This guide walks you through a production-ready WordPress setup on Ubuntu 24.04.1 LTS using Apache, PHP-FPM (PHP 8.3), and MariaDB, plus HTTPS via Let’s Encrypt. Estimated time: 20–40 minutes.
Prerequisites
- Fresh Ubuntu 24.04.1 LTS server with sudo access.
- Domain pointing to this server (e.g., example.com).
- Firewall open for HTTP/HTTPS (we’ll set up UFW below).
1) Update the system
sudo apt update && sudo apt -y upgrade
sudo reboot
2) Install Apache, PHP-FPM 8.3, and extensions
sudo apt install -y apache2 php-fpm php-mysql php-xml php-gd php-curl php-mbstring php-zip php-intl php-bcmath unzip curl rsync
sudo a2enmod proxy_fcgi setenvif rewrite
sudo a2enconf php8.3-fpm
sudo systemctl reload apache2
Why PHP-FPM? It’s faster and safer than mod_php and pairs well with Apache on Ubuntu 24.04.
3) Install and secure MariaDB
sudo apt install -y mariadb-server
sudo systemctl enable --now mariadb
sudo mysql_secure_installation
Create the database and user
sudo mysql -e "CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
sudo mysql -e "CREATE USER 'wpuser'@'localhost' IDENTIFIED BY 'CHANGE_ME_STRONG_PASSWORD';"
sudo mysql -e "GRANT ALL PRIVILEGES ON wordpress.* TO 'wpuser'@'localhost'; FLUSH PRIVILEGES;"
4) Download WordPress
cd /tmp
curl -O https://wordpress.org/latest.tar.gz
tar -xzf latest.tar.gz
sudo mkdir -p /var/www/wordpress
sudo rsync -avP wordpress/ /var/www/wordpress/
5) Set permissions
sudo chown -R www-data:www-data /var/www/wordpress
sudo find /var/www/wordpress/ -type d -exec chmod 755 {} \;
sudo find /var/www/wordpress/ -type f -exec chmod 644 {} \;
6) Configure Apache Virtual Host
Replace example.com with your domain.
sudo nano /etc/apache2/sites-available/wordpress.conf
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/wordpress
<Directory /var/www/wordpress>
AllowOverride All
Require all granted
</Directory>
<FilesMatch "\.php$">
SetHandler "proxy:unix:/run/php/php8.3-fpm.sock|fcgi://localhost/"
</FilesMatch>
ErrorLog ${APACHE_LOG_DIR}/wordpress_error.log
CustomLog ${APACHE_LOG_DIR}/wordpress_access.log combined
</VirtualHost>
sudo a2dissite 000-default.conf
sudo a2ensite wordpress.conf
sudo systemctl reload apache2
7) Create wp-config.php
cd /var/www/wordpress
cp wp-config-sample.php wp-config.php
Edit the database settings:
define( 'DB_NAME', 'wordpress' );
define( 'DB_USER', 'wpuser' );
define( 'DB_PASSWORD', 'CHANGE_ME_STRONG_PASSWORD' );
define( 'DB_HOST', 'localhost' );
define( 'DB_CHARSET', 'utf8mb4' );
define( 'DB_COLLATE', '' );
Generate unique salts/keys and paste them into wp-config.php:
curl -s https://api.wordpress.org/secret-key/1.1/salt/
8) Enable HTTPS with Let’s Encrypt
sudo apt install -y certbot python3-certbot-apache
sudo certbot --apache -d example.com -d www.example.com
sudo systemctl status certbot.timer
sudo certbot renew --dry-run
9) Run the installer
Open https://example.com and finish the WordPress setup wizard (site title, admin user, password, language).
10) Post-install hardening & performance
- Permalinks: Settings → Permalinks → choose “Post name”.
- Real cron: Disable WP pseudo-cron and use system cron.
# In wp-config.php
define( 'DISABLE_WP_CRON', true );
# Run cron as www-data every 5 minutes
sudo crontab -u www-data -e
*/5 * * * * /usr/bin/php /var/www/wordpress/wp-cron.php > /dev/null 2>&1
- Firewall (UFW):
sudo apt install -y ufw
sudo ufw allow 'OpenSSH'
sudo ufw allow 'Apache Full'
sudo ufw enable
sudo ufw status
- Backups:
# Database
mysqldump -u root -p wordpress | gzip > ~/wordpress_$(date +%F).sql.gz
# Files
sudo tar -czf ~/wordpress_files_$(date +%F).tar.gz -C /var/www wordpress
Troubleshooting
- White screen / 502: Check PHP-FPM:
systemctl status php8.3-fpm, and Apache error logs. - Permalinks not working: Ensure
a2enmod rewriteandAllowOverride Allare set, then reload Apache. - Permissions: Verify ownership:
chown -R www-data:www-data /var/www/wordpress.