Technology Tools for Ministry

Installing the WEC Starter Package

server   server   

Configuration

Completing the 1-2-3 Installer will yield a functional TYPO3 site, but there are still a few critical steps to get the website truly running.  

Also, the initial usernames and passwords are the same for every installation. Passwords need to be changed as soon as possible. If you wait, your system will be open to certain security risks. You will need to change the:

  1. TYPO3 Install Tool password
    (You will probably need the TYPO3 Install Tool to make future configuration changes. So, it is important to keep it enabled and to secure it with a different and difficult-to-guess password.)

  2. TYPO3 Backend Admin User password

To begin configuring, login to the TYPO3 backend. The TYPO3 backend is used to create and maintain your website. A link to the “backend login” is provided in the final step of the 1-2-3 Install Tool. Follow this link, or append /typo3/ to the end of your root web address. For example, http://mychurch.org/typo3/ where “mychurch.org” is the root web address of your website.

This will load the TYPO3 backend login screen. Enter the default username and password for a new installation. 

Username:    admin

Password:    password


Once the login has completed, a large yellow box will displays on the main TYPO3 backend page, notifying you of critical information. 


The
Important Notice! box displays two warnings of security risks in the default install.

  1. The backend login is still set to the default values of “admin” and “password.” 

  2. The Install Tool password is still set to the default value of “joh316.”  

You need to change these passwords to protect the server and website from an unauthorized person logging in using the TYPO3 default passwords.  

Additionally, you should reset the TYPO3 encryption key. This key is used internally by TYPO3 when rendering pages from content in the database. Leaving it unset could allow a malicious hacker to overwhelm your site with requests for data, causing the server to crash. 

Closing Security Risks – Backend User Admin

The most critical password to change is the TYPO3 backend admin user password. If some malicious user figures out your site is running TYPO3 and wants to get into the backend, there's a good chance they'll try the default admin username and password first. Please change this immediately!

To change this default user:  

  1. Click the Web > List link on the left side menu. A page tree will display near the center of the page showing a list of web pages and folders in the website. The content of the page tree was created during the WEC Starter Package installation.

  2. In the page tree, click on the top level page (WEC Starter Package) for the website to display a list at the right that includes a list of authorized backend users.

  3. Click on the
    pencil icon next to the admin user. The edit screen for the user will then open on the right. See the example below.


  1. Enter a new username (example shows myadmin).

  2. Enter a new password (example shows mypassword, but please pick a more complex password that would be difficult to guess).

  3. Click the
    Save or
    Save and Close button at the top of the page.

  4. You will return to the top-level edit screen. See the example below. 


 

Removing Security Risks – Install Tool

For security reasons, the password to the install tool should also be changed.  

The Install Tool can be accessed from the TYPO3 backend from the Tools

  1. Click the Install link on the left side menu. The TYPO3 Install Tool will open.

  2. Enter the default password joh316.

  3. Click the Log In button. See the example below.


 

Set a new Install Tool password

After you login to the TYPO3 Install Tool: 

  1. The TYPO3 4.0 Install Tool startup screen opens in the About section.

  2. Scroll down on this page until you see the form fields that allow you to enter a new password.

  3. Enter a new password and re-enter it, then click the Set new password button.

  4. After you receive the confirmation message, click the Basic Configuration option. See the examples below.


 


Site Name and Encryption Key

Both the Site Name and the Encryption Key can be set in the Basic Configuration section of the Install Tool.  

  1. Scroll down the Basic Configuration page to the Write config to localconf.php heading.

  2. Keep scrolling to Site Name and change the value to match your church or ministry name, or another identifying name that will be the “project name” for you website.

  3. Below this, set the Encryption Key to a random value by clicking the Generate random key button.

  4. After making these updates, scroll to the bottom of the page and click on the Update localconf.php button to save your changes. See example below.


Note: Because the Basic Configuration page is so long, only a few highlights are shown in the example screenshot below to help you recognize the sections described in the steps.

 

Configuring – Site URL

In addition to removing security risks, you need to provide some basic informational data that will configure and personalize your website. This data can be entered at Web->WEC Config, within the “Edit Site Constants” section.  


There are many site-wide constants that can be set in this section, but the most critical one is the site URL.  The value entered here should be where your site is found on the Internet, such as http://mychurch.org/, and it should always include a forward slash on the end.  If this value is not set, links between pages will not work properly.

For more information on WEC Config and the WEC Constants, see “Getting Started with the Web-Empowered Church” in the next section of this document. 

 

What's Next?

If you've reached this point, your installation of TYPO3 and the Web-Empowered Church Starter Package is complete. The logical question, then, is where to next? 

“Getting Started with the Web-Empowered Church”, available at http://www.webempoweredchurch.com/support/userdoc/, answers that question by providing instructions on setting your site template, configuring your WEC Starter Package, and using the TYPO3 backend to create website content.

Appendix

You may choose to install the WEC Starter Package using either Secure Shell Access or FTP Access to your web server.  

Shell Access

Windows users will need to download an SSH client. One recommended client is PuTTY, available for free at http://www.chiark.greenend.org.uk/~sgtatham/putty/. When using PuTTY or any other graphical SSH client, the actual server connection will be made by the SSH client program. Once connected, all commands will be performed through a command line. For Mac or Linux users, command line SSH should be loaded on your system already.

You will need to contact your web hosting provider to determine how to access the server through SSH. Some providers may use different versions of SSH or may only allow access through a specific port or route. 

FTP Access

If you choose to use FTP, which typically has a more graphical interface than the command line Shell access, you will need to install an FTP client program if you do not already have one. The free, open-source application FileZilla is available at http://filezilla.sourceforge.net/ for Windows users. Mac and Linux users can make use of the bundled command line application or download an graphical FTP client like CuteFTP.

 

server   server   
  wec_starter-4_2_3-1_0_0-install.sxw 7 / 7

Pages