In this guide, you’ll learn how to install and configure the latest version of the CubeCart e-commerce platform on Debian to create a free online store.
CubeCart is a free, open-source, powerful, and easy-to-setup e-commerce platform for online stores written mainly in the PHP programming language that can be used on Linux on Apache/Nginx web servers, PHP, and the MySQL/MariaDB database management system (also known as the LAMP or LEMP stack).
The CubeCart online shopping software platform is widely used to create online stores for various businesses and to promote and sell services and goods. This guide will teach you how to install CubeCart on the LAMP stack in Debian 9.
Prerequisites
- Debian 9 minimal installation on a bare metal server or on a virtual private server
- sudo root privileges for a local or remote account, or direct access to the root account
- A static IP address configured for one of your system’s network cards
- A private or public domain name, depending on your deployment, with the correct DNS records for web services. If you don’t have a valid or registered domain name, you can install and access the website through your server’s IP address
- If you want to use website registration, mail order confirmations and other features, you should have a running mail server on your premises that is properly configured and provides remote access to its IMAP and SMTP services
Prerequisites
Before you start installing and configuring Cube Cart from source on your own server, you need to make sure that the system meets all the software requirements for compiling and installing the application. In the first step, you update your system repositories and software packages by running the following command
apt update
apt upgrade
After the system has been fully upgraded and the necessary utilities to manage your server have been installed, set up the name for your system by running the following command (replace the hostname variable appropriately).
hostnamectl set-hostname cubecart
Check the hostname of the machine and the hosts file by running the following commands.
hostnamectl
cat /etc/hostname
hostname –s
hostname –f
In the next step, run the following command to install some necessary utilities that you will need to further manage your system from the command line.
apt install wget bash-completion zip unzip
Finally, you need to restart the Debian server so that the kernel updates and hostname changes are applied correctly.
init 6
CubeCart is a web-based CMS e-commerce platform written in the PHP server-side programming language. In order to run the application’s PHP file scripts, a web server such as the Apache HTTP server and a PHP interpreter must be installed in the system and made operational.
To install the Apache web server and the PHP interpreter along with all the necessary PHP modules that the application needs to run properly, enter the following command in your server console
apt install apache2 libapache2-mod-php7.0 php7.0-xml php7.0-curl php7.0-gd php7.0-opcache php7.0-zip php7.0-mbstring
After Apache and PHP are installed, check that the web server is running and listening for network connections on port 80 by entering the following command with root privileges.
netstat –tlpn
If the network utility netstat is not installed by default in your Debian system, run the following command to install it.
apt install net-tools
From the output of the netstat command, you can see that the Apache web server is listening for incoming network connections on port 80. For the same task, you can also use the ss command, which is automatically installed in Debian 9.
ss- tulpn
If you have a firewall enabled in your system, such as the UFW firewall application, you should add a new rule to allow HTTP traffic through the firewall by typing the following command.
ufw allow WWW
or
ufw allow 80/tcp
If you are using iptables raw rules to manage the firewall rules on your Debian server, add the following rule to allow incoming traffic over port 80 on the firewall to allow visitors to browse the online store
apt-get install -y iptables-persistent
iptables -I INPUT -p tcp --destination-port 80 -j ACCEPT
systemctl save iptables-persistent
systemctl iptables-persistent reload
Next, enable the following Apache modules that are required for the proper operation of the e-commerce application and apply them by typing the following command.
a2enmod rewrite
systemctl restart apache2
Finally, test if the default Apache web page can be displayed in your clients’ browsers by calling the IP address of your Debian machine or your domain or server FQDN using the HTTP protocol (see figure below). If you don’t know the IP address of your machine, you can run the ifconfig or ip a commands to find out the IP address of your server.
