This guide has been written for a competent developer or server administrator to set up the Magento webshop. The installation instructions assume you have a fully qualified and recent Ubuntu server at hand, with root access. Besides the tips described in this manual, ITsyndicate's system administrators and developers elaborated automated installation of Magento websites. Please, contact us to find out more details about automated Magento installation services.
One of the first things to do before installing any server software, to an Ubuntu, or any other Linux server is to ensure that the operating system itself is up to date. Run the updates you would need to issue the apt-get commands update and upgrade. The former will update the local cache of the list of software available, and the latter will actually trigger the upgrade to be performed.
So, in most of the cases, one would log into the console as root and hit
apt-get --yes update && apt-get --yes upgrade
After a successful upgrade/update cycle you might need or just want to reboot the server to make sure everything is set up. For example, many recent Debian includes kernel or bootloader updates, and those would only become into effect after reboot. However, they might not be relevant to the upcoming Magento installation with Nginx web server but were good for the health of the server generally.
From now on, we don’t any more issue the ssh command, but just the relevant shell commands on the root shell, for simplicity.
To install Magento, you would follow a similar procedure as with any other web application. The usual combination of database, and web server comes up with Magento with an enhanced PHP processor and variation of MySQL. The Web server chosen here is Nginx, which is becoming more and more popular among the server markets. When we provide management services, we use Nginx, because it gives an opportunity to speed up the work of the application, it's flexible in configuration, and easily allows coping with load in high-loaded projects. Percona Server provides a replacement of MySQL with added features (for more information on Percona please check their documentation under ww.percona.com. Percona is not part of the standard Ubuntu distribution, so we need first add that source to the distribution so that apt-get command will find it and look for any updates. That is done by first issuing the proper key for the archive, removing any existing MySQL servers, and then editing the source list to add the corresponding repositories.
apt-key adv --keyserver keys.gnupg.net --recv-keys 1C4CBDCDCD2EFD2A
apt-get --yes --purge remove mysql-server mysql-client mysql-common && apt-get --yes autoremove
cat <<EOF >> /etc/apt/sources.list
# Percona update sources
deb http://repo.percona.com/apt "$(lsb_release -sc)" main
deb-src http://repo.percona.com/apt "$(lsb_release -sc)" main
EOF
cat <<EOF > /etc/apt/preferences.d/00percona.pref
Package: *
Pin: release o=Percona Development Team
Pin-Priority: 1001
EOF
After the source list has been updated, you need to update the local APT cache again, by issuing the update command and then installing the percona server.
apt-get --yes update && apt-get install percona-server-server
During the installation of percona server, you will need to respond to the wizard questions, such as setting up the password.
The next step is to install the prerequisites for Magento installation, that is the PHP and related modules. There will also be Nginx web server installed, along with the database management interface web application.
apt-get --yes install php5 php5-mhash php5-mcrypt php5-curl php5-cli php5-mysql php5-gd nginx php5-fpm php5-memcache php-apc ntp phpmyadmin
Note! For the production installation, one should take special care to ensure that the PHPMyAdmin component is properly secured.
After the installation, run the MySQL utility to ensure that the basic security mechanisms are set in place, such as disabling root login for particular situations.
mysql_secure_installation
The MySQL wizard will ask you specific questions and set up the environment accordingly. However, it is also good to get familiar with the overall architecture, to make sure that for example on the networking level the connections to the MySQL instance were silently dropped.
Besides the above-described, there are lots of other security options which we provide in our server management plans. As you have the database up and running, even when it is the percona variant, the usual MySQL commands and the same old SQL queries are in place. Hence to create the database, you would need to execute the following SQL commands against the database.
mysql -u root -p
create database magento;
GRANT USAGE ON *.* TO magento@localhost IDENTIFIED BY 'magento';
GRANT ALL ON magento.* TO magento@localhost;
This will essentially create the database, and grant permissions for a local user with a naive password, to access that database.
