Bolt is a content management system that strives to be simple and as straightforward as possible. It’s quick and easy to setup and use elegant templates to provide a joyful experience for the users whether it’s end users like writers or editors, designers or developers.

Objective

In this tutorial we’ll learn how to install Bolt CMS on Ubuntu 14.04. We will also install and configure its prerequisites.

Prerequisites

We will install Bolt CMS in fresh installation of Ubuntu Server 14.04. We also need these applications to be able to run Bolt CMS:

• Apache 2
• MySQL 5
• PHP > 5.5.9 with php-gd and php-curl libraries.

Update the Base System

Before we install Bolt CMS, let’s update the system to the latest update.

$ sudo apt-get update
$ sudo apt-get -y upgrade

Install Apache 2

After applying latest update to our base system, let’s start installing Apache 2 and required libraries.

$ sudo apt-get -y install apache2 apache2-bin apache2-data apache2-mpm-prefork libaio1 libapache2-mod-php5 libapr1 libaprutil1 libdbd-mysql-perl libdbi-perl libhtml-template-perl libmysqlclient18 libterm-readkey-perl libwrap0 ssl-cert tcpd

We can check the Apache 2 service status using command below:

sudo service apache2 status
 * apache2 is running

We can also check which port Apache 2 is listening on using the command below.

 sudo netstat -naptu | grep apache
tcp6       0      0 :::80                   :::*                    LISTEN      14873/apache2

Install MySQL 5.6

We will install and use MySQL 5.6 as database for Bolt CMS.

We will use MySQL Server 5.6 since MySQL 5.6 is the most up to date version of MySQL shipped with Ubuntu 14.04 Trusty Tahr.

$ sudo apt-get -y install mysql-server-5.6

We need to setup MySQL root password. Please input password for MySQL root user.

HP_NO_IMG/data/uploads/users/c7027ac0-7e31-4da4-a9ef-3dfe937a36f3/1622588448.png” alt=”” />

Verify root password.

HP_NO_IMG/data/uploads/users/c7027ac0-7e31-4da4-a9ef-3dfe937a36f3/320459047.png” alt=”” />

Secure Your MySQL Installation

We will secure the MySQL installation by running mysql_secure_installation.

Enter a root password that we set on installation:

$ mysql_secure_installation 
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MySQL to secure it, we'll need the current
password for the root user.  If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none): 
OK, successfully used password, moving on...

Since we already have the root password set, answer this part with n:

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

You already have a root password set, so you can safely answer 'n'.

Change the root password? [Y/n] n
 ... skipping.

Remove the anonymous user to improve security. This will make sure people or applications have the correct username and password to login to MySQL. Answer with Y

By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
 ... Success!

We also want remove the root login from remote machine. Answer with Y:

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y
 ... Success!

Previously the test database was created automatically by MySQL installation, but MySQL 5.6 does not create a test database. We can still choose Y, it will throw error but that’s fine.

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
 - Dropping test database...
ERROR 1008 (HY000) at line 1: Can't drop database 'test'; database doesn't exist
 ... Failed!  Not critical, keep moving...
 - Removing privileges on test database...
 ... Success!

The last step is to reload the MySQL privilege table:

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y
 ... Success!


All done!  If you've completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!


Cleaning up...

Create a Database for Bolt CMS

Now we have a secure MySQL installation, it’s time to create a database and user for boltcms itself.

Login to MySQL using root credential.

$ mysql -u root -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 58
Server version: 5.6.30-0ubuntu0.14.04.1 (Ubuntu)

Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>

Create a new database named boltcms using command below:

mysql> CREATE DATABASE boltcms;
Query OK, 1 row affected (0.00 sec)

Create a User for BoltCMS

The database for BoltCMS is ready, let’s create username and password and grant privileges to boltcms database.

Don’t forget to change the password boltcms123secret below with better password.

mysql> GRANT ALL PRIVILEGES ON `boltcms`.* TO 'boltcms'@'localhost' IDENTIFIED BY 'boltcms123secret';
Query OK, 0 rows affected (0.00 sec)

We need to run the FLUSH PRIVILEGES command so that the privileges table will be reloaded by MySQL and we can use the new credentials.

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

Exit from MySQL console by typing \q

mysql> \q

Install PHP 5

The last component that we have to install before we can install boltcms is PHP 5. We will install PHP 5 and several common PHP libraries.

$ sudo apt-get -y install php5-cli php5-common php5-json php5-mysql php5-readline

Install additional php libraries:

$ sudo apt-get -y install php5-gd php5-curl

Restart the Apache 2 process so the changes will be applied:

$ sudo service apache2 restart

Install BoltCMS

All prerequisites are already installed. We’re ready to install boltcms. The latest stable version of boltcms is available Bolt CMS download page.

At the time of this writing, the latest stable version is version 3.2, let’s download boltcms compressed file using wget.

$ wget -c https://bolt.cm/distribution/bolt-latest.tar.gz

Extract the downloaded file.

$ tar xzf bolt-latest.tar.gz

Rename the extracted directory to boltcms

$ mv bolt-v3.2.7 boltcms

Move the boltcms folder to the Apache directory:

$ sudo mv boltcms /var/www

Change ownership of boltcms directory to www-data user and group.

$ sudo chown -R www-data:www-data /var/www/boltcms

The BoltCMS files are ready, now let’s create an Apache Virtual Host configuration to serve BoltCMS.

Configure Apache Virtual Host for http Only

Create new apache configuration file on /etc/apache2/sites-available/boltcms.conf with contents below.

