For all the following procedures we start with:

• Log in to admin.nogalliance.org
• In the top menu select "Sites"

• In the left menu select "Website"
• Click the green button "Add new website"
• Select the Client account of the NOG
• Do not change the IP addresses
• Enter the domain name (for example ug.nog.community)
• If the www subdomain exists leave the Auto-Subdomain, otherwise change it to "None"
• Enable "Let's Encrypt SSL"
• Save

Now wait a while until the website is created and the SSL certificate has been created. Test this by opening http://<domain> in your browser. When that works and shows a welcome page also try https://<domain> and check that SSL works. Sometimes ISPConfig fails when creating the SSL certificate. When that happens:

• In the left menu select "Website"
• Select the website from the list
• Enable "Let's Encrypt SSL" again (the failure will have turned it off)
• Save

Now that http and https both work let's make sure that we always use https:

• In the left menu select "Website"
• Select the website from the list
• Click on the "Redirect" tab
• Enable "Rewrite HTTP to HTTPS"
• Save

If the website is going to be used on multiple domains we have to create aliases for them:

• In the left menu select "Aliasdomain for website"
• Click the green button "Add new Aliasdomain"
• Enter the "Domain" name
• The "Parent Website" is the NOG's website you created above
• "Redirect Type" is usually "R=301,L"
• If the www subdomain exists leave the Auto-Subdomain, otherwise change it to "None"
• Save

ISPConfig provides a quick-install for different apps, including WordPress:

• In the left menu select "Available packages"
• Look for the "WordPress" package and select the latest version
• Click the green button "Install this package"
• As "Install location" select the website and leave the directory path empty
• Set or generate a password for the admin user
• Check "I accept the license"
• Click "Install"

This will automatically create the necessary database user and database. When the installation has finished we need to adjust some settings:

• Open https://<website>/wp-admin in your browser
• Log in with the admin username and password you set in the previous step
• In the left menu select "Settings"
• Set the "Site Title" and "Tagline" to something sensible
• Make sure both URLs start with https://
• Fill in the "Email Address" for the site administrator
• Set the correct "Time Zone", "Date Format" and "Time Format" for the region the NOG is in
• Click "Save Changes"

Then:

• In the left menu under "Settings" select "Permalinks"
• Change it to one of the options that is not "Plain", usually "Month and name" is fine
• Click "Save Changes"

First install the plugin in WordPress:

• Open https://<website>/wp-admin in your browser
• Log in with the admin username and password you set in the previous steps
• In the left menu under "Plugins" select "Add New"
• In the top right of the screen search for "infinitewp"
• For the "InfiniteWP Client" click "Install Now"
• After it is installed click "Activate"
• Click on "Copy details"

Then add it to the dashboard:

• Log in to https://nogalliance.org/central/v3/
• In the bottom left click "Add Site"
• In the "Add a WordPress Site" window paste the details you copied in the previous step
• Click "Add Site"
• Click "Save Changes"

To add some functionality to the websites we host, we always install the following plugins:

• "Absolute Relative URLs" by Andrew Patterson
• "Broken Link Checker" by ManageWP
• "Health Check & Troubleshooting" by The WordPress Community
• "Security Headers" by Simon Waters
• "Wordfence Security – Firewall & Malware Scan" by Wordfence
• "WP OAuth Server" by WP OAuth Server
• "WP Super Cache" by Automattic

To install these plugins repeat the following steps for each plugin:

• In the left menu under "Plugins" select "Add New"
• In the top right of the screen search for the name of the plugin
• Find the plugin in the screen and click "Install Now"
• After it is installed click "Activate"
• Answer any questions the plugin might ask for (like the admin's email address)

• In the left menu select "Wordfence"
• At the top of the screen click on the "Yes, enable auto-update" link
• Click the button "Click here to configure"
• Click "Download .htaccess"
• Click "Continue"
• Click "Close"
• Click the button "Dismiss"

It will take a few minutes for the configuration to become active.

• In the left menu under "Settings" select "HTTP Headers"
• Select "Disable content sniffing"
• Set the "HSTS Time to live" to "31536000" seconds (1 year)
• Click "Save Changes"

• In the left menu under "Settings" select "WP Super Cache"
• Select "Caching on"
• Click "Update Status"

• In the left menu under "OAuth Server" select "Settings"
• Select "OAuth Server Enabled"
• Click "Save Changes"

If this NOG will get an Indico server then configure that as a client:

• In the left menu under "OAuth Server" select "Clients"
• Click the button "Add New Client"
• Set "Client Name" to "Indico"
• Click "Create Client"

Store the "Client ID" and "Client Secret". You'll need them later when setting up Indico.