Want more timely Centmin Mod News Updates?
Become a Member

Wordpress Wordpress - From development to production / Keep security

Discussion in 'Blogs & CMS usage' started by deschlong, Aug 14, 2018.

  1. deschlong

    deschlong New Member

    25
    5
    3
    Mar 1, 2018
    Ratings:
    +8
    Local Time:
    1:41 AM
    1.15
    10.1
    Hi all,

    I am currently working on a wordpress site local (virtual debian server with nginx) and would like to know how to move it later to a wordpress site installed with Menu option 22 and also to keep the security (important).

    Tried 'duplicator' plugin already, but something was screwed. After I uploaded the files from duplicator I was redirected to a Wordpress installation.

    Anyone has experience with moving a site from dev to production and also keep the CMM installed Wordpress security?

    Was also thinking about the CMM maintenance mode and whitelist my IP, but not sure if that would be a good practice, especially for SEO.

    Thanks!
     
  2. eva2000

    eva2000 Administrator Staff Member

    45,399
    10,300
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,978
    Local Time:
    9:41 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Very basic overview is

    1. Install Centmin Mod 123.09beta01 on server
    2. Temporarily update intended domain name DNS to point to centmin mod server IP
    3. Run centmin.sh menu option 22 to create wordpress site with intended domain and letsencrypt so you get a HTTPS based nginx wordpress site setup
    4. Log in to WP Admin and in settings make sure to check the option to disallow search engine indexing of site as it isn't ready to be indexed yet
    5. Then if need be update and remove domain name DNS (optional step) or leave as is
    6. Then on local wordpress dev copy, backup files and database backup via mysqldump to sql file
    7. Copy backup files and mysqldump based sql backup file to Centmin Mod server
    8. On Centmin Mod server create a new mysql username and database via addons/mysqladmin_shell.sh
    9. Backup Centmin Mod centmin.sh menu option 22 web root /public and the existing wordpress database named in wp-config.php
    10. Then transfer your dev local copy files into /public web root and overwrite the files and import your sql backup file into database created in step 8 - make sure permissions are correct for user/group
    Code (Text):
    chown -R nginx:nginx /home/nginx/domains/yourdomain.com/public

    11. On Centmin Mod server, edit centmin.sh menu option 22 created wordpress site's wp-config.php and change the mysql database user and database name to the ones created in step 8
     
  3. deschlong

    deschlong New Member

    25
    5
    3
    Mar 1, 2018
    Ratings:
    +8
    Local Time:
    1:41 AM
    1.15
    10.1
    Welp.. Forgot to add my IPv6 to the maintenance.conf... working with maintenance mode now and using a simple landing page with a timer.

    Much less hassle.
     
  4. eva2000

    eva2000 Administrator Staff Member

    45,399
    10,300
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,978
    Local Time:
    9:41 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Good to hear :)
     
  5. dooma

    dooma Active Member

    303
    31
    28
    Oct 15, 2016
    Cairo
    Ratings:
    +44
    Local Time:
    1:41 AM
    What is the difference between installing wordpress through option 22 and through the normal way like installing xenforo for example .... ??
     
  6. eva2000

    eva2000 Administrator Staff Member

    45,399
    10,300
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,978
    Local Time:
    9:41 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    In context of Wordpress caching for centmin.sh menu option 22 wordpress auto installer for Centmin Mod 123.09beta01 and newer, you have choice of 1 of 3 caching options automatically installed and configured and the following:
    1. Redis Nginx Level Caching - centmin.sh menu option 22 will auto install redis if not detected if you choose this in centmin.sh menu option 22 setup. Otherwise, need to install redis yourself. Best combined with Autoptimize WP plugin
    2. KeyCDN Cache Enabler for full page static html caching (safest choice for balance of performance and reliability). Best combined with Autoptimize WP plugin which is now automatically configured and installed when you choose KeyCDN Cache Enabler in latest 123.09beta01 version of centmin.sh menu option 22. Also configures Cache Enabler advanced caching which uses Nginx rules/config settings to bypass PHP usage for Nginx level caching and also automatically configures corresponding system level cronjob to clear the cache as advanced caching mode can't effectively use inbuilt admin panel set cache TTL purging which relies on PHP which is bypassed.
    3. WP Super Cache for full page static html caching. Best combined with Autoptimize WP plugin
    4. Tightened security with automatic rate limiting of wp-login.php, xmlrpc.php, wp-admin/load-scripts.php and wp-admin/load-styles.php. The latter 2 scripts are to workaround Wordpress DOS Attack Flaw Security CVE-2018-6389 which Wordpress refuse to fix on their end as they say the problem should be resolved at web server level which Centmin Mod Nginx has done via centmin.sh menu option 22
    5. Tightened security with inclusion of wpsecure include file for finer grain control over which Wordpress plugins you whitelist to operate on your wordpress install - see Wordpress - Wordpress 403 Permission Denied Errors
    6. Automatic randomisation of wordpress database prefix and database name and and database username and password.
    7. Automatic optimisation of wordpress database with additional indexing for performance/scaling.
    8. Automatic randomisation of Wordpress Admin userid within wordpress database instead of userid = 1
    9. Automatic install and activation of the following Wordpress plugins, Sucuri Security, disable XML RPC, and CDN Enabler (which you disable/remove if you don't need).
    10. Automatic creation and setup of system level cronjob for automatic Wordpress plugin updating every 8 hrs. The higher frequency of update/checks reduces the window of time a Wordpress plugin could be left vulnerable in terms of security updates needing an update. The /root/tools/wp_updater_yourdomain.com.sh auto generated cronjob scripts for each centmin.sh menu option 22 created Wordpress sites also optionally allow auto update of Wordpress core if you uncomment 4 lines within the cronjob script:
      Code (Text):
      #/usr/bin/wp core check-update --allow-root
      #/usr/bin/wp core update --allow-root
      #/usr/bin/wp core update-db --allow-root
      #/usr/bin/wp core update --allow-root
      
     
  7. dooma

    dooma Active Member

    303
    31
    28
    Oct 15, 2016
    Cairo
    Ratings:
    +44
    Local Time:
    1:41 AM
    where can I find the steps on how can I setup Wordpress using option 22 ?
     
  8. eva2000

    eva2000 Administrator Staff Member

    45,399
    10,300
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,978
    Local Time:
    9:41 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    centmin.sh menu option 22 outline for 123.08stable is on official site Wordpress Nginx Auto Installer (WP Super Cache is only cache choice in 123.08stable) . 123.09beta01 has a much improved version of centmin.sh menu option 22 implementation with lesser number of auto installed WP plugins. However, the steps are basically the same in that all you do is run centmin.sh menu option 22 and follow the question prompts and answer some questions.

    I recommend you select KeyCDN Cache Enabler method of caching in 123.09beta01 see Wordpress - Revisiting Wordpress Cache Enabler + Autoptimize Plugins For Page Load Speed Optimization