[Support] kru-x - wordpress


Recommended Posts

Wordpress doesnt "complain" about the old php version under ./wp-admin/site-health.php?

My current site runs ubuntu 16 and php 7.0.33 to where the my virtualbox runs 18 and php7.4 (and i might even go for ubuntu 20 lts since i got released recently. Not sure if that comes with php7.4 or higher

 

@Kru-x how do you keep WP up to date? everytime wp has a new version we get an updated docker ?

Edited by sjoerd
Link to comment
11 hours ago, sjoerd said:

Hi,

 

Currently moving from my virtualbox vm (ubuntu 18lst, apache, php7, mariadb10xx, wordpress) to a kvm on unraid but I noticed a mariadb docker and new wordpress docker.

 

I might go for the these two dockers. Just question.

The WordPress docker. Does that contain the apache webserver as well - which version of php does is have. I php libs are missing how can we deal with that. Currently installing php as follows:


$ sudo apt update
$ sudo apt -y install software-properties-common
$ sudo add-apt-repository ppa:ondrej/php
$ sudo apt update
$ sudo apt -y install php7.4
$ sudo apt -y install php7.4-curl
$ sudo apt -y install php7.4-mbstring
$ sudo apt -y install php7.4-imagick
$ sudo apt -y install php7.4-zip
$ sudo apt -y install php7.4-gd
$ sudo apt -y install php7.4-mysql

If the two dockers give too much hassle I rather stick with a kvm (which is nearly done configuring)

 

I just like the concept of using dockers tho but if it hinders me I'll skip and I don;t have the knowledge how to make my own dockers

 

 

Hi Sjored,

 

Using a docker is less hassle then you think, it's dead easy to use and really versatile, like eating a cake with out have to make it first :-), might take a little bit to get your head around how to make a docker container if needed but it is not that complicated. 

 

This docker has

PHP Version:              7.3.6
MySQL Version:            5.5.5
Web Server Info:          Apache/2.4.25 (Debian)

 

As for the libs, WP has all the libraries that it needs and most of them as per your list above. If you for some reason need another one you have to ad them and to your own container.

Not often I have needed though, but I have used some external libraries and have both made my own docker container and used some in my plugin.

 

WP updates just like normal, under the update tab!

 

Hope it helps,

Kru-x

  • Thanks 1
Link to comment
10 hours ago, sjoerd said:

Wordpress doesnt "complain" about the old php version under ./wp-admin/site-health.php?

My current site runs ubuntu 16 and php 7.0.33 to where the my virtualbox runs 18 and php7.4 (and i might even go for ubuntu 20 lts since i got released recently. Not sure if that comes with php7.4 or higher

 

@Kru-x how do you keep WP up to date? everytime wp has a new version we get an updated docker ?

Ill think you find it running much smoother in a container, instead having a full blown Operating system you use the minimal one in the container. The WP container is the the official container in the docker hub  https://hub.docker.com/_/wordpress, very smart guys maintaining it.

 

My site is getting high scores when bench-marking the site even thought my unraid server is a 10 year old HP micro server with 8MB ram. Ok my site is not a high traffic site but I am really impressed of the performance and love the setup, can fire up a copy or a new site in minutes and toss them away when I am done with them.

 

Sold? ;-)

Kru-x

  • Thanks 1
Link to comment

Hey guys, I need some help. When i go to the domain i own from Google i get the Welcome to our server from the NGINX. Does anyone have a config that aims NGINX to Wordpress website i am trying to build? 

This is the config i am using under letsencrypt/nginx/proxy-confs/

 

# REDIRECT WWW TO https://[domain.com]
server {
 listen 80;
 listen 443 ssl http2;
 server_name www.domainame.com; 
 return 301 https://domainame.com$request_uri;
}

# REDIRECT HTTP TRAFFIC TO https://[domain.com]
server {
    listen 80;
    server_name domainame.com; 
    return 301 https://domainame.com$request_uri;
}

# BLOG SITE
server {
 listen 443 ssl http2;
 server_name domainame.com;

## Source: https://github.com/1activegeek/nginx-config-collection
## READ THE COMMENT ON add_header X-Frame-Options AND add_header Content-Security-Policy IF YOU USE THIS ON A SUBDOMAIN YOU WANT TO IFRAME!

