Tutorial
How To Install WordPress with LAMP on Ubuntu 18.04
Not using Ubuntu 18.04?Choose a different version or distribution.
Introduction
WordPress is the most popular content management system (CMS) on the internet. It allows you to set up flexible blogs and websites on top of a MySQL backend with PHP processing. WordPress has seen incredible adoption and is a great choice for getting a website up and running quickly. After setup, almost all administration can be done through the web frontend.
In this guide, you’ll set up a WordPress instance on a LAMP stack (Linux, Apache, MySQL, and PHP) on an Ubuntu 18.04 server.
Prerequisites
To complete this tutorial, you will need:
- Access to an Ubuntu 18.04 server with a
sudouser: You’ll be completing the steps in this guide using a non-root user withsudoprivileges. You can create a user withsudoprivileges by following our Ubuntu 18.04 initial server setup guide. - Install a LAMP stack: WordPress will need a web server, a database, and PHP in order to correctly function. Setting up a LAMP stack (Linux, Apache, MySQL, and PHP) fulfills all of these requirements. Follow this guide to install and configure this software.
- Secure your site with SSL: WordPress serves dynamic content and handles user authentication and authorization. TLS/SSL is the technology that allows you to encrypt the traffic from your site so that your connection is secure. The way you set up SSL will depend on whether you have a domain name for your site.
- If you have a domain name… one way to secure your site is with Let’s Encrypt, which provides free, trusted certificates. Follow our Let’s Encrypt guide for Apache to set this up.
- If you do not have a domain… and you are only using this configuration for testing or personal use, you can use a self-signed certificate instead. This provides the same type of encryption, but without domain validation. Follow our self-signed SSL guide for Apache to get set up.
When you are finished with the prerequisites, log into your server as your sudo user and continue to Step 1.
Step 1 – Creating a MySQL Database and User for WordPress
The first step you’ll take is a preparatory one. Even though MySQL is already installed, you still need to create a database to manage and store the user information for WordPress to use. To get started, log into the MySQL root (administrative) account by issuing the following command:
- sudo mysql
You will be prompted for the password you set for the MySQL root account when you installed the software.
However, if you have password authentication enabled for your root user, you can run the following command and enter your password information when prompted:
- mysql -u root -p
From there, you’ll create a new database that WordPress will control. You can call this whatever you would like, but we will be using wordpress in this guide as an example. Create the database for WordPress by writing the following:
- CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
Note: Every MySQL statement must end in a semi-colon (;). Check to make sure this is present if you are running into any issues.
Next, you’re going to create a separate MySQL user account that you’ll use exclusively to operate on the new database. Creating one-function databases and accounts is a good idea from a management and security standpoint. We will use the name wordpressuser as an example in this guide. Feel free to change this if you’d like.
You can create this account, set a password for it, and then grant it access to the database you created all by running the following command. Remember to choose a strong password here for your database user:
- GRANT ALL ON wordpress.* TO 'wordpressuser'@'localhost' IDENTIFIED BY 'password';
After creating this user, flush the privileges to ensure that the current instance of MySQL knows about the recent changes you’ve made:
- FLUSH PRIVILEGES;
Exit out of MySQL:
- EXIT;
You now have a database and user account in MySQL, each made specifically for WordPress.
Step 2 – Installing Additional PHP Extensions
When setting up your LAMP stack, the process only required a minimal set of extensions to get PHP to communicate with MySQL. WordPress and many of its plugins leverage additional PHP extensions.
First, update your package list:
- sudo apt update
Next download and install some of the most popular PHP extensions for use with WordPress:
- sudo apt install php-curl php-gd php-mbstring php-xml php-xmlrpc php-soap php-intl php-zip
Note: Each WordPress plugin has its own set of requirements. Some may require additional PHP packages to be installed. Check your plugin documentation to discover its PHP requirements. If they are available, they can be installed with apt as demonstrated above.
Restart Apache to load these new extensions in the next section. If you are returning here to install additional plugins, you can restart Apache now:
- sudo systemctl restart apache2
In the next step, you’ll make some adjustments to your Apache configuration.
Step 3 – Adjusting Apache’s Configuration to Allow for .htaccess Overrides and Rewrites
Wordpress defaults to using .htaccess files to manage certain features of your site, such as permalinks, plugins, and redirects. The Apache web server uses these .htaccess configuration files to create the rules for the web server to follow. However, Apache disables the use of .htaccess files by default, so you’ll need to update the Apache virtual host file for your website to enable them.
To enable, open the virtual host file for your website:
- sudo nano /etc/apache2/sites-available/wordpress.conf
Note: For this tutorial, we’ll use /etc/apache2/sites-available/wordpress.conf as an example, but you should substitute the path to your configuration file where appropriate.
Additionally, we will use /var/www/wordpress as the root directory of our WordPress install. You should use the web root specified in your own configuration.
It’s also possible you are using the 000-default.conf default configuration (with /var/www/html as your web root). This is fine to use if you’re only going to host one website on this server. If not, it’s best to split the necessary configuration into logical chunks, one file per site.
