Setting up WordPress on your own server gives you full control over your website. In this guide, we will be deploying WordPress on an EC2 Ubuntu 22.04 server using Nginx as our web server, PHP for dynamic content processing, Let’s Encrypt provides free SSL certificates for websites, and MySQL as the database management system.
Prerequisites
- A fresh EC2 Ubuntu 22.04 server instance, refer to my official guide on how to deploy EC2 Ubuntu 22.04 LTS on AWS.
- A non-root user with sudo privileges.
- A domain name pointed to your EC2 server’s IP address.
Step 1: Connect to EC2 Ubuntu 22.04 on AWS
First, open Terminal (Mac/Linux) and log in to your EC2 Ubuntu 22.04 via SSH:
ssh -i your-key.pem ubuntu@your-ec2-public-ipv4-addressNote: Before connecting to your EC2 Ubuntu 22.04 server, make sure to change the permissions for your private key file using the following command:
chmod 400 your-key.pemWhen prompted with the message for the first time saying ‘Are you sure you want to continue connecting (yes/no/[fingerprint])?‘, type ‘yes‘ to accept the connection to your EC2 instance.
Step 2. Update the System
Update the existing package lists:
sudo apt update
Step 3: Install Nginx
Install Nginx, which will serve as our web server:
sudo apt install nginx -y
Once installed, enable and start the Nginx service:
sudo systemctl enable nginx
sudo systemctl start nginx
sudo systemctl status nginx
Step 4: Install MySQL
Next, install MySQL to manage the WordPress database:
sudo apt install mysql-server -y
sudo service mysql status
Secure your MySQL installation and set a root password:
sudo mysql_secure_installation
During the process, you can choose to remove anonymous users, disallow remote root login, and remove the test database.
Step 5: Create a WordPress Database
Log in to MySQL as root:
sudo mysql -u root -pThis configuration allows root login without a password. Remember to disable it before deploying your site to production for security reasons.
Create a new database and user for WordPress:
CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
CREATE USER 'wp_master'@'localhost' IDENTIFIED BY 'P@ssw0rd!';
GRANT ALL ON wordpress.* TO 'wp_master'@'localhost';
FLUSH PRIVILEGES;
EXIT;
Please note that the username and password provided above (e.g., wp_user / P@ssw0rd!) are just examples. It’s crucial to choose unique and secure credentials when setting up your WordPress database for optimal security.
Step 6: Install PHP 8.3 and Extensions
You need to add the ppa:ondrej/php repository:
sudo add-apt-repository ppa:ondrej/php -y
Now, install new PHP 8.3 release along with its necessary extensions. These extensions are commonly used in web development projects.
sudo apt install php8.3-fpm php8.3-cli php8.3-common php8.3-mbstring php8.3-gd php8.3-intl php8.3-xml php8.3-mysql php8.3-zip php8.3-curl php8.3-tidy php8.3-imagick -yTo verify PHP version, type:
php -vOutput:
PHP 8.3.4 (cli) (built: Mar 16 2024 08:40:08) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.3.4, Copyright (c) Zend Technologies
with Zend OPcache v8.3.4, Copyright (c), by Zend TechnologiesStep 7: Install WordPress using WP-CLI
Download WP-CLI using wget and move it to the bin directory to make it executable:
sudo wget https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O /usr/local/bin/wp && sudo chmod +x /usr/local/bin/wp
Change to the directory where you want to install WordPress, typically your domain’s directory. If it doesn’t exist yet, create it using the command:
sudo mkdir -p /var/www/yourdomain.com
cd /var/www/yourdomain.com
Download WordPress core files using WP-CLI:
sudo wp core download --allow-root
Output:
Downloading WordPress 6.5 (en_US)...
md5 hash verified: 54c93e47eb452495c6ce03cc0c350d42
Success: WordPress downloaded.Generate a wp-config.php file with database details:
sudo wp config create \
--dbname="wordpress" \
--dbuser="wp_master" \
--dbpass="P@ssw0rd!" \
--dbhost="localhost" \
--allow-root
Install WordPress and set up an admin account:
sudo wp core install \
--url="https://www.yourdomain.com" \
--title="YourDomain.com" \
--admin_user="admin" \
--admin_password="password" \
--admin_email="you@email.com" \
--allow-root
Please note that you can use the IP address in the URL and replace it later when your domain is ready.
