WordPress is an open-source content management system (CMS). The most popular CMS in the world, WordPress allows you to set up blogs and websites on top of a MySQL database backend, using PHP to execute scripts and process dynamic content.
OpenLiteSpeed is an optimized open-source web server that you can use to manage and serve websites. OpenLiteSpeed has some useful features that make it a solid choice for many installations: Apache-compatible rewrite rules, a built-in web-based administration interface, and customized PHP processing optimized for the server.
This guide will walk through the process of installing and setting up a WordPress instance on Ubuntu 18.04 using the OpenLiteSpeed web server. Because both WordPress and OpenLiteSpeed can be administered through a web browser, this configuration is ideal for those who do not have regular access to an SSH session or those who may not feel comfortable managing a web server via the command line.
Before you begin this guide, you will need the following:
ufw
. To set up this environment, follow our Initial Server Setup for Ubuntu 18.04 tutorial.WordPress uses MySQL to manage and store site and user information. You already have MySQL installed, but as a preparatory step you need to make a database and a user for WordPress to use.
To get started, connect to your server using SSH:
- ssh sammy@your_server_IP
Then log in to the root MySQL account:
- sudo mysql
Note: If you completed Step 3 in the prerequisite MySQL tutorial and configured your root MySQL user to authenticate with the mysql_native_password
plugin, you’ll need to log in with the following command:
- mysql -u root -p
Then enter your root user’s password when prompted.
From the MySQL prompt, create a database with the following command. Here, we will name this database wordpress
to keep things simple, but you can name it whatever you’d like:
- CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
Then, create a user and grant it privileges over the database you just created. Again, you can give this user any name, but for simplicity we will name it wordpressuser
. Also, be sure to change password
to a strong password of your own choosing:
- GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpressuser'@'localhost' IDENTIFIED BY 'password';
Then, run FLUSH PRIVILEGES
which tells the server to reload the grant tables and put your new changes into effect:
- FLUSH PRIVILEGES;
Following that, you can close the MySQL prompt:
- exit
You’re done setting up your MySQL installation to work with WordPress. Next, we will install a few PHP extensions.
In the prerequisite OpenLiteSpeed tutorial, you installed the lsphp73
package. This is a compilation of PHP optimized for OpenLiteSpeed which uses the LiteSpeed SAPI to communicate with external applications. Depending on your needs, WordPress may require other certain PHP extensions in order to function as desired.
To install some PHP extensions commonly used with WordPress, run the following command:
- sudo apt install lsphp73-common lsphp73-curl lsphp73-imagick lsphp73-imap lsphp73-json lsphp73-memcached lsphp73-mysql lsphp73-opcache lsphp73-redis
Note: The packages in this command may not cover every use case. For a full list of the PHP 7.3 extensions available from the LiteSpeed repository you added to your server in the prerequisite tutorial, see the LiteSpeed Wiki.
Following this, you can move on to downloading and setting up WordPress on your server.
Now that your server software is configured, you can install and set up WordPress. For security reasons in particular, it is always recommended that you get the latest version of WordPress directly from their site.
Change into a writable directory and then download the compressed release by typing:
- cd /tmp
- curl -O https://wordpress.org/latest.tar.gz
Extract the compressed file to create the WordPress directory structure:
- tar xzvf latest.tar.gz
We will move these files into our document root momentarily, but first we will create a few files and directories that the WordPress installation will depend on.
OpenLiteSpeed supports .htaccess
files. This is important for our purposes, since WordPress uses .htaccess
files to create and manage permalinks.
Add a dummy .htaccess
file so that it will be available for WordPress to use later:
- touch /tmp/wordpress/.htaccess
Next, copy over the sample configuration file to the filename that WordPress actually reads:
- cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
Additionally, create the upgrade
directory so that WordPress won’t run into permissions issues when trying to do this on its own following an update to its software:
- mkdir /tmp/wordpress/wp-content/upgrade
Then, copy the entire contents of the directory into your document root. OpenLiteSpeed comes with a default virtual host named Example
located in the /usr/local/lsws/
directory. The document root for the Example
virtual host is the html
subdirectory:
- sudo cp -a /tmp/wordpress/. /usr/local/lsws/Example/html/wordpress
Notice that this command includes a dot at the end of the source directory to indicate that everything within the directory should be copied, including hidden files (like the .htaccess
file you created):
With that, you’ve successfully installed WordPress onto your web server and performed some of the initial configuration steps. Next, we’ll go through some further configuration changes that will give WordPress the privileges it needs to function securely and access the MySQL database and user account you created previously.
Before we can go through the web-based setup process for WordPress, we need to adjust some items in our WordPress directory.
