The initial step in deploying any web design project involves selecting the appropriate hosting option. Among the various solutions available, renting a virtual server online proves to be a popular and versatile choice for diverse projects. When it comes to content management systems (CMS), WordPress stands out as a powerful and widely adaptable solution, making it a common preference for many web design ventures. If you’ve decided on a WordPress VPS, understanding how to set up and secure WordPress on a VPS will prove invaluable to ensure a smooth and protected website experience.
Before performing any operation on your VPS, you should first and foremost connect to it. First, find the credential for accessing your server, which includes the server IP address or domain name, a username, and a password or SSH key. if you are on Linux and connect to a Windows server, use the command in the terminal:
ssh username@server_ip_or_domain
Enter the password afterward.
To connect to a Linux VPS if you’re a Windows user, you’ll need to use a special client, a common option is PuTTY. Download and install it, open it, enter the credential into the corresponding fields, and connect.
For Windows Server, a Linux user will have to use also a special client, for example, Remina. A Windows user should, in turn, find the Remote Desktop Connection application on their PC and use it in a similar way.
Upon connecting, you’ll need to perform a system update to ensure you have the latest security patches.
sudo apt update
sudo apt upgrade
A web server is a software or hardware system that serves web content to clients, typically over the HTTP (Hypertext Transfer Protocol) or its secure version, HTTPS. Regarding web servers, a common option is to install Nginx. Nginx (pronounced “engine-x”) is a high-performance, open-source web server and reverse proxy server software. It is designed to handle concurrent connections efficiently and can serve static content (like HTML, CSS, and images) as well as act as a reverse proxy for passing requests to other web servers, sftp servers, application servers, or backend services.
To install Nginx, type:
sudo apt install nginx
sudo systemctl start nginx
sudo systemctl enable nginx
A database server is a specialized computer system or software application that is dedicated to managing and storing databases. It provides a centralized location for storing and retrieving data, allowing multiple users or applications to access and manipulate the data simultaneously. There a various database server options, some popular ones include MySQL and MariaDB. Choose your database and install it in either way:
sudo apt install mysql-server
sudo mysql_secure_installation
PHP (Hypertext Preprocessor) is a widely used server-side scripting language primarily designed for web development. To install PHP and required extensions, type:
sudo apt install php-fpm php-mysql
The next step is to configure your web server (Nginx in our case). What you need is to set up Nginx to work with PHP-FPM. Create a new configuration file for your WordPress site in the /etc/nginx/sites-available/ directory. Here’s a sample configuration:
server {
listen 80;
server_name your_domain.com www.your_domain.com;
root /var/www/your_domain.com;
location / {
index index.php;
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
Create a new MySQL/MariaDB database and user for your WordPress installation. Note down the database name, username, and password.
Now it’s time to actually install the CMS. Type:
cd /var/www/
sudo wget https://wordpress.org/latest.tar.gz
sudo tar -xzvf latest.tar.gz
sudo mv wordpress your_domain.com
sudo chown -R www-data:www-data /var/www/your_domain.com
Edit the WordPress configuration file (wp-config.php) to include the database information:
define(‘DB_NAME’, ‘your_database_name’);
define(‘DB_USER’, ‘your_database_user’);
define(‘DB_PASSWORD’, ‘your_database_password’);
Set up a firewall (e.g., UFW) to control incoming and outgoing traffic.
SSL stands for Secure Sockets Layer, which is a cryptographic protocol that provides secure communication over a computer network, most commonly the Internet. You can get an SSL certificate either from your hosting provider or from a third-party service (like Let’s Encrypt).
To make your WordPress site even more secure, apply some common security measures:
Set up automated backups to ensure you can restore your website if anything goes wrong.
For now, we’ve covered most basics of WordPress VPS initial setup. We hope that you won’t have trouble with it anymore and wish you good luck!