How to Install WordPress, NGINX, MariaDB, SSL on Ubuntu


WordPress is a most popular an open source Blogging Platform. It’s powerful stable support with multi-platform easy customizable and dynamic interface on Admin dashboard.

Millions community support around the world and most user using WordPress for the Blog, News website, Business, e-commerce and etc.

Following the steps below how to Install WordPress, NGINX, MariaDB and SLL on Ubuntu server it is easy to install and learn

Step 1: Installing NGINX as HTTP Server

sudo apt update&&upgrade
sudo apt install nginx

After installing NGINX, the commands below to stop, start and enable Nginx service

Step 2: Enable NGINX and Start or Stop on Server

sudo systemctl stop nginx.service
sudo systemctl start nginx.service
sudo systemctl enable nginx.service

Step 3: Check NGINX status

sudo service nginx status
● nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
   Active: active (running) since Mon 2018-05-14 23:03:47 UTC; 16s ago
     Docs: man:nginx(8)
  Process: 13003 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status
  Process: 12994 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exite
 Main PID: 13006 (nginx)
    Tasks: 2 (limit: 1153)
   CGroup: /system.slice/nginx.service
           ├─13006 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
           └─13009 nginx: worker process

Step 4: Install MariaDB Server

Setup and Install WordPress require database like MySQL before installing database it’s required the server and to install it run the command below

sudo apt-get install mariadb-server mariadb-client

After Installing MariaDB server it’s recommended to enable service the command below to stop, start and enable

sudo systemctl stop mariadb.service
sudo systemctl start mariadb.service
sudo systemctl enable mariadb.service

Make MariaDB server secure with the command below

sudo mysql_secure_installation

Once installation and prompted just follow answer below:

  • Enter current password for root (enter for none): Just press the Enter
  • Set root password? [Y/n]: Y
  • New password: Your password
  • Re-enter new password: Repeat Your password
  • Remove anonymous users? [Y/n]: Y
  • Disallow root login remotely? [Y/n]: Y
  • Remove test database and access to it? [Y/n]:  Y
  • Reload privilege tables now? [Y/n]:  Y

Restart MariaDB Server with the command below

sudo systemctl restart mariadb.service

Step 5: Install PHP-FPM

Let’s install PHP with Latest version package on Ubuntu. Below there are two commands will update the package and get the package to install. Once installation there are questions just pressing Yand ENTERto continue.

sudo apt update && sudo apt install php-fpm

Let’s install PHP Modules package run the command below

sudo apt-get install php7.1-fpm php7.1-common php7.1-mbstring php7.1-xmlrpc php7.1-soap php7.1-gd php7.1-xml php7.1-intl php7.1-mysql php7.1-cli php7.1-mcrypt php7.1-ldap php7.1-zip php7.1-curl

Configure php.ini

sudo nano /etc/php/7.2/fpm/php.ini

Find or search and change the following lines below and save

post_max_size = 100M
memory_limit = 256M
max_execution_time = 360
upload_max_filesize = 100M
date.timezone = America/Chicago

Step 6: Create Database for WordPress

At this step, WordPress required Database packages and server was installed

sudo mysql -u root -p

Then create a database name ex: “wordpress” or anything else that you want. PLEASE attention ‘WPUSER’ and ‘NEWPASSWORD’ change it whatever you want


Step 7: Install Let’s Encrypt Nginx Client

Let’s Encrypt is a free automated and open certificate authority for SSL(Secure Sockets Layer) just as secure as currently paid certificates. On this step we will configure an SSL certificate for Nginx on Ubuntu.

sudo apt-get install python-certbot-nginx

Then run the command below

sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-nginx

Now generate certbot. Replace with your own domain. If you want to use www prefix for your domain, you need to obtain a cert for that as well. Even if you’re only redirecting to, you will still need a separate cert for the www subdomain. Use -d to add even more domain or subdomain.

sudo certbot --nginx --agree-tos --email [email protected] --redirect --hsts -d -d

The SSL client should installed and configure your website to redirect all traffic to HTTPS.

Congratulations! You have successfully enabled and

You should test your configuration at:

 - Congratulations! Your certificate and chain have been saved at:
   Your key file has been saved at:
   Your cert will expire on 2018-02-24. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:
   Donating to EFF:          

Then you will see on file/etc/nginx/site-available/default site is ready to be used HTTPS with the Port 443.

server {
    listen 80;
    listen [::]:80;
    root /var/www/html/;
    index  index.php index.html index.htm;

     client_max_body_size 100M;

    location / {
        try_files $uri $uri/ /index.php?$args;        

    location ~ \.php$ {
         include snippets/fastcgi-php.conf;
         fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
         include fastcgi_params;

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    if ($scheme != "https") {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    # Redirect non-https traffic to https
    # if ($scheme != "https") {
    #     return 301 https://$host$request_uri;
    # } # managed by Certbot

As Let’s Encrypt certs expire after 90 days, they need to be checked for renewal periodically. Certbot will automatically run twice a day and renew any certificate that is within thirty days of expiration.

sudo certbot renew --dry-run
sudo crontab -e

Then add the line below and save.

0 1 * * * /usr/bin/certbot renew & > /dev/null

Cmd/Ctr X and Y to save and exit

Step 8: Download WordPress with Latest Version

First we go to the Temporary folder with typing command cd /tmp or just follow the command below

cd /tmp && wget
tar -zxvf latest.tar.gz
sudo mv wordpress /var/www/html/wordpress

Grant Directory Permission

sudo chown -R www-data:www-data /var/www/html/wordpress/
sudo chmod -R 755 /var/www/html/wordpress/

Step 9: NGINX Configuration

Finally, configure Nginx site configuration file for WordPress. This file will control how users access WordPress content. Run the commands below to create a new configuration

sudo nano /etc/nginx/sites-available/default

Then copy and paste the content below into the file and save it. Replace the highlighted line with your own domain name and directory root location.

server {
    listen 80;
    listen [::]:80;
    root /var/www/html/joomla;
    index  index.php index.html index.htm;

    location / {
        try_files $uri $uri/ /index.php?$args;        

    location ~ \.php$ {
         include snippets/fastcgi-php.conf;
         fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
         include fastcgi_params;


Cmd/Ctr X and Y to save and exit

Step 10: Enable NGINX Server Block

Nginx has a default server block in which we can use as our server blocks.

sudo ln -s /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default

Step 11: Restart Nginx And PHP

sudo systemctl restart nginx.service
sudo systemctl restart php7.1-fpm.service

Now got to the browser and access your IP address or localhost (local server)