There’s something to be said about how good it feels when you set up a blog from scratch. And for a CMS, I’ve always liked WordPress because it was always so easy to set up despite being so feature-rich. I’m no developer but the thing was that even when new cloud-hosting options like Digital Ocean and Vultr (which offered the $5/mo server and weren’t BS like the popular shared-hosting retailers) came up, they had one-click installs from the get-go. There really was/is no incentive to learn how to setup WP. It’s become something you take for granted.
On top of this, my technical grammar is infantile, which makes learning to setup these things more difficult because you’ll need documentation that assumes you really know very little. For example: WP is a PHP app; Ubuntu and Debian are OSs; Apache and nginx are web-servers; Redis and MySQL are databases; and LAMP and LEMP are stacks. And I’m pretty sure I’m going to forget all this in a week.
Until I set up WordPress on Linode*, I wasn’t even know how they all fit together. This is because Linode of all the places has the best documentation on how to set up a WordPress site for dummies. Many other VPS solutions have good documentation but they don’t work for someone who wants to learn along the way. This is odd because Linode is marketed as a cloud-hosting solution for developers and its UI is much more daunting (once you login) than, say, Digital Ocean’s or Vultr’s. This is also the reason I’m not sure why Easy Engine has a really simple WordPress-on-nginx deployment option for Linode.
wget -qO ee rt.cx/ee && sudo bash ee sudo ee site create domain.com --wp
So if you’re looking to set up your own self-hosted WordPress blog and you also want to learn how it’s done, I highly recommend using Linode’s documentation. The cool thing here is that if, for some reason, you’ve picked Digital Ocean to host your WP site, you can still use the Linode documentation: they work with both hosts. I personally would recommend Linode simply because it’s been around for longer (and also offers eight-core CPUs against Ocean’s single-core). The relevant guide is here (if you find this tough: the ‘Getting started’ guide is here). Some steps may not work perfectly but you can trust someone’s answered all the questions you’ll have somewhere on Stack Exchange.
Once you’re up, consider strengthening your security with some basic measures (a firewall plus a log-parsing app to defend against SSH attacks):
sudo apt-get install ufw
sudo ufw allow ssh
sudo ufw default allow outgoing
sudo ufw default deny incoming
sudo ufw allow 80/tcp
sudo ufw allow 1725/udp
sudo ufw enable
sudo ufw logging on
sudo apt-get install fail2ban
sudo cp /etc/fail2ban/fail2ban.conf /etc/fail2ban/fail2ban.local
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
nano /etc/fail2ban/jail.local
# set bantime, findtime, maxretry
# set logpath = /var/log/auth.log
# save
cd /etc/fail2ban/filter.d
sudo cat > wordpress.conf
sudo nano /etc/fail2ban/filter.d/wordpress.conf
# set failregex = - - [(d{2})/w{3}/d{4}:1:1:1 -d{4}] "POST /wp-login.php HTTP/1.1" 200
# set ignoreregex =
# save
sudo nano /etc/fail2ban/jail.local
# set wordpress jail
# set enabled = true
# set filter = wordpres
# set logpath = /var/www/example.com/logs/access.log
# save
sudo fail2ban-client start
Happy blogging!
*The blog I set up is private.
Featured image credit: heladodementa/pixabay.