Over the last several weeks (yes, weeks) I've been trying to figure out how to best implement a multi-WordPress server; that is, how does one get more than one site onto the same server? I'm not talking about WordPress MU; no, I'm talking about two (or more) entirely independent sites (and it's just as easy to do just one). Furthermore, how do we do this using the standard Raspbian image? Most tutorials for doing this have you using a Raspberry Pi Ubuntu image. After several attempts and close to two dozen websites I've managed to get it working rather nicely, and I’m here to share the how-to.
To get our multi-site server running (WordPress or even static HTML sites), we'll need a few things:
- Raspberry Pi 3 (that's what I'm using)
- Fresh install of Raspbian. I'm using Stretch Lite; I log in strictly with SSH.
- And a good internet connection that allows inbound Port 80 forwarding.
Get SSH up and running, headlessThere are plenty of tutorials on how to burn that image to your SD card, but I admit I much prefer using Etcher to get this done. It works on Mac, Linux, and Windows and makes creating an image a snap.
After you get the image baked you'll want to enable SSH (and WiFi if you're not using an ethernet cable). I wrote a quick guide on that a few months ago, but needless to say, you need to get SSH running at the very least as that'll be the means by which this tutorial is going to follow.
With your SD card in the machine (I'm using a Mac), open up terminal/shell and navigate to your image. If you're using the standard Raspbian image, it should be called boot. Type in
sudo nano /Volumes/boot/ssh
This will give you a blank file to edit. If you were to just click control+X to save it as normal you'd end up with a nothing-burger. So, to make sure the nano editor think you did something just type the letter "a" and backspace/delete it. Now, press Control+X to save, Y to agree, and enter to save it with the name
ssh. This is all you need to do, have a blank ssh file. Be sure to exit out of terminal properly to close out the session by typing
exit. Now we can plug in your SD card and power up the Pi.
Find that addressAgain, I use a cable with my server RPi and not WiFi. After it's all plugged in and on for about a minute we need to find the address. On my Mac's terminal I use:
ping -c 1 raspberrypi.local
This should list out the address info for your newly installed RPi. You'll use that address for your login via SSH.
ssh [email protected] Password:
Use raspberry to log in (<-- Default Password) and replace the address with your own, mine is the one listed above.
You'll be reminded to change your password first thing by way of using
passwd. Please, do that NOW!
Update. Update. Update.No RPi tutorial would be complete without the "you need to update your machine" verbiage. So, here's mine, UPDATE YOUR MACHINE. Start with the standard:
Navigate via your arrow keys to Adnavced Options and hit enter. The top option will be Expand Filesystem, hit enter, read, and allow it to do its thing. Look around and play around. If all else fails, and you break something, we haven't gotten that far yet.
sudo apt update && sudo apt upgrade -y (Drop the -y if you want to see what's being downloaded, otherwise, use it and let it run.)
If for some reason you get some packages that won't install go ahead and use:
sudo apt dist-upgrade
After this is done, I'd do a cursory reboot:
sudo reboot now
You'll note that I'm using apt instead of apt-get. There are a few differences between the new and the old, but for me, it's the nice progress bar that you get now. Check this out for more on the diff.
After we're done doing a general upgrade let's also do a firmware upgrade. Yep, you can do that too on the Raspberry Pi.
sudo rpi-update then after that's done you'll want to reboot again:
sudo reboot now
Add a Little SecurityThis isn't strictly necessary, but the world we live in proves it would be a good idea to add at least a little security to your RPi in an effort to deter those that would try to take over your kitty-cat blog (don't laugh, I had one at one time). Let's start with adding Fail2ban which will ban a host for 10 minutes after 6 unsuccessful login attempts via SSH (the main means I/we'll be connecting to our Pi.
sudo apt install fail2ban
After it loads:
sudo service fail2ban start will get it started. I'll auto load from now on.
That's it. You're now protected. Check out the Fail2Ban page above for more details on how to change the default settings.
Next, we're going to add UncomplicatedFirewall to the security mix.
sudo apt install ufw
And after it's installed:
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
You can also do a sudo
ufw allow ftp if you'd like too (we'll also add a rule for Nginx later).
After you've added the services you want open to use, run:
sudo ufw show added
If everything you want is there, let's start the firewall:
sudo ufw enable Read the warning! Then:
sudo ufw status verbose
We're now set up with a fresh install of Raspian and a little added security to keep us safer. Next, we'll be going down the path of installing the backbone to our Wordpress installation with PHP7.1, MariaDB, and Nginx. On to PART II.