PrestaShop is an open-source e-commerce web application written using Symfony PHP framework. It allows you to design, build, and host an online store to sell products, receive payments, and manage all related aspects. It is being used by 300,000+ sites making it one of the most popular e-commerce platforms. It supports modules that allow you to extend its functionality even further. You can customize it using various high-quality themes. It offers customizable templates, secure payment gateways, inventory management, and SEO-friendly tools to optimize search engine rankings.
In this tutorial, you will learn how to install Prestashop on a Rocky Linux 9 server.
Prerequisites
A server running Rocky Linux 9 with a minimum of 1 GB of RAM.
A non-root user with sudo privileges.
A Fully Qualified Domain Name (FQDN) like
prestashop.example.com
pointing to your server.An SMTP account with an email service like Amazon SES or Mailgun.
Everything is updated.
$ sudo dnf update
A few essential packages are required for the tutorial and Prestashop to run. Some of these will already be on your server.
$ sudo dnf install wget curl nano unzip yum-utils policycoreutils-python-utils -y
Step 1 – Configure Firewall
The first step is to configure the firewall. Rocky Linux uses Firewalld Firewall. Check the firewall’s status.
$ sudo firewall-cmd --state running
The firewall works with different zones, and the public zone is the default one that we will use. List all the services and ports active on the firewall.
$ sudo firewall-cmd --permanent --list-services
It should show the following output.
cockpit dhcpv6-client ssh
Allow HTTP and HTTPS ports.
$ sudo firewall-cmd --permanent --add-service=http $ sudo firewall-cmd --permanent --add-service=https
Recheck the status of the firewall.
$ sudo firewall-cmd --permanent --list-services
You should see a similar output.
cockpit dhcpv6-client http https ssh
Reload the firewall to enable the changes.
$ sudo firewall-cmd --reload
Step 2 – Install Nginx
Rocky Linux 9 ships with an older version of Nginx. To install the latest version, you need to download the official Nginx repository.
Create and open the file /etc/yum.repos.d/nginx.repo
for editing.
$ sudo nano /etc/yum.repos.d/nginx.repo
Paste the following code in it.
[nginx-stable] name=nginx stable repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=1 enabled=1 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true [nginx-mainline] name=nginx mainline repo baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/ gpgcheck=1 enabled=0 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true
Once you are finished, save the file by pressing Ctrl + X and entering Y when prompted.
Install Nginx.
$ sudo dnf install nginx -y
Verify the installation.
$ nginx -v nginx version: nginx/1.24.0
Enable and start the Nginx server service.
$ sudo systemctl enable nginx --now
Check the service status.
$ sudo systemctl status nginx ? nginx.service - nginx - high performance web server Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; preset: disabled) Active: active (running) since Sat 2023-11-25 10:58:03 UTC; 5s ago Docs: http://nginx.org/en/docs/ Process: 4220 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=0/SUCCESS) Main PID: 4222 (nginx) Tasks: 2 (limit: 10841) Memory: 1.9M CPU: 9ms CGroup: /system.slice/nginx.service ??4222 "nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf" ??4223 "nginx: worker process"
Open your server’s IP address in your web browser. You should see the following page which means your server is up and running.
Step 3 – Install PHP and extensions
Rocky Linux 9 ships with PHP 8.1 by default. To always stay on the latest version of PHP or if you want to install multiple versions of PHP, we need to use the REMI repository.
The first step is to grab the Epel repository.
$ sudo dnf install epel-release -y
Next, install the Remi repository.
$ sudo dnf install https://rpms.remirepo.net/enterprise/remi-release-9.rpm
Check for available PHP streams.
