• LET'S TALK!

    Fill in the form below to make an enquiry or find my contact details on my contact page.

  • This field is for validation purposes and should be left unchanged.

Freelance WordPress Developer

Install WordPress on Ubuntu 23.10 with PHP 8.3, MariaDB, NGINX, Let’s Encrypt and REDIS

Setting up a secure and efficient web server environment is crucial for hosting websites or web applications. In this comprehensive guide, I’ll walk you through the process of installing Ubuntu Server with PHP 8.3, MariaDB, NGINX, setting up virtual hosts, installing WordPress, integrating Let’s Encrypt for SSL/TLS encryption, adding security headers, implementing REDIS cache for WordPress, and ensuring both server and WordPress security.

Prerequisites:

– A computer with Ubuntu Server installed
– Access to the internet
– Basic knowledge of the Linux command line
 

Step 1: Update and Upgrade

Before starting, ensure your system is up to date:

sudo apt update
sudo apt upgrade

 

Step 2: Install NGINX

NGINX is a high-performance web server known for its stability and low resource consumption.

sudo apt install nginx

 

Step 3: Install PHP 8.3

Add the Ondřej Surý PHP PPA repository and install PHP 8.3 and necessary extensions:

 
sudo add-apt-repository ppa:ondrej/php
sudo apt update
sudo apt install php8.3 php8.3-fpm php8.3-mysql php8.3-common php8.3-gd php8.3-cli php8.3-curl php8.3-mbstring php8.3-xml php8.3-xmlrpc php8.3-zip

 

Step 4: Install MariaDB

MariaDB is a popular open-source relational database server.

 
sudo apt install mariadb-server

 

Step 5: Secure MariaDB Installation

Run the security script to set up MariaDB securely:

 
sudo mysql_secure_installation

 

Step 6: Create a Database for WordPress

Log in to MariaDB and create a database and user for WordPress:

 
sudo mysql -u root -p
CREATE DATABASE wordpress;
CREATE USER 'wordpressuser'@'localhost' IDENTIFIED BY 'your_password';
GRANT ALL ON wordpress.* TO 'wordpressuser'@'localhost' IDENTIFIED BY 'your_password';
FLUSH PRIVILEGES;
EXIT;

 

Step 7: Install WordPress

Download and extract the latest version of WordPress:

 
sudo wget -c https://wordpress.org/latest.tar.gz
sudo tar -xzvf latest.tar.gz -C /var/www/

 

Step 8: Configure Nginx for WordPress

Create a new Nginx server block configuration file for your WordPress site:

 
sudo nano /etc/nginx/sites-available/wordpress

Paste the following configuration, replacing your_domain with your domain name:

 
server {
    listen 80;
    listen [::]:80;
    server_name your_domain;
    root /var/www/wordpress;
    index index.php index.html index.htm;
    location / {
        try_files $uri $uri/ /index.php?$args;
    }
    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php8.3-fpm.sock;
    }
    location ~ /\.ht {
        deny all;
    }
}

 

Step 9: Enable the WordPress Site

Create a symbolic link to enable the site:

 
sudo ln -s /etc/nginx/sites-available/wordpress /etc/nginx/sites-enabled/

 

Step 10: Test Nginx Configuration and Restart

Test the Nginx configuration for syntax errors and restart Nginx:

 
sudo nginx -t
sudo systemctl restart nginx

 

Step 11: Set Up Let’s Encrypt for SSL/TLS Encryption

Install Certbot, a tool for obtaining and renewing Let’s Encrypt SSL certificates:

 
sudo apt install certbot python3-certbot-nginx

Obtain a certificate for your domain:

 
sudo certbot --nginx -d your_domain

 

Step 12: Add Security Headers

Edit your Nginx configuration file to include security headers:

sudo nano /etc/nginx/nginx.conf

Add the following lines within the http block:

add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;

 

Step 13: Implement Redis Cache for WordPress

sudo apt install redis-server
sudo systemctl enable redis-server
sudo systemctl start redis-server

Once the installation is complete, you can verify that Redis is running by checking its status:

sudo systemctl status redis

Install Redis PHP Extension
You’ll need to install the Redis PHP extension to allow WordPress to connect to Redis:

sudo apt install php8.3-redis

Configure Redis for WordPress
Now, you need to configure WordPress to use Redis as its object cache. Edit your WordPress wp-config.php file:

sudo nano /var/www/wordpress/wp-config.php

Add the following lines at the end of the file:

define('WP_REDIS_CLIENT', 'pecl');
define('WP_REDIS_PECL_EXTENSION', 'redis');
define('WP_REDIS_HOST', '127.0.0.1');
define('WP_REDIS_PORT', '6379');

Restart NGINX and PHP-FPM to apply the changes:

sudo systemctl restart nginx
sudo systemctl restart php8.3-fpm

You can verify if WordPress is using Redis as its object cache by installing a plugin like “Redis Object Cache” from the WordPress plugin repository. Once activated, the plugin should indicate that Redis is being used for caching.
 
You can also test if Redis caching is working properly by monitoring Redis activity. Use the following command to connect to the Redis server:

redis-cli

Then, run the following command to monitor Redis activity in real-time:

monitor

Now, perform actions on your WordPress site, such as loading pages or publishing posts. You should see Redis activity in the monitor window, indicating that Redis is successfully caching data for your WordPress site.
 

Step 14: Server Security Measures

– Keep the system up to date with security patches regularly.
– Configure a firewall using ufw to allow only necessary ports.
– Set up SSH key-based authentication and disable password authentication.
– Install and configure fail2ban to protect against brute-force attacks.

 

Step 15: WordPress Security Measures

– Keep WordPress, themes, and plugins updated regularly.
– Use strong passwords and consider implementing two-factor authentication (2FA) for login.
– Limit login attempts and use security plugins like Wordfence or Sucuri.
– Disable file editing from the WordPress dashboard.
– Regularly back up your WordPress site and database.
 
By following these steps, you can install WordPress on Ubuntu 23.10 with PHP 8.3, MariaDB, NGINX, Let’s Encrypt and REDIS and implement both server and WordPress security measures to ensure a secure and optimized web hosting environment. Enjoy hosting your websites with confidence!

ABOUT AUTHOR

Nuno

Hi, I'm a Freelance Web Developer and WordPress Expert based in London with a wealth of website development and support experience. I am great at problem solving and developing quick solutions.