WordPress is the most popular CMS (content management system) on the internet. It allows you to easily set up flexible blogs and websites on top of a MySQL backend with PHP processing. WordPress has seen incredible adoption and is a great choice for getting a website up and running quickly. After setup, almost all administration can be done through the web frontend.

In this guide, we'll focus on getting a WordPress instance set up on a LAMP stack (Linux, Apache, MySQL, and PHP) on an Ubuntu 18.04 server.


To complete this tutorial, you’ll need:

Step 1 - Creating a MySQL Database and User for WordPress

You already have MySQL installed, but you have to create a database and user for WordPress to use.

The first step is to log into the MySQL root account with this command:


mysql -u root -p

Create a database for WordPress by entering the command:


mysql> CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;

Now, to create an account, set a password, and give access to the database, use the following command:


mysql> GRANT ALL ON wordpress.* TO 'wordpressuser'@'localhost' IDENTIFIED BY 'password';

With the database created specifically for WordPress, you’ll have to flush the privileges so that the MySQL instance knows about the recent changes you’ve made:



Quit MySQL:



Step 2 - Installing Additional PHP Extensions

You can download and install some popular PHP extensions to use with WordPress with the following commands:


sudo apt update

sudo apt install php-curl php-gd php-mbstring php-xml php-xmlrpc php-soap php-intl php-zip

Now restart Apache to load the extensions in the next section:


sudo systemctl restart apache2

Step 3 - Adjust Apache’s Configuration to Allow for .htaccess Overrides and Rewrites

This step consists in making some adjustments to your Apache configuration. Naturally you should have a configuration file for your website in the /etc/apache2/sites-available/ directory. Create your own and substitute when following this step.

Also, don’t forget to create a root directory to WordPress install.

Enabling .htaccess Overrides

The use of .htaccess files will be disabled, which needs to be changed once WordPress and some plugins will use these files for in-directory tweaks to the web server’s behavior.

First, open the Apache settings file for your site:


sudo nano /etc/apache2/sites-available/wordpress.conf

You’ll need to set the AllowOverride directive within a Directory block pointing to your document root to allow the access we need. Put the following text inside the VirtualHost block in the settings file, ensuring to use the correct web root directory:


<Directory /var/www/wordpress/> AllowOverride All </Directory>

After that, just save and quit the file.

Enabling the Rewrite Module

To enable mod_rewrite and enable the utilization of WordPress permalink feature, use the following command:


sudo a2enmod rewrite

Enabling the Changes

Before implementing the changes, ensure that there are no mistakes by checking what you’ve done:


sudo apache2ctl configtest

The output should show a message like this:


AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using Set the 'ServerName' directive globally to suppress this message Syntax OK

If you want to suppress the top line, just add a ServerName directive to your main Apache configuration file at /etc/apache2/apache2.conf. This is just a message however and doesn't affect the functionality of our site. As long as the output contains Syntax OK, you are ready to continue. Next, restart Apache to implement the changes:


sudo systemctl restart apache2

Step 4 - Download WordPress

Now that you have your server configured, you shall download and set up WordPress. It is recommended to get the latest version of WordPress from their site for security reasons. Change into a writable directory and then download the compressed release by issuing:


cd /tmp


curl -O

Extract the compressed file to create the WordPress directory structure:


tar xzvf latest.tar.gz

You will be moving these files into our document root momentarily. Before you do, you can add a dummy .htaccess file so that this will be available for WordPress to use later. Create the file:


touch /tmp/wordpress/.htaccess

Also, copy over the sample configuration file to the filename that WordPress actually reads:


cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php

You can also create the upgrade directory, so that WordPress won't run into permissions issues when trying to do this on its own following an update to its software:


mkdir /tmp/wordpress/wp-content/upgrade

You can copy the entire contents of the directory into our document root. We are using a dot at the end of our source directory to indicate that everything within the directory should be copied, including hidden files (like the .htaccess file you created):


sudo cp -a /tmp/wordpress/. /var/www/wordpress

Step 5 - Configuring the WordPress Directory

Next step is to make some adjustments in your WordPress directory.

Adjusting the Ownership and Permissions

You can start by giving all files’ permissions and ownership to the www-data user and group. This is the user that Apache runs, and it will need to have permission to read and write WordPress files in order to serve the website and perform automatic updates.

