How To Install Joomla on CentOS Stream 10

Joomla stands as one of the most powerful open-source content management systems available today, powering millions of websites worldwide. When combined with CentOS Stream 10’s enterprise-grade stability and robust security features, it creates an ideal hosting environment for everything from small business websites to complex web applications. This comprehensive guide walks through the complete process of installing Joomla on CentOS Stream 10, covering LAMP stack setup, database configuration, security hardening, and performance optimization. Each step includes detailed commands, explanations, and troubleshooting tips to ensure a successful deployment.

Prerequisites

Before beginning the Joomla installation process, several requirements must be met. A fresh CentOS Stream 10 server with root or sudo privileges provides the foundation for this installation. The server should have at least 1GB of RAM, though 2GB is recommended for optimal performance, along with a minimum of 10GB available disk space.

Access to the server via SSH is essential for executing installation commands. A static IP address or domain name should point to the server for production deployments. Basic familiarity with Linux command-line operations helps navigate the installation process more smoothly. Finally, ensure a stable internet connection exists for downloading necessary packages and dependencies.

Step 1: Update System Packages

Keeping system packages current ensures security patches are applied and compatibility issues are minimized. This critical first step prevents potential conflicts during the installation process.

Connect to the server via SSH and execute the following command:

sudo dnf update -y

This command updates all installed packages to their latest versions available in the CentOS Stream 10 repositories. The -y flag automatically confirms all prompts, streamlining the update process.

If kernel updates are installed during this process, reboot the server to apply them:

sudo reboot

Wait a few minutes for the system to restart before reconnecting via SSH.

Step 2: Install Apache Web Server

Apache HTTP Server serves as the foundation for hosting Joomla websites, handling all incoming web requests and delivering content to visitors. It remains the most widely used web server software, offering reliability, extensive documentation, and proven compatibility with Joomla.

Install Apache using the DNF package manager:

sudo dnf install httpd -y

Once installation completes, start the Apache service and enable it to launch automatically at system boot:

sudo systemctl start httpd
sudo systemctl enable httpd

Verify that Apache is running correctly:

sudo systemctl status httpd

The output should display “active (running)” in green text, confirming successful installation and startup. If any errors appear, review the system logs for troubleshooting information.

Step 3: Configure Firewall Rules

CentOS Stream 10 includes firewalld by default, providing robust network security through customizable rules. Opening the appropriate ports allows web traffic to reach the Apache server while maintaining system security.

Add HTTP service to the firewall permanently:

sudo firewall-cmd --permanent --add-service=http

Add HTTPS service for secure connections:

sudo firewall-cmd --permanent --add-service=https

Reload the firewall configuration to apply changes immediately:

sudo firewall-cmd --reload

Verify the firewall rules are active:

sudo firewall-cmd --list-all

The output should display both http and https in the services section. Production servers benefit from additional firewall hardening, including rate limiting and IP whitelisting for administrative access.

Step 4: Install PHP and Required Modules

Joomla 5.x requires PHP 8.1 as the minimum version, with PHP 8.3 recommended for optimal performance and security. Multiple PHP extensions are necessary for Joomla to function properly, handling everything from database connections to image processing.

Install PHP along with all required modules in a single command:

sudo dnf install php php-cli php-mysqlnd php-xml php-mbstring php-json php-zip php-gd php-opcache php-curl php-intl -y

Each module serves a specific purpose. The php-mysqlnd extension enables database connectivity with MariaDB. The php-xml and php-mbstring modules handle XML processing and multibyte string operations. The php-gd library processes images and thumbnails. The php-opcache extension dramatically improves PHP performance by caching compiled bytecode.

Start and enable the PHP-FPM service:

sudo systemctl start php-fpm
sudo systemctl enable php-fpm

Restart Apache to load the PHP module:

sudo systemctl restart httpd

Create a test file to verify PHP installation:

echo "<?php phpinfo(); ?>" | sudo tee /var/www/html/info.php

Open a web browser and navigate to http://your-server-ip/info.php to view the PHP configuration page. This page displays all installed modules and current settings. Remove this file after verification for security purposes.

Step 5: Install and Configure MariaDB Database

MariaDB serves as the database management system for storing all Joomla content, user data, and configuration settings. Joomla requires MariaDB 10.4 or newer, or alternatively MySQL 8.0.13 or higher.

