Sujay Kundu

Sujay Kundu

Sujay Kundu is a Certified Web developer and Digital Marketing Expert. He is currently working as Nodejs Developer at Katerra. Know more about him..

Setup Wordpress in Digital Ocean using Ubuntu 18.04 LTS Droplet

Posted on July 1, 2020

This tutorial will help you install wordpress in Ubuntu 18.04 LTS Digital Ocean Droplet using LAMP Stack. If you want to install using LEMP Stack, checkout this tutorial :

  1. Creating droplet
  2. creating a sudo user
  3. Installing LAMP Stack

1. creating droplet

  1. Setup droplet for your project in Digital Ocean ,
  2. Choose an image , In my case I chose Ubuntu 18.04 LTS
  3. Choose a plan, - Starter ($ 5 per month)
  4. Choose a datacenter region :

In my case, I chose Bangalore region

  1. Name or modify the droplet name.

you can change the droplet name to something like yourapp-ubuntu-18-1gb, just for remembering

  1. Accessing the server using SSH and doing Inital Server setup. Open command prompt or bash and type:
$ ssh root@your_server_ip_address

replace yourserverip_address with the droplet ip address, and enter password to get access, if it asks to verify. say yes !

Once you are in, we need to follow some steps to setup some security for our Ubuntu 18.04 server. You can follow the recommended tutorial here : How to perform initial server setup with ubuntu 18.04 - here

2. Creating new user :

Lets create a new user, which we will be using in future for login purposes. Since we are already using root, we dont have to use sudo :

  • Create a new user
$ adduser sujay

Then it will ask some questions regarding the user like name, address, Just confirm and continue setting up a strong password for this user. (which you will remember easily for logging in).

  • Showing all users

Once you have created new user, you can check the user using the below command.

$ awk -F':' '$2 ~ "\$" {print $1}' /etc/shadow

It should show your newly created user, in my case sujay

you can checkout this article, if you want to checkout more on how to handle user accounts. - Managing user accounts in ubuntu 18.04 - here

Granting sudo rights to our user:

we need to grant administrator rights to our newly created user, to do that we need to add our user to sudo group, which provides adminstrator access to the user when used with the word sudo.

$ usermod -aG sudo sujay

Now exit/close the current root session and try logging using the new user

$ ssh sujay@your_ip_address

Now, when logged in as your regular user, you can type sudo before commands to perform actions with superuser privileges.

Setup Firewall

$ sudo ufw app list

It will show up list of available applications:

sudo ufw allow OpenSSH

3. Installing LAMP Stack

3.1. Installing Apache

Install Apache using Ubuntu’s package manager, apt:

$ sudo apt update
$ sudo apt install apache2

After install of apache lets setup firewall :

$ sudo ufw app list
$ sudo ufw allow in "Apache Full"
$ sudo ufw enable
$ sudo ufw status

Now if you go to http://your_server_ip_address you should see apaches default page stating it works, If you see this page, then your web server is now correctly installed and accessible through your firewall.

Finding servers IP Address:

$ ip addr show eth0 | grep inet | awk '{ print $2; }' | sed 's/\/.*$//'

This will give you the ip address, or you can also try using another method - Using CURL :

$ sudo apt install curl


3.2. Installing MySQL

$ sudo apt install mysql-server

Once done, proceed with the installation

$ sudo mysql_secure_installation

3.3 Installing PHP

sudo apt install php libapache2-mod-php php-mysql

Tell apache to serve for index.php instead of index.html, Open the dir.conf

sudo nano /etc/apache2/mods-enabled/dir.conf

It will look like this: /etc/apache2/mods-enabled/dir.conf

<IfModule mod_dir.c>
    DirectoryIndex index.html index.cgi index.php index.xhtml index.htm

Move the PHP index file (highlighted above) to the first position after the DirectoryIndex specification, like this:


<IfModule mod_dir.c>
    DirectoryIndex index.php index.html index.cgi index.xhtml index.htm

When you are finished, save and close the file by pressing CTRL+X. Confirm the save by typing Y and then hit ENTER to verify the file save location.

$ sudo systemctl restart apache2
$ sudo systemctl status apache2

7. Connecting Domain to Droplet and setting up virtual host (DNS configuration)

8. Setup SSL using Apache and Letsencrypt

8.1 Install certbot

$ sudo add-apt-repository ppa:certbot/certbot

Hit Enter to update repository

8.2 Install Certbot’s Apache package with apt:

$ sudo apt install python-certbot-apache

Certbot is now ready to use, but in order for it to configure SSL for Apache, we need to verify some of Apache’s configuration.

