+*/10 * * * * cd /home/myname/mywebsite; /usr/bin/php bin/worker.php
+
+You can generally find the location of PHP by executing "which php". If you
+have troubles with this section please contact your hosting provider for
+assistance. Friendica will not work correctly if you cannot perform this step.
+
+You should also be sure that $a->config['php_path'] is set correctly, it should
+look like (changing it to the correct PHP location)
+
+$a->config['php_path'] = '/usr/local/php56/bin/php'
+
+Alternative: If you cannot use a cron job as described above, you can use
+the frontend worker and an external cron service to trigger the execution
+of the worker script. You can enable the frontend worker after the installation
+from the admin panel of your node and call
+
+ https://example.com/worker
+
+with the service of your choice.
+
+9. (Recommended) Set up a backup plan
+
+Bad things will happen. Let there be a hardware failure, a corrupted
+database or whatever you can think of. So once the installation of your
+Friendica node is done, you should make yoursef a backup plan.
+
+The most important file is the `config/local.ini.php` file in the base directory.
+As it stores all your data, you should also have a recent dump of your
+Friendica database at hand, should you have to recover your node.
+
+10. (Optional) Reverse-proxying and HTTPS
+
+Friendica looks for some well-known HTTP headers indicating a reverse-proxy
+terminating an HTTPS connection. While the standard from RFC 7239 specifies
+the use of the `Forwaded` header.
+
+ Forwarded: for=192.0.2.1; proto=https; by=192.0.2.2
+
+Friendica also supports a number on non-standard headers in common use.
+
+
+ X-Forwarded-Proto: https
+
+ Front-End-Https: on
+
+ X-Forwarded-Ssl: on
+
+It is however preferable to use the standard approach if configuring a new server.
+
+#####################################################################
+
+ If things don't work...
+
+#####################################################################
+
+
+#####################################################################
+- If you get the message
+ "System is currently unavailable. Please try again later"
+#####################################################################
+
+ Check your database settings. It usually means your database could not
+be opened or accessed. If the database resides on the same machine, check that
+the database server name is "localhost".
+
+#####################################################################
+- 500 Internal Error
+#####################################################################
+
+ This could be the result of one of our Apache directives not being
+supported by your version of Apache. Examine your apache server logs.
+ You might remove the line "Options -Indexes" from the .htaccess file if
+you are using a Windows server as this has been known to cause problems.
+Also check your file permissions. Your website and all contents must generally
+be world-readable.
+
+ It is likely that your web server reported the source of the problem in
+its error log files. Please review these system error logs to determine what
+caused the problem. Often this will need to be resolved with your hosting
+provider or (if self-hosted) your web server configuration.
+
+#####################################################################
+- 400 and 4xx "File not found" errors
+#####################################################################
+
+ First check your file permissions. Your website and all contents must
+generally be world-readable.
+
+ Ensure that mod-rewite is installed and working, and that your
+.htaccess file is being used. To verify the latter, create a file test.out
+containing the word "test" in the top directory of Friendica, make it world
+readable and point your web browser to
+
+http://yoursitenamehere.com/test.out
+
+ This file should be blocked. You should get a permission denied message.
+
+ If you see the word "test" your Apache configuration is not allowing
+your .htaccess file to be used (there are rules in this file to block access
+to any file with .out at the end, as these are typically used for system logs).
+
+ Make certain the .htaccess file exists and is readable by everybody, then
+look for the existence of "AllowOverride None" in the Apache server
+configuration for your site. This will need to be changed to
+"AllowOverride All".
+
+ If you do not see the word "test", your .htaccess is working, but it is
+likely that mod-rewrite is not installed in your web server or is not working.
+
+ On most flavour of Linux,
+
+% a2enmod rewrite
+% /etc/init.d/apache2 restart
+
+ Consult your hosting provider, experts on your particular Linux
+distribution or (if Windows) the provider of your Apache server software if
+you need to change either of these and can not figure out how. There is
+a lot of help available on the web. Google "mod-rewrite" along with the
+name of your operating system distribution or Apache package (if using
+Windows).
+
+
+#####################################################################
+- If you are unable to write the file config/local.ini.php during installation
+due to permissions issues:
+#####################################################################
+
+ create an empty file with that name and give it world-write permission.
+For Linux:
+
+% touch config/local.ini.php
+% chmod 664 config/local.ini.php
+
+Retry the installation. As soon as the database has been created,
+
+******* this is important *********
+
+% chmod 644 config/local.ini.php
+
+#####################################################################
+- Some configurations with "suhosin" security are configured without
+an ability to run external processes. Friendica requires this ability.
+Following are some notes provided by one of our members.
+#####################################################################
+
+On my server I use the php protection system Suhosin
+[http://www.hardened-php.net/suhosin/]. One of the things it does is to block
+certain functions like proc_open, as configured in /etc/php5/conf.d/suhosin.ini:
+
+ suhosin.executor.func.blacklist = proc_open, ...
+
+For those sites like Friendica that really need these functions they can be
+enabled, e.g. in /etc/apache2/sites-available/friendica:
+
+ <Directory /var/www/friendica/>
+ php_admin_value suhosin.executor.func.blacklist none
+ php_admin_value suhosin.executor.eval.blacklist none
+ </Directory>
+
+This enables every function for Friendica if accessed via browser, but not for
+the cronjob that is called via php command line. I attempted to enable it for
+cron by using something like
+
+ */10 * * * * cd /var/www/friendica/friendica/ && sudo -u www-data /usr/bin/php
+-d suhosin.executor.func.blacklist=none -d suhosin.executor.eval.blacklist=none
+-f bin/worker.php
+
+This worked well for simple test cases, but the friendica-cron still failed with
+a fatal error:
+suhosin[22962]: ALERT - function within blacklist called: proc_open() (attacker
+'REMOTE_ADDR not set', file '/var/www/friendica/friendica/boot.php', line 1341)
+
+After a while I noticed, that bin/worker.php calls further php script via
+proc_open. These scripts themselves also use proc_open and fail, because they
+are NOT called with -d suhosin.executor.func.blacklist=none.
+
+So the simple solution is to put the correct parameters into config/local.ini.php:
+
+[config]
+; Location of PHP command line processor
+php_path = "/usr/bin/php -d suhosin.executor.func.blacklist=none -d suhosin.executor.eval.blacklist=none"
+
+This is obvious as soon as you notice that the friendica-cron uses proc_open to
+execute php-scripts that also use proc_open, but it took me quite some time to
+find that out. I hope this saves some time for other people using suhosin with
+function blacklists.
+
+########################################################################
+Unable to create all mysql tables on MySQL 5.7.17 or newer
+#######################################################################
+
+If the setup fails to create all the database tables and/or manual
+creation from the command line fails, with this error: