Friday, June 14, 2024
HomeHow toHow to Install PrestaShop on Rocky Linux 9

How to Install PrestaShop on Rocky Linux 9

PrestaShop is an open-source e-commerce web application written using Symfony PHP framework. It allows you to design, build, and host an online store to sell products, receive payments, and manage all related aspects. It is being used by 300,000+ sites making it one of the most popular e-commerce platforms. It supports modules that allow you to extend its functionality even further. You can customize it using various high-quality themes. It offers customizable templates, secure payment gateways, inventory management, and SEO-friendly tools to optimize search engine rankings.

In this tutorial, you will learn how to install Prestashop on a Rocky Linux 9 server.

Prerequisites

  • A server running Rocky Linux 9 with a minimum of 1 GB of RAM.

  • A non-root user with sudo privileges.

  • A Fully Qualified Domain Name (FQDN) like prestashop.example.com pointing to your server.

  • An SMTP account with an email service like Amazon SES or Mailgun.

  • Everything is updated.

    $ sudo dnf update
    
  • A few essential packages are required for the tutorial and Prestashop to run. Some of these will already be on your server.

    $ sudo dnf install wget curl nano unzip yum-utils policycoreutils-python-utils -y
    

Step 1 – Configure Firewall

The first step is to configure the firewall. Rocky Linux uses Firewalld Firewall. Check the firewall’s status.

$ sudo firewall-cmd --state
running

The firewall works with different zones, and the public zone is the default one that we will use. List all the services and ports active on the firewall.

$ sudo firewall-cmd --permanent --list-services

It should show the following output.

cockpit dhcpv6-client ssh

Allow HTTP and HTTPS ports.

$ sudo firewall-cmd --permanent --add-service=http
$ sudo firewall-cmd --permanent --add-service=https

Recheck the status of the firewall.

$ sudo firewall-cmd --permanent --list-services

You should see a similar output.

cockpit dhcpv6-client http https ssh

Reload the firewall to enable the changes.

$ sudo firewall-cmd --reload

Step 2 – Install Nginx

Rocky Linux 9 ships with an older version of Nginx. To install the latest version, you need to download the official Nginx repository.

Create and open the file /etc/yum.repos.d/nginx.repo for editing.

$ sudo nano /etc/yum.repos.d/nginx.repo

Paste the following code in it.

[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

Once you are finished, save the file by pressing Ctrl + X and entering Y when prompted.

Install Nginx.

$ sudo dnf install nginx -y

Verify the installation.

$ nginx -v
nginx version: nginx/1.24.0

Enable and start the Nginx server service.

$ sudo systemctl enable nginx --now

Check the service status.

$ sudo systemctl status nginx
? nginx.service - nginx - high performance web server
     Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; preset: disabled)
     Active: active (running) since Sat 2023-11-25 10:58:03 UTC; 5s ago
       Docs: http://nginx.org/en/docs/
    Process: 4220 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=0/SUCCESS)
   Main PID: 4222 (nginx)
      Tasks: 2 (limit: 10841)
     Memory: 1.9M
        CPU: 9ms
     CGroup: /system.slice/nginx.service
             ??4222 "nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf"
             ??4223 "nginx: worker process"

Open your server’s IP address in your web browser. You should see the following page which means your server is up and running.

Step 3 – Install PHP and extensions

Rocky Linux 9 ships with PHP 8.1 by default. To always stay on the latest version of PHP or if you want to install multiple versions of PHP, we need to use the REMI repository.

The first step is to grab the Epel repository.

$ sudo dnf install epel-release -y

Next, install the Remi repository.

$ sudo dnf install https://rpms.remirepo.net/enterprise/remi-release-9.rpm

Check for available PHP streams.

$ dnf module list php -y
Name    Stream              Profiles                                      Summary
php     8.1                 common [d], devel, minimal                    PHP scripting language

Remi's Modular repository for Enterprise Linux 9 - x86_64
Name    Stream              Profiles                                      Summary
php     remi-7.4            common [d], devel, minimal                    PHP scripting language
php     remi-8.0            common [d], devel, minimal                    PHP scripting language
php     remi-8.1            common [d], devel, minimal                    PHP scripting language
php     remi-8.2            common [d], devel, minimal                    PHP scripting language
php     remi-8.3            common [d], devel, minimal                    PHP scripting language

Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled

The default version is 8.1. At the time of writing this tutorial, Prestashop is compatible with PHP 8.1. Therefore, enable Remi’s PHP 8.1 repository.

$ sudo dnf module reset php -y
$ sudo dnf module enable php:remi-8.1

Install PHP and its extensions required by Prestashop.

$ sudo dnf install php php-bcmath php-cli php-curl php-common \
    php-fpm php-gd php-gmp php-intl php-mbstring \
    php-mysql php-opcache php-xml php-zip -y

Check the version of PHP installed.

$ php --version
PHP 8.1.26 (cli) (built: Nov 21 2023 21:53:48) (NTS gcc x86_64)
Copyright (c) The PHP Group
Zend Engine v4.1.26, Copyright (c) Zend Technologies
    with Zend OPcache v8.1.26, Copyright (c), by Zend Technologies

Enable and start the PHP-FPM service.

$ sudo systemctl enable php-fpm --now

Check the status of the service.

$ sudo systemctl status php-fpm
? php-fpm.service - The PHP FastCGI Process Manager
     Loaded: loaded (/usr/lib/systemd/system/php-fpm.service; enabled; preset: disabled)
     Active: active (running) since Sat 2023-11-25 12:54:31 UTC; 2s ago
   Main PID: 6160 (php-fpm)
     Status: "Ready to handle connections"
      Tasks: 6 (limit: 10841)
     Memory: 15.2M
        CPU: 56ms
     CGroup: /system.slice/php-fpm.service
             ??6160 "php-fpm: master process (/etc/php-fpm.conf)"
             ??6161 "php-fpm: pool www"
             ??6162 "php-fpm: pool www"
             ??6163 "php-fpm: pool www"
             ??6164 "php-fpm: pool www"
             ??6165 "php-fpm: pool www"

Step 4 – Install Percona MySQL Server

Prestashop requires a MySQL database server for data storage. But instead of installing MySQL, we will be installing the Percona MySQL server. It works as a drop-in replacement for MySQL and offers more features and security.

The first step is to install the Percona release repository for Rocky Linux.

$ sudo dnf install -y https://repo.percona.com/yum/percona-release-latest.noarch.rpm

If you get the following error, you can safely ignore it and proceed further as it doesn’t affect the installation. The GPG key will still get imported later on.

error: can't create transaction lock on /var/lib/rpm/.rpm.lock (Resource temporarily unavailable)
error: /etc/pki/rpm-gpg/RPM-GPG-KEY-Percona: key 1 import failed.

Once the repository is installed, set up the Percona Server repository for MySQL 8.0 by issuing the following command.

$ percona-release setup ps80

The above command asks if you want to disable the default MySQL module. Enter y to proceed. It will disable the MySQL installer module and enable the Percona MySQL module.

Install Percona Server for MySQL 8.0.

$ sudo dnf -y install percona-server-server

This will install the Percona Server and Client for MySQL which are the basic packages you need for now.

Verify the installation.

$ mysql --version
mysql  Ver 8.0.34-26 for Linux on x86_64 (Percona Server (GPL), Release 26, Revision 0fe62c85)

Start the MySQL service.

$ sudo systemctl start mysqld

Check the status of the MySQL service.

