Official Power Up Hosting Blog

Everything about Linux, Windows, and hosting ;)

Selvakumar
Author

I am an Online Marketer and technology lover. I like to learn new things and share that with people.

Share


Our Newsletter


Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

Tags


Twitter


Official Power Up Hosting Blog

(Learn) How to Install WordPress Nginx on Ubuntu 16.04

SelvakumarSelvakumar

WordPress is the Open Source CMS used by many people in the world.

The WordPress Platform is easy to use and a lot of plugins are available for the users to install.

Also, you can install various themes on the WordPress. The support and contribution to the WordPress make it the best CMS available on the web.

You can run a blog, host a website, run an eCommerce website and host a video platform.

In this Article, we will WordPress installation step by step.

What is the Advantage of using Nginx over Apache?

Nginx is powerful, and it can handle more real time users for delivering static content when compared to the Apache web server.

According to the statistics Nginx can handle 2x user when compared with the Apache real time user for serving the static content.

When you for competition WordPress Nginx vs Apache, Nginx will win the competition.

install wordpress nginx ubuntu 16.04

Prerequisites

  • You should have non-root user with sudo privileges. For that, you have to create a user and then grant the sudo privileges to the user. Refer this initial server setup guide

  • You should have installed the LEMP stack on your Ubuntu 16.04 server.

  • Secure your Nginx using Let's Encrypt. Refer this guide.

Securing the Server is important for WordPress. WordPress handles the dynamic content.

So there is big chance that the traffic can be breached and manipulated.

To prevent that, we need to install SSL certificate on the server.

There are two cases in installing the SSL certificate.

Server With Domain:

If you have the domain pointing to your website, then you can install the Let's Encrypt free SSL certificate on your server.

Follow this guide to install Let's Encrypt on Ubuntu.

Server without Domain

If you don't have a domain name pointing to your website, then you have to create a self-signed SSL certificate.

Once you are done with the setup, then follow the below steps to install WordPress on Nginx.

Step 1: MySQL Database Setup

WordPress uses the MySQL for storing and retrieving the site and user information.

First, we have to create a database and user for the WordPress to use.

After that, we will configure the WordPress to access the MySQL for storing and Retrieving the data.

First Login to the MySQL using the following command.

$ mysql -u root -p

It will ask you the root password that you have set when installing the MySQL.

Enter the password to Login.

After that, you have to create a Database which can be accessed by the WordPress.

Here, Let us name the WordPress Database as 'wordpress'.

mysql> CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;

== Always check for the syntax and ensure that you have added the (;) at the end of the each command.==

Now:

We have to create a new user who can use the Database.

This is always important when you are looking to improve the security of your site.

Here, we will create a new user with the name of 'wordpressuser' to understand it easily.

Use this command to create the user, set the password and grant permission to use the Database.

mysql> GRANT ALL ON wordpress.* TO 'wordpressuser'@'localhost' IDENTIFIED BY 'password';

All this will be done in a single command line.

Once you create the Database, User Account and granted the permission to use the Database, the next step is to flush the Privileges.

mysql> FLUSH PRIVILEGES;

After that, now you have to return to the server terminal from the MySQL prompt.

Just type EXIT; and Press Enter.

mysql> EXIT; 

Step 3: Adjusting the Nginx Configuration

We have to adjust the Nginx configuration to make the Nginx work perfectly.

Open the Nginx server Block file using the nano editor.

$ sudo nano /etc/nginx/sites-available/default

Here, we are going to adjust and add exact location blocks inside the server blocks to request the /favicon.ico and /robots.txt.

We have to do that since we do not want to log the requests for them.

Here, we are going to use the regular expression location in the server block to mention the location for static file requests.

We have to make these resource cacheable to avoid the frequent logging request.

Here also, you can mark any other file types as static in the server block.

        /etc/nginx/sites-available/default
server {
. . .

location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { log_not_found off; access_log off; allow all; }
location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
    expires max;
    log_not_found off;
}
. . .
}

Also, we are going to make some changes in the try-files list.

So that, the server won't return any 404 error and instead of that, it will pass the requested arguments to the index.php.

Nginx WordPress permalink is required to create custom URL. The process of setting up the permalink is easy with the Nginx blogs.

Make changes in the server block as mentioned below.

/etc/nginx/sites-available/default
server {
. . .
location / {
    #try_files $uri $uri/ =404;
    try_files $uri $uri/ /index.php$is_args$args;
}
. . .
}

Once you made the changes, just save and close the file.

After that, you have to check for the syntax error by executing the below command.

$ sudo nginx -t

If there is no error reported, you can reload the Nginx to make the changes to take effect.

