Sarah Siqueira
Posted on July 21, 2023
Although I had done this procedure several times through the years before, I have never documented it until now. That's another of those posts where my main goal is to register for my future reference and avoid spending lots of time "googling" to remember.
With some hope, this can somehow help someone else too.
This approach requires more steps than a ready-made WordPress installation as the ones provided by the majority of web hosts, but it also offers greater control over the WordPress environment.
- Requirements
- Acessing your server
- Virtual Host
- MySQL
- PHP
- Enable .htacess overrides
- Enable rewrite module
- Get the WordPress Core
- The wp-config
- Finish installation through your preferred browser
Requirements
LAMP (Linux, Apache, MySQL, and PHP) server: A server architecture that supports WordPress by providing the Linux, Apache web server, MySQL database, and PHP. I wrote about how to set a LAMP server on Digital Ocean here, the process is quite similar to any other VPS.
SSL: WordPress takes in user input and stores user data, so it is very important to have a layer of security.
Supposing you already have a LAMP server with an SSL, let's start installing WordPress.
Accessing your server
Login to your server through your preferred terminal with:
ssh -i keypub username@ip
Virtual Host
You can have multiple WordPress installations running on the same web server, the decision if it is worth it in terms of performance, hardware, resources, and traffic is completely out of the scope of this article. I am just pointing out the possibility. How to set a virtual host on Apache is covered here.
MySQL
WordPress uses MySQL to manage and store site and user information. In a LAMP stack, we have MySQL installed already, but we need to make a database and a user for WordPress to use.
Log into the MySQL root (note that this is not the root user of your server) with the command:
mysql -u root -p
Create the database
We can create an exclusive database for WordPress to control. We can call this whatever we want, in this guide, I am using the name wp_database:
CREATE DATABASE wp_database DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
Create an user
We also need to create an user (wp_user) and set a password to access the database we created. Choose a strong password:
CREATE USER 'wp_user'@'%' IDENTIFIED WITH mysql_native_password BY 'your_strong_password';
Grant privileges to this user
We need to let the database we just created know that our wordpressuser should have complete access to the database, for that we set up:
GRANT ALL ON wp_database.* TO 'wp_user'@'%';
with this new user, password, and database we made specifically for WordPress, now need to flush the privileges so that the current instance of MySQL knows about those recent changes:
FLUSH PRIVILEGES;
The MySQL job is done, it is time to exit MySQL by typing:
EXIT;
PHP
Some PHP extensions for WordPress plugins are required for our server. By setting up a LAMP server, we only need some very minimal set of extensions to get PHP to communicate with MySQL. Install some of the most popular PHP extensions for use with WordPress:
sudo apt update
sudo apt install php-curl php-gd php-mbstring php-xml php-xmlrpc php-soap php-intl php-zip
Restart Apache to load these new extensions:
sudo systemctl restart apache2
Enable .htacess overrides
To allow .htaccess files, we need to set the AllowOverride directive within a Directory block pointing to our document root. Add the following block of text inside the VirtualHost block in your configuration file, making sure to use the correct web root directory:
sudo nano /etc/apache2/sites-available/domain-name.com.conf
Then add the following to the file:
<Directory /var/www/your-domain.com/>
AllowOverride All
</Directory>
When you are finished, save and close the file.
Enable rewrite module
Next, enable mod_rewrite so that we can utilize the WordPress permalink feature:
sudo a2enmod rewrite
This will allow you to have more human-readable permalinks to your posts.
Make sure there are not any syntax errors by running the following test:
sudo apache2ctl configtest
Expected output:
Output
Syntax OK
Restart Apache to implement the changes.
sudo systemctl restart apache2
Get the WordPress Core
Now that our server software is configured, we can download and set up WordPress. For security reasons in particular, it is always recommended to get the latest version of WordPress from their site.
Change into a writable directory like /tmp and download the compressed release:
cd /tmp
curl -O https://wordpress.org/latest.tar.gz
Extract the compressed file to create the WordPress directory structure:
tar xzvf latest.tar.gz
Copy over the sample configuration file to the filename that WordPress reads:
cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
Create the upgrade directory, so that WordPress won’t run into permissions issues when trying to do this on its own:
mkdir /tmp/wordpress/wp-content/upgrade
Copy the entire contents of the directory into our document root.
sudo cp -a /tmp/wordpress/. /var/www/wordpress
Ensure to replace the /var/www/wordpress directory with the directory on your server.
Permissions
We need to accomplish is setting up reasonable file permissions and ownership. Give ownership of all the files to the www-data user and group.
sudo chown -R www-data:www-data /var/www/wordpress
Next, set the correct permissions on the WordPress directories and files:
sudo find /var/www/wordpress/ -type d -exec chmod 750 {} \;
sudo find /var/www/wordpress/ -type f -exec chmod 640 {} \;
The wp-config
Some changes are required to the main WordPress configuration file.
Salt Keys
We need to adjust the secret keys to provide a level of security for our installation. WordPress provides a secure key generator for these secure values, type:
curl -s https://api.wordpress.org/secret-key/1.1/salt/
You will get back unique values, you must request unique values each time. The secure values provided for the WordPress secure key generator will look similar to this:
define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
define('AUTH_SALT', 'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT', 'put your unique phrase here');
define('NONCE_SALT', 'put your unique phrase here');
Copy and paste your salt keys directly into your wp-config.php file
sudo nano /var/www/wordpress/wp-config.php
On wp-config. php, replace the section below, with the values you got from the WordPress secure key generator
define('AUTH_KEY', 'VALUES COPIED FROM THE COMMAND LINE');
define('SECURE_AUTH_KEY', 'VALUES COPIED FROM THE COMMAND LINE');
define('LOGGED_IN_KEY', 'VALUES COPIED FROM THE COMMAND LINE');
define('NONCE_KEY', 'VALUES COPIED FROM THE COMMAND LINE');
define('AUTH_SALT', 'VALUES COPIED FROM THE COMMAND LINE');
define('SECURE_AUTH_SALT', 'VALUES COPIED FROM THE COMMAND LINE');
define('LOGGED_IN_SALT', 'VALUES COPIED FROM THE COMMAND LINE');
define('NONCE_SALT', 'VALUES COPIED FROM THE COMMAND LINE');
Database Credentials
We also need to update some of the database credentials like te database name, the database user, and the associated password that we configured previously within MySQL:
// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', **'wordpress'** );
/** MySQL database username */
define( 'DB_USER', **'wordpressuser'** );
/** MySQL database password */
define( 'DB_PASSWORD', **'password'** );
/** MySQL hostname */
define( 'DB_HOST', 'localhost' );
/** Database Charset to use in creating database tables. */
define( 'DB_CHARSET', 'utf8' );
/** The Database Collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', '' );
Finish installation through browser
Now we can complete the installation through the web interface. For that, navigate to your server’s domain name or public IP address. You should find this screen:
And that's it!
Posted on July 21, 2023
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.