Have a Question?
< All Topics

Install WordPress With OpenLiteSpeed On Debian

Tutorial on how to Install WordPress with OpenLiteSpeed on Debian 10

Installation of OpenLiteSpeed

Add OpenLiteSpeed to repository

$ sudo wget -O - http://rpms.litespeedtech.com/debian/enable_lst_debian_repo.sh | sudo bash
$ sudo apt update

Install OpenLiteSpeed & PHP components

$ sudo apt-get install openlitespeed
$ sudo apt-get install lsphp73-common lsphp73-curl lsphp73-imagick lsphp73-imap lsphp73-json lsphp73-memcached lsphp73-mysql lsphp73-opcache lsphp73-redis 

Enable OpenListSpeed to start automatically when system boot up

$ sudo systemctl enable lsws

Change the default Admin’s Password for OpenLiteSpeed

$ sudo /usr/local/lsws/admin/misc/admpass.sh

Allow TCP 7080 for default Management Port for OpenLiteSpeed

$ sudo ufw allow 7080/tcp

Verify OpenLiteSpeed is installed successfully

LiteSpeed/1.6.18 Open
        module versions:
        modgzip 1.1
        cache 1.62
        modinspector 1.1
        uploadprogress 1.1
        mod_security 1.4
 (built: Tue Nov 24 16:40:45 UTC 2020)
        module versions:
        modgzip 1.1
        cache 1.62
        modinspector 1.1
        uploadprogress 1.1
        mod_security 1.4

Login OpenLiteSpeed Management via http://IP-ADDRESS:7080

Install WordPress With OpenLiteSpeed On Debian

Change Default Web Server Port from 8088 to 80

Click on Listeners > Default

Click Edit

Change the Port No from 8088 to 80 & Listerner Name from Default to HTTP and click Save & Restart for the changes to be applied

Verify http://IP-ADDRESS is accessable now

By default, PHP 7.3.23-1+buster is installed

Directory for New Virtual Host

Prepare a new directory called /var/www/yongkw.com with the following sub-folders, config, logs, html and ssl

sudo mkdir -p /var/www/yongkw.com/{conf,logs,html,ssl}

Change the ownership from root to lsadm for /var/www/*

$ sudo chown -R lsadm:lsadm /var/www/*

Backup the default vhost configuration with root

$ su - 
$ tar cvf vhosts.tar /usr/local/lsws/conf/vhosts/

Delete the default vhost configuration file and link it to /var/www

$ sudo rm -rf /usr/local/lsws/conf/vhosts/
$ sudo ln -s /var/www /usr/local/lsws/conf/vhosts

New Virtual Host

Click on "+" to create a new virtual host called yongkw.com

Enter the following information

  • Virtual Host Name = yongkw.com
  • Virtual Host Root = /var/www/$VH_NAME
  • Config File = $SERVER_ROOT/conf/vhosts/$VH_NAME/conf/vhconf.conf
  • Enable Scripts/ExtApps = YES
  • Restrained = YES

Click save and click CLICK TO CREATE to create a new vhost configuration file

Restart the OpenLiteSpeed Server

Verify a new virtual host called yongkw.com is created successfully

Change the following in General

  • Document Root = $VH_ROOT/html
  • Enable Compression = YES
  • Index Files = index.php, index.html

Enable the followng in Rewrite Tab

  • Enable Rewrite = YES
  • Auto Load from .htaccess = YES

Delete the default Example Virtual Host

Go to Listerners > General > Virtual Host Mappings to verify yongkw.com is added

Save the configuration and restart the service

Let’s Encrypt SSL Certificate

Verify the public IP Address of Debian 10 Server

$ curl http://ipinfo.io/json
  "ip": "172.104.x.x",
  "hostname": "li1619-141.members.linode.com",
  "city": "Singapore",
  "region": "Singapore",
  "country": "SG",
  "loc": "1.2897,103.8501",
  "org": "AS63949 Linode, LLC",
  "postal": "048508",
  "timezone": "Asia/Singapore",
  "readme": "https://ipinfo.io/missingauth"

Update the Public DNS record to point yongkw.com to 172.104.x.x and install Certbot Package

