How to Install PrestaShop on Debian 9
In this guide, we’ll show you how to install and configure the latest version of Prestashop on Debian 9.1 release, in order to create your free online shopping cart.
Prestashop is a free Open Source e-commerce content management platform written in PHP programming language which is often deployed on Linux under Apache/Nginx web servers, PHP and MySQL/MariaDB database management system. Prestashop CMS is highly used today to create online shops for different businesses and advertise and sell services and merchandise.
- Debian 9 minimal installation on a bare-metal machine or on a virtual private server.
- A static IP address configured for one of your system network interfaces cards.
- sudo root privileges for a local or remote account or direct access to root account.
- A domain name, private or public, depending on your deployment, with the proper DNS records configured.
Before starting to install and configure Prestashop from source on your own server, first assure the system meets all the software requirements for compiling and installing the application. In the first step, update your system repositories and software packages by issuing the below command.
In the next step, execute the following command in order to install some necessary utilities that will be used to further manage your system from command line.
apt install wget bash-completion zip unzip
Next, setup the name for your system by executing the following command. Replace your hostname variable accordingly.
hostnamectl set-hostname shop
Verify machine hostname and hosts file by issuing the below commands.
Finally, reboot Debian server in order to apply kernel updates and the hostname changes properly.
Prestashop is a web-based CMS e-commerce platform written mostly in PHP server-side programming language. In order to execute Prestashop PHP file scripts, a web server, such as Apache HTTP server, and a PHP processing gateway must be installed and operational on the server. In order to install Apache web server and the PHP interpreter alongside with all required PHP modules needed by Prestashop to run properly, issue the following command in your server console.
apt install apache2 libapache2-mod-php7.0 php7.0 php7.0-xml php7.0-gd php7.0-json php7.0-zip php7.0-intl php7.0-mcrypt php7.0-curl php7.0-intl php7.0-opcache
After Apache and PHP have been installed, test if the web server is up and running and listening for network connections on port 80 by issuing the following command with root privileges.
In case netstat network utility is not installed by default on your Debian system, execute the below command to install it.
apt install net-tools
By inspecting the netstat command output you can see that apache web server is listening for incoming network connections on port 80. For the same task you can also use the ss command, which is automatically installed by default in Debian 9.
In case you have a firewall enabled on your system, such as UFW firewall application, you should add a new rule to allow HTTP traffic to pass through the firewall by issuing the following command.
ufw allow WWW
ufw allow 80/tcp
If you’re using iptables raw rules to manage Firewall rules in your Debian server, add the following rule to allow port 80 inbound traffic on the firewall so that visitors can browse the Prestashop online shop.
apt-get install -y iptables-persistent
iptables -I INPUT -p tcp --destination-port 80 -j ACCEPT
systemctl iptables-persistent save
systemctl iptables-persistent reload
Next, enable and apply the following Apache modules required by Prestashop CMS to run properly, by issuing the below command.
systemctl restart apache2
Finally, test if Apache web server default web page can be displayed in your client's browsers by visiting your Debian machine IP address or your domain name or server FQDN via HTTP protocol, as shown in the below image. If you don’t know your machine IP address, execute ifconfig or ip a commands to reveal the IP address of your server.
In order to install and access Prestashop web admin panel backed and the frontend website via HTTPS protocol that will secure the traffic for your clients, issue the following command to enable Apache web server SSL module and SSL site configuration file.
Next, open Apache default SSL site configuration file with a text editor and enable URL rewrite rules by adding the following lines of code after DocumentRoot directive, as shown in the below sample:
SSL site configuration file excerpt:
Require all granted
Also, make the following change to VirtualHost line to look like shown in the below excerpt:
Close the SSL Apache file and open /etc/apache2/sites-enabled/000-default.conf file for editing and add the same URL rewrite rules as for SSL configuration file. Insert the lines of code after DocumentRoot statement as shown in the below example.
