Install XenForo 1.4 using Nginx and HHVM on Fedora 21.
Please be aware the Ulyaoth Repository has been discontinued! Please read:
You can still make this tutorial work but you will need to compile the packages yourself, please be aware our GitHub is not longer updated however: https://github.com/ulyaoth/repository
Ulyaoth repository no longer supports HHVM
In this guide, I will show how you can install Xenforo (https://xenforo.com/) on Fedora using Nginx and HHVM (old HipHop php).
For this guide I used the following:
forum01 (1x cpu, 512mb ram)
Xenforo 1.4.x (Requires a License)
This guide should also work on RHEL and CentOS but you might need to change some directory locations or use slightly different commands.
Step 1: Add the Ulyaoth repository
$ yum install https://downloads.ulyaoth.net/rpm/ulyaoth-latest.fedora.x86_64.rpm
For another Fedora or RHEL see my repository post for the correct rpm:
Step 2: install the required packages
$ sudo yum install -y ulyaoth-nginx ulyaoth-hhvm mariadb mariadb-server policycoreutils-python
As I wrote in the top of this post that Ulyaoth repository does no longer support HHVM (ulyaoth-hhvm), you will have to compile or download this somewhere else: https://hhvm.com/
Step 3: Create the following directories
$ sudo mkdir -p /etc/nginx/access-lists
$ sudo mkdir -p /etc/nginx/ssl
$ sudo mkdir -p /srv/nginx/xenforo/public
$ sudo mkdir -p /var/log/nginx/xenforo
Step 4: Download Xenforo (this is a paid application)
Go to “https://xenforo.com” and login to your customer portal.
Now click on “Download Xenforo” and do not select “Download the upgrade package only” make sure you download the full version.
Again this step assumes you already did buy a license for Xenforo.
Step 5: Unzip your Xenforo zip file.
$ unzip xenforo_*_full.zip
You should now have a folder “upload”.
Step 6: Move all Xenforo file to the right directory
$ sudo mv upload/* /srv/nginx/xenforo/public/
Step 7: Download the vhost and access-list file for nginx
$ sudo wget -q https://raw.githubusercontent.com/sbagmeijer/ulyaoth/master/guides/xenforo/nginx/xenforo.conf -O /etc/nginx/sites-available/xenforo.conf
Step 8: Install your certificates
Get the certificates from where you bought them or once you generated yourself and place them in:
To create your dhparams file please use the following command:
sudo $ openssl dhparam -out /etc/nginx/ssl/dhparam.pem 4096
Remember if your certificate files are not called “ulyaoth-xenforo.crt”, “ulyaoth-xenforo.key” and “ulyaoth-xenforo.ca” then you have to rename them in your xenforo.conf vhost file so it will use the right certificates.
Step 9: Change the vhost file to fit your setup.
$ sudo vi /etc/nginx/sites-available/xenforo.conf
Now change all the domain names from “ulyaoth.net” to your domain name, please make sure to double check your whole file.
Then double check all the certficiate names and name them how your certificates are names (check the whole file):
Now as final you have to create a “sha256 pin” with the following command: (update so it uses your key)
$sudo openssl rsa -in /etc/nginx/ssl/ulyaoth-xenforo.key -outform der -pubout | openssl dgst -sha256 -binary | openssl enc -base64
It should give an output like this:
writing RSA key
Then in the vhost update this bit with your key:
add_header Public-Key-Pins "pin-sha256=\"zcoKJuisd789hasddasasd32k4VUxsof3d3w22332b7k=\"; max-age=172800;";
That is it now continue with the guide!
Step 10: symbolic link your vhost
$ sudo ln -s /etc/nginx/sites-available/xenforo.conf /etc/nginx/sites-enabled/xenforo.conf
Step 11: Copy the example config for a small MariaDB database to real config location.
$ sudo cp /usr/share/mariadb/my-small.cnf /etc/my.cnf
Of-course if you expect a large database you have to or make your own MariaDB config or in the location “/usr/share/mariadb/” you have more examples:
Step 12: Start the MariaDB database
$ sudo systemctl start mariadb.service
Step 13: run the MariaDB secure installation script
$ sudo /usr/bin/mysql_secure_installation
I would recommend to do the steps I did below:
Enter current password for root (enter for none): (ENTER)
Set root password? [Y/n] Y
Re-enter new password:
Password updated successfully!