http://your_domain.tld
To install and access the CubeCart web admin panel backend and frontend website using the HTTPS protocol that secures traffic for your customers, enter the following command to enable the Apache web server SSL module and SSL site configuration file
a2enmod ssl
a2ensite default-ssl.conf
Next, open the Apache default SSL site configuration file with a text editor and enable the URL rewrite rules by inserting the following lines of code after the DocumentRoot directive, as shown in the following example:
nano /etc/apache2/sites-enabled/default-ssl.conf
Extract from SSL site configuration file:
<Directory /var/www/html> Options +FollowSymlinks AllowOverride All Require all granted </Directory>
Also, modify the VirtualHost line to look like the one shown in the excerpt below:
<VirtualHost *:443>
Close the SSL Apache file and open the /etc/apache2/sites-enabled/000-default.conf file for editing and add the same URL rewrite rules as for the SSL configuration file. Add the lines of code after the DocumentRoot statement, as shown in the following example.
<Directory /var/www/html> Options +FollowSymlinks AllowOverride All Require all granted </Directory>
Finally, you restart the Apache daemon to apply all the rules configured so far and visit your domain using the HTTP protocol. Since you are using the self-signed certificate pairs automatically issued by Apache during installation, you should see an error warning in the browser.
systemctl restart apache2
https://yourdomain.tld
Accept the warning about the untrusted certificate to continue and be redirected to the Apache default web page, as shown in the following image.
If the UFW firewall application blocks incoming network connections to the HTTPS port, you should add a new rule to allow HTTPS traffic through the firewall by entering the following command
ufw allow ‘WWW Full’
or
ufw allow 443/tcp
If iptables is the default firewall application installed to protect your Debian system at the network level, add the following rule to allow incoming traffic through port 443 in the firewall to allow visitors to browse your domain name.
iptables -I INPUT -p tcp --destination-port 443 -j ACCEPT
systemctl iptables-persistent save
systemctl iptables-persistent reload
In the next step, we need to make some more changes to the PHP default configuration file to ensure that the following PHP variables are enabled and that the PHP timezone is configured correctly and matches the geographic location of your system. Open the /etc/php/7.0/apache2/php.ini file to edit and ensure that the following lines are set as follows. Also, create a backup of the PHP configuration file first.
cp /etc/php/7.0/apache2/php.ini{,.backup}nano /etc/php/7.0/apache2/php.ini
Find, edit, and change the following variables in the php.ini configuration file:
file_uploads = On memory_limit = 128 M upload_max_file_size = 64M session.auto_start = 0 session.use_trans_sid = 0 date.timezone = Europe/London
Increase the upload_max_file_size variable to support large file attachments, and replace the time.zone variable according to your physical time by consulting the list of timezones provided by PHP Docs at the following link http://php.net/manual/en/timezones.php
If you want to increase the loading speed of your web pages via the OPCache plugin available for PHP7, add the following OPCache settings to the end of the PHP interpreter configuration file:
opcache.enable=1 opcache.enable_cli=1 opcache.interned_strings_buffer=8 opcache.max_accelerated_files=10000 opcache.memory_consumption=128 opcache.save_comments=1 opcache.revalidate_freq=1
Close the php.ini configuration file and check the end of the PHP configuration file to see if the variables were added correctly. To do this, you can enter the following command
tail /etc/php/7.0/apache2/php.ini
After you have made all the changes described above, restart the Apache daemon with the following command to apply the new changes.
systemctl restart apache2
Finally, create a PHP info file by running the following command, and verify that the PHP time zone is configured correctly by accessing the PHP info file in a browser at the following URL, as shown in the following figure. Scroll down to the date setting to verify the PHP time zone configuration.
echo '<?php phpinfo(); ?>'| tee /var/www/html/info.php
The CubeCart e-commerce application stores various configurations – such as users, sessions, contacts, products, catalogs, and others – in an RDBMS database. Enter the following command to install the MariaDB database and the PHP module needed to access the mysql database
apt install mariadb-server php7.0-mysql mariadb-client
After installing MariaDB, verify that the daemon is running and listening for connections on localhost, port 3306, by running the netstat command.
netstat –tlpn | grep mysql
Then log in to the MySQL console and secure the MariaDB root account by entering the following commands
mysql -h localhost
use mysql; update user set plugin='' where user='root'; flush privileges; exit
In the next step, secure MariaDB by running the script mysql_secure_installation included in the installation packages from the Debian Stretch repositories. As the script runs, it asks a series of questions designed to secure the MariaDB database, such as: change the MySQL root password, remove anonymous users, disable remote root logins, and delete the test database.
