WordPress powers over 43% of all websites on the internet, and for good reason—it is flexible, well-documented, and supported by a massive ecosystem of themes and plugins. While managed WordPress hosting handles the technical setup for you, running WordPress on your own VPS gives you complete control over performance, security, and cost. A properly configured VPS can outperform managed hosting that costs three to five times as much.
This step-by-step tutorial walks you through installing WordPress on a VPS using the LEMP stack (Linux, Nginx, MySQL, PHP). By the end, you will have a fast, secure, production-ready WordPress site with free SSL and performance optimizations. We assume you have already completed the basic VPS setup described in our VPS setup guide.
Get a VPS for WordPress
InterServer VPS from $2.50/month with SSD storage and full root access. Perfect for WordPress. Price-locked for life.
Prerequisites
Before you begin, make sure you have the following:
- A VPS running Ubuntu 22.04 or 24.04 LTS (we recommend InterServer for its value and reliability).
- A non-root user with sudo privileges.
- A domain name pointing to your server's IP address (configure an A record in your DNS provider's dashboard).
- SSH access to your server.
Step 1: Install the LEMP Stack
LEMP stands for Linux, Nginx (pronounced "Engine-X"), MySQL, and PHP. It is the recommended stack for WordPress on a VPS because Nginx is faster and more memory-efficient than Apache, especially under high traffic.
Install Nginx
sudo apt update
sudo apt install nginx -y
sudo systemctl enable nginx
Install MySQL
sudo apt install mysql-server -y
sudo mysql_secure_installation
During the secure installation, set a strong root password, remove anonymous users, disallow remote root login, and remove the test database.
Install PHP 8.1 and Extensions
sudo apt install php8.1-fpm php8.1-mysql php8.1-cli php8.1-curl php8.1-gd php8.1-mbstring php8.1-xml php8.1-xmlrpc php8.1-zip php8.1-imagick php8.1-intl -y
These extensions cover everything WordPress needs: image processing (imagick, gd), internationalization (intl), XML parsing, and more. Verify PHP is working:
php -v
Step 2: Create a MySQL Database for WordPress
WordPress needs a database to store posts, pages, users, and settings. Log in to MySQL as root:
sudo mysql -u root -p
Run the following SQL commands, replacing the password with a strong, unique value:
CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'wpuser'@'localhost' IDENTIFIED BY 'your_strong_password_here';
GRANT ALL PRIVILEGES ON wordpress.* TO 'wpuser'@'localhost';
FLUSH PRIVILEGES;
EXIT;
Using utf8mb4 character set ensures full Unicode support, including emoji. Write down the database name, username, and password—you will need them during WordPress setup.
Step 3: Download and Configure WordPress
Navigate to the web root directory and download the latest WordPress release:
cd /tmp
curl -O https://wordpress.org/latest.tar.gz
tar -xzf latest.tar.gz
sudo mkdir -p /var/www/wordpress
sudo cp -a /tmp/wordpress/. /var/www/wordpress/
Set the correct ownership so Nginx can read the files:
sudo chown -R www-data:www-data /var/www/wordpress
sudo chmod -R 755 /var/www/wordpress
Create the WordPress configuration file from the sample:
cd /var/www/wordpress
sudo cp wp-config-sample.php wp-config.php
sudo chown www-data:www-data wp-config.php
Edit the configuration file and enter your database details:
sudo nano wp-config.php
Update these lines with your database information:
define('DB_NAME', 'wordpress');
define('DB_USER', 'wpuser');
define('DB_PASSWORD', 'your_strong_password_here');
define('DB_HOST', 'localhost');
For added security, replace the default authentication keys with new ones from the WordPress secret-key generator service.
