Install WordPress on Ubuntu 18.04 with Nginx, MariaDB, PHP7.2 (LEMP)
This tutorial is going to show you how to install WordPress on Ubuntu 18.04 with Nginx, MariaDB and PHP7.2 (LEMP Stack). WordPress is the most popular CMS (Content Management System) in the world. It is estimated that more than a third of websites today are powered by WordPress. PHP7.2 made into the Ubuntu 18.04 repository and WordPress runs perfectly with it.
Prerequisite
To follow this tutorial, you need to have an Ubuntu 18.04 server with at least 1GB RAM. If you are looking for a VPS (Virtual Private Server), then you can click this special link to get $50 free credit on DigitalOcean. (For new users only). If you are already a DigitalOcean user, then you can click this special link to get $50 free credit on Vultr (for new users only).
You also need a domain name, so visitors can type a domain name in the web browser address bar to access your site. I registered my domain name at NameCheap because the price is low and they give whois privacy protection free for life.
This tutorial assumes that you have already set up a LEMP stack on Ubuntu 18.04. If not, please check out the following tutorial.
After finishing LEMP installation, come back here and read on.
Step 1: Download WordPress
SSH into your Ubuntu 18.04 server and update existing software.
sudo apt update && sudo apt upgrade
Next, go to wordpress.org download page and download the zip archive. You can acquire the direct download link by right-clicking the download button and select copy link location
.
Then at the command line prompt, type in wget followed by the direct download link to download WordPress to your Ubuntu 18.04 server.
wget https://wordpress.org/latest.zip
Next, extract the zip archive using the command below.
sudo apt install unzip sudo unzip latest.zip -d /usr/share/nginx/
The archive will be extracted to /usr/share/nginx/
directory. A new directory named wordpress
will be created (/usr/share/nginx/wordpress). Now we can rename it like below. Replace example.com
with your real domain name.
sudo mv /usr/share/nginx/wordpress /usr/share/nginx/example.com
Step 2: Create a Database and User for WordPress Site
Log into MariaDB shell as root with the following command.
sudo mariadb -u root
or
sudo mysql -u root
Once you are logged in, create a database for WordPress using the following command. I named it wordpress
, but you can use whatever name you like such as your site name. (Don’t leave out the semicolon.)
create database wordpress;
Then enter the command below to create a database user for WordPress. This command also grants all privileges of WordPress database to the user. Replace wpuser
and your-password
with your preferred username and password.
grant all privileges on wordpress.* to wpuser@localhost identified by 'your-password';
Flush the privileges table for the changes to take effect and then get out of MariaDB shell.
flush privileges; exit;
Step 3: Configure WordPress
Go to your WordPress directory.
cd /usr/share/nginx/example.com/
Copy the sample configuration file and rename it to wp-config.php
.
sudo cp wp-config-sample.php wp-config.php
Now edit the new config file with a command-line text editor like Nano.
sudo nano wp-config.php
Find the following lines and replace the red texts with the database name, username and password you created in the previous step.
/** The name of the database for WordPress */ define('DB_NAME', 'database_name_here'); /** MySQL database username */ define('DB_USER', 'username_here'); /** MySQL database password */ define('DB_PASSWORD', 'password_here');
Save and close the file. To save the file in Nano text editor, press Ctrl+O
, then press Enter
to confirm. Next, press Ctrl+X
to exit.
We also need to set the Nginx user (www-data
) as the owner of the WordPress site directory by using the following command.
sudo chown www-data:www-data /usr/share/nginx/example.com/ -R
Step 4: Create an Nginx Server Block for WordPress
We will create the server block file in /etc/nginx/conf.d/
directory. The file name must end with .conf
.
sudo nano /etc/nginx/conf.d/example.com.conf
Put the following texts into the file. Replace the red texts with your own domain name. Don’t forget to create A records for your domain name.