8.3 Installing SSL Certificate

First lets check if our apache configurations for our site that we created in step 7. /etc/apache2/sites-available/your-site.conf

If it doesn’t, update it to match. Then save the file, quit your editor, and verify the syntax of your configuration edits:

sudo apache2ctl configtest

If you get any error, open the config and check for any errors and try to fix them. Reload Apache.

sudo nano /etc/apache2/sites-available/your-site.conf
sudo systemctl reload apache2

If you get syntax OK, then proceed

8.4 Allow HTTPS through the firewall

$ sudo ufw status

It should show something like this :

Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere
Apache Full                ALLOW       Anywhere
OpenSSH (v6)               ALLOW       Anywhere (v6)
Apache Full (v6)           ALLOW       Anywhere (v6)

This is correct.

But, If the status in your case shows something like this :

Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere
Apache                     ALLOW       Anywhere
OpenSSH (v6)               ALLOW       Anywhere (v6)
Apache (v6)                ALLOW       Anywhere (v6)

Otherwise to additionally let in HTTPs traffic, allow the Apache Full profile and delete the redundant Apache profile allowance:

$ sudo ufw allow 'Apache Full'
$ sudo ufw delete allow 'Apache'

8.5 - Obtaining an SSL Certificate

$ sudo certbot

It will ask for email address and accept the terms

Then it will ask for

 which domains would you like to activate HTTPS for ?

Enter 1,2

Once certificate is deployed, it will ask :

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel):

Enter 2

Now if you reload the site using HTTPS, you should see the lock sign with ssl certificate installed.

For auto-renewal of certificates:

$ sudo certbot renew --dry-run

You can take regular backup of your letsencrypt ssls and configurations available at /etc/letsencrypt. It will contain certificates and private keys obtained by Certbot.

9. Install phpMyAdmin

It is import to run phpMyAdmin using https, so please follow the previous steps for security.

$ sudo apt install phpmyadmin php-mbstring php-gettext

For the server selection, choose apache2 . Press Space to select apache2 and Tab to go to Ok and Enter

Select Yes when asked whether to use dbconfig-common to set up the database

You will then be asked to choose and confirm a MySQL application password for phpMyAdmin

The installation process adds the phpMyAdmin Apache configuration file into the /etc/apache2/conf-enabled/ directory, where it is read automatically. The only thing you need to do is explicitly enable the mbstring PHP extension, which you can do by typing:

$ sudo phpenmod mbstring
$ sudo systemctl restart apache2

Secure phpmyadmin installation :

Uninstalling phpmyadmin :

6. Install Wordpress

Create a mysql database for wordpress:

mysql -u root -p
mysql > CREATE DATABASE zlancers_wp DEFAULT CHARACHTER SET utf8 COLLATE utf8_general_ci;
mysql > GRANT ALL ON zlancers_wp.* TO 'your_usernamw'@'localhost' IDENTIFIED BY 'your_password';
mysql > EXIT;

Install wordpress required PHP Packages:

$ sudo apt update
$ sudo apt install php-curl php-gd php-mbstring php-xml php-xmlrpc php-soap php-intl php-zip

Download wordpress

$ cd /tmp
$ curl -O

Extract the compressed file to create the WordPress directory structure:

$ tar xzvf latest.tar.gz

We will be moving these files into our document root momentarily. Before we do, we can add a dummy .htaccess file so that this will be available for WordPress to use later.

Create the file by typing:

$ touch /tmp/wordpress/.htaccess

We’ll also copy over the sample configuration file to the filename that WordPress actually reads:

$ cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php

We can also create the upgrade directory, so that WordPress won’t run into permissions issues when trying to do this on its own following an update to its software:

$ mkdir /tmp/wordpress/wp-content/upgrade

Now, we can copy the entire contents of the directory into our document root. We are using a dot at the end of our source directory to indicate that everything within the directory should be copied, including hidden files (like the .htaccess file we created):

$ sudo cp -a /tmp/wordpress/. /var/www/yoursite/

We’ll start by giving ownership of all the files to the www-data user and group. This is the user that the Apache webserver runs as, and Apache will need to be able to read and write WordPress files in order to serve the website and perform automatic updates.

Update the ownership with chown:

$ sudo chown -R www-data:www-data /var/www/yoursite

Next we will run two find commands to set the correct permissions on the WordPress directories and files:

$ sudo find /var/www/wordpress/ -type d -exec chmod 750 {} \;
$ sudo find /var/www/wordpress/ -type f -exec chmod 640 {} \;

You can refer this for permission related stuff:

These should be a reasonable permissions set to start with. Some plugins and procedures might require additional tweaks.

Setting up wp-config file

To grab secure values from the WordPress secret key generator, type:

curl -s

Copy this codes and replace inside wp-config.php file.

If you are facing any php issues refer this :

If you are facing permalink issue refer this :

Hope this guide helps !