Install and configure WordPress

Overview

Duration: 1:00

WordPress is the most popular open-source blogging system and CMS on the Web. It is based on PHP and MySQL. Its features can be extended with thousands of free plugins and themes.

In this tutorial we will install WordPress on Apache2 server and create our first post.

What you’ll learn

• How to set up WordPress
• How to configure WordPress
• How to create first post

What you’ll need

• A computer running Ubuntu Server 20.04 LTS
• This guide will also show you how to configure a database for WordPress

Originally authored by Marcin Mikołajczak
Heavily updated by Dani Llewellyn

Install Dependencies

Duration: 1:00

To install PHP and Apache, use following command:

sudo apt update
sudo apt install apache2 \
                 ghostscript \
                 libapache2-mod-php \
                 mysql-server \
                 php \
                 php-bcmath \
                 php-curl \
                 php-imagick \
                 php-intl \
                 php-json \
                 php-mbstring \
                 php-mysql \
                 php-xml \
                 php-zip

Install WordPress

Duration: 1:00

We will use the release from WordPress.org rather than the APT package in the Ubuntu Archive, because this is the preferred method from upstream WordPress. This will also have fewer “gotcha” problems that the WordPress support volunteers will not be able to anticipate and therefore be unable to help with.

Create the installation directory and download the file from WordPress.org:

sudo mkdir -p /srv/www
sudo chown www-data: /srv/www
curl https://wordpress.org/latest.tar.gz | sudo -u www-data tar zx -C /srv/www

Note that this sets the ownership to the user www-data, which is potentially insecure, such as when your server hosts multiple sites with different maintainers. You should investigate using a user per website in such scenarios and make the files readable and writable to only those users. This will require configuring PHP-FPM to launch a separate instance per site each running as the site’s user account. In such setup the wp-config.php should (read: if you do it differently you need a good reason) be readonly to the site owner and group and other permissions set to no-access (chmod 400). This is beyond the scope of this guide, however.

Configure Apache for WordPress

Duration: 2:00

Create Apache site for WordPress. Create /etc/apache2/sites-available/wordpress.conf with following lines:

<VirtualHost *:80>
    DocumentRoot /srv/www/wordpress
    <Directory /srv/www/wordpress>
        Options FollowSymLinks
        AllowOverride Limit Options FileInfo
        DirectoryIndex index.php
        Require all granted
    </Directory>
    <Directory /srv/www/wordpress/wp-content>
        Options FollowSymLinks
        Require all granted
    </Directory>
</VirtualHost>

Enable the site with:

sudo a2ensite wordpress

Enable URL rewriting with:

sudo a2enmod rewrite

Disable the default “It Works” site with:

sudo a2dissite 000-default

Or, instead of disabling the “it works” page, you may edit our configuration file to add a hostname that the WordPress installation will respond to requests for. This hostname must be mapped to your box somehow, e.g. via DNS, or edits to the client systems’ /etc/hosts file (on Windows the equivalent is C:\Windows\System32\drivers\etc\hosts). Add ServerName as below:

<VirtualHost *:80>
    ServerName hostname.example.com
    ... # the rest of the VHost configuration
</VirtualHost>

Finally, reload apache2 to apply all these changes:

sudo service apache2 reload

Configure database

Duration: 4:00

To configure WordPress, we need to create MySQL database. Let’s do it!

$ sudo mysql -u root
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 7
Server version: 5.7.20-0ubuntu0.16.04.1 (Ubuntu)

Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> CREATE DATABASE wordpress;
Query OK, 1 row affected (0,00 sec)

mysql> CREATE USER wordpress@localhost IDENTIFIED BY '<your-password>';
Query OK, 1 row affected (0,00 sec)

mysql> GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER
    -> ON wordpress.*
    -> TO wordpress@localhost;
Query OK, 1 row affected (0,00 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 1 row affected (0,00 sec)

mysql> quit
Bye

Enable MySQL with sudo service mysql start.

Configure WordPress to connect to the database

Duration: 2:00

Now, let’s configure WordPress to use this database. First, copy the sample configuration file to wp-config.php:

sudo -u www-data cp /srv/www/wordpress/wp-config-sample.php /srv/www/wordpress/wp-config.php

Next, set the database credentials in the configuration file (do not replace database_name_here or username_here in the commands below. Do replace <your-password> with your database password.):

sudo -u www-data sed -i 's/database_name_here/wordpress/' /srv/www/wordpress/wp-config.php
sudo -u www-data sed -i 's/username_here/wordpress/' /srv/www/wordpress/wp-config.php
sudo -u www-data sed -i 's/password_here/<your-password>/' /srv/www/wordpress/wp-config.php

