Setting up a Cloud Server

Running servers in the cloud – like with AWS, Digital Ocean or Hetzner – is a cheap and easy way to get hold of a high performance server for a Shopware installation, be it development, staging or production. Though many are afraid of the technical knowledge required to set it up. It is probably easier than you believe.

A cloud server typically gives you more bang-for-the-buck (i.e. power/€) than a shared hosting or a managed server. Furthermore, it is scalable – you can size it up – or down – as you need, while you pay only for the actual resources booked. With all providers, a cloud server can be booked and is up within minutes, and can be cancelled effective immediately with a mouse click.

Read here how to quickly set-up a cloud server. It’s just six steps:___STEADY_PAYWALL___


  1. Book and Create a Server
  2. Server Basics
  3. Install LAMP Packages
  4. Letsencrypt SSL
  5. Configure Apache
  6. Install Shopware

Before we start

This example assumes that you have a domain www.example.com, and have registered this domain with your Shopware account.

The command and code examples are taken from our experience with Hetzner, so they might slightly differ for AWS or Digital Ocean servers.

Our example is based on the LAMP stack with Apache2 as the webserver and mySQL as the database. If you prefer nginx and/or mariaDB have a look at this excellent tutorial: https://community.hetzner.com/tutorials/install-shopware-6

Book and Create a Server

First thing to note is terminology: While at Hetzner a server is a server, Digital Ocean calls it a ‘droplet’ and for AWS it is an ‘EC2 instance’.

Hetzner cloud servers are amongst the cheaper alternatives, so this is what we start with. To be fair, while Digital Ocean and AWS are more expensive, they also provide (apparently) a higher level of reliability and performance.

For a first Shopware installation, you might want to start with a Hetzner CX21 server, which comes with 2 CPUs, 4 GB of memory and 40 GB of disk space. It’s just € 5,83 per month (at the time of writing).

Select Ubuntu 20.04 as an image, and add your SSH public key for access (never ever use password login with your servers).

Once you have created the server, it is a good idea also to create a firewall and assign it to your server. The only incoming traffic you should allow is TCP ports 22 (for SSH) and 80 and 443 (for the web server).

Server Basics – Users, Firewall

Before starting anything else you should update your server to using the most up-to-date libraries:

sudo apt update && sudo apt dist-upgrade -y

The first thing you should do is to add a non-root user and enable sudo without password for it. There are excellent tutorials for this:

Set up non-root user: https://www.digitalocean.com/community/tutorials/how-to-create-a-new-sudo-enabled-user-on-ubuntu-18-04-quickstart

Enable sudo without password: https://phpraxis.wordpress.com/2016/09/27/enable-sudo-without-password-in-ubuntudebian/

Then you should harden your SSH a little bit – at least disable root login and login with password, as explained here: https://www.digitalocean.com/community/tutorials/how-to-harden-openssh-on-ubuntu-18-04

Last but not least I recommend to enable ufw (‘uncomplicated firewall’). It should be installed already by default, if not, install it with:

sudo apt install ufw

Enable ufw and open the SSH and web server ports. The trick with SSH is the ‘limit’ which prevents brute force attacks.

sudo ufw limit ssh
sudo ufw allow http
sudo ufw allow https
sudo ufw enable

Verify ufw’s status with sudo ufw status. Before you continue or log out, open a second ssh terminal and log in to proof that you have not accidentally locked yourself out.

Install Apache2, MySQL and PHP

When you created the server, you may have noted that there is also an ‘app’ with a pre-configured LAMP stack that you could use to create the server. If you did so, you may skip the corresponding parts in this section. Note I personally prefer to set up the stack my self, as I don’t fully trust what’s in the app provided.

Install the basic Apache2, MySQL and PHP components:

sudo apt install apache2 curl mysql-server php libapache2-mod-php php-mysql zip openssl pwgen

You also need to install a no. of PHP extensions required by Shopware 6:

sudo apt install php-common php-curl php-gd php-intl php-json php-mbstring php-xml php-zip libxml2-dev php7.4-soap

Now update your php.ini settings to Shopware 6 requirements. The php.ini file is located in /etc/php/7.4/apache2/php.ini. Check and correct these settings if necessary:

memory_limit = 512M
post_max_size = 12M
upload_max_filesize = 12M

Furthermore, enable the Shopware-required Apache modules and restart Apache:

sudo a2enmod ssl
sudo a2enmod rewrite
sudo a2enmod headers
sudo a2enmod http2
sudo systemctl restart apache2

Now prepare MySQL and create the user and databases for Shopware. Before you start, I recommend to use the mysql_secure_installation tool as described in this tutorial: https://www.digitalocean.com/community/tutorials/how-to-install-mysql-on-ubuntu-20-04-quickstart.

