Going to Install WordPress on your Freedombox is easy. Out of the box you got this opportunity .
But you have no control nor security. Let me explain: Adding WordPress App does also add Maridadb-server (MySQL) in background, and it adds the database and tables for WordPress to work.
Everything is fine until you want to update your WP: Not allowed. Nor the themes. That’s a big security issue and leaves your Freedombox vulnerable. On top og that, here November 2022, the WP version app is 5.xx and very outdated.
To make it running you can fiddle around in the /etc/apachce2/ ini files to make it work but the WordPress files is not kept just one single place. It is scattered several places locking the flexibilty for you. Nor does FDB harden your database to keep intruders out. I will take care of all that here.
Solution:
IF your already installed WordPress: Delete WP APP of FDN and install it manual. Its very easy. It just comes with very strange behaviour:The mariadb server becomes deleted at next morning run 0600 hour. The good news is it seems to keep database and all its tables with content.
Guide
As Apache httpd comes preinstalled and is the base of your Freedombox we don’t have to focus on that but keeps stick on the missing parts . We do this easy tasks but requires access via SSH, terminal or your command line interface (console).
PHP Installation
Do:
#apt install mariadb-server php php7.4-mysql
php7.4-mysql is needed for running mysqli use the right version corresponding to your ver of php.
edit
#nano /etc/php/7.4/apache2/php.ini
find the part with
;;;;;;;;;;;;;;;;;;;;;;
; Dynamic Extensions ;
;;;;;;;;;;;;;;;;;;;;;;
edit this line
;extension=mysqli and remove the semicolon so it it become
extension=mysqli
Do:
#systemctl restart apache2
then do:
#mysql_secure_installation
and follow the instructions here. This keeps you mariadb hardened. Remember to write down the password.
Tip: Add an user with extended privileges and long secure password (a kind of second root user) and keep your root access limited to only having login on the physical box itself.
Adding Database and DB-user
You should now be able to make WordPress to work after adding a database, user and added the privileges:
Follow this guide: https://wordpress.org/support/article/creating-database-for-wordpress/
Follow the part “Using the MySQL Client” adding user, database, and giving the right privileges.
You could go and install PhpMyAdmin and add user and database this but I have not testet it and as it only for on task the setup takes far more time than make a single db and user.
Install WordPress
Now we ready to install WordPress as usual:
#cd /home/yourownaccount
#wget https://wordpress.org/latest.zip
#unzip latest.zip
Copy files to /var/www/html/wordpress
Change files owner and rights
After that do:
#cd /var/www
#chown -R www-data:www-data html
Done
This way WordPress got the right permissions to run.
Now you can go to your IP-address / domain and install WP.
Personally I don’t add access to the public until I have everything hardened. An easy way is to close all external ports in your outer border firewall (often your home router), until you have hardened everything with strong passwords and added a WP-Security Firewall in WP.
I know from experience that a public IP is attacked within 3 minutes or faster after opened up, so better protects yourself.