$ dnf module list php -y Name Stream Profiles Summary php 8.1 common [d], devel, minimal PHP scripting language Remi's Modular repository for Enterprise Linux 9 - x86_64 Name Stream Profiles Summary php remi-7.4 common [d], devel, minimal PHP scripting language php remi-8.0 common [d], devel, minimal PHP scripting language php remi-8.1 common [d], devel, minimal PHP scripting language php remi-8.2 common [d], devel, minimal PHP scripting language php remi-8.3 common [d], devel, minimal PHP scripting language Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
The default version is 8.1. At the time of writing this tutorial, Prestashop is compatible with PHP 8.1. Therefore, enable Remi’s PHP 8.1 repository.
$ sudo dnf module reset php -y $ sudo dnf module enable php:remi-8.1
Install PHP and its extensions required by Prestashop.
$ sudo dnf install php php-bcmath php-cli php-curl php-common \ php-fpm php-gd php-gmp php-intl php-mbstring \ php-mysql php-opcache php-xml php-zip -y
Check the version of PHP installed.
$ php --version PHP 8.1.26 (cli) (built: Nov 21 2023 21:53:48) (NTS gcc x86_64) Copyright (c) The PHP Group Zend Engine v4.1.26, Copyright (c) Zend Technologies with Zend OPcache v8.1.26, Copyright (c), by Zend Technologies
Enable and start the PHP-FPM service.
$ sudo systemctl enable php-fpm --now
Check the status of the service.
$ sudo systemctl status php-fpm ? php-fpm.service - The PHP FastCGI Process Manager Loaded: loaded (/usr/lib/systemd/system/php-fpm.service; enabled; preset: disabled) Active: active (running) since Sat 2023-11-25 12:54:31 UTC; 2s ago Main PID: 6160 (php-fpm) Status: "Ready to handle connections" Tasks: 6 (limit: 10841) Memory: 15.2M CPU: 56ms CGroup: /system.slice/php-fpm.service ??6160 "php-fpm: master process (/etc/php-fpm.conf)" ??6161 "php-fpm: pool www" ??6162 "php-fpm: pool www" ??6163 "php-fpm: pool www" ??6164 "php-fpm: pool www" ??6165 "php-fpm: pool www"
Step 4 – Install Percona MySQL Server
Prestashop requires a MySQL database server for data storage. But instead of installing MySQL, we will be installing the Percona MySQL server. It works as a drop-in replacement for MySQL and offers more features and security.
The first step is to install the Percona release repository for Rocky Linux.
$ sudo dnf install -y https://repo.percona.com/yum/percona-release-latest.noarch.rpm
If you get the following error, you can safely ignore it and proceed further as it doesn’t affect the installation. The GPG key will still get imported later on.
error: can't create transaction lock on /var/lib/rpm/.rpm.lock (Resource temporarily unavailable) error: /etc/pki/rpm-gpg/RPM-GPG-KEY-Percona: key 1 import failed.
Once the repository is installed, set up the Percona Server repository for MySQL 8.0 by issuing the following command.
$ percona-release setup ps80
The above command asks if you want to disable the default MySQL module. Enter y
to proceed. It will disable the MySQL installer module and enable the Percona MySQL module.
Install Percona Server for MySQL 8.0.
$ sudo dnf -y install percona-server-server
This will install the Percona Server and Client for MySQL which are the basic packages you need for now.
Verify the installation.
$ mysql --version mysql Ver 8.0.34-26 for Linux on x86_64 (Percona Server (GPL), Release 26, Revision 0fe62c85)
Start the MySQL service.
$ sudo systemctl start mysqld
Check the status of the MySQL service.
$ sudo systemctl status mysqld ? mysqld.service - MySQL Server Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; preset: disabled) Active: active (running) since Sun 2023-11-26 06:25:37 UTC; 7s ago Docs: man:mysqld(8) http://dev.mysql.com/doc/refman/en/using-systemd.html Process: 6522 ExecStartPre=/usr/bin/mysqld_pre_systemd (code=exited, status=0/SUCCESS) Main PID: 6598 (mysqld) Status: "Server is operational" Tasks: 39 (limit: 10841) Memory: 486.8M CPU: 8.131s CGroup: /system.slice/mysqld.service ??6598 /usr/sbin/mysqld Nov 26 06:25:28 prestashop.example.com systemd[1]: Starting MySQL Server... Nov 26 06:25:37 prestashop.example.com systemd[1]: Started MySQL Server.