$ sudo systemctl status mysqld
? mysqld.service - MySQL Server
     Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; preset: disabled)
     Active: active (running) since Sun 2023-11-26 06:25:37 UTC; 7s ago
       Docs: man:mysqld(8)
             http://dev.mysql.com/doc/refman/en/using-systemd.html
    Process: 6522 ExecStartPre=/usr/bin/mysqld_pre_systemd (code=exited, status=0/SUCCESS)
   Main PID: 6598 (mysqld)
     Status: "Server is operational"
      Tasks: 39 (limit: 10841)
     Memory: 486.8M
        CPU: 8.131s
     CGroup: /system.slice/mysqld.service
             ??6598 /usr/sbin/mysqld

Nov 26 06:25:28 prestashop.example.com systemd[1]: Starting MySQL Server...
Nov 26 06:25:37 prestashop.example.com systemd[1]: Started MySQL Server.

Percona generates a temporary root password during installation. Grab that password using the following command.

$ sudo grep "temporary password" /var/log/mysqld.log
2023-11-26T06:25:33.316696Z 6 [Note] [MY-010454] [Server] A temporary password is generated for root@localhost: (sDeLSgjs7pI

Log in to the MySQL shell.

$ sudo mysql -u root -p

Run the MySQL security setup wizard.

$ sudo mysql_secure_installation

Enter the root password when prompted.

Securing the MySQL server deployment.

Enter password for user root:

The password being temporary is already expired and you will be prompted to set a new root password. Choose a strong password for the root account. Your password should satisfy the current password policy requirements which means it should have a lowercase character, an uppercase character, a number, and a special character.

The existing password for the user account root has expired. Please set a new password.

New password:

Re-enter new password:

Next, the password strength will be shown and you will be asked if you want to change it. Type N to proceed.

The 'validate_password' component is installed on the server.
The subsequent steps will run with the existing configuration
of the component.
Using existing password for root.

Estimated strength of the password: 100
Change the password for root ? ((Press y|Y for Yes, any other key for No) : N

 ... skipping.

Type Y to remove anonymous users.

By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y
Success.

Type Y to disallow root login remotely.

Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y
Success.

Type Y to remove the test database.

By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.


Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y
 - Dropping test database...
Success.

 - Removing privileges on test database...
Success.

And finally, type N to reload the privilege tables.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y
Success.

All done!

That’s it. Next time you want to log in to the MySQL shell, use the following command and enter the root password when prompted.

$ sudo mysql -u root -p

You will get the following MySQL shell prompt.

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 16
Server version: 8.0.34-26 Percona Server (GPL), Release 26, Revision 0fe62c85

Copyright (c) 2009-2023 Percona LLC and/or its affiliates
Copyright (c) 2000, 2023, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>

Type exit to exit the shell.

Step 5 – Configure Percona MySQL Server

Log in to the MySQL shell.

$ sudo mysql -u root -p

Create a new MySQL database, database user, and password for your Prestashop installation.

mysql> CREATE DATABASE prestashop COLLATE utf8mb4_general_ci;
mysql> CREATE USER 'prestauser'@'localhost' IDENTIFIED BY 'Your_password2';
mysql> GRANT ALL PRIVILEGES ON prestashop.* TO 'prestauser'@'localhost';

Replace prestashop, prestauser and yourpassword with the credentials of your choice. Choose a strong password and make sure it follows the password policy as described above.

Flush the privileges to ensure that they are saved in the current session.

mysql> FLUSH PRIVILEGES;

Exit the MySQL shell.

mysql> exit

Step 6 – Downloading Prestashop

Create a directory for Prestashop.

$ sudo mkdir /var/www/html/prestashop -p

There are two versions of Prestashop available – the branded Basic version and the unbranded version. The branded version is available from Prestashop’s website while the unbranded version is available from the GitHub repository. The difference between the two versions is that the branded version contains extra modules including a payment processor, Facebook and Google modules for promotion and SEO, and various other modules to connect with Prestashop and analytics purposes.

The basic version is released after the non-branded version. Therefore, at the time of writing this tutorial, the latest version of the basic edition available is 8.1.1 and the non-branded version is 8.1.2. For our tutorial, we will use the basic branded edition. You can use the non-branded version if you want. The installation process for both versions is exactly the same.

Download the latest version using the following command.

