Install XenForo 1.4 using Nginx and HHVM on Fedora 21.

Ulyaoth repository no longer supports HHVM

In this guide, I will show how you can install Xenforo (https://xenforo.com/) on Fedora using Nginx and HHVM (old HipHop php).

For this guide I used the following:
forum01 (1x cpu, 512mb ram)
Fedora 21
Xenforo 1.4.x (Requires a License)
SSL Certificate

This guide should also work on RHEL and CentOS but you might need to change some directory locations or use slightly different commands.

Step 1: Add the Ulyaoth repository
$ yum install https://downloads.ulyaoth.net/rpm/ulyaoth-latest.fedora.x86_64.rpm

For another Fedora or RHEL see my repository post for the correct rpm:

Step 2: install the required packages
$ sudo yum install -y ulyaoth-nginx ulyaoth-hhvm mariadb mariadb-server policycoreutils-python

As I wrote in the top of this post that Ulyaoth repository does no longer support HHVM (ulyaoth-hhvm), you will have to compile or download this somewhere else: https://hhvm.com/

Step 3: Create the following directories

$ sudo mkdir -p /etc/nginx/access-lists
$ sudo mkdir -p /etc/nginx/ssl
$ sudo mkdir -p /srv/nginx/xenforo/public
$ sudo mkdir -p /var/log/nginx/xenforo

Step 4: Download Xenforo (this is a paid application)
Go to “https://xenforo.com” and login to your customer portal.
Now click on “Download Xenforo” and do not select “Download the upgrade package only” make sure you download the full version.

Again this step assumes you already did buy a license for Xenforo.

Step 5: Unzip your Xenforo zip file.
$ unzip xenforo_*_full.zip
You should now have a folder “upload”.

Step 6: Move all Xenforo file to the right directory
$ sudo mv upload/* /srv/nginx/xenforo/public/

Step 7: Download the vhost and access-list file for nginx
$ sudo wget -q https://raw.githubusercontent.com/sbagmeijer/ulyaoth/master/guides/xenforo/nginx/xenforo.conf -O /etc/nginx/sites-available/xenforo.conf

Step 8: Install your certificates
Get the certificates from where you bought them or once you generated yourself and place them in:

To create your dhparams file please use the following command:
sudo $ openssl dhparam -out /etc/nginx/ssl/dhparam.pem 4096
Remember if your certificate files are not called “ulyaoth-xenforo.crt”, “ulyaoth-xenforo.key” and “ulyaoth-xenforo.ca” then you have to rename them in your xenforo.conf vhost file so it will use the right certificates.

Step 9: Change the vhost file to fit your setup.
open xenforo.conf:
$ sudo vi /etc/nginx/sites-available/xenforo.conf
Now change all the domain names from “ulyaoth.net” to your domain name, please make sure to double check your whole file.

Then double check all the certficiate names and name them how your certificates are names (check the whole file):

ssl_certificate /etc/nginx/ssl/ulyaoth-xenforo.pem;
ssl_certificate_key /etc/ssl/certs/ulyaoth-xenforo.key;
ssl_trusted_certificate /etc/ssl/certs/ulyaoth-xenforo.ca;

Now as final you have to create a “sha256 pin” with the following command: (update so it uses your key)
$sudo openssl rsa -in /etc/nginx/ssl/ulyaoth-xenforo.key -outform der -pubout | openssl dgst -sha256 -binary | openssl enc -base64
It should give an output like this:

writing RSA key

Then in the vhost update this bit with your key:
add_header Public-Key-Pins "pin-sha256=\"zcoKJuisd789hasddasasd32k4VUxsof3d3w22332b7k=\"; max-age=172800;";
That is it now continue with the guide!

Step 10: symbolic link your vhost
$ sudo ln -s /etc/nginx/sites-available/xenforo.conf /etc/nginx/sites-enabled/xenforo.conf

Step 11: Copy the example config for a small MariaDB database to real config location.
$ sudo cp /usr/share/mariadb/my-small.cnf /etc/my.cnf
Of-course if you expect a large database you have to or make your own MariaDB config or in the location “/usr/share/mariadb/” you have more examples:

Step 12: Start the MariaDB database
$ sudo systemctl start mariadb.service

Step 13: run the MariaDB secure installation script
$ sudo /usr/bin/mysql_secure_installation
I would recommend to do the steps I did below:

Enter current password for root (enter for none): (ENTER)
Set root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] y
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y

Step 14: Login to the MariaDB database
$ sudo mysql -uroot -p
(you have to use the password from Step 13 that you created)