$ sudo apt-get install certbot

Request SSL Certificate from LetsEncrypt

$ sudo certbot certonly --webroot -w /var/www/yongkw.com/html/ -d yongkw.com -d www.yongkw.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for www.yongkw.com
http-01 challenge for yongkw.com
Using the webroot path /var/www/yongkw.com/html for all unmatched domains.
Waiting for verification...
Cleaning up challenges

 - Congratulations! Your certificate and chain have been saved at:
   Your key file has been saved at:
   Your cert will expire on 2021-04-04. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot
   again. To non-interactively renew *all* of your certificates, run
   "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Switch to root and verify the LetsEncrypt SSL Certificate is created successfuly in /etc/letsencrypt/live/yongkw.com/

$ su -
$ ls  /etc/letsencrypt/live/yongkw.com/
cert.pem  chain.pem  fullchain.pem  privkey.pem  README

Renew LetsEncrypt SSL Certificate

Verify there is no error when renew let’s Encrypt SSL Certificate with cerbot manually

$ sudo certbot renew --dry-run

Create a Cron job to renew it every month

$ sudo crontab -e

00 02 1 * * certbot renew >/dev/null 2>&1 
00 03 1 * * /usr/local/lsws/bin/lswsctrl restart

New HTTPS Listener

Create a new HTTPS listerner with

  • Listener Name = HTTPS
  • Port = 443
  • Secure = YES

Ensure that Virtual Host Mappings is configured for yongkw.com

Enter the following for SSL tab

  • Private Key File = /etc/letsencrypt/live/yongkw.com/privkey.pem
  • Certificate File = /etc/letsencrypt/live/yongkw.com/fullchain.pem
  • Chained Certificate = YES
  • Protocol Version = TLS 1.2 & TLS 1.3

Save & Restart

Enter the following for Virtual Host yongkw.com > SSL

  • Private Key File = /etc/letsencrypt/live/$VH_NAME/privkey.pem
  • Certificate File = /etc/letsencrypt/live/$VH_NAME/fullchain.pem
  • Chained Certificate = YES
  • Protocol Version = TLS 1.2 & TLS 1.3


Install MariaDB 10.3 Server & Client

$ sudo apt install mariadb-server mariadb-client -y

Set password for root

$ sudo mysql

ALTER USER root@localhost IDENTIFIED VIA mysql_native_password;
flush privileges;

Secure the Mariadb databases

$ sudo mysql_secure_installation
Change the root password? [Y/n] n
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] y
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y

Configure Mariadb to start automatically when server is rebooted

$ sudo systemctl enable mariadb

Login to MariaDB to verify version 10.3 is installed

$ sudo mysql -u root -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 58
Server version: 10.3.23-MariaDB-0+deb10u1 Debian 10

Prepare a Database called wordpress with user called wpuser. Replace XXXX with your own password.

GRANT ALL ON wordpress.* TO 'wpuser'@'localhost' IDENTIFIED BY 'XXXXXX' WITH GRANT OPTION;

Install WordPress With OpenLiteSpeed On Debian

Download the latest WordPress installation file and prepare a .htaccess file

$ cd /tmp
$ sudo wget https://wordpress.org/latest.tar.gz
$ sudo tar -zxvf latest.tar.gz
$ sudo touch /tmp/wordpress/.htaccess

Prepare a wp-config.php file from wp-config-sample.php by defining the Database Name, User and password

$ cd wordpress
$ sudo cp wp-config-sample.php wp-config.php

$ sudo nano wp-config.php 

 // ** MySQL settings - You can get this info from your web host ** //
    /** The name of the database for WordPress */
    define( 'DB_NAME', 'wordpress' );

    /** MySQL database username */
    define( 'DB_USER', 'wpuser' );

    /** MySQL database password */
    define( 'DB_PASSWORD', 'P@ssw0rd!@#$' );

Move /tmp/wordpress to /var/www/yongkw.com/html/

$ sudo mv * /var/www/yongkw.com/html/

# Change the permission of wp-config.php
$ sudo chown nobody:nogroup /var/www/aventistech.com/html/wp-config.php

Login to https://yongkw.com to complete the first time wordpress configuration with GUI.

Table of Contents
Scroll to Top