Introduction

If you want to set up a professional website without having to invest a good deal of money or time, then WordPress is one of the best solutions.

Additionally, you can lower your budget by installing it yourself on a server, rather than hosting your website on shared hosting, or using a web panel.

This is what we aim for in this tutorial. By the time you’ve worked through it, you should have a fully functional, secure website that can withstand a good deal of traffic without affecting it’s speed – and on a budget!

Overview

In this tutorial we’ll cover setting up LEMP Stack, installing and configuring WordPress and Let’s Encrypt.

LEMP Stack is a group of popular open-source software that serve your website’s dynamic web pages.

LEMP stands for:

  • Linux – in our case it’s Ubuntu 18.04
  • Nginx – pronounced Engine-X, it is a powerful web server that will serve content to your visitors. It’s one of the most popular web servers and is used by some of the biggest websites on the internet.
  • MariaDB – a fork of the popular MySQL and some consider it to be better in some ways than MySQL. We won’t get into that, however you can check comparisons for yourself. We use MariaDB for storing and managing our data.
  • PHP – is one popular & powerful server-scripting language that you’ve most likely heard of. We’ll use PHP 7.2 to dynamically process web pages.

Prerequisites

  • A Ubuntu server with a minimum of 512MB RAM, but with a recommended 1GB+ RAM.

Most software that we’ll be using comes from Ubuntu’s default package repositories, which means we’ll use the apt command to make these installations.

Since we assume this is the first time we’re using apt we’ll make sure we have the latest listings by updating our server’s package index:

Updating package index

Now that our package index is up-to-date, we can get down to business.

Step 1 — Install Nginx

To install Nginx on Ubuntu just run the command:

Installing Nginx

Now stop, start and enable Nginx so it always starts on boot:

Stop/Start/Enable Nginx

Step 2 — Install MariaDB

WordPress will use MariaDB to store and manage our data. To install MariaDB run the following command:

Install MariaDB

Like we did with Nginx, use the following commands to stop, start and enable MariaDB so it always starts when the server boots:

Stop/Start/Enable MariaDB

To secure your installation, MariaDB comes with a script to help you adjust some insecure defaults. To start securing MariaDB run the following command:

You’ll be prompted to answer some questions. We recommend you answer as follows:

NOTE: Make sure you remember your MariaDB password, as you’ll be using it later on.

Enter current password for root (enter for none): Just press the Enter
Set root password? [Y/n]: Y
New password: Enter password
Re-enter new password: Repeat password
Remove anonymous users? [Y/n]: Y
Disallow root login remotely? [Y/n]: Y
Remove test database and access to it? [Y/n]: Y
Reload privilege tables now? [Y/n]: Y

Secure MariaDB

Restart MariaDB Server:

Restart MariaDB Server

Let’s make sure MariaDB is set up correctly before moving forward. We’ll just test it by logging in. To do this run the following command and enter your MariaDB password at the prompt. After that you can just type exit.

Test/Login MariaDB

Step 3 — Install PHP7.2-FPM And Related Modules

Since Nginx does not come with PHP processing, we’ll have to install it ourselves. What we’ll need to do now is install php-fpm, along with a few more extensions that are most frequently used by WordPress and its’ plugins:

NOTE: The extensions we’ve just installed are used by most plugins, but there are some WordPress plugins that require additional extensions. Make sure to check their documentations and see what other extensions they may require to work. You can install additional ones with the apt command as we’ve just done above.

When you’re done installing PHP7.2-FPM, and the extensions, make sure to restart the PHP-FPM process so it uses the newly added extensions:

Install PHP7.2-FPM And Related Modules

With that we’ve installed PHP and extensions most commonly used by WordPress and many of its’ plugins.

Configure the PHP Processor

Now that we’ve got PHP installed, we’ll have to adjust a few settings to make our setup more secure and adjust some settings that’ll make our life easier when working with WordPress.

To do this, open the main php-fpm configuration file:

And adjust the following values:

Save and close the file when you’re finished.

Edit PHP.ini

Restart the PHP processor, so that the changes we made are implemented:

Restart Nginx and PHP7.2-FPM

Step 4 — Create a MariaDB Database and User for WordPress

First of all, we’ll need to set up a new database and a user for WordPress to use. WordPress uses the database to manage and store data, and it’ll need it’s own user to be able to authenticate when doing that.

Log into the MariaDB root by running:

You should be prompted to enter your MariaDB root password. Enter the password you created when installing MariaDB.

Now we’ll create a database for WordPress to use. You can name it anything you want, but for the purposes of this tutorial we’ll call it dracula_db here. Create it by running the following command:

CREATE DATABASE dracula_db;

Next we’ll create a database user and set it a password. You can replace wordpressuser and wordpressuser_password with anything you’d like.

CREATE USER 'countdracula'@'localhost' IDENTIFIED BY 'bloodiwantblood';

With the new database and user created, we’ll have to grant our new user privileges to allow them to access the database. To do that, run the following command:

GRANT ALL ON dracula_db.* TO 'countdracula'@'localhost' IDENTIFIED BY 'bloodiwantblood' WITH GRANT OPTION;

You’ve created a database and user exclusively for WordPress to use. Now we’ll have to flush the privileges so that the current instance of MariaDB knows about the recent changes.