Install the MariaDB server and client packages:

sudo dnf install mariadb-server mariadb -y

Start the MariaDB service and configure it to start automatically at boot:

sudo systemctl start mariadb
sudo systemctl enable mariadb

Run the security script to harden the MariaDB installation:

sudo mysql_secure_installation

This interactive script prompts for several security configurations. Press Enter when asked for the current root password (none exists on fresh installations). Type Y to set a root password, then enter a strong password twice. Choose Y for all remaining prompts: removing anonymous users, disabling remote root login, removing the test database, and reloading privilege tables.

Strong database passwords should contain at least 12 characters, including uppercase and lowercase letters, numbers, and special characters.

Step 6: Create Joomla Database and User

Creating a dedicated database and user account for Joomla follows the principle of least privilege, enhancing security by limiting access to only what’s necessary.

Log into the MariaDB console as root:

sudo mysql -u root -p

Enter the root password set in the previous step. At the MariaDB prompt, create a new database:

CREATE DATABASE joomla_db CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;

The utf8mb4 character set provides full Unicode support, essential for international content.

Create a dedicated database user with a strong password:

CREATE USER 'joomla_user'@'localhost' IDENTIFIED BY 'StrongPassword123!';

Replace StrongPassword123! with a secure password of your choosing.

Grant all privileges on the Joomla database to this user:

GRANT ALL PRIVILEGES ON joomla_db.* TO 'joomla_user'@'localhost';

Flush privileges to apply the changes immediately:

FLUSH PRIVILEGES;

Exit the MariaDB console:

EXIT;

Record the database name, username, and password for use during the Joomla installation wizard.

Step 7: Download Joomla Installation Package

Obtaining Joomla from official sources ensures file integrity and protects against malware or backdoors. The Joomla project maintains secure download servers for all releases.

Install the wget and unzip utilities if not already present:

sudo dnf install wget unzip -y

Navigate to a temporary directory:

cd /tmp

Download the latest stable Joomla release:

wget https://downloads.joomla.org/cms/joomla5/5-3-4/Joomla_5-3-4-Stable-Full_Package.zip 

The URL above references Joomla 5.3.4, current as of this writing. Check the official Joomla downloads page for the most recent version and adjust the URL accordingly.

Verify the downloaded file exists and check its size:

ls -lh Joomla*.zip

The file should be approximately 15-20 MB in size. Significant deviations may indicate download corruption.

Step 8: Extract and Configure Joomla Files

Proper file placement, ownership, and permissions are crucial for Joomla security and functionality.

Create a directory for the Joomla installation:

sudo mkdir -p /var/www/html/joomla

Extract the Joomla archive to the web directory:

sudo unzip /tmp/Joomla*.zip -d /var/www/html/joomla

Set ownership to the Apache user:

sudo chown -R apache:apache /var/www/html/joomla

The Apache user needs ownership to write files during installation and normal operation.

Configure appropriate permissions:

sudo find /var/www/html/joomla -type d -exec chmod 755 {} \;
sudo find /var/www/html/joomla -type f -exec chmod 644 {} \;

These commands set directories to 755 (read, write, execute for owner; read and execute for others) and files to 644 (read and write for owner; read-only for others). These permissions balance security with functionality, preventing unauthorized modifications while allowing Apache to serve content.

Step 9: Configure Apache Virtual Host

Virtual hosts enable Apache to serve multiple websites from a single server, each with its own configuration and domain name.

Create a new virtual host configuration file:

sudo nano /etc/httpd/conf.d/joomla.conf

Add the following configuration, replacing your-domain.com with the actual domain name:

<VirtualHost *:80>
    ServerName your-domain.com
    ServerAlias www.your-domain.com
    DocumentRoot /var/www/html/joomla
    
    <Directory /var/www/html/joomla>
        Options -Indexes +FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
    
    ErrorLog /var/log/httpd/joomla_error.log
    CustomLog /var/log/httpd/joomla_access.log combined
</VirtualHost>

The DocumentRoot directive specifies where Joomla files reside. AllowOverride All enables Joomla to use .htaccess files for URL rewriting and additional configuration. The -Indexes option prevents directory listing, enhancing security. Separate log files facilitate troubleshooting and monitoring.

