rocky Linux 9

Let’s Encrypt is a non-profit certificate authority run by Internet Security Research Group that provides X.509 certificates for Transport Layer Security encryption at no charge. In this article, we are going to learn how to install Let’s Encrypt SSL on Rocky Linux 9. So, let’s get started.

Checkout the Let’s Encrypt SSL Project Here.

Get started with $5 VPS from CrownCloud. Check our latest offers : CrownCloud VPS [ 24×7 In-House Customer Support ]

Pre-requisites :

• A system with Rocky Linux 9 installed and running.
• root access to the system.
• A domain with appropriate DNS records set (usually an “A” record with a value of the server’s IP address).
• LAMP Stack installed and running, for this, you can refer to one of our guides on installing the LAMP Stack (Apache, MariaDB, and PHP).

Once you’re all set, we’ll proceed with Let’s Encrypt SSL installation and configuration.

Install snapd

We will install the snapd tool for installing and setting up the snaps. Run the below command,

dnf install snapd

Update the Snap with the below commands,

snap install core
snap refresh core

Run the below commands to start and enable the Snap upon boot.

systemctl start snapd.socket

systemctl enable snapd.socket

To check status

systemctl status snapd.socket

Enable the classic snap support by creating a symbolic link from /var/lib/snapd/snap to /snap with the command below:

ln -s /var/lib/snapd/snap /snap

Install Certbot using Snap

We will install Certbot using the Snap package. For this, we need the Snap installed with the below command:

snap install --classic certbot

ln -s /snap/bin/certbot /usr/bin/certbot

Configuring Apache vHost

Create a new apache configuration file blog.domainhere.info.conf for the domain with the following command:

nano /etc/httpd/conf.d/blog.domainhere.info.conf

Add the following codes:

  <VirtualHost *:80>
  ServerName blog.domainhere.info
  ServerAlias blog.domainhere.info
  DocumentRoot /var/www/html

  <Directory /var/www/html/>
      Options -Indexes +FollowSymLinks
      AllowOverride All
  </Directory>

  ErrorLog /var/log/httpd/blog.domainhere.info-error.log
  CustomLog /var/log/httpd/blog.domainhere.info-access.log combined
  </VirtualHost>

Change blog.domainhere.info with Your Domain Name.

Now, restart & check the apache with the following commands:

systemctl restart httpd

systemctl status httpd

Enable Firewall:

firewall-cmd --permanent --add-service=http

firewall-cmd --permanent --add-service=https

firewall-cmd --reload

Generating Let’s Encrypt SSL

Generate Let’s Encrypt SSL with the following command.

dnf install mod_ssl

certbot --apache

Output:

[root@server ~]# certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices)
 (Enter 'c' to cancel): username@mail.com

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server. Do you agree?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: y

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: y
Account registered.

Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: blog.domainhere.info
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Requesting a certificate for blog.domainhere.info

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/blog.domainhere.info/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/blog.domainhere.info/privkey.pem
This certificate expires on 2022-08-23.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

Deploying certificate
Successfully deployed certificate for blog.domainhere.info to /etc/httpd/conf.d/blog.domainhere.info-le-ssl.conf
Congratulations! You have successfully enabled HTTPS on https://blog.domainhere.info

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
 * Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
 * Donating to EFF:                    https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[root@server ~]#

Now, navigate to your browser and load your website with https,

(https://your.domainname.com)

You can notice a lock icon suggesting that your connection between the browser and the server is encrypted.

Now you have successfully installed Let’s Encrypt SSL with LAMP Stack on Rocky Linux 9.

Hello,

In this week’s feature highlight, we look at How to Install Joomla with LAMP Stack on Rocky Linux 9

Joomla is a free and open-source content management system for publishing web content on websites. Web content applications include discussion forums, photo galleries, e-Commerce, user communities, and numerous other web-based applications. In this article, we are going to learn how to install Joomla on Rocky Linux 9. So, let’s get started.

Checkout the Joomla Project Here.

Try this wiki on our VPS. Starting at just $5/month with 24×7 In-house customer support.

Pre-requisites :

• A system with Rocky Linux 9 installed and running.
• root access to the system.
• LAMP Stack installed and running, for this, you can refer to one of our guides on installing the LAMP Stack (Apache, MariaDB, and PHP).

Once you’re all set, we’ll proceed with Joomla installation and configuration.

