Install Joomla on Ubuntu or Debian with Let’s Encrypt SSL

Joomla is known to be one of the most used content management systems available in the market. It can be used to build, manage, and publish website content for businesses, governments and other organizations of varying sizes. It has a huge community proving feature improvements and plugins that extends its functionalities. Complete list of Joomla third party extensions are found on the Joomla Extensions Directory – extensions.joomla.org.

When creating website pages, thousands of high quality templates are available for use, some being free and others are Paid templates with world class support. The templates gives you a graphical user interface (GUI) from where you can change colours, fonts, layouts and features without touching a line of code!. Joomla is also tuned with powerful SEO tools right out of the box using metadata and keywords, this makes content pages user and search engine friendly.

Here are some key core features of Joomla.

• Multilingual: Offering over 70 languages.
• Search Engine Optimisation: Out of the box SEO & SEF.
• Flexible: Make a blog, business website, intranet, community website… From the simplest to the most complex website.
• Free forever: Joomla! is free to use under GPL.
• Extendable: Over 8,000 extensions are available to extend your website and broaden its functionality.
• User Management (ACL): ACL stands for Access Control List, it allows you to manage the users of your site, and different groups.
• Menu management: Create as many menus and menu items as you need.
• Cache management: Speed up your website with caching.

In this article we shall perform the installation, configuration and demonstrate basic usage of Joomla to host a website on Ubuntu or Debian Linux system with Let’s Encrypt SSL.

1. Install dependencies

The core dependencies for running Joomla website are:

• Web server : Apache or Nginx
• PHP
• Databases: MySQL or MariaDB

In this article we’ll choose Apache as webserver, and MariaDB for database server. We recommend you perform these installations on a new Linux system. But update and upgrade it first.

sudo apt update && sudo apt upgrade -y
[ -e /var/run/reboot-required ] && sudo reboot

Install Apache Web server

Run the commands below to install Apache web server.

sudo apt update && sudo apt install apache2

Ensure the service is enabled to start at system boot.

sudo systemctl enable apache2

Install PHP and its extensions

Next we install PHP handler and required extensions.

sudo apt install php php-{cli,zip,curl,soap,bcmath,mysql,mbstring,xml,gd,intl,soap,json}

PHP version can be verified using the following command:

$ php --version
PHP 8.1.2-1ubuntu2.14 (cli) (built: Aug 18 2023 11:41:11) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.2, Copyright (c) Zend Technologies
    with Zend OPcache v8.1.2-1ubuntu2.14, Copyright (c), by Zend Technologies

Also install libapache2 module.

sudo apt install  libapache2-mod-php

Installed version can be checked with the following command.

$ apache2 -v
Server version: Apache/2.4.52 (Ubuntu)
Server built:   2023-10-26T13:44:44

Install MariaDB database server

I recommend you install the latest stable release available on project upstream website.

Add MariaDB repository.

curl -LsS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash -s --

Install MariaDB server and client packages.

sudo apt update
sudo apt install mariadb-server mariadb-client

Check to see if the package was installed from OS repos or MariaDB repo.

$ mariadb -V
mariadb from 11.2.2-MariaDB, client 15.2 for debian-linux-gnu (x86_64) using  EditLine wrapper

Start and enable the service.

sudo systemctl enable --now mariadb

If running status should show as running.

systemctl status mariadb

2. Create database for Joomla website

Login to MariaDB database shell.

sudo mysql

Once connected to the shell session, create database and user.

CREATE DATABASE joomla;
CREATE USER 'joomla'@'localhost' IDENTIFIED BY 'SecUr$SronGPaww0rd';

Grant all the privileges to the database we created to the user.

GRANT ALL ON joomla.* TO 'joomla'@'localhost';

Now apply the changes and exit MariaDB shell.

FLUSH PRIVILEGES;
QUIT;

Test connection to the database as user created.

$ mariadb -u joomla -p'SecUr$SronGPaww0rd'
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 33
Server version: 11.2.2-MariaDB-1:11.2.2+maria~ubu2204 mariadb.org binary distribution

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> exit
Bye

3. Download Joomla CMS

Visit the Joomla CMS Downloads page.