$ sudo systemctl reload nginx

Step 3: Installing Required PHP Extensions

When we installed the LEMP on the server, we have also installed the PHP extensions.

But:

They only communicate with MySQL. They are not sufficient for the WordPress to perform all the operations required by plugins.

The Reason is WordPress and its plugins require a lot of PHP extensions to run.

Here, we are going to install the most required and widely used PHP extension to install and work with WordPress.

$ sudo apt-get update
$ sudo apt-get install php-curl php-gd php-mbstring php-mcrypt php-xml php-xmlrpc

You may require installing some additional PHP extensions in future

You have to look for the required PHP extensions in the Plugin document and install them using the apt-get method.

Once you are done with installing all the required extension, just reload the php-fpm process. Wordpress Nginx php-fpm is the combination. Without php-fpm Nginx can't process PHP requests.

The restart process will make the php-fpm process to use the additional PHP extensions.

$ sudo systemctl restart php7.0-fpm

Step 4: Installing the Wordpress

You have to download and install the WordPress setup file on the server.

Download WordPress from their site and install it.

No product is 100% perfect. This quote also exactly matches to the WordPress.

Since many people use Wordpress, there are a lot of attempts to breach the WordPress security also going on.

People find vulnerabilities and try to hack WordPress.

Whenever a bug is found, the WordPress team will fix the bugs and upgrades the Wordpress.

Change to tmp directory

$ cd /tmp
$ curl -O https://wordpress.org/latest.tar.gz

Now:

You have to extract the compressed file using the following command.

$ tar xzvf latest.tar.gz

We also have to move the Wordpress into the document root shortly.

Before that, we have to copy the sample configuration.

$ mkdir /tmp/wordpress/wp-content/upgrade 

We need to create 'upgrade' directory to avoid the WordPress running into the permission issues when it tries to create 'upgrade' directory on its own while updating its software.

$ mkdir /tmp/wordpress/wp-content/upgrade

After that, we have to copy the entire sample configuration from the tmp directory to our root.

We are using -a to indicate that all our permissions have to be maintained while moving to the new directory.

The '.' at the end of the source file represents that the file has to be copied entirely including hidden files.

$ sudo cp -a /tmp/wordpress/. /var/www/html

Step 5: Setting Up the Permission for the Wordpress directory.

Accessing the files in the Operating system requires permission. Here we can make changes to the document root as a normal user.

We are going to enable the permission for both normal user and web server to access and make changes to the web root directory.

$ sudo chown -R sammy:www-data /var/www/html

The web server can access whatever the file which can be accessed by the 'www-data' group.

We also need to do one more thing. That is to set the 'setgid' bit for each of the directories inside the document root.

This is to make the new directories and files created inside the root to inherit its group of the parent directory.

So, the web server can handle the control over the newly created directories.

Execute the below command to set the 'setgid' bit.

$ sudo find /var/www/html -type d -exec chmod g+s {} \;

Also, you have to make few more changes regarding the permissions.

You have to enable the group to write permission to the wp-content so that you can make changes in the theme and plugin through the interface.

$ sudo chmod g+w /var/www/html/wp-content

Also, we have to give the permission to the web server to write inside the wp-content.

$ sudo chmod -R g+w /var/www/html/wp-content/themes
$ sudo chmod -R g+w /var/www/html/wp-content/plugins

This given basic permissions can work well. But, in future, you may require granting some additional permissions.

Step 5: WordPress Setup

Before setting up the WordPress through the web interface, you have to make some changes in the secret keys to secure the installation.

You don't need to generate the security key for each of the fields hard.

WordPress itself provides you with the security generator.
Execute the below command to generate those secure keys.

$ curl -s https://api.wordpress.org/secret-key/1.1/salt/

You will get the unique value like below one.

define('AUTH_KEY',         '}x:O)7(|=>>-pGjn-
G|maVr+@=^ZZtm*BtLd,&eMco686;$L+HFM;R((^Z}Y44zC');
define('SECURE_AUTH_KEY',  'RAE%?
Hag5=|X+*%Xc2U$|lZoSNU5lm>-vdBck~[,RO )+}-FK4bE} F 
C6J3g>>s');
define('LOGGED_IN_KEY',    '7{G-_{g<{-n@FM{FUut1`Uwoo+
[G5T![eR=hF+wH%I)-!}+UeRZGKOqs?$-+}+WC');
define('NONCE_KEY',        'BK@o?#&57]<M1X4 
gU{u~8pLnUCLzkn6GvdCX{3HQ,aDr[#v:r/c]lT6^O16{hk0');
define('AUTH_SALT',        '7H:&fhb:U>iA!+ ;
{#YMO}b/~zbzuY$ORCfg?&bLvjp+3C9eX@3[Ft@sPp[AR]r5');
define('SECURE_AUTH_SALT', 'pBnw4}DGhSG@)w|* @6Tz-?
2Dv5kv(8(R-^;ku3tR+~x6*.D_%ei5%mG[)WBPnQ}');
define('LOGGED_IN_SALT',   'c@+o?}.5/ypbG;`cH^f^:@-
XrL!fEGQ7]j>tfL}+[AM+%0D+ma:=NMw2w?ar^[?i');
define('NONCE_SALT',       
'@,gkNK|a78G0ro/POu}$`tDApkHnK|A_M?
<UARXX]Y4v2}Ec|g8c9/3IvXvd$h)R');

