WordPress
Generated on 24 Jun 2026 from the WordPress catalog page
- “WordPress is a factory that makes webpages” Fred Meyer
WordPress is a free and open-source content management system. Originally it was intended to be a blog-publishing system, but has evolved to support other web content types including more traditional mailing lists and Internet forums, media galleries, membership sites, learning management systems (LMS) and online stores. WordPress is used by 42.8% of the top 10 million websites as of October 2021.
Before you deploy your first WordPress Droplet
Get a Domain name
Use this DNS quickstart guide to get your DNS setup on DigitalOcean. You’ll first need to purchase and register your domain through a third party, such as Name.com, GoDaddy, etc…
-
Why do you need a domain name?
This is how others will access your server and how you and your users will be identified on the network.
Software Included
| Package | Version | License |
|---|---|---|
| Ubuntu Linux | 24.04 | |
| fail2ban | 5.4.1 | GNU General Public License version 2.0 |
| php | 8.3.30 | Modified BSD License (3-clause BSD) |
| MySQL | 8.0.45-0ubuntu0.24.04.1 | MySQL Community Edition (GPLv2 License) |
| caddy | 2.11.2 | Apache License 2.0 |
| wordpress | 6.9.4 | GNU Public License |
Creating an App using the Control Panel
Click the Deploy to DigitalOcean button to create a Droplet based on this 1-Click App. If you aren’t logged in, this link will prompt you to log in with your DigitalOcean account.
Creating an App using the API
In addition to creating a Droplet from the WordPress 1-Click App using the control panel, you can also use the DigitalOcean API. As an example, to create a 4GB WordPress Droplet in the SFO2 region, you can use the following curl command. You need to either save your API access token to an environment variable or substitute it in the command below.
curl -X POST -H 'Content-Type: application/json' \
-H 'Authorization: Bearer '$TOKEN'' -d \
'{"name":"choose_a_name","region":"sfo2","size":"s-2vcpu-4gb","image":"wordpress-20-04"}' \
"https://api.digitalocean.com/v2/droplets"Getting Started After Deploying WordPress
WordPress 1-Click with Easy Setup
Deploy WordPress instantly with automatic configuration. HTTPS is enabled automatically on first login, and you can add a custom domain anytime with /root/wp_setup_domain.sh.
What’s New
This WordPress 1-Click now includes:
- Automatic Setup Wizard: Creates your admin account and configures WordPress on first login
- Setup Pending Page: Professional loading page displayed until you complete the initial setup
- Quick Start: Get WordPress running in ~2 minutes with automatic HTTPS
- Easy Custom Domain Setup: Simple script to switch from IP-based access to a custom domain with Let’s Encrypt SSL
What is WordPress?
WordPress is the world’s most popular content management system (CMS), powering over 40% of all websites on the internet. It’s a free, open-source platform that makes it easy to create beautiful websites, blogs, and applications without needing to know how to code.
Key features include:
- User-Friendly Interface - Intuitive admin panel for managing content
- Themes - Thousands of free and premium designs
- Plugins - Extensible with 60,000+ plugins for any functionality
- SEO Optimized - Built-in features for search engine visibility
- Mobile Responsive - Works great on all devices
- Community Support - Large, active community and extensive documentation
System Requirements
Minimum Requirements
- CPU: 1 core
- RAM: 1 GB
- Storage: 25 GB
Recommended for Production
- CPU: 2+ cores
- RAM: 2+ GB
- Storage: 50+ GB
Note: Requirements depend on your traffic and installed plugins. Monitor resource usage and scale up as needed.
Included Components
This 1-Click installs and configures:
- Ubuntu 24.04 LTS - Long-term support base operating system
- Caddy - Web server and reverse proxy with automatic HTTPS (Let’s Encrypt)
- PHP 8.3 FPM - PHP FastCGI Process Manager for WordPress
- MySQL 8.0 - Relational database
- WordPress (Latest) - Latest stable WordPress release
- WP-CLI - WordPress command-line interface
- WP-Fail2Ban Plugin - Security plugin with fail2ban integration
- UFW Firewall - Pre-configured with secure defaults
Getting Started
1. Deploy the Droplet
- Select this 1-Click App from the DigitalOcean Marketplace
- Choose a Droplet size (minimum 1GB RAM)
- Select your preferred datacenter region
- Add your SSH key for secure access
- Optionally select Add a Database to provision a DigitalOcean Managed MySQL database alongside your Droplet (see Using a DigitalOcean Managed Database)
- Create the Droplet
2. Initial Access
Before running the setup script, you can visit your Droplet’s IP address in a browser to see the setup pending page:
http://your-droplet-ipThis page will display instructions and automatically refresh until setup is complete.
3. Run the Setup Script
SSH into your Droplet:
ssh root@your-droplet-ipThe setup script will launch automatically on first login. It will:
- Detect your server’s IP address - Automatically determines your public IP
- Create admin account - You’ll be prompted for:
- Email address
- Admin username
- Admin password
- Site title
- Obtain SSL certificate - Caddy requests a Let’s Encrypt certificate for your IP (short-lived profile)
- Configure Caddy - Serves WordPress over HTTPS with automatic HTTP→HTTPS redirect
- Install security plugins - Adds and activates WP-Fail2Ban
The entire process takes about 2-3 minutes.
If you added a Managed Database during deployment, the setup script also configures WordPress to use it instead of the local MySQL instance. The script waits for the database cluster to become available before continuing, which may add a few minutes to setup.
4. Access Your WordPress Site
After setup completes, access your site at:
https://your-droplet-ipAdmin Login:
- URL:
https://your-droplet-ip/wp-admin - Username: (the one you chose during setup)
- Password: (the one you chose during setup)
Post-Installation
Using a DigitalOcean Managed Database (Optional)
When creating your WordPress Droplet, you can select Add a Database to provision a DigitalOcean Managed MySQL database at the same time. This automates database setup so you do not need to manually create a DBaaS cluster or wire up connection details yourself.
What happens when you add a database
When you choose this option during Droplet creation, DigitalOcean:
- Provisions a Managed MySQL cluster in the same region as your Droplet
- Passes connection credentials to your Droplet at first boot (stored temporarily in
/root/.digitalocean_dbaas_credentials)
When you complete the first-login setup script, the Droplet automatically:
- Configures WordPress to connect to the Managed Database instead of the local MySQL instance
- Updates
/var/www/html/wp-config.phpwith the database host, port, name, username, and password - Enables SSL for the MySQL connection
- Waits for the database cluster to become available (this may take a few minutes during first setup)
- Stops and disables the local MySQL instance on the Droplet
After setup completes, your database connection details are stored in /var/www/html/wp-config.php. The temporary credentials file is removed.
Security: Trusted Sources
Your Droplet is not automatically added to the Managed Database’s trusted sources. For better security, add your Droplet’s public IP address to the database cluster’s Trusted Sources in the DigitalOcean control panel:
- Open your database cluster in the control panel
- Go to Settings → Trusted Sources
- Add your Droplet’s public IP address
Modifying database settings later
- Connection details: View or update credentials in
/var/www/html/wp-config.php(DB_HOST,DB_NAME,DB_USER,DB_PASSWORD) - Password rotation: If you change the database password in the control panel, update
wp-config.phpto match - Switching databases: To point WordPress at a different Managed Database, update the
DB_*values inwp-config.phpand ensure the new cluster allows connections from your Droplet
Adding a Custom Domain
To use a custom domain instead of the IP address:
- Point your domain’s DNS A record to your Droplet’s IP
- Wait for DNS propagation (usually 5-60 minutes)
- Run the domain setup script:
/root/wp_setup_domain.shThis script will:
- Configure Caddy for your domain
- Obtain a domain-based SSL certificate
- Update WordPress URLs
- Set up automatic HTTP→HTTPS redirect
SSL Certificate Renewal
Caddy obtains and renews Let’s Encrypt certificates automatically. You do not need to run Certbot manually.
To confirm Caddy is healthy:
systemctl status caddy
journalctl -u caddy -n 50 --no-pagerDatabase Credentials
Local MySQL (default, when no Managed Database is added):
cat /root/.digitalocean_passwordDigitalOcean Managed Database (when Add a Database was selected during deployment):
After setup completes, connection details are in /var/www/html/wp-config.php. The local MySQL instance is stopped and disabled.
Security Best Practices
- Change default admin username: Create a new admin user with a unique username and delete the default one
- Use strong passwords: Consider using a password manager
- Keep WordPress updated: Regularly update WordPress core, themes, and plugins
- Enable automatic updates: Consider enabling automatic security updates
- Regular backups: Set up automated backups via DigitalOcean or a backup plugin
- Install security plugins: Additional plugins like Wordfence or Sucuri are recommended
- Limit login attempts: The WP-Fail2Ban plugin is pre-installed and active
Firewall Configuration
UFW firewall is pre-configured with:
- Port 22 (SSH) - Open
- Port 80 (HTTP) - Open, redirects to HTTPS after setup
- Port 443 (HTTPS) - Open
WP-CLI Usage
WP-CLI is installed for command-line WordPress management:
# Update WordPress core
wp core update --allow-root
# List installed plugins
wp plugin list --allow-root
# Install a plugin
wp plugin install <plugin-name> --activate --allow-root
# Create a backup
wp db export --allow-rootTroubleshooting
Setup Script Didn’t Run
If the setup script didn’t automatically run on first login:
chmod +x /root/wp_setup.sh
/root/wp_setup.shSSL Certificate Failed
If HTTPS fails after setup, check Caddy’s logs and configuration:
systemctl status caddy
journalctl -u caddy -b --no-pagerEnsure ports 80 and 443 are open (ufw status). For a custom domain, run /root/wp_setup_domain.sh after DNS points to this Droplet.
Can’t Access WordPress
- Check Caddy status:
systemctl status caddy- Check Caddy logs:
journalctl -u caddy -f- Verify PHP-FPM:
systemctl status php8.3-fpm- Verify firewall rules:
ufw statusDatabase Connection Errors
If using local MySQL:
- Check MySQL status:
systemctl status mysql- Verify credentials in
/var/www/html/wp-config.phpmatch those in/root/.digitalocean_password
If using a DigitalOcean Managed Database:
- Confirm your Droplet’s IP is listed under the database cluster’s Trusted Sources in the control panel
- Verify connection details in
/var/www/html/wp-config.phpmatch your Managed Database settings - Test connectivity from the Droplet:
mysqladmin ping -h "$(grep DB_HOST /var/www/html/wp-config.php | cut -d"'" -f4 | cut -d: -f1)" --silentFile Locations
- WordPress Root:
/var/www/html/ - Caddy config:
/etc/caddy/Caddyfile - SSL certificates:
/var/lib/caddy/.local/share/caddy/certificates/ - MySQL Data:
/var/lib/mysql/ - PHP (FPM + CLI):
/etc/php/8.3/
Additional Resources
Support
For issues specific to this 1-Click deployment, please visit the DigitalOcean Community.
For general WordPress questions, visit the WordPress Support Forums.
Note: The first-login setup uses Let’s Encrypt with a short-lived certificate profile for access by IP. After you add a custom domain with /root/wp_setup_domain.sh, Caddy continues to manage issuance and renewal automatically.