Tutorials

Complete Guide: Installing WordPress on VPS with Nginx and SSL

Administrator
By Administrator
Published Oct 02, 2025
9 min read
Complete Guide: Installing WordPress on VPS with Nginx and SSL

Complete Guide: Installing WordPress on VPS with Nginx and SSL

There's something incredibly satisfying about running your own WordPress site on a VPS you control. No shared hosting limitations, no unexpected performance issues, and complete control over your environment. But let's be honest - the first time you try to set this up, it can feel overwhelming.

I remember staring at my first blank VPS, wondering where to even begin. Do I install Apache or Nginx? How do I get SSL working? Why won't PHP connect to the database? After countless trial-and-error sessions (and more than a few late nights), I've developed a reliable process that works every time.

In this comprehensive guide, I'll walk you through installing WordPress on a VPS with Nginx and SSL, step by step. We'll go from a fresh Ubuntu server to a fully functional, secure WordPress site ready for production. Let's build something amazing! 🚀

Why Choose VPS Over Shared Hosting?

Before diving in, let's understand why you're making this investment:

  • Better performance: Dedicated resources mean faster load times
  • Complete control: Install any software, configure anything
  • Enhanced security: Isolated environment from other sites
  • Scalability: Easy to upgrade resources as you grow
  • Learning experience: Understand web hosting from the ground up

Prerequisites: What You'll Need

Before starting, make sure you have:

  • Ubuntu VPS (20.04 or 22.04 recommended, 1GB+ RAM)
  • Domain name pointed to your VPS IP address
  • SSH access with sudo privileges
  • About 1-2 hours of focused time
  • Basic comfort with the command line

Step-by-Step WordPress Installation

1. Initial Server Setup

First, let's prepare our server with the foundation it needs.

1.1 Update System Packages

Always start with an updated system to ensure you have the latest security patches:

ssh root@your_server_ip
apt update && apt upgrade -y

1.2 Create a Non-Root User

It's a security best practice to avoid using the root user for daily operations:

adduser wordpressuser
usermod -aG sudo wordpressuser

Log out and back in as your new user:

exit
ssh wordpressuser@your_server_ip

1.3 Set Up Basic Firewall

sudo ufw allow OpenSSH
sudo ufw enable

2. Install Nginx Web Server

Nginx is faster and more efficient than Apache for WordPress sites.

2.1 Install Nginx

sudo apt install nginx -y
sudo systemctl start nginx
sudo systemctl enable nginx

2.2 Configure Firewall for Nginx

sudo ufw allow 'Nginx Full'

2.3 Test Nginx Installation

Visit http://your_server_ip in your browser. You should see the Nginx welcome page.

3. Install MySQL Database

WordPress needs a database to store all your content, settings, and user information.

3.1 Install MySQL Server

sudo apt install mysql-server -y

3.2 Secure MySQL Installation

This is crucial for security:

sudo mysql_secure_installation

Answer the prompts as follows:

Would you like to setup VALIDATE PASSWORD PLUGIN? Y
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 1
New password: [create a strong MySQL root password]
Re-enter new password: [confirm password]
Remove anonymous users? Y
Disallow root login remotely? Y
Remove test database and access to it? Y
Reload privilege tables now? Y

3.3 Create WordPress Database

Log into MySQL and create a dedicated database for WordPress:

sudo mysql -u root -p

Run these SQL commands:

CREATE DATABASE wordpress;
CREATE USER 'wpuser'@'localhost' IDENTIFIED BY 'SecureWPPassword123!';
GRANT ALL PRIVILEGES ON wordpress.* TO 'wpuser'@'localhost';
FLUSH PRIVILEGES;
EXIT;

Important: Replace 'SecureWPPassword123!' with a strong, unique password.

4. Install PHP and Required Extensions

WordPress requires PHP and several extensions to function properly.

4.1 Install PHP and Extensions

sudo apt install php-fpm php-mysql php-curl php-gd php-mbstring php-xml php-xmlrpc php-soap php-intl php-zip -y

4.2 Configure PHP for WordPress

Edit the PHP configuration file:

sudo nano /etc/php/[version]/fpm/php.ini

(Replace [version] with your PHP version, like 8.1)

Find and update these settings:

memory_limit = 256M
upload_max_filesize = 64M
post_max_size = 64M
max_execution_time = 300

4.3 Restart PHP-FPM

sudo systemctl restart php[version]-fpm

5. Configure Nginx for WordPress

Now we'll set up Nginx to properly handle WordPress with pretty permalinks.