Finally, in a terminal session open the configuration file in nano:

sudo -u www-data nano /srv/www/wordpress/wp-config.php

Find the following:

define( 'AUTH_KEY',         'put your unique phrase here' );
define( 'SECURE_AUTH_KEY',  'put your unique phrase here' );
define( 'LOGGED_IN_KEY',    'put your unique phrase here' );
define( 'NONCE_KEY',        'put your unique phrase here' );
define( 'AUTH_SALT',        'put your unique phrase here' );
define( 'SECURE_AUTH_SALT', 'put your unique phrase here' );
define( 'LOGGED_IN_SALT',   'put your unique phrase here' );
define( 'NONCE_SALT',       'put your unique phrase here' );

Delete those lines (ctrl+k will delete a line each time you press the sequence). Then replace with the content of https://api.wordpress.org/secret-key/1.1/salt/. (This address is a randomiser that returns completely random keys each time it is opened.) This step is important to ensure that your site is not vulnerable to “known secrets” attacks.

Save and close the configuration file by typing ctrl+x followed by y then enter

Configure WordPress

Duration: 2:00

Open http://localhost/ in your browser. You will be asked for title of your new site, username, password, and address e-mail. Note that the username and password you choose here are for WordPress, and do not provide access to any other part of your server - choose a username and password that are different to your MySQL (database) credentials, that we configured for WordPress’ use, and different to your credentials for logging into your computer or server’s desktop or shell. You can choose if you want to make your site indexed by search engines.

WordPress installation816×646 42.8 KB

You can now login under http://localhost/wp-login.php. In the WordPress Dashboard, you will see bunch of icons and options. Don’t worry, it’s easy!

Dashboard818×648 46.9 KB

Write your first post

Duration: 3:00

You will notice the “Hello world!” post. Let’s delete it and write something more interesting…

From Dashboard (http://localhost/wp-admin/), select the “Posts” icon and click on “All Posts”. Mouse over the “Hello world!” post title and select Trash.

Move to Trash818×648 46.5 KB

To create new post, click on the “Add New” button. You should notice a fancy WYSIWYG editor with simple (but powerful) text formatting options. You may want to switch to Text mode if you prefer pure HTML.

Let’s write something! It’s as easy, as using text processors that you know from office suites.

First post818×648 61.6 KB

Now, click the Publish button. You can now view your brand-new post!

That’s all!

Duration: 1:00

Of course, this tutorial has only described basics of WordPress usage, you can do much more with this blogging platform/CMS. You can install one of thousands of available (free and commercial) plugins and themes. You can even configure it as forum (with bbPress plugin), microblogging platform (BuddyPress), eCommerce platform (WooCommerce) or extend existing WordPress features with plugins like JetPack or TinyMCE Advanced.

The WordPress manual and documentation is available in the WordPress Documentation pages.You can read it to learn more about WordPress usage, and even something about themes/plugins development.

If you need more guidance on using WordPress, help is always at hand:

• WordPress.org Forums
• Ask Ubuntu
• Ubuntu Forums

Further reading:

• WordPress Documentation
• WordPress page in Ubuntu documentation

Dears,
While doing sudo a2ensite wordpress it would be good idea to add
sudo a2enmod rewrite.
Thank you.

I would also add changing to collation, if needed when entering the DB_USER and others MySql settings.

define( ‘DB_COLLATE’, ‘utf8_general_ci’ );

Yes, makes sense on both accounts, updated. Thanks!

Happy to help:)

Is it possible to use this method for sites without alias (/blog)?

Yaakov

GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER
    -> ON wordpress.*
    -> TO wordpress@localhost
    -> IDENTIFIED BY '<your-password>';

Doesn’t work anymoore
Use maybe this Instead:

CREATE USER 'wordpress'@'localhost' IDENTIFIED BY '<your-password>';
GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpress'@'localhost' WITH GRANT OPTION;

Due to the new version there have to be an other adjustment:
CREATE USER ‘wordpress’@‘localhost’ IDENTIFIED WITH mysql_native_password BY ‘’;

This leaves you with an installation of wordpress that is not able to install plugins. I did some research to see what is required, and apparently doing things this way it is not possible to install plugins without opening yourself up to a world of security vulnerabilities. So no plugins. What means I just wasted all this time for nothing. A warning that this does not install a full, usable version of wordpress would have been nice.

Furthermore, this installs Wordpress so that it appears to users to be located in a subdirectory called “blog/” which does not actually exist. Although you can change the settings so the user-facing site no longer appears to be in this nonexistent subdirectory, there is no way to move /wp-admin out of “[sitedomain]/blog/wp-admin”

You really should make it clear at the BEGINNING that these instructions are for a single, extremely specific and nonstandard install of wordpress. Now I have to start all over again from scratch.

Holy bullshit. The installation removed my mariaDB.
What can I do?