server { listen 80; listen [::]:80; server_name www.example.com example.com; root /usr/share/nginx/example.com/; index index.php index.html index.htm index.nginx-debian.html; location / { try_files $uri $uri/ /index.php; } location ~* /wp-sitemap.*\.xml { try_files $uri $uri/ /index.php$is_args$args; } error_page 404 /404.html; error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } location ~ \.php$ { fastcgi_pass unix:/run/php/php7.2-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; include snippets/fastcgi-php.conf; } #enable gzip compression gzip on; gzip_vary on; gzip_min_length 1000; gzip_comp_level 5; gzip_types application/json text/css application/x-javascript application/javascript image/svg+xml; gzip_proxied any; # A long browser cache lifetime can speed up repeat visits to your page location ~* \.(jpg|jpeg|gif|png|webp|svg|woff|woff2|ttf|css|js|ico|xml)$ { access_log off; log_not_found off; expires 360d; } # disable access to hidden files location ~ /\.ht { access_log off; log_not_found off; deny all; } }
Save and close the file. Then test Nginx configurations.
sudo nginx -t
If the test is successful, reload Nginx.
sudo systemctl reload nginx
Enter your domain name in the browser address bar.
example.com
or
example.com/wp-admin/install.php
You shall see the WordPress installation wizard. Select a language.
If the installation wizard isn’t displayed, you probably need to install some PHP7 extensions.
sudo apt install php-imagick php7.2-mbstring php7.2-bcmath php7.2-xml php7.2-mysql php7.2-common php7.2-gd php7.2-json php7.2-cli php7.2-curl php7.2-zip
Then reload PHP-FPM and Nginx. The wizard should now be displayed.
sudo systemctl reload php7.2-fpm nginx
Before entering your sensitive information in the setup wizard, it’s recommended to enable HTTPS to prevent traffic hijacking.
Step 5: Enabling HTTPS
To encrypt the HTTP traffic, we can enable HTTPS by installing a free TLS certificate issued from Let’s Encrypt. Run the following command to install Let’s Encrypt client (certbot) on Ubuntu 18.04 server.
sudo apt install certbot python3-certbot-nginx
And run this command to obtain and install TLS certificate.
sudo certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email [email protected] -d yourdomain.com,www.yourdomain.com
Wher
--nginx
: Use the Nginx plugin.--agree-tos
: Agree to terms of service.--redirect
: Force HTTPS by 301 redirect.--hsts
: Add the Strict-Transport-Security header to every HTTP response. Forcing the browser to always use TLS for the domain. Defends against SSL/TLS Stripping.--staple-ocsp
: Enables OCSP Stapling. A valid OCSP response is stapled to the certificate that the server offers during TLS.--email
: Email used for registration and recovery contact.-d
flag is followed by a list of domain names, separated by comma. You can add up to 100 domain names.
The certificate should now be obtained and automatically installed.
Now if you reload the WordPress setup wizard, you can see that HTTP is automatically redirected to HTTPS connection.
Step 6: Finish the Installation with the Setup Wizard
Create an admin account and click the Install WordPress button.
And now your new WordPress site is installed.
How to Redirect www to non-www (Or Vice Versa)
We have already enabled redirecting HTTP to HTTPS, what’s left to do is redirect www to non-www, or vice versa. It’s very easy. Simply go to WordPress Dashboard > Settings > General and set your preferred version (www or non-www) in WordPress Address and Site Address. Be sure to include the https://
prefix.
Prevent Malicious Requests
After WordPress is installed, there’s no need to access the /wp-admin/setup-config.php
and /wp-admin/install.php
URL any more. However, bad actors may access these two URLs and if a vulnerability is found, the bad actor could get into your WordPress back end. To prevent access to these two URLs, add the following lines in the Nginx server block. Add them before the location ~ \.php$ {
line.
location ~* ^/wp-admin/(setup-config|install)\.php$ { deny all; }
If you don’t want other people to register account on your WordPress site, you can add the following lines to restrict access to the /wp-login.php
URL, so only your IP address can access this URL. Replace 78.56.34.12 with your own IP address.
location = /wp-login.php {
try_files $uri $uri/ /index.php?$args;
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
include snippets/fastcgi-php.conf;
allow 78.56.34.12;
deny all;
}
Don’t forget to reload Nginx for the changes to take effect.
sudo systemctl reload nginx
If you don’t have a static IP address on your home network, you can set up a VPN server in a data center.