## Certificates from LE container placement
ssl_certificate /config/keys/letsencrypt/fullchain.pem;
ssl_certificate_key /config/keys/letsencrypt/privkey.pem;

## Strong Security recommended settings per cipherli.st
ssl_dhparam /config/nginx/dhparams.pem; # Bit value: 4096
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0
ssl_session_timeout  10m;

## NOTE: The add_header Content-Security-Policy won't work with duckdns since you don't own the root domain. Just buy a domain. It's cheap
## Settings to add strong security profile (A+ on securityheaders.io/ssllabs.com)

add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none; #SET THIS TO index IF YOU WANT GOOGLE TO INDEX YOU SITE!
add_header Content-Security-Policy "frame-ancestors https://*.$server_name https://$server_name"; ## Use *.domain.com, not *.sub.domain.com (*.$server_name) when using this on a sub-domain that you want to iframe!
add_header X-Frame-Options "ALLOW-FROM https://*.$server_name" always; ## Use *.domain.com, not *.sub.domain.com (*.$server_name) when using this on a sub-domain that you want to iframe!
add_header Referrer-Policy "strict-origin-when-cross-origin";

add_header Feature-Policy "geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;";
#FEATURE POLICY: READ MORE HERE: https://scotthelme.co.uk/a-new-security-header-feature-policy/

proxy_cookie_path / "/; HTTPOnly; Secure"; ##NOTE: This may cause issues with unifi. Remove HTTPOnly; or create another ssl config for unifi.
more_set_headers "Server: Classified";
more_clear_headers 'X-Powered-By';
 
 client_max_body_size 0; 
 
 root /config/www/wordpress/;
 index index.html index.php;
  
location ~ /\. {
deny all;

location / {
try_files $uri $uri/ /index.php?_url=$uri&$query_string; 
}

 
# PHP
 location ~ \.php$ {
 fastcgi_split_path_info ^(.+\.php)(/.+)$;
 # With php7-cgi alone:
 fastcgi_pass 127.0.0.1:9000;
 # With php7-fpm:
 #fastcgi_pass unix:/var/run/php7-fpm.sock;
 fastcgi_index index.php;
 include /etc/nginx/fastcgi_params;
 }
 
 fastcgi_buffer_size 4K;
 fastcgi_buffers 64 4k; 
}

Link to comment

I have deleted the container WordPress and deleted the database and user from MariaDB, then i deleted the folder /mnt/user/appdata/wordpress. Now, i have reinstalled everything and tried it again and the admin page does not come up. i check the database wordpress in myphpadmin and there is nothing been created for the database. Can someone please help me figure this out. Thank you.

 

this is whats on the logs.

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.18.0.5. Set the 'ServerName' directive globally to suppress this message
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.18.0.5. Set the 'ServerName' directive globally to suppress this message
[Sun May 17 19:00:49.996054 2020] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.38 (Debian) PHP/7.3.18 configured -- resuming normal operations
[Sun May 17 19:00:49.996088 2020] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'

 

Edited by Tucubanito07
Link to comment
6 hours ago, Tucubanito07 said:

Hey guys, I need some help. When i go to the domain i own from Google i get the Welcome to our server from the NGINX. Does anyone have a config that aims NGINX to Wordpress website i am trying to build? 

This is the config i am using under letsencrypt/nginx/proxy-confs/

 

# REDIRECT WWW TO https://[domain.com]
server {
 listen 80;
 listen 443 ssl http2;
 server_name www.domainame.com; 
 return 301 https://domainame.com$request_uri;
}

# REDIRECT HTTP TRAFFIC TO https://[domain.com]
server {
    listen 80;
    server_name domainame.com; 
    return 301 https://domainame.com$request_uri;
}

# BLOG SITE
server {
 listen 443 ssl http2;
 server_name domainame.com;

## Source: https://github.com/1activegeek/nginx-config-collection
## READ THE COMMENT ON add_header X-Frame-Options AND add_header Content-Security-Policy IF YOU USE THIS ON A SUBDOMAIN YOU WANT TO IFRAME!

## Certificates from LE container placement
ssl_certificate /config/keys/letsencrypt/fullchain.pem;
ssl_certificate_key /config/keys/letsencrypt/privkey.pem;

## Strong Security recommended settings per cipherli.st
ssl_dhparam /config/nginx/dhparams.pem; # Bit value: 4096
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0
ssl_session_timeout  10m;

