Host WordPress on Google Cloud Platform

Jun 23, 2019 8:31 pm
by Alex

Google Cloud Platform Sign in

Create a new VM under Compute Engine

I’ve use ubuntu 18.04 LTS and HDD size of 20GB
vm-creation

HDD Size

Hard Disk Size

Install Google Cloud SDK

https://cloud.google.com/sdk/
google cloud SDK
Choose your platform version

Config your new instance

First thing first

$ sudo apt-get update
$ sudo apt-get upgrade -y

Install Swap

$ sudo fallocate -l 1G /swapfile
$ sudo dd if=/dev/zero of=/swapfile bs=1024 count=1048576
$ sudo chmod 600 /swapfile
$ sudo mkswap /swapfile
$ sudo swapon /swapfile
$ sudo nano /etc/fstab

fstab

/swapfile swap swap defaults 0 0

Check mount

$ sudo mount -a

Install LAPM Stack (Linux, Apache, MySQL and PHP)

$ sudo apt install tasksel
$ sudo tasksel install lamp-server
$ sudo apt install php-curl php-gd php-mbstring php-xml php-xmlrpc

Config Domain

Add A record to DNS server

Configure Apache conf for website

$ sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/example.com.conf
$ sudo nano /etc/apache2/sites-available/example.com.conf
<Directory /var/www/example.com>
    Require all granted
</Directory> <VirtualHost *:80> ServerName example.com ServerAlias www.example.com ServerAdmin [email protected] DocumentRoot /var/www/example.com </VirtualHost>

Make directory

$ sudo mkdir -p /var/www/example.com

Reload configuration files

$ a2dissite 000-default.conf
$ a2ensite example.com.conf
$ systemctl reload apache2

Config Let’s Encrypt cert

Add repository:

$ sudo add-apt-repository ppa:certbot/certbot

Install Certbot’s Apache package with apt:

$ sudo apt install python-certbot-apache

verify the syntax of apache configuration file:

$ sudo apache2ctl configtest

Restart apache services

$ sudo systemctl reload apache2

Config Firewall

$ sudo ufw status

Add rules

$ sudo ufw allow 'Apache Full'
$ sudo ufw allow ssh
$ sudo ufw allow 10000

Remove rules

$ sudo ufw delete allow 'Apache'
$ sudo ufw delete allow 'ssh'
$ sudo ufw delete allow 10000

Enable ufw

$ sudo ufw enable

Get cert

$ sudo certbot --apache -d example.com -d www.example.com

Verifying Certbot Auto-Renewal

$ sudo certbot renew --dry-run

Create Database

$ mysql -u root
> CREATE DATABASE database;
> GRANT ALL PRIVILEGES ON database.* TO 'username'@'localhost' IDENTIFIED BY 'password';
> quit
$ mysql_secure_installation

Permalinks WordPress Fix

Enable apache rewrite for wordpress permalinks

$ sudo nano /etc/apache2/apache2.conf

Find

Options Indexes FollowSymLinks
AllowOverride None
Require all granted

Change
AllowOverride None
To
AllowOverride All

$ sudo a2enmod rewrite

Save and restart apache

$ sudo service apache2 restart

Config Apache2 PHP

$ sudo nano /etc/php/7.2/apache2/php.ini

max_input_time = 30
upload_max_filesize = 20M
post_max_size = 21M

Apache2 performance tweak

$ sudo nano /etc/apache2/mods-enabled/mpm_prefork.conf

StartServers 1
MinSpareServers 2
MaxSpareServers 5
MaxRequestWorkers 65
MaxConnectionsPerChild 1000

Save and restart apache

$ sudo service apache2 restart

Install WordPress

sudo wget https://wordpress.org/latest.tar.gz

Uupack the gz

tar -xvf latest.tar.gz

move all files to the site root

$ cd wordpress
$ sudo mv * ..

remove wordpress folder and gz file
Copy sample config file

sudo cp wp-config-sample.php wp-config.php

Edit the database user and password then remove the sample file

Check mpm config file

$ cd ~
$ wget https://raw.githubusercontent.com/richardforth/apache2buddy/master/apache2buddy.pl
$ sudo ./apache2buddy.pl

Add Permission to folders

$ chown -R www-data:www-data /var/www/html/*

Install and config Self sign certificate

Enable Apache SSL module

$ sudo a2enmod ssl
$ sudo service apache2 restart

Generate self sign certificate

$ sudo mkdir /etc/apache2/ssl
$ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

Edit Apache Site conf file

$ cd /etc/apache2/sites-available
$ sudo cp default-ssl.conf example-ssl.conf

Add SSLCertificateFile and SSLCertificateKeyFile path

SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key

Enable SSL site

$ sudo a2ensite example-ssl.conf
sudo service apache2 restart