Output:
Success: WordPress installed successfully.Step 8: Configure Nginx for WordPress
Create a new configuration file for your WordPress site in /etc/nginx/sites-available/yourdomain.com:
Navigate to the directory where Nginx configuration files are stored:
cd /etc/nginx/sites-availableUse the vim command to create a new file for your site configuration (replace “yourdomain.com” with your actual domain):
sudo vim yourdomain.com
Copy and paste the following Nginx configuration into the newly created file. This configuration supports PHP 8.3:
server {
listen 80;
server_name yourdomain.com www.yourdomain.com;
root /var/www/yourdomain.com;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php8.3-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
Make sure to replace yourdomain.com with your actual domain name. Then Save and exit the file by pressing Esc then typing :wq and pressing Enter.
Finally, activate the site configuration by creating a symbolic link to the sites-enabled directory:
sudo ln -s /etc/nginx/sites-available/yourdomain.com /etc/nginx/sites-enabled/
This command will list the contents of the /etc/nginx/sites-enabled directory. If the symbolic link for your site configuration was created successfully, type the following command:
ls /etc/nginx/sites-enabledTest the Nginx configuration for syntax errors:
sudo nginx -t
Output:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successfulTo avoid conflicts on port 80, type the following command to remove the default nginx configuration:
rm -rf /etc/nginx/sites-enabled/default
rm -rf /etc/nginx/sites-available/defaultRestart Nginx to apply the changes:
sudo systemctl restart nginx
Verify the Nginx status is running:
sudo systemctl status nginxStep 10: Install SSL Certificate from Let’s Encrypt
Let’s encrypt SSL certificates provide free, automated SSL certificates. Install it using certbot:
sudo apt install certbot python3-certbot-nginx -yReplace youdomain.com with your domain name. This command will obtain and install SSL certificate for your domain:
sudo certbot --non-interactive -m you@email.com --agree-tos --no-eff-email \
--nginx -d yourdomain.com -d www.yourdomain.com --redirectOutput:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Account registered.
Requesting a certificate for yourdomain.com and www.yourdomain.com
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/yourdomain.com/fullchain.pem
Key is saved at: /etc/letsencrypt/live/yourdomain.com/privkey.pem
This certificate expires on 2024-07-04.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
Deploying certificate
Successfully deployed certificate for yourdomain.com to /etc/nginx/sites-enabled/yourdomain.com
Successfully deployed certificate for www.yourdomain.com to /etc/nginx/sites-enabled/yourdomain.com
Congratulations! You have successfully enabled HTTPS on https://yourdomain.com and https://www.yourdomain.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Feeling tired of manual SSL renewal? Well, never again!
By default, Certbot will set up a cron job to run twice daily to automatically renew any certificates that are within 30 days of expiration. You can verify this by checking the contents of the /etc/cron.d/certbot file:
cat /etc/cron.d/certbotYou should see a line similar to this:
0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(3600))' && certbot -q renewThis line specifies that the Certbot renewal command will be run twice daily (0 */12 * * *) as the root user, checking for renewal and renewing the certificates if necessary.
That’s it! Certbot is now set up to automatically renew your SSL certificate in the background.
Your final auto generated Nginx configuration after installing the SSL via Certbot:
server {
listen 80;
server_name yourdomain.com www.yourdomain.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name yourdomain.com www.yourdomain.com;
root /var/www/yourdomain.com;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php8.3-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
Troubleshooting Issue
If you encounter the error “nginx config Error: Exceeded maxRedirects. Probably stuck in a redirect loop” and you use Cloudflare for your domain, try switching your SSL setting to “Full (Strict)” in Cloudflare’s dashboard. This may fix the issue:
Final Step: Complete the WordPress 2024 Installation Through the Web Interface
Open your web browser and navigate to your domain name (e.g. https://yourdomain.com). You should see the default WordPress themes for 2024 installed:
To finish the setup, log in to the WordPress admin console (e.g. https://yourdomain.com/wp-admin) and begin customizing your themes or installing your favorite plugins:
Conclusion
You’ve successfully installed WordPress on your Ubuntu 22.04 server with Nginx, PHP 8.3, SSL, and MySQL. Secure your WordPress installation further by setting up HTTPS with Let’s Encrypt, implementing security plugins, and regularly updating your WordPress themes and plugins. Enjoy your new WordPress website, hosted on your very own server!