6. WordPress with SQLite3

By default, WordPress expects to find a MySQL server installed.

Getting SQLite-integration

Get SQLite-integration plugin from https://wordpress.org/plugins/sqlite-integration/ and put it in your plugins folder

You can download the file and use WinSCP or similar to move it over to your Raspberry Pi. The easiest way to get it is to copy the link and use wget to fetch the link you just copied, for example:

cd /var/www/html/wp-content/plugins
sudo wget https://downloads.wordpress.org/plugin/sqlite-integration.1.8.1.zip

Then just unzip the file and remove the archive

sudo unzip sqlite-integration.1.8.1.zip
sudo rm sqlite-integration.1.8.1.zip

Rest of the installation is explained in the plugin's installation page

Location of the database file

Since SQLite is file based database, anyone who gets hold on the database file is able to read its contents. While you can protect folders in your server using .htpasswd -file and corresponding nginx configurations, its better to put your database somewhere outside the www-root (/var/www/html/).

You are accessing your database with PHP that can access outside of it anyway.

In your wp-config.php add the following lines:

define('DB_FILE', 'wordpress.db');
define('DB_DIR', '/var/www/database/');

• NOTE: php-fpm worker processes run as www-root and need to have read and write access to the database folder. This is easily fixed by changing the owner of the folder with sudo chown www-data:www-data /var/www/database

Some other security measures

In the wp-config.php change

Against sql injection

$table_prefix  = 'vG1aE_UA_';         /* default is 'wp_' */

This has to be done before the first run of the WordPress. To generate a random string of 8 characters, you can use this snippet on the command line:

< /dev/urandom tr -dc _A-Za-z0-9 | head -c${1:-8};echo;

More cool ways to create random strings