You need to do some more research. Blog is an alias, not a directory. This is an example of virtual hosts installation. You could use this installation to run more than one WordPress site by creating other virtualhosts. Create the relevant files with the correct naming convention and you would/could have say localhost/music.

Create /etc/apache2/sites-available/mysite.conf and set an alias to /music with the appropriate virtualhost block along with a /config-mysite.php and enabling mysite as a site and soon you should be on your way to opening http://mysite.

I’m just trying to follow this guide. then all of a sudden I’m expected to know what to do.
How do I create a file?

I don’t use linux / unix everyday and I’ve never used Wordpress.

“Create Apache site for WordPress. Create /etc/apache2/sites-available/wordpress.conf with following lines:”

Ignore the above post about having a Wordpress Site that is unable to use plugins. Admitted, this tutorial does assume a lot (if you know nothing about Ubuntu). Fortunately, I know everything about Ubuntu and if you did follow this tutorial and WERE able to install Ubuntu, everything will work. The author of the post didn’t know enough about Ubuntu, got frustrated, and made his post hoping to either denigrate the author, the tutorial, or both. If he would had read the tutorial a couple more times he might have figured out it was a simple path or permission issue. Those who knew Ubuntu immediately noticed this issue and fixed it on the fly, as it was knowledge he/she had taken for granted through their years of use with Ubuntu.

Plugins work just fine. Make sure you do the ‘chown -R www-data:www-data /usr/share/wordpress’. Yes that line is different than what’s in the tutorial. It is simply a more complete way to set permissions. Chances are that setting the user ownership will be enough, however, in some instances you MAY need the group ownership to be properly set. If not, then you might complain plugins don’t work.

The other possible issue you might have while using this tutorial (with some admitted assumptions) is the issue of pointing the wordpress symlink at /var/www as opposed to pointing at /var/www/html. This unfortunately is another one of those possible assumpition things.

Finally, there was some droning on about /blog not being a directory in the Unix file system. That is correct, if you followed through the tutorial you will know at no time is the a creation of some directory name ‘blog’. This is a symbolic name that is used in the configuration file. It may or MAY NOT actually exist as a directory in your file system.

It’s just a matter of how much you know or don’t know. But just because something doesn’t work because you thought you followed instructions to the ‘t’ probably has more to do with your lack of knowledge of the overall subject.

This guide was not called a comprehensive guide. But I can guarantee you anyone who has used/administered a Ubuntu box for at least a year will have easily set their WordPress site up with the aid of these instructions supplemented by their knowledge of their own system.

I do help with this stuff, but unfortunately for most, I do it professionally on a pay basis, have Ubuntu servers up on the internet now you can peruse (i have a publicly available ubuntu shell server for responsible people) and look at active production servers and how they are configured. Contact me personally if you would like to know more.

The guy who wrote the tutorial needs to be thanked for all the time and effort he put into it. It has helped thousands of people get working sites. Just because 1 guy couldnt figure out how to do something has more to do with that one guy than it does this tutorial.

I’m such a softee. I just can’t help sticking up for people.

Ron

Hey guys,

Can you help a gal out?

What should we be using for the following?

mysql> GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER
→ ON wordpress.*
→ TO wordpress@localhost
→ IDENTIFIED BY ‘’;

Am I supposed to create a password?
The initial instructions said I would not need to create a mysql password.

Also - dumb question - if I am to create a password, do I include the ’ before and after password?
for example ‘abcdef12345’.

How do I check the syntax in mysql? I keep getting errors about my syntax but no clue how to view the syntax and look for errors?

If I show tables, it says my tables are empty

mysql> SHOW TABLES;

Empty set (0.00 sec)

Can you help a gal out?
What should we be using for the following?
mysql> GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER
→ ON wordpress.*
→ TO wordpress@localhost
→ IDENTIFIED BY ‘’;

That is incomplete, and will throw a MySQL error.

You actually should not use that, as it will not work on all version of mysql. It is actually specific to the latest and greatest. Do it the old way, like so:

create database wordpress;
create user ‘wordpress’@‘localhost’ identified by ‘password’;
use wordpress;
grant all privileges on wordpress.* to ‘wordpress’@‘localhost’;
flush privileges;
quit;

I am fairly certain that set of commands will work on all versions of MySQL. Setting specific privileges is surely a more secure way of granting database privileges, however, it can be problematic. It might not be portable across all version of MySQL. You might leave out a certain privilege and then this makes for a nightmare troubleshoot. Plus other reasons that are not coming to me atm.

Am I supposed to create a password?
The initial instructions said I would not need to create a mysql password.