$ cd /tmp
$ wget https://assets.prestashop3.com/dst/edition/corporate/8.1.1/prestashop_edition_basic_version_8.1.1.zip

You can get the link by visiting the Prestashop download page, entering your email, and downloading the file. The un-branded version can be grabbed from the Prestashop GitHub releases page.

Unzip the downloaded archive.

$ unzip prestashop_*.zip

This archive has another zip file named prestashop.zip which contains all the files. Extract the files to the Prestashop directory.

$ sudo unzip prestashop.zip -d /var/www/html/prestashop

Change the owner of the Prestashop directory to the nginx user.

$ sudo chown -R nginx: /var/www/html/prestashop

Step 7 – Install SSL

We need to install Certbot to generate the SSL certificate. We will use the Snapd package installer for that. Since Rocky Linux doesn’t ship with it, install the Snapd installer. It requires the EPEL (Extra Packages for Enterprise Linux) repository to work. But since we already installed it in step 3, we can directly move ahead.

Install Snapd.

$ sudo dnf install -y snapd

Enable and Start the Snap service.

$ sudo systemctl enable snapd --now

Install the Snap core package, and ensure that your version of Snapd is up to date.

$ sudo snap install core && sudo snap refresh core

Create necessary links for Snapd to work.

$ sudo ln -s /var/lib/snapd/snap /snap
$ echo 'export PATH=$PATH:/var/lib/snapd/snap/bin' | sudo tee -a /etc/profile.d/snapd.sh

Install Certbot.

$ sudo snap install --classic certbot

Use the following command to ensure that the Certbot command can be run by creating a symbolic link to the /usr/bin directory.

$ sudo ln -s /snap/bin/certbot /usr/bin/certbot

Verify if Certbot is functioning correctly.

$ certbot --version
certbot 2.7.4

Run the following command to generate an SSL Certificate.

$ sudo certbot certonly --nginx --agree-tos --no-eff-email --staple-ocsp --preferred-challenges http -m [email protected] -d prestashop.example.com

The above command will download a certificate to the /etc/letsencrypt/live/prestashop.example.com directory on your server.

Generate a Diffie-Hellman group certificate.

$ sudo openssl dhparam -dsaparam -out /etc/ssl/certs/dhparam.pem 4096

Check the Certbot renewal scheduler service.

$ sudo systemctl list-timers

You will find snap.certbot.renew.service as one of the services scheduled to run.

NEXT                        LEFT           LAST                        PASSED      UNIT                      ACTIVATES     
---------------------------------------------------------------------------------------------------------------------------               
Sun 2023-11-26 17:12:40 UTC 1h 34min left Sun 2023-11-26 15:25:36 UTC 12min ago    dnf-makecache.timer       dnf-makecache.service
Sun 2023-11-26 17:48:00 UTC 2h 10min left -                           -            snap.certbot.renew.timer  snap.certbot.renew.service
Mon 2023-11-27 00:00:00 UTC 8h left       Sun 2023-11-26 00:00:00 UTC 15h ago      logrotate.timer           logrotate.service

Do a dry run of the process to check whether the SSL renewal is working fine.

$ sudo certbot renew --dry-run

If you see no errors, you are all set. Your certificate will renew automatically.

Step 8 – Configure SELinux

Change the file security context for Prestashop.

$ sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/prestashop(/.*)?"

Apply the policy.

$ sudo restorecon -Rv /var/www/html/prestashop/

Apply the policy to allow Nginx to give access to MariaDB.

$ sudo setsebool -P httpd_can_network_connect_db 1

Apply the policy to allow connections to be made to outside hosts. This is needed for sending emails.

$ sudo setsebool -P httpd_can_network_connect 1

With MariaDB 10.11, you will face another issue which is that SELinux prevents PHP-FPM from connecting to MariaDB. That can be solved by installing an SELinux module. The first step is to create a type enforcement file.

Create the file my-phpfpm.te in your home directory and open it for editing.

