Tutorials / WordPress

How to Deploy WordPress on a VPS

intermediate60 minLast reviewed: 2026-04-30

WordPress works well on a VPS when you want full control over PHP versions, Nginx configuration, database tuning, backups, and plugin behavior. The tradeoff is that you now operate the server. You are responsible for patching Ubuntu, renewing certificates, keeping WordPress updated, and making backups that can be restored somewhere else.

This guide uses Ubuntu 24.04, Nginx, PHP-FPM, MariaDB, and Let's Encrypt. It avoids control panels so the server stays understandable. If you expect real traffic, start with Standard or Performance rather than the smallest plan; WordPress itself is light, but plugins, page builders, WooCommerce, and admin traffic can quickly use memory.

Illustration for How to Deploy WordPress on a VPS

Prerequisites

  • A uNode VPS deployed with Ubuntu 24.04 LTS.
  • A domain name with an A record pointing to the VPS public IPv4 address.
  • Root SSH access and a local terminal.
  • A plan with enough RAM for PHP, MariaDB, and normal traffic; Standard is a sensible floor.
Open console server deploy

Recommended plans

Standard

2 vCPU, 4 GB RAM, 30 GB NVMe SSD, 10 TB transfer

Performance

4 vCPU, 8 GB RAM, 40 GB NVMe SSD, 10 TB transfer

Step 1

Point DNS at the VPS

Create an A record for your domain and, if needed, a second A record for www. Both should point at the public IP shown in the uNode console. DNS propagation can be fast or slow depending on the registrar and TTL. Do not request a Let's Encrypt certificate until the domain resolves to this server from public DNS.

After DNS is set, SSH into the server and update packages. A clean base system makes debugging much easier later.

ssh root@<your-server-ip>
apt update && apt upgrade -y
reboot

Step 2

Install the LEMP stack

LEMP means Linux, Nginx, MariaDB, and PHP. Ubuntu's default packages are good enough for a straightforward WordPress install. Install PHP-FPM plus the common extensions WordPress and many plugins expect.

apt install -y nginx mariadb-server php-fpm php-mysql php-cli php-curl php-gd php-mbstring php-xml php-zip php-intl unzip curl

Step 3

Create the WordPress database

Use a dedicated database and database user for WordPress. Replace the password below with a long random value and store it in a password manager. The unix_socket authentication model on Ubuntu lets root administer MariaDB locally without embedding a database root password in scripts.

mariadb
CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'wordpress'@'localhost' IDENTIFIED BY 'replace-with-a-long-password';
GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpress'@'localhost';
FLUSH PRIVILEGES;
EXIT;

Step 4

Download WordPress

Put WordPress in /var/www/example.com so the Nginx server block can be explicit. The www-data user should own the files because PHP-FPM and Nginx need to read and write uploads, plugins, and update files. Avoid making the whole tree world-writable.

mkdir -p /var/www/example.com
cd /tmp
curl -O https://wordpress.org/latest.tar.gz
tar -xzf latest.tar.gz
rsync -a wordpress/ /var/www/example.com/
chown -R www-data:www-data /var/www/example.com
find /var/www/example.com -type d -exec chmod 755 {} \;
find /var/www/example.com -type f -exec chmod 644 {} \;

Step 5

Configure Nginx and PHP-FPM

Create a dedicated Nginx server block. Adjust the PHP-FPM socket if Ubuntu changes the PHP minor version. You can check the installed socket with ls /run/php/ before enabling the site.

cat >/etc/nginx/sites-available/example.com <<'EOF'
server {
    listen 80;
    server_name example.com www.example.com;
    root /var/www/example.com;
    index index.php index.html;

    client_max_body_size 64m;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php8.3-fpm.sock;
    }

    location ~* /(?:uploads|files)/.*\.php$ {
        deny all;
    }
}
EOF
ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/example.com
rm -f /etc/nginx/sites-enabled/default
nginx -t
systemctl reload nginx

Step 6

Finish the WordPress installer

Open http://example.com in a browser and complete the WordPress installer. Use the database name, user, and password created earlier. Pick an administrator username that is not admin, use a long password, and disable search indexing only if the site is not public yet.

Step 7

Configure SSL with Let's Encrypt

Once DNS resolves correctly and HTTP works, install Certbot and request certificates. Certbot can edit the Nginx server block and install a renewal timer. Test renewal immediately so you are not surprised in 90 days.

apt install -y certbot python3-certbot-nginx
certbot --nginx -d example.com -d www.example.com
certbot renew --dry-run

Step 8

Harden and back up

Keep WordPress core, themes, and plugins updated. Remove plugins you do not use. Install a firewall that only allows SSH, HTTP, and HTTPS. Consider disabling password SSH login once keys work. WordPress security is mostly operational discipline: patch quickly, minimize plugins, use strong admin credentials, and back up both files and database.

A backup you have not restored is only a guess. Store database dumps and wp-content backups outside the VPS. For busy sites, use a plugin or script that can push backups to object storage or another server.

apt install -y ufw
ufw allow OpenSSH
ufw allow 'Nginx Full'
ufw --force enable
mariadb-dump wordpress > /root/wordpress-$(date +%F).sql
tar -czf /root/wp-content-$(date +%F).tar.gz /var/www/example.com/wp-content

What's next

Compare VPS plansRead the web hosting use caseUbuntu 24.04 VPS hosting