## NOTE: The add_header Content-Security-Policy won't work with duckdns since you don't own the root domain. Just buy a domain. It's cheap
## Settings to add strong security profile (A+ on securityheaders.io/ssllabs.com)

add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none; #SET THIS TO index IF YOU WANT GOOGLE TO INDEX YOU SITE!
add_header Content-Security-Policy "frame-ancestors https://*.$server_name https://$server_name"; ## Use *.domain.com, not *.sub.domain.com (*.$server_name) when using this on a sub-domain that you want to iframe!
add_header X-Frame-Options "ALLOW-FROM https://*.$server_name" always; ## Use *.domain.com, not *.sub.domain.com (*.$server_name) when using this on a sub-domain that you want to iframe!
add_header Referrer-Policy "strict-origin-when-cross-origin";

add_header Feature-Policy "geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;";
#FEATURE POLICY: READ MORE HERE: https://scotthelme.co.uk/a-new-security-header-feature-policy/

proxy_cookie_path / "/; HTTPOnly; Secure"; ##NOTE: This may cause issues with unifi. Remove HTTPOnly; or create another ssl config for unifi.
more_set_headers "Server: Classified";
more_clear_headers 'X-Powered-By';
 
 client_max_body_size 0; 
 
 root /config/www/wordpress/;
 index index.html index.php;
  
location ~ /\. {
deny all;

location / {
try_files $uri $uri/ /index.php?_url=$uri&$query_string; 
}

 
# PHP
 location ~ \.php$ {
 fastcgi_split_path_info ^(.+\.php)(/.+)$;
 # With php7-cgi alone:
 fastcgi_pass 127.0.0.1:9000;
 # With php7-fpm:
 #fastcgi_pass unix:/var/run/php7-fpm.sock;
 fastcgi_index index.php;
 include /etc/nginx/fastcgi_params;
 }
 
 fastcgi_buffer_size 4K;
 fastcgi_buffers 64 4k; 
}

Get this question ones a a while and I am not that confident in NGINX proxy settings, I recommend using "NginxProxyManager", spare you a lot of headaches. If you still want to take the more manual route please ask the question in the "Letsencrypt" container support, but one thing I see is that you are redirecting to a https address when the redirection should be internally to ex.  http://192.168.1.100:8080

Link to comment
2 hours ago, Tucubanito07 said:

I have deleted the container WordPress and deleted the database and user from MariaDB, then i deleted the folder /mnt/user/appdata/wordpress. Now, i have reinstalled everything and tried it again and the admin page does not come up. i check the database wordpress in myphpadmin and there is nothing been created for the database. Can someone please help me figure this out. Thank you.

 

this is whats on the logs.


AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.18.0.5. Set the 'ServerName' directive globally to suppress this message
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.18.0.5. Set the 'ServerName' directive globally to suppress this message
[Sun May 17 19:00:49.996054 2020] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.38 (Debian) PHP/7.3.18 configured -- resuming normal operations
[Sun May 17 19:00:49.996088 2020] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'

 

Did you delete the folder for the MariaDB as well? 

Link to comment
9 minutes ago, Kru-x said:

Get this question ones a a while and I am not that confident in NGINX proxy settings, I recommend using "NginxProxyManager", spare you a lot of headaches. If you still want to take the more manual route please ask the question in the "Letsencrypt" container support, but one thing I see is that you are redirecting to a https address when the redirection should be internally to ex.  http://192.168.1.100:8080

I am trying to setup so I don’t have so many container that do the same thing. I will have to try it out with NginxProxyManager and see how it is. 

Link to comment
9 minutes ago, Tucubanito07 said:

I am trying to setup so I don’t have so many container that do the same thing. I will have to try it out with NginxProxyManager and see how it is. 

I get that, but it is better to separate the different systems and pair them together eg my-wordpress & my-wordpress-MariaDB. Then you can toss it away/copy and without risking to bugger up the other one. NginxProxyManager will sort out all your proxied redirections and it is really easy.

Kru-x

Link to comment
4 hours ago, Tucubanito07 said:

I already have a MariaDB. When I go and try to Intel another one it tells me to edit. I can’t add another container. Sorry I am sorta a noob and learning as I go. 

You can have as many as you like, just add a new one with a different name ex. my-wordpress-MariaDB then you have to choose a different port. All containers have to have different ports, then in the WordPress template add the ip:port of the DB container. See post: for explanation of settings.

Hope it helps,

Kru-x

Link to comment
5 hours ago, Kru-x said:

You can have as many as you like, just add a new one with a different name ex. my-wordpress-MariaDB then you have to choose a different port. All containers have to have different ports, then in the WordPress template add the ip:port of the DB container. See post: for explanation of settings.

Hope it helps,

Kru-x

I have to try this after I am done with work. The reason why I want to use linuxserver Letsencrypt because I have a reverse proxy. The application you are referring to does not I believe. Thank you so much. I will update when I try to see if it works with the NginxProxyManager.  However, I was trying to do it last night and it said that my domain already had a cert. so I removed my domain from the linuxserver container and I will try later to see if it lets me. 

Link to comment
6 hours ago, Tucubanito07 said:

I have to try this after I am done with work. The reason why I want to use linuxserver Letsencrypt because I have a reverse proxy. The application you are referring to does not I believe. Thank you so much. I will update when I try to see if it works with the NginxProxyManager.  However, I was trying to do it last night and it said that my domain already had a cert. so I removed my domain from the linuxserver container and I will try later to see if it lets me. 