Note! For secure installations, one should choose a secure password instead of a simple one.
First of all, you need to create a directory under /var/www/ with the name of the domain installed, or the one you want to use. For example, for the domain.com, one would create the directory, as follows.
mkdir -p /var/www/domain.com/public_html
After the directory has been created, you would move into it
cd /var/www/domain.com/public_html
download and extract the Magento package
wget http://www.magentocommerce.com/downloads/assets/1.9.0.1/magento-1.9.0.1.tar.gz
tar xzvf magento-1.9.0.1.tar.gz
rm magento-1.9.0.1.tar.gz
mv magento/* .
rm -rf magento
As the Magento installation package has been downloaded and extracted under the /var/www tree, the final step is to set up and configure the Nginx web server, so as to serve the Magento content from that directory. First thing is to remove the default configuration file.
rm /etc/nginx/sites-enabled/default
Note here, that you are actually removing a symbolic link, from the “sites-enabled” folder, and the original default config will stay in the “sites-available” folder, should you need it afterward.
Then place the correct nginx.conf file. You may also use nano or any of your favorite text editors, or just upload the file from your local work directory (like saying scp nginx.conf root@server:/etc/nginx).
nano /etc/nginx/nginx.conf
user www-data;
worker_processes 4;
pid /var/run/nginx.pid;
events {
worker_connections 10000;
multi_accept on;
use epoll;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format loadtime '$remote_addr - $remote_user [$time_local] '
'$request_time "$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" ';
access_log off;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;
client_max_body_size 100m;
autoindex off;
map $scheme $fastcgi_https { ## Detect when HTTPS is used
default off;
https on;
}
include /etc/nginx/sites-enabled/*;
}
Then you need to set up the domain-specific configuration for Magento under the sites-available folder and symlink that to the sites-enabled folder. The above configuration script will include all the configurations from the sites-enabled folder, but not from the sites-available. This is a handy and standard layout scheme in many of the Linux distributions, as then the administrator is able to toggle the online status of one domain, without losing the original configuration file (as each site is only enabled by the symbolic link).
To set up the domain-specific configuration file, you can use the same approach as before, either your favorite text editor, like nano or vim, on the server, or locally notepad and transfer the file to the server.
Note! Choose the appropriate domain name for your particular installation situation. In this example we use domain.com, but obviously, for any production installation, the actual domain name should be used.
For the production installation, please note that an additional configuration should be created to enable the SSL for the Magento installation. This example will only set up a plain text HTTP version, which would leave the use of user credentials vulnerable and should not be used in the production environment.
nano /etc/nginx/sites-available/domain.com
server {
listen 80;
server_name DOMAIN.com;
## Forcibly prepend a www
rewrite / $scheme://www.$host$request_uri permanent;
}
server {
listen 80 default;
## SSL directives might go here
server_name www.DOMAIN.com *.DOMAIN.com; ## Domain is here twice so server_name_in_redirect will favour the www
root /var/www/vhosts/DOMAIN.com;
location / {
index index.html index.php; ## Allow a static html file to be shown first
try_files $uri $uri/ @handler; ## If missing pass the URI to Magento's front handler
expires 30d; ## Assume all files are cachable
}
## These locations would be hidden by .htaccess normally
location ^~ /app/ { deny all; }
location ^~ /includes/ { deny all; }
location ^~ /lib/ { deny all; }
location ^~ /media/downloadable/ { deny all; }
location ^~ /pkginfo/ { deny all; }
location ^~ /report/config.xml { deny all; }
location ^~ /var/ { deny all; }
location /var/export/ { ## Allow admins only to view export folder
auth_basic "Restricted"; ## Message shown in login window
auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword
autoindex on;
}
location /. { ## Disable .htaccess and other hidden files
return 404;
}
location @handler { ## Magento uses a common front handler
rewrite / /index.php;
}
location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
rewrite ^(.*.php)/ $1 last;
}
location ~ .php$ { ## Execute PHP scripts
if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss
expires off; ## Do not cache dynamic content
fastcgi_pass 127.0.0.1:9000;
fastcgi_param HTTPS $fastcgi_https;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores
fastcgi_param MAGE_RUN_TYPE store;
include fastcgi_params; ## See /etc/nginx/fastcgi_params
}
}
Then back on the shell, build the symbolic link to the sites-enabed folder, to let the Nginx find out your domain configuration and include it in the main configuration upon launch of the web server.