Percona generates a temporary root password during installation. Grab that password using the following command.
$ sudo grep "temporary password" /var/log/mysqld.log 2023-11-26T06:25:33.316696Z 6 [Note] [MY-010454] [Server] A temporary password is generated for root@localhost: (sDeLSgjs7pI
Log in to the MySQL shell.
$ sudo mysql -u root -p
Run the MySQL security setup wizard.
$ sudo mysql_secure_installation
Enter the root password when prompted.
Securing the MySQL server deployment. Enter password for user root:
The password being temporary is already expired and you will be prompted to set a new root password. Choose a strong password for the root account. Your password should satisfy the current password policy requirements which means it should have a lowercase character, an uppercase character, a number, and a special character.
The existing password for the user account root has expired. Please set a new password. New password: Re-enter new password:
Next, the password strength will be shown and you will be asked if you want to change it. Type N
to proceed.
The 'validate_password' component is installed on the server. The subsequent steps will run with the existing configuration of the component. Using existing password for root. Estimated strength of the password: 100 Change the password for root ? ((Press y|Y for Yes, any other key for No) : N ... skipping.
Type Y
to remove anonymous users.
By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y Success.
Type Y
to disallow root login remotely.
Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y Success.
Type Y
to remove the test database.
By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y - Dropping test database... Success. - Removing privileges on test database... Success.
And finally, type N
to reload the privilege tables.
Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y Success. All done!
That’s it. Next time you want to log in to the MySQL shell, use the following command and enter the root
password when prompted.
$ sudo mysql -u root -p
You will get the following MySQL shell prompt.
Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 16 Server version: 8.0.34-26 Percona Server (GPL), Release 26, Revision 0fe62c85 Copyright (c) 2009-2023 Percona LLC and/or its affiliates Copyright (c) 2000, 2023, Oracle and/or its affiliates. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql>
Type exit
to exit the shell.
Step 5 – Configure Percona MySQL Server
Log in to the MySQL shell.
$ sudo mysql -u root -p
Create a new MySQL database, database user, and password for your Prestashop installation.
mysql> CREATE DATABASE prestashop COLLATE utf8mb4_general_ci; mysql> CREATE USER 'prestauser'@'localhost' IDENTIFIED BY 'Your_password2'; mysql> GRANT ALL PRIVILEGES ON prestashop.* TO 'prestauser'@'localhost';
Replace prestashop
, prestauser
and yourpassword
with the credentials of your choice. Choose a strong password and make sure it follows the password policy as described above.
Flush the privileges to ensure that they are saved in the current session.
mysql> FLUSH PRIVILEGES;
Exit the MySQL shell.
mysql> exit
Step 6 – Downloading Prestashop
Create a directory for Prestashop.
$ sudo mkdir /var/www/html/prestashop -p
There are two versions of Prestashop available – the branded Basic version and the unbranded version. The branded version is available from Prestashop’s website while the unbranded version is available from the GitHub repository. The difference between the two versions is that the branded version contains extra modules including a payment processor, Facebook and Google modules for promotion and SEO, and various other modules to connect with Prestashop and analytics purposes.
The basic version is released after the non-branded version. Therefore, at the time of writing this tutorial, the latest version of the basic edition available is 8.1.1 and the non-branded version is 8.1.2. For our tutorial, we will use the basic branded edition. You can use the non-branded version if you want. The installation process for both versions is exactly the same.
Download the latest version using the following command.
$ cd /tmp $ wget https://assets.prestashop3.com/dst/edition/corporate/8.1.1/prestashop_edition_basic_version_8.1.1.zip
You can get the link by visiting the Prestashop download page, entering your email, and downloading the file. The un-branded version can be grabbed from the Prestashop GitHub releases page.
Unzip the downloaded archive.
$ unzip prestashop_*.zip
This archive has another zip file named prestashop.zip
which contains all the files. Extract the files to the Prestashop directory.
$ sudo unzip prestashop.zip -d /var/www/html/prestashop
Change the owner of the Prestashop directory to the nginx
user.
$ sudo chown -R nginx: /var/www/html/prestashop
Step 7 – Install SSL
We need to install Certbot to generate the SSL certificate. We will use the Snapd package installer for that. Since Rocky Linux doesn’t ship with it, install the Snapd installer. It requires the EPEL (Extra Packages for Enterprise Linux) repository to work. But since we already installed it in step 3, we can directly move ahead.
Install Snapd.
$ sudo dnf install -y snapd
Enable and Start the Snap service.
$ sudo systemctl enable snapd --now
Install the Snap core package, and ensure that your version of Snapd is up to date.
$ sudo snap install core && sudo snap refresh core
Create necessary links for Snapd to work.
$ sudo ln -s /var/lib/snapd/snap /snap $ echo 'export PATH=$PATH:/var/lib/snapd/snap/bin' | sudo tee -a /etc/profile.d/snapd.sh
Install Certbot.
$ sudo snap install --classic certbot
Use the following command to ensure that the Certbot command can be run by creating a symbolic link to the /usr/bin
directory.
$ sudo ln -s /snap/bin/certbot /usr/bin/certbot
Verify if Certbot is functioning correctly.
$ certbot --version certbot 2.7.4
Run the following command to generate an SSL Certificate.
$ sudo certbot certonly --nginx --agree-tos --no-eff-email --staple-ocsp --preferred-challenges http -m [email protected] -d prestashop.example.com
The above command will download a certificate to the /etc/letsencrypt/live/prestashop.example.com
directory on your server.
Generate a Diffie-Hellman group certificate.
$ sudo openssl dhparam -dsaparam -out /etc/ssl/certs/dhparam.pem 4096
Check the Certbot renewal scheduler service.
$ sudo systemctl list-timers
You will find snap.certbot.renew.service
as one of the services scheduled to run.
NEXT LEFT LAST PASSED UNIT ACTIVATES --------------------------------------------------------------------------------------------------------------------------- Sun 2023-11-26 17:12:40 UTC 1h 34min left Sun 2023-11-26 15:25:36 UTC 12min ago dnf-makecache.timer dnf-makecache.service Sun 2023-11-26 17:48:00 UTC 2h 10min left - - snap.certbot.renew.timer snap.certbot.renew.service Mon 2023-11-27 00:00:00 UTC 8h left Sun 2023-11-26 00:00:00 UTC 15h ago logrotate.timer logrotate.service
Do a dry run of the process to check whether the SSL renewal is working fine.
$ sudo certbot renew --dry-run
If you see no errors, you are all set. Your certificate will renew automatically.
Step 8 – Configure SELinux
Change the file security context for Prestashop.
$ sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/prestashop(/.*)?"
Apply the policy.
$ sudo restorecon -Rv /var/www/html/prestashop/
Apply the policy to allow Nginx to give access to MariaDB.
$ sudo setsebool -P httpd_can_network_connect_db 1
Apply the policy to allow connections to be made to outside hosts. This is needed for sending emails.
$ sudo setsebool -P httpd_can_network_connect 1
With MariaDB 10.11, you will face another issue which is that SELinux prevents PHP-FPM from connecting to MariaDB. That can be solved by installing an SELinux module. The first step is to create a type enforcement
file.
Create the file my-phpfpm.te
in your home directory and open it for editing.
