WordPress
- “WordPress is a factory that makes webpages” Fred Meyer
WordPress is a free and open-source content management system. Originally it was intended to be a blog-publishing system, but has evolved to support other web content types including more traditional mailing lists and Internet forums, media galleries, membership sites, learning management systems (LMS) and online stores. WordPress is used by 42.8% of the top 10 million websites as of October 2021.
Before you deploy your first WordPress Droplet
Get a Domain name
Use this DNS quickstart guide to get your DNS setup on DigitalOcean. You’ll first need to purchase and register your domain through a third party, such as Name.com, GoDaddy, etc…
- Why do you need a domain name?
This is how others will access your server and how you and your users will be identified on the network.
Software Included
| Package | Version | License |
|---|---|---|
| WordPress | 6.1.1 | GPL 2 |
| Apache | 2.4.41 | Apache 2 |
| MySQL server | 8.0.21 | GPL 2 with modifications |
| PHP | 8.0.27 | PHP v3.01 |
| Fail2ban | 4.4.0.9 | GPL 2 |
| Postfix | 3.4.10 | IBM Public |
| Certbot | 1.21 | Apache 2 |
Creating an App using the Control Panel
Click this button to create a Droplet based on this 1-Click App. If you aren’t logged in, this link will prompt you to log in with your DigitalOcean account.
Creating an App using the API
In addition to creating a Droplet from the WordPress 1-Click App using the control panel, you can also use the DigitalOcean API. As an example, to create a 4GB WordPress Droplet in the SFO2 region, you can use the following curl command. You need to either save your API access token) to an environment variable or substitute it in the command below.
curl -X POST -H 'Content-Type: application/json' \
-H 'Authorization: Bearer '$TOKEN'' -d \
'{"name":"choose_a_name","region":"sfo2","size":"s-2vcpu-4gb","image": "wordpress-20-04"}' \
"https://api.digitalocean.com/v2/droplets"
Getting Started After Deploying WordPress
On your first SSH login to the droplet or launch of the Droplet console of your WordPress Droplet 1-Click, you will be greeted by a WordPress setup script.
The first step is to enter your domain name. Make sure that your domain is pointing to the new droplet IP. If your DNS is managed by DigitalOcean, it should look like this:
The DNS Host may be the same company you registered the domain with or another entity you designate. To connect your DNS hosting to DigitalOcean, check out this guide.
Once your A record is set up, you are ready to enter your domain in the script:
Next, the script will ask you user-related data:
After you acknowledge data is correct, the script will ask if you want to configure HTTPS automatically for your droplet. We highly recommend setting HTTPS since using a domain is useless without it.
You will need to provide the email address which will receive security and renewal notices:
Finally, after reading the LetsEncrypt Terms of Service and selecting whether to share or not your email address with the Electronic Frontier Foundation, the script will ask you which domain names would you like to activate HTTPS for:
Consider activating HTTPS for both naked and WWW versions of your domain by specifying 1,2.
WordPress will take a few minutes to set up plugins and finish installation, after that you can access your fresh WordPress Droplet by typing your domain name in the browser.
Getting started with WordPress
WordPress official website has quite a few excellent sources of information for beginners and even experienced users.
If you are starting your journey with WordPress, consider taking a look at the official courses.
Articles page contains some lovely ideas on how to improve your WordPress website. Or you can get exclusive knowledge from WordPress experts on webinars.
Optimize WordPress with NitroPack
NitroPack is a web performance & CWV improvement service. It neatly integrates with WordPress websites providing better speed, customer experience, and conversions. It has everything you need for a fast website in a single solution – smart caching, image optimization, code optimization, lazy loading, built-in CDN, and more. With advanced features like font subsetting, adaptive image sizing, and device-aware cashing, NitroPack helps websites reach 90+ PSI scores and pass Core Web Vitals.
Droplet Summary
- The root password for the MySQL instance running on your Droplet is in /root/.digitalocean_password. The Droplet root user will not be prompted for the MySQL password.
- If you’re connecting to a DigitalOcean Managed Database, your MySQL connection information can be found in /var/www/html/wp-config.php.
- The web root is /var/www/html, and the WordPress configuration file is /var/www/html/wp-config.php.
- You can get information about the PHP installation by logging into the Droplet and running php -i.
- UFW firewall allows only SSH (port 22, rate limited), HTTP (port 80), and HTTPS (port 443) access.
- Droplet sets the MySQL root password, runs mysql_secure_installation, and creates a wordpress user with the necessary permissions. The Droplet root user will not be prompted for the MySQL password. Keep in mind that if you’re connecting to a DigitalOcean Managed Database, the locally installed database will be disabled.
- Droplet sets up the debian-sys-maint user in MySQL so the system’s init scripts for MySQL will work without requiring the MySQL root user password.
- Droplet creates the initial WordPress configuration file to set up salt keys and allow the WordPress instance to connect to the database.
- XML-RPC is disabled to help prevent DDoS and other brute force attacks.
- Some of PHP’s settings are modified to increase the maximum file size and execution time.
- Apache rewrite module is enabled so the WordPress permalink feature will work.
- Apache is configured with UseCanonicalName On to mitigate CVE-2017-8295.