Save and close the file. Test the Apache configuration for syntax errors:

sudo apachectl configtest

If the output shows “Syntax OK”, restart Apache to apply changes:

sudo systemctl restart httpd

Step 10: Configure SELinux for Joomla

Security-Enhanced Linux (SELinux) provides mandatory access control, adding an extra layer of security beyond traditional Unix permissions. CentOS Stream 10 enables SELinux in enforcing mode by default, requiring proper context configuration for web applications.

Check SELinux status:

sestatus

Install SELinux management utilities:

sudo dnf install policycoreutils-python-utils -y

Set the correct SELinux context for the Joomla directory:

sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/joomla(/.*)?"
sudo restorecon -Rv /var/www/html/joomla

Allow Apache to make network connections to the database:

sudo setsebool -P httpd_can_network_connect_db on

Allow Apache to send emails (needed for Joomla notifications):

sudo setsebool -P httpd_can_sendmail on

These SELinux policies enable Joomla functionality while maintaining system security. To troubleshoot SELinux issues, check the audit log:

sudo ausearch -m AVC -ts recent

This command displays recent SELinux denials, helping identify permission problems.

Step 11: Complete Joomla Web Installation

The web-based installation wizard guides through the final configuration steps, creating the necessary database tables and configuration files.

Open a web browser and navigate to http://your-domain.com or http://your-server-ip/joomla. The Joomla installation wizard appears.

Configuration Tab:

Enter the site name (displayed in browser titles and headers). Provide a description that summarizes the website’s purpose. Select the installation language.

Create the administrator account by entering:

• Admin Email Address (used for password resets)
• Admin Username (avoid common names like “admin” for security)
• Admin Password (minimum 12 characters with complexity requirements)
• Confirm the password

Strong passwords significantly reduce the risk of unauthorized access. Consider using a password manager to generate and store credentials securely.

Database Tab:

Select “MySQLi” as the database type. Enter “localhost” for the hostname (since MariaDB runs on the same server). Input the database username (joomla_user), password, and database name (joomla_db) created earlier.

The table prefix defaults to a random string for security. Leave this setting unchanged unless multiple Joomla installations share a single database.

Overview Tab:

Review all configuration settings. Click “Install” to begin the installation process. Joomla creates database tables, writes the configuration file, and completes the setup.

Upon successful completion, the wizard displays a success message. Do not proceed to the site until removing the installation directory.

Step 12: Post-Installation Security Steps

Immediate security measures protect the fresh Joomla installation from common vulnerabilities and attack vectors.

Remove the installation directory immediately:

sudo rm -rf /var/www/html/joomla/installation

Leaving this directory accessible allows anyone to reinstall Joomla, potentially compromising the site.

Remove the PHP info test file created earlier:

sudo rm /var/www/html/info.php

This file exposes detailed server configuration to potential attackers.

Back up the configuration file:

sudo cp /var/www/html/joomla/configuration.php /var/www/html/joomla/configuration.php.backup

Restrict permissions on the configuration file:

sudo chmod 444 /var/www/html/joomla/configuration.php

This makes the file read-only, preventing unauthorized modifications.

Log into the Joomla administrator panel at http://your-domain.com/administrator. Navigate to System > Global Configuration to adjust security settings. Disable unnecessary features. Set appropriate error reporting levels (none for production).

Step 13: Install and Configure SSL Certificate

SSL/TLS encryption protects data in transit between visitors and the server, essential for any website handling user information. Modern browsers flag non-HTTPS sites as insecure, negatively impacting user trust and SEO rankings.

Install Certbot and the Apache plugin:

sudo dnf install certbot python3-certbot-apache -y

Obtain and install an SSL certificate:

sudo certbot --apache -d your-domain.com -d www.your-domain.com

Certbot prompts for an email address for renewal notifications. Agree to the terms of service. Choose whether to redirect all HTTP traffic to HTTPS (recommended).

Certbot automatically configures Apache with SSL settings and sets up automatic renewal. Test the renewal process:

sudo certbot renew --dry-run

Log into the Joomla administrator panel and navigate to System > Global Configuration. On the Server tab, set “Force HTTPS” to “Entire Site”. Save the changes.

Verify SSL installation using online tools like SSL Labs’ SSL Test. A proper configuration should achieve an A rating.

Step 14: Optimize Joomla Performance

Performance optimization enhances user experience and improves search engine rankings.