$ cd ~ $ nano my-phpfpm.te
Paste the following code in it.
module my-phpfpm 1.0; require { type unconfined_service_t; type httpd_t; type httpd_sys_content_t; class dir write; class unix_stream_socket connectto; } #============= httpd_t ============== #!!!! This avc is allowed in the current policy allow httpd_t httpd_sys_content_t:dir write; #!!!! This avc is allowed in the current policy allow httpd_t unconfined_service_t:unix_stream_socket connectto;
Save the file by pressing Ctrl + X and entering Y when prompted.
The next step is to convert it into a policy module using the following command. Don’t modify the filename in the command otherwise, it won’t work. The module is named my-phpfpm
and the file name should be the same as the module name.
$ sudo checkmodule -M -m -o my-phpfpm.mod my-phpfpm.te
Next, we need to compile the policy module to create a policy package.
$ sudo semodule_package -o my-phpfpm.pp -m my-phpfpm.mod
The final step is to load the policy package using the semodule
command which installs the policy to be used.
$ sudo semodule -i my-phpfpm.pp
Step 9 – Configure PHP-FPM
Open php.ini
for editing.
$ sudo nano /etc/php.ini
To set file upload sizes, change the values of the upload_max_filesize
and post_max_size
variables. This value decides the size of the file you can upload to Prestashop. By default, it is set at 10MB which is what we will configure with PHP.
$ sudo sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 16M/' /etc/php.ini $ sudo sed -i 's/post_max_size = 8M/post_max_size = 16M/' /etc/php.ini
Configure PHP’s memory limit depending on your server resources and requirements.
$ sudo sed -i 's/memory_limit = 128M/memory_limit = 256M/' /etc/php.ini
Open the file /etc/php-fpm.d/www.conf
.
$ sudo nano /etc/php-fpm.d/www.conf
We need to set the Unix user/group of PHP processes to nginx. Find the user=apache
and group=apache
lines in the file and change them to nginx
.
... ; Unix user/group of processes ; Note: The user is mandatory. If the group is not set, the default user's group ; will be used. ; RPM: apache user chosen to provide access to the same directories as httpd user = nginx ; RPM: Keep a group allowed to write in log dir. group = nginx ...
Find the listen.owner = nobody
, listen.group = nobody
, listen.mode = 0660
lines in the file and change them as follows after uncommenting them.
; Set permissions for unix socket, if one is used. In Linux, read/write ; permissions must be set in order to allow connections from a web server. Many ; BSD-derived systems allow connections regardless of permissions. The owner ; and group can be specified either by name or by their numeric IDs. ; Default Values: user and group are set as the running user ; mode is set to 0660 listen.owner = nginx listen.group = nginx listen.mode = 0660
Save the file by pressing Ctrl + X and entering Y when prompted.
Restart the PHP-fpm process. Make sure you have Nginx installed before restarting the PHP service otherwise, it will fail since it won’t be able to find the nginx
group.
$ sudo systemctl restart php-fpm
Change the group of the PHP sessions directory to Nginx.
$ sudo chgrp -R nginx /var/lib/php/session
Step 10 – Configure Nginx
Open the file /etc/nginx/nginx.conf
for editing.
$ sudo nano /etc/nginx/nginx.conf
Add the following line before the line include /etc/nginx/conf.d/*.conf;
.
server_names_hash_bucket_size 64;
Save the file by pressing Ctrl + X and entering Y when prompted.
Create and open the file /etc/nginx/conf.d/prestashop.conf
for editing.
$ sudo nano /etc/nginx/conf.d/prestashop.conf
Paste the following code in it. Replace prestashop.example.com
with your domain name. Make sure the value of the client_max_body_size
is set to 10MB which is what the default upload size of files in Prestashop is. It is the same value we configured with PHP earlier.
