Deploy Wordpress on Debian 11
This tutorial is for manually deploying wordpress on an Debian 11 server. Alternatively, you could deploy wordpress through docker.
Install MariaDB
sudo apt-get install mariadb-server -y
Now log into the database
sudo mysql
Create the wordpress database, and then create a wordpress user that will have access to it. Be sure to change the passwordHere text.
CREATE database wordpress;
GRANT ALL ON `wordpress`.* to wordpress@localhost identified by 'passwordHere';
Add Ondrej Sury PHP Repository
Debian 11 comes with PHP 7.4 by default, but PHP 8.1 is already out, and security support for PHP 7.4 comes to an end on the 28th of Nov 2022 (less than a month away), so we are going to upgrade to PHP 8.1 with the help of Ondřej Surý's very popular PHP repository.
sudo apt update \
&& sudo apt install -y apt-transport-https lsb-release ca-certificates gnupg2
# Add Ondrej's GPG key to tell Debian you trust his packages.
wget -q https://packages.sury.org/php/apt.gpg -O- | sudo apt-key add -
# Now add Ondrej's PHP packages to your sources.
echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/php.list
# Update your package list so you can install what you want later (doesn't update your packages themselves).
sudo apt update && sudo apt dist-upgrade -y
Install Apache and PHP
sudo apt-get install -y \
apache2 libapache2-mod-php8.1 \
php8.1-cli php8.1-mysql
Download Wordpress
wget https://wordpress.org/latest.zip
Optional - Create Wordpress SSH User
I use SSH to update my wordpress instances, and wish to use a non-sudo user to do this. Thus I will create a wordpress user at this point.
sudo adduser wordpress
Install Wordpress
sudo apt-get install unzip -y \
&& unzip latest.zip \
&& sudo mkdir -p /var/www/wordpress \
&& sudo mv wordpress /var/www/wordpress/public_html \
&& sudo chown --recursive wordpress:www-data /var/www/wordpress \
&& sudo chmod 750 --recursive /var/www/wordpress
Set Umask and Add to Group
Let's add the www-data user to the wordpress group so that Apache can access the files even if they are group owned by the wordpress user.
sudo adduser www-data wordpress
Now let's set the umask so that if the wordpress user creates a file, the Apache server can still read them.
su wordpress \
&& cd /var/www/wordpress \
&& umask 027
027 means that new files will have 740 (-rwxr-----) permissions, but new directories will have 750 (-rwxr-x---).
Configure Apache
We now need to configure apache to load the wordpress folder as a site. If you use vim as your editor of choice, you may wish to fix the pasting issue, and syntax highlighting, if this is a fresh install of Debian.
sudo editor /etc/apache2/sites-available/000-default.conf
Replace it with:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/wordpress/public_html
<Directory /var/www/wordpress/public_html/>
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
allow from all
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Restart apache for the changes to take effect
sudo service apache2 restart
Optional - Enable URL Rewrite
Your more than likely to want this feature. If you're unsure, I would err on the side of enabling it.
sudo a2enmod rewrite
sudo service apache2 restart
Web Installation
Now go to your servers IP or hostname and perform the web based installation steps, before then going through the tutorial on securing wordpress.
First published: 23rd October 2022