WordPress Ubuntu Config

/ Website

These are some consolidated notes on setting up WordPress on an Ubuntu server (replace “example”, “example.com” and “ExamplePassword” appropriately).

Database prep

Start the mysql command program:

mysql -uroot -p

Run these mysql commands:

create database example;
CREATE USER 'example'@'localhost' IDENTIFIED BY 'ExamplePassword';
GRANT ALL PRIVILEGES ON example.* TO 'example'@'localhost';
flush privileges;
quit

Directory/file prep

Create directory structure, download WordPress files, and set directory and file permissions,

sudo mkdir /var/www/www.example.com
cd /var/www/www.example.com
sudo mkdir html log ssl
sudo wget https://wordpress.org/latest.tar.gz
sudo tar -xf latest.tar.gz
sudo mv wordpress/* html/
sudo rmdir wordpress/
sudo rm latest.tar.gz
sudo chown -R www-data:www-data /var/www/www.example.com

Initial web server config

Start a test editor to create an apache configuration file.

sudo nano /etc/apache2/sites-available/www.example.com.conf

Your configuration should support HTTP (not HTTPS) at this point (unless you already have an SSL certificate, but these notes assume that you don’t).

<VirtualHost *:80>
  ServerName www.example.com
  ServerAlias example.com
  DocumentRoot /var/www/www.example.com/html
  <Directory "/var/www/www.example.com/html">
    AllowOverride All
    Require all granted
  </Directory>
  ErrorLog /var/www/www.example.com/log/error_log
</VirtualHost>

Verify that the configuration syntax is correct, enable the website, and reload the web server configuration.

apachectl -t
sudo a2ensite www.example.com
sudo systemctl reload apache2

Verify that your website is running by opening a browser and navigating to it’s URL (e.g. http://www.example.com). This should be an HTTP address, not an HTTPS address at this point if you have not added an SSL certificate to the suggested minimal config above.

You “could” complete the initial WordPress configuration via web browser, associating the WordPress installation files to the database that you setup, at this time. Or, you may wish to do this after you have switched to a secure/SSL connection (recommended to wait if you are accessing the server over an unsecure network, e.g., the Internet – however, you may be physically co-located at the web server location, which mitigates this risk).

SSL generation

Generate an SSL certificate (and key), copy it to an appropriate location, and set file permissions.

sudo certbot certonly --apache -d www.example.com
sudo cp /etc/letsencrypt/live/www.example.com/fullchain.pem \  /var/www/www.example.com/ssl/www.example.com.cert.pem
sudo cp /etc/letsencrypt/live/www.example.com/privkey.pem \  /var/www/www.example.com/ssl/www.example.com.key.pem
sudo chown -R www-data:www-data /var/www/www.example.com

Update web site configuration

Update the website configuration by opening the conf file again in a text editor.

sudo nano /etc/apache2/sites-available/www.example.com.conf

Your configuration should now support HTTP and HTTPS.

<VirtualHost *:80>
  ServerName www.example.com
  ServerAlias example.com
  Redirect permanent / https://www.example.com/
  DocumentRoot /var/www/www.example.com/html
  <Directory "/var/www/www.example.com/html">
    AllowOverride All
    Require all granted
  </Directory>
  ErrorLog /var/www/www.example.com/log/error_log
</VirtualHost>
<VirtualHost *:443>
  DocumentRoot /var/www/www.example.com/html
  ServerName www.example.com
  ServerAlias example.com
  <Directory "/var/www/www.example.com/html">
    AllowOverride All
    Require all granted
  </Directory>
  ErrorLog /var/www/www.example.com/log/error_log
  <IfModule mod_ssl.c>
    SSLEngine on
    SSLProtocol All -SSLv2 -SSLv3
    SSLCertificateFile    /var/www/www.example.com/ssl/www.example.com.cert.pem
    SSLCertificateKeyFile /var/www/www.example.com/ssl/www.example.com.key.pem
  </IfModule>
</VirtualHost>

Re-verify the website configuration and reload the web server.

apachectl -t
sudo systemctl reload apache2

Verify that your website is running by opening a browser and navigating to it’s secure/HTTPS URL (e.g. https://www.example.com). This should be an HTTPS address, not an HTTP address.

If you have not done so already, you should now complete the initial WordPress configuration via web browser, associating the WordPress installation files to the database that you setup.