Whenever prompted for a new password, you may want to use the pwgen tool to create it. For example

pwgen 32 1

will output a 32 character strong password.

First, log into MySQL as a root user – since you do it ‘locally’ you don’t need the password here:

sudo mysql -uroot

Now, from the console, create a user and databases (we assume we will have a staging and a production environment on our server).

create database staging;
create database production;
create user 'shopware'@'localhost' identified by 'a-pwgen-generated-password';
grant all privileges on staging.* to 'shopware'@'localhost';
grant all privileges on production.* to 'shopware'@'localhost';
exit;

Now log into MySQL as the shopware user to test whether all settings are correct:

mysql -ushopware -p

You will be prompted for the password. Check whether you have the necessary privileges for the tables:

show databases;

You should see the databases staging and production.

Letsencrypt SSL

Letsencrypt is great provider for free SSL certificates, that are required to run your web server in secure https mode. The tool you need to use it on your server is called certbot – install it with:

sudo apt install certbot

Do a dry-run first to check everything is working on your server:

sudo certbot certonly -d www.example.com --dry-run

When asked ‘How would you like to authenticate with the ACME CA?’ chose option 2 (place files in webroot directory). The webroot directory to specify is /var/www/html. After the dry-run finishes successful, repeat the command without the dry-run option. You will find the certificates in this folder: /etc/letsencrypt/live/www.example.com/

The really smart feature of certbot is that it will, in the future, automatically renew the certificates for you when they expire (usually every three month).

Configure Apache2

Apache allows you to support multiple hosts from one server – so called virtual hosts or vhosts in short. Although not necessary, I recommend to configure vhosts right away.

Create a new directory to host the Shopware installation and assign it to the web server:

sudo mkdir /var/www/html/example
sudo mkdir /var/www/html/example/staging
sudo chown -R www-data:www-data /var/www/html/example

Now go into the directory /etc/apache2/sites-available and create a new file 10-example.conf.

sudo cd /etc/apache2/sites-available
sudo nano 10-example.conf

Paste the code below into this file and save.

<VirtualHost *:80>
        ServerName www.example.com
        ServerAlias example.com
        Redirect permanent / https://www.example.com

        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html/example/staging/shopware/public/

         <Directory /var/www/html/example/staging/>
            Options Indexes FollowSymLinks
            AllowOverride All
            Require all granted
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        <IfModule mod_dir.c>
            DirectoryIndex index.php index.pl index.cgi index.html index.xhtml index.htm
        </IfModule>

        <FilesMatch "\.(cgi|shtml|phtml|php)$">
            SSLOptions +StdEnvVars
        </FilesMatch>

        <Directory /usr/lib/cgi-bin>
            SSLOptions +StdEnvVars
        </Directory>
</VirtualHost>

<IfModule mod_ssl.c>
    <VirtualHost *:443>

        ServerName www.example.com
        ServerAlias example.com
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html/example/staging/shopware/public/

        SSLEngine on

        Protocols h2 http/1.1

        <Directory /var/www/html/example/staging/>
            Options Indexes FollowSymLinks
            AllowOverride All
            Require all granted
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        <IfModule mod_dir.c>
            DirectoryIndex index.php index.pl index.cgi index.html index.xhtml index.htm
        </IfModule>

        <FilesMatch "\.(cgi|shtml|phtml|php)$">
            SSLOptions +StdEnvVars
        </FilesMatch>
        <Directory /usr/lib/cgi-bin>
            SSLOptions +StdEnvVars
        </Directory>

        SSLCertificateFile /etc/letsencrypt/live/www.example.com/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/www.example.com/privkey.pem
</VirtualHost>
</IfModule>

Now disable Apache’s default vhost, enable your new vhost and restart Apache:

sudo a2dissite 000-default.conf
sudo a2enssite 10-example.conf
sudo systemctl restart apache2

Install Shopware

Now go to your vhost document root directory and create the Shopware 6 installation files. It is important to note that, since you are now in the ‘domain’ of the web server, you need to prefix all your commands with a sudo -u www-data.

To get the correct download link, visit https://www.shopware.com/en/changelog/ and copy the link using a right-click (!) on the ‘Install’ button for the selected version.

sudo cd /var/www/html/example/staging
sudo -u www-data wget -O install.zip https://get-this-link-from-shopware-download-site
sudo -u www-data unzip install.zip

Now point your browser to https://www.example.com – you should see Shopware 6′ setup wizzard. Follow all steps as appropriate.

Questions? Remarks? Suggestions?

Please share your insights and thoughts using the comment section below!