NginxProxyManager is a reverse proxy manager with nginx & letsencrypt built in, it can handle all your proxies, read up about it at https://nginxproxymanager.com/guide/

Add your domain name and direct it to your internal WordPress container, Scheme: http,  Forward Hostname / IP: "server IP (ex. 192.168.1.100)", Forward Port: 9999 then request a new SLL cert with letsencrypt and away you go. Its easy as that!

 

Kru-x

Link to comment
6 minutes ago, Kru-x said:

NginxProxyManager is a reverse proxy manager with nginx & letsencrypt built in, it can handle all your proxies, read up about it at https://nginxproxymanager.com/guide/

Add your domain name and direct it to your internal WordPress container, Scheme: http,  Forward Hostname / IP: "server IP (ex. 192.168.1.100)", Forward Port: 9999 then request a new SLL cert with letsencrypt and away you go. Its easy as that!

 

Kru-x

ok so i just tried that and it did not work. Why do i have to forward 9999? Do i have to change anything in the Word Press, like the WordPress Address (URL)? I also tried my port 8080 and it does not do anything.

 

image.thumb.png.23ca1434c4717591e2e1e92682d9300a.png

Link to comment
On 5/12/2020 at 9:53 PM, Kru-x said:

Hi Sjored,

 

Using a docker is less hassle then you think, it's dead easy to use and really versatile, like eating a cake with out have to make it first :-), might take a little bit to get your head around how to make a docker container if needed but it is not that complicated. 

 

This docker has

PHP Version:              7.3.6
MySQL Version:            5.5.5
Web Server Info:          Apache/2.4.25 (Debian)

 

As for the libs, WP has all the libraries that it needs and most of them as per your list above. If you for some reason need another one you have to ad them and to your own container.

Not often I have needed though, but I have used some external libraries and have both made my own docker container and used some in my plugin.

 

WP updates just like normal, under the update tab!

 

Hope it helps,

Kru-x

 

 

Sorry for the late reply. I will look into it when I got my site running as I want it. Been bit hectic around here right now. Is seem like I should be moving to docker but I got little time to dig in (and maybe a little time is all i need - i know)

Link to comment
5 minutes ago, Tucubanito07 said:

This is how i have it setup now.

 

Ok,

Is your unraid server IP 10.10.7.4 ? What container port are you using for WordPress?

  • the port 9999 was just an example and should be the port of your WordPress container (or any container port that you forward to).
  • Only use Forward SSL check until you have it working
  • Have you redirected your routers port 443 & 80 to NginxProxyManager's ports?

And do not start the WordPress installation until you have this above working and you can connect to it with your google address, eg. delete both folders and reinstall bot containers as per what I mentioned earlier.

Link to comment
17 minutes ago, sjoerd said:

 

 

Sorry for the late reply. I will look into it when I got my site running as I want it. Been bit hectic around here right now. Is seem like I should be moving to docker but I got little time to dig in (and maybe a little time is all i need - i know)

But you have time to "sudo" install packages? ;-) That's when my head starts spinning. For simple things like using standard containers in unraid, you really don't need to know much about it, just the settings. But you'll love docker and the power of it if you dig in to it and you get the hang of it!

  • Thanks 1
Link to comment
13 minutes ago, Kru-x said:

Ok,

Is your unraid server IP 10.10.7.4 ? What container port are you using for WordPress?

  • the port 9999 was just an example and should be the port of your WordPress container (or any container port that you forward to).
  • Only use Forward SSL check until you have it working
  • Have you redirected your routers port 443 & 80 to NginxProxyManager's ports?

And do not start the WordPress installation until you have this above working and you can connect to it with your google address, eg. delete both folders and reinstall bot containers as per what I mentioned earlier.

 

My unraid is 10.10.7.4. I am using port 8080.

 

image.png.f6b5af279c99c3492269154da20df262.png

 

What do you mean by Forward SSL until i have it working?

I have redirected my ports on the router.

image.thumb.png.5dc7f5ed6fc95ba89403aeff164a1c10.png

 

 

image.thumb.png.ced9ad892348badf725923f4e71ded56.png

Also, thank you for your help. I switched all of my letsencrypt like nextcloud and bitwarden and those are working.

 

Edited by Tucubanito07
Link to comment
5 minutes ago, Tucubanito07 said:

I am using my main domain. For example: mywebsite.com instead of wordpress.mywebsite.com. I dont think that is an issue but just wondering. @Kru-x

Yea you should, is nextcloud working and you can connect to it with your external address(through proxymanager)?

Edited by Kru-x
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.