Register for the iXsystems Community to get an ad-free experience and exclusive discounts in our eBay Store.
Scripted WordPress Installation (for Reverse Proxy)

Scripted WordPress Installation (for Reverse Proxy) 2.3.1

If the statistics are to be believed, in 2021:
  1. WordPress powers 40% of the internet.
  2. Around 64% of CMS sites are WordPress.
  3. Around 28% of WordPress sites run e-commerce.
  4. Around 75% of hacked CMS sites were built on WordPress :oops:
There are few current guides in the iXsystems Community Forum for setting up WordPress and none are scripted. While there's still a handful of manual post-installation tasks to do, this guide is designed to minimise the manual effort as the majority of tasks have been scripted.

This script will create a jail, install the latest version of WordPress from wordpress.org along with all its dependencies, and store the WordPress database and data, including themes and plugins, outside the jail, where they can be better managed.

There is one caveat. This is not an independent module. The WordPress jail created by this script is designed to operate behind a reverse proxy. If you don't already have a reverse proxy in place, there are at least two available in the forum's Resources section that you might like to consider:
  1. Reverse Proxy using Caddy (with optional automatic TLS) authored by @danb35
  2. How to set up an nginx reverse proxy with SSL termination in a jail authored by @samuel-emrys
Scripted installation instructions for this resource are at https://github.com/basilhendroff/truenas-iocage-wordpress.

Acknowledgements: @danb35 - This scripted resource is based on the pioneering work done on the Nextcloud scripted resource. Both resources serve PHP files.

Q & A

Q1. What major component versions does the script use?
DateScriptWordPressMariaDBPHPCaddyRedisphpMyAdminWP-CLI
2020-09-22​
5.5.1​
10.3​
7.4​
2.1.1​
2020-09-25​
2.2.0​
2020-09-28​
5.0.2​
2020-10-05​
5.0.9​
2020-10-15​
2.2.1​
2020-10-26​
10.4​
2020-10-26​
10.5​
2020-11-29​
5.5.3​
2.4.0​
2021-01-01​
5.6​
2.3.0​

Q2. What is this resource's scope?

The assumption is that the local network is trusted so unencrypted (HTTP) communication is considered acceptable on the LAN. External (HTTPS) access to the WordPress service is granted via a reverse proxy.

Q3. Is this resource secure?

While the script together with the post-installation steps provide an initial, stable starting base, it remains your responsibility to secure your WordPress site properly to reduce the odds of getting hacked. It is also your responsibility to ensure that you have measures in place to recover your WordPress site in the event you are hacked. Refer to the WordPress article Hardening WordPress for further guidance.

Click on the screenshot.695.png button on this page to read about some of my own adventures, and misadventures, in hardening WordPress.
Author
Basil Hendroff
Downloads
52,487
Views
207,160
First release
Last update
Rating
0.00 star(s) 0 ratings

More resources from Basil Hendroff

Latest updates

  1. Improved script error checking

    Improved error checking around the WP_ROOT configuration variable introduced in the last...
  2. Caddy 2.3.0 released plus script improvements

    1. A Caddy web server serves the PHP files in the WordPress jail. Caddy has been upgraded from...
  3. Install WP-CLI for command-line support

    Notable changes in this release: Install the command line tool WP-CLI within the jail. Bugfix...
  4. Upgrade to MariaDB 10.5

    After a somewhat bumpy ride upgrading from MariaDB 10.3 to 10.4, the upgrade from MariaDB 10.4...
  5. Upgrade to MariaDB 10.4

    MariaDB 10.4 uses an improved authentication model. Versions 1.x of the script used MariaDB...
Top