Install AbanteCart on Debian Linux

This tutorial will guide you on how to install and configure the latest version AbanteCart platform in Debian release, in order to create a free online shopping store.

AbanteCart is a free open-source e-commerce online store-management platform written mostly in PHP programming language and often deployed in Linux under Apache/Nginx web servers, PHP, and MySQL/MariaDB database management system, also known as LAMP or LEMP stack.  AbanteCart online e-commerce software platform is highly used to create online shops for small or medium businesses to advertise and sell services and merchandise.

Requirements

  • Minimal installation of Debian 11 on a bare-metal server machine or on a virtual private server
  • sudo root privileges for a local or remote account or direct access to root account
  • A static IP address configured for one of your system network interfaces cards
  • A domain name, private or public, depending on your deployment, with the proper DNS records configured for web services. If don’t have a valid or registered domain name you can perform the installation and access the website via your server IP address
  • If you want to use website registration, mail order confirmations and other features, you should have a running mail server properly configured at your premises with remote access to its IMAP and SMTP services.

Pre-Requirements

Before starting to install and configure AbanteCart from sources in your own server, first assure the system meets all the software requirements for compiling and installing the application.  On the first step, update your system repositories and software packages by issuing the following command.

apt update
apt upgrade

On the next step, execute the following command in order to install some necessary utilities that will be used to further manage your system from command line.

apt install wget bash-completion git

After the system has been fully updated and the required utilities to manage your server had been installed, setup the name for your system by executing the following command. Replace your hostname variable accordingly.

hostnamectl set-hostname shop

Verify machine hostname and hosts file by issuing the below commands.

hostnamectl
cat /etc/hostname
hostname –s
hostname –f

Finally, reboot Debian server in order to apply kernel updates and the hostname changes properly.

init 6

AbanteCart is a web-based CMS e-commerce platform written in PHP server-side programming language. In order to execute the PHP file scripts of the application, a web server, such as Apache HTTP server, and a PHP processing gateway must be installed and operational in the system.  In order to install Apache web server and the PHP interpreter alongside with all required PHP modules needed by the application to run properly, issue the following command in your server console.

apt install apache2 libapache2-mod-php7.4 php7.4 php7.4-curl php7.4-gd php7.4-zip php7.4-mbstring php7.4-xml
After Apache and PHP has been installed, test if the web server is up and running and listening for network connections on port 80 by issuing the following command with root privileges.
netstat –tlpn

In case netstat network utility is not installed by default in your Debian system, execute the following command to install it.

apt install net-tools

By inspecting the netstat command output you can see that Apache web server is listening for incoming network connections on port 80. For the same task, you can also use the ss command, which is automatically installed by default in Debian.

ss- tulpn

In case you have a firewall enabled in your system, such as UFW firewall application, you should add a new rule to allow HTTP traffic to pass through firewall by issuing the following command.

ufw allow WWW

or

ufw allow 80/tcp

If you’re using iptables raw rules to manage Firewall rules in your Debian server, add the following rule to allow port 80 inbound traffic on the firewall so visitors can browse the online shop.

apt-get install -y iptables-persistent
iptables -I INPUT -p tcp --destination-port 80 -j ACCEPT
systemctl iptables-persistent save
systemctl iptables-persistent reload

Next, enable and apply the following Apache modules the e-commerce application requires to run properly by issuing the following command.

a2enmod rewrite
systemctl restart apache2

Finally, test if the Apache web server default web page can be displayed in your client’s browsers by visiting your Debian machine IP address or your domain name or server FQDN via HTTP protocol, as shown in the below image. If you don’t know your machine’s IP address, execute ifconfig or ip commands to reveal the IP address of your server.

http://your_domain.tld

To install and access AbanteCart web admin panel backed and the frontend website via HTTPS protocol that will secure the traffic for your clients, issue the following command to enable Apache web server SSL module and SSL site configuration file.

a2enmod ssl
a2ensite default-ssl.conf

Next, open Apache default SSL site configuration file with a text editor and enable URL rewrite rules by adding the following lines of code after DocumentRoot directive, as shown in the following sample:

nano /etc/apache2/sites-enabled/default-ssl.conf

SSL site configuration file excerpt:

<Directory /var/www/html>
  Options +FollowSymlinks
  AllowOverride All
  Require all granted
</Directory>

Also, make the following change to VirtualHost line to look like shown in the below excerpt:

<VirtualHost *:443>

Close the SSL Apache file and open /etc/apache2/sites-enabled/000-default.conf file for editing and add the same URL rewrite rules as for SSL configuration file. Insert the lines of code after DocumentRoot statement as shown in the following example.

