Setting up Wordpress on an Ubuntu server and using Lynis auditing tool

Details for this article were provided under Assignment 1 located at:

Assignment

This article is dealing with:

1. Installation of an Ubuntu Server

2. Introduction to services using SSH as an example

3. Uncomplicated Firewall(UFW) configuration

4. Accessing a remote server using Putty/Mobaxterm from host operating system

5. Installing and configuring Wordpress on a server

6. Lynis Overview

Installation of an Ubuntu server

• This section involves installing an Ubuntu server in a virtualized environment to mimic how real-world installation would occur. The software used for this was Ubuntu Server 20.04 and Oracle VM VirtualBox which are both open source and can be downloaded from the links below:

Get Ubuntu Server | Download | Ubuntu

Downloads - Oracle VM VirtualBox

• After completing the initial setup, connect the server to a bridged adapter in order to make it accessible from the host Operating System.

• Log in as a super user in order to minimize redundancy of having to authenticate every command requiring super user privileges but it is not necessary and can have negative impacts if unnecessary modifications are made without backups
• Updating and upgrading necessary packages is also very important on any new OS before making any changes.

Introduction to services using SSH

• This section involves the introduction on how to start, stop and check the status of a service specifically the SSH service
• Install openssh-server service using apt. If successful, you should get an input similar to the one below

• Upon successful installation, the next step is to check the status of the ssh service which can be done using either the syntax of service ssh status or systemctl status ssh depending upon preference
• It may be inactive hence requiring to be started then to confirm if it is up and running execute the command for checking the status once more

Uncomplicated firewall(UFW) configuration

• This process involves the installation of UFW and using it to allow access only for port 22 (SSH) and port 80 (HTTP)
• UFW is a simplified firewall that can be easily implemented on any Ubuntu system
• Begin by installing ufw using the apt command and checking the status. It should be active immediately after installation.

• The next step is critical as it involves stopping the UFW service before making any changes to the configuration in order to avoid locking yourself out of the system accidentally

• After this, you can set configurations to deny all incoming connections while accepting all outgoing as rules for the firewall hence external access to the system is impossible at this stage but the system accessing the external world is still possible
• Next, allow only ports 22 and 80 to bring in incoming connections as those are the only ports we’ll be using in this exercise.
• Start the ufw service again then enable it. Upon checking the status of ufw, it registers a success as it now only allows connections through port 22 and 80

Accessing a remote server using Putty/MobaXterm

• The next procedure now involves using the ssh service initiated on the server to provide acces from a remote system in this case, it will be our host operating system running the virtualization software
• Both softwares are open-source and easy to use. I chose to use MobaXterm and the rest will continue in the ssh session initiated from MobaXterm
• Don’t forget to log in as super user again to minimize redundacy after a successful login

Installing and configuring Wordpress on a server

• This part involves configuration of a Content Management System on a server in order to get experience on how the backend side of the server works
• The CMS used was Wordpress and the instructions for configuration were received from the site referenced below

Install and configure WordPress | Ubuntu

• The first step is to update the packages and install apache2 service using apt command

• Create a directory in the /srv folder ,as per the instructions, called www. This is going to be used as the location to download the zipped folder using the curl command. This would then be extracted by the user www into the same folder using the syntax sudo -u www

• The next step is to configure Apache service for wordpress using a series of commands received from the website referenced above

• After, launch mysql local database and use it to configure wordpress using a set of a username and a password which will be stored inside the database named wordpress. Follow the commands exactly as depicted in the screenshot below not forgetting the ; at the end of every mysql command

• Finally, wordpress is configured to connect to the database in the local mysql created in the previous step

• Additionally, a series of lines found in the wp-config.php file are replaced with random keys generated from a randomizer address provided in the instructions from the website to avoid ‘known secret’ attacks. The file is then outputted using the following command to confirm successful alterations

• Upon trying to load the site, I receive an error.
• Checking on the wp-config.php file located at /srv/www/wordpress , a problem is found.
• This can be corrected by making changes to the username field to the specific username configured in mysql and the password by removing the parentheses used. The final file displayed as seen below

• The address of the server is then accessed using a browser and a default configuration page was loaded if everything is up and running successfully
• Upon following the subsequent setup instructions, the server is able to be up and running with proper configurations

Lynis Overview

• This section involves studying on Lynis as a hardening method for the Ubuntu server in order to avoid known and common weak points in the system that can be easily compromised
• The first step is to install Lynis using the apt command

• Checking the help page also gives a good overview of possible commands that can be run using Lynis

• The audit command was then executed to do a basic system audit and return results including the hardening score and the warning and suggestions of how to harden your system

Conclusion

Overall, the write-up can be very productive in learning how to configure a server for a CMS in order to spot any weaknesses during the process that can be exploited.

Equally, possible vulnerabilities can also be exposed using the Lynis software and poor password configuration practices can also be found.