Author: Kenn Carlo Gutierrez
Last Updated: Thu, Jan 27, 2022Flarum is a free and open-source forum application or discussion platform that is fast and easy to use. This guide explains how to install Flarum on a one-click LAMP application on Ubuntu 20.04 and secure it with a Let's Encrypt SSL using Certbot.
Deploy a one-click LAMP Application on Ubuntu 20.04 from Vultr Marketplace Apps
Create a non-root user with sudo access then login.
Edit php.ini with Nano.
$ sudo nano /etc/php/7.4/fpm/php.ini
Press CTRL + W and search for these settings, then edit the values to match these:
memory_limit = 256M
max_execution_time = 300
upload_max_filesize = 150M
allow_url_fopen = On
file_uploads = On
Save and exit the file.
Log in to the MariaDB shell.
$ sudo mysql
Create a database for Flarum. Replace flarum_db
with your preferred database name.
MariaDB [(none)]> CREATE DATABASE flarum_db;
Create a new user. Replace flarum_user
with your preferred username and flarum_pass
with your preferred strong password.
MariaDB [(none)]> CREATE USER 'flarum_user'@'localhost' IDENTIFIED BY 'flarum_pass';
Grant the new user all the privileges to flarum_db
.
MariaDB [(none)]> GRANT ALL PRIVILEGES ON flarum_db.* TO 'flarum_user'@'localhost';
Flush Privileges.
MariaDB [(none)]> FLUSH PRIVILEGES;
Exit MariaDB.
MariaDB [(none)]> exit
Composer is a tool for dependency management in PHP. Composer will be used to install Flarum dependencies since Flarum is written in PHP.
Install Composer.
$ sudo curl -s https://getcomposer.org/installer | php
Move composer.phar
to the /usr/local/bin/
directory.
$ sudo mv composer.phar /usr/local/bin/composer
Verify Composer Installation by checking its version.
$ composer -V
Create a new Flarum directory inside the Apache web root directory.
$ sudo mkdir /var/www/html/flarum
Change directory to /var/www/html/flarum
$ cd /var/www/html/flarum
Download the latest version of Flarum. Enter yes
when prompted to continue as root/superuser, or you will encounter an error otherwise.
$ sudo composer create-project flarum/flarum . --stability=beta
Install all Flarum PHP dependencies. Enter yes
when prompted to continue as root/superuser, or you will encounter an error otherwise.
$ sudo composer install
Change the ownership of the Flarum directory /var/www/html/flarum
to www-data
.
$ sudo chown -R www-data:www-data /var/www/html/flarum/
Give proper permission to the Flarum directory /var/www/html/flarum
.
$ sudo chmod -R 755 /var/www/html/flarum/
Create an Apache virtual host config file for Flarum.
$ sudo nano /etc/apache2/sites-available/flarum.conf
Paste this to your flarum.conf
file. Replace your-domain-name.com
with your domain name.
<VirtualHost *:80>
DocumentRoot /var/www/html/flarum/public
ServerName your-domain-name.com
DirectoryIndex index.php
<Directory /var/www/html/flarum/public/>
Options +FollowSymLinks
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/flarum-error.log
CustomLog ${APACHE_LOG_DIR}/flarum-access.log combined
</VirtualHost>
Save and exit the file.
Enable the Flarum virtual host.
$ sudo a2ensite flarum
Enable the Apache rewrite module, also known as mod_rewrite
.
$ sudo a2enmod rewrite
Restart the Apache Service.
$ sudo systemctl restart apache2
Enable the Ubuntu Firewall. Enter `y' when prompted to proceed with the operation.
$ sudo ufw enable
Check the firewall status. Ensure that the ports that you will use (SSH - Port 22, HTTP - Port 80) are allowed.
$ sudo ufw status
If you don't see the ports listed above, you need to allow them.
$ sudo ufw allow 22,80/tcp
Navigate to your server's IP address in your web browser.
Fill out all the details such as the Forum Title, the Database name, the Database username and password, and the admin credentials.
After filling out all the details, click Install Flarum to finish setting up Flarum.
You will be redirected to your Forum once the installation is finished.
You have finished installing Flarum.
Proceeding with this part of the guide assumes that you have your domain name.
Log in to your Domain provider's panel.
Go to DNS Management or something similar to manage your DNS records.
Add an A Record and point it to your Flarum cloud server (its IP Address). Note that DNS propagation may take up to 72 hours to take effect. You can use online DNS checkers to check your DNS propagation.
Install Certbot for Apache.
$ sudo apt-get install python3-certbot-apache -y
Install Let's Encrypt SSL for your Flarum website. Replace your-domain-name.com
with your domain name.
$ sudo certbot --apache -d your-domain-name.com
You will be asked to input your email address. You also need to read and Agree to their Terms of Service.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): youremail@example.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for your-domain-name.com
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/apache2/sites-available/flarum-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/flarum-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/flarum-le-ssl.conf
Choose whether you want to redirect HTTP traffic to HTTPS or not. It is recommended to redirect all HTTP traffic to HTTPS.
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Redirecting vhost in /etc/apache2/sites-enabled/flarum.conf to ssl vhost in /etc/apache2/sites-available/flarum-le-ssl.conf
You should get the same output after the installation is finished.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://your-domain-name.com
You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=your-domain-name.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/your-domain-name.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/your-domain-name.com/privkey.pem
Your cert will expire on 2022-03-26. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
- We were unable to subscribe you the EFF mailing list because your
e-mail address appears to be invalid. You can try again later by
visiting https://act.eff.org.
On your SSH terminal, edit config.php
from the Flarum directory.
$ sudo nano /var/www/html/flarum/config.php
Find 'url'
then change http://
to https://
. You need to replace your server's IP Address with your domain name as well. For example:
'url' => 'http://192.168.0.1',
should be:
'url' => 'https://your-domain-name.com',
Save and exit the file.
Allow HTTPS Port (Port 443) on the firewall.
$ sudo ufw allow 443
Test your SSL Configuration on SSL Labs.
You now have successfully installed and secured Flarum on your Vultr server.
For more information about Flarum, Certbot, and Let's Encrypt SSL, please see these resources: