Tutorial Featured intermediate

How to Install WordPress on a VPS: Complete LAMP/LEMP Setup Guide

Step-by-step guide to installing WordPress on a VPS with LAMP or LEMP stack. Learn server configuration, database setup, WordPress installation, and security best practices.

By: CheapVPS Team
Published:
Updated:
Reading time: 18 minutes
Data notes

How to Install WordPress on a VPS: Complete LAMP/LEMP Setup Guide

Installing WordPress on a VPS gives you complete control over your hosting environment, better performance than shared hosting, and the ability to handle more traffic.

This comprehensive guide will walk you through installing WordPress on a fresh VPS using either a LAMP (Linux, Apache, MySQL, PHP) or LEMP (Linux, Nginx, MySQL, PHP) stack.

Prerequisites

Before you begin, ensure you have:

  • A VPS with at least 2GB RAM and 1 vCPU
  • Root access or sudo privileges
  • A domain name pointed to your VPS IP
  • Basic familiarity with SSH and command line

Need a VPS? Use our VPS Finder to find the right plan:

Part 1: Initial Server Setup

Step 1: Connect to Your VPS

# SSH into your VPS
ssh root@your-vps-ip

# Or if using SSH key:
ssh -i /path/to/key.pem root@your-vps-ip

Step 2: Update System

# Update package lists
apt update

# Upgrade installed packages
apt upgrade -y

# Install useful tools
apt install -y curl wget git unzip software-properties-common

Step 3: Create a Non-Root User (Security Best Practice)

# Create new user
adduser wordpress

# Add user to sudo group
usermod -aG sudo wordpress

# Switch to new user
su - wordpress

Step 4: Configure Firewall

# Allow SSH
sudo ufw allow OpenSSH

# Allow HTTP and HTTPS
sudo ufw allow 80
sudo ufw allow 443

# Enable firewall
sudo ufw enable

# Check status
sudo ufw status

Part 2: Choose Your Web Server

You have two options:

LAMP Stack (Apache):

  • Easier for beginners
  • Better .htaccess support
  • More documentation available
  • Good for most WordPress sites

LEMP Stack (Nginx):

  • Better performance
  • More efficient with resources
  • Better for high-traffic sites
  • Steeper learning curve

Recommendation: Start with LAMP if you’re new. Switch to LEMP later if needed.

Option A: LAMP Stack Installation (Apache)

Step 1: Install Apache

# Install Apache
sudo apt install apache2 -y

# Enable mod_rewrite (required for WordPress permalinks)
sudo a2enmod rewrite

# Restart Apache
sudo systemctl restart apache2

# Check Apache status
sudo systemctl status apache2

Test Apache: Visit http://your-vps-ip in your browser. You should see the Apache2 default page.

Step 2: Install PHP and Extensions

# Install PHP and required extensions
sudo apt install -y php libapache2-mod-php php-mysql php-curl php-gd \
  php-mbstring php-xml php-xmlrpc php-soap php-intl php-zip

# Verify PHP installation
php -v

# Restart Apache
sudo systemctl restart apache2

Step 3: Install MySQL

# Install MySQL Server
sudo apt install mysql-server -y

# Run MySQL secure installation
sudo mysql_secure_installation

# Follow prompts:
# - Set root password (remember it!)
# - Remove anonymous users: Y
# - Disallow root login remotely: Y
# - Remove test database: Y
# - Reload privilege tables: Y

Step 4: Create MySQL Database for WordPress

# Log into MySQL
sudo mysql -u root -p

# Run following commands:
CREATE DATABASE wordpress_db DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'wordpress_user'@'localhost' IDENTIFIED BY 'StrongPassword123!';
GRANT ALL PRIVILEGES ON wordpress_db.* TO 'wordpress_user'@'localhost';
FLUSH PRIVILEGES;
EXIT;

# Note: Replace 'StrongPassword123!' with a secure password

Option B: LEMP Stack Installation (Nginx)

Step 1: Install Nginx

# Install Nginx
sudo apt install nginx -y

# Start Nginx
sudo systemctl start nginx

# Enable on boot
sudo systemctl enable nginx

# Check status
sudo systemctl status nginx

Test Nginx: Visit http://your-vps-ip in your browser.