Once you’ve opened this file, you’ll notice that the use of .htaccess files is disabled. To allow .htaccess files, you need to set the AllowOverride directive within a Directory block pointing to your document root. Add the following block of text inside the VirtualHost block in your configuration file. Make sure that you use your own web root directory in place of the highlighted example:
<Directory /var/www/wordpress/>
AllowOverride All
</Directory>
When you are finished, save and close the file. If you’re using nano, you can exit by pressing CTRL + X then Y and ENTER.
Next, enable mod_rewrite so that you can utilize the WordPress permalink feature:
- sudo a2enmod rewrite
After, you’ll enable those changes by testing the configuration. But before you implement the changes, check to make sure there aren’t any syntax errors:
- sudo apache2ctl configtest
The output might have a message that looks like the following:
OutputAH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
Syntax OK
If you wish to suppress the top line, add a ServerName directive to your main (global) Apache configuration file at /etc/apache2/apache2.conf. The ServerName can be your server’s domain or IP address. This is solely a message, however, and doesn’t affect the functionality of your site. As long as the output contains Syntax OK, you are ready to continue.
Restart Apache to implement the changes:
- sudo systemctl restart apache2
Next, you’ll download and set up WordPress itself.
Step 4 – Downloading WordPress
Now that your server software is configured, you can download and set up WordPress. For security reasons, it is always recommended to get the latest version of WordPress from their site.
First change into a writable directory:
- cd /tmp
Then download the compressed release by running the following:
- curl -O https://wordpress.org/latest.tar.gz
Extract the compressed file to create the WordPress directory structure:
- tar xzvf latest.tar.gz
You’ll be moving these files into your document root momentarily. Before you do, add an empty .htaccess file so that this will be available for WordPress to use later.
Create the file by running the following:
- touch /tmp/wordpress/.htaccess
Then, make a copy of the sample configuration file and name it wp-config.php, the filename that WordPress actually reads:
- cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
Lastly, create the upgrade directory, so that WordPress won’t run into permissions issues when trying to do this on its own following an update to its software:
- mkdir /tmp/wordpress/wp-content/upgrade
Now you can copy the entire contents of the directory into your document root. Using a dot at the end of your source directory indicates that everything within the directory should be copied, including hidden files (like the .htaccess file you created). Again, use the name of your actual document root in place of the highlighted example:
- sudo cp -a /tmp/wordpress/. /var/www/wordpress
Next, you’ll need to adjust and configure items in your WordPress directory.
Step 5 – Configuring the WordPress Directory
Before you begin the web-based WordPress setup, you need to adjust some items in your WordPress directory.
Adjusting the Ownership and Permissions
One of the big things you need to accomplish is setting up reasonable file permissions and ownership.
Start by giving ownership of all the files to the www-data user and group. This is the user that the Apache web server runs as, and Apache will need to be able to read and write WordPress files in order to serve the website and perform automatic updates.
Update the ownership with chown:
- sudo chown -R www-data:www-data /var/www/wordpress
Next run two find commands to set the correct permissions on the WordPress directories and files:
- sudo find /var/www/wordpress/ -type d -exec chmod 750 {} \;
- sudo find /var/www/wordpress/ -type f -exec chmod 640 {} \;
These should be reasonable permissions set to start with. Some plugins and procedures might require additional tweaks.
Setting up the WordPress Configuration File
Now, you need to make some changes to the main WordPress configuration file.
When you open the file, your first order of business will be to adjust some secret keys to provide some security for installation. WordPress provides a secure generator for these values so that you do not have to try to come up with good values on your own. These are only used internally, so it won’t hurt usability to have complex, secure values here.
To grab secure values from the WordPress secret key generator, run the following:
- curl -s https://api.wordpress.org/secret-key/1.1/salt/
You will receive unique values that look something like the following:
Warning: It is important that you request unique values each time. Do NOT copy the values shown in the example below.
Outputdefine('AUTH_KEY', '1jl/vqfs<XhdXoAPz9 DO NOT COPY THESE VALUES c_j{iwqD^<+c9.k<J@4H');
define('SECURE_AUTH_KEY', 'E2N-h2]Dcvp+aS/p7X DO NOT COPY THESE VALUES {Ka(f;rv?Pxf})CgLi-3');
define('LOGGED_IN_KEY', 'W(50,{W^,OPB%PB<JF DO NOT COPY THESE VALUES 2;y&,2m%3]R6DUth[;88');
define('NONCE_KEY', 'll,4UC)7ua+8<!4VM+ DO NOT COPY THESE VALUES #`DXF+[$atzM7 o^-C7g');
define('AUTH_SALT', 'koMrurzOA+|L_lG}kf DO NOT COPY THESE VALUES 07VC*Lj*lD&?3w!BT#-');
define('SECURE_AUTH_SALT', 'p32*p,]z%LZ+pAu:VY DO NOT COPY THESE VALUES C-?y+K0DK_+F|0h{!_xY');
define('LOGGED_IN_SALT', 'i^/G2W7!-1H2OQ+t$3 DO NOT COPY THESE VALUES t6**bRVFSD[Hi])-qS`|');
define('NONCE_SALT', 'Q6]U:K?j4L%Z]}h^q7 DO NOT COPY THESE VALUES 1% ^qUswWgn+6&xqHN&%');
These are configuration lines that you can paste directly into your configuration file to set secure keys. Copy the output you received.