$ cd ~
$ nano my-phpfpm.te

Paste the following code in it.

module my-phpfpm 1.0;

require {
        type unconfined_service_t;
        type httpd_t;
        type httpd_sys_content_t;
        class dir write;
        class unix_stream_socket connectto;
}

#============= httpd_t ==============

#!!!! This avc is allowed in the current policy
allow httpd_t httpd_sys_content_t:dir write;

#!!!! This avc is allowed in the current policy
allow httpd_t unconfined_service_t:unix_stream_socket connectto;

Save the file by pressing Ctrl + X and entering Y when prompted.

The next step is to convert it into a policy module using the following command. Don’t modify the filename in the command otherwise, it won’t work. The module is named my-phpfpm and the file name should be the same as the module name.

$ sudo checkmodule -M -m -o my-phpfpm.mod my-phpfpm.te

Next, we need to compile the policy module to create a policy package.

$ sudo semodule_package -o my-phpfpm.pp -m my-phpfpm.mod

The final step is to load the policy package using the semodule command which installs the policy to be used.

$ sudo semodule -i my-phpfpm.pp

Step 9 – Configure PHP-FPM

Open php.ini for editing.

$ sudo nano /etc/php.ini

To set file upload sizes, change the values of the upload_max_filesize and post_max_size variables. This value decides the size of the file you can upload to Prestashop. By default, it is set at 10MB which is what we will configure with PHP.

$ sudo sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 16M/' /etc/php.ini
$ sudo sed -i 's/post_max_size = 8M/post_max_size = 16M/' /etc/php.ini

Configure PHP’s memory limit depending on your server resources and requirements.

$ sudo sed -i 's/memory_limit = 128M/memory_limit = 256M/' /etc/php.ini

Open the file /etc/php-fpm.d/www.conf.

$ sudo nano /etc/php-fpm.d/www.conf

We need to set the Unix user/group of PHP processes to nginx. Find the user=apache and group=apache lines in the file and change them to nginx.

...
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
;       will be used.
; RPM: apache user chosen to provide access to the same directories as httpd
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx
...

Find the listen.owner = nobody, listen.group = nobody, listen.mode = 0660 lines in the file and change them as follows after uncommenting them.

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions. The owner
; and group can be specified either by name or by their numeric IDs.
; Default Values: user and group are set as the running user
;                 mode is set to 0660
listen.owner = nginx
listen.group = nginx
listen.mode = 0660

Save the file by pressing Ctrl + X and entering Y when prompted.

Restart the PHP-fpm process. Make sure you have Nginx installed before restarting the PHP service otherwise, it will fail since it won’t be able to find the nginx group.

$ sudo systemctl restart php-fpm

Change the group of the PHP sessions directory to Nginx.

$ sudo chgrp -R nginx /var/lib/php/session

Step 10 – Configure Nginx

Open the file /etc/nginx/nginx.conf for editing.

$ sudo nano /etc/nginx/nginx.conf

Add the following line before the line include /etc/nginx/conf.d/*.conf;.

server_names_hash_bucket_size 64;

Save the file by pressing Ctrl + X and entering Y when prompted.

Create and open the file /etc/nginx/conf.d/prestashop.conf for editing.

$ sudo nano /etc/nginx/conf.d/prestashop.conf

Paste the following code in it. Replace prestashop.example.com with your domain name. Make sure the value of the client_max_body_size is set to 10MB which is what the default upload size of files in Prestashop is. It is the same value we configured with PHP earlier.

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    # [EDIT] Your domain name(s) go here.
    server_name prestashop.example.com;

    # [EDIT] Path to your domain Nginx logs.
    access_log /var/log/nginx/prestashop.access.log;
    error_log /var/log/nginx/prestashop.error.log;

    # [EDIT] Path to your SSL certificates (take a look at Certbot https://certbot.eff.org).
    ssl_certificate      /etc/letsencrypt/live/prestashop.example.com/fullchain.pem;
    ssl_certificate_key  /etc/letsencrypt/live/prestashop.example.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/prestashop.example.com/chain.pem;

    ssl_session_timeout  5m;
    ssl_session_cache shared:MozSSL:10m;
    ssl_session_tickets off;

