Installing WordPress with LAMP on Ubuntu 18.04

A previous version of this tutorial was written by Justin Ellingwood


WordPress is the most popular CMS (Content Management System) on the internet. With it you can set up flexible blogs and websites on a MySQL backend with PHP processing. WordPress has a tremendously high adoption rate and is a great choice to quickly build and get a website up and running. Once set up, almost all management can be done from the web front end.

In this guide we will focus on setting up a WordPress instance on a LAMP stack (Linux, Apache, MySQL and PHP) on an Ubuntu 18.04 server.


To complete this tutorial you will need access to an Ubuntu 18.04 server.

You must complete the following tasks before you can start this guide:

  • create one sudo-Users on your server: In this guide, we use a non-root user with sudo-rights. You can add a user with sudo-Create rights by following our Ubuntu 18.04 Server Initial Setup Guide.
  • Installing a LAMP stack: WordPress requires a web server, database and PHP to work properly. Setting up a LAMP stack (Linux, Apache, MySQL and PHP) meets all of these requirements. Follow this guide to install and configure this software.
  • Securing your site with SSL: WordPress serves dynamic content and takes care of user authentication and authorization. TLS/SSL is the technology that allows you to encrypt the traffic from your website so that the connection is secure. The way you set up SSL depends on whether you have a domain name for your site.
    • *If you have a domain name… *the easiest way to secure your website is with Let’s Encrypt, which provides free, trusted certificates. Follow the Let’s Encrypt for Apache guide to do this setup.
    • If you don’t have a domain… and you are only using this configuration for testing or privately, you can use a self-signed certificate instead. This provides the same type of encryption but without domain validation. Follow the Self-Signed SSL Guide for Apache to do this setup.

When you have completed this setup, log in to your server as sudouser, then proceed as shown below.

Step 1 – Create a MySQL database and user for WordPress

The first step is preparation. WordPress uses MySQL to manage and store site and user information. We already have MySQL installed but need to create a database and user for WordPress.

To do this, log in to the MySQL Root (administrative) account by typing this command:

Sie werden aufgefordert, das Passwort einzugeben, das Sie für das MySQL Root-Konto festgelegt haben, als Sie die Software installiert haben.

Zuerst können wir eine separate Datenbank erstellen, die von WordPress kontrolliert wird. Sie können ihr einen beliebigen Namen geben, aber wir nennen sie der Einfachheit halber in diesem Leitfaden wordpress. Erstellen Sie die Datenbank für WordPress, indem Sie Folgendes eingeben:

  • CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;

*Note: *Each MySQL statement must end with a semicolon (;). Make sure this is the case in case you run into a problem.

Next, we will create a separate MySQL user account that we will use exclusively for the new database. From an administrative and security perspective, it makes sense to create single-function databases and accounts. In this guide we use the name wordpressuser. You can change the name.

We create this account, set a password and grant access to the database we have created. To do this, we enter the following command. Remember to choose a strong password for your database user:

  • GRANT ALL ON wordpress.* TO 'wordpressuser'@'localhost' IDENTIFIED BY 'password';

You now have a database account and a user account, each set up specifically for WordPress. We need to flush the privileges so that the current instance of MySQL recognizes the latest changes:

Beenden Sie MySQL, indem Sie Folgendes eingeben:

Schritt 2 – Installation von zusätzlichen PHP-Erweiterungen

Beim Einrichten des LAMP-Stacks benötigen wir nur eine sehr minimale Menge von Erweiterungen, damit PHP mit MySQL kommuniziert. WordPress und viele seiner Plugins nutzen zusätzliche PHP-Erweiterungen.

Laden Sie einige der beliebtesten PHP-Erweiterungen zur Nutzung mit WordPress herunter und installieren diese, indem Sie Folgendes eingeben:

  • sudo apt update
  • sudo apt install php-curl php-gd php-mbstring php-xml php-xmlrpc php-soap php-intl php-zip

annotation: Each WordPress plugin has its own set of requirements. Some may require additional PHP packages to be installed. Check your plugin documentation to find out their PHP requirements. If they are available, they can be used as shown above apt to be installed.