Create Database

Let us begin with creating a Database and a user. We will then grant the required privileges to the user so it can interact with the Database.

mysql -u root

CREATE DATABASE owncloud_db;

CREATE USER 'owncloud_user'@'localhost' IDENTIFIED BY 'YOUR-PASSWORD-HERE';

GRANT ALL PRIVILEGES ON owncloud_db.* TO 'owncloud_user'@'localhost';

FLUSH PRIVILEGES;

QUIT

The above commands will give complete access to the user owncloud_user. Replace YOUR-PASSWORD-HERE with a safe and secure password.

Install Let’s Encrypt SSL Certificate

Next, we will install the Let’s Encrypt SSL cert so we can have the domain running on HTTPS.
You can refer the following link for instructions on how to Install Let’s Encrypt.

Download Joomla

Download Joomla from official website : Click here.

https://downloads.joomla.org/cms/joomla4/4-1-5/Joomla_4-1-5-Stable-Full_Package.zip?format=zip -O joomla.zip

unzip joomla.zip

rm joomla.zip

Setting up File Permissions

Let’s make the folders readable.

chown -R apache:apache /var/www/html/joomla

chmod -R 755 /var/www/html/joomla

chcon -R -t httpd_sys_content_rw_t /var/www/html/joomla

Configuring Apache vHost

Create a new apache configuration file blog.domainhere.info.conf for the domain with the following command:

vi /etc/httpd/conf.d/blog.domainhere.info.conf

Add the following codes:

<VirtualHost *:80>

ServerName blog.domainhere.info
ServerAlias blog.domainhere.info
DocumentRoot /var/www/html/joomla

<Directory /var/www/html/joomla/>
    Options -Indexes +FollowSymLinks
    AllowOverride All
</Directory>

ErrorLog /var/log/httpd/blog.domainhere.info-error.log
CustomLog /var/log/httpd/blog.domainhere.info-access.log combined

</VirtualHost>

Change blog.domainhere.info with Your Domain Name.

Now, press the Esc key, type :wq! and press the Enter key to save and exit the file.

Now, restart & check the apache with the following commands:

systemctl restart httpd

systemctl status httpd

Enable Firewall:

firewall-cmd --permanent --add-service=http

firewall-cmd --permanent --add-service=https

firewall-cmd --reload

Configuring Joomla

Now open the URL from your browser, this will redirect you to configuring the final parts of the Joomla installation.

https://blog.domainhere.info/

Replace the blog.domainhere.info with the actual IP or domain configured on the server.

Input the Database details which was configured earlier. Follow the below steps:

Now you have successfully installed Joomla with LAMP Stack on Rocky Linux 9.

Hello,

In this week’s feature highlight, we look at How to Install LEMP Stack on Rocky Linux 9

LEMP is a combination of free, open-source software. The acronym LEMP refers to the first letters of Linux (Operating system), Nginx Server, MySQL (database software), and PHP, PERL, or Python, principal components to build a viable general-purpose web server.

Update system

First, we will update the system to the latest with the following commands,

dnf update

Install Nginx Web Server

First, we will start by installing the Nginx web server. To complete the installation, use the following command:

dnf install nginx -y

Output:

[root@server ~]# dnf install nginx -y
Last metadata expiration check: 0:12:50 ago on Sat 16 Jul 2022 10:32:06 PM CEST.
Dependencies resolved.
================================================================================
 Package                Arch        Version                Repository      Size
================================================================================
Installing:
 nginx                  x86_64      1:1.20.1-10.el9        appstream      594 k
Installing dependencies:
 nginx-filesystem       noarch      1:1.20.1-10.el9        appstream       11 k
 rocky-logos-httpd      noarch      90.11-1.el9            appstream       24 k

Transaction Summary
================================================================================
Install  3 Packages

Total download size: 629 k
Installed size: 1.8 M
Downloading Packages:
(1/3): nginx-filesystem-1.20.1-10.el9.noarch.rp  34 kB/s |  11 kB     00:00
(2/3): rocky-logos-httpd-90.11-1.el9.noarch.rpm  60 kB/s |  24 kB     00:00

Once the installation is complete, enable Nginx (to start automatically upon system boot), start the web server, and verify the status using the commands below.

systemctl start nginx

systemctl enable nginx

systemctl status nginx

Output:

[root@server ~]# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy server
     Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor pre>
     Active: active (running) since Sat 2022-07-16 22:46:08 CEST; 269ms ago
   Main PID: 1309 (nginx)
      Tasks: 3 (limit: 11120)
     Memory: 2.8M
        CPU: 36ms
     CGroup: /system.slice/nginx.service
             ├─1309 "nginx: master process /usr/sbin/nginx"
             ├─1310 "nginx: worker process"
             └─1311 "nginx: worker process"

Check Nginx version

nginx -v

Output:

[root@server ~]# nginx -v
nginx version: nginx/1.20.1

To make your pages available to the public, you will have to edit your firewall rules to allow HTTP requests on your web server by using the following commands.

firewall-cmd --permanent --zone=public --add-service=http 

firewall-cmd --permanent --zone=public --add-service=https

firewall-cmd --reload

Output:

[root@server ~]# firewall-cmd --permanent --zone=public --add-service=http
success
[root@server ~]# firewall-cmd --permanent --zone=public --add-service=https
success
[root@server ~]# firewall-cmd --reload
success

Verify that the web server is running and accessible by accessing your server’s IP address.

From your browser,

http://IP_address

We need to make the user Nginx the owner of the web directory. By default, it’s owned by the root user.

chown nginx:nginx /usr/share/nginx/html -R

Install MariaDB Server

MariaDB is a popular database server. The installation is simple and requires just a few steps as shown.

yum install mariadb-server mariadb -y

Output:

[root@server ~]# dnf install mariadb-server mariadb -y
Last metadata expiration check: 0:16:13 ago on Sat 16 Jul 2022 10:32:06 PM CEST.
Dependencies resolved.
================================================================================
 Package                       Arch    Version                 Repository  Size
================================================================================
Installing:
 mariadb                       x86_64  3:10.5.13-2.el9         appstream  1.6 M
 mariadb-server                x86_64  3:10.5.13-2.el9         appstream  9.3 M
Installing dependencies:
 checkpolicy                   x86_64  3.3-1.el9               appstream  339 k
 libaio                        x86_64  0.3.111-13.el9          baseos      23 k
 mariadb-common                x86_64  3:10.5.13-2.el9         appstream   32 k
 mariadb-connector-c           x86_64  3.2.6-1.el9_0           appstream  195 k
 mariadb-connector-c-config    noarch  3.2.6-1.el9_0           appstream  9.8 k
 mariadb-errmsg                x86_64  3:10.5.13-2.el9         appstream  188 k
 mysql-selinux                 noarch  1.0.4-2.el9             appstream   35 k
 perl-AutoLoader               noarch  5.74-479.el9            appstream   30 k
 perl-B                        x86_64  1.80-479.el9            appstream  188 k
 perl-Carp                     noarch  1.50-460.el9            appstream   29 k

Once the installation is complete, enable MariaDB (to start automatically upon system boot), start the MariaDB, and verify the status using the commands below.

systemctl start mariadb

systemctl enable mariadb

systemctl status mariadb

Output:

[root@server ~]# systemctl status mariadb
● mariadb.service - MariaDB 10.5 database server
     Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor p>
     Active: active (running) since Sat 2022-07-16 22:50:32 CEST; 285ms ago
       Docs: man:mariadbd(8)
             https://mariadb.com/kb/en/library/systemd/
   Main PID: 3649 (mariadbd)
     Status: "Taking your SQL requests now..."
      Tasks: 15 (limit: 11120)
     Memory: 73.0M
        CPU: 599ms
     CGroup: /system.slice/mariadb.service
             └─3649 /usr/libexec/mariadbd --basedir=/usr

Finally, you will want to secure your MariaDB installation by issuing the following command.

mysql_secure_installation

Output:

[root@server ~]# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!   

Once secured, you can connect to MySQL and review the existing databases on your database server by using the following command.

mysql -e "SHOW DATABASES;" -p

Output:

[root@server ~]# mysql -e "SHOW DATABASES;" -p
Enter password:
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| performance_schema |
+--------------------+
[root@server ~]#

Install PHP

To Install PHP-FPM by running the following command.

yum install php php-mysqlnd php-fpm php-opcache php-gd php-xml php-mbstring -y

Output:

[root@server ~]# yum install php php-mysqlnd php-fpm php-opcache php-gd php-xml php-mbstring -y
Last metadata expiration check: 0:01:32 ago on Sat 16 Jul 2022 10:50:35 PM CEST.
Dependencies resolved.
================================================================================
 Package               Arch        Version                 Repository      Size
================================================================================
Installing:
 php                   x86_64      8.0.13-1.el9            appstream       14 k
 php-fpm               x86_64      8.0.13-1.el9            appstream      1.6 M
 php-gd                x86_64      8.0.13-1.el9            appstream       45 k
 php-mbstring          x86_64      8.0.13-1.el9            appstream      474 k
 php-mysqlnd           x86_64      8.0.13-1.el9            appstream      154 k
 php-opcache           x86_64      8.0.13-1.el9            appstream      511 k
 php-xml               x86_64      8.0.13-1.el9            appstream      136 k