FLUSH PRIVILEGES;

Exit MariaDB when you’re done:

EXIT;

Create MariaDB Database/User/Password

Step 5 — Download WordPress

Download, unpack & move WordPress into your new website’s root directory. In this tutorial, our directory is dracula.host but you can name it however you’d like.

Set the correct permissions for WordPress to function:

Download WordPress & Set Permissions

Step 6 — Configure Nginx

Now we’ll edit the Nginx configuration file for your our new WordPress website, in /etc/nginx/sites-available/.

In this example we’ll use /etc/nginx/sites-available/dracula.host as the configuration file for our WordPress site. This file basically controls how visitors access your website. You should replace dracula.host with what applies to your requirements.

To begin, open your server block’s file with sudo privileges:

In the main server block we’ll have to add some location blocks.

The first location blocks are will block the exact matches of /favicon.ico and /robots.txt, so we will block logging requests for them.

We’ll also turn off logging for static files, by using regular expressions. In these blocks we also mark these files as highly cacheable since they are typically expensive to serve.

You can also adjust the regex for any other extension you’d like.

Inside the existing location / block, we’ll need to adjust the try_files list so it passes control to index.php instead of returning a 404.

Save and close the file when you’re finished.

To give you the full example, our file will look like this when we’re done with it. Remember to change dracula.host with your own domain.

Now let’s check if everything’s ok with the changes we’ve made:

If there were no errors then we can restart Nginx so the changes can take effect:

Configure Nginx

The last step here is to enable our server block that we just created. We enable it by linking it from /etc/nginx/sites-available and into /etc/nginx/sites-enabled. We do this with the following command:

Restart Nginx so our changes are implemented:

Enable the Site

Step 7 — Set up WordPress Configuration File

Configure your WordPress configuration file wp-config.php

Open the configuration file to edit it:

Set the MariaDB Database, User & Password that you created earlier, so that WordPress can use the it to store and manage data:

Save the file and exit when you’re done.

Configure WordPress

Step 8 — Obtain and Configure the Let’s Encrypt SSL Certificates

Let’s Encrypt provides an Nginx a client to automate obtaining and configuring it. It’s called certbot, and to install it on Ubuntu run the following commands:

Install Let’s Encrypt Client

To obtain your free Let’s Encrypt SSL/TLS certificate run the following command:

In our case we’ll run:

After running the command, you’ll be prompted if you accept the Licensing Terms and after that, if you would like to share your email to receive news from the Electronic Frontier Foundation which is an organization that works towards digital freedom ( In short, they’re trustworthy, don’t spam, and are fighting the good fight, in our opinion ).

You only need to accept the Licensing Terms to proceed (A).

You are not required to share your email, but can do so if you’d like to receive emails regarding their work encrypting the web, EFF news, campaigns, and ways to support digital freedom.

Next, you’ll be prompted to answer whether you want to redirect all HTTP traffic to HTTPS. This is an important step!

Choose option 2, so everyone visiting, for example, http://dracula.host will be actually be redirected to https://dracula.host

After that, the Let’s Encrypt Client should install your certificate and configure your website to redirect all traffic to HTTPS.

If you check your site’s Nginx configuration file, in our case /etc/nginx/sites-available/dracula.host, you’ll notice that some modifications have been made by the Let’s Encrypt client.

Your WordPress site is now ready to be used over HTTPS.

Obtain Free SSL/TLS Certificates

There’s one more step that we need to do here.

The Let’s Encrypt SSL/TLS Certificates expire in 3 months and you will have to renew for another 3 months, and so on. To automate this, we can set up a cron job to renew it every time so we don’t have to worry.

To do this run:

And add the following line at the end of the file. It will try to renew the certificate every day, and it will succeed in renewing it when it gets close to expiring.

Save and exit when you’re done.

NOTE: You can see a nice explanation of the cron expression we used here: https://crontab.guru/#0_1_*_*_*

Finalize/Schedule SSL Renewal

Step 9 — Finalize the WordPress Installation

The final step is to complete the WordPress installation through the web interface. To do this, just navigate in your browser to your domain ( in our case https://dracula.host ), and you’ll be guided through the easy process of installing WordPress.

Select your preferred language.

install_wordpress_select_language

And fill in your basic website and admin user information.

install_wordpress_fill_desired_credentials

You can see that your website’s URL shows that you are using HTTPS.

wordpress_url

Congratulations! You’ve successfully set up WordPress using Nginx, MariaDB, PHP and Let’s Encrypt on an Ubuntu server!

If you’d like an budget Linux VPS then check out our Linux KVM SSD Plans. We offer affordable VPS, with our smallest plan featuring 2GB RAM, 10GB SSD and for only $5!

And f you’ve got any questions or you’ve got an issue that you can’t figure out, then don’t hesitate to leave a comment or contact us.

Cheers!