Step 2: Install PHP-FPM

# Install PHP and extensions
sudo apt install -y php-fpm php-mysql php-curl php-gd php-mbstring \
  php-xml php-xmlrpc php-soap php-intl php-zip

# Configure PHP for Nginx
sudo nano /etc/php/7.4/fpm/php.ini

# Find and update:
upload_max_filesize = 64M
post_max_size = 64M
memory_limit = 256M
max_execution_time = 300

# Restart PHP-FPM
sudo systemctl restart php7.4-fpm

Step 3: Install MySQL

Same as LAMP installation (see above).

Step 4: Configure Nginx for WordPress

# Create Nginx server block
sudo nano /etc/nginx/sites-available/wordpress

# Add following configuration:
server {
    listen 80;
    listen [::]:80;
    root /var/www/html/wordpress;
    index index.php index.html index.htm;
    server_name example.com www.example.com;

    client_max_body_size 64M;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }

    location = /favicon.ico {
        log_not_found off;
        access_log off;
    }

    location = /robots.txt {
        log_not_found off;
        access_log off;
        allow all;
    }
}
# Enable site
sudo ln -s /etc/nginx/sites-available/wordpress /etc/nginx/sites-enabled/

# Test configuration
sudo nginx -t

# Reload Nginx
sudo systemctl reload nginx

Part 3: Download and Install WordPress

Step 1: Download WordPress

# Create WordPress directory
sudo mkdir -p /var/www/html/wordpress

# Download latest WordPress
cd /tmp
wget https://wordpress.org/latest.tar.gz

# Extract archive
tar xzvf latest.tar.gz

# Move to web directory
sudo cp -a /tmp/wordpress/. /var/www/html/wordpress/

# Set permissions
sudo chown -R www-data:www-data /var/www/html/wordpress
sudo chmod -R 755 /var/www/html/wordpress

Step 2: Create WordPress Configuration File

# Navigate to WordPress directory
cd /var/www/html/wordpress

# Copy sample config
cp wp-config-sample.php wp-config.php

# Edit config file
sudo nano wp-config.php

# Update database settings:
define('DB_NAME', 'wordpress_db');
define('DB_USER', 'wordpress_user');
define('DB_PASSWORD', 'StrongPassword123!');
define('DB_HOST', 'localhost');
define('DB_CHARSET', 'utf8mb4');

# Add above /* That's all, stop editing! */:

// Unique keys and salts (generate from: https://api.wordpress.org/secret-key/1.1/salt/)
define('AUTH_KEY',         'put your unique phrase here');
define('SECURE_AUTH_KEY',  'put your unique phrase here');
define('LOGGED_IN_KEY',    'put your unique phrase here');
define('NONCE_KEY',        'put your unique phrase here');
define('AUTH_SALT',        'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT',   'put your unique phrase here');
define('NONCE_SALT',       'put your unique phrase here');

// Table prefix (change for security)
$table_prefix = 'wp_';

// Debug mode (disable in production)
define('WP_DEBUG', false);

Generate unique keys here: https://api.wordpress.org/secret-key/1.1/salt/

Part 4: Install SSL Certificate (Let’s Encrypt)

Step 1: Install Certbot

# For Apache:
sudo apt install certbot python3-certbot-apache -y

# For Nginx:
sudo apt install certbot python3-certbot-nginx -y

Step 2: Obtain SSL Certificate

# For Apache:
sudo certbot --apache -d example.com -d www.example.com

# For Nginx:
sudo certbot --nginx -d example.com -d www.example.com

# Follow prompts:
# - Enter email address
# - Agree to terms of service
# - Choose whether to redirect HTTP to HTTPS (recommended: Yes)

Auto-renewal is configured automatically.

Step 3: Verify SSL

Visit https://www.ssllabs.com/ssltest/ and enter your domain. Aim for an A grade.

