Install WordPress on DigitalOcean
This is the first article in the series Installing and Configuring WordPress on Digital Ocean.
This is a guide to installing WordPress on the DigitalOcean cloud hosting service.
There are two objectives with this post. First, I am writing this article for myself so I can remember the steps needed to install WordPress on a DigitalOcean image. Second, I hope this article will be useful for other people who needed to do the same.
The steps to setup a new WordPress blog on DigitalOcean are:
- Create a new Droplet
- Login to new Droplet, create a new non-root user
- Install NGinx (Web Server)
- Install MySql (Database)
- Install PHP and configure NGinx to use PHP
- Setup WordPress
If you don’t already have a Digital Ocean account and want to follow along with this tutorial then click the link below:
Create a new Droplet
Select the correct droplet size. I will use the smallest and cheapest version for this demonstration. Small WordPress blogs don’t need much memory or disk space.
$ ssh root@<ip addresss> The authenticity of host 'ip addresss (ip addresss)' can't be established. ECDSA key fingerprint is xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '' (ECDSA) to the list of known hosts. root@'s password: You are required to change your password immediately (root enforced) Welcome to Ubuntu 14.04.1 LTS (GNU/Linux 3.13.0-37-generic x86_64) * Documentation: https://help.ubuntu.com/ System information as of Tue Dec 23 01:18:32 EST 2014 System load: 0.0 Memory usage: 9% Processes: 50 Usage of /: 9.1% of 19.56GB Swap usage: 0% Users logged in: 0 Graph this data and manage this system at: https://landscape.canonical.com/ Changing password for root. (current) UNIX password: Enter new UNIX password: Retype new UNIX password: root@MyWordPressBlog:~#
Create a new non-root user
You don’t normally want to use the root user so we will create a non-root user before doing anything else.
I will use the username ‘mark’.
root@MyWordPressBlog:~# adduser mark Adding user `mark' ... Adding new group `mark' (1000) ... Adding new user `mark' (1000) with group `mark' ... Creating home directory `/home/mark' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Changing the user information for mark Enter the new value, or press ENTER for the default Full Name : Room Number : Work Phone : Home Phone : Other : Is the information correct? [Y/n] Y root@MyWordPressBlog:~#
This user has normal privileges. We want to add this user to the group ‘sudo’ so that we can install and configure software.
root@MyWordPressBlog:~# gpasswd -a mark sudo Adding user mark to group sudo
I can now temporarily run a command under the root user. You will be asked for your password everytime though. Add the following statement to the file /etc/sudoers so you won’t be prompted for your password each time you use sudo.
$ sudo vi /etc/sudoers
Add the following line to the end of the file:
mark ALL=(ALL) NOPASSWD: ALL
For extra security you can change the SSH port number, it’s normally 22. Hackers can check that port number to see if you are running the ssh service and attempt to hack into your machine. I change the port number to some random number instead.
In file /etc/ssh/sshd_config
$ sudo vi /etc/ssh/sshd_config
Find the line ‘Port 22’ and change it to something else, e.g. ‘Port 1234’. Don’t forget this number!
I also like to change the line ‘PermitRootLogin yes’ to ‘PermitRootLogin no’. You have a non-root user set up that has super privileges so there is no need for the root user login.
After you have made the changes just restart the ssh service.
$ sudo service ssh restart
Exit the session and try to log in as before. It should not work because the ssh service is no longer listening on port 22. Add the -p option and set it to the port number you set in the sshd_config file and try again.
$ ssh mark@ip address ssh: connect to host ip address port 22: Connection refused $ ssh -p 1234 mark@<ip address> Welcome to Ubuntu 14.04.1 LTS (GNU/Linux 3.13.0-37-generic x86_64) * Documentation: https://help.ubuntu.com/ System information as of Tue Dec 23 02:00:08 EST 2014 System load: 0.0 Processes: 67 Usage of /: 9.5% of 19.56GB Users logged in: 0 Memory usage: 11% IP address for eth0: ip address Swap usage: 0% Graph this data and manage this system at: https://landscape.canonical.com/ Last login: Tue Dec 23 02:00:09 2014 from <last log in address>
If you are accessing the server from linux then you can put the login details into a config file in your .ssh directory. This makes it easier to log in. For example:
From your local machine:
$ vi ~/.ssh/config
Host wpblog User mark Port 1234 Hostname ip address TCPKeepAlive yes SendEnv
Now you can log in to the server by typing, no need to remember the port number or the ip address:
$ ssh wpblog Welcome to Ubuntu 14.04.1 LTS (GNU/Linux 3.13.0-37-generic x86_64) * Documentation: https://help.ubuntu.com/ System information as of Tue Dec 23 02:01:56 EST 2014 System load: 0.0 Processes: 67 Usage of /: 9.5% of 19.56GB Users logged in: 0 Memory usage: 11% IP address for eth0: ip address Swap usage: 0% Graph this data and manage this system at: https://landscape.canonical.com/
Install NGinx (Web Server)
First we update the repository and then we install the web server. It will be started automatically.
$ sudo apt-get update $ sudo apt-get install nginx
To test the web server is working from our local machine open a browser and point it at our droplet:
e.g. access http://<ip address>
Install MySql (Database)
Next we need to install the MySql database that WordPress uses to store all the blog posts and settings in.
$ sudo apt-get install mysql-server
During the install you are asked to specify the password for the root login. Don’t forget the password!