We then restart Apache to load these new extensions in the next section. If you come back here to install additional plugins, you can now restart Apache by typing:

  • sudo systemctl restart apache2

Step 3 - Adjust Apache configuration to allow .htaccess override and rewrites

Next we will make some minor adjustments to our Apache configuration. Based on the required tutorials, you should have a configuration file for your site in the /etc/apache2/sites-available/ to have. As an example we use /etc/apache2/sites-available/wordpress.conf, but you should replace the path to your configuration file if necessary.

In addition, we use /var/www/wordpress as the root directory of our WordPress installation. You should use the web root specified in your own configuration.

annotation: It is possible that you have the default configuration 000-default.conf use (with /var/www/html as your web root). That's fine if you only want to host one website on this server. Otherwise, it's best to break the necessary configuration into logical chunks of one file per site.

Enabling .htaccess overrides

Currently the use of .htaccess- Files disabled. WordPress and many WordPress plugins make extensive use of these files for small changes in web server behavior in the directory.

Open the Apache configuration file for your website:

  • sudo nano /etc/apache2/sites-available/wordpress.conf

Around .htaccess-To allow files, we need the statement AllowOverride in one Verzeichnisblock set that points to our document root. Add your configuration file in the VirtualHost-Block add the following block of text, making sure to use the correct web root directory:


<Directory /var/www/wordpress/>
    AllowOverride All

When you have finished, save and close the file.

Activation of the rewrite module

Next we can mod_rewrite enable it so we can use the WordPress permalink feature:

Aktivierung der Änderungen

Bevor wir die von uns vorgenommenen Änderungen implementieren, sollten Sie bestätigen, dass Ihnen keine Syntaxfehler unterlaufen sind:

  • sudo apache2ctl configtest

The output may contain a similar message:


AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using Set the 'ServerName' directive globally to suppress this message Syntax OK

If you want to hide the top line, add it to your main (global) Apache configuration file /etc/apache2/apache2.conf just one ServerName added. the ServerName can be the domain or IP address of your server. However, this is only a message and does not affect the functionality of the site. As long as the output Syntax OK contains, you can continue.

Restart Apache to implement your changes:

  • sudo systemctl restart apache2

Next, we'll download and set up WordPress itself.

Step 4 - Download WordPress

Now that our server software is configured, we can download and set up WordPress. For security reasons, it is always advisable to get the latest version of WordPress from the site.

Change to a writable directory, then download the compressed version by typing:

  • cd /tmp
  • curl -O

Extract the zipped file to create the WordPress directory structure:

Wir werden diese Dateien gleich in unsere Dokument-Root verschieben. Zuvor können wir eine .htaccess-Add proxy file to make it available for WordPress later.

Create the file by typing:

  • touch /tmp/wordpress/.htaccess

We'll also copy the sample configuration file to the filename that WordPress actually reads:

  • cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php

We can do that too upgrade-Create a directory so that WordPress doesn't get permission problems when it tries to handle this itself after a software update:

  • mkdir /tmp/wordpress/wp-content/upgrade

Now we can copy the entire contents of the directory to our document root. We put a period at the end of our source directory to allow everything in the directory to be copied, including hidden files (like the one we created .htaccess-File):

  • sudo cp -a /tmp/wordpress/. /var/www/wordpress

Step 5 – WordPress Directory Configuration

Before we do the web-based WordPress setup, we need to customize a few items in our WordPress directory.

Customization of ownership and permissions

The most important thing is setting up sensible file permissions and ownership.

We start by taking ownership of all files www-data-Transfer users and groups. This is the user that the Apache web server is running as, and Apache needs to be able to read and write WordPress files in order to use the website and automatically update it.

Update ownership rights with chown:

  • sudo chown -R www-data:www-data /var/www/wordpress

Next we will be two find Run commands to set proper permissions on WordPress directories and files:

  • sudo find /var/www/wordpress/ -type d -exec chmod 750 {} ;
  • sudo find /var/www/wordpress/ -type f -exec chmod 640 {} ;

These should be reasonable permissions from the start. Some plugins and procedures may require additional modifications.

Setting up the WordPress configuration file

Now we need to make changes to the main WordPress configuration file.