Require all granted
Finally, restart Apache daemon to apply all rules configured so far and visit your domain via HTTP protocol. Because you’re using the automatically Self-Signed certificates pairs issued by Apache at installation, an error warning should be displayed in the browser. Accept the warning in order to continue and be redirected to Apache default webpage.
systemctl restart apache2
In case the UFW firewall application blocks incoming network connections to HTTPS port, you should add a new rule to allow HTTPS traffic to pass through the firewall by issuing the following command.
ufw allow 'WWW Full'
ufw allow 443/tcp
If iptables is the default firewall application installed to protect your Debian system at network level, add the following rule to allow port 443 inbound traffic in the firewall so that visitors can browse your domain name.
iptables -I INPUT -p tcp --destination-port 443 -j ACCEPT
systemctl iptables-persistent save
systemctl iptables-persistent reload
In the next step, we need to make some further changes to PHP default configuration file in order to assure that the following PHP variables are enabled and the PHP timezone setting is correctly configured and matches your system geographical location. Open /etc/php/7.0/apache2/php.ini file for editing and assure that the following lines are setup as follows. Also, initially, make a backup of PHP configuration file.
Search, edit and change the following variables in php.ini configuration file:
file_uploads = On
allow_url_fopen = On
memory_limit = 128 M
upload_max_file_size = 64M
date.timezone = Europe/London
Increase memory_limit variable as suitable to support large file attachments and replace the time.zone variable accordingly to your physical time by consulting the list of time zones provided by PHP docs at the following link http://php.net/manual/en/timezones.php
If you want to increase the load speed of your website pages via OPCache plugin available for PHP7, append the following OPCache settings at the bottom of the PHP interpreter configuration file, as detailed below:
Close the php.ini configuration file and check if the verify the end of PHP configuration file to check if the variables had been correctly added by issuing the below command.
After you’ve made all changes explained above, restart apache daemon to apply the new changes by issuing the following command.
systemctl restart apache2
Finally, create a PHP info file by executing the following command and check if the PHP time zone has been correctly configured by visiting the PHP info script file from a browser at the following URL, as illustrated in the below image. Scroll down to date setting to check php time zone configuration.
echo '<?php phpinfo(); ?>'| tee /var/www/html/info.php
Prestashop stores different configurations, such as users, sessions, contacts, products, catalogs and others, in a RDBMS database. In this guide, we’ll configure Prestashop to use MariaDB database as backend. Issue the below command to install MariaDB database and the PHP module needed to access mysql database.
apt install mariadb-server php7.0-mysql
After you’ve installed MariaDB, verify if the daemon is running and listens for connections on localhost, port 3306, by running netstat command.
netstat –tlpn | grep mysql
Then, log in to MySQL console and secure MariaDB root account by issuing the following commands.
mysql -h localhost
update user set plugin='' where user='root';
In the next step, secure MariaDB by executing the script mysql_secure_installation provided by the installation packages from Debian stretch repositories. While running, the script will ask a series of questions designed to secure MariaDB database, such as: to change MySQL root password, to remove anonymous users, to disable remote root logins and delete the test database. Execute the script by issuing the below command and assure you type yes to all questions asked in order to fully secure MySQL daemon. Use the below script output except as a guide.
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
You already have a root password set, so you can safely answer 'n'.
Change the root password? [Y/n] y
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
Remove anonymous users? [Y/n] y
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database...
- Removing privileges on test database...
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
In order to test MariaDB security, try login to the database from console without root password. The access to the database should be denied if no password is provided for the root account. If the password is supplied, the login process should be granted to MySQL console, as shown in the below screenshot.
mysql -h localhost -u root
mysql -h localhost -u root –p
Next, login to MariaDB database console, create a database for Prestashop and a user with a password that will be used to manage the Prestashop database, by issuing the following commands. Replace the PrestaShop database name, user and password accordingly.
mysql –u root -p
create database my_shop;
grant all privileges on my_shop.* to 'shop_user' identified by 'shop_password';
In order to apply all changes made so far, restart MySQL and Apache daemons and verify if daemons are running by issuing the following commands.
systemctl restart mysql apache2
systemctl status mysql apache2
After all system requirements are met for your e-commerce online shop installation, visit the Prestashop releases page at GitHub https://github.com/PrestaShop/PrestaShop/releases and download the latest zip package compressed archive by issuing the wget utility, as illustrated in the following sample.