5.1 Create Nginx Configuration

sudo nano /etc/nginx/sites-available/yourdomain.com

5.2 Add WordPress Configuration

server {
    listen 80;
    server_name yourdomain.com www.yourdomain.com;
    root /var/www/yourdomain.com;
    index index.php index.html index.htm;

    # Log files
    access_log /var/log/nginx/yourdomain.access.log;
    error_log /var/log/nginx/yourdomain.error.log;

    # WordPress pretty permalinks
    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    # PHP processing
    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php[version]-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    # Deny access to .htaccess files
    location ~ /\.ht {
        deny all;
    }

    # Security headers
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-XSS-Protection "1; mode=block" always;
    add_header X-Content-Type-Options "nosniff" always;

    # Static file caching
    location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
        expires 1y;
        add_header Cache-Control "public, immutable";
    }
}

Important: Replace [version] with your actual PHP version.

5.3 Enable Your Site

sudo ln -s /etc/nginx/sites-available/yourdomain.com /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx

6. Download and Configure WordPress

Now let's get WordPress files on your server and configure them.

6.1 Download WordPress

cd /tmp
wget https://wordpress.org/latest.tar.gz
tar -xzvf latest.tar.gz

6.2 Create WordPress Directory

sudo mkdir -p /var/www/yourdomain.com
sudo cp -a /tmp/wordpress/. /var/www/yourdomain.com/

6.3 Set Correct Permissions

sudo chown -R www-data:www-data /var/www/yourdomain.com
sudo find /var/www/yourdomain.com/ -type d -exec chmod 755 {} \;
sudo find /var/www/yourdomain.com/ -type f -exec chmod 644 {} \;

6.4 Create WordPress Configuration

sudo cp /var/www/yourdomain.com/wp-config-sample.php /var/www/yourdomain.com/wp-config.php
sudo nano /var/www/yourdomain.com/wp-config.php

Update the database settings:

/** The name of the database for WordPress */
define( 'DB_NAME', 'wordpress' );

/** Database username */
define( 'DB_USER', 'wpuser' );

/** Database password */
define( 'DB_PASSWORD', 'SecureWPPassword123!' );

/** Database hostname */
define( 'DB_HOST', 'localhost' );

6.5 Add Security Keys

Visit https://api.wordpress.org/secret-key/1.1/salt/ and replace the existing keys in your wp-config.php file.

7. Complete WordPress Installation via Web Interface

Now we can finish the installation through WordPress's web interface.

7.1 Create .htaccess File

sudo touch /var/www/yourdomain.com/.htaccess
sudo chown www-data:www-data /var/www/yourdomain.com/.htaccess
sudo chmod 664 /var/www/yourdomain.com/.htaccess

7.2 Visit Your Domain

Open your browser and navigate to http://yourdomain.com. You should see the WordPress installation screen.

7.3 Complete Setup

  1. Select your language
  2. Fill in site information (site title, username, password, email)
  3. Click "Install WordPress"
  4. Log in with your new admin credentials

8. Install SSL Certificate

Let's secure your WordPress site with HTTPS using Let's Encrypt.

8.1 Install Certbot

sudo apt install certbot python3-certbot-nginx -y

8.2 Obtain SSL Certificate

sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

Follow the prompts:

  • Enter your email address
  • Agree to terms of service
  • Choose whether to share your email (optional)
  • Choose redirect option 2 (Redirect HTTP to HTTPS)

8.3 Verify SSL Installation

Visit https://yourdomain.com - you should see the padlock icon!

9. WordPress Post-Installation Optimization

Let's optimize WordPress for better performance and security.

9.1 Update WordPress Configuration for HTTPS

Add these lines to your wp-config.php file:

define('FORCE_SSL_ADMIN', true);
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
    $_SERVER['HTTPS'] = 'on';
}

9.2 Configure WordPress Settings

Log into WordPress admin and configure:

  • Settings → General: Update site URL to HTTPS
  • Settings → Permalinks: Select "Post name" for SEO-friendly URLs
  • Settings → Discussion: Configure comment settings
  • Settings → Media: Set image sizes

9.3 Install Essential Plugins

Recommended plugins for every WordPress site:

  • SEO: Yoast SEO or Rank Math
  • Security: Wordfence Security
  • Performance: WP Super Cache or W3 Total Cache
  • Backups: UpdraftPlus
  • Spam: Akismet Anti-Spam

10. Set Up Automated Backups

Never run a WordPress site without backups!

10.1 Install Backup Plugin

Install and configure UpdraftPlus plugin through WordPress admin.

10.2 Database Backup Script (Optional)

Create a backup script:

sudo nano /usr/local/bin/wp-backup.sh

Add this content:

#!/bin/bash
DATE=$(date +%Y%m%d_%H%M%S)
BACKUP_DIR="/home/wordpressuser/backups"
DB_NAME="wordpress"
DB_USER="wpuser"
DB_PASS="SecureWPPassword123!"