<Directory /var/www/html>
  Options +FollowSymlinks
  AllowOverride All
  Require all granted
</Directory>

Finally, restart Apache daemon to apply all rules configured so far and visit your domain via HTTP protocol. Because you’re using the automatically Self-Signed certificates pairs issued by Apache at installation, certificate that is untrusted by the browser, an error warning should be displayed in the browser.

systemctl restart apache2

https://yourdomain.tld 

Accept the warning to accept the untrusted certificate and continue to be redirected to Apache default web page, as illustrated in the below image.

If the UFW firewall application blocks incoming network connections to the HTTPS port, you should add a new rule to allow HTTPS traffic to pass through the firewall by issuing the following command.

ufw allow 'WWW Full'

or

ufw allow 443/tcp

If iptables is the default firewall application installed to protect your Debian system at network level, add the following rule to allow port 443 inbound traffic in the firewall so that visitors can browse your domain name.

iptables -I INPUT -p tcp --destination-port 443 -j ACCEPT
systemctl iptables-persistent save
systemctl iptables-persistent reload

On the next step we need to make some further changes to PHP default configuration file in order to assure that the following PHP variables are enabled and the PHP timezone setting is correctly configured and matches your system geographical location.  Open /etc/php/7.0/apache2/php.ini file for editing and assure that the following lines are setup as follows. Also, initially, make a backup of PHP configuration file.

cp /etc/php/7.0/apache2/php.ini{,.backup}
nano /etc/php/7.0/apache2/php.ini

 Search, edit and change the following variables in php.ini configuration file:

file_uploads = On           
output_buffering = 4096
magic_quotes_gpc = Off
register_globals = Off
default_charset = UTF-8
memory_limit = 128M
max_execution_time = 18000
upload_max_filesize = 100M
safe_mode = Off
mysql.connect_timeout = 20
session.use_cookies = On
session.use_trans_sid = Off
session.gc_maxlifetime = 12000000
apc.enabled = 0
date.timezone = Europe/London

Increase upload_max_file_size variable as suitable to support large file attachments and replace the time.zone variable accordingly to your physical time by consulting the list of time zones provided by PHP docs at the following link http://php.net/manual/en/timezones.php

AbanteCart is not compatible with PHP OPCache module loaded and active, by the time of writing this guide. You should also disable PHP7 OPCache extension that comes installed by default in Debian once you install PHP 7 interpreter, by issuing the below command.

phpdismod opcache

After you’ve made all changes explained above, restart apache daemon to apply the new changes by issuing the following command.

systemctl restart apache2

Finally, create a PHP info file by executing the following command and check if the PHP time zone has been correctly configured by visiting the PHP info script file from a browser at the following URL, as illustrated in the below image. Scroll down to date setting to check php time zone configuration.

echo '<?php phpinfo(); ?>'| tee /var/www/html/info.php

https://domain.tld/info.php

AbanteCart web application stores different configurations, such as users, sessions, contacts, products, catalogs and others, in a RDBMS database.  In this guide we’ll configure AbanteCart shopping platform to use MariaDB database as backend. Issue the following command to install MariaDB database and the PHP module needed to access mysql database.

apt install mariadb-server php7.4-mysql mariadb-client

After you’ve installed MariaDB, verify if the daemon is running and listens for connections on localhost, port 3306, by running netstat command.

netstat –tlpn | grep mysql

Then, log in to MySQL console and secure MariaDB root account by issuing the following commands.