After the zip archive download finished, extract Prestashop zip archive directly to your web server document root and list the extracted files by issuing the below commands. Also, remove the default index.html file installed by Apache web server to webroot path and also delete the info.php file created earlier.
unzip prestashop_126.96.36.199.zip -d /var/www/html/
Next, execute the below commands in order to grant Apache runtime user with full write permissions to the web root path. Use ls command to list permissions for Prestashop installation files located in /var/www/html/ directory.
chown -R www-data:www-data /var/www/html/
ls –al /var/www/html/
Proceed with Prestashop CMS installation by opening a browser and navigate your server’s IP address or domain name via HTTPS protocol. On the first installation screen, Prestashop installer script will unfold the content of the prestashop.zip file from web server’s web root path, as shown in the below image.
After the extraction finished, you can switch to command line and list the content of the /var/www/html/ directory in order to view all Prestashop extracted files.
ls -la /var/www/html/
On the next screen, Prestashop installer will display a welcome screen and will ask you to choose the installation language in order to continue the installation process. Choose your language and hit the Next button to continue with the next step.
On the next installation screen, check ‘I agree to the license terms’ and hit Next button to continue, as illustrated in the below image.
Prestashop installer now will perform a series of checks in order to determine compatibility with your system and environment and will list eventual errors, if found. If your system environment is compatible with PrestaShop installation, a green message should be displayed on your webpage, as shown in the below screenshot. Again, hit on Next button to move further with the installation process.
On the next screen, add the required information about your Store, such as the name of the shop, the main activity, the country where your shop is registered and account details. Supply an e-mail address in order to access Prestashop backend web panel and a strong password that will be used for this account, as shown in the below screenshot. When you finish hit the Next button to continue.
on the next installation screen, add MySQL database address, name and credentials created earlier for Prestashop hit on 'Test your database connection now' button. If the connection to MySQL database is successful, hit Next button to start the installation process.
Wait a few minutes for the installer to populate the database with all required information and the installation process to complete, as shown in the below screenshots.
After the installation completes, the installer will display your backed web admin panel login information and the required hyperlinks to access Prestashop Backend Office, which will be used to manage your online shop, and Front Office of your store, which will be displayed to your clients.
Make sure you hit on Back Office Manage button in order to access the store backend. You should write down or bookmark the store Back Office address in order to log in to web admin panel from other browsers in the future.
When trying to login to the Back Office, a warning message as shown in the below image will inform you that you should delete the installation directory from your domain webroot path.
In order to be able to login to the Prestashop backed admin panel, return to your server console and execute the following command to delete Prestashop installation directory.
rm -rf /var/www/html/install/
Afterwards, reload the Prestashop Back Office page and login to the admin panel with the credentials setup during the installation process, as illustrated in the following screenshot.
At the first login, a welcome message will be displayed in the browser. Hitting on start button will redirect you to the Catalog from where you can start adding your first product, as shown in the below screenshot.
In order to visit Prestashop frontend webpage, just type your domain name in the browser and you will be automatically redirected to the initial page, as described in the following screenshot.
However, for now, the shop can only be accessed unsecured via the unencrypted HTTP protocol. In order to enable HTTPS support in Prestashop, login to the Back Office panel and navigate to Configure -> Shop parameters -> General and hit on Please click here to check if your shop supports HTTPS link, as illustrated in the below image.
After the SSL tests are performed, switch the Enable SSL button to YES and scroll down to the bottom of the page and hit on Save button, to apply the configuration. However, this configuration so far enables the SSL support only for the Back Office link. The clients that will visit your store domain name will be directed over unencrypted connections.
To secure the visitor's traffic over your domain, switch the Enable SSL on all pages button to Yes, as shown in the below image and scroll down and hit on Save button at the page bottom to apply the settings.
To test if the clients are now automatically redirected to visit your domain over a secured connection via HTTPS protocol, refresh Prestashop frontend page or type your domain name in the browser. Your shop domain name should be accessed now via HTTP protocol, as illustrated in the below image.
That’s all! You have successfully installed and configured PrestaShop on Debian 9.1. However, because your Apache HTTP server uses Self-Signed certificates to encrypt the traffic between the server and visitor’s browsers, a warning message will always be generated and displayed in their browsers when they first visit the store. This warning is bad for your online shop business. In this case you should buy a certificate issued by a trusted Certificate Authority or get a free certificate pair from Let’s Encrypt CA.
For other custom configurations regarding Prestashop, visit the documentation page at the following address: http://doc.prestashop.com/display/PS17/Installing+PrestaShop