Start by giving ownership of all the files in the directory to the nobody user and the nogroup group, which the OpenLiteSpeed web server runs as by default. The following chown
command will grant OpenLiteSpeed the ability to read and write files in the wordpress
directory, allowing it to serve the website and perform automatic updates:
- sudo chown -R nobody:nogroup /usr/local/lsws/Example/html/wordpress
Next run two find
commands to set the correct permissions on the WordPress directories and files:
- sudo find /usr/local/lsws/Example/html/wordpress/ -type d -exec chmod 750 {} \;
- sudo find /usr/local/lsws/Example/html/wordpress/ -type f -exec chmod 640 {} \;
These should be a reasonable permissions set to start with, although some plugins and procedures might require additional tweaks.
Following this, you will need to make some changes to the main WordPress configuration file.
When you open the file, your first objective will be to adjust some secret keys to provide some security for your installation. WordPress provides a secure generator for these values so that you do not have to try to come up with good values on your own. These are only used internally, so it doesn’t hurt usability to have complex, secure values here.
To grab secure values from the WordPress secret key generator, type:
- curl -s https://api.wordpress.org/secret-key/1.1/salt/
You will get back unique values that look something like this:
Warning! It is important that you request unique values each time. Do NOT copy the values shown below!
Outputdefine('AUTH_KEY', '1jl/vqfs<XhdXoAPz9 DO NOT COPY THESE VALUES c_j{iwqD^<+c9.k<J@4H');
define('SECURE_AUTH_KEY', 'E2N-h2]Dcvp+aS/p7X DO NOT COPY THESE VALUES {Ka(f;rv?Pxf})CgLi-3');
define('LOGGED_IN_KEY', 'W(50,{W^,OPB%PB<JF DO NOT COPY THESE VALUES 2;y&,2m%3]R6DUth[;88');
define('NONCE_KEY', 'll,4UC)7ua+8<!4VM+ DO NOT COPY THESE VALUES #`DXF+[$atzM7 o^-C7g');
define('AUTH_SALT', 'koMrurzOA+|L_lG}kf DO NOT COPY THESE VALUES 07VC*Lj*lD&?3w!BT#-');
define('SECURE_AUTH_SALT', 'p32*p,]z%LZ+pAu:VY DO NOT COPY THESE VALUES C-?y+K0DK_+F|0h{!_xY');
define('LOGGED_IN_SALT', 'i^/G2W7!-1H2OQ+t$3 DO NOT COPY THESE VALUES t6**bRVFSD[Hi])-qS`|');
define('NONCE_SALT', 'Q6]U:K?j4L%Z]}h^q7 DO NOT COPY THESE VALUES 1% ^qUswWgn+6&xqHN&%');
These are configuration lines that you will paste directly into your configuration file to set secure keys. Copy the output you received to your clipboard, and then open the WordPress configuration file located in your document root:
- sudo nano /usr/local/lsws/Example/html/wordpress/wp-config.php
Find the section that contains the dummy values for those settings. It will look something like this:
. . .
define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
define('AUTH_SALT', 'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT', 'put your unique phrase here');
define('NONCE_SALT', 'put your unique phrase here');
. . .
Delete these lines and paste in the values you copied from the command line:
. . .
define('AUTH_KEY', 'VALUES COPIED FROM THE COMMAND LINE');
define('SECURE_AUTH_KEY', 'VALUES COPIED FROM THE COMMAND LINE');
define('LOGGED_IN_KEY', 'VALUES COPIED FROM THE COMMAND LINE');
define('NONCE_KEY', 'VALUES COPIED FROM THE COMMAND LINE');
define('AUTH_SALT', 'VALUES COPIED FROM THE COMMAND LINE');
define('SECURE_AUTH_SALT', 'VALUES COPIED FROM THE COMMAND LINE');
define('LOGGED_IN_SALT', 'VALUES COPIED FROM THE COMMAND LINE');
define('NONCE_SALT', 'VALUES COPIED FROM THE COMMAND LINE');
. . .
Next, modify the database connection settings at the top of the file. You need to adjust the database name, database user, and the associated password that you configured within MySQL.
The other change you must make is to set the method that WordPress should use to write to the filesystem. Since we’ve given the web server permission to write where it needs to, we can explicitly set the filesystem method to direct
. Failure to set this with our current settings would result in WordPress prompting for FTP credentials when you perform certain actions.
This setting can be added below the database connection settings, or anywhere else in the file:
. . .
define('DB_NAME', 'wordpress');
/** MySQL database username */
define('DB_USER', 'wordpressuser');
/** MySQL database password */
define('DB_PASSWORD', 'password');
. . .
define('FS_METHOD', 'direct');
Save and close the file when you are finished.
At this point, WordPress is not quite fully configured on your system, as you still need to apply a few finishing touches before you can start publishing content. In order to do that, though, you’ll first need to make a few configuration changes to your OpenLiteSpeed installation.
Currently, you have WordPress installed on your Ubuntu server, but your OpenLiteSpeed installation hasn’t yet been configured to serve it. In this step, we’ll access the OpenLiteSpeed administrative interface and make a few changes to your server’s configuration.
