WordPress is a simple, popular, open-source, and free CMS (content management system) for creating modern websites. Today, WordPress powers nearly half of the websites worldwide.
However, having just a content management system is not enough. Modern websites require an SSL certificate, which provides encryption and allows using a secure HTTPS connection.
This short guide will show how to install WordPress on a cloud server, perform initial CMS configuration, and add an SSL certificate to the completed site, enabling users to access the website via HTTPS.
The Nginx web server will receive user requests and then proxied to WordPress for processing and generating response content.
A few additional components are also needed: a MySQL database, which serves as the primary data storage in WordPress, and PHP, which WordPress is written in.
This technology stack is known as LEMP: Linux, Nginx, MySQL, PHP.
First, you will need a cloud server with Ubuntu 22.04 installed.
You’ll need to configure a range of parameters that ultimately determine the server rental cost. The most important of these parameters are:
Once all the data is filled in, click the Order button.
Upon completion of the server setup, you can view the IP address of the cloud server in the Dashboard tab, and also copy the command for connecting to the server via SSH along with the root password:
Next, open a terminal in your local operating system and connect via SSH with password authentication:
ssh root@server_ip
Replace server_ip
with the IP address of your cloud server. You will then be prompted to enter the password, which you can either type manually or paste from the clipboard.
After connecting, the terminal will display information about the operating system. Now you can create a user with sudo
priviliges or keep using root
.
Before beginning the WordPress installation, it’s important to update the list of repositories available through the APT package manager:
sudo apt update -y
It’s also a good idea to upgrade already installed packages to their latest versions:
sudo apt upgrade -y
Now, we can move on to downloading and installing the technology stack components required for running WordPress.
Let's download and install the PHP interpreter.
First, add a specialized repository that provides up-to-date versions of PHP:
sudo add-apt-repository ppa:ondrej/php
In this guide, we are using PHP version 8.3 in FPM mode (FastCGI Process Manager), along with an additional module to enable PHP’s interaction with MySQL:
sudo apt install php8.3-fpm php-mysql -y
The -y
flag automatically answers “yes” to any prompts during the installation process.
To verify that PHP is now installed on the system, you can check its version:
php -v
The console output should look like this:
PHP 8.3.13 (cli) (built: Oct 30 2024 11:27:41) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.3.13, Copyright (c) Zend Technologies
with Zend OPcache v8.3.13, Copyright (c), by Zend Technologies
You can also check the status of the FPM service:
sudo systemctl status php8.3-fpm
In the console output, you should see a green status indicator:
Active: active (running)
The MySQL database is an essential component of WordPress, as it stores all site and user information for the CMS.
We’ll install the MySQL server package:
sudo apt install mysql-server -y
To verify the installation, check the database version:
mysql --version
If successful, the console output will look something like this:
mysql Ver 8.0.39-0ubuntu0.22.04.1 for Linux on x86_64 ((Ubuntu))
Also, ensure that the MySQL server is currently running by checking the database service status:
sudo systemctl status mysql
The console output should display a green status indicator:
Active: active (running)
This step is optional in this guide, but it’s worth mentioning. After installing MySQL, you can configure the database’s security settings:
mysql_secure_installation
This command will prompt a series of questions in the terminal to help you configure the appropriate level of MySQL security.
Next, prepare a dedicated database specifically for WordPress.
First, log in to MySQL:
mysql
Then, execute the following SQL command to create a database:
CREATE DATABASE wordpress_database;
You’ll also need a dedicated user for accessing this database:
CREATE USER 'wordpress_user'@'localhost' IDENTIFIED BY 'wordpress_password';
Grant this user the necessary access permissions:
GRANT ALL PRIVILEGES ON wordpress_database.* TO 'wordpress_user'@'localhost';
Finally, exit MySQL:
quit
The Nginx web server will handle incoming HTTP requests from users and proxy them to PHP via the FastCGI interface.
We’ll download and install the Nginx web server using APT:
sudo apt install nginx -y
Next, verify that Nginx is indeed running as a service:
systemctl status nginx
In the console output, you should see a green status indicator:
Active: active (running)
You can also check if the web server is functioning correctly by making an HTTP request through a browser. Enter the IP address of the remote server in the address bar, where you are installing Nginx. For example:
http://166.1.227.189
If everything is set up correctly, Nginx will display its default welcome page.
For good measure, let’s add Nginx to the system’s startup list (though this is typically done automatically during installation):
sudo systemctl enable nginx
Now, you can proceed to make adjustments to the web server configuration.
In this example, we’ll slightly modify the default Nginx configuration. For this, we need a text editor. We will use nano
.
sudo apt install nano
Now open the configuration file:
sudo nano /etc/nginx/sites-enabled/default
If you remove all the comments, the basic configuration will look like this:
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
try_files $uri $uri/ =404;
}
}
To this configuration, we’ll add the ability to proxy requests to PHP through FastCGI:
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
# added index.php to index files
index index.html index.htm index.nginx-debian.html index.php;
# specify the domain name to obtain an SSL certificate later
server_name mydomain.com www.mydomain.com;
location / {
# try_files $uri $uri/ =404;
# direct root requests to /index.php
try_files $uri $uri/ /index.php?$args;
}
# forward all .php requests to PHP via FastCGI
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php8.3-fpm.sock;
}
}
Note that the server_name parameter should contain the domain name, with DNS settings including an A record that directs to the configured server with Nginx.