mysql -h localhost
use mysql;
update user set plugin='' where user='root';
flush privileges;
exit

In the next step, secure MariaDB by executing the script mysql_secure_installation provided by the installation packages from Debian stretch repositories. While running, the script will ask a series of questions designed to secure the MariaDB database, such as: changing the MySQL root password, removing anonymous users, disabling remote root logins, and deleting the test database. Execute the script by issuing the below command and ensure you type yes to all questions asked in order to fully secure MySQL daemon. Use the below script output as a guide.

sudo mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB

SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

 

To log into MariaDB to secure it, we’ll need the current

password for the root user.  If you’ve just installed MariaDB, and

you haven’t set the root password yet, the password will be blank,

so you should press enter here.

 

Enter current password for root (enter for none):

OK, successfully used password, moving on…

 

Setting the root password ensures that nobody can log into the MariaDB

root user without the proper authorisation.

 

You already have a root password set, so you can safely answer ‘n’.

Change the root password? [Y/n] y

New password:

Re-enter new password:

Password updated successfully!

Reloading privilege tables..

… Success!

 

By default, a MariaDB installation has an anonymous user, allowing anyone

to log into MariaDB without having to have a user account created for

them.  This is intended only for testing, and to make the installation

go a bit smoother.  You should remove them before moving into a

production environment.

 

Remove anonymous users? [Y/n] y

… Success!

 

Normally, root should only be allowed to connect from ‘localhost’.  This

ensures that someone cannot guess at the root password from the network.

 

Disallow root login remotely? [Y/n] y

… Success!

 

By default, MariaDB comes with a database named ‘test’ that anyone can

access.  This is also intended only for testing, and should be removed

before moving into a production environment.

 

Remove test database and access to it? [Y/n] y

– Dropping test database…

… Success!

– Removing privileges on test database…

… Success!

 

Reloading the privilege tables will ensure that all changes made so far

will take effect immediately.

 

Reload privilege tables now? [Y/n] y

… Success!

Cleaning up…

All done!  If you’ve completed all of the above steps, your MariaDB

installation should now be secure.

Thanks for using MariaDB!

In order to test MariaDB security, try login to the database from console with no root password. The access to the database should be denied if no password is provided for the root account, as illustrated in the below command excerpt:

root@cubecart:~# mysql -h localhost -u root
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)

If the password is supplied, the login process should be granted to MySQL console, as shown in the command sample:

root@cubecart:~# mysql -h localhost -u root -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 15
Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> exit
Bye

Next, login to MariaDB database console, create a database for AbanteCart application and a user with a password that will be used to manage the application database, by issuing the following commands. Replace the database name, user and password accordingly.

mysql –u root -p
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 2
Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.

MariaDB [(none)]>

 create database abantecart;
Query OK, 1 row affected (0.00 sec)
 
MariaDB [(none)]> grant all privileges on abantecart.* to 'user'@'localhost' identified by 'password1234';
Query OK, 0 rows affected (0.00 sec)
 
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
 
MariaDB [(none)]> exit
Bye

To apply all changes made so far, restart MySQL and Apache daemons and verify if daemons are running by issuing the following commands.

systemctl restart mysql apache2
systemctl status mysql apache2

Install AbanteCart

After all system requirements are met for your e-commerce online shop installation, visit AbanteCart official github page at https://github.com/abantecart/abantecart-src and clone the latest GitHub source package onto your system by issuing the below command.

git clone https://github.com/abantecart/abantecart-src.git

After the GitHub source files cloning process finishes, list the current working directory and list and identify the public_html directory, which contains the installation files, by issuing the below command. Also, remove the default index.html file installed by the Apache web server to the webroot path and delete the info.php file created earlier.

ls abantecart-src/
rm /var/www/html/index.html
rm /var/www/html/info.php

The installation files for AbanteCart are located in your current working directory in abantecart-src/public_html/ directory. Issue ls command to list abantecart-src/public_html/ directory files. Copy all the content of the AbanteCart public_html/ directory to your web server document root path by issuing the following command. Also, make sure you copy the hidden file .htaccess to webroot path.

cp -rf abantecart-src/public_html/* /var/www/html/
cp -rf abantecart-src/public_html/.htaccess.txt /var/www/html/

Next, execute the following commands in order to grant Apache runtime user with full write permissions to the web root path. Use ls command to list permissions for application’s installed files located in /var/www/html/ directory.

chown -R www-data:www-data /var/www/html/
ls –al /var/www/html/

You should also rename .htaccess.txt file from your domain webroot location to .htaccess by issuing the below command.

cp /var/www/html/.htaccess.txt /var/www/html/.htaccess

Next, proceed with the AbanteCart online shop installation process by opening a browser and navigating your server’s IP address, domain name, or server FQDN via HTTPS protocol. On the first installation screen, the AbanteCart installer will display the license screen. Read the license and check I agree to the license. To start the installation process, hit on the Continue button, as illustrated in the below image.

https://yourdomain.tld

In the next step, the installer will perform a series of compatibility checks against your system to determine if all required PHP settings, extensions, and web server permissions are valid for installing the AbanteCart platform. If all settings and permissions are correctly set up, hit on the Continue button to move to the next step.

In the next installation screen, supply the MySQL database driver, database server hostname address, username and password needed to access the AbanteCart database, and the database name created for installing the application. Create a database table name prefix, such as abc_ .

Next, create an administrative section based on a random alphanumeric unique key and create an admin username with a strong password to protect the admin account.  Finally, write the email address of the admin account and check to Load Demo Data, and hit the Continue button to move to the next installation screen. Use the below screenshot as a guide to configure this step.

After the installation process completes, the installer will display two links that can be used to access AbanteCart backed Control Panel, which will be used to manage your online shop, and the Online Shop frontend link, which is the URL that will be displayed to your clients.

Before logging in to your store-backed admin panel, first return to the server console and issue the following commands to delete the installation directory to secure the AbanteCart shopping platform.

rm -rf /var/www/html/install/

To manage your AbanteCart online store, click on Log in to your Control Panel button in order to access the store admin backend. Use the admin account credentials configured during the installation process in order to log in to AbanteCart backend control panel, as shown in the below screenshot.

You can also visit the AbanteCart admin dashboard panel by navigating to your server IP address or domain name via HTTPS protocol to admin secret query string. Use the secret string configured during the installation process to access administration backend control panel, as shown in the below screenshot sample.

https://yourdomain.tld/index.php?s=secret_string

 

After logging in to AbanteCart backed admin control panel, follow the quick start wizard tool in order further to configure your store details with the required information, as shown in the below screenshot.

Finally, to force visitors to browse the AbanteCart frontend website and to securely access the backend interface via HTTPS protocol to encrypt the traffic between the server and client browsers, return to your server’s terminal and edit the .htaccess file located in your website document root path, by issuing the below command.

nano /var/www/html/.htaccess

Then, edit the .htaccess file, and at the bottom of the file, you can change the native PHP server settings with the below configurations. Modify the PHP settings to match your server resources and configurations.

.htaccess file excerpt:

# Modify PHP settings
php_value session.use_trans_sid 0
php_value register_globals 1

Finally, add the below rules in .htaccess file in order to redirect domain traffic to HTTPS automatically.

# Redirect to HTTPS
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]
</IfModule>

In order to visit your online store front, click on the Online Shop button and the frontend of your e-commerce application will be displayed in your browser as illustrated in the below screenshot. You can also visit the store frontend by navigating to your server IP address or domain name via HTTPS protocol.

https://yourdomain.tld

That’s all! You have successfully installed and configured AbanteCart e-commerce application in Debian. However, because Apache HTTP server uses Self-Signed certificates to encrypt the traffic between the server and visitor’s browsers, a warning message will always be generated and displayed in their browsers. This warning is bad for your online shop business. In this case you should buy a certificate issued by a trusted Certificate Authority or get a free certificate pair from Let’s Encrypt CA.

For other custom configurations regarding AbanteCart application, visit the documentation page at the following address: http://docs.abantecart.com/