Now, open the WordPress configuration file. Make sure the file path aligns with your own document root information as highlighted in the following:
- sudo nano /var/www/wordpress/wp-config.php
Find the section that contains the empty values for those settings. It will look something like the following:
. . .
define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
define('AUTH_SALT', 'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT', 'put your unique phrase here');
define('NONCE_SALT', 'put your unique phrase here');
. . .
Delete those lines and paste in the values you copied from the command line:
. . .
define('AUTH_KEY', 'VALUES COPIED FROM THE COMMAND LINE');
define('SECURE_AUTH_KEY', 'VALUES COPIED FROM THE COMMAND LINE');
define('LOGGED_IN_KEY', 'VALUES COPIED FROM THE COMMAND LINE');
define('NONCE_KEY', 'VALUES COPIED FROM THE COMMAND LINE');
define('AUTH_SALT', 'VALUES COPIED FROM THE COMMAND LINE');
define('SECURE_AUTH_SALT', 'VALUES COPIED FROM THE COMMAND LINE');
define('LOGGED_IN_SALT', 'VALUES COPIED FROM THE COMMAND LINE');
define('NONCE_SALT', 'VALUES COPIED FROM THE COMMAND LINE');
. . .
Next, you need to modify some of the database connection settings at the beginning of the file. You need to adjust the database name, the database user, and the associated password that you configured within MySQL.
The other change is to set the method that WordPress should use to write to the filesystem. Since you’ve given the web server permission to write where it needs to, you can explicitly set the filesystem method to “direct”. Failure to set this with your current settings would result in WordPress prompting for FTP credentials when performing some actions.
This setting can be added after the database connection settings, or anywhere else in the file:
. . .
define('DB_NAME', 'wordpress');
/** MySQL database username */
define('DB_USER', 'wordpressuser');
/** MySQL database password */
define('DB_PASSWORD', 'password');
. . .
define('FS_METHOD', 'direct');
Save and close the file when you are finished.
Step 6 – Completing the Installation Through the Web Interface
Now that the server configuration is complete, you can complete the installation through the web interface.
In your web browser, navigate to your server’s domain name or public IP address:
https://server_domain_or_IP
Select the language you would like to use:
Next you will be directed to the main setup page.
Select a name for your WordPress site and choose a username (it is recommended not to choose something like “admin” for security purposes). A strong password is generated automatically. Save this password or select an alternative strong password.
Enter your email address and select whether you want to discourage search engines from indexing your site:
When you click ahead, you will be taken to a page that prompts you to log in:
Once you log in, you will be taken to the WordPress administration dashboard:
From there, you can begin using and customizing your WordPress site.
Conclusion
WordPress should now be successfully installed and ready to use. Some common next steps are choosing the permalinks setting for your posts (can be found in Settings > Permalinks) or selecting a new theme (in Appearance > Themes). If this is your first time using WordPress, explore the interface a bit to get acquainted with your new CMS.
Get your WordPress website up and running in seconds with DigitalOcean’s WordPress One-Click installation. We’ll help you spin up your WordPress site affordably, reliably, and fast.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.
Steps 1 to 5 worked for me. Step 6 I don’t see the WordPress web interface.
in my case one important detail was missing … chmod here is stated as 750 and 640
so user and group has access, others -> don’t. Lot of inconvenience because of that… I set 750 and 640 to 755 and 644 respectively … and it did the job
Would like to bump this - can anyone assist? I have followed all the steps (as well as steps in comments). I am getting redirected to Ubuntu Apache Default Website rather than the wordpress setup.
I just followed everything… twice, and I cannot for the life of me get the WordPress web interface to populate. I’ve gone through all these comments, with no luck. Please help!
I don’t understand why you don’t remove this guide from the site if you don’t aim to fix it? yes, as other people here, I followed exactly as I tried to understand (step 3 was not clear even after reading over and over), and I was stuck on step 6 because I don’t see the WordPress installation on my site. ty very much. After all my work, I find my self re-installing my VPS and losing everything.
Hi.
I installed wordpress but permalinks not working.
I added the directory value into the website-ssl.conf file.
If you got a warning on MySQL try these;
worked perfectly for me thank you so much
worked perfectly for me. thank you so much
Hello… Im new user with Ubuntu Droplets on DigitalOceans.
When i sshed to server.Then its shows under like this.
Welcome to DigitalOcean’s One-Click WordPress Droplet. To keep this Droplet secure, the UFW firewall is enabled. All ports are BLOCKED except 22 (SSH), 80 (HTTP), and 443 (HTTPS).
In a web browser, you can view:
The question is how to change my
http://ipaddress from domain.
Thanks