    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
    ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1;
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_dhparam /etc/ssl/certs/dhparam.pem;

    # [EDIT] Path to your PrestaShop directory.
    root /var/www/html/prestashop;

    index index.php;

    # This should match the `post_max_size` and/or `upload_max_filesize` settings
    # in your php.ini.
    client_max_body_size 16M;

    # Redirect 404 errors to PrestaShop.
    error_page 404 /index.php?controller=404;

    # HSTS (Force clients to interact with your website using HTTPS only).
    # For enhanced security, register your site here: https://hstspreload.org/.
    # WARNING: Don't use this if your site is not fully on HTTPS!
    # add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" preload; always;

    # [EDIT] If you are using multiple languages.
    # rewrite ^/fr$ /fr/ redirect;
    # rewrite ^/fr/(.*) /$1;

    # Images.
    rewrite ^/(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$1$2.jpg last;
    rewrite ^/(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$1$2$3.jpg last;
    rewrite ^/(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$1$2$3$4.jpg last;
    rewrite ^/(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5.jpg last;
    rewrite ^/(\d)(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6.jpg last;
    rewrite ^/(\d)(\d)(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7.jpg last;
    rewrite ^/(\d)(\d)(\d)(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8.jpg last;
    rewrite ^/(\d)(\d)(\d)(\d)(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9.jpg last;
    rewrite ^/c/([\w.-]+)/.+\.jpg$ /img/c/$1.jpg last;

    # AlphaImageLoader for IE and FancyBox.
    rewrite ^images_ie/?([^/]+)\.(gif|jpe?g|png)$ js/jquery/plugins/fancybox/images/$1.$2 last;

    # Web service API.
    rewrite ^/api/?(.*)$ /webservice/dispatcher.php?url=$1 last;

    # Installation sandbox.
    rewrite ^(/install(?:-dev)?/sandbox)/.* /$1/test.php last;

    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }

    # [EDIT] Replace 'admin-dev' in this block with the name of your admin directory.
    location /admin-dev/ {
        if (!-e $request_filename) {
            rewrite ^ /admin-dev/index.php last;
        }
    }

    # .htaccess, .DS_Store, .htpasswd, etc.
    location ~ /\. {
        deny all;
    }

    # Source code directories.
    location ~ ^/(app|bin|cache|classes|config|controllers|docs|localization|override|src|tests|tools|translations|var|vendor)/ {
        deny all;
    }

    # vendor in modules directory.
    location ~ ^/modules/.*/vendor/ {
        deny all;
    }

    # Prevent exposing other sensitive files.
    location ~ \.(log|tpl|twig|sass|yml)$ {
        deny all;
    }

    # Prevent injection of PHP files.
    location /img {
        location ~ \.php$
        { deny all; }
    }

    location /upload {
        location ~ \.php$
        { deny all; }
    }

    # enable browser caching
    location ~* \.(?:css|eot|gif|ico|jpe?g|otf|png|ttf|woff2?)$ {
        expires 1M;
        add_header Cache-Control "public";
    }

    location ~ [^/]\.php(/|$) {
        # Split $uri to $fastcgi_script_name and $fastcgi_path_info.
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;

        # Ensure that the requested PHP script exists before passing it
        # to the PHP-FPM.
        try_files $fastcgi_script_name =404;

        # Environment variables for PHP.
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $request_filename;

        fastcgi_index index.php;

        fastcgi_keep_conn on;
        fastcgi_read_timeout 30s;
        fastcgi_send_timeout 30s;

        # Uncomment these in case of long loading or 502/504 errors.
        # fastcgi_buffer_size 256k;
        # fastcgi_buffers 256 16k;
        # fastcgi_busy_buffers_size 256k;