VER=5-0-2
wget https://downloads.joomla.org/cms/joomla5/$VER/Joomla_$VER-Stable-Full_Package.zip

Extract downloaded archive.

sudo apt install unzip
unzip Joomla_$VER-Stable-Full_Package.zip -d joomla

Move created folder to /var/www

sudo mv joomla /var/www/

Set directory permissions

chown -R www-data:www-data /var/www/joomla/
chmod -R 755 /var/www/joomla/

4. Create Apache Virtual Host for Joomla

The next point of action is to create an Apache virtual host configuration file for Joomla.

sudo vim /etc/apache2/sites-available/joomla.conf

Edit the contents below to suit your use.

<VirtualHost *:80>
ServerAdmin [email protected]
ServerName blog.example.com
DocumentRoot /var/www/joomla

<Directory /var/www/joomla/>
        Options FollowSymlinks
        AllowOverride All
        Require all granted
</Directory>

ErrorLog ${APACHE_LOG_DIR}/joomla_error.log
CustomLog ${APACHE_LOG_DIR}/joomla_access.log combined
</VirtualHost>

Where;

• blog.example.com is the domain FQDN with the IP address mapped to the server
• [email protected] is the email of domain admin user
• joomla_error.log and joomla_access.log are the log files for Joomla website

Validate Apache configuration syntax.

$ sudo apachectl -t
Syntax OK

Activate the Joomla website.

sudo a2ensite joomla.conf

Restart apache web server.

sudo systemctl restart apache2

Check Apache server status

$ systemctl status apache2
● apache2.service - The Apache HTTP Server
     Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2024-01-17 20:08:51 UTC; 7s ago
       Docs: https://httpd.apache.org/docs/2.4/
    Process: 15846 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
   Main PID: 15850 (apache2)
      Tasks: 6 (limit: 2244)
     Memory: 13.8M
        CPU: 90ms
     CGroup: /system.slice/apache2.service
             ├─15850 /usr/sbin/apache2 -k start
             ├─15851 /usr/sbin/apache2 -k start
             ├─15852 /usr/sbin/apache2 -k start
             ├─15853 /usr/sbin/apache2 -k start
             ├─15854 /usr/sbin/apache2 -k start
             └─15855 /usr/sbin/apache2 -k start

Jan 17 20:08:51 jammy systemd[1]: Starting The Apache HTTP Server...
Jan 17 20:08:51 jammy systemd[1]: Started The Apache HTTP Server.

5. Access Joomla Website URL

Open your favorite web browser and access the Joomla web installation portal at http://blog.example.com. This will redirect you to installation page.

Select the language and set site name

Create first admin user by filling in the required information.

Select the database type, set host, db user and password, and db name.

Installation of Joomla website should continue.

Once complete you will get two links. Site frontend and Admin page.

Access Joomla front page at http://blog.example.com

Administrator portal is available at http://blog.example.com/administrator/

6. Secure Joomla using Let’s Encrypt SSL

We can take advantage of the free Let’s Encrypt SSL certificates to secure our Joomla installation. Start by installing certbot and its apache plugin.

sudo apt install certbot python3-certbot-apache -y

After installing certbot and apache plugin, set variable below.

SITE_FQDN=blog.example.com
EMAIL=[email protected]

Generate Let’s Encrypt SSL for the website with the commands below.

sudo certbot --apache --redirect -d $SITE_FQDN --preferred-challenges http --agree-tos -n -m $EMAIL --keep-until-expiring

Sample output.

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Account registered.
Requesting a certificate for blog.example.com

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/blog.example.com/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/blog.example.com/privkey.pem
This certificate expires on 2024-04-16.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

Deploying certificate
Successfully deployed certificate for blog.example.com to /etc/apache2/sites-available/joomla-le-ssl.conf
Congratulations! You have successfully enabled HTTPS on https://blog.example.com

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
 * Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
 * Donating to EFF:                    https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

The certbot tool will modify website configuration and create a new one for SSL. Contents of the files can be checked as shown below.

cat /etc/apache2/sites-available/joomla.conf
cat /etc/apache2/sites-available/joomla-le-ssl.conf

Reload the website and confirm Secure connection. The default URL with redirection will be https://blog.example.com.

Here are some important links relating to Joomla project.

• Extended documentation: Official complete wiki for Joomla
• Integrated help system: In-app contextual help system for Joomla
• Helpful forum: worldwide community of world class developers and business consultants who actively help at no cost.
• Professional service providers: Who can help build & maintain your Joomla! project.