Installing the Typo3 v12.4 content management system
published on
Typo3 is another content management system. However, you might not be too familiar with it as it is aimed more at enterprises rather than a smaller, simpler site or blog that a lot of people use something like Wordpress to create.
Typo3 can be installed on Apache or NGinx and this post will show you how to do both.
Initial setup
To begin with I install some basic packages which can be necessary later on.
sudo apt install lsb-release ca-certificates apt-transport-https software-properties-common language-pack-en-base zip unzip
sudo locale-gen en_US.UTF-8
Install PHP 8.2
Next I will install PHP by running the following commands
sudo add-apt-repository ppa:ondrej/php
sudo apt update
sudo apt install openssl php8.1-{common, cli, bz2, zip, curl, intl, mysql, snmp, memcached, imagick, gd, fileinfo, imap, ldap, soap, tidy, xml, gd, gmp, pspell, mbstring, opcache, fpm, ssh2, imap, redis, apcu, mcrypt}
sudo apt ghostscript imagemagick
To configure PHP I run sudo nano /etc/php/8.2/fpm/pool.d/www.conf and add, or edit, the following lines to look like the ones below
listen = /run/php/php8.2-fpm.sock
listen.owner = www-data
listen.mode = 0660
I then make similar edits to the php.ini file by running sudo nano /etc/php/8.2/fpm/php.ini and adding, editing or uncommenting the following lines to look like the ones below
output_buffering = Off
expose_php = off
max_execution_time = 240
max_input_time = 60
max_input_vars = 1500
memory_limit = 512M
post_max_size = 10M
upload_max_filesize = 10M
date.timezone = Europe/London
opcache.enable=1
opcache.jit_buffer_size=100M
opcache.jit=1255
opcache.memory_consumption=128
opcache.max_accelerated_files=10000
opcache.revalidate_freq=2
Now install the MariaDB database
The following two commands will install MariaDB and tools necessary for backing databases up. The second of the commands will secure the MariaDB installation.
sudo apt-get install mariadb-server mariadb-backup
sudo mysql_secure_installation
There are two other changes which I will make to a configuration file by running sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf and making sure the two lines below appear as shown here.
bind-address = 127.0.0.1
local-infile = 0
Set up the Typo3 database
Enter sudo mysql -u root -p at the command line and type the following commands at the MariaDB command prompt.
CREATE DATABASE t3_db charset=utf8mb4;
CREATE USER 't3_user'@'localhost' IDENTIFIED BY 'my_password';
GRANT ALL PRIVILEGES ON t3_db.* to 't3_user'@'localhost';
FLUSH PRIVILEGES;
exit
Make sure to change the database name, user name and password to something more secure.
If you are going to use the Apache web server
sudo add-apt-repository -y ppa:ondrej/apache2
sudo apt update && sudo apt upgrade
sudo apt-get install apache2 apache2-utils
sudo a2enmod mime http2 rewrite deflate expires headers ssl
sudo apt-get install libapache2-mod-fcgid
sudo a2enmod proxy_fcgi setenvif
sudo a2enconf php8.2-fpm
sudo systemctl restart php8.2-fpm
sudo a2dissite 000-default.conf
sudo systemctl restart apache2
Once Apache is installed create the virtual host file for Typo3 by running sudo nano /etc/apache2/sites-available/typo3.conf and adding the following lines
<VirtualHost *:80>
ServerAdmin [email address]
ServerName [domain]
ServerAlias www.[domain]
DocumentRoot /var/www/[domain]/
Protocols h2 http/1.1
DirectoryIndex index.php index.html
<Directory /var/www/[domain]/>
Options +SymLinksIfOwnerMatch -MultiViews -Indexes -Includes -ExecCGI
AllowOverride All
Require all granted
</Directory>
<FilesMatch "\.php$">
SetHandler "proxy:unix:/run/php/php8.2-fpm.sock|fcgi://localhost"
</FilesMatch>
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/css text/javascript application/javascript
</IfModule>
SetEnv TZ Europe/London
AddDefaultCharset UTF-8
DefaultLanguage en
FileETag none
###Header set Strict-Transport-Security "max-age=31536000; includeSubdomains;" env=HTTPS
Header set X-XSS-Protection "1; mode=block"
Header set X-Content-Type-Options nosniff
Header set X-Frame-Options SAMEORIGIN
Header set Referrer-Policy: no-referrer-when-downgrade
###Header set Content-Security-Policy "default-src 'self';"
###Header set X-Permitted-Cross-Domain-Policies "none"
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Once you have created the Apache virtual host you will want to run the following two commands to activate it.
sudo a2ensite typo3.conf
sudo systemctl restart apache2
If you are going to use the NGinx web server
sudo add-apt-repository -y ppa:ondrej/nginx-mainline
sudo apt update && sudo apt upgrade
sudo apt install nginx-core nginx-common nginx nginx-full libgeoip-dev libpcre3-dev
Once NGinx has been installed you will want to run sudo nano /etc/nginx/sites-available/typo3.conf and add the following lines to create the NGinx server block.
server {
listen 80;
listen [::]:80;
root /var/www/[domain]/;
index index.php index.html index.htm;
server_name example.com www.example.com;
# Compressing resource files will save bandwidth and so improve loading speed especially for users
# with slower internet connections. TYPO3 can compress the .js and .css files for you.
# *) Set $GLOBALS['TYPO3_CONF_VARS']['BE']['compressionLevel'] = 9 for the Backend
# *) Set $GLOBALS['TYPO3_CONF_VARS']['FE']['compressionLevel'] = 9 together with the TypoScript properties
# config.compressJs and config.compressCss for GZIP compression of Frontend JS and CSS files.
location ~ \.js\.gzip$ {
add_header Content-Encoding gzip;
gzip off;
types { text/javascript gzip; }
}
location ~ \.css\.gzip$ {
add_header Content-Encoding gzip;
gzip off;
types { text/css gzip; }
}
# TYPO3 - Rule for versioned static files, configured through:
# - $GLOBALS['TYPO3_CONF_VARS']['BE']['versionNumberInFilename']
# - $GLOBALS['TYPO3_CONF_VARS']['FE']['versionNumberInFilename']
if (!-e $request_filename) {
rewrite ^/(.+)\.(\d+)\.(php|js|css|png|jpg|gif|gzip)$ /$1.$3 last;
}
# TYPO3 - Block access to composer files
location ~* composer\.(?:json|lock) {
deny all;
}
# TYPO3 - Block access to flexform files
location ~* flexform[^.]*\.xml {
deny all;
}
# TYPO3 - Block access to language files
location ~* locallang[^.]*\.(?:xml|xlf)$ {
deny all;
}
# TYPO3 - Block access to static typoscript files
location ~* ext_conf_template\.txt|ext_typoscript_constants\.txt|ext_typoscript_setup\.txt {
deny all;
}
# TYPO3 - Block access to miscellaneous protected files
location ~* /.*\.(?:bak|co?nf|cfg|ya?ml|ts|typoscript|tsconfig|dist|fla|in[ci]|log|sh|sql|sqlite)$ {
deny all;
}
# TYPO3 - Block access to recycler and temporary directories
location ~ _(?:recycler|temp)_/ {
deny all;
}
# TYPO3 - Block access to configuration files stored in fileadmin
location ~ fileadmin/(?:templates)/.*\.(?:txt|ts|typoscript)$ {
deny all;
}
# TYPO3 - Block access to libraries, source and temporary compiled data
location ~ ^(?:vendor|typo3_src|typo3temp/var) {
deny all;
}
# TYPO3 - Block access to protected extension directories
location ~ (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?|Documentation|docs?)/ {
deny all;
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
# TYPO3 Backend URLs
location = /typo3 {
rewrite ^ /typo3/;
}
location /typo3/ {
try_files $uri /typo3/index.php$is_args$args;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_buffer_size 32k;
fastcgi_buffers 8 16k;
fastcgi_connect_timeout 240s;
fastcgi_read_timeout 240s;
fastcgi_send_timeout 240s;
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi.conf;
}
}Once the server block has been created you can run the following commands to disable the default server block and activate the one above.
sudo unlink /etc/nginx/sites-enabled/default
sudo ln -s /etc/nginx/sites-available/typo3.conf /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl restart nginx
Now install Typo3 v12.4
Regardless of whether you chose to use Apache or NGinx you can install Typo3 on your server by running the following commands.
cd ~
wget --content-disposition https://get.typo3.org/12.4.1
tar -xzf typo3_src-12.4.1.tar.gz
cd typo3_src-12.4.1
sudo mkdir /var/www/[domain]
sudo cp -r * /var/www/[domain]
cd ..
rm -rf typo3_src-12.4.1 typo3_src-12.4.1.tar.gz
sudo touch /var/www/[domain]/typo3/error.html
sudo touch /var/www/[domain]/FIRST_INSTALL
sudo chown -R www-data:www-data /var/www/[domain]
sudo chmod -R 755 /var/www/[domain]
Remember that the [domain] above needs to be the same one you would use in the document root of your virtual host or server block above.
Secure your Typo3 install with an SSL / TLS certificate
First install Certbot by running the following commands
sudo apt-get install snapd
sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
If you installed Apache run sudo certbot -d [domain] -d www.[domain] --apache to get your certificate and, if you installed NGinx, run sudo certbot -d [domain] -d www.[domain] --nginx instead.
Whilst the Apache configuration will be updated to make use of your certificate make sure you update your NGinx server block if you are using NGinx instead.
Setup Typo3
Visit [domain] in your browser and work your way through the setup guide in order to finish off creating your new Typo3 content management system.
Final thoughts
This guide, like the others, explains how to get your content management system installed on your server. However, you may want to make a number of changes to your virtual host file or server block to suit your own preferences and needs.
The hard work will obviously be in using Typo3 to set up your site the way you want it. To help you along the way Typo3 provide a few videos which can be found https://typo3.org/help/documentation/video-tutorials and documentation for their system can be found https://docs.typo3.org/.