Part 5: Complete WordPress Installation

Step 1: Run WordPress Installer

Before this, ensure DNS is pointing to your VPS:

A Record: @ → your-vps-ip
CNAME: www → example.com

Visit your site:

  1. Go to https://example.com
  2. Select your language
  3. Enter site information:
    • Site Title
    • Username (not “admin”)
    • Strong password
    • Your email
  4. Click “Install WordPress”
  5. Log in with your credentials

Step 2: Configure WordPress Settings

General Settings:

  • Go to Settings → General
  • Update:
    • Site Title
    • Tagline
    • WordPress URL (should be https://)
    • Site URL (should be https://)
    • Timezone
    • Date/Time format
  • Click “Save Changes”

Permalinks:

  • Go to Settings → Permalinks
  • Select “Post name” (/%postname%/)
  • Click “Save Changes”

Discussion:

  • Go to Settings → Discussion
  • Uncheck “Allow people to post comments on new articles” (optional)
  • Configure other comment settings
  • Click “Save Changes”

Part 6: Security Hardening

Step 1: Secure wp-config.php

sudo nano /var/www/html/wordpress/wp-config.php

// Add above /* Stop editing */:
// Disable file editing
define('DISALLOW_FILE_EDIT', true);

// Disable plugin/theme installation/updates
define('DISALLOW_FILE_MODS', true);

// Limit revisions (keep database small)
define('WP_POST_REVISIONS', 3);

// Auto-save interval (seconds)
define('AUTOSAVE_INTERVAL', 120);

// Force SSL
define('FORCE_SSL_ADMIN', true);

// Increase memory limit
define('WP_MEMORY_LIMIT', '256M');

Step 2: Secure .htaccess (Apache Only)

sudo nano /var/www/html/wordpress/.htaccess

# Add to top of file:
# Disable directory browsing
Options -Indexes

# Protect wp-config.php
<files wp-config.php>
    order allow,deny
    deny from all
</files>

# Protect .htaccess
<files .htaccess>
    order allow,deny
    deny from all
</files>

# Block access to wp-content
RewriteRule ^wp-content/plugins/.*\.php$ - [F,L]
RewriteRule ^wp-content/themes/.*\.php$ - [F,L]

Step 3: Install Security Plugin

Recommended plugins:

  • Wordfence Security - Firewall and malware scanner
  • iThemes Security - Hardens WordPress security
  • Sucuri Security - Security auditing and monitoring

Step 4: Set Up File Permissions

# Find current user
whoami

# Set proper ownership
sudo chown -R www-data:www-data /var/www/html/wordpress

# Set proper permissions
sudo find /var/www/html/wordpress -type d -exec chmod 755 {} \;
sudo find /var/www/html/wordpress -type f -exec chmod 644 {} \;

Part 7: Performance Optimization

Step 1: Install Caching Plugin

Recommended plugins:

  • WP Rocket (Premium, easiest to use)
  • W3 Total Cache (Free, powerful)
  • WP Super Cache (Free, simple)

Step 2: Install PHP OPcache

# Already installed with PHP
sudo nano /etc/php/7.4/apache2/php.ini  # or fpm/php.ini for Nginx

# Find and update:
opcache.enable=1
opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=4000
opcache.revalidate_freq=60
opcache.fast_shutdown=1
opcache.enable_cli=1

# Restart services
sudo systemctl restart apache2  # or php7.4-fpm for Nginx

Step 3: Configure Object Caching (Optional)

# Install Redis
sudo apt install redis-server -y
sudo systemctl enable redis-server
sudo systemctl start redis-server

# Install Redis plugin for WordPress
# Download: https://wordpress.org/plugins/redis-cache/
# Install and activate via WordPress admin

Step 4: Enable Gzip Compression

For Apache (.htaccess):

<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript
</IfModule>

For Nginx:

gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml+rss application/json application/javascript;

Step 5: Set Up CDN (Optional)

Cloudflare (Free):

  1. Sign up at cloudflare.com
  2. Add your domain
  3. Update nameservers to Cloudflare
  4. Configure page rules
  5. Enable “Auto Minify” for CSS/JS/HTML

Part 8: Automated Backups

Option 1: Use Backup Plugin

Recommended plugins:

  • UpdraftPlus - Free with premium features
  • BackupBuddy - Premium, comprehensive
  • BlogVault - Premium, real-time backups