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] y
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y
Step 14: Login to the MariaDB database
$ sudo mysql -uroot -p
(you have to use the password from Step 13 that you created)
Step 15: In the MariaDB client create the following user and database
CREATE DATABASE xenforo;
GRANT ALL PRIVILEGES ON xenforo.* TO "xenforo"@"localhost" IDENTIFIED BY "ulyaoth007";
GRANT ALL PRIVILEGES ON xenforo.* TO "xenforo"@"127.0.0.1" IDENTIFIED BY "ulyaoth007";
(Make sure to change to example password “ulyaoth007” to something random, I only used it for this tutorial)
Step 16: exit the MariaDB client
Step 17: Put everything on autostart
$ sudo systemctl enable mariadb.service
$ sudo systemctl enable hhvm.service
$ sudo systemctl enable nginx.service
Step 18: Chown the web directory to hhvm:nginx
$ sudo chown -R hhvm:nginx /srv/nginx/xenforo/
Step 19: Fix directory permissions
$ sudo chmod 777 /srv/nginx/xenforo/public/data
$ sudo chmod 777 /srv/nginx/xenforo/public/internal_data
Step 20: fix Selinux
$ sudo setsebool -P httpd_can_network_connect on
$ sudo chcon -R -t httpd_sys_content_t /srv/nginx/xenforo/public/
$ sudo chcon -R -t httpd_sys_rw_content_t /srv/nginx/xenforo/public/data
$ sudo chcon -R -t httpd_sys_rw_content_t /srv/nginx/xenforo/public/internal_data
$ sudo semanage port -a -t http_port_t -p tcp 80
$ sudo restorecon /etc/nginx/ssl/*
Step 21: configure firewalld
$ sudo firewall-cmd --permanent --zone=public --add-service=http
$ sudo firewall-cmd --permanent --zone=public --add-port=443/tcp
$ sudo firewall-cmd --reload
You can check with this command to see it is all added:
$ sudo firewall-cmd --zone=public --list-all
You probably have to change “zone=public” to your servers setup.
Step 22: Start nginx and hhvm
$ sudo systemctl start hhvm.service
$ sudo systemctl start nginx.service
Congratulations this should be everything you require to do on the server so now let’s start with the installation of Xenforo!
Step 23: Start and finish the installation of Xenforo
Start by going to your website for me “https://www.ulyaoth.net” and you should see the following: (make sure to use your domain name)
Sometimes it might complain it cannot verify your php installation this is because of hhvm, just continue and it will work fine.
Now simply press on “Begin Installation”
On this screen, we have to fill in the database information from Step 15.
MySQL Server: localhost
MySQL Port: 3306
MySQL User Name: xenforo
MySQL Password: ulyaoth007
MySQL Database Name: xenforo
Now press on “Test & Generate Configuration” to continue.
Now press on “Save Configuration”.
It should now download a file called “config.php” now you or have to scp this file to your server or you open it with notepad and copy the file contents to the server.
for scp do something like this:
scp config.php [email protected]:/srv/nginx/xenforo/public/library/
For manual copy paste just do this on the server:
$ sudo vi /srv/nginx/xenforo/public/library/config.php
Once you have done one of the two steps above run the following commands on the server:
$ sudo chown -R hhvm:nginx /srv/nginx/xenforo/public/library/config.php
$ sudo chcon -R -t httpd_sys_content_t /srv/nginx/xenforo/public/library/config.php
Now after you done this go back to your website and press on “Continue with Installation”.
Now as you can see on this screen you will need to create an Administrator account, be smart and do not use a username like “admin” or “administrator” use some random nickname. The reason for this is that any script or bot will first try those usernames in order to get access to your website and you do not want this of course
On this screen fill only in the following two fields:
Contact Email Address:
The other fields should be automatically filled in and should only be changed if you know what you are doing.
Congratulations you have successfully completed my guide and installed Xenforo with HHVM.
What next? well press the “Enter your control panel” button and play around with your website or browse to your website url to see the front page of your newly installed forum.
I hope this tutorial helped someone!
Sjir has over 15 years of experience in information technology, having done various positions at companies such as Blizzard Entertainment, TV4, and Basefarm. He now wields multiple security, cloud, and IT certifications he currently works as an information security engineer.