Install and configure WordPress

This guide and several of the replies here are just terrible, showing complete disregard for the kind of people who would be likely to look up for these kinds of guides. The assumption that the readers already know what they’re doing and thus skipping a lot of the steps quite misses the point, since,well, if the readers already knew what they were doing, they wouldn’t be needing a guide!

• The guide doesn’t even attempt to mention anything about securing the installation with SSL. That’s an enormous omission – in this day and age, no one should be running unsecured websites.
• You’re not supposed to be changing the permissions of /usr/share/wordpress! The /var/lib/wordpress/wp-content is where all the plugins and such are supposed to go as per the documentation in /usr/share/doc/wordpress/README.Debian.gz
• It wouldn’t take a lot of effort to also explain how to make the Wordpress-site the default, instead of landing in /blog and just making the reader figure the details out on their own.

Modify the following part, because The grant command does not accept an identified by clause.

mysql> GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER
-> ON wordpress
-> TO wordpress@localhost
-> IDENTIFIED BY ‘’;
Query OK, 1 row affected (0,00 sec)

New code:

CREATE USER wordpress@localhost IDENTIFIED BY ‘’;

GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, ALTER
ON wordpress.*
TO wordpress@localhost;

I think the tutorial is missing permissions attributes parts, I’m having some issues setting the right ones… I can’t install any theme or plugin, and I don’t want to move WordPress directory to another place…

Commands like: sudo chown -R www-data:www-data /usr/share/wordpress shouldn’t be omitted from tutorial…

I’ve taken some time to go through and heavily update the tutorial. The updates are best practice from upstream WordPress.org.

These commands should have the wp-config.php file at the end of them, else you get ‘no input files’ from sed.

oops, thanks for pointing that out. I’ve corrected it now.

The Configure Apache for WordPress section is using deprecated Order / Allow directives. The access control docs for Apache 2.4 include:

The Allow, Deny, and Order directives, provided by mod_access_compat, are deprecated and will go away in a future version. You should avoid using them, and avoid outdated tutorials recommending their use.

The directives from this didn’t work for me with Apache 2.4.41 - I got HTTP 403s - and had to use

    Require all granted

instead.

Thanks for letting us know. I’ve updated the doc for this change

Please append a line that instructs the user to disable the default Apache2 site: sudo a2dissite 000-default

Otherwise, users not familiar with Apache2 might wonder why http://localhost is showing an Apache2 landing page instead of the depicted Wordrpess setup screen.

Set RootDocument variable to /srv/www/wordpress. Edit /etc/apache2/sites-available/000-default.conf with following lines:

#DocumentRoot /var/www/html
DocumentRoot /srv/www/wordpress

Came here specifically to ask about this.

Could I suggest also removing the default side from apache
sudo a2dissite 000-default.conf
before reloading apache, as when I followed the tutorial I was getting served the default site’s index.html rather than wordpress’s index.php.

Actually… wish I’d read the other comments earlier… as several others mentioned the fix above!

Please format commands in cli in:
Then, enable this site with sudo a2ensite wordpress , enable URL rewriting with sudo a2enmod rewrite and reload apache2 with sudo service apache2 reload . You should also run sudo a2dissite 000-default to disable the default “It works” page so that WordPress can load.

@karye what is it you want changed, and why? the text you wrote above is a direct one-for-one identical copy of what is already in the document.

In the guide CLI commands are shown in separate grey boxes.
It would enhance readability for beginners to split this paragraph and use
```sudo 2ensite wordpress```
not `sudo a2ensite wordpress` etc…

Hello all. I’ve reviewed this post several times in the past over the years, as well as have tried to make corrections and pass on any information that I think would be helpful to first time or amateur WordPress on Ubuntu installers. I was a bit dismayed when the original author made the decision to use the ‘upstream WordPress recommended installation’ instead of the original way it was written, what I believe is the Ubuntu way, but the author has the discretion to write the article in any way he feels necessary.

apt install wordpress

That should be the start for anyone installing WordPress on current versions of Ubuntu. Should also be the way this article should start, however the author has opted for ‘upstream Recommended installation’ which I completely understand. However it does get away from the ‘Ubuntu’ way.

I’m fully aware of the issues to install Wordpress the recommended way versus the apt install wordpress way and it comes down to configuration. There’s still lots of assumptions being made in this new revamped article. Though the idea is correct and in some instances I would use that option, I like having the control and security of the database details being set up in /etc/wordpress/config-hostname.php. Additionally with the Apache integration I also like to setup virtual hosts for each and every host on an Apache web server because it’s just the right way to do it. By default the Ubuntu Apache 2 configuration wants separate files for ssl and non-ssl web sites, which not only do I think is stupid but it makes things complicated. I create the virtual hosts file as a single file for each host, virtual or otherwise and put both the non-ssl (port 80) and ssl (port 443) apache configuration in each of the vhosts into a single file for /etc/apache2/sites-available. At this point new and amateur Linux/Apache/Wordpress users should be thoroughly confused and veteran sysadmins are following me along and hopefully agreeing.

All of the issues usually have to do with either something in the initial configuration and where those configuration files are, or have to do with subsystem upgrades where the command usage is slightly different, as evidenced by some of the confusion above in the MySQL statements, the create user/password issue repetitively occurs. I won’t go into the details of changing MySQL user passwords with the ALTER SQL syntax because again, I think it just makes things more complicated.

With the default installation of Apache 2 and Wordpress on Ubuntu it’s my opinion that this article should reflect that and either have WordPress installed into the default ‘html’ (/var/www/html) directories and NOT removing the 000-default* files, which are the default vhost config files for the web server operation on ports 80 and 443 (ssl) OR deleting all the 000-default* files and spell out in the tutorial how to create the vhost file for both port 80 and 443 in a single file.

Yes, I’m a bit of an expert not only of Linux, but of Apache 2 (and 1) and Wordpress as I have been using all those products for 15-40 years, depending. Regardless of how your installing your Ubuntu or Wordpress I’m open to personally help anyone having issues and get their web site up and running. Just look up my profile and send me an email.

I additionally have several web servers up and running (azure.zettabytes.org, weeklynewsworld.com) which is but a short collection of sites I’ve been working on lately. I can setup shell accounts and give some visibility on how a ‘production’ sites run with visibility into the actual configuration files.

It’s always just the initial setup and configuration which give the most headaches as there are many many ways a site might be configured but once a WordPress is finally up and running, I’ve found it to be very reliable.

If anyone wants some help with their setup drop me a line.

Ron

The “Ubuntu way” that you mention is explicitly unsupported by WordPress. The method I chose for the update to a very out of date document is the most likely to be able to be supported; not just by Ubuntu people who understand the hosting stack, but also by WordPress support volunteers at the WordPress Support Forums and IRC (#WordPress on LiberaChat).

It’s also worth mentioning that WordPress in the Ubuntu archive is under the auspices of the MOTU, which means that security patching is on a “best effort”, volunteer, basis and means that security patches are often missed or not deployed in a timely manner - the WordPress way in this document means that security patches issued by WordPress.org are installed as soon as they are available.

While I agree that merging port 80 and 443 configuration into the same file is expedient, this tutorial doesn’t mention TLS in any way so including that information is superfluous.

Ah I see what you mean. Thanks for the tip, I’ve updated the document to put the commands in that paragraph to separate blocks.

Just a suggestion, as the audience is clearly command line capable, would it not be to first install WP CLI, then downloading core, setting up wp_config.php and the initial build of WordPress can be distilled into simple command lines