Update the ownership with chown:


sudo chown -R www-data:www-data /var/www/wordpress

Next we will run two find commands to set the correct permissions on the WordPress directories and files:


sudo find /var/www/wordpress/ -type d -exec chmod 750 {} ;

sudo find /var/www/wordpress/ -type f -exec chmod 640 {} ;

These should be a reasonable permissions set to start with. Some plugins and procedures might require additional tweaks.

Setting up the WordPress Configuration File

It’s also necessary to make some changes to the main WordPress configuration file.

When you open the file, the first order of business will be to adjust some secret keys to secure the installation. WordPress provides a secure generator for such values so that you won’t have to try to come up with values on your own.

To grab secure values from the WordPress secret key generator, type:


curl -s

You will get back unique values that look something like this:

Attention! It is important that you request unique values each time. Do NOT copy the values shown below!


define('AUTH_KEY', '1jl/vqfs<XhdXoAPz9 ``DO NOT COPY THESE VALUES ``c_j{iwqD^<+c9.k<J@4H');

define('SECURE_AUTH_KEY', 'E2N-h2]Dcvp+aS/p7X ``DO NOT COPY THESE VALUES`` {Ka(f;rv?Pxf})CgLi-3');

define('LOGGED_IN_KEY', 'W(50,{W^,OPB%PB<JF ``DO NOT COPY THESE VALUES ``2;y&,2m%3]R6DUth[;88');

define('NONCE_KEY', 'll,4UC)7ua+8<!4VM+ DO NOT COPY THESE VALUES #`DXF+[$atzM7 o^-C7g');

define('AUTH_SALT', 'koMrurzOA+|L_lG}kf DO NOT COPY THESE VALUES 07VCLjlD&?3w!BT#-');

define('SECURE_AUTH_SALT', 'p32*p,]z%LZ+pAu:VY DO NOT COPY THESE VALUES C-?y+K0DK_+F|0h{!_xY');

define('LOGGED_IN_SALT', 'i^/G2W7!-1H2OQ+t$3 DO NOT COPY THESE VALUES t6**bRVFSD[Hi])-qS`|');

define('NONCE_SALT', 'Q6]U:K?j4L%Z]}h^q7 DO NOT COPY THESE VALUES 1% ^qUswWgn+6&xqHN&%');

These are configuration lines that you can paste directly in our configuration file to set secure keys. Copy the output you received now. Now, open the WordPress configuration file:


sudo nano /var/www/wordpress/wp-config.php

Find the section that contains the dummy values for those settings. It will look something like this:


. . .

define('AUTH_KEY', 'put your unique phrase here'); define('SECURE_AUTH_KEY', 'put your unique phrase here'); define('LOGGED_IN_KEY', 'put your unique phrase here'); define('NONCE_KEY', 'put your unique phrase here'); define('AUTH_SALT', 'put your unique phrase here'); define('SECURE_AUTH_SALT', 'put your unique phrase here'); define('LOGGED_IN_SALT', 'put your unique phrase here'); define('NONCE_SALT', 'put your unique phrase here');

. . .

Delete those lines and paste in the values you copied from the command line:


. . .


. . .

Next, it’s necessary to modify some of the database connection settings at the beginning of the file. You need to adjust the database name, the database user, and the associated password that we configured within MySQL.

The other change you need to make is to set the method that WordPress should use to write to the filesystem. Since you’ve given the web server permission to write where it needs to, you can explicitly set the filesystem method to "direct". Failure to set this with your current settings would result in WordPress prompting for FTP credentials when you perform some actions.

This setting can be added below the database connection settings, or anywhere else in the file:


. . .

define('DB_NAME', 'wordpress');

/** MySQL database username */ define('DB_USER', 'wordpressuser');

/** MySQL database password */ define('DB_PASSWORD', 'password');

. . .

define('FS_METHOD', 'direct');

Save and close the file when you are finished

Step 6 - Completing the Installation Through the Web Interface

After the server configuration is complete, it’s time to finish the installation through the web interface. In your web browser, navigate to your server's domain name or public IP address:


Select the language you would like to use: Language Select

Next, you will come to the main setup page.

Select a name for your WordPress site and choose a username (it is recommended to choose something robust for security purposes). A strong password is generated automatically. Save this password or select an alternative strong password.

Enter your email address and select whether you want to discourage search engines from indexing your site: wordpress_setup

When you click ahead, you will be taken to a page that prompts you to log in:


Next, you will be taken to the WordPress administration dashboard:

Wordpress Dashboard


If you got here, you might have installed your WordPress and it’s ready to be used! If you have any question about this tutorial, leave it in the comment area below.

Read more about: Operating SystemUbuntu