The Complete Manual Guide to Installing WordPress on a VPS: From Bare Server to Live Site

The Complete Manual Guide to Installing WordPress on a VPS: From Bare Server to Live Site

Overview

Installing WordPress on a Virtual Private Server (VPS) grants you full control over the hosting environment, enabling optimized performance and security tailored to your site's needs. This tutorial provides a detailed, command-line walkthrough for manually setting up a WordPress site on a fresh Linux VPS using an Nginx, MariaDB, and PHP (LEMP) stack. It covers everything from initial server preparation to critical post-installation steps, helping you build a robust and scalable foundation.

What Are the Prerequisites for a Manual WordPress VPS Installation?

Before you begin, you must have a running Linux VPS and the necessary access credentials. At a minimum, you need a VPS instance from a provider, root or sudo user access via SSH, a registered domain name with DNS pointing to your server's IP, and a basic understanding of terminal commands.

A fresh, minimal installation of a supported Linux distribution like Ubuntu 22.04 LTS or AlmaLinux 9 is strongly recommended. This provides a clean slate and avoids conflicts from pre-installed software.

Essential Pre-Installation Checklist

  • Your VPS is provisioned and you have received its IP address and root password.
  • You have updated the system packages to their latest versions.
  • A non-root user with sudo privileges has been created for daily tasks.
  • A basic firewall (like UFW for Ubuntu or firewalld for RHEL-based systems) is configured to allow SSH, HTTP, and HTTPS traffic.
  • Your domain's A record (e.g., yourdomain.com) is correctly pointing to your VPS IP address and has propagated.

How Do You Prepare the VPS Environment?

The first hands-on step is to connect to your server and prepare the operating system for the software stack. This ensures a stable and secure base for WordPress.

Step 1: Connect via SSH

Use an SSH client like Terminal (macOS/Linux) or PuTTY (Windows) to log in with your non-root sudo user:

ssh your_user@your_server_ip

Step 2: Update the System

Bring all installed packages up to date to patch security vulnerabilities and ensure compatibility. On Ubuntu/Debian systems:

sudo apt update && sudo apt upgrade -y

On CentOS/AlmaLinux, you might first need to ensure your yum repositories are functional. If you encounter an error like "Not enough cached data to install," it often points to a repository issue. A common solution is to refresh or replace the repository cache files, as detailed in this support guide on fixing yum cache errors.

Step 3: Install the Web Server (Nginx)

Nginx will serve web requests. Install it with the package manager:

sudo apt install nginx -y

Start and enable it to run on boot:

sudo systemctl start nginx && sudo systemctl enable nginx

How Do You Install the Database and PHP for WordPress?

WordPress requires a database to store content and PHP to process dynamic requests. We'll install MariaDB (a MySQL fork) and PHP-FPM with necessary modules.

Step 1: Install MariaDB

sudo apt install mariadb-server -y

Run the security script to set a root password, remove anonymous users, and disable remote root login:

sudo mysql_secure_installation

Answer "Y" to all prompts for a standard secure setup.

Step 2: Install PHP and Modules

Install PHP-FPM and the extensions WordPress requires:

sudo apt install php-fpm php-mysql php-curl php-gd php-mbstring php-xml php-zip php-imagick -y

Verify PHP is running by checking its version:

php -v

How Do You Configure the Server Components for WordPress?

With the software installed, you must now create the database, download WordPress, and configure Nginx to serve it.

Step 1: Create the WordPress Database and User

Log into MariaDB as root:

sudo mysql -u root -p

Enter your root password, then run these SQL commands, replacing placeholders with your secure values:

CREATE DATABASE wordpress_db;
CREATE USER 'wp_user'@'localhost' IDENTIFIED BY 'your_strong_password';
GRANT ALL PRIVILEGES ON wordpress_db.* TO 'wp_user'@'localhost';
FLUSH PRIVILEGES;
EXIT;

Step 2: Download and Set Up WordPress Files

Navigate to the web root and download the latest WordPress archive:

cd /var/www
sudo wget
sudo tar -xzvf latest.tar.gz

Set the correct ownership so the web server user (www-data on Ubuntu) can read and write the files:

sudo chown -R www-data:www-data /var/www/wordpress

Step 3: Create the WordPress Configuration File

Copy the sample config and edit it:

cd /var/www/wordpress
sudo cp wp-config-sample.php wp-config.php

Open it with a text editor like nano:

sudo nano wp-config.php

Replace the database placeholder values (database_name_here, username_here, password_here) with the credentials you created. Then, generate unique security salts from the WordPress Salt Generator and replace the placeholder block in the file. Save and exit.

Step 4: Create an Nginx Server Block

Create a configuration file for your site:

sudo nano /etc/nginx/sites-available/yourdomain.com

Add the following configuration, adjusting the PHP version path to match your installation:

server {
 listen 80;
 server_name yourdomain.com www.yourdomain.com;
 root /var/www/wordpress;
 index index.php index.html;

 location / {
 try_files $uri $uri/ /index.php?$args;
 }

 location ~ \.php$ {
 include snippets/fastcgi-php.conf;
 fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
 }
}

Enable this site by creating a symbolic link and test the configuration:

sudo ln -s /etc/nginx/sites-available/yourdomain.com /etc/nginx/sites-enabled/
sudo nginx -t

If the test is successful, reload Nginx:

sudo systemctl reload nginx

How Do You Complete the WordPress Installation in the Browser?