How to Send Emails in WordPress
Your WordPress site needs to send emails like account registration emails, password-resetting emails, comment notification emails, etc. Instead of using expensive third-party solutions like Gsuite to create professional email addresses for your website, you can follow this iRedMail tutorial to set up your own mail server with your own domain name, so you can have unlimited mailboxes and send unlimited emails without breaking the bank.
Note that it’s a good practice to install mail server and WordPress on two different virtual private servers because you don’t want the mail server to slow down your WordPress site speed, and the mail server will leak the IP address of your WordPress site if they are on the same virtual private server, which means hackers can bypass any CDN (Content Delivery Network) you are using and launch DDoS attack directly at your origin server.
Once your mail server is up and running, you can install an SMTP plugin in WordPress, so it can connect to your mail server and send emails. Go to your WordPress dashboard -> Plugins, click Add New to install a new plugin.
Then type in WP Mail SMTP in the search box. Install and activate the WP Mail SMTP by WPForms plugin.
Reload the WordPress dashboard web page, you will see WP Mail SMTP on the left menu bar. Click on it and select Settings.
Then scroll down to the Mailer section. By default, the PHP mailer is selected. We need to change it to Other SMTP.
Scroll down and you will need to enter the SMTP settings.
- Enter the hostname of your mail server.
- Select TLS as Encryption.
- Use port 587.
- Enable Authentication.
- Enter an email address of your domain and the password.
After saving the settings, you can test email sending by logging out the WordPress dashboard, and click lost your password link to send a password-resetting email.
Next Step
- You may also want to use the WP-CLI command-line tool to manage your WordPress site.
- You can use WPScan to scan the vulnerabilities of your WordPress site.
- To monitor the back end performance of your WordPress site, you can use Nginx Amplify.
I hope this tutorial helped you install WordPress on Ubuntu 18.04 with Nginx, MariaDB and PHP7.2 (LEMP stack). As always, if you found this post useful, then subscribe to our free newsletter to get more tips and tricks. Take care 🙂
I followed this tutorial and wanted to say thanks for putting this altogether. It was very easy to follow and helped me out. I wanted to add an issue I ran across as it may help other people. After I got WordPress installed the Post New function was broken. I would keep getting this error message: “The editor has encountered an unexpected error.” I spent a while going through each line of the nginx configuration block but didn’t understand the issue. After some googling I found this: https://github.com/WordPress/gutenberg/issues/9912.
What I did to fix this was changing:
to
I hope that this can help others and save them some time if they run across the issue.
I remember using
might cause problems when you want to change the WordPress permalinks.
I don’t use the Gutenburg editor. I Installed a plugin to enable the classic editor in WordPress.
I do use this one and does not break permalinks.
“try_files $uri $uri/ /index.php?$args;”
Hope that helps.
@adam, I would like to thank you for the fix you posted. I had the exact same issue using elementor as an editor. Even Divi wasnt allowing me to edit pages when I changed my permalinks to post only. My editors would only work if I had my permalinks on plain. After editing my nginx config with what you suggested my editor is working after changing my permalinks. You are a legend. And thanks guys for the detailed guides, I have found them super helpful!! Very helpful and detailed!!!!
When I try to run the install wizard I get a 404 not found error. Any ideas what I did wrong?
Nevermind… I figured it out. I followed the LEMP tutorial first but did not delete the default.conf file in conf.d, lol.
finally, I found a working manual, everything works according to your instructions Thank you very much you’re the best
The most beautiful and descriptive article I have seen on this subject.
It was very beautiful and successful, thank you.
Please add how to install it with PHP 7.4
I just did that. Literally just change out 7.2 for 7.4 in every command or file and it works.
Hi,
I am not sure where I did wrong…my site give 404 error but when I open the link wp-login.php and login, the site is there and I can see the main page but any other pages.
I tried by updating the permalinks, but it doesn’t work.
How to fix this?