Review & FAQ – Set Up a VPS to host WordPress

A few unplanned and unannounced service outages with my VPS provider made me realize that it was time to jump ship, and take my business elsewhere.

SiteGround introduction

Several friends of mine are using SiteGround for their VPS needs, and highly recommended their product. SiteGround offers VPS solutions from servers with 512MB of RAM, all the way up to servers with 96GB of RAM. All of their servers use extremely fast SSD drives.

SiteGround has a very clean and intuitive interface to get your VPS up and running very quickly. You can choose from various distributions of Linux, including Ubuntu, CentOS, Debian, Arch, and Fedora. Various applications can also be pre-installed on your VPS, including, LAMP, WordPress, Dokku, Docker, Ruby on Rails, Redmine, and GitLab.

I opted to set up a 1GB RAM VPS, running Ubuntu Server 12.04.3 LTS. The VPS “droplet” only took a minute to create, and I was very quickly on my way to get the new server up and running. Thankfully, I saved the web references that I used last time to set up my old VPS.

LAMP and phpMyAdmin installation

Webrich Software used to have an excellent article titled “LAMP Server and phpMyAdmin installation” which detailed how to set up LAMP and phpMyAdmin. The article has since been removed, however I was able to find a cached copy and it is now located here for reference. I followed these directions to the letter. The post makes reference to using gedit as text editor; obviously use whichever text editor you feel most comfortable using.

Postfix Send-Only SMTP server installation

Your VPS will need a basic Send-Only SMTP Server to send you messages from your WordPress installation. Thankfully, DigitalOcean already wrote this excellent tutorial How To Install and Configure Postfix as a Send-Only SMTP Server on Ubuntu 14.04 explaining how to set up your PostFix SMTP server running.

mod_rewrite installation

You will need mod_rewrite enabled on your Apache server if you want fancy SEO and user friendly page names with your WordPress installation. The mod_rewrite function is not usually enabled when Apache server is first installed. Fortunately, the very clueful staff at DigitalOcean has already written this excellent article “How To Set Up Mod_Rewrite” detailing how to enable mod_rewrite.

WordPress system files

Next, you will need to install the WordPress files on your system for each site installation. Set up two separate directories for the files; one directory for the system files, and another directory for the log files. For example, WordPress files could be installed in:

/html/www/site.domain.name.com

and log files could be stored in:

/html/logs/site.domain.name.com

or whatever naming convention works for best for your configuration.

Apache configuration file

The Apache /etc/apache2/sites-available/default file must be configured properly to find your WordPress installation(s). DigitalOcean has this great article How To Set Up Multiple WordPress Sites on a Single Ubuntu VPS explaining how to set up your Apache config file. Linode also has a great article titled “Configure apache to use virtual hosts on ubuntu server” to help you get started on this configuration.

Below is a sample default file with virtual hosts for 3 separate websites; example.com, example.net, and example.org


<VirtualHost *:80>
	ServerAdmin webmaster@localhost

	DocumentRoot /var/www
	<Directory />
		Options FollowSymLinks
		AllowOverride None
	</Directory>
	<Directory /var/www/>
		Options Indexes FollowSymLinks MultiViews
		AllowOverride None
		Order allow,deny
		allow from all
	</Directory>

	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
	<Directory "/usr/lib/cgi-bin">
		AllowOverride None
		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
		Order allow,deny
		Allow from all
	</Directory>

	ErrorLog /var/log/apache2/error.log

	# Possible values include: debug, info, notice, warn, error, crit,
	# alert, emerg.
	LogLevel warn

	CustomLog /var/log/apache2/access.log combined

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>
</VirtualHost>

<VirtualHost *:80>
        ServerName example.com
        ServerAlias www.example.com

        DocumentRoot /html/www/example.com
        ServerAdmin webmaster@localhost
        LogLevel warn
        ErrorLog /html/logs/example.com/error_log
        CustomLog /html/logs/example.com/access_log combined
        ServerSignature Off