<VirtualHost *:80>
    ServerName boltcms.exampleserver.xyz

    DocumentRoot /var/www/boltcms/public

    <Directory /var/www/boltcms/public>
        Options -Indexes +FollowSymLinks +MultiViews
        AllowOverride All
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/boltcms.exampleserver.xyz-error.log
    CustomLog ${APACHE_LOG_DIR}/boltcms.exampleserver.xyz-access.log combined

</VirtualHost>

Don’t forget to change boltcms.exampleserver.xyz above with the domain name that you use for your boltcms installation.

Enable the site using a2ensite command.

$ sudo a2ensite boltcms

Reload the apache2 process so it read the new virtualhost configuration:

$ sudo service apache2 reload

Configure BoltCMS

When we open our BoltCMS site it will still gives us error since we haven’t configure database for BoltCMS.

HP_NO_IMG/data/uploads/users/fc3a0474-bed6-4b91-ad3f-3be5155c99e3/2112378424.png” alt=”” />

Open /var/www/boltcms/app/config/config.yml

Find the block:

database:
    driver: sqlite
    databasename: bolt

Replace with:

database:
    driver: mysql
    databasename: boltcms
    username: boltcms
    password: boltcms123secret

Don’t forget to change the credential values above to match the ones you created on previous step.

When we refresh our BoltCMS site we will be prompted to create the first user which will be granted BoltCMS root privilge. Input the details of your first user here.

HP_NO_IMG/data/uploads/users/fc3a0474-bed6-4b91-ad3f-3be5155c99e3/1994280174.png” alt=”” />

After successfully creating the first user we will be redirected to BoltCMS admin dashboard.

HP_NO_IMG/data/uploads/users/fc3a0474-bed6-4b91-ad3f-3be5155c99e3/292129407.png” alt=”” />

Import Content Samples

There is a notification that no content is in the database yet, you can start creating content now or if you prefer you can import sample Lorem Ipsum dummy contents so you can see the sample site. Click Add…

HP_NO_IMG/data/uploads/users/fc3a0474-bed6-4b91-ad3f-3be5155c99e3/1545832279.png” alt=”” />

You will be prompted with a login page again and after that you can choose type of dummy contents that you want to import.

HP_NO_IMG/data/uploads/users/fc3a0474-bed6-4b91-ad3f-3be5155c99e3/1196912492.png” alt=”” />

After successfully importing dummy content when you open the site it’s already filled with sample content.

HP_NO_IMG/data/uploads/users/fc3a0474-bed6-4b91-ad3f-3be5155c99e3/63147899.png” alt=”” />

Email Settings

One last notice on the BoltCMS dashboard is email settings.

HP_NO_IMG/data/uploads/users/fc3a0474-bed6-4b91-ad3f-3be5155c99e3/1257321296.png” alt=”” />

You can use your current email server but if you don’t have one instead of installing one I recommend using transactional email service.

The main reason using 3rd party service is less service to manage and also higher deliverability. Some transactional email service that offer free tier are:

• Mailgun
• Sendgrid
• SparkPost
• Mailjet

You can use one of the services above or another mail service that you prefer. We assume that you already have proper email account to send email.

When you click config.yml link on the notification you will be redirected to boltCMS file editor. You can find mailoptions section and fill in the email credentials and servers to match the provider that you use.

HP_NO_IMG/data/uploads/users/fc3a0474-bed6-4b91-ad3f-3be5155c99e3/782632315.png” alt=”” />

Configure https only site for boltcms

A secure connection is now a requirement for web applicatiosn. The last step that we will do in this tutorial is changing the connection to only use https. We assume that you already have SSL certificate and private key.

Let’s create new apache virtual host configuration on /etc/apache2/sites-available/boltcms-ssl.conf with contents below. Don’t forget to change:

• ServerName
• SSLCertificateFile
• SSLCertificateChainFile
• SSLCertificateKeyFile

<VirtualHost *:80>
   ServerName boltcms.exampleserver.xyz
   Redirect permanent / https://boltcms.exampleserver.xyz/
</VirtualHost>

<VirtualHost *:443>

    ServerName boltcms.exampleserver.xyz

    DocumentRoot /var/www/boltcms/public

    <Directory /var/www/boltcms/public>
        Options -Indexes +FollowSymLinks +MultiViews
        AllowOverride All
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/boltcms.exampleserver.xyz-error.log
    CustomLog ${APACHE_LOG_DIR}/boltcms.exampleserver.xyz-access.log combined

    SSLEngine on
    SSLCertificateFile      /etc/apache2/ssl/boltcms.exampleserver.xyz.crt
    SSLCertificateChainFile /etc/apache2/ssl/boltcms.exampleserver.xyz.crt
    SSLCertificateKeyFile   /etc/apache2/ssl/boltcms.exampleserver.xyz.key

    # HSTS (mod_headers is required) (15768000 seconds = 6 months)
    Header always set Strict-Transport-Security "max-age=15768000"

</VirtualHost>

 # intermediate configuration, tweak to your needs
SSLProtocol             all -SSLv2 -SSLv3
SSLCipherSuite          ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder     on

We will also disable boltcms http only virtual host and enable the new virtual host config.

$ sudo a2dissite boltcms
$ sudo a2ensite boltcms-ssl

The new virtual host configuration need Apache mod_ssl, we need to enable these modules.

$ sudo a2enmod ssl

Now, restart the Apache 2 service so it will reload its configuration. We need to restart instead of reload since we enable new module.

$ sudo service apache2 restart

Summary

In this tutorial we learned how to install BoltCMS on Ubuntu 14.04.

We installed all the prerequisites, created a user and database on MySQL for Bolt CMS and also configured Apache 2 virtual hosts to be able to serve boltcms.

We also learned how to change the Apache configuration to use SSL only site so all connections to our site will use https instead of http.