Step 15: In the MariaDB client create the following user and database

GRANT ALL PRIVILEGES ON xenforo.* TO "xenforo"@"localhost" IDENTIFIED BY "ulyaoth007";
GRANT ALL PRIVILEGES ON xenforo.* TO "xenforo"@"" IDENTIFIED BY "ulyaoth007";

(Make sure to change to example password “ulyaoth007” to something random, I only used it for this tutorial)

Step 16: exit the MariaDB client

Step 17: Put everything on autostart

$ sudo systemctl enable mariadb.service
$ sudo systemctl enable hhvm.service
$ sudo systemctl enable nginx.service

Step 18: Chown the web directory to hhvm:nginx
$ sudo chown -R hhvm:nginx /srv/nginx/xenforo/

Step 19: Fix directory permissions

$ sudo chmod 777 /srv/nginx/xenforo/public/data
$ sudo chmod 777 /srv/nginx/xenforo/public/internal_data

Step 20: fix Selinux

$ sudo setsebool -P httpd_can_network_connect on
$ sudo chcon -R -t httpd_sys_content_t /srv/nginx/xenforo/public/
$ sudo chcon -R -t httpd_sys_rw_content_t /srv/nginx/xenforo/public/data
$ sudo chcon -R -t httpd_sys_rw_content_t /srv/nginx/xenforo/public/internal_data
$ sudo semanage port -a -t http_port_t -p tcp 80
$ sudo restorecon /etc/nginx/ssl/*

Step 21: configure firewalld

$ sudo firewall-cmd --permanent --zone=public --add-service=http
$ sudo firewall-cmd --permanent --zone=public --add-port=443/tcp
$ sudo firewall-cmd --reload

You can check with this command to see it is all added:
$ sudo firewall-cmd --zone=public --list-all
You probably have to change “zone=public” to your servers setup.

Step 22: Start nginx and hhvm

$ sudo systemctl start hhvm.service
$ sudo systemctl start nginx.service

Congratulations this should be everything you require to do on the server so now let’s start with the installation of Xenforo!

Step 23: Start and finish the installation of Xenforo
Start by going to your website for me “https://www.ulyaoth.net” and you should see the following: (make sure to use your domain name)

Sometimes it might complain it cannot verify your php installation this is because of hhvm, just continue and it will work fine.

You should see this:

Now simply press on “Begin Installation”

You should now see a page like this:

On this screen, we have to fill in the database information from Step 15.

MySQL Server: localhost
MySQL Port: 3306
MySQL User Name: xenforo
MySQL Password: ulyaoth007
MySQL Database Name: xenforo

Of-course change all this to your information and then your screen should look filled in like this:

Now press on “Test & Generate Configuration” to continue.

If you Followed the guide correctly you should now see the following:

Now press on “Save Configuration”.

It should now download a file called “config.php” now you or have to scp this file to your server or you open it with notepad and copy the file contents to the server.
for scp do something like this:
scp config.php [email protected]:/srv/nginx/xenforo/public/library/
For manual copy paste just do this on the server:
$ sudo vi /srv/nginx/xenforo/public/library/config.php
Once you have done one of the two steps above run the following commands on the server:

$ sudo chown -R hhvm:nginx /srv/nginx/xenforo/public/library/config.php
$ sudo chcon -R -t httpd_sys_content_t /srv/nginx/xenforo/public/library/config.php

Now after you done this go back to your website and press on “Continue with Installation”.

If you did everything correct you should now see the following screen:

So just click on “Begin Installation” and you should see a screen like this:

This will probably take a minute so just let it do what it needs to do till you see the website change to:

Now as you can see on this screen you will need to create an Administrator account, be smart and do not use a username like “admin” or “administrator” use some random nickname. The reason for this is that any script or bot will first try those usernames in order to get access to your website and you do not want this of course

After you have filled in everything you press on “Create Administrator” and you will see the following screen next:

On this screen fill only in the following two fields:
Board Title:
Contact Email Address:

The other fields should be automatically filled in and should only be changed if you know what you are doing.

Now press on “Setup Options” to complete the installation.

Congratulations you have successfully completed my guide and installed Xenforo with HHVM.

What next? well press the “Enter your control panel” button and play around with your website or browse to your website url to see the front page of your newly installed forum.

It should look like this:

I hope this tutorial helped someone!

Related posts

SSH into a VirtualBox Linux guest from your host

Sjir Bagmeijer

Create a Logstash GeoIP dashboard in Kibana 3

Sjir Bagmeijer

logstash-forwarder and grok examples

Sjir Bagmeijer