ln -s /etc/nginx/sites-available/domain.com /etc/nginx/sites-enabled/
service nginx restart
After the web server has been restarted, there is still fine-tuning of the PHP execution environment. PHP-FPM is a custom enhancement for the PHP application execution environment, it enforces the FastCGI execution environment to bring up features related to process control. It has been chosen by Magento to improve the stability and reliability of the Magento instances running for busy environments.
The module requires a specific operating system-level user to be created. Please choose here your favorite username, instead of just “username”, like phpfpmuser or alike, so that you can identify it later on. Also as the user should never log in, please ensure that it is safe enough! Additionally, some configurations might not want to create a separate user to run with but use the existing web user “www-data” instead. Please ensure from the FPM documentation and from the system architecture plan on the specifics of the chosen username to run FPM under.
useradd username -d /var/www/domain.com -s /bin/bash
passwd username
As the user has been created, the configuration for FPM needs to be stored. Again you may use either your favorite text editor locally or remotely, or write the file via a shell script cat command, like in this example.
ln -s /etc/nginx/sites-available/domain.com /etc/nginx/sites-enabled/
service nginx restart
cat <<EOF > /etc/php5/fpm/pool.d/www.conf
[www-username]
user = username
group = username
listen = 127.0.0.1:9000
pm = ondemand
pm.max_children = 100
pm.start_servers = 4
pm.min_spare_servers = 2
pm.max_spare_servers = 6
pm.max_requests = 500
pm.status_path = /status
chdir = /
php_flag[display_errors] = on
php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
php_admin_value[memory_limit] = 1024M
EOF
service php5-fpm restart
Finalizing the permissions and setting up the cron job
To ensure that the web root has proper permissions, you could run the following commands. In essence that will change the permissions of all the directories to 755 and all the files to 644. As a reminder, 755 equals to user-writable, group readable, and executable (browseable), and 644 for files the same without the execution flag set.
cd /var/www/domain.com
find . -type d -exec chmod 755 {} \;
find . -type f -exec chmod 644 {} \;
Note! Some server instances might come with SELinux pre-installed and running in enforcing mode. The SELinux will introduce another layer of permissions on top, or beneath, the traditional user/group/others combination. In that case, you might need to ensure that the proper SELInux context has been assigned for the files and that web server is running under a compatible security policy.
Finally, you would set up the cron job to periodically clean up internal Magento session information. That is defined in the cron scheduled file x, to be created in a similar manner to the creation of all the other files in this guide, either using the text editor or directly via cat command.
cat <<EOF > /etc/cron.d/phpsessclean
24 3 * * * root find /var/www/*/public_html/var/session/ -type f -name 'sess_*' -mtime +7 | xargs rm -rf > /dev/null
EOF
In the end, you should check that the Magento is up and running as expected, execute its database initialization, and other application-specific wizards. This guide has been written using Ubuntu 22.04 running on the VPS server.
If you have any questions or comments, please, drop us a line.
Discover how our services can benefit your business. Leave your contact information and our team will reach out to provide you with detailed information tailored to your specific needs. Take the next step towards achieving your business goals.
How AI and DevOps are transforming software development, addressing new challenges in autonomy and ethics
Achieving 99.9% uptime involves redundancy, continuous monitoring, and robust CI/CD processes to optimize application performance and ensure security
The article discusses overcoming challenges in cloud infrastructure development for a FinTech startup with limited regional options and strict regulations