Edit the PHP configuration file:

sudo nano /etc/php.ini

Adjust these settings for optimal Joomla performance:

memory_limit = 256M
upload_max_filesize = 32M
post_max_size = 32M
max_execution_time = 120
max_input_time = 120

These values accommodate larger uploads and complex operations. Save and exit.

Restart Apache and PHP-FPM to apply changes:

sudo systemctl restart httpd
sudo systemctl restart php-fpm

Enable OPcache by verifying it’s loaded:

php -m | grep opcache

In the Joomla administrator panel, navigate to System > Global Configuration. On the System tab, set Cache to “ON – Progressive caching”. Enable Gzip page compression on the Server tab.

Configure Apache for better performance. Edit the main configuration file:

sudo nano /etc/httpd/conf/httpd.conf

Ensure these directives are enabled:

KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5

These settings reduce connection overhead and improve response times.

Step 15: Implement Security Best Practices

Ongoing security measures protect against evolving threats and vulnerabilities.

Change the default administrator URL to prevent automated attacks. Create a new secret word in the Joomla administrator panel under System > Global Configuration > Site Settings.

Enable two-factor authentication for all administrator accounts. Install the Joomla 2FA plugins from Extensions > Manage > Install. Configure 2FA in Users > Manage > Edit User > Two Factor Authentication.

Set up automated backups. Install a backup extension like Akeeba Backup. Schedule regular automated backups of both files and database. Store backups off-site or in cloud storage for disaster recovery.

Regularly update Joomla core, templates, and extensions. Check for updates weekly through System > Update. Apply security updates immediately.

Remove unused extensions and templates to reduce the attack surface. Navigate to Extensions > Manage > Manage and uninstall anything not actively used.

Monitor system logs regularly:

sudo tail -f /var/log/httpd/joomla_error.log

Review logs for suspicious activity, failed login attempts, or system errors.

Step 16: Testing and Verification

Comprehensive testing ensures all components function correctly before deploying content.

Verify database connectivity by viewing the Joomla administrator dashboard. The System Information page displays database details and query statistics.

Test file upload functionality by creating a new article with images. Upload test images to verify size limits and permissions work correctly.

Enable SEF URLs (Search Engine Friendly URLs) in Global Configuration. Test that clean URLs work without file extensions or query parameters.

Check all installed PHP modules match requirements:

php -m

Compare the output against Joomla’s technical requirements.

Review Apache error logs for any issues:

sudo tail -100 /var/log/httpd/joomla_error.log

Test website loading speed using tools like GTmetrix or Google PageSpeed Insights. Optimize further based on recommendations.

Create test content including articles, categories, and menus. Verify all Joomla features work as expected before launching the site publicly.

Troubleshooting Common Issues

Database Connection Errors:

If Joomla displays “Error connecting to database”, verify MariaDB is running:

sudo systemctl status mariadb

Check that database credentials in configuration.php match those created earlier. Test database connectivity manually:

mysql -u joomla_user -p joomla_db

Try using 127.0.0.1 instead of localhost in the database configuration if connection issues persist.

File Permission Problems:

If Joomla reports write permission errors, verify ownership and permissions:

ls -la /var/www/html/joomla

Reapply correct ownership and permissions if necessary. Check SELinux contexts are properly set.

Apache Won’t Start:

Test Apache configuration for syntax errors:

sudo apachectl configtest

Review error logs for specific problems:

sudo journalctl -xeu httpd

Verify no other service is using port 80 or 443.

White Screen or 500 Errors:

Enable error display temporarily by editing configuration.php:

public $error_reporting = 'maximum';

Check PHP error logs:

sudo tail -50 /var/log/php-fpm/www-error.log

Verify all required PHP modules are installed and loaded.

SELinux Blocking Operations:

Check for SELinux denials:

sudo ausearch -m avc -ts recent

Generate custom policies if needed:

sudo ausearch -m avc -ts recent | audit2allow -M mypolicy
sudo semodule -i mypolicy.pp

Upload Size Limit Issues:

If file uploads fail for larger files, increase PHP limits as described in the optimization section. Restart Apache and PHP-FPM after changes.

Congratulations! You have successfully installed Joomla. Thanks for using this tutorial for installing the Joomla content management system on CentOS Stream 10 system. For additional help or useful information, we recommend check the official Joomla website.