Part 6 of 7 in "Self-Hosting WordPress"

  1. Self-Hosting WordPress – Ubuntu
  2. Self-Hosting WordPress – Nginx
  3. Self-Hosting WordPress – MariaDB
  4. Self-Hosting WordPress – PHP
  5. Self-Hosting WordPress – SSL
  6. Self-Hosting WordPress – Installation
  7. Self-Hosting WordPress – Performance

Install all the WordPress

As part of this installation guide I’ll be showing you how to install the cli, setup the database and configure wp. It’ll be a relatively long post, however by the end you’ll have a working WordPress installation. Without further ado!


The CLI is incredibly useful, it allows us to install WordPress, take database backups and anything else you might want to do in the web interface. Installing it is simple! From a server ssh connection:

cd /tmp

I always like to work out of the temp directory when downloading and installing files, just incase I mess up or leave a file behind.

So, what we’re going to want to do is download the cli installation script.

curl -O

And as per the official advice, check if it’s working.

php wp-cli.phar --info

You should see something similar to this

PHP binary:	/usr/bin/php7.0
PHP version:	7.0.15-0ubuntu0.16.04.4
php.ini used:	/etc/php/7.0/cli/php.ini
WP-CLI root dir:	phar://wp-cli.phar
WP-CLI packages dir:	
WP-CLI global config:	
WP-CLI project config:	
WP-CLI version:	1.1.0

Congratulations, you just ran the script. But the whole php wp-cli.phar command is a bit messy. Instead what we can do is place it in our path as wp. Then we just need to type wp to run it.

chmod +x wp-cli.phar
sudo mv wp-cli.phar /usr/local/bin/wp

And again, we can check if it’s working.

wp --info



Let’s get started by logging into MySQL (MariaDB) as root.

mysql -u root -p

It’ll ask you for a password, this is the MySQL root password we setup when we setup the database.


We are creating the database named wp as part of our installation.

Query OK, 1 row affected (0.02 sec)

It worked? Awesome. Let’s setup the user for the database.

Check Password

Don't just copy and paste the following, change password for the desired strong and secure password.
GRANT ALL ON wp.* TO 'wp'@'localhost' IDENTIFIED BY 'password';

Now we have a user “wp” with all rights to the database “wp” and appropriate tables.

Let’s get MySQL to update the roles.


And we’re done with MySQL, let’s exit out of the command.


Nginx Configuration

Nginx does a good job of serving PHP files, we’re just going to tweak the settings so our log files don’t get bloated and we’re serving properly cached files.

sudo nano /etc/nginx/sites-available/default

Directly below the server_name directive you’ll want to add the following.

location = /favicon.ico {
    log_not_found off;
    access_log off;

location = /robots.txt {
    log_not_found off;
    access_log off;
    allow all;

location ~* \.(css|js|png|jpg|jpeg|gif|ico)$ {
    expires max;
    log_not_found off;

It should be relatively self explanatory, feel free to extend the last location block if you are serving other filetypes.

Now we are going to change the try_files directive in the location / block so that WordPress can handle the pretty permalinks.

location / {
    include snippets/security-headers.conf;
    try_files $uri $uri/ /index.php$is_args$args;

Save and test it before restarting nginx.

sudo nginx -t
sudo systemctl reload nginx

PHP Extensions

When we installed PHP, we only installed the mysql extension. Let’s pull in a few more useful ones that WordPress might require.

sudo apt-get update
sudo apt-get install php-curl php-gd php-mbstring php-mcrypt php-xml php-xmlrpc php7.0-zip

That should get you started!

sudo systemctl restart php7.0-fpm


Check out this post where I go through installing postfix for send only emails.

The Software

Installing WP is straightforward, and there are various ways to do it. You can download and FTP the whole thing, download it straight to the server and unpack it or use the cli. There are other ways, we’ll focus on the cli we just installed.

First things first, let’s move to the root of our public server folder. If you are installing as Multisite or in a subfolder you will need to adjust as required.

sudo chown yourname:www-data /var/www/html
cd /var/www/html
wp core download
Downloading WordPress 4.7.3 (en_US)...
md5 hash verified: 044729d30b720809f19e14ece49e119b
Success: WordPress downloaded.

If you visit the url in your browser you should get a page like this…

Feel free to complete the installation with the web interface, however I am going to use the cli we installed earlier.

nano ~/wpdb-password.txt

Enter your database password you set earlier into this file (make sure there are no trailing whitespace or new lines).

wp core config --dbname=wp --dbuser=wp --prompt=dbpass < ~/wpdb-password.txt --extra-php="define('FS_METHOD', 'direct');\n"
rm ~/wpdb-password.txt

Here we read that database password and then create the wp-config file before deleting our file. The main reason we are using files like this is to avoid leaking our password into our bash log files.

nano ~/wp-password.txt

In this file, enter a new password for the admin user we are about to setup.

Replace server_domain with the url you use to access the website. Along with any of the other settings you might wish to customise.

wp core install --url="server_domain" --title="My Awesome Blog" --admin_user="admin" --admin_email="" --prompt=admin_password < ~/wp-password.txt
rm ~/wp-password.txt

Mate, you’ve just installed WordPress. Have a beer. 


In order to improve the security of the application we will run a few permission rules.

sudo find /var/www/html -type d -exec chmod g+s {} \;
sudo chmod g+w /var/www/html/wp-content
sudo chmod -R g+w /var/www/html/wp-content/themes
sudo chmod -R g+w /var/www/html/wp-content/plugins
sudo usermod -aG www-data $USER
sudo chown -R www-data:www-data /var/www

Continue reading "Self-Hosting WordPress"