Updating your Digital Ocean WordPress – Follow up to WordCamp Raleigh 2015 Talk

If you attended my talk at WordCamp Raleigh 2015 on being your own Sysadmin, you may be interested in this. There are couple of questions that came up after the presentation on maintaining the site once it’s up and running. So there are a couple things to consider here.

Slides: http://mygeeknc.d.pr/U2I

File Permissions

File permissions tell the host operating system which users can access certain directories and files. If you followed my talk, we created the www folder under the root account so by default, root owns it. Whereas with our config file, the nginx process runs under the www-data user and group. I provided a bash script  to set the correct permissions to our /var/www/ directory. It sets the owner and group of the directory to www-data along with changing the file permissions to 644 and directory to 755. This is recommended settings from WordPress.org

Now, once this is set, you shouldn’t have to change it or re-run this script unless you upload or edit a file via SFTP. By doing so, you’ll be resetting the permissions and owner back to root (given you’re logged in as that).

Server Patching

Patching as we know, keeps the vulnerabilities at bay or at least reduces the chance you’ll be affected by a script kiddie. If someone really wants in, they’re probably going to get in. There are two commands that we can run, and I don’t recommend automating this unless you really know what you’re doing.

apt-get update

This command requests all the latest data and version numbers for all of the packages that are available from Ubuntu. This is required before we actually update any packages, otherwise we wouldn’t know what’s out there.

apt-get upgrade

This command is what does the heavy lifting. It will compare the packages installed on your server with what’s in the repos. If it finds any differences, it will mark that package for upgrading. Once ran, you’ll get a list of the packages that has an update available. If you choose to update, you’d simply answer yes to the upgrade.

Sometimes, some packages will want to overwrite your configuration files. I’d recommend against doing this and you can opt to NOT overwrite them by answering N (or no) to the prompt.

I would do this about once a month, go ahead and add it to your calendar.

WordPress and Plugin Patching

Finally, you must keep WordPress updated along with it’s plugins. You could do this through the command line via something like WP-CLI but I’d just recommend for the basic user to use the updater built into WordPress. Our setup allows for the webserver to do it’s own updates so there should not be an issue with that.

 

Finishing Up

By doing these basic steps, you should be able to keep your server and WordPress install up to date. If you have any questions, tweet me at @adamsewell.

One Response to “Updating your Digital Ocean WordPress – Follow up to WordCamp Raleigh 2015 Talk”

  1. I was able to set this up and everything worked. Thank you so much! I’ve always used Apache and I’m not an expert at linux admin. This gives me a lot of direction on what to learn and the mentality that I need to build and configure a solid NGINX server! Hope to see more of your talks at WordCamps!

    Reply

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>