How to Install WordPress with Nginx and Let's Encrypt SSL on Ubuntu 22.04

WordPress CMS is a free, open-source content management system that allows users to create and manage websites easily. It's known for its flexibility, user-friendly interface, and vast plugin and theme library, making it ideal for both beginners and professionals.

WordPress makes it easy to create and maintain websites and blogs. Due to its popularity, more than a third of websites today are powered by WordPress. It is written in PHP and uses MariaDB and MySQL as a database backend.

In this tutorial, we will show you how to install WordPress with Nginx and a free Let's Encrypt SSL certificate on Ubuntu 22.04.

Prerequisites

  • A server running Ubuntu 22.04.
  • A valid domain name is pointed with your server IP.
  • A root password is configured on the server.

Install Nginx, MariaDB, and PHP

Before starting, the LEMP server must be installed on your server. If not installed, you can install it by running the following command:

apt install nginx mariadb-server php php-fpm php-curl php-mysql php-gd php-mbstring php-xml php-imagick php-zip php-xmlrpc -y

Once the LEMP server is installed, verify the PHP version using the following command:

php -v

You will get the PHP version in the following output:

PHP 8.1.2 (cli) (built: Apr  7 2022 17:46:26) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.2, Copyright (c) Zend Technologies
    with Zend OPcache v8.1.2, Copyright (c), by Zend Technologies

Next, edit the PHP configuration file and tweak some default settings:

nano /etc/php/8.1/fpm/php.ini

Change the following lines:

cgi.fix_pathinfo=0
upload_max_filesize = 128M
post_max_size = 128M
memory_limit = 512M
max_execution_time = 120

Save and close the file when you are finished.

Create a Database for WordPress

WordPress uses a database to store its content. So you will need to create a database and user for WordPress.

First, log in to the MariaDB shell with the following command:

mysql

Once you are logged in, create a database and user with the following command:

MariaDB [(none)]> CREATE DATABASE wpdb;
MariaDB [(none)]> CREATE USER 'wpuser'@'localhost' IDENTIFIED BY 'securepasssword';

Next, grant all the privileges to the WordPress database using the following command:

MariaDB [(none)]> GRANT ALL ON wpdb.* TO 'wpuser'@'localhost';

Next, flush the privileges and exit from the MariaDB with the following command:

MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> EXIT;

Once you are finished, you can proceed to the next step.

Install WordPress on Ubuntu 22.04

First, navigate to the Nginx web root directory and download the latest version of WordPress using the following command:

cd /var/www/html
wget https://wordpress.org/latest.tar.gz

Once the WordPress is downloaded, extract the downloaded file with the following command:

tar -zxvf latest.tar.gz

Next, rename the WordPress sample configuration file.

mv /var/www/html/wordpress/wp-config-sample.php /var/www/html/wordpress/wp-config.php

Next, edit the WordPress configuration file and define your database settings:

nano /var/www/html/wordpress/wp-config.php

Define your database settings as shown below:

define( 'DB_NAME', 'wpdb' );

/** Database username */
define( 'DB_USER', 'wpuser' );

/** Database password */
define( 'DB_PASSWORD', 'securepasssword' );

/** Database hostname */
define( 'DB_HOST', 'localhost' );

For security reasons, you will also need to update the security keys in your wp-config file. First, go here to generate them. Then, add it as shown below:

define('AUTH_KEY',         'Y$I,-gafVeR>Z-8qy&jQ62L}{R)e|lK/#RBh.Y#f+p-P*.8,,hP-iX[q3*tVP-fu');
define('SECURE_AUTH_KEY',  'D)k6o`D G%<()-zXP5{T{v2)Zgo-c+8T-Un=+R3%n/X2=MLDb5$O]UHA%gK| .WR');
define('LOGGED_IN_KEY',    'eL|5#`ul|;MrKm#q$KVl/ky(i}Jc;xrH(Eb|Hwzb/?-.RLSUSX2X[4HD:U:UOP:Y');
define('NONCE_KEY',        ']azQ+9f^#~l*r>uPMH5H>ck:?az4o[)*Txo:+MGjE5f&0kag3O9m85g3~VJ6YVWE');
define('AUTH_SALT',        'fAM5&`m4X+{+wSsF.!}-/8@Ce~~u%>}la1bCC,@#+R*t]uYf?[hph/>!Bw>v#oaQ');
define('SECURE_AUTH_SALT', '}|Z&dj_tFV2T$7y(O#O|bwwQ$sH6t!-zdE.MlOHLZ>4WDqG:_Qzn#Allm-UO1#7P');
define('LOGGED_IN_SALT',   'b9Uf~**E_xt@{KWknsAL^9D7Ix3CO.+PpFF~btd)-pG~pXPQ,[c&WRE-NgLG9~)|');
define('NONCE_SALT',       '}mTUi&.#i+YJT-TSrbIwqWO<]ut3K%CS~7g.} *NztVlgZDr`?>wxJ+_VW-D_zif');