# Create backup directory
mkdir -p $BACKUP_DIR

# Backup database
mysqldump -u $DB_USER -p$DB_PASS $DB_NAME > $BACKUP_DIR/wordpress_db_$DATE.sql

# Backup files
tar -czf $BACKUP_DIR/wordpress_files_$DATE.tar.gz /var/www/yourdomain.com

# Remove old backups (keep last 7 days)
find $BACKUP_DIR -name "*.sql" -mtime +7 -delete
find $BACKUP_DIR -name "*.tar.gz" -mtime +7 -delete

Make it executable and set up a cron job:

sudo chmod +x /usr/local/bin/wp-backup.sh
crontab -e

Add this line for daily backups at 2 AM:

0 2 * * * /usr/local/bin/wp-backup.sh

Troubleshooting Common Issues

"Error establishing database connection"

Cause: Incorrect database credentials or MySQL not running.

Solution:

# Check MySQL status
sudo systemctl status mysql

# Test database connection
mysql -u wpuser -p wordpress

# Verify wp-config.php settings
sudo nano /var/www/yourdomain.com/wp-config.php

"404 Not Found" for WordPress Posts

Cause: Nginx not properly handling WordPress permalinks.

Solution: Ensure your Nginx configuration has the correct try_files directive:

location / {
    try_files $uri $uri/ /index.php?$args;
}

"Upload file size exceeded"

Cause: PHP upload limits too low.

Solution: Update php.ini settings:

upload_max_filesize = 64M
post_max_size = 64M
memory_limit = 256M

"Mixed Content Warning"

Cause: Some resources still loading over HTTP after SSL setup.

Solution: Add this to wp-config.php:

define('FORCE_SSL_ADMIN', true);
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
    $_SERVER['HTTPS'] = 'on';
}

"White Screen of Death"

Cause: PHP error or memory limit exceeded.

Solution:

# Check WordPress error log
tail -f /var/www/yourdomain.com/wp-content/debug.log

# Check Nginx error log
sudo tail -f /var/log/nginx/error.log

Performance Optimization Tips

Enable PHP OPcache

sudo nano /etc/php/[version]/fpm/conf.d/10-opcache.ini

Add these settings:

opcache.enable=1
opcache.memory_consumption=128
opcache.max_accelerated_files=4000
opcache.revalidate_freq=0

Configure Nginx Caching

Add this to your Nginx server block:

# Enable browser caching
location ~* \.(css|js|png|jpg|jpeg|gif|ico|svg)$ {
    expires 1y;
    add_header Cache-Control "public, immutable";
}

Install Caching Plugin

Install and configure WP Super Cache or W3 Total Cache through WordPress admin.

Security Best Practices

  • Keep everything updated: WordPress, themes, and plugins
  • Use strong passwords for all accounts
  • Limit login attempts with a security plugin
  • Disable file editing in wp-config.php:
    define('DISALLOW_FILE_EDIT', true);
  • Change default database prefix during installation
  • Regular backups to multiple locations
  • Monitor logs for suspicious activity

Conclusion

Congratulations! 🎉 You've successfully installed WordPress on your VPS with Nginx and SSL. That's a significant achievement that gives you complete control over your web hosting environment.

What you've built is far more than just a WordPress site - it's a solid foundation for any web project. You now have:

  • A fast, secure web server optimized for WordPress
  • Free SSL certificate for HTTPS security
  • Automated backups to protect your content
  • Performance optimizations for better user experience
  • Security configurations to protect against common threats

From here, you can focus on what matters most - creating amazing content and growing your website. The technical foundation is solid, and you have the skills to maintain and scale your WordPress site as needed.

Remember to keep everything updated, monitor your site's performance, and regularly test your backups. A well-maintained WordPress site can serve you reliably for years to come.

Happy WordPressing! 🚀 Your self-hosted journey has just begun.

Related Articles

How to Backup and Restore a Website on VPS Linux

How to Backup and Restore a Website on VPS Linux

Oct 03, 2025

How to Backup and Restore a Website on VPS Linux That moment when you realize your website is gon...

Setting Up Load Balancing with Nginx for High Traffic Sites

Setting Up Load Balancing with Nginx for High Traffic Sites

Oct 03, 2025

Setting Up Load Balancing with Nginx for High Traffic Sites Your website is growing. Traffic is i...

How to Monitor Server Resources with htop and netstat

How to Monitor Server Resources with htop and netstat

Oct 03, 2025

How to Monitor Server Resources with htop and netstat Ever wonder why your website suddenly slows...

Basic Firewall Configuration for Linux Web Servers

Basic Firewall Configuration for Linux Web Servers

Oct 03, 2025

Basic Firewall Configuration for Linux Web Servers Your web server is like a house in a busy neig...