server { listen 443 ssl http2; listen [::]:443 ssl http2; # [EDIT] Your domain name(s) go here. server_name prestashop.example.com; # [EDIT] Path to your domain Nginx logs. access_log /var/log/nginx/prestashop.access.log; error_log /var/log/nginx/prestashop.error.log; # [EDIT] Path to your SSL certificates (take a look at Certbot https://certbot.eff.org). ssl_certificate /etc/letsencrypt/live/prestashop.example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/prestashop.example.com/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/prestashop.example.com/chain.pem; ssl_session_timeout 5m; ssl_session_cache shared:MozSSL:10m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers on; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1; ssl_stapling on; ssl_stapling_verify on; ssl_dhparam /etc/ssl/certs/dhparam.pem; # [EDIT] Path to your PrestaShop directory. root /var/www/html/prestashop; index index.php; # This should match the `post_max_size` and/or `upload_max_filesize` settings # in your php.ini. client_max_body_size 16M; # Redirect 404 errors to PrestaShop. error_page 404 /index.php?controller=404; # HSTS (Force clients to interact with your website using HTTPS only). # For enhanced security, register your site here: https://hstspreload.org/. # WARNING: Don't use this if your site is not fully on HTTPS! # add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" preload; always; # [EDIT] If you are using multiple languages. # rewrite ^/fr$ /fr/ redirect; # rewrite ^/fr/(.*) /$1; # Images. rewrite ^/(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$1$2.jpg last; rewrite ^/(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$1$2$3.jpg last; rewrite ^/(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$1$2$3$4.jpg last; rewrite ^/(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5.jpg last; rewrite ^/(\d)(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6.jpg last; rewrite ^/(\d)(\d)(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7.jpg last; rewrite ^/(\d)(\d)(\d)(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8.jpg last; rewrite ^/(\d)(\d)(\d)(\d)(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9.jpg last; rewrite ^/c/([\w.-]+)/.+\.jpg$ /img/c/$1.jpg last; # AlphaImageLoader for IE and FancyBox. rewrite ^images_ie/?([^/]+)\.(gif|jpe?g|png)$ js/jquery/plugins/fancybox/images/$1.$2 last; # Web service API. rewrite ^/api/?(.*)$ /webservice/dispatcher.php?url=$1 last; # Installation sandbox. rewrite ^(/install(?:-dev)?/sandbox)/.* /$1/test.php last; location / { try_files $uri $uri/ /index.php$is_args$args; } # [EDIT] Replace 'admin-dev' in this block with the name of your admin directory. location /admin-dev/ { if (!-e $request_filename) { rewrite ^ /admin-dev/index.php last; } } # .htaccess, .DS_Store, .htpasswd, etc. location ~ /\. { deny all; } # Source code directories. location ~ ^/(app|bin|cache|classes|config|controllers|docs|localization|override|src|tests|tools|translations|var|vendor)/ { deny all; } # vendor in modules directory. location ~ ^/modules/.*/vendor/ { deny all; } # Prevent exposing other sensitive files. location ~ \.(log|tpl|twig|sass|yml)$ { deny all; } # Prevent injection of PHP files. location /img { location ~ \.php$ { deny all; } } location /upload { location ~ \.php$ { deny all; } } # enable browser caching location ~* \.(?:css|eot|gif|ico|jpe?g|otf|png|ttf|woff2?)$ { expires 1M; add_header Cache-Control "public"; } location ~ [^/]\.php(/|$) { # Split $uri to $fastcgi_script_name and $fastcgi_path_info. fastcgi_split_path_info ^(.+?\.php)(/.*)$; # Ensure that the requested PHP script exists before passing it # to the PHP-FPM. try_files $fastcgi_script_name =404; # Environment variables for PHP. include fastcgi_params; fastcgi_param SCRIPT_FILENAME $request_filename; fastcgi_index index.php; fastcgi_keep_conn on; fastcgi_read_timeout 30s; fastcgi_send_timeout 30s; # Uncomment these in case of long loading or 502/504 errors. # fastcgi_buffer_size 256k; # fastcgi_buffers 256 16k; # fastcgi_busy_buffers_size 256k; # [EDIT] Connection to PHP-FPM unix domain socket. fastcgi_pass unix:/run/php-fpm/www.sock; } # enable gzip compression gzip on; gzip_disable "msie6"; gzip_vary on; gzip_proxied any; gzip_comp_level 6; gzip_min_length 1000; gzip_types application/atom+xml application/geo+json application/javascript application/json application/ld+json application/manifest+json application/rdf+xml application/rss+xml application/x-javascript application/xhtml+xml application/xml font/eot font/otf font/ttf image/svg+xml text/css text/javascript text/plain text/xml; } # enforce HTTPS server { listen 80; listen [::]:80; server_name prestashop.example.com; return 301 https://$host$request_uri; }
Save the file by pressing Ctrl + X and entering Y when prompted.
