Installing Grav and Securing with SSL

Introduction

Grav is a modern, open-source flat-file CMS. This guide will walk you through installing Grav and securing it with SSL.

Prerequisites

• A server running Linux (e.g., Ubuntu 24.04)
• SSH access with sudo privileges
• A registered domain name

Installation Steps

1. Update System Packages:

   sudo apt update && sudo apt upgrade -y

2. Install Required Packages:

   sudo apt install apache2 php libapache2-mod-php unzip -y

3. Download Grav:

   cd /var/www/html
   sudo wget https://getgrav.org/download/core/grav-admin/latest -O grav-admin.zip

4. Extract Grav:

   sudo unzip grav-admin.zip
   sudo mv grav-admin grav

5. Set Permissions:

   sudo chown -R www-data:www-data /var/www/html/grav

6. Configure Apache:

   sudo nano /etc/apache2/sites-available/grav.conf

   Add the following configuration:

   <VirtualHost *:80>
      ServerAdmin admin@yourdomain.com
      DocumentRoot /var/www/html/grav
      ServerName yourdomain.com
      ServerAlias www.yourdomain.com
   
      <Directory /var/www/html/grav>
          Options Indexes FollowSymLinks
          AllowOverride All
          Require all granted
      </Directory>
   
      ErrorLog ${APACHE_LOG_DIR}/error.log
      CustomLog ${APACHE_LOG_DIR}/access.log combined
   </VirtualHost>

   Enable the site and rewrite module:

   sudo a2ensite grav.conf
   sudo a2enmod rewrite
   sudo systemctl restart apache2

Securing with SSL

1. Install Certbot:

   sudo apt install certbot python3-certbot-apache -y

2. Obtain SSL Certificate:

   sudo certbot --apache -d yourdomain.com -d www.yourdomain.com

3. Auto-Renewal: Certbot sets up a cron job for auto-renewal. To test:

   sudo certbot renew --dry-run

Conclusion

Your Grav installation is now secured with SSL. Ensure to keep your system and Grav updated.