In your preferred web browser, navigate to the OpenLiteSpeed administrative interface. You can find this by entering your server’s public IP address or the domain name associated with it, followed by :7080
, in your browser’s address bar:
https://server_domain_or_IP:7080
There, you will be presented with a login screen. Enter the username and password you defined in the prerequisite OpenLiteSpeed installation tutorial:
From the OpenLiteSpeed console, find and click on Server Configuration in the left-hand sidebar menu. Then navigate to the External App tab, find the row of the LiteSpeed SAPI App, and click on its Edit button:
Recall that in the prerequisite OpenLiteSpeed tutorial, you installed the lsphp73
package, a compilation of PHP optimized to work with OpenLiteSpeed through the LiteSpeed SAPI. However, the default settings in the External App page point to lsphp
rather than lsphp73
. Because of this, your OpenLiteSpeed installation won’t be able to correctly execute PHP scripts.
To correct this, change the Name field to lsphp73
, change the Address field to uds://tmp/lshttpd/lsphp73.sock
, and change the Command field to read $SERVER_ROOT/lsphp73/bin/lsphp
:
After making those changes, click on the Save icon in the upper right-hand corner of the LiteSpeed SAPI App box.
Next, click on Virtual Hosts in the left-hand menu. On the Virtual Hosts page, find the virtual host you plan to use and click on its View icon. Here, we’ll use the default Example virtual host:
Navigate to the virtual host’s General tab. There, find the General section, and click on its Edit button:
OpenLiteSpeed looks at the contents of the Document Root field for content to serve. Because all of your WordPress content and files are stored in the wordpress
directory you created earlier, update the Document Root field to point to that directory. To do this, all you need to do is append wordpress/
to the end of the default value:
Click the Save icon to save this change.
Next, you need to enable index.php
files so that they can be used to process requests that aren’t handled by static files. This will allow the main logic of WordPress to function correctly.
While still in the General tab, scroll down to find the Index Files section and click on its Edit icon:
In the Index Files field, precede index.html
with index.php,
. By putting index.php
before index.html
, you’re allowing PHP index files to take precedence. After updating this field, it will look like this:
Be sure to click the Save icon before continuing.
Next, navigate to the virtual host’s Rewrite tab. Find the Rewrite Control section and press the Edit button:
Set both the Enable Rewrite and Auto Load from .htaccess options to Yes
by clicking the respective radial buttons. Configuring rewrite instructions in this fashion will allow you to use permalinks within your WordPress installation:
Click the Save icon after making those changes.
The default virtual host that is included with the OpenLiteSpeed installation includes some password protected areas to showcase OpenLiteSpeed’s user authentication features. WordPress includes its own authentication mechanisms and we will not be using the file-based authentication included in OpenLiteSpeed. We should get rid of these in order to minimize the stray configuration fragments active on our WordPress installation.
First, click on the Security tab, and then click the Delete button next to SampleProtectedArea within the Realms List table:
You will be asked to confirm the deletion. Click Delete to proceed.
Next, click on the Context tab. In the Context List, delete the /protected/
context that was associated with the security realm you just deleted:
Again, you will have to confirm the deletion by clicking Delete.
You can safely delete any or all of the other contexts as well using the same technique, as we will not be needing them. We specifically deleted the /protected/
context because otherwise an error would be produced due to the deletion of its associated security realm (which we just removed in the Security tab).
Following that, press the green Graceful Restart icon in the upper-right corner of the OpenLiteSpeed console. This will restart the OpenLiteSpeed server, causing the changes you’ve made to go into effect:
With that, your OpenLiteSpeed server is fully configured. You’re ready to finish setting up WordPress in your browser.
Now that the server configuration is complete, we can complete the installation through the web interface.
In your web browser, navigate to your server’s domain name or public IP address:
http://server_domain_or_IP
Select the language you would like to use:
Next, you will come to the main setup page. Select a name for your WordPress site and choose a username (it is recommended not to choose something like “admin” for security purposes). A strong password is generated automatically. Save this password or select an alternative strong password.
Enter your email address and select whether you want to discourage search engines from indexing your site:
When ready, click the Install WordPress button. You’ll be taken to a page that prompts you to log in:
Once you log in, you will be taken to the WordPress administration dashboard:
From the dashboard, you can begin making changes to your site’s theme and publishing content.
By completing this guide, you installed and configured a WordPress instance on Ubuntu 18.04 server running OpenLiteSpeed. Some common next steps are to choose the permalinks setting for your posts (which can be found in Settings > Permalinks) or to select a new theme (in Appearance > Themes). If this is your first time using WordPress, explore the interface a bit to get acquainted with your new CMS.
To enhance your new WordPress site’s security, we recommend that you configure it to function with SSL so it can serve content over HTTPS. Check out this tutorial from the OpenLiteSpeed documentation to install LetsEncrypt and set this up.
Thanks for learning with the DigitalOcean Community. Check out our offerings for compute, storage, networking, and managed databases.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Sign up for Infrastructure as a Newsletter.
Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
Can you provide some insight to how the 2nd and 3rd instance of wordpress would be added to open litespeed after the default above initial site?