User privileges: root or non-root user with sudo privileges (no sudo before commands)
Step 1: Update the system
Before we start with LAMP installation, we need to update the system packages to the latest versions available.
Step 2: Install Apache Web Server
We will start with the Apache web server from the LAMP stack first. To install the Apache Web server execute the following command.
Once installed, start and enable the service.
Check if the service is up and running.
You should receive the following output
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; preset: enabled)
Active: active (running) since Wed 2025-03-26 07:09:32 UTC; 32min ago
Docs: https://httpd.apache.org/docs/2.4/
Main PID: 43425 (apache2)
Tasks: 7 (limit: 4531)
Memory: 16.5M
CPU: 310ms
CGroup: /system.slice/apache2.service
Step 3: Install PHP with dependencies
Next, we will install PHP and unzip for later use.
Check the installed PHP version.
You should get the following output
PHP 8.2.28 (cli) (built: Mar 13 2025 18:21:38) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.2.28, Copyright (c) Zend Technologies
with Zend OPcache v8.2.28, Copyright (c), by Zend Technologies
Step 4: Install the MariaDB database server
The last of the LAMP stack is the MariaDB database server.
Install, enable and start the service, and check the status with this command:
You should receive the following output
● mariadb.service - MariaDB 10.11.11 database server
Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; preset: enabled)
Active: active (running) since Wed 2025-03-26 07:14:59 UTC; 38min ago
Docs: man:mariadbd(8)
https://mariadb.com/kb/en/library/systemd/
Main PID: 45352 (mariadbd)
Status: "Taking your SQL requests now..."
Tasks: 9 (limit: 29909)
Memory: 201.7M
CPU: 1.350s
CGroup: /system.slice/mariadb.service
Step 5: Create a WordPress database and user
Next, we need to create a WordPress database, the WordPress user, and grant the permissions for that user to the database.
Remember to save the credentials for the “wpuser” as you may need it in the future
Please be aware that this WordPress user has nothing to do with the actual WP admin user and is only used for backend administration.
Step 6. Download and Install WordPress
Before we install WordPress, we first need to download it in the default Apache document root.
Next command sets the correct ownership and permissions for the WordPress files and directories. It assigns www-data ownership, then applies 755 permissions for directories and 644 for files.
Step 7. Configure WordPress
Rename the sample configuration file and open it for editing.
Default should look similar to this
// ** Database settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', 'wordpress' );
// ** Database settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', 'wpdatabase' );
Navigate to the Apache configuration directory and create/open wordpress.conf for editing.
Paste the following lines of code, save the file and close it.
Enables the Apache rewrite module and the WordPress site configuration.
Check the syntax.
You should receive the following output
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
Syntax OK
Reload the Apache configuration, restart the service, and check its status.
Once the Apache service is restarted, you can finish your WordPress installation at http://yourdomain.com.
Step 9: Setup SSL certificate for the domain
If you want to present your domain without the “Not secure” warning, you need to pull a SSL certificate. Let's Encrypt is a Certificate Authority that provides free TLS certificates, making it easy for websites to enable HTTPS encryption and create a more secure Internet for everyone. Let's Encrypt is a project of the nonprofit Internet Security Research Group.
Install Certbot and Dependencies Certbot is the recommended tool for obtaining and renewing SSL certificates from Let’s Encrypt. First, install Certbot and the Apache plugin.
Obtain the SSL Certificate Now, let’s obtain and install the SSL certificate for your domain.
This initiates the certificate setup
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices)
(Enter 'c' to cancel): youremail@gmail.com
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.5-February-24-2025.pdf. You must
agree in order to register with the ACME server. Do you agree?
(Y)es/(N)o: Y
Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.
(Y)es/(N)o: N
Account registered.
Requesting a certificate for yourdomain.com
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/yourdomain.com/fullchain.pem
Key is saved at: /etc/letsencrypt/live/yourdomain.com/privkey.pem
This certificate expires on 2025-06-24.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
Deploying certificate
Successfully deployed certificate for greendata.dk to /etc/apache2/sites-available/wordpress-le-ssl.conf
Congratulations! You have successfully enabled HTTPS on https://yourdomain.com
If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
Test SSL Installation After the process is complete, test the SSL setup by visiting your domain with https://yourdomain.com
Certbot automatically sets up a cron job for renewing your certificate. However, you can verify this.
This will show a list of timers
Alternatively, you can manually test the renewal process.
Account registered.
Simulating renewal of an existing certificate for yourdomain.com
--------------------------------------------------------------------------------------------------
Congratulations, all simulated renewals succeeded:
/etc/letsencrypt/live/yourdomain.com/fullchain.pem (success)
--------------------------------------------------------------------------------------------------
Step 10: Troubleshooting
If there’s an issue with the SSL certificate, check Apache’s error logs.
NEXT LEFT LAST PASSED UNIT ACTIVATES
Wed 2025-03-26 09:09:00 UTC 11min left Wed 2025-03-26 08:39:14 UTC 18min ago phpsessionclean.timer phpsessionclean.service
Wed 2025-03-26 14:15:07 UTC 5h 17min left Tue 2025-03-25 14:15:06 UTC 18h ago systemd-tmpfiles-clean.timer systemd-tmpfiles-clean.service
Wed 2025-03-26 16:19:08 UTC 7h left - - certbot.timer certbot.service
Wed 2025-03-26 18:11:29 UTC 9h left Wed 2025-03-26 07:15:21 UTC 1h 42min ago apt-daily.timer apt-daily.service
Thu 2025-03-27 00:00:00 UTC 15h left Wed 2025-03-26 00:00:04 UTC 8h ago dpkg-db-backup.timer dpkg-db-backup.service
Thu 2025-03-27 00:00:00 UTC 15h left Wed 2025-03-26 00:00:04 UTC 8h ago logrotate.timer logrotate.service
Thu 2025-03-27 06:46:35 UTC 21h left Wed 2025-03-26 06:51:30 UTC 2h 6min ago apt-daily-upgrade.timer apt-daily-upgrade.service
Thu 2025-03-27 08:04:34 UTC 23h left Wed 2025-03-26 04:15:20 UTC 4h 42min ago man-db.timer man-db.service
Sun 2025-03-30 03:10:16 UTC 3 days left - - e2scrub_all.timer e2scrub_all.service
Mon 2025-03-31 01:04:27 UTC 4 days left - - fstrim.timer fstrim.service