$ sudo mysql_install_db
Then we secure the installation by removing the test account and test database.
$ sudo mysql_secure_installation
Install PHP and configure NGinx to use PHP
Next we need to install PHP and configure the NGinx web server to pass incoming requests to the PHP processor.
We will install php5-fpm which stands for “fastCGI process manager”. We will also install the package that will allow php to communicate with the mysql database.
$ sudo apt-get install php5-fpm php5-mysql
Next we need to make a configuration change to make our installation more secure.
Open the php5-fpm configuration file.
$ sudo vi /etc/php5/fpm/php.ini
Look for the parameter cgi.fix_pathinfo
Uncomment the parameter and set it to 0, the line should read:
Now we need to restart the php processor to use the new configuration.
$ sudo service php5-fpm restart
Configure NGinx to use php5-fpm
We need NGinx to hand off incoming requests to the PHP backend.
We do this at the service block level (similar to apache virtual hosts). The file we need to change is /etc/nginx/sites-available/default
$ sudo vi /etc/nginx/sites-available/default
Change it to look like this:
Once you have finished editing the nginx config file restart the service.
$ sudo service nginx restart
Create a test php page to test configuration
Next we create a php page in the nginx home directory to test that nginx passes the request to the PHP backend and that it is processed correctly.
$ sudo vi /usr/share/nginx/html/test.php
Then type the following:
Now from your local machine request this file, e.g. http://<ip address>/test.php
If everything worked correctly you should see the following:
sudo rm /usr/share/nginx/html/test.php
Set up WordPress
These are the following steps to set up WordPress:
- Configure database
- Download the latest version of WordPress
- Install some more PHP libraries
- Configure WordPress
We will now create the wordpress database.
$ mysql -u root -p
Type in the password for the root account, this is the password you used when you installed mysql previously.
I assume this droplet will only ever run one instance of wordpress so I am going to call the database ‘wordpress’:
create database wordpress;
Don’t forget the semicolon (;) at the end of the statement.
WordPress doesn’t use the root account, at least it shouldn’t. So we will now create the user account that WordPress will use when communicating with mysql.
create user wpuser@localhost identified by 'password';
I used ‘password’ as the example password here. Obviously not the most secure password.
Now we grant permissions to this account so that it can access the wordpress database.
grant all privileges on wordpress.* to wpuser@localhost; flush privileges;
We have now finished with mysql so we exit from the mysql client.
Download the latest version of WordPress
Next we will download the latest version of WordPress.
$ cd $ wget http://wordpress.org/latest.tar.gz
Once the file has downloaded we can extract it’s contents with the following command:
$ tar zxvf latest.tar.gz
There will now be a directory called wordpress in our home directory.
Install some more PHP libraries
Next we will install two more PHP libraries. The first, php5-gd, will let us work with images and the second, libssh2-php, allows updating/installing plugins using ssh.
$ sudo apt-get update $ sudo apt-get install php5-gd libssh2-php
Next we will configure wordpress so that it can access our wordpress database.
$ cd wordpress $ mv wp-config-sample.php wp-config.php $ vi wp-config.php
Now we need to modify the database constants that wordpress uses to access the database.
Here are the statements that we will modify to match our database credentials.
// ** MySQL settings - You can get this info from your web host ** // /** The name of the database for WordPress */ define('DB_NAME', 'database_name_here'); /** MySQL database username */ define('DB_USER', 'username_here'); /** MySQL database password */ define('DB_PASSWORD', 'password_here'); /** MySQL hostname */ define('DB_HOST', 'localhost');
After modification, the statements should be:
// ** MySQL settings - You can get this info from your web host ** // /** The name of the database for WordPress */ define('DB_NAME', 'wordpress'); /** MySQL database username */ define('DB_USER', 'wpuser'); /** MySQL database password */ define('DB_PASSWORD', 'password'); /** MySQL hostname */ define('DB_HOST', 'localhost');
Lower down in the file we see:
define('AUTH_KEY', 'put your unique phrase here'); define('SECURE_AUTH_KEY', 'put your unique phrase here'); define('LOGGED_IN_KEY', 'put your unique phrase here'); define('NONCE_KEY', 'put your unique phrase here'); define('AUTH_SALT', 'put your unique phrase here'); define('SECURE_AUTH_SALT', 'put your unique phrase here'); define('LOGGED_IN_SALT', 'put your unique phrase here'); define('NONCE_SALT', 'put your unique phrase here');
Let us change these values to make our installation more secure.
From your browser access this url: https://api.wordpress.org/secret-key/1.1/salt/
Paste the contents into your config file replacing the default values.
Now we copy the wordpress files into the nginx directory and set the correct permissions.
$ sudo cp -r ~/wordpress/* /usr/share/nginx/html/ $ cd /usr/share/nginx/html/ $ sudo mkdir wp-content/uploads $ sudo chown -R www-data:www-data /usr/share/nginx/html/
After we copy the wordpress files to the nginx directory. We create an uploads directory underneath wp-content. This is where uploaded media files will be saved. We then set the nginx web user account to have full access to the wordpress directory.
Now you can point your browser at http://<ip address>/wp-admin/ to continue the setup.
After you have provided the information needed the wordpress database will be created and populated and you will be directed to the WordPress Dashboard page.
Did I miss anything?
Would you do anything different?
Please leave a comment.
Links for this article
Digital Ocean [affiliate link]
If you liked this article please share.