How to Install Wordpress on Ubuntu Server 18.04

How to Host Your Own Wordpress Site with Ubuntu 18.04

Wordpress is, without question, the most widely-used blogging platform on the planet. But the tool can be used for much more than just blogging. With the right addition of extensions, you can morph Wordpress into an e-commerce site, a multimedia site, and much more.

If you happen to have a server of your own, you can host a Wordpress installation, without having to turn to a third party. And that is exactly what we’re going to do here. In this tutorial, you will learn how to install the necessary components as well as the Wordpress platform on Ubuntu Server 18.04. This will only assume one thing: That you have Ubuntu Server up and running.

Binary number code with network.
Yuichiro Chino / Getty Images


The first thing to do is to get our LAMP (Linux Apache MySQL PHP) server up and running. Since Ubuntu is already there, all that needs to be done is install the secondary components. Because we’re using Ubuntu, this can be done with a single command. However, before we do that, we want to make sure our server is up to date. Open a terminal window and issue the following commands:

sudo apt-get update
sudo apt-get upgrade

Should the kernel get upgraded in the process, a reboot will be necessary. If that’s the case, the server will need to be restarted (so the changes will take effect). This means you should run the update/upgrade at a time when a reboot is viable.

With the update/upgrade out of the way, it’s time to install the web/database servers and PHP. This can be done with a single command:

sudo apt install apache2 php mariadb-server

During the installation, you will be prompted to create/verify a password for the MySQL admin user. When the process completes, you can point a browser to http://SERVER_IP (Where SERVER_IP is the IP address of your Ubuntu Server) to see the Apache welcome screen.

Next we have to install a few necessary PHP extensions. This can be done with the command:

sudo apt install php-curl php-gd php-mbstring php-xml php-xmlrpc php-soap php-intl php-zip

Enabling SSL

Before we get into the configuration of Apache and the installation of Wordpress, we’re going to prepare our server to use SSL (Secure Sockets Layer), which are various web protocols that work together to wrap normal HTTP traffic in a protected, encrypted wrapper. So HTTP becomes HTTPS. As I am only setting up a testing server, I’ll be creating a self-signed SSL certificate for an IP address. To do this, follow these steps.

Generate the SSL certificate with the following command:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/apache-selfsigned.key -out /etc/ssl/certs/apache-selfsigned.crt

When you run that command, you’ll be required to answer the following questions:

Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company)[]
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:
Email Address []:

It is important, for the self-signed certificate, that you enter the IP address of your server for the Common Name entry.

Next we configure Apache to use SSL. Create a new file with the command:

sudo nano /etc/apache2/conf-available/ssl-params.conf

In that new file, paste the following:

SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
# Disable preloading HSTS for now. You can use the commented out header line that includes
# the "preload" directive if you understand the implications.
# Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
# Requires Apache >= 2.4
SSLCompression off
SSLUseStapling on
SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
# Requires Apache >= 2.4.11
SSLSessionTickets Off

Now we’re going to create a new default-ssl.conf file. Before we do that, backup the original with the command:

sudo cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/default-ssl.conf.bak

Create the new file with the command:

sudo nano /etc/apache2/sites-available/default-ssl.conf

In that new file, paste the following:

ServerAdmin YOUR_EMAIL
ServerName SERVER_IP
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile     /etc/ssl/certs/apache-selfsigned.crt
SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key

SSLOptions +StdEnvVars

SSLOptions +StdEnvVars

Save and close that file.

Now we’re going to set up a redirect so that all HTTP traffic is automatically redirected to HTTPS. To do this, create a new file with the command:

sudo nano /etc/apache2/sites-available/000-default.conf

In that file, add the following line under the DocumentRoot entry:

Redirect “/” “https://SERVER_IP/”

Where SERVER_IP is the IP address of your server.

Save and close that file.

Next we need to enable a few modules and hosts with the commands:

sudo a2enmod ssl
sudo a2enmod headers
sudo a2ensite default-ssl
sudo a2enconf ssl-params

Finally, restart Apache with the command:

sudo systemctl restart apache2

You should now be able to point your browser to https://SERVER_IP (Where SERVER_IP is the IP address of your server) and still see the Apache Welcome Screen.

The Database

Before you start setting up your database, you should use MariaDB/MySQL's built-in function to secure your new installation. Run the command, and accept the defaults to secure your database. When asked, set up a secure password for database's root user.

sudo mysql_secure_installation

Once that's complete, you're ready to start working with MariaDB using the "mysql" command

Wordpress depends upon a database to function. To create that, you first must log into the MySQL prompt with the command:

sudo mysql -u root -p

You will be prompted for the MySQL admin user password you created during the LAMP server installation. At the MySQL prompt, create the database with the command:


Next, create a new user and grant that user permission to access the database with the command:

GRANT ALL ON wordpress.* TO 'wordpressuser'@'localhost' IDENTIFIED BY 'PASSWORD';

Where PASSWORD is a unique, strong password.

Flush the database privileges and exit with the commands:


Allow .htaccess and Enable the Rewrite Module

We need to enable .htaccess for Wordpress. To do this, create a new Apache configuration file with the command:

sudo nano /etc/apache2/sites-available/wordpress.conf

In that file paste the following:

AllowOverride All

Enable the rewrite module with the command:

sudo a2enmod rewrite

Restart Apache with the command:

sudo systemctl restart apache2

Download, Unpack, and Prepare Wordpress

We’re going to download the official Wordpress file with the following commands:

cd /tmp
curl -O

Unpack Wordpress with the command:

tar xvzf latest.tar.gz

Create a dummy .htaccess file with the command:

touch /tmp/wordpress/.htaccess

Copy the sample configuration file to the necessary config file with the command:

cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php

Create an upgrade directory (to avoid permissions issues) with the command:

mkdir /tmp/wordpress/wp-content/upgrade

Copy the contents of the wordpress directory into the document root with the command:

sudo cp -a /tmp/wordpress/. /var/www/html/wordpress

Finally, adjust the ownership and permissions of the newly moved wordpress directory with the commands:

sudo chown -R www-data:www-data /var/www/wordpress
sudo find /var/www/wordpress/ -type d -exec chmod 750 {} \;
sudo find /var/www/wordpress/ -type f -exec chmod 640 {} \;

Configuring Wordpress

This section gets a bit complicated. The wp-config.php file needs to be edited, but before that can be done, you must download unique secret keys to be added to the config file. To get those keys, visit the online generator from the WordPress developers.

This will output a number of long strings, each associated with a specific configuration option. Each string is associated with the following values in the configuration file:


Copy those values into another file. Next open the Wordpress configuration file with the command:

sudo nano /var/www/wordpress/wp-config.php

Locate the values above and paste the secret key for each. After that, scroll up and edit the values for:


The above values were created earlier (with MySQL).

Save and close that file.

Complete the Installation

The Wordpress Web-Based Installer.

You can now point your browser to https://SERVER_IP/wordpress and walk through the web-based installer to complete the installation. After a couple of clicks and a bit of typing, your instance of Wordpress will be up and running.

Was this page helpful?