Save and close the file when you are finished. Next, set proper permission and ownership to the WordPress directory:

chown -R www-data:www-data /var/www/html/wordpress
chmod -R 755 /var/www/html/wordpress

Create an Nginx Virtual Host for WordPress

Next, you will need to create an Nginx virtual host configuration file to serve WordPress over the internet.

nano /etc/nginx/conf.d/wordpress.conf

Add the following configuration:

server {
    listen 80;
    root /var/www/html/wordpress;
    index  index.php index.html index.htm;
    server_name  wordpress.example.com;

    client_max_body_size 500M;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }
	
    location = /favicon.ico {
        log_not_found off;
        access_log off;
    }

    location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
        expires max;
        log_not_found off;
    }	

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }	

    location ~ \.php$ {
         include snippets/fastcgi-php.conf;
         fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
         include fastcgi_params;
    }
}

Save and close the file then verify the Nginx configuration using the following command:

nginx -t

You will get the following output:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Next, restart the Nginx and PHP-FPM services to apply the changes.

systemctl restart nginx
systemctl restart php8.1-fpm

You can also check the status of the Nginx using the following command:

systemctl status nginx

You will get the following output:

? nginx.service - A high performance web server and a reverse proxy server
     Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2022-05-05 11:36:28 UTC; 10s ago
       Docs: man:nginx(8)
    Process: 16880 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
    Process: 16882 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
   Main PID: 16883 (nginx)
      Tasks: 3 (limit: 4630)
     Memory: 3.4M
        CPU: 49ms
     CGroup: /system.slice/nginx.service
             ??16883 "nginx: master process /usr/sbin/nginx -g daemon on; master_process on;"
             ??16884 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
             ??16885 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""

May 05 11:36:28 ubuntu2204 systemd[1]: Starting A high performance web server and a reverse proxy server...
May 05 11:36:28 ubuntu2204 systemd[1]: Started A high performance web server and a reverse proxy server.

Complete WordPress Web Installation

Now, open your web browser and access the WordPress installation wizard using the URL http://wordpress.example.com. You will be redirected to the following page:

Choose language

Select your language and click on the Continue button. You should see the WordPress Site configuration page:

Site settings

Provide your website name, admin username, password, email, and click on the Install WordPress button. Once the WordPress is installed, you should see the following page:

WordPress Installation successful

Click on the Log in button. You should see the WordPress login page:

Login as admin

Provide your admin username, password, and click on the Login button. You should see the WordPress dashboard on the following page:

WordPress admin dashboard

Enable HTTPS on WordPress

To enable HTTPS on your site, you will need to install the Certbot Let's Encrypt client to your system. You can install it by running the following command:

apt-get install python3-certbot-nginx -y

Once the Certbot client is installed, run the following command to enable the HTTPS on your website:

certbot --nginx -d wordpress.example.com

You will be asked to provide a valid email address and accept the term of service as shown below:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): [email protected]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for wordpress.example.com
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/nginx/conf.d/wordpress.conf

Next, choose whether or not to redirect HTTP traffic to HTTPS as shown below:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

Type 2 and hit Enter to finish the installation. You should see the following output:

Redirecting all traffic on port 80 to ssl in /etc/nginx/conf.d/wordpress.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://wordpress.example.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=wordpress.example.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/wordpress.example.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/wordpress.example.com/privkey.pem
   Your cert will expire on 2023-02-08. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

 - We were unable to subscribe you the EFF mailing list because your
   e-mail address appears to be invalid. You can try again later by
   visiting https://act.eff.org.

Conclusion

Congratulations! You have successfully installed WordPress with Nginx and Let's Encrypt SSL on Ubuntu 22.04. You can now install your preferred themes and plugins and start building your own website.

Share this page:

0 Comment(s)