<a href="https://colab.research.google.com/github/DiamondTusks/Cybersecurity/blob/main/CSProg.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>



##**1.  Deploy WordPress to the `/var/www/html/wordpress/` directory and install it**

LAMP stands for Linux, Apache, MySQL, and PHP. Together, they provide a powerful web server environment. Here are the general steps to install a full LAMP stack and deploy WordPress on CentOS Stream 9. 

Please note that this is a general guide, and depending on your specific setup and needs, you might need to adjust these steps.

1. **Update your system**: Keep your system up-to-date.

    ```bash
    sudo dnf update -y
    ```

2. **Install Apache**: Apache is a web server software.

    ```bash
    sudo dnf install httpd -y
    ```
    
    After installation, you need to start and enable Apache to make sure it starts automatically at system boot.

    ```bash
    sudo systemctl start httpd
    sudo systemctl enable httpd
    ```

3. **Install MariaDB**: MariaDB is a popular database server and it is a fork of MySQL.

    ```bash
    sudo dnf install mariadb-server mariadb -y
    ```
    
    Similarly to Apache, you need to start and enable MariaDB.

    ```bash
    sudo systemctl start mariadb
    sudo systemctl enable mariadb
    ```

    Now, secure your MariaDB installation.

    ```bash
    sudo mysql_secure_installation
    ```

    Follow the prompts to set a root password and secure your database system.

4. **Install PHP**: PHP is a popular scripting language that is especially suited to web development.

    ```bash
    sudo dnf install php php-mysqlnd php-fpm php-common php-opcache php-mbstring php-xml php-gd php-curl -y
    ```

    After the installation, restart Apache to make sure it recognizes and uses PHP.

    ```bash
    sudo systemctl restart httpd
    ```

5. **Download and Install WordPress**: 

    First, navigate to the Apache document root.

    ```bash
    cd /var/www/html/
    ```

    Download WordPress.

    ```bash
    sudo wget http://wordpress.org/latest.tar.gz
    ```

    Extract the downloaded file.

    ```bash
    sudo tar xzvf latest.tar.gz
    ```

    Now, you should have a WordPress directory in `/var/www/html/`.

6. **Create a Database for WordPress**:

    Log in to MariaDB.

    ```bash
    sudo mysql -u root -p
    ```

    Create a database for WordPress. Replace `'database_name'` and `'password'` with your preferred database name and password.

    ```sql
    CREATE DATABASE database_name;
    GRANT ALL PRIVILEGES ON database_name.* TO 'wordpressuser'@'localhost' IDENTIFIED BY 'password';
    FLUSH PRIVILEGES;
    EXIT;
    ```

7. **Configure WordPress**:

    Move to the WordPress directory.

    ```bash
    cd /var/www/html/wordpress/
    ```

    Copy the sample WordPress config file to create your own config file.

    ```bash
    sudo cp wp-config-sample.php wp-config.php
    ```

    Open the WordPress config file and replace the 'database_name_here', 'username_here', and 'password_here' placeholders with your database details.

    ```bash
    sudo nano wp-config.php
    ```

8. **Finalizing Installation via Web Interface**:

    Finally, open your web browser and navigate to your server's domain name or public IP address followed by /wordpress: `http://domain_or_IP/wordpress`.

    Follow the WordPress web interface to finalize the installation. This will include setting up a site name, username, password, and email.

And that's it! You've installed a full L

### **2. Configure permissions so that WordPress owns its own files**
**What does it mean?** 
When you install WordPress, the files and folders are typically owned by the web server user. This can be a security risk, as it allows the web server user to modify or delete WordPress files. To improve security, it is best to configure WordPress to own its own files.

To do this, you will need to change the ownership of the files and folders to the user that owns the WordPress process. This can be done using an FTP client or SSH. Once you have changed the ownership, you will need to change the permissions on the files and folders. The permissions should be set to 644 for files and 755 for folders.

Here are the specific permissions you should set for each file and directory:

* **wp-config.php:** 640
* **wp-content/uploads:** 775
* **wp-content/plugins:** 775
* **wp-content/themes:** 775
* **wp-content/other-directories:** 644
* **wp-content/index.php:** 644
* **wp-includes/all:** 644
* **wp-includes/widgets:** 775
* **wp-includes/images:** 644
* **wp-includes/js:** 644
* **wp-includes/css:** 644
* **wp-includes/fonts:** 644
* **wp-includes/other-files:** 644

It is important to note that these are just general guidelines. The specific permissions you need to set may vary depending on your hosting provider and WordPress configuration. If you are unsure about what permissions to set, it is always best to consult with your hosting provider or a WordPress security expert.

By following these steps, you can help to improve the security of your WordPress installation.

**Here is how to do it:**
`sudo chown -R apache:apache /var/www/html/wordpress/`