Once the installation is complete, enable php-fpm (to start automatically upon system boot), start the php-fpm, and verify the status using the commands below.

systemctl start php-fpm

systemctl enable php-fpm

systemctl status php-fpm

Output:

[root@server ~]# systemctl status php-fpm
● php-fpm.service - The PHP FastCGI Process Manager
     Loaded: loaded (/usr/lib/systemd/system/php-fpm.service; enabled; vendor p>
     Active: active (running) since Sat 2022-07-16 22:55:32 CEST; 297ms ago
   Main PID: 4472 (php-fpm)
     Status: "Ready to handle connections"
      Tasks: 6 (limit: 11120)
     Memory: 12.5M
        CPU: 95ms
     CGroup: /system.slice/php-fpm.service
             ├─4472 "php-fpm: master process (/etc/php-fpm.conf)"
             ├─4473 "php-fpm: pool www"
             ├─4474 "php-fpm: pool www"
             ├─4475 "php-fpm: pool www"
             ├─4476 "php-fpm: pool www"
             └─4477 "php-fpm: pool www"

By default, PHP-FPM runs as the apache user. Since we are using the Nginx web server, we need to change the following line.

Using your favorite editor, edit the file /etc/php-fpm.d/www.conf.

nano /etc/php-fpm.d/www.conf

Find the below lines,

user = apache
group = apache

Change them into

user = nginx
group = nginx

Once changed, you will need to reload php-fpm,

systemctl reload php-fpm

Test your PHP, by creating a simple info.php file with a phpinfo() in it. The file should be placed in the root directory for your web server, which is /usr/share/nginx/html/.

To create the file use:

echo "<?php phpinfo() ?>" > /usr/share/nginx/html/info.php

Restart the Nginx and PHP-FPM.

systemctl restart nginx php-fpm

Now again, access http://localhost/info.php or http://yourserver-ip-address/info.php. You should see a page similar to the below one.

Done!

Hello,

In this week’s feature highlight, we look at How to Install GNOME GUI on Rocky Linux 9

To use Rocky Linux 9 in graphical mode, you will need to install the GNOME package on the system to enable GUI. We will go through the steps required to install GNOME GUI.

Check the available package groups for Rocky Linux 9.

dnf group list

Output:

[root@server ~]# dnf group list
Last metadata expiration check: 0:00:23 ago on Wed 20 Jul 2022 04:16:58 PM CEST.
Available Environment Groups:
   Server with GUI
   Server
   Workstation
   Custom Operating System
   Virtualization Host
Installed Environment Groups:
   Minimal Install
Available Groups:
   Legacy UNIX Compatibility
   Console Internet Tools
   Development Tools
   .NET Development
   Graphical Administration Tools
   Network Servers
   Container Management
   Headless Management
   Scientific Support
   Security Tools
   Smart Card Support
   System Tools
   RPM Development Tools

Installing Gnome GUI

Installing a Gnome GUI requires several packages to be installed on the server. Thankfully this process is simplified using the groupinstall option and all the required packages related to Gnome are grouped in the Server with GUI group.

dnf groupinstall "Server with GUI"

Output:

[root@server ~]#   dnf groupinstall "Server with GUI" --skip-broken
Last metadata expiration check: 0:08:30 ago on Wed 20 Jul 2022 04:51:24 PM CEST.
Dependencies resolved.
================================================================================
 Package                     Arch    Version                   Repository  Size
================================================================================
Installing group/module packages:
 cups                        x86_64  1:2.3.3op2-13.el9_0.1     appstream  1.3 M
 gutenprint-cups             x86_64  5.3.4-4.el9               appstream  576 k
 pnm2ppa                     x86_64  1:1.04-52.el9             appstream  220 k
Installing dependencies:
 cups-client                 x86_64  1:2.3.3op2-13.el9_0.1     appstream   71 k
 cups-filesystem             noarch  1:2.3.3op2-13.el9_0.1     appstream   13 k
 cups-filters                x86_64  1.28.7-10.el9             appstream  788 k
 cups-filters-libs           x86_64  1.28.7-10.el9             appstream  137 k
 foomatic                    x86_64  4.0.13-19.el9             appstream  235 k
 foomatic-db                 noarch  4.0-72.20210209.el9       appstream  1.2 M
 foomatic-db-filesystem      noarch  4.0-72.20210209.el9       appstream  8.2 k
 foomatic-db-ppds            noarch  4.0-72.20210209.el9       appstream   58 M
 ghostscript                 x86_64  9.54.0-7.el9              appstream   37 k
 ghostscript-tools-fonts     x86_64  9.54.0-7.el9              appstream   13 k
 ghostscript-tools-printing  x86_64  9.54.0-7.el9              appstream   13 k
 poppler-cpp                 x86_64  21.01.0-12.el9            appstream   55 k
 poppler-utils               x86_64  21.01.0-12.el9            appstream  231 k
 qpdf-libs                   x86_64  10.3.1-4.el9              appstream  634 k
 cups-ipptool                x86_64  1:2.3.3op2-13.el9_0.1     appstream  3.9 M
Installing Environment Groups:

To enable the GUI as default and boot into graphical mode.

systemctl set-default graphical

Output:

[root@server ~]# systemctl set-default graphical
Removed /etc/systemd/system/default.target.
Created symlink /etc/systemd/system/default.target → /usr/lib/systemd/system/graphical.target.

GUI Setup

Head over to CrownPanel to access the VNC feature for the next steps.

GUI welcome page will appear and it will prompt for various information to configure your server profile.

Create a user by providing the User name and Password.

Login Screen

Log in to the user which you’ve created.

Rocky Linux 9 desktop screen and its system information.

Rocky Linux 9 GNOME GUI complete!!!

Hello,

In this week’s feature highlight, we look at How to Install WordPress on AlmaLinux 9

WordPress is a Content Management System (CMS), a platform you can use to build and maintain a website without any knowledge of coding. This software enables you to customize just about every aspect of your site.

Prerequisites:

WordPress requires LAMP stack installed and running

For detailed installation, refer to LAMP Stack on Almalinux 9

Update Firewall Settings

The below commands will open or allow the HTTP (port 80) and HTTPS (port 443) and then reload the firewall configuration to effect.

firewall-cmd --permanent --zone=public --add-service=http

firewall-cmd --permanent --zone=public --add-service=https

firewall-cmd --reload

Output:

[root@server ~]# firewall-cmd --permanent --zone=public --add-service=http
success
[root@server ~]# firewall-cmd --permanent --zone=public --add-service=https
success
[root@server ~]# firewall-cmd --reload
success

Secure MariaDB Installation

Next, we secure our MariaDB installation and setup a root password for MariaDB

mysql_secure_installation

Output:

[root@server ~]# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:

Creating the new Database

Log into MySQL with the following command,

mysql -u root -p

First, we’ll create a new database,

CREATE DATABASE wordpress;

Next, create a new MySQL user account that we will use to operate on WordPress’s new database, with the username “admin”

CREATE USER `admin`@`localhost` IDENTIFIED BY '<Enter Strong Password here>';

Link the user and DB together by granting our user access to the database,

GRANT ALL ON wordpress.* TO `admin`@`localhost`;

Flush the privileges so that MySQL knows about the user permissions we just added,

FLUSH PRIVILEGES;

Exit out of the MySQL command prompt by typing,

exit

Output:

MariaDB [(none)]> CREATE DATABASE wordpress;
Query OK, 1 row affected (0.002 sec)

MariaDB [(none)]> CREATE USER `admin`@`localhost` IDENTIFIED BY 'STRONG PASSWORD HERE';
Query OK, 0 rows affected (0.003 sec)

MariaDB [(none)]> GRANT ALL ON wordpress.* TO `admin`@`localhost`;
Query OK, 0 rows affected (0.002 sec)

MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.002 sec)

MariaDB [(none)]> exit

Download and Extract WordPress

Download the WordPress by using the curl command and extract the downloaded file

curl https://wordpress.org/latest.tar.gz --output wordpress.tar.gz

tar xf wordpress.tar.gz

Copy the extracted WordPress directory into the /var/www/html directory

cp -r wordpress /var/www/html

Change permissions and change file SELinux security context

chown -R apache:apache /var/www/html/wordpress

chcon -t httpd_sys_rw_content_t /var/www/html/wordpress -R

Navigate to your browser

http://server_IP/wordpress

Start WordPress installation by clicking on the Run the installation button:

Provide the requested information

Once the WordPress is installed log in with your new user credentials