WooCommerce / Sample Implementation

The following guides assumes that you are familiar with Linux based systems, webservers and databases concepts.

This guide will describe how to complete a full Wordpress installation on Ubuntu 17.10 (installation steps may slightly vary with other distributions).

This guide will also explain how to connect the freshly created webshop with Stanley/Stella Systems that include:

• Our API Framework to periodically synchronize the referential - please refer to this page for further information

• Our webservice to quickly update stock position - please refer to this page for further information

 

You can do so with any service you wish to use, like Microsoft Azure or Amazon Webservices. As explained above, this guide will assume that you run an Ubuntu 17.10 server with MariaDB (MySQL). This guide also assume that your server runs with Apache2. 

You can do so with any service you wish to use, like Microsoft Azure or Amazon Webservices. As explained above, this guide will assume that you run an Ubuntu 17.10 server with MariaDB (MySQL). Our API is SSL encrypted so you will need to setup SSL certifications on your side as well to avoid errors.

It is wise to update the repository with the latest update, then upgrade all modules

$ sudo apt-get update
$ sudo apt-get upgrade

Now, install apache2 with required dependencies, and make sure it starts with the server

$ sudo apt install -y apache2 apache2-utils
$ sudo systemctl start apache2
$ sudo systemctl enable apache2
$ sudo chown www-data:www-data /var/www/html/ -R

Edit /etc/apache2/apache2.conf

$ sudo nano /etc.apache2/apache2.conf

Add the following directive:

ServerName localhost

Turn some apache mods on:

$ sudo a2enmod ssl
$ sudo a2enmod rewrite
$ sudo a2enmod headers

Finally restart the service to take your modification into account

$ sudo service apache2 restart

 

Install Maria DB with required dependencies, and make sure it starts with the server

$ sudo apt install mariadb-server mariadb-client

$ sudo systemctl start mariadb

$ sudo systemctl enable mariadb 

Secure MYSQL

Secure MySql installation by running the following command

$ sudo mysql_secure_installation

On Ubuntu 17.10 there is no root password defined at first setup, so just press "Enter" at the first prompt then define a new root password and start the secure install. You can basically press Y for all questions.

The Wordpress we'll install will use php7.1, so let's set it up:

$ sudo apt install php7.1 libapache2-mod-php7.1 php7.1-mysql php-common php7.1-cli php7.1-common php7.1-json php7.1-opcache php7.1-readline php7.1-mbstring php7.1-xml php7.1-gd php7.1-json php7.1-curl php-zip php-simplexml

Activate the php module and restart apache

$ sudo a2enmod php7.1

$ sudo systemctl restart apache2

Edit php.ini (check the exact path)

$ sudo nano /etc/php/7.1/apache2/php.ini

Make sure the following lines exists and are as follows

file_uploads = On

allow_url_fopen = On

memory_limit = 256M

upload_max_file_size = 64M

extension=simplexml.so

extension=zip.so

Check if correctly setup. Create a check file

sudo nano /var/www/html/info.php

In the file, copy paste the following directive

<?php phpinfo(); ?>

Then test at http://server_adress/info.php

For security reasons, remove that file afterwards:

$ sudo rm /var/www/html/info.php

Get the installation files an copy them to the correct folder

$ wget https://wordpress.org/latest.zip

$ sudo mkdir /var/www/wordpress

$ sudo apt install unzip

$ sudo unzip latest.zip

$ sudo mv wordpress/ /var/www/wordpress

Create the Wordpress Database

Log into the database manager:

$ sudo mariadb -u root

This launches the SQL interface. Type the following commands to create a database named wordpress with an authorized user named wpuser having your-password as password

> CREATE DATABASE wordpress;

> CREATE USER 'wpuser'@'localhost' IDENTIFIED BY 'your-password';

> grant all privileges on wordpress.* to wpuser@localhost identified by 'your-password';

> flush privileges;

> exit;

Configure Wordpress

Copy the standard wordpress configuration file

$ cd /var/www/wordpress

$ cp wp-config-sample.php wp-config.php

$ sudo nano wp-config.php

Edit the file to connect correctly to the DB :

define(‘DB_NAME’,’wordpress’);

define(‘DB_USER,’wpuser’);

define(‘DB_PASSWORD’,’your-password’);

Finally, correctly set the rights on the folder

$ sudo chown www-data:www-data /var/www/wordpress/ -R

The following assumes:

1. That you have a DNS (wordpress.example.com) pointing to your server (XXX.XXX.XXX.XXX)

2. That you have a Security Certificate located at /certificates/cert.pem – this one is optional and will enable https on your website. Yet there is no such good reason as not to SSL Encrypt a server.

Create HTTP Host

Run the following command to create an configuration file for the HTTP host

$ sudo nano /etc/apache2/sites-available/wordpress.conf

Then create your virtual host. You can Copy/Paste the following sample and tune it to your needs. DocumentRoot must match the installation folder of your wordpress.

<VirtualHost *:80>

ServerName wordpress.example.com

DocumentRoot /var/www/wordpress

<Directory "/var/www/wordpress">

AllowOverride All

</Directory>

ErrorLog ${APACHE_LOG_DIR}/wordpress.error.log

CustomLog ${APACHE_LOG_DIR}/wordpress.error.log combined

</VirtualHost>

 

Create HTTPS Host

Run the following command to create an configuration file for the HTTP host

$ sudo nano /etc/apache2/sites-available/wordpress-ssl.conf

Then create your virtual host. You can Copy/Paste the following sample and tune it to your needs. DocumentRoot must match the installation folder of your wordpress. SSLCipherSuite directive must be on on line.

<VirtualHost *:443>

ServerName wordpress.example.com

DocumentRoot /var/www/wordpress

# Enabling SSL

SSLEngine On

SSLProxyEngine On

SSLProxyVerify none

SSLProxyCheckPeerCN off

SSLProxyCheckPeerName off

SSLProxyCheckPeerExpire off

SSLProtocol all -SSLv2 -SSLv3

SSLHonorCipherOrder on

SSLCipherSuite "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"

Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"

RewriteEngine On

RewriteCond %{REQUEST_METHOD} OPTIONS

RewriteRule ^(.*)$ $1 [R=200,L]

SSLCompression Off

SSLCertificateFile /path_to_your_certificate/certificate.pem

<Directory "/var/www/testwp.com">

AllowOverride All

</Directory>

ErrorLog ${APACHE_LOG_DIR}/wordpress.error.log

CustomLog ${APACHE_LOG_DIR}/wordpress.error.log combined

</VirtualHost>

Once done, check if you didn’t make any syntax error

$ sudo apache2ctl configtest

This should return “Syntax OK”. If yes, enable both sites and restart the Apache2 service

$ sudo a2ensite wordpress.conf

$ sudo a2ensite wordpress-ssl.conf

$ sudo service apache2 restart

You can do so with any service you wish to use, like Microsoft Azure or Amazon Webservices. As explained above, this guide will assume that you run an Ubuntu 17.10 server with MariaDB (MySQL). Our API is SSL encrypted so you will need to setup SSL certifications on your side as well to avoid errors.