Step-by-Step Guide to Setting Up a WordPress Server on Ubuntu

Before installing the stack, secure the OS.

Update the System: sudo apt update && sudo apt upgrade -y
Create a Sudo User: Stop using root. Create a new user and add them to the sudo group.
SSH Security: Disable password authentication in /etc/ssh/sshd_config and use SSH keys. Change the default port from 22 to a custom high-range port.
Firewall (UFW): “`bash sudo ufw allow ‘Nginx Full’ sudo ufw allow [Your Custom SSH Port] sudo ufw enable

NGINX: sudo apt install nginx. Once installed, NGINX will serve as your high-speed reverse proxy.
MySQL: sudo apt install mysql-server. Immediately run sudo mysql_secure_installation to remove anonymous users and test databases.
Database Creation: Log in to MySQL and create a dedicated database and user for WordPress using utf8mb4 for full emoji and multilingual support.

WordPress is PHP-heavy. For a modern Ubuntu setup, install PHP 8.3 along with the necessary extensions.

Extensions: You need php-fpm, php-mysql, php-gd, php-mbstring, php-xml, php-curl, and php-zip.
Configuration: Edit your php.ini to increase upload_max_filesize and memory_limit (256M minimum recommended).

Don’t use the default config. Create a specific server block for your domain in /etc/nginx/sites-available/.

FastCGI Pass: Ensure your location ~ \.php$ block correctly points to the PHP-FPM socket (e.g., unix:/var/run/php/php8.3-fpm.sock).
Try_Files: Set try_files $uri $uri/ /index.php?$args; to ensure WordPress permalinks function without 404 errors.

Certbot: Use Let’s Encrypt for free SSL. Run sudo apt install python3-certbot-nginx followed by sudo certbot --nginx. This automatically handles the SSL handshake and redirects HTTP to HTTPS.
Ownership: Grant the www-data user ownership of the WordPress directory: sudo chown -R www-data:www-data /var/www/your-site
Permissions: Set directories to 755 and files to 644 to maintain security while allowing the server to write to the /uploads/ folder.

Leave a Reply Cancel Reply