The server-side setup is now complete. Finish the installation through the web interface.

  1. Open your browser and navigate to `.
  2. You will see the WordPress setup wizard. Select your language.
  3. Enter your Site Title, Admin Username, Password, and Email address.
  4. Click Install WordPress.
  5. You can now log in to your WordPress dashboard at `.

Decision Framework: Manual Installation vs. Provider-Solution

While the manual process offers complete control, it is time-consuming. Many hosting providers offer streamlined alternatives. Here’s how to decide.

Criteria Manual LEMP/LAMP Installation Managed VPS with Application Templates
Control & Customization High. You choose and configure every software version and setting. Medium. You get a pre-configured stack; customization is limited to supported options.
Time & Effort High. Requires 30-60 minutes and comfortable command-line skills. Low. Often completed in under 10 minutes via a control panel.
Learning Curve Steep. Ideal for understanding server management fundamentals. Gentle. Best for users who want to focus on WordPress content, not server administration.
Maintenance You. You are responsible for all system updates, security patches, and troubleshooting. Provider-Assisted. Core OS and stack updates are often managed.

For users who prioritize rapid deployment without deep system administration, a managed VPS service can be a practical choice. Providers like RAKsmart offer VPS plans where you can deploy a fresh OS and often utilize control panel tools to simplify the initial server configuration before the WordPress-specific setup.

Critical Post-Installation Steps for Security and Performance

A default WordPress install is not production-ready. You must take immediate steps to secure and optimize your new site.

1. Install a Free SSL Certificate

Secure your site with HTTPS using Let's Encrypt and Certbot:

sudo apt install certbot python3-certbot-nginx -y
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

Follow the prompts. Certbot will automatically configure Nginx for SSL and set up auto-renewal.

2. Harden WordPress Security

  • Update Immediately: Install any pending WordPress core, plugin, or theme updates via the dashboard.
  • Configure Proper File Permissions: Ensure directories are 755 and files are 644. The web server user should own all WordPress files.
  • Limit Login Attempts: Install a plugin like "Limit Login Attempts Reloaded" or configure fail2ban on the server to block brute-force attacks.
  • Disable File Editing: For added security, add define('DISALLOW_FILE_EDIT', true); to your wp-config.php to disable the theme/plugin editor in the dashboard.

3. Optimize for Performance

  • Install a Caching Plugin: Essential on a VPS. Plugins like WP Super Cache or W3 Total Cache generate static HTML files to reduce PHP processing and database load.
  • Use a CDN: Distribute static assets (images, CSS, JS) globally via a Content Delivery Network to reduce latency for distant visitors.
  • Optimize Your Database: Use a plugin or manual cleanup to remove post revisions, spam comments, and transient options that bloat your database.
  • Enable Gzip Compression: Configure Nginx to compress text-based assets, reducing transfer size.

Frequently Asked Questions

What are the minimum VPS specs for a WordPress site?

For a small to medium business site or blog, start with 1-2 vCPU cores, 1-2GB of RAM, and 20-40GB of SSD storage. RAM is the most critical resource; ensure there's enough for the OS, Nginx, MariaDB, and PHP-FPM to run simultaneously without excessive swapping to disk.

Can I install WordPress on a VPS running a control panel like cPanel?

Yes. If your VPS comes with a control panel like cPanel or Plesk, you can typically use the "Softaculous Apps Installer" or similar tool within the panel to install WordPress with one click, bypassing the manual command-line steps entirely.

How do I manage updates for my manually installed WordPress site?

You should establish a regular update routine. Use the WordPress dashboard for core, plugin, and theme updates. For server-side packages (Nginx, MariaDB, PHP), use your system's package manager (apt upgrade or yum update) during a scheduled maintenance window, testing the update on a staging site first if possible.

What should I do if my WordPress site shows a "Database Connection Error"?

This usually means the credentials in your wp-config.php file are incorrect, or the database server is down. First, verify the database name, username, and password are exactly as created. Then, check if MariaDB is running with sudo systemctl status mariadb. If it's running, the issue is likely a typo in the configuration file.

Is a VPS necessary for a new WordPress site?

Not always. Managed WordPress hosting or quality shared hosting is sufficient and simpler for many new sites. A VPS is recommended when you need guaranteed resources, root access for custom software or optimizations, or when your site's traffic or complexity exceeds the limits of shared hosting environments.

Conclusion

Manually installing WordPress on a VPS provides unparalleled control over your hosting environment, allowing for a finely tuned and secure platform. By following this guide—preparing the server, installing the LEMP stack, configuring the components, and applying critical post-installation hardening—you can deploy a professional-grade WordPress site. Whether you choose this hands-on approach or opt for a streamlined solution from a provider, the key is a properly configured and secured foundation.

For those seeking a balance between control and convenience, exploring VPS plans that offer both raw instances and user-friendly management tools can provide the best of both worlds.