WordPress LAMP
Version: 6.0 | OS: Ubuntu 20.04
Overview
WordPress powers over 60 million websites globally. Originally developed as a blogging platform, it has evolved into a robust content management system (CMS) backed by PHP and MySQL. This LAMP-based deployment provides an optimized WordPress stack ready for production use.
Included Software
- WordPress - 6.0
- Apache - 2.4.41
- MySQL - 8.0.32
- PHP - 8.1
- Fail2Ban - 4.4.0.4
- Postfix - 3.4.13
- Certbot - 0.40.0
Getting Started
Firewall & Access
Ensure your firewall or cloud security groups allow the following:
| Port | Service | Purpose |
|---|---|---|
| 22 | SSH (rate limited) | Server access |
| 80 | HTTP | Web access |
| 443 | HTTPS | Secure web access |
Initial Setup
Upon first boot:
- The MySQL root password is set.
mysql_secure_installationis executed.- A dedicated WordPress DB user is created.
wp-config.phpis generated with salt keys and DB credentials.- XML-RPC is disabled.
- PHP settings are tuned (file size, execution time).
- Apache rewrite module is enabled.
You will be logged out with the message:
Please wait until the installation is completed....
Connection to $IPADDRESS closed.
Do not log in for 2 minutes post-deployment.
SSH Access & Root Privileges
- Log in as
ubuntuwith your password or SSH key. - Switch to root:
sudo su -
First Login: Domain & Admin Setup
When logging in for the first time:
- You will be prompted to enter your domain:
Enter the domain name for your new WordPress site (e.g., example.org):
- Ensure your domain's A record points to your instance.
- Enter the following when prompted:
- Email Address
- Username
- Password
- Blog Title
Confirm the information and proceed.
You will see:
Completing the configuration of WordPress.
Installation completed. Access your new WordPress site in a browser to continue.
Accessing Your WordPress Site
Visit your domain or http://$IPADDRESS in a browser.
Database & Admin Details
- MySQL root password:
/root/.mysql_root_password - WordPress DB info:
/root/.wordpress_database_details - phpMyAdmin login:
- URL:
http://$IPADDRESS/phpmyadmin - User:
admin - Password:
/root/.phpmyadmin_password
- URL:
File Paths
- Web root:
/var/www/html - WordPress config:
/var/www/html/wp-config.php
Recommended Apache Virtual Host Setup
For each domain:
- Create a new web directory:
mkdir -p /var/www/yourdomain.com/html
- Create a virtual host config file:
nano /etc/apache2/sites-available/yourdomain.com.conf
- Add the following:
<VirtualHost *:80>
ServerAdmin webmaster@yourdomain.com
ServerName yourdomain.com
ServerAlias www.yourdomain.com
DocumentRoot /var/www/yourdomain.com/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
- Enable site & reload Apache:
a2ensite yourdomain.com.conf
systemctl reload apache2
Setting Up SSL with Certbot
Ensure both A and www A records point to your instance. Then run:
certbot --apache -d example.com -d www.example.com
Port 443 must be open. Optionally block port 80 after SSL setup.
Postfix Configuration
- Set hostname:
hostnamectl set-hostname your.hostname.com
- Edit
/etc/postfix/main.cf:
myhostname = your.hostname.com
- Restart Postfix:
systemctl restart postfix
- Test email:
echo "Postfix test" | mail -s "Subject" test@gmail.com
Emails may land in spam initially due to new IP reputation.
Best Practices
- Change default WordPress and phpMyAdmin credentials immediately.
- Enable fail2ban for brute-force protection.
- Use HTTPS and configure DNS properly.
- Secure Apache with headers and rate limits for better hardening.
For further assistance, contact Cloud4India Support.