Setting up WordPress for free on AWS EC2 (Ubuntu)

This is a step-by-step guide for setting up wordpress on an AWS EC2 instance. In this guide we will use a free-tier Ubuntu image instead of an Amazon Linux image.

  1. Register an account on AWS (https://portal.aws.amazon.com/billing/signup#/start)
  2. Navigate to the EC2 Management Console (https://us-west-1.console.aws.amazon.com/ec2/v2/home if you’re using the Northern California region)
  3. Click on “Running Intances” on the Dashboard.
  4. Select “Launch Instance”
  5. Select “Ubuntu Servier 18.04 LTS (HVM)”
  6. We will be selecting a “T2 Micro” instance for this guide.
  7. Select “Review and Launch”
  8. Click “Launch”
  9. If you don’t have an existing keypair, select “Create a new keypair” from the dropdown and give it a name. Otherwise, feel free to use an existing keypair. Make sure to download any new keypairs and keep it in a safe place. We will use this in step 20 as “my-keypair.pem” though your file may be named differently.
  10. Click “Launch instances”
  11. Congrats! You launched a new EC2 instance. Click on “View instances”
  12. In the description of your new instance under security groups, click on the security group name.
  13. Go to the “Inbound” rules section.
  14. Click “Edit” and select “HTTP” from the Type dropdown. Make sure the Protocol is set to TCP and the port range is 80. We can allow the source for this rule to remain “Anywhere” (, ::/0).
  15. Click “Save”
  16. For this WordPress install, we plan on associating a domain name with our EC2 instance. For this we will need to create an Elastic IP. Navigate back to the EC2 dashboard and click on “Elastic IPs”
  17. Select “Allocate new address” then “Allocate”
  18. On the Elastic IP dashboard, select your new Elastic IP and in the “Actions” dropdown, select “Associate address”
  19. Select your EC2 instance and its Private IP from the dropdowns and click “Associate”. We’ll leave this for now and use Route 53 to associate our domain name later. Remember your elastic IP for the next step.
  20. You should now be able to ssh into your EC2 instance. In a terminal, do:
ssh ubuntu@NEW_ELASTIC_IP_ADDRESS -i ~/my-keypair.pem

You should now be working on your new EC2 instance. Lets install the packages we will need:

sudo apt-get install apache2
sudo apt-get install php php-mysql
sudo apt-get install mysql-server

Lets quickly configure the firewall:

sudo ufw enable
sudo ufw allow 'APACHE FULL'
sudo ufw allow 'OpenSSH'
sudo service apache2 restart

To make sure your webserver and firewall are configured correctly:

cd /var/www/html
sudo vim test.php

In the editor:

  1. Type i to start the insert
  2. Type <?php phpinfo() ?>
  3. Type :x to write the file and quit vi

You should be able to navigate to both your elastic IP address and the path ‘/test.php’ to see the apache default index.html page and the php information page.

Lets create your MySQL database and complete installation:

sudo service mysql start
mysqladmin -uroot create awordpressblog

A Wizard should prompt you with several questions. Answer:

  1. Enter current password for root: Press return for none
  2. Change Root Password: Y
  3. New Password: Enter your new password
  4. Remove anonymous user: Y
  5. Disallow root login remotely: Y
  6. Remove test database and access to it: Y
  7. Reload privilege tables now: Y

Lets finish setting up your database and database user. Feel free to change references to usernames. You should definitely change any references to passwords.

mysql -uroot -p

mysql>CREATE USER 'wordpress-user'@'localhost' IDENTIFIED BY 'your_strong_password';
mysql>GRANT ALL PRIVILEGES ON `awordpressblog`.* TO "wordpress-user"@"localhost";

Almost done. Lets finish the wordpress install:

cd /var/www/html
sudo wget http://wordpress.org/latest.tar.gz
sudo tar -xzvf latest.tar.gzcd
sudo mv wordpress/wp-config-sample.php wordpress/wp-config.php

