• “WordPress is a factory that makes webpages” Fred Meyer

WordPress is a free and open-source content management system. Originally it was intended to be a blog-publishing system, but has evolved to support other web content types including more traditional mailing lists and Internet forums, media galleries, membership sites, learning management systems (LMS) and online stores. WordPress is used by 42.8% of the top 10 million websites as of October 2021.

Before you deploy your first WordPress Droplet

Get a Domain name

Use this DNS quickstart guide to get your DNS setup on DigitalOcean. You’ll first need to purchase and register your domain through a third party, such as Name.com, GoDaddy, etc…

  • Why do you need a domain name?

This is how others will access your server and how you and your users will be identified on the network.

Software Included

Package Version License
WordPress 6.4.1 GPL 2
Apache 2.4.52 Apache 2
MySQL server 8.0.35 GPL 2 with modifications
PHP 8.0.30 PHP v3.01
Fail2ban 5.2.1 GPL 2
Postfix 3.6.4 IBM Public
Certbot 1.21 Apache 2

Creating an App using the Control Panel

Click the Deploy to DigitalOcean button to create a Droplet based on this 1-Click App. If you aren’t logged in, this link will prompt you to log in with your DigitalOcean account.

Deploy to DO

Creating an App using the API

In addition to creating a Droplet from the WordPress 1-Click App using the control panel, you can also use the DigitalOcean API. As an example, to create a 4GB WordPress Droplet in the SFO2 region, you can use the following curl command. You need to either save your API access token) to an environment variable or substitute it in the command below.

curl -X POST -H 'Content-Type: application/json' \
         -H 'Authorization: Bearer '$TOKEN'' -d \
        '{"name":"choose_a_name","region":"sfo2","size":"s-2vcpu-4gb","image": "wordpress-20-04"}' \

Getting Started After Deploying WordPress

On your first SSH login to the droplet or launch of the Droplet console of your WordPress Droplet 1-Click, you will be greeted by a WordPress setup script.

If you do not have a Domain yet you can enter the IP address of your Droplet into the setup script when prompted for the Domain/Subdomain instead.

The first step is to enter your domain name. Make sure that your domain is pointing to the new droplet IP. If your DNS is managed by DigitalOcean, it should look like this:

WordPress DNS Setup Example

The DNS Host may be the same company you registered the domain with or another entity you designate. To connect your DNS hosting to DigitalOcean, check out this guide.

Once your A record is set up, you are ready to enter your domain in the script:

WordPress Domain Prompt

Next, the script will ask you user-related data:

WordPress User Data Prompt

After you acknowledge data is correct, the script will ask if you want to configure HTTPS automatically for your droplet. We highly recommend setting HTTPS since using a domain is useless without it.

You will need to provide the email address which will receive security and renewal notices:

Certbot Email Prompt

Finally, after reading the LetsEncrypt Terms of Service and selecting whether to share or not your email address with the Electronic Frontier Foundation, the script will ask you which domain names would you like to activate HTTPS for:

WordPress HTTPS Activation Prompt

Consider activating HTTPS for both naked and WWW versions of your domain by specifying 1,2.

WordPress will take a few minutes to set up plugins and finish installation, after that you can access your fresh WordPress Droplet by typing your domain name in the browser. For accessing the admin console, use https://%YOUR_DOMAIN%/wp-admin.

If you entered an IP address instead of the Domain name you can access the admin console by using https://%YOUR_IP%/wp-admin instead.

Getting started with WordPress

WordPress official website has quite a few excellent sources of information for beginners and even experienced users.

If you are starting your journey with WordPress, consider taking a look at the official courses.

Articles page contains some lovely ideas on how to improve your WordPress website. Or you can get exclusive knowledge from WordPress experts on webinars.

Droplet Summary

  • The root password for the MySQL instance running on your Droplet is in /root/.digitalocean_password. The Droplet root user will not be prompted for the MySQL password.
  • If you’re connecting to a DigitalOcean Managed Database, your MySQL connection information can be found in /var/www/html/wp-config.php.
  • The web root is /var/www/html, and the WordPress configuration file is /var/www/html/wp-config.php.
  • You can get information about the PHP installation by logging into the Droplet and running php -i.
  • UFW firewall allows only SSH (port 22, rate limited), HTTP (port 80), and HTTPS (port 443) access.
  • Droplet sets the MySQL root password, runs mysql_secure_installation, and creates a wordpress user with the necessary permissions. The Droplet root user will not be prompted for the MySQL password. Keep in mind that if you’re connecting to a DigitalOcean Managed Database, the locally installed database will be disabled.
  • Droplet sets up the debian-sys-maint user in MySQL so the system’s init scripts for MySQL will work without requiring the MySQL root user password.
  • Droplet creates the initial WordPress configuration file to set up salt keys and allow the WordPress instance to connect to the database.
  • XML-RPC is disabled to help prevent DDoS and other brute force attacks.
  • Some of PHP’s settings are modified to increase the maximum file size and execution time.
  • Apache rewrite module is enabled so the WordPress permalink feature will work.
  • Apache is configured with UseCanonicalName On to mitigate CVE-2017-8295.

Protect your Wordpress data with SnapShooter

SnapShooter, an offering from DigitalOcean, offers comprehensive backup solutions for all your cloud resources, including your WordPress application data. To access SnapShooter, navigate to the left-hand navigation menu in your DigitalOcean cloud console. As part of the free tier, you can back up a single resource, such as your WordPress application data.

To back up your WordPress application, start by installing the SnapShooter add-on to your DigitalOcean account. Next, do a single sign-on to access the SnapShooter console, where you can add a target storage solution, such as Spaces, and create a new backup job. From there, select your WordPress application (with or without the database) as the recipe, and choose your preferred backup policy. Follow our step-by-step video or blog tutorial to get this working today.

With SnapShooter, you can restore your WordPress application and its data to another server, whether it’s within DigitalOcean or another location, in case of a disaster or migration. Keep in mind that your Spaces/S3 usage will incur charges from your cloud provider.

Protect your WordPress data with SnapShooter’s reliable and straightforward backup solutions today.

Optimize WordPress with NitroPack

NitroPack is a web performance & CWV improvement service. It neatly integrates with WordPress websites providing better speed, customer experience, and conversions. It has everything you need for a fast website in a single solution – smart caching, image optimization, code optimization, lazy loading, built-in CDN, and more. With advanced features like font subsetting, adaptive image sizing, and device-aware cashing, NitroPack helps websites reach 90+ PSI scores and pass Core Web Vitals.