Option 2: Manual Backup Script

# Create backup script
sudo nano /home/wordpress/backup.sh

#!/bin/bash
DATE=$(date +%Y%m%d_%H%M%S)
BACKUP_DIR="/home/wordpress/backups"
SITE_DIR="/var/www/html/wordpress"

# Create backup directory
mkdir -p $BACKUP_DIR

# Backup files
tar -czf $BACKUP_DIR/wordpress-files-$DATE.tar.gz $SITE_DIR

# Backup database
mysqldump -u wordpress_user -p'YourPassword' wordpress_db > $BACKUP_DIR/wordpress-db-$DATE.sql

# Delete backups older than 7 days
find $BACKUP_DIR -type f -mtime +7 -delete

echo "Backup completed: $DATE"
# Make script executable
chmod +x /home/wordpress/backup.sh

# Add to crontab (daily at 2 AM)
crontab -e

# Add line:
0 2 * * * /home/wordpress/backup.sh >> /home/wordpress/backup.log 2>&1

Part 9: Monitoring and Maintenance

Set Up Monitoring

Free options:

  • UptimeRobot - Basic uptime monitoring
  • StatusCake - Performance monitoring
  • Google Analytics - Traffic analytics
  • Query Monitor (Plugin) - WordPress performance

Regular Maintenance Tasks

Weekly:

  • Check for updates (plugins, themes, core)
  • Review backups
  • Check site speed
  • Review error logs

Monthly:

  • Update WordPress core
  • Update plugins and themes
  • Check database size
  • Review user accounts
  • Security scan

Quarterly:

  • Full security audit
  • Performance review
  • Backup restoration test
  • SSL certificate check

Troubleshooting

Common Issues

1. White screen of death

# Enable debug mode in wp-config.php
define('WP_DEBUG', true);
define('WP_DEBUG_LOG', true);
define('WP_DEBUG_DISPLAY', false);

# Check error log
tail -f /var/www/html/wordpress/wp-content/debug.log

2. Plugin installation failed

# Check file permissions
sudo chown -R www-data:www-data /var/www/html/wordpress/wp-content
sudo chmod -R 755 /var/www/html/wordpress/wp-content

3. Database connection error

# Check MySQL is running
sudo systemctl status mysql

# Test database connection
mysql -u wordpress_user -p -h localhost wordpress_db

4. Slow site performance

# Check server resources
top
free -h
df -h

# Enable caching plugin
# Optimize images
# Consider upgrading VPS plan

Next Steps

1. Install Essential Plugins

Security:

  • Wordfence Security
  • iThemes Security

Performance:

  • WP Rocket or W3 Total Cache
  • ShortPixel or Smush (image optimization)

SEO:

  • Yoast SEO or Rank Math
  • Google XML Sitemap

Backup:

  • UpdraftPlus or BackupBuddy

2. Customize Your Theme

  • Install a theme from WordPress.org
  • Or create a child theme
  • Customize appearance
  • Add logo and branding

3. Learn WordPress Administration

Conclusion

Congratulations! You now have WordPress running on your own VPS with:

  • ✅ Secure SSL certificate
  • ✅ Optimized performance
  • ✅ Automated backups
  • ✅ Security hardening
  • ✅ Monitoring setup

Key takeaways:

  1. Security first - Keep everything updated
  2. Backups are essential - Never skip them
  3. Monitor performance - Address issues early
  4. Learn continuously - WordPress and server management are ongoing

Need a better VPS? Use our VPS Finder to find plans optimized for WordPress hosting.

Migrating existing WordPress site? Check our guide on How to Migrate from Shared Hosting to VPS.

Last updated: January 2026 Found this guide helpful? Share it with others setting up WordPress!

Next steps

Jump into tools and related pages while the context is fresh.

VPS Finder
Filter by budget, region, IPv6, refund eligibility, and latency tiers.
Best VPS rankings
Browse budget tiers and top picks based on the dataset.
Methodology
Learn how we score and rank plans, and how the dataset is maintained.
Use cases
Pick a starting path based on your workload (VPN, NVMe, gaming, and more).
WordPress VPS picks
Recommendations for running WordPress on VPS.

Ready to choose your VPS?

Use our VPS Finder to filter, compare, and find the perfect plan for your needs.

Open VPS Finder More Guides