Step 4: Configure Nginx for WordPress
Create a new Nginx server block for your WordPress site:
sudo nano /etc/nginx/sites-available/wordpress
Paste the following configuration, replacing yourdomain.com with your actual domain:
server {
listen 80;
listen [::]:80;
server_name yourdomain.com www.yourdomain.com;
root /var/www/wordpress;
index index.php index.html index.htm;
client_max_body_size 64M;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
expires max;
log_not_found off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location ~ /\.ht {
deny all;
}
}
Enable the site and disable the default:
sudo ln -s /etc/nginx/sites-available/wordpress /etc/nginx/sites-enabled/
sudo rm /etc/nginx/sites-enabled/default
sudo nginx -t
sudo systemctl reload nginx
The nginx -t command tests the configuration for syntax errors. If it reports "syntax is OK," reload Nginx to apply the changes.
Step 5: Install Free SSL with Let's Encrypt
SSL is essential for security and SEO. Let's Encrypt provides free SSL certificates, and Certbot automates the entire process:
sudo apt install certbot python3-certbot-nginx -y
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com
Follow the interactive prompts. Certbot will obtain the certificate, configure Nginx to use it, and set up automatic renewal. Choose to redirect all HTTP traffic to HTTPS when asked.
Step 6: Complete the WordPress Setup Wizard
Open your browser and visit https://yourdomain.com. You should see the WordPress installation wizard. Follow these steps:
- Select your preferred language.
- Enter your site title, admin username, password, and email.
- Click "Install WordPress."
- Log in to your new WordPress admin dashboard at
https://yourdomain.com/wp-admin.
Step 7: Optimize WordPress Performance
Install a Caching Plugin
Caching stores generated pages so they do not need to be rebuilt on every visit. We recommend WP Super Cache or W3 Total Cache. Configure page caching and enable gzip compression.
Enable OPcache
OPcache stores precompiled script bytecode in memory, eliminating the need for PHP to load and parse scripts on each request. It is usually enabled by default with PHP 8.1. Verify with:
php -i | grep opcache
Optimize MySQL
Edit the MySQL configuration to tune memory allocation for your server's RAM:
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
For a 2GB server, add or adjust these settings:
innodb_buffer_pool_size = 512M
innodb_log_file_size = 64M
query_cache_size = 32M
query_cache_limit = 2M
Use a CDN
A Content Delivery Network (CDN) like Cloudflare serves your static assets from edge locations worldwide, reducing latency for visitors far from your server. Cloudflare offers a free plan that also includes DDoS protection and SSL.
Step 8: Secure Your WordPress Installation
| Security Measure | How to Implement |
|---|---|
| Limit login attempts | Install the "Limit Login Attempts" plugin |
| Strong admin password | Use a password manager to generate 20+ characters |
| Two-factor authentication | Install a 2FA plugin like Wordfence Login Security |
| Disable file editing | Add define('DISALLOW_FILE_EDIT', true); to wp-config.php |
| Regular backups | Use UpdraftPlus or a cron-based backup script |
| Keep everything updated | Update WordPress core, themes, and plugins regularly |
| Security scanning | Install Wordfence or Sucuri for malware scanning |
Step 9: Set Up Automated Backups
Backups are your insurance against data loss. Create a simple backup script that exports your database and copies your files:
sudo nano /usr/local/bin/wp-backup.sh
#!/bin/bash
DATE=$(date +%Y%m%d)
BACKUP_DIR=/var/backups/wordpress
mkdir -p $BACKUP_DIR
mysqldump -u root -pYOUR_PASSWORD wordpress > $BACKUP_DIR/db_$DATE.sql
tar -czf $BACKUP_DIR/files_$DATE.tar.gz /var/www/wordpress
find $BACKUP_DIR -type f -mtime +7 -delete
Make the script executable and schedule it with a daily cron job:
sudo chmod +x /usr/local/bin/wp-backup.sh
sudo crontab -e
# Add this line:
0 2 * * * /usr/local/bin/wp-backup.sh
This runs the backup every day at 2 AM and deletes backups older than 7 days. For off-site backups, configure the script to upload to an external storage service like Amazon S3 or Backblaze B2.
Launch WordPress on InterServer VPS
Full root access, SSD storage, and instant deployment from $2.50/month. Perfect for hosting WordPress with the LEMP stack.
Affiliate Disclosure: VPSFeedX may earn a commission when you purchase through links on this page. This does not affect the price you pay or our recommendations.