For the next step, first grab some unique keys from https://api.wordpress.org/secret-key/1.1/salt/. The output should look something like:

define('AUTH_KEY',         ' #U$$+[RXN8:b^-L 0(WU_+ c+WFkI~c]o]-bHw+)/Aj[wTwSiZ<Qb[mghEXcRh-');
define('SECURE_AUTH_KEY',  'Zsz._P=l/|y.Lq)XjlkwS1y5NJ76E6EJ.AV0pCKZZB,*~*r ?6OP$eJT@;+(ndLg');
define('LOGGED_IN_KEY',    'ju}qwre3V*+8f_zOWf?{LlGsQ]Ye@2Jh^,8x>)Y |;(^[Iw]Pi+LG#A4R?7N`YB3');
define('NONCE_KEY',        'P(g62HeZxEes|LnI^i=H,[XwK9I&[2s|:?0N}VJM%?;v2v]v+;+^9eXUahg@::Cj');
define('AUTH_SALT',        'C$DpB4Hj[JK:?{ql`sRVa:{:7yShy(9A@5wg+`JJVb1fk%_-Bx*M4(qc[Qg%JT!h');
define('SECURE_AUTH_SALT', 'd!uRu#}+q#{f$Z?Z9uFPG.${+S{n~1M&%@~gL>U>NV<zpD-@2-Es7Q1O-bp28EKv');
define('LOGGED_IN_SALT',   ';j{00P*owZf)kVD+FVLn-~ >.|Y%Ug4#I^*LVd9QeZ^&XmK|e(76miC+&W&+^0P/');
define('NONCE_SALT',       '-97r*V/cgxLmp?Zy4zUU4r99QQ_rGs2LTd%P;|_e1tS)8_B/,.6[=UK<J_y9?JWG');

Then we’ll need to edit wp-config.php

sudo vim wordpress/wp-config.php

In the editor change:

define('DB_NAME', 'awordpressblog');
define('DB_USER', 'wordpress-user');
define('DB_PASSWORD', 'your_strong_password');

And make sure you replace: 

define('AUTH_KEY',         'put your unique phrase here');
define('SECURE_AUTH_KEY',  'put your unique phrase here');
define('LOGGED_IN_KEY',    'put your unique phrase here');
define('NONCE_KEY',        'put your unique phrase here');
define('AUTH_SALT',        'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT',   'put your unique phrase here');
define('NONCE_SALT',       'put your unique phrase here');

With the unqiue keys you got from https://api.wordpress.org/secret-key/1.1/salt/

SO CLOSE! If you plan on running wordpress when navigating to your root domain, do:

cp -r wordpress/* /var/www/html/

Or if you otherwise want to host wordpress at a specified path at your domain, do:

mkdir /var/www/html/somepath
sudo cp -r wordpress/* /var/www/html/somepath/

Now we just need to make sure the www-data user has ownership over the parent directory, wordpress directory, subdirectories and all of the files on your instance:

sudo chown -R www-data /var/www
sudo chgrp -R www-data /var/www
sudo chmod 2775 /var/www
find /var/www -type d -exec sudo chmod 2775 {} \;

Sweet. Lets restart apache and make sure the mysql service is running:

sudo service apache2 restart
sudo service mysql status

You should see an output of something like:

● mysql.service - MySQL Community Server
   Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2018-10-08 09:10:00 UTC; 11h ago
 Main PID: 11111 (mysqld)
    Tasks: 30 (limit: 1152)
   CGroup: /system.slice/mysql.service
           └─11884 /usr/sbin/mysqld --daemonize --pid-file=/run/mysqld/mysqld.pid

And now, you can navigate to your Elastic IP address in your browser and complete the wordpress install.

To finish associating your new domain name with your wordpress site, navigate to Route 53 and create a hosted zone for your domain name.

Click “Create Record Set”

Leave the “Name” field blank

Select “A – IPV4 Address” from the “Type Dropdown”

For the “Value” field, put in your Elastic IP

Leave TTL on “300” and Routing Policy on “Simple”

Click “Create”

You should be all set. Make sure you set your domain when completing your WordPress install.

Efrem Roberson

Leave a Reply

Your email address will not be published. Required fields are marked *