Skip to main content

[Journal] Journey securing wordpress site using apache2 with modsecurity

This is my journey 

Prepare:

Knowledge & practical VM, Cloud, Linux Commands, Webserver.

Your AWS Account


 1.  Create an instance on AWS

Make sure the server can be accessed using SSH command

e.g:

ansible-user can access the server using passwordless for ansible management. 

ssh-copy-id ansible-user@192.168.1.1

ansible-user has access to sudo.

usermod -aG sudo ansible-user



Run:

ansible-playbook playbook.yml -i hosts --ask-become-pass



2. DNS Configuration

Point your domain name to IP

Example:


bagussa.my.id IN A 192.168.1.1

www.bagussa.my.id IN A 192.168.1.1



3. Run the below Ansible Playbook for getting he certificate using Let's Encrypt 

Let's Encrypt Ansible Role:

git clone


Hosts file:


Run:

ansible-playbook letsencrypt-issue.yml -i hosts --ask-become-pass 



4. Run the below Ansible Playbook for installing the wordpress and apache2

Wordpress Ansible role:

git clone https://github.com/bagussa/wordpress-ansible-role.git


Hosts file:

change ansible_host with your own server IP address, you can change as well for ansible_port, ansible_user according to your configuration.

[servers]

wwww-instance ansible_host=192.168.1.1 ansible_port=22 ansible_user=ansible-user







Comments