This blog starts here at this initial post, with a tutorial for the installation of Wordpress 6.3.2 on an Ubuntu 22.04 Server (AWS EC2 instance) with its database hosted on an AWS MySQL RDS Instance. This is shown in the diagram below. We are using Route 53 as a DNS service for the domain but you can use any other service as well. I’ve a positive experience with Zilore if you are looking for something new.
For your possible entertainment, below is a variant of this chart generated by ChatGPT via Dall-E 3. I don’t know what to say of it, but the text generation is pretty good. What I mean to say is that you can actually read the text and it makes sense (unlike anything currently generated by Midjourney or Stable Diffusion), but I digress. Let’s start.
Setting up AWS RDS
Let’s set up the RDS database instance first. In the AWS Management Console, browse to RDS and create a database. Ensure that this is in the same region as your EC2 instance. Both the RDS and the EC2 instance (later on) need to be created in the default VPC.
The database creation method is Standard and Engline is MySQL. The template choice is up to you, but either should work. In the Settings, specify the “admin” authentication details for this RDS instance. RDS allows you to start with a minimum storage option but you can always enable storage autoscaling in case you expect your needs to rise quickly.
Under Connectivity, you do not need to connect to an EC2 resource just yet. For VPC security group (firewall), you can choose existing, and go with the default group.
Importantly, under Additional Configuration, you can already add the initial database name (i.e. wordpress) that will be created in your instance.
The next step is to launch your EC2 instance with the Ubuntu server image. Don’t forget to allocate an elastic IP and open SSH/HTTP/HTTPS access accordingly. I suppose you are familiar with these steps. If I need to write more about this here, let me know. Remember the name of the security group that is associated with your EC2 instance. We will use this later.
Once your distribution is up and running, connect to it via SSH and update it:
sudo apt update
sudo apt upgrade
Upon reboot, the next step is to install Apache, PHP and the MySQL Client. We don’t need the MySQL server as this will be hosted on the RDS instance.
sudo apt install apache2 \
The next step is to download and install WordPress.
sudo mkdir -p /srv/www
sudo chown www-data: /srv/www
curl https://wordpress.org/latest.tar.gz | sudo -u www-data tar zx -C /srv/www
We will then create the WordPress site in /srv/www/wordpress. Create the file /etc/apache2/sites-available/wordpress.conf and add the following code to it:
AllowOverride Limit Options FileInfo
Require all granted
Require all granted
We will then update the Apache configuration to load the new site and remove the default one:
sudo a2ensite wordpress
sudo a2enmod rewrite
sudo a2dissite 000-default
sudo service apache2 reload
Connect RDS to EC2
At this stage, we can try to connect the RDS to the EC2 instance. Browse to your RDS instance and under Connectivity & Security, click on your VPC security group name. Go to Inbound rules and edit inbound rules.
For the one rule that is there, you need to change Type to MYSQL/Aurora, and for the source you need to remove the security group mentioned there and type in the security group of your EC2 instance to add it. Once added, save the rules. At this stage you should be able to connect from your EC2 instance to the RDS instance.
On your RDS instance, in the AWS console, under Connectivity & Security, note th Endpoint URL of the RDS instance.
In your EC2 instance shell, type as follows:
sudo mysql --user=user> --password=password> wordpress
The user and password above are the admin user you set up when you created the RDS instance. Once you are connected, assuming that the “wordpress” database has been set up when you created the RDS instance, let’s create a user to use with WordPress for this database. We are still in the MySQL console when we are typing this:
CREATE USER 'wordpress' IDENTIFIED BY 'wordpress-pass';
GRANT ALL PRIVILEGES ON wordpress.* TO wordpress;
Just to note there that you can use this tutorial without RDS if you choose to host your database locally. You simply need to install the “mysql-server” package, run the “mysql_secure_installation” command to set it up correctly, and then indicate “localhost” as the MySQL host in the command above, and create the wordpress database locally with the desired authentication info.
Next, we are going to configure WordPress (i.e., wp-config.php). Let’s create this file from the sample configuration file:
sudo -u www-data cp /srv/www/wordpress/wp-config-sample.php /srv/www/wordpress/wp-config.php
In the configuration file (wp-config.php), you need to indicate the authentication details for the wordpress database as you created them above.
// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', 'database_name_here' );
/** MySQL database username */
define( 'DB_USER', 'username_here' );
/** MySQL database password */
define( 'DB_PASSWORD', 'password_here' );
/** MySQL hostname */
define( 'DB_HOST', 'localhost' );
You will need to find the following section and replace it with the content generated here:
define( 'AUTH_KEY', 'put your unique phrase here' );
define( 'SECURE_AUTH_KEY', 'put your unique phrase here' );
define( 'LOGGED_IN_KEY', 'put your unique phrase here' );
define( 'NONCE_KEY', 'put your unique phrase here' );
define( 'AUTH_SALT', 'put your unique phrase here' );
define( 'SECURE_AUTH_SALT', 'put your unique phrase here' );
define( 'LOGGED_IN_SALT', 'put your unique phrase here' );
define( 'NONCE_SALT', 'put your unique phrase here' );
You can now browse to your host at http://hostip and you should see the WordPress installation wizard. Choose your language and create your login. Your website should be operational at this stage.
SSL for WordPress
The next step is to generate your Let’s Encrypt SSL certificate for your site and enable HTTPS. Run the following:
sudo apt install certbot python3-certbot-apache
sudo certbot --apache
As a note, at this stage, you should ensure that your domain has the correct DNS records (i.e., type A) pointing to your site. Follow the wizard. If you are prompted to select an Apache site, select the one with “ssl” in the name. At this time, your HTTPS site should be functional.
If you want to enable PHP OPcache on your system, then you need to install these components:
sudo apt-get install php-opcache -y
Edit your php.ini file, which for PHP 8.1 is at:
sudo nano /etc/php/8.1/apache2/php.ini
Uncomment the following lines:
sudo systemctl restart apache2
This is it for now. If you have any comments, let me know.
PHP memory and upload file size
If this is a new installation, you may wish to increase your upload file size allowance as well as memory limit for PHP in the php.ini file. Adjust as per your EC2 instance memory limits and other preferences: