Chris Salmon Technologies

We've built ourselves a nice, solid foundation for our friend Lisa's classroom website.  I really look forward to having her and the kids use it.  Now we can install a database for the site, and install Joomla.

Turning again to Webmin, we choose "servers" then "MySQL" and create a new user and a new database, giving the new MySQL user rights to the new database only.  This is for security, so that, should that site be hacked for some reason, other sites would not be vulerable to a malicious person having admin rights over the whole database server.  And, we make sure to set that site for local access only, because it only requires access from her website, which runs on the same server as the database server. OK that is easily done, and now we install Joomla.

Installing Joomla is a breeze.  You simply grab the latest version from the Joomla Website and unpack the files into the root directory of the new site.  These projects are SO much easier when you perform what computer scientists call "stepwise refinement" - in other words, the install of Joomla and general development of the site will be simple for us now, thanks to all the previous necessary steps being done, and being done correctly.

OK so we put the files into the root directory of the site (that's where we had the "IT WORKS" file before).  So that the files can be manipulated by the web server user (apache should be run as it's own, non-root user) we will change ownership of the whole tree before we attempt an install.  So from the root of the lisabyrdsclass.com webspace, we execute this command:

chown -R www-data:www-data *

Now then, we open up the site in a browser, and begin the installation process:

We tell Joomla what database it needs to use, with what user and password:

Then comes a rather confusing part of the Joomla install, the issue of an FTP user.  I've tried this both ways, but in general, it seems to work better and the installation goes smoother, if you simply leave this blank.  Joomla should be able to do all it's work with http data transfers rather than ftp anyway.  I've never had a problem that comes from not having the ftp user installed, but if you do, you can install it later from the Joomla administration page.

Then we come to the page where you simply name the site.  This is NOT the URL, but an everyday type name you give it, in this case Lisa Byrd's Classroom Website - plus you give the site an administrator's email address, and a password for the administrative user.

I normally choose to install the sample data here, it gives you some bit of structure to start the site with, and it's easily deleted as you begin to post your own data to the site.

Now, our goal here, is to NEVER allow any traffic to or from this website to be unencrypted - that is, in plain text, readable form that is vulnerable to intercept.  So what we are going to do, is have a master redirect, in the .htaccess file at the root of this webpace, that redirects ALL normal http (insecure) traffic, to the same destination but as https (secure) traffic.  So here is what we will do, create the .htaccess file and put these directives in there:

RewriteEngine On
RewriteCond %{SERVER_PORT} !443$
RewriteRule ^(.*)$ https://www.lisabyrdsclass.com/$1 [L,R]

Now, the .htaccess file will come into play later as well, when we are setting up SEF or "Search Engine Friendly" URL's - so we will go ahead and put the rest of the htaccess.txt file that is included in Joomla's root directory into the new .htaccess file.  Remember the chown www-data:www-data .htaccess !  we want the server to have ownership and control over the file.  but no one else needs to read it, so chmod 400 on it as well.

Now then let's try it -- hahahah !  YES!  Sure enough, we CANNOT go to this site in any kind of unencrypted form.  That is EXACTLY what we want for our school children - a tunnel to hide away from prying eyes.

Now we have a working, real site at http://www.lisabyrdsclass.com (fooled ya didn't I?  You'll be redirected to https!) and we can inform Lisa that she is ready to start writing articles.