How to Install ElkArte Forum with Apache and Let's Encrypt on Debian 10
ElkArte is a free, open-source and powerful forum software that allows you to create your own online forum community. It is simple, lightweight and modern forum platform based on PHP and uses MySQL/MariaDB to store its data. ElkArte comes with a richs et of features including, Notifications, Likes for posts, Drafts, Auto save, Drag and drop file attachment, Integrated video embedding for youtube, Posting by Email, Improved Anti Spam measures and many more.
In this tutorial, we will explain how to install ElkArte on Debian 10 server.
Requirements
- A server running Debian 10.
- A root password is setup to your server.
Getting Started
Before starting, you will need to update your system with the latest version. You can do this by running the following command:
apt-get update -y
apt-get upgrade -y
Once your server is updated, restart your server to apply the changes.
Install Apache, MariaDB and PHP
First, you will need to install Apache web server, MariaDB database server, PHP and other required libraries to your server. You can install all of them by running the following command:
apt-get install apache2 mariadb-server php libapache2-mod-php php-common php-curl php-intl php-mbstring php-xmlrpc php-mysql php-gd php-pgsql php-xml php-cli php-imagick php-bcmath php-gmp php-zip unzip -y
Once all the packages are installed, open php.ini file and tweak some settings:
nano /etc/php/7.3/apache2/php.ini
Change the following lines:
memory_limit = 256M upload_max_filesize = 100M max_execution_time = 360 date.timezone = America/Chicago
Save and close the file when you are finished. Then, restart the Apache webserver with the following command:
systemctl restart apache2
Configure Database for ElkArte
Next, you will need to create a database and user for ElkArte. To do so, login to MariaDB shell with the following command:
mysql -u root -p
Provide your root password when prompt then create a database and user with the following command:
MariaDB [(none)]> CREATE DATABASE elkartedb;
MariaDB [(none)]> CREATE USER 'elkarte'@'localhost' IDENTIFIED BY 'password';
Next, grant all the privileges to ElkArte with the following command:
MariaDB [(none)]> GRANT ALL ON elkartedb.* TO 'elkarte'@'localhost' WITH GRANT OPTION;
Next, flush the privileges and exit from the MariaDB shell with the following command:
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> EXIT;
Once you have finished, you can proceed to the next step.
Download ElkArte
First, you will need to download the latest version of ElkArte from the Git repository. To download it, run the following command:
wget https://github.com/elkarte/Elkarte/archive/master.zip
Once the download is completed, unzip the downloaded file with the following command:
unzip master.zip
Next, move the extracted directory to the Apache web root directory:
mv Elkarte-master /var/www/html/elkarte
Next, change the ownership of the elkarte directory and provide necessary permissions with the following command:
chown -R www-data:www-data /var/www/html/elkarte
chmod -R 755 /var/www/html/elkarte
Once you have finished, you can proceed to the next step.
Create Virtual host for ElkArte
Next, you will need to create an Apache virtual host configuration file to serve ElkArte. You can create it with the following command:
nano /etc/apache2/sites-available/elkarte.conf
Add the following lines:
<VirtualHost *:80>
ServerAdmin [email protected]
DocumentRoot /var/www/html/elkarte
ServerName example.com
<Directory /var/www/html/elkarte/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Save and close the file when you are finished. Then, enable the virtual host file and Apache rewrite module with the following command:
a2ensite elkarte.conf
a2enmod rewrite
Finally, restart the Apache webserver to apply the changes:
systemctl restart apache2
Access ElkArte Web Interface
ElkArte is now installed and configured. It's time to access ElkArte web interface.
Open your web browser and type the URL http://example.com. You will be redirected to the ElkArte welcome page:
Click on the Continue button. You should see the following page:
Provide your database name, database username, password and click on the Continue button. You should see the following page:
Provide your Forum name, Forum URL and click on the Continue button. You should see the following page:
Now, click on the Continue button. You should see the admin creation page:
Provide your desired administrator name, password, email, database password and click on the Continue button. Once the installation has been finished, you should see the following page:
Now, click on the "your newly installed forum". You should see the ElkArte dashboard in the following page:
Secure ElkArte with Let's Encrypt
First, you will need to install Certbot on your server. Certbot is used to obtain an SSL certificate from the Let’s Encrypt and configure Apache to use this certificate.
By default, the latest version of Certbot is not available in the Debian 10 default repository. So you will need to add Certbot repository on your server.
First, add the Certbot repository with the following command:
add-apt-repository ppa:certbot/certbot
Once the repository is added, update the repository and install Certbot with the following command:
apt-get update -y
apt-get install certbot python-certbot-apache -y
Certbot is now installed and ready to use.
Run the following command to obtain the SSL certificate for your domain:
certbot --apache -d example.com
First, you will need to provide a valid email address and agree to the terms of service as shown below:
Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator apache, Installer apache Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): [email protected] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (A)gree/(C)ancel: A - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y Obtaining a new certificate Performing the following challenges: http-01 challenge for example.com Enabled Apache rewrite module Waiting for verification... Cleaning up challenges Created an SSL vhost at /etc/apache2/sites-available/example.com-le-ssl.conf Deploying Certificate to VirtualHost /etc/apache2/sites-available/example.com-le-ssl.conf Enabling available site: /etc/apache2/sites-available/example.com-le-ssl.conf Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: No redirect - Make no further changes to the webserver configuration. 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you're confident your site works on HTTPS. You can undo this change by editing your web server's configuration. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Next, choose option 2 to download and install free SSL certificate for your domain. Once the installation has been completed successfully. You should get the following output:
Enabled Apache rewrite module Redirecting vhost in /etc/apache2/sites-enabled/example.com.conf to ssl vhost in /etc/apache2/sites-available/ example.com-le-ssl.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations! You have successfully enabled https://example.com You should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=example.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/example.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/example.com/privkey.pem Your cert will expire on 2019-10-22. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew" - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
Congratulations! your ElkArte is now secured with SSL certificate. You can now access it securely by visiting the URL https://example.com.