When we open the file we will first have to change some secret keys to secure our installation. WordPress provides a secure generator for these values ​​so you don't have to make them up. They are used internally only, meaning complex safe values ​​have no impact on usability.

To get secure values ​​from the WordPress Secret Key Generator, type:

  • curl -s

You will get unique values ​​that look something like this:

Warning! It is important that you request unique values ​​each time. Copy NOT the values ​​listed below!


define('AUTH_KEY', '1jl/vqfs<XhdXoAPz9 DO NOT COPY THESE VALUES c_j{iwqD^<+c9.k<J@4H'); define('SECURE_AUTH_KEY', 'E2N-h2]Dcvp+aS/p7X DO NOT COPY THESE VALUES {Ka(f;rv?Pxf})CgLi-3'); define('LOGGED_IN_KEY', 'W(50,{W^,OPB%PB<JF DO NOT COPY THESE VALUES 2;y&,2m%3]R6DUth[;88'); define('NONCE_KEY', 'll,4UC)7ua+8<!4VM+ DO NOT COPY THESE VALUES #`DXF+[$atzM7 o^-C7g'); define('AUTH_SALT', 'koMrurzOA+|L_lG}kf DO NOT COPY THESE VALUES 07VC*Lj*lD&?3w!BT#-'); define('SECURE_AUTH_SALT', 'p32*p,]z%LZ+pAu:VY DO NOT COPY THESE VALUES C-?y+K0DK_+F|0h{!_xY'); define('LOGGED_IN_SALT', 'i^/G2W7!-1H2OQ+t$3 DO NOT COPY THESE VALUES t6**bRVFSD[Hi])-qS`|'); define('NONCE_SALT', 'Q6]U:K?j4L%Z]}h^q7 DO NOT COPY THESE VALUES 1% ^qUswWgn+6&xqHN&%');

These are configuration lines that we can put directly into our configuration file to set secure keys. Copy the output you received.

Now open the WordPress configuration file:

  • sudo nano /var/www/wordpress/wp-config.php

Find the section that contains the proxy values ​​for these settings. This should look something like this:


. . .

define('AUTH_KEY',         'put your unique phrase here');
define('SECURE_AUTH_KEY',  'put your unique phrase here');
define('LOGGED_IN_KEY',    'put your unique phrase here');
define('NONCE_KEY',        'put your unique phrase here');
define('AUTH_SALT',        'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT',   'put your unique phrase here');
define('NONCE_SALT',       'put your unique phrase here');

. . .

Delete these lines and paste the values ​​you copied from the command line:


. . .


. . .

Next we need to change some of the database connection settings at the top of the file. You need to customize the database name, database user and associated password that we configured in MySQL.

We also need to specify the method that WordPress should use to write to the file system. Since we've granted the web server the right to write anything, we can set the filesystem method to direct. If we don't change this to our current settings, WordPress will ask for FTP credentials for certain actions.

This setting can be included below the database connection settings or elsewhere in the file:


. . .

define('DB_NAME', 'wordpress');

/** MySQL database username */
define('DB_USER', 'wordpressuser');

/** MySQL database password */
define('DB_PASSWORD', 'password');

. . .

define('FS_METHOD', 'direct');

When you have finished, save and close the file.

Step 6 - Complete the installation via the web interface

Now the server configuration is complete and we can complete the installation from the web interface.

In the web browser, navigate to your server's domain name or public IP address:


Choose the language you want to use:

Next you come to the main setup page.

Choose a name for your WordPress site and a username (don't choose a word with "admin" for security reasons). A strong password is automatically generated. Save this or choose another strong password.

Enter your email address and choose whether to exclude search engines from indexing your site:

WordPress setup installation

If you continue clicking, you will come to a page where you need to log in:

WordPress login

After logging in, you will be taken to the WordPress admin dashboard:

WordPress login


WordPress should now be installed and ready to use! Some common next steps are choosing the permalink settings for your posts (these are at Einstellungen>Permalinks to find) or selecting a new design (in Darstellung>Design). If this is your first time using WordPress, take a look at the interface to get to know your new CMS.

Previous post Working locally with WordPress. Without XAMPP. With LocalWP
Next post Install WordPress on Ubuntu 20.04 with Apache, MariaDB, PHP7.4 (LAMP).