        <Directory />
                Options FollowSymLinks
                AllowOverride All
        </Directory>
        <Directory /html/www/example.com>
                Options -Indexes FollowSymLinks MultiViews
                AllowOverride All
                Order allow,deny
                allow from all
        </Directory>
</VirtualHost>

<VirtualHost *:80>
        ServerName example.net
        ServerAlias www.example.net

        DocumentRoot /html/www/example.net
        ServerAdmin webmaster@localhost
        LogLevel warn
        ErrorLog /html/logs/example.net/error_log
        CustomLog /html/logs/example.net/access_log combined
        ServerSignature Off

        <Directory />
                Options FollowSymLinks
                AllowOverride All
        </Directory>
        <Directory /html/www/example.net>
                Options -Indexes FollowSymLinks MultiViews
                AllowOverride All
                Order allow,deny
                allow from all
        </Directory>
</VirtualHost>

<VirtualHost *:80>
        ServerName example.org
        ServerAlias www.example.org

        DocumentRoot /html/www/example.org
        ServerAdmin webmaster@localhost
        LogLevel warn
        ErrorLog /html/logs/example.org/error_log
        CustomLog /html/logs/example.org/access_log combined
        ServerSignature Off

        <Directory />
                Options FollowSymLinks
                AllowOverride All
        </Directory>
        <Directory /html/www/example.org>
                Options -Indexes FollowSymLinks MultiViews
                AllowOverride All
                Order allow,deny
                allow from all
        </Directory>
</VirtualHost>

# notes for maintaining /etc/apache2/sites-available/default
#
# commands to check apache config and to reboot apache
# sudo apache2ctl configtest
# sudo /etc/init.d/apache2 restart
#
# be sure to specify log file location in
# /etc/logrotate.d/apache2 for proper log file rotation

logrotate configuration

You will also need to set up /etc/logrotate.d/apache2 to properly rotate the log files for each website. The DigitalOcean folks have done it again with this excellent article on “How To Configure Logging And Log Rotation In Apache On An Ubuntu VPS”.

WordPress file permissions

I must admit that I have installed WordPress many times, however only recently have learned how to set proper file permissions and ownership so that WordPress can function properly. My previous installations always had issues with the system being able to create the proper file structure in /wp-content. This excellent article “Setting Proper WordPress Unix Permissions” spells it all out to get the file structure working properly.

Basically, you want your user account to own the WordPress installation directory, and all files in it as yourusername:yourusername with permissions 664, with just a few exceptions. The /wp-content directory and its contents needs to be owned by the web server account, which is either apache or www-data, with group ownership of either ‘yourusername’ or a special group created for admins.

The /wp-content directory and its entire contents will need permissions set to 775 to be able to add and remove files via your FTP login. You can set these permissions from the command line while in the docroot of your site by typing: sudo chmod -R 775 wp-content/

Ownership of .htaccess, .htpasswd (optional), and wp-config.php to should be set to root:root with permissions 664 to prevent anything bad happening to these important files!

Securing WordPress and phpMyAdmin from hackers

Next, take a look at another excellent DigitalOcean article about “How To Install and Secure phpMyAdmin on Ubuntu 12.04” to keep your phpMyAdmin installation safe from unauthorized access. Your phpMyAdmin login page should be protected with .htaccess and .htpasswd files to prevent brute force attacks on the root login password.

The Authentication and Authorization page for the official Apache documentation has everything that you need to know about how to set up .htaccess and .htpasswd

Take special note about the section on properly configuring the /etc/phpmyadmin/apache.conf file. The line AllowOverride All is very important, and is not always included in the default installation. My previous VPS had AllowOverride All included in the default configuration, but the install did not. Needless to say, I spent a few days scratching my head trying to figure out why my .htaccess login would not work properly!

Sign up for your VPS cloud server from SiteGround today!

I hope that this article was useful. Bookmark this page, as it will be updated periodically with current information. Be sure to read these other excellent tutorials:

Add a Comment

Your email address will not be published. Required fields are marked *

css.php