They are talking about the mysql-server password here. You may or may not need to. However, do yourself a favor and just prior to creating the wordpress database, run this command:

mysql_secure_installation

Running that will not make anything harder, and the 3 or 4 questions it asks are easy to understand, but replying ‘Yes’ to all questions will not break anything. During this process, it will ask you to set the mysql-server password. However, again, depending on the version this may or not be needed. Current combinations of Ubuntu/mysql-server will not need a root password for mysql-server if you are logged in as the root Ubuntu user. Modern version connect through a socket (don’t worry, you don’t need to know the details of this) and will automagically log you in as the mysql-server root user if you are logged in as an Ubuntu user with root privileges.

Also - dumb question - if I am to create a password, do I include the ’ before and after password?
for example ‘abcdef12345’.

No. This in fact would be a security hole. You NEVER have to know or even include an old password when updating the password.

If I show tables, it says my tables are empty
mysql> SHOW TABLES;

That’s correct. The WordPress tables are created during the actual WordPress installation (the part where you complete the WordPress setup in your browser).

Ron

PS. Almost ALL versions of of WordPress tutorials for Ubuntu 20.04 leave you with a broken installation, if followed to the letter. They assume much. One of things NEVER pointed out in the installation guides are that changing the ownership of the php sub-system and the javascript sub-system to (chown -R www-data:www-data ) might be required to get things working. Additionally, most newer WordPress installation guides combined with Ubuntu 20.04 also tend to forget little things, like php-intl, php-xml, php-bcmath and a shit ton of other files required to make things work. You’ll know if this is the issue if your WordPress installation is missing the images, all the fonts are wonky, etc etc. This is specifically due to symbolic links hardcoded in WordPress installations which end up pointing style sheets and other critical javascript and php which are not in the places where they should be. The solution to this is DON’T use the latest and greatest. If you are relatively weak in your Ubuntu skills, you’ll have a much better time (ie, successful) if you build your WordPress installation on Ubuntu 18.04, and using the version of WordPress provided in the repository (ie, apt get wordpress).

I agree with ronaldljohnson above about:

Can you help a gal out?
What should we be using for the following?
mysql> GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER
→ ON wordpress.*
→ TO wordpress@localhost
→ IDENTIFIED BY ‘’;

That is incomplete, and will throw a MySQL error.

You actually should not use that, as it will not work on all version of mysql. It is actually specific to the latest and greatest. Do it the old way, like so:

create database wordpress;
create user ‘wordpress’@‘localhost’ identified by ‘password’;
use wordpress;
grant all privileges on wordpress.* to ‘wordpress’@‘localhost’;
flush privileges;
quit;

The above commands do not work. I followed the tutorial exactly and that doesn’t work but his solution does.

Thank you for taking the time to clarify these questions.
It would be nice if your clarifications are included in the tutorial.
I was stuck on the plugin-less installation as well, because I just followed the steps in the tutorial.
You might be underestimating how often people just copy code sections without reading the insides.

Yeah a lot of people DO just follow the tutorial which is ok if you know Ubuntu well enough to get yourself out of trouble. If not, chances are you’ll get so lost during troubleshooting and trying fix things you end up just reloading the OS from scratch and starting over. Which is ok because repetition does make for getting things right and learning, but when all you want to do is get some subsystem working it can make for a frustrating time.

Which is the primary reason I take time to write comments, respond if I’ve gotten something wrong, and most of all just to make corrections for the next guy. This is a relatively well written tutorial which is one reason I come back to it occasionally. I sometimes use it as a template if I need to install multiple machines.

Anyways, I run a small hosting business so have dealt with many WordPress issues. Most of my clients have the whole OS to contend with as well on top of WordPress. I do offer free and introductory accounts. If you need some help or have any interest you can send a mail to support@fbr1.us or support@zettabytes.org. Mention this thread and the message will get filtered to me.

Ron

Hey guys,

thank you for the guide, all worked well until I got this problem:
“You won’t be able to install new themes from here yet since your install requires SFTP credentials. For now, please add themes in the admin.”

After a few hours - yes really I found a solution on another forum, I thought I’d share it here

Open wp-config.php with your text editor of choice and add the following line to the end of the file:

define(‘FS_METHOD’,‘direct’);
?>
Save and reload apache

Now, I can install themes etc without being asked to put an FTP account info for AWS EC2

Cheers

Emanuel

Seems like the following mysql command is not correct:

mysql> GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER
→ ON wordpress.*
→ TO wordpress@localhost
→ IDENTIFIED BY ‘’;

It produces ERROR 1064 (42000)

According to this post:
You don’t use IDENTIFIED BY in GRANT queries, it’s used in CREATE USER.

CREATE USER 'root'@'%' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%';

https://stackoverflow.com/questions/52372165/mysql-error-1064-42000-you-have-an-error-in-your-sql-syntax