== Do not use the security keys above. Generate unique keys for your WordPress site.==

Execute the command on your own and copy the value.

Open the WordPress configuration to directly paste the values.

$ nano /var/www/html/wp-config.php

Search for the section which has the following lines

/var/www/html/wp-config.php

. . .

define('AUTH_KEY', 'paste your values here');
define('SECURE_AUTH_KEY', 'paste your values here');
define('LOGGED_IN_KEY', 'paste your values here');
define('NONCE_KEY', 'paste your values here');
define('AUTH_SALT', 'paste your values here');
define('SECURE_AUTH_SALT', 'paste your values here');
define('LOGGED_IN_SALT', 'paste your values here');
define('NONCE_SALT', 'paste your values here');

Entirely replace those values with you have generated through WordPress portal.

       /var/www/html/wp-config.php
. . .

define('AUTH_KEY',         'VALUES COPIED FROM THE COMMAND LINE');
define('SECURE_AUTH_KEY',  'VALUES COPIED FROM THE COMMAND LINE');
define('LOGGED_IN_KEY',    'VALUES COPIED FROM THE COMMAND LINE');
define('NONCE_KEY',        'VALUES COPIED FROM THE COMMAND LINE');
define('AUTH_SALT',        'VALUES COPIED FROM THE COMMAND LINE');
define('SECURE_AUTH_SALT', 'VALUES COPIED FROM THE COMMAND LINE');
define('LOGGED_IN_SALT',   'VALUES COPIED FROM THE COMMAND LINE');
define('NONCE_SALT',       'VALUES COPIED FROM THE COMMAND LINE');

. . .

We are also going to make some other changes in the WordPress configuration file.

We have to set the MySQL credentials to the WordPress, so the WordPress can easily access the Database.

There are 3 credentials we have to set. They are

  • Database
  • User Name
  • Password

After that, you have to set the File System to 'direct'. This is to avoid the WordPress asking FTP credentials whenever you try to update or install themes and plugins.

/var/www/html/wp-config.php
. . .

define('DB_NAME', 'wordpress');

/** MySQL database username */
define('DB_USER', 'wordpressuser');

/** MySQL database password */
define('DB_PASSWORD', 'password');

. . .

define('FS_METHOD', 'direct');

Now, save and close the file.

Step 6: WordPress Installation

It easy to setup WordPress through the Web Interface. It will ask you few details which you have to give to the WordPress.

http://domain_name_or_IP

When you enter the domain name or IP Address, the WordPress Installation wizard will ask you to choose the language.

Once you select the language, the Setup will ask you to set the Site title, username, password, mail address.

And then click on Install WordPress.

After that, it will show you the success notification.

You have to log in with the appropriate credentials. After that, you will be taken to the dashboard.

Step 7: WordPress Upgrade

You can do all the tasks in the front end which requires the FTP access, but you cannot upgrade the WordPress from the front end.

This is because the 'www-data' group user doesn't have the write access to the root document.

We have restricted the permission and only it can read. It is because of security reasons.

To upgrade the WordPress through the User Interface, you have to allow the web server process to write to the document root.

Here is the command for that.

$ sudo chown -R www-data /var/www/html

Now, go to the dashboard and upgrade the WordPress.

After that, you have to revert the permission.

$ sudo chown -R sammy /var/www/html

You have to follow the same procedure when there is an update available for WordPress.

Conclusion

Nginx configuration differs a lot. You have to be careful while adding and removing the location blocks.

Also, you don't need to worry about the Nginx WordPress htaccess file. Nginx doesn't process the htaccess file.

We will How to setup Wordpress Nginx Multisite in the upcoming article.

If you still have any doubt in installing WordPress on
LEMP stack, let us know that in the command.

Selvakumar
Author

Selvakumar

I am an Online Marketer and technology lover. I like to learn new things and share that with people.

Comments