Now, let’s check the configuration syntax for errors:
sudo nginx -t
If everything is correct, you’ll see a confirmation message in the console:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Then, reload the Nginx service to apply the new configuration:
sudo systemctl reload nginx
To obtain an SSL certificate from Let’s Encrypt, we’ll use a special utility called Certbot. In this guide, Certbot will automate several tasks:
Like other packages, install Certbot via APT:
sudo apt install certbot
sudo apt install python3-certbot-nginx
The first command installs Certbot, and the second adds a Python module for Certbot’s integration with Nginx. Alternatively, you can install python3-certbot-nginx
directly, which will automatically include Certbot as a dependency:
sudo apt install python3-certbot-nginx -y
Now, let’s initiate the process to obtain and install the SSL certificate:
sudo certbot --nginx
First, Certbot will prompt you to register with Let’s Encrypt. You’ll need to provide an email address, agree to the Terms of Service, and optionally opt-in for email updates (you may decline this if desired).
Then, enter the list of domain names, separated by commas or spaces, for which the certificate should be issued. Specify the exact domain names that are listed in the Nginx configuration file under the server_name
directive:
After the certificate is issued, Certbot will automatically configure it by adding the necessary SSL settings to the Nginx configuration file:
listen 443 ssl; # managed by Certbot
# RSA certificate
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
# Redirect non-https traffic to https
if ($scheme != "https") {
return 301 https://$host$request_uri;
} # managed by Certbot
So, the complete Nginx configuration file will look as follows:
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 ssl; # managed by Certbot
# RSA certificate
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
root /var/www/html;
index index.html index.htm index.nginx-debian.html index.php;
server_name domain.com www.domain.com;
# Redirect non-https traffic to https
if ($scheme != "https") {
return 301 https://$host$request_uri;
} # managed by Certbot
location / {
# try_files $uri $uri/ =404;
# direct root requests to /index.php
try_files $uri $uri/ /index.php?$args;
}
# forward all .php requests to PHP via FastCGI
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php8.3-fpm.sock;
}
}
Let’s Encrypt certificates expire every 90 days, so they need to be renewed regularly. Instead of manually renewing them, you can set up an automated task.
For this purpose, we’ll use Crontab, a scheduling tool in Unix-based systems that uses a specific syntax to define when commands should run.
Install Crontab:
sudo apt install cron
And enable it:
sudo systemctl enable cron
Now open the Crontab file:
crontab -e
Add the following line to schedule the Certbot renewal command:
0 12 * * * /usr/bin/certbot renew --quiet
In this configuration:
--quiet
flag ensures that Certbot runs silently without generating output.In this guide, we’ll use WordPress version 6.5.3, which can be downloaded from the official website:
wget https://wordpress.org/wordpress-6.5.3.tar.gz
Once downloaded, unpack the WordPress archive:
tar -xvf wordpress-*.tar.gz
After unpacking, you can delete the archive file:
rm wordpress-*.tar.gz
This will create a wordpress
folder containing the WordPress files.
Most core files are organized in the wp-content
, wp-includes
, and wp-admin
directories. The main entry point for WordPress is index.php
.
You need to copy all files from the wordpress
folder to the web server’s root directory (/var/www/html/
) so that Nginx can serve the PHP-generated content based on user HTTP requests.
Clear the existing web server directory (as it currently contains only the default Nginx welcome page, which we no longer need):
rm /var/www/html/*
Copy WordPress files to the web server directory:
cp -R wordpress/* /var/www/html/
The -R
flag enables recursive copying of files and folders.
Set ownership and permissions. Ensure that Nginx can access and modify these files by setting the www-data
user and group ownership, as well as appropriate permissions, for the WordPress directory:
sudo chown -R www-data:www-data /var/www/html/
sudo chmod -R 755 /var/www/html/
This allows Nginx to read, write, and modify WordPress files as needed, avoiding permission errors during the WordPress installation process.
WordPress configuration is managed through an intuitive web-based admin panel. No programming knowledge is necessary, though familiarity with languages like JavaScript, PHP, HTML, and CSS can be helpful for creating or customizing themes and plugins.
Open a web browser and go to the website using the domain specified in the Nginx configuration, such as:
https://mydomain.com
If all components were correctly set up, you should be redirected to WordPress’s initial configuration page:
https://mydomain.com/wp-admin/setup-config.php
Select Language: Choose your preferred language and click Continue.
Database Configuration: WordPress will prompt you to enter database details. Click Let’s go! and provide the following information:
Database Name: wordpress_database
(from the previous setup)
Database Username: wordpress_user
Database Password: wordpress_password
Database Host: localhost
Table Prefix: wp_
(or leave as default)
Click Submit. If the credentials are correct, WordPress will confirm access to the database.
Run Installation: Click Run the installation. WordPress will then guide you to enter site and admin details:
Site Title
Admin Username
Admin Password
Admin Email
Option to discourage search engine indexing (recommended for development/testing sites)
Install WordPress: Click Install WordPress. After installation, you’ll be prompted to log in with the admin username and password you created.
Once logged in, you'll see the WordPress Dashboard, which contains customizable widgets. The main menu on the left allows access to core WordPress functions, including:
Posts and Pages for content creation
Comments for moderating discussions
Media for managing images and files
Themes and Plugins for design and functionality
Users for managing site members and roles
Your WordPress site is now fully configured, and you can begin customizing and adding content as needed.
This guide showed how to install WordPress along with all its dependencies and how to connect a domain and add a SSL certificate from Let’s Encrypt to an already functioning website, enabling secure HTTPS connections with the remote server.
The key dependencies required for WordPress to function include:
PHP: The scripting language WordPress is written in.
MySQL: The database system used by WordPress to store content and user data.
Nginx (or Apache in other implementations): The web server that processes user requests initially.
For more detailed information on managing site content through the WordPress admin panel, as well as creating custom themes and plugins, refer to the official WordPress documentation.