A comprehensive, beginner-friendly guide to installing WordPress on Ubuntu with Apache web server and free SSL certificate from Let's Encrypt.
- Overview
- Features
- Prerequisites
- Installation Steps
- SSL Configuration
- Post-Installation
- Troubleshooting
- Security Best Practices
- Contributing
- License
- Support
This repository contains a complete, step-by-step tutorial for installing WordPress on an Ubuntu server with Apache, MySQL, PHP (LAMP stack), and securing it with a free SSL certificate from Let's Encrypt.
Perfect for:
- Bloggers starting their first website
- Developers learning WordPress deployment
- System administrators managing WordPress servers
- Anyone wanting to host WordPress on their own server
- ✅ Complete LAMP Stack Setup - Apache, MySQL, PHP installation
- ✅ Latest WordPress - Direct installation from WordPress.org
- ✅ Free SSL Certificate - Automatic HTTPS with Let's Encrypt
- ✅ Security Hardening - Best practices included
- ✅ Error-Free Installation - Common pitfalls addressed
- ✅ Beginner Friendly - Clear explanations for every step
- ✅ Production Ready - Optimized for real-world deployment
Before you begin, ensure you have:
| Requirement | Description |
|---|---|
| Server | Ubuntu 18.04, 20.04, 22.04, or 24.04 LTS |
| Access | Root or sudo privileges |
| RAM | Minimum 1GB (2GB+ recommended) |
| Storage | At least 10GB free disk space |
| Domain | A domain name (for SSL certificate) |
| Ports | Port 80 and 443 open on firewall |
- Ubuntu 24.04 LTS (Noble Numbat)
- Ubuntu 22.04 LTS (Jammy Jellyfish) ⭐ Recommended
- Ubuntu 20.04 LTS (Focal Fossa)
- Ubuntu 18.04 LTS (Bionic Beaver)
sudo apt updateInstall Apache, MySQL, PHP and required extensions:
sudo apt install apache2 \
ghostscript \
libapache2-mod-php \
mysql-server \
php \
php-bcmath \
php-curl \
php-imagick \
php-intl \
php-json \
php-mbstring \
php-mysql \
php-xml \
php-zipsudo mkdir -p /srv/www
sudo chown www-data: /srv/www
curl https://wordpress.org/latest.tar.gz | sudo -u www-data tar zx -C /srv/wwwCreate virtual host configuration:
sudo nano /etc/apache2/sites-available/wordpress.confAdd the following configuration:
<VirtualHost *:80>
ServerName yourwebsite.com
ServerAlias www.yourwebsite.com
DocumentRoot /srv/www/wordpress
<Directory /srv/www/wordpress>
Options FollowSymLinks
AllowOverride Limit Options FileInfo
DirectoryIndex index.php
Require all granted
</Directory>
<Directory /srv/www/wordpress/wp-content>
Options FollowSymLinks
Require all granted
</Directory>
</VirtualHost>Enable the site:
sudo a2ensite wordpress
sudo a2enmod rewrite
sudo a2dissite 000-default
sudo service apache2 reloadsudo mysql -u rootRun these commands in MySQL:
CREATE DATABASE wordpress;
CREATE USER wordpress@localhost IDENTIFIED BY 'your_secure_password';
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER ON wordpress.* TO wordpress@localhost;
FLUSH PRIVILEGES;
quitsudo -u www-data cp /srv/www/wordpress/wp-config-sample.php /srv/www/wordpress/wp-config.php
sudo -u www-data sed -i 's/database_name_here/wordpress/' /srv/www/wordpress/wp-config.php
sudo -u www-data sed -i 's/username_here/wordpress/' /srv/www/wordpress/wp-config.php
sudo -u www-data sed -i 's/password_here/your_secure_password/' /srv/www/wordpress/wp-config.phpAdd security keys:
sudo -u www-data nano /srv/www/wordpress/wp-config.phpReplace the salt keys with new ones from: https://api.wordpress.org/secret-key/1.1/salt/
Visit http://your-server-ip in your browser and follow the WordPress installation wizard.