Verify your Nginx configuration.
$ sudo nginx -t
Restart the Nginx server.
$ sudo systemctl restart nginx
Step 11 – Install Prestashop
Visit the URL https://prestashop.example.com
in your browser and you will see the following installer screen.
Click Next to proceed to the next page.
You will be shown the Prestashop License. Check the I agree to the above terms and conditions button to agree to the license and click Next to proceed.
Next, you will be asked to share information about the shop. Give your shop a name, country, timezone, and store type, and enable the SSL option. Also, enter your account name, email address, and password for logging in to the store. Click Next once you are finished.
Next, you will be asked if you want to add some demo products to the shop. Select no if you don’t want them. Also, select the Install all modules option or you can choose which modules you want to install. Click Next when you are finished.
Next, enter the database credentials that we created in step 5. Leave the other options intact. Click the Test database option to verify the connection.
Click Next on successful connection to the database to proceed to the next page.
Here you will see the Prestashop installation’s progress. Once finished, it will automatically open the following page.
Click the Manage your store button to open the administration dashboard to set up your store.
Here you will get a warning about deleting the install
directory before trying to manage the shop to improve the security. Log back into your site via SSH and run the following command.
$ sudo rm -rf /var/www/html/petrashop/install
Go back to the installer’s final page and open the URL again. If you notice, the administration page URL is randomized. This is done to improve the security. Each installation of Prestashop gets a different admin URL. For our tutorial, the link generated is https://prestashop.example.com/admin705saygwpwquwnhixx1
. You will get the following login page.
Enter your account credentials and click the LOG IN button to access the dashboard.
Prestashop’s store page for a default install should look like the following.
You can start using Prestashop from here on.
Step 12 – Update Prestashop
There are several ways to update Prestashop. The easiest one is to use the in-built upgrade assistant module. Your Prestashop installation ships with the module.
The first step is to put your store into maintenance mode. Click the Configure >> Shop Parameters >> General option from the left menu in the admin page. Switch to the maintenance tab on the page.
Disable the store and add your IP address as the maintenance IP by clicking the Add my IP button. This will ensure you can access the store even when it’s going under maintenance. Click the Save button when finished.
Next, Open the Module Manager page on your administration panel by selecting the Improve >> Modules >> Module Manager option from the left side.
Once there, install the 1-Click Upgrade module by clicking the Install button. Once installed, click the Configure button to open a new page where you configure the settings before performing the upgrade.
The first part of the page lists some pre-upgrade checks. All checks should be satisfied before the upgrade can be performed.
The first configuration allows you to select what kind of upgrade you want to run. Since we are using the basic edition 8.1.1, the 8.1.2 open-source edition is available for upgrade. It is recommended to stick with the minor/major branches.
Scroll down the page to the Backup options where you can select Prestashop to backup the files, database, and images. These features are experimental but you should still include them.
Next, choose the upgrade options on the stuff you want to keep and the stuff you want to upgrade.
Click the Save button across each section to save the options. Once you are satisfied, click the Upgrade Prestashop Now! button on the same page to upgrade your shop. If the upgrade is unsuccessful for some reason, you will be given a chance to roll back.
Conclusion
This concludes our tutorial where you learned how to install Prestashop on a Rocky Linux 9 server. If you have any questions, post them in the comments below.