        # [EDIT] Connection to PHP-FPM unix domain socket.
        fastcgi_pass unix:/run/php-fpm/www.sock;
    }

    # enable gzip compression
    gzip on;
    gzip_disable "msie6";

    gzip_vary on;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_min_length 1000;
    gzip_types
        application/atom+xml
        application/geo+json
        application/javascript
        application/json
        application/ld+json
        application/manifest+json
        application/rdf+xml
        application/rss+xml
        application/x-javascript
        application/xhtml+xml
        application/xml
        font/eot
        font/otf
        font/ttf
        image/svg+xml
        text/css
        text/javascript
        text/plain
        text/xml;
}

# enforce HTTPS
server {
    listen 80;
    listen [::]:80;
    server_name  prestashop.example.com;
    return 301   https://$host$request_uri;
}

Save the file by pressing Ctrl + X and entering Y when prompted.

Verify your Nginx configuration.

$ sudo nginx -t

Restart the Nginx server.

$ sudo systemctl restart nginx

Step 11 – Install Prestashop

Visit the URL https://prestashop.example.com in your browser and you will see the following installer screen.

Click Next to proceed to the next page.

You will be shown the Prestashop License. Check the I agree to the above terms and conditions button to agree to the license and click Next to proceed.

Next, you will be asked to share information about the shop. Give your shop a name, country, timezone, and store type, and enable the SSL option. Also, enter your account name, email address, and password for logging in to the store. Click Next once you are finished.

Next, you will be asked if you want to add some demo products to the shop. Select no if you don’t want them. Also, select the Install all modules option or you can choose which modules you want to install. Click Next when you are finished.

Next, enter the database credentials that we created in step 5. Leave the other options intact. Click the Test database option to verify the connection.

Click Next on successful connection to the database to proceed to the next page.

Here you will see the Prestashop installation’s progress. Once finished, it will automatically open the following page.

Click the Manage your store button to open the administration dashboard to set up your store.

Here you will get a warning about deleting the install directory before trying to manage the shop to improve the security. Log back into your site via SSH and run the following command.

$ sudo rm -rf /var/www/html/petrashop/install

Go back to the installer’s final page and open the URL again. If you notice, the administration page URL is randomized. This is done to improve the security. Each installation of Prestashop gets a different admin URL. For our tutorial, the link generated is https://prestashop.example.com/admin705saygwpwquwnhixx1. You will get the following login page.

Enter your account credentials and click the LOG IN button to access the dashboard.

Prestashop’s store page for a default install should look like the following.

You can start using Prestashop from here on.

Step 12 – Update Prestashop

There are several ways to update Prestashop. The easiest one is to use the in-built upgrade assistant module. Your Prestashop installation ships with the module.

The first step is to put your store into maintenance mode. Click the Configure >> Shop Parameters >> General option from the left menu in the admin page. Switch to the maintenance tab on the page.

Disable the store and add your IP address as the maintenance IP by clicking the Add my IP button. This will ensure you can access the store even when it’s going under maintenance. Click the Save button when finished.

Next, Open the Module Manager page on your administration panel by selecting the Improve >> Modules >> Module Manager option from the left side.

Once there, install the 1-Click Upgrade module by clicking the Install button. Once installed, click the Configure button to open a new page where you configure the settings before performing the upgrade.

The first part of the page lists some pre-upgrade checks. All checks should be satisfied before the upgrade can be performed.

The first configuration allows you to select what kind of upgrade you want to run. Since we are using the basic edition 8.1.1, the 8.1.2 open-source edition is available for upgrade. It is recommended to stick with the minor/major branches.

Scroll down the page to the Backup options where you can select Prestashop to backup the files, database, and images. These features are experimental but you should still include them.

Next, choose the upgrade options on the stuff you want to keep and the stuff you want to upgrade.

Click the Save button across each section to save the options. Once you are satisfied, click the Upgrade Prestashop Now! button on the same page to upgrade your shop. If the upgrade is unsuccessful for some reason, you will be given a chance to roll back.

Conclusion

This concludes our tutorial where you learned how to install Prestashop on a Rocky Linux 9 server. If you have any questions, post them in the comments below.


RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here


Most Popular