sudo apt install certbot python3-certbot-apacheReplace yourwebsite.com with your actual domain:
sudo certbot --apache -d yourwebsite.com -d www.yourwebsite.comFollow the prompts:
- Enter your email address
- Agree to terms of service
- Choose to redirect HTTP to HTTPS (option 2)
sudo certbot renew --dry-runAfter SSL installation:
- Go to
https://yourwebsite.com/wp-admin - Navigate to Settings → General
- Update both URLs to use
https:// - Save changes
- Install a security plugin (Wordfence, Sucuri)
- Install a backup plugin (UpdraftPlus, BackWPup)
- Set up caching (WP Super Cache, W3 Total Cache)
- Install Yoast SEO or Rank Math
- Configure permalinks (Settings → Permalinks → Post name)
- Create essential pages (About, Contact, Privacy Policy)
- Choose and install a theme
- Remove unused themes and plugins
| Plugin | Purpose | Free |
|---|---|---|
| Wordfence Security | Security & Firewall | ✅ |
| UpdraftPlus | Backup & Restore | ✅ |
| Yoast SEO | SEO Optimization | ✅ |
| WP Super Cache | Performance | ✅ |
| Contact Form 7 | Contact Forms | ✅ |
| Akismet | Spam Protection | ✅ |
Solution:
# Check database credentials in wp-config.php
sudo nano /srv/www/wordpress/wp-config.php
# Verify MySQL is running
sudo systemctl status mysql
# Restart MySQL
sudo systemctl restart mysqlSolution:
sudo chown -R www-data:www-data /srv/www/wordpress
sudo chmod -R 755 /srv/www/wordpressSolution:
sudo mkdir -p /srv/www/wordpress/wp-content/uploads
sudo chown -R www-data:www-data /srv/www/wordpress/wp-content/uploads
sudo chmod -R 755 /srv/www/wordpress/wp-content/uploadsSolution:
# Check firewall
sudo ufw status
sudo ufw allow 80
sudo ufw allow 443
# Verify DNS
dig yourwebsite.com
# Check Apache configuration
sudo apache2ctl configtest# Update WordPress core, plugins, and themes regularly
# Enable automatic updates in wp-config.phpAdd to wp-config.php:
define('WP_AUTO_UPDATE_CORE', true);Add to wp-config.php:
define('DISALLOW_FILE_EDIT', true);Edit wp-config.php and change:
$table_prefix = 'wp_';To something unique:
$table_prefix = 'xyz_';Install a plugin like:
- Limit Login Attempts Reloaded
- WPS Limit Login
- Minimum 12 characters
- Mix of uppercase, lowercase, numbers, symbols
- Use a password manager
Install plugins like:
- Two Factor Authentication
- Google Authenticator
# Automate backups with UpdraftPlus or similar
# Store backups off-site (Google Drive, Dropbox, S3)- Install Wordfence and Solid WP
- Enable email notifications
- Review security logs weekly
- WordPress Official Documentation
- WordPress Codex
- WordPress Support Forums
- Let's Encrypt Documentation
- Apache Documentation
Contributions are welcome! Here's how you can help:
- Fork the repository
- Create a feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
- 📝 Improve documentation
- 🐛 Report bugs
- 💡 Suggest new features
- 🌐 Add translations
- 🎨 Improve formatting
- ✅ Add more troubleshooting tips
This project is licensed under the MIT License - see the LICENSE file for details.
Need help? Here's how to get support:
- 📧 Email: khanhkharis1@gmail.com
If this guide helped you, please consider:
- ⭐ Starring this repository
- 🐦 Sharing on social media
- 📝 Writing a blog post about your experience
Muhammad Haris
- Website: aws.codebyharris.com
- GitHub: @Muhammadg
- Twitter: @HARISKHANHK9
- LinkedIn: Muhammad Haris
- WordPress.org for the amazing CMS
- Let's Encrypt for free SSL certificates
- Ubuntu and Apache communities
- All contributors who helped improve this guide
Made with ❤️ by Muhammad Haris
⭐ Star this repository if you found it helpful!