â—Ź mariadb.service - MariaDB 10.11.11 database server
Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; preset: enabled)
Active: active (running) since Wed 2025-03-26 07:14:59 UTC; 38min ago
Docs: man:mariadbd(8)
https://mariadb.com/kb/en/library/systemd/
Main PID: 45352 (mariadbd)
Status: "Taking your SQL requests now..."
Tasks: 9 (limit: 29909)
Memory: 201.7M
CPU: 1.350s
CGroup: /system.slice/mariadb.service
Step 5: Create a WordPress database and user
Next, we need to create a WordPress database, the WordPress user, and grant the permissions for that user to the database.
mariadb
CREATE USER ''@'localhost' IDENTIFIED BY '';
CREATE DATABASE ;
GRANT ALL PRIVILEGES ON .* TO ''@'localhost';
FLUSH PRIVILEGES;
EXIT;
Remember to save the credentials for the “wpuser” as you may need it in the future
Please be aware that this WordPress user has nothing to do with the actual WP admin user and is only used for backend administration.
Step 6. Download and Install WordPress
Before we install WordPress, we first need to download it in the default Apache document root.
Next command sets the correct ownership and permissions for the WordPress files and directories. It assigns www-data ownership, then applies 755 permissions for directories and 644 for files.
chown -R www-data:www-data wordpress/ && cd wordpress/ && find . -type d -exec chmod 755 {} \; -o -type f -exec chmod 644 {} \;
Step 7. Configure WordPress
Rename the sample configuration file and open it for editing.
Enables the Apache rewrite module and the WordPress site configuration.
a2enmod rewrite && a2ensite wordpress.conf
Check the syntax.
apachectl -t
You should receive the following output
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
Syntax OK
Reload the Apache configuration, restart the service, and check its status.
Once the Apache service is restarted, you can finish your WordPress installation at .
Step 9: Setup SSL certificate for the domain
If you want to present your domain without the “Not secure” warning, you need to pull a SSL certificate. Let's Encrypt is a Certificate Authority that provides free TLS certificates, making it easy for websites to enable HTTPS encryption and create a more secure Internet for everyone. Let's Encrypt is a project of the nonprofit Internet Security Research Group.
Install Certbot and Dependencies Certbot is the recommended tool for obtaining and renewing SSL certificates from Let’s Encrypt. First, install Certbot and the Apache plugin.
apt install certbot python3-certbot-apache -y
Obtain the SSL Certificate Now, let’s obtain and install the SSL certificate for your domain.
certbot --apache -d
This initiates the certificate setup
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices)
(Enter 'c' to cancel):
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.5-February-24-2025.pdf. You must
agree in order to register with the ACME server. Do you agree?
(Y)es/(N)o: Y
Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.
(Y)es/(N)o: N
Account registered.
Requesting a certificate for
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live//fullchain.pem
Key is saved at: /etc/letsencrypt/live//privkey.pem
This certificate expires on 2025-06-24.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
Deploying certificate
Successfully deployed certificate for greendata.dk to /etc/apache2/sites-available/wordpress-le-ssl.conf
Congratulations! You have successfully enabled HTTPS on
If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
Test SSL Installation After the process is complete, test the SSL setup by visiting your domain with
Certbot automatically sets up a cron job for renewing your certificate. However, you can verify this.
systemctl list-timers
This will show a list of timers
NEXT LEFT LAST PASSED UNIT ACTIVATES Â
Wed 2025-03-26 09:09:00 UTC 11min left Wed 2025-03-26 08:39:14 UTC 18min ago phpsessionclean.timer phpsessionclean.service
Wed 2025-03-26 14:15:07 UTC 5h 17min left Tue 2025-03-25 14:15:06 UTC 18h ago systemd-tmpfiles-clean.timer systemd-tmpfiles-clean.service
Wed 2025-03-26 18:11:29 UTC 9h left Wed 2025-03-26 07:15:21 UTC 1h 42min ago apt-daily.timer apt-daily.service
Thu 2025-03-27 00:00:00 UTC 15h left Wed 2025-03-26 00:00:04 UTC 8h ago dpkg-db-backup.timer dpkg-db-backup.service
Thu 2025-03-27 00:00:00 UTC 15h left Wed 2025-03-26 00:00:04 UTC 8h ago logrotate.timer logrotate.service
Thu 2025-03-27 06:46:35 UTC 21h left Wed 2025-03-26 06:51:30 UTC 2h 6min ago apt-daily-upgrade.timer apt-daily-upgrade.service
Thu 2025-03-27 08:04:34 UTC 23h left Wed 2025-03-26 04:15:20 UTC 4h 42min ago man-db.timer man-db.service
Sun 2025-03-30 03:10:16 UTC 3 days left - - e2scrub_all.timer e2scrub_all.service
Mon 2025-03-31 01:04:27 UTC 4 days left - - fstrim.timer fstrim.service
Alternatively, you can manually test the renewal process.
Account registered.
Simulating renewal of an existing certificate for
--------------------------------------------------------------------------------------------------
Congratulations, all simulated renewals succeeded:
/etc/letsencrypt/live//fullchain.pem (success)
--------------------------------------------------------------------------------------------------
Step 10: Troubleshooting
If there’s an issue with the SSL certificate, check Apache’s error logs.