Run the script with the following command and make sure you answer yes to all questions to fully secure the MySQL daemon. Use the following excerpt from the script as a guide.
sudo mysql_secure_installation
NOTE: THE EXECUTION OF ALL PARTS OF THIS SCRIPT WILL BE FOR ALL MariaDB
SERVERS IN PRODUCTION! PLEASE READ EACH STEP CAREFULLY!
To log in to MariaDB to back it up, we need the current
password for the root user.
If you just installed MariaDB and
haven’t set the root password yet, the password is blank,
then you should just hit enter here.
Enter the current password for root (Enter for none):
OK, password used successfully, let’s move on….
Setting the root password ensures that no one can log in to the MariaDB
root user without proper authorization.
You already have a root password set, so you can safely answer ‘n’.
Change the root password? [Y/n] y
New password:
Enter new password:
Password successfully updated!
Reload permission tables…
… Success!
By default, a MariaDB installation has an anonymous user that anyone
can use to log in to MariaDB without having to create a user account for
them.
This is for testing purposes only and should make the installation
a little smoother.
You should remove it before moving to a
production environment.
Remove anonymous users? [Y/n] y
… Success!
Normally, root should only be allowed to connect from ‘localhost’. This
ensures that someone cannot guess the root password from the network.
Disallow root login remotely? [Y/n] y
… Success!
By default, MariaDB ships with a database called ‘test’ that everyone
has access to.
This database is also for testing only and should
be removed before you deploy it in a production environment.
Remove the test database and access to it? [Y/n] y
– Delete test database…
… Success!
– Remove test database permissions…
… Success!
Restoring the permissions tables ensures that all changes made so far
take effect immediately.
Restoring the permissions tables now? [Y/n] y
… Success!
Clean up…
All done! If you have done all the above steps, your MariaDB
installation should now be secure.
Thank you for using MariaDB!
To test the security of MariaDB, try logging into the database from the console without a root password. Access to the database should be denied if no password is specified for the root account, as seen in the following command snippet:
root@cubecart:~# mysql -h localhost -u root
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (with password: NO)
If the password is provided, the login operation to the MySQL console should be granted, as shown in the command example:
root@cubecart:~# mysql -h localhost -u root -p
Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection identifier is 15 Server version: 10.1.26-MariaDB-0+deb9u1 Debian 9.1 Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to delete the current input statement. MariaDB [(none)]> exit Bye
After logging into the MariaDB database console, create a database for the CubeCart application and a user with a password that will be used to manage the application database, which you can do with the following commands (replace the database name, user, and password accordingly).
mysql –u root -p
Create cubecart database; grant all permissions on cubecart.* to 'cubecart_user'@'localhost', identified by 'password1234'; delete permissions; exit
To apply all the changes made so far, restart the MySQL and Apache daemons and verify that the daemons are running by typing the following commands.
systemctl restart mysql apache2
systemctl status mysql apache2
Installing CubeCart
Once all the system requirements for installing your e-commerce online store are met, visit the official download page of CubeCart at https://www.cubecart.com/download and get the latest compressed zip package into your system by running the following command.
wget https://www.cubecart.com/download/CubeCart-6.1.12.zip
After the zip archive download is complete, unzip the CubeCart zip archive file to the root of your domain document using the following commands. Before unpacking the zip archive, first remove the index.html file installed by the Apache web server from the webroot path and also delete the info.php file created earlier.
rm /var/www/html/index.html
rm /var/www/html/info.php
extract CubeCart-6.1.12.zip -d /var/www/html/
Next, run the following commands to give the Apache runtime user full write permissions to the web root path. Use the ls command to list the permissions for the application’s installed files in the /var/www/html/ directory.
chown -R www-data:www-data /var/www/html/
ls –al /var/www/html/
Next, open a browser and navigate to your server’s IP address, domain name or FQDN using the HTTPS protocol to install the CubeCart online store. On the first installation screen, the CubeCart installer runs a series of tests on the PHP server capabilities on your system to determine if all the requirements for installing the shopping application are met. If all server capabilities are checked on the left, you can start the installation process. Click the Next button to start the installation process, as shown in the example below.
https://yourdomain.tld
On the next installation screen, simply click “Next” to reinstall the CubeCart e-commerce platform.
Next, read the text of the CubeCart license agreement, check the ‘I agree to the terms of the software license’ box, and click the Next button to proceed to the next installation screen, as shown in the following image.
The next step is for the installer to check the root permissions of your web server to determine if the write operation is allowed for the directories shown on the left. If all file permissions shown on the right are set to writable, click the Next button to proceed to the next installation step.
On the next installation screen, enter the MySQL database server address, the username and password to access the CubeCart database, and the database name created to install the application. Leave the table prefix, database port and database socket as default (leave them blank). After entering all the required database information, scroll down and set a name for your store, the default language of your store, and the default currency of your store. Finally, scroll down and set a username and password for the store administrator, add the store owner’s name and email address, and click the Next button to proceed to the next installation screen. Use the following screenshot as a guide for this step.
After the installation is complete, the installer will display two links that will allow you to access the CubeCart supported administration control panel, which is used to manage your online store, and the “Online Store Front” link, which is the URL that will be displayed to your customers, as shown in the screenshot below.
To visit the backend of your online store, click on the Admin Control Panel link and you will be redirected to the login page of your e-commerce application, as shown in the screenshot below. Copy the address of the backend admin panel or bookmark it in your browser to access your store’s backend at a later time. Log in to the CubeCart Dashboard using the admin credentials you set up during installation.
After logging into the CubeCart Backed Admin Panel, a welcome message will appear on your screen telling you to follow the Quick Tour to get you started.
To force visitors to visit the CubeCart frontend website and securely access the backend interface using the HTTPS protocol to encrypt traffic between the server and client browsers, you need to return to your server’s terminal and edit the .htaccess file in the root of your website document by entering the following command:
nano /var/www/html/.htaccess
Then edit the .htaccess file and change the native PHP server settings at the end of the file with the following configurations (adjust the PHP settings to your own server resources and configurations)
.htaccess Excerpt from the file:
# Change the PHP settings php_value session.use_trans_sid 0 php_value register_globals 1
Finally, add the following rules to the .htaccess file to automatically redirect domain traffic to HTTPS
# Redirect to HTTPS
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]
</IfModule>Alternatively, you can manipulate your store’s SSL settings by navigating to CubeCart Admin Control Panel -> Settings -> Store Settings -> SSL and setting the Enable SSL value to Yes after checking the store URL address and cookie domain to your store domain name, as shown in the image below.
To visit the frontend of your CubeCart application (the page that is actually displayed to visitors to your store), navigate to your domain address or your server’s IP address using the secured HTTPS protocol, as shown in the screenshot below.
https://www.yourdomain.tld
That’s it! You have successfully installed and configured the CubeCart e-commerce application on Debian 9.2. However, since the Apache HTTP server uses self-signed certificates to encrypt traffic between the server and visitors’ browsers, a warning message is always generated and displayed in their browsers. This warning is bad for your online business. In this case, you should buy a certificate issued by a trusted certificate authority or get a free pair of certificates from Let’s Encrypt CA.
For more custom configurations of the CubeCart e-commerce online application, visit the documentation page at the following address: https://support.cubecart.com/Knowledgebase/List