Thursday, 31 May 2012

How to set up WordPress on Amazon EC2

First of all, you need to get yourself an Amazon Web Services account. You need to attach a credit card to the account but they won't charge you until you use something. If you choose to create a 'Micro' instance, which I'll cover in just a moment, you may indeed be able to host your website or blog for a whole year for free!

OK... so now you've got your account set up, lets get started...

1. Create your Instance (Virtual Server)

Open up your AWS Management Console and on the EC2 tab, we need to create an Instance. Select the region you'd like to host your website, and then select 'Launch Instance'.

Go with the 'Classic Wizard', and then you can get straight on choosing your preferred OS. I chose Amazon Linux (64-bit) for my server, which I assume is going to be more closely married to the EC2 service as a whole.

Once selected, your next option is to choose the Instance type you require. This is basically how much grunt you're going to need. For a small blog site or if you are just testing stuff out, you should be OK with a Micro instance, but for anything else you'll need to choose something more powerful.

All the remaining instance details can be left default, and you can add descriptive tags if you like. Next you need to create a key pair; this essentially works like a password to access your server. Just give it a name and click 'Create and Download your Key Pair', saving it in a safe place.

The final step is to create a security group, which is a set of firewall port rules. Name the group 'WordPress', add a description (I just repeated 'WordPress'), and then add the following Inbound rules:

Custom Rule, Port Range 20-21 (
Custom Rule, Port Range 14000-14050 (

Those rules deal with access for web traffic, terminal access and FTP. Finish up the wizard and in just a few moments you will see your server up and running under 'Instances'

2. Connect to your Instance

In the AWS Console select the running instance and, under 'Instance Actions', click 'Connect'. A Java based SSH client will open up and, once you've provided the path to the key file you saved earlier, you'll have a linux shell ready and we can get on with configuring the server.

First, lets install all the available updates. Type:
sudo yum update

A lot of the commands in this article also require root access, so each time I connect to the instance I'll just run one command to elevate my permissions. Otherwise I would need to prefix everything with 'sudo'.

sudo su

3. Install Apache Web Server

To install apache, type:
yum install httpd

Start the service:
service httpd start

Set the service to start automatically:
chkconfig httpd on

4. Install PHP

To install PHP, Type:
yum install php php-mysql

Restart apache:
service httpd restart

5. Install MySQL

To install MySQL, type:
yum install mysql-server

Start MySQL:
service mysqld start

Set the service to start automatically:
chkconfig mysqld on

Create your wordpress database:
mysqladmin -uroot create wordpress

Secure your database:

Answer the wizard questions as follows:
Enter current password for root:  Press return for none
Change Root Password:  Y
New Password:  Set a strong password and make sure you document it!
Remove anonymous user:  Y
Disallow root login remotely:  Y
Remove test database and access to it:  Y
Reload privilege tables now:  Y

6. Install WordPress

Most of the articles I found covering this suggested installing WordPress in a directory called 'blog' or 'site' or something similar within /var/www/html, however in this case I am going to install it directly into the root folder as I do not like having those extra bits in my website URL.

Change directory:
cd /var/www

Download WordPress:

Extract WordPress:
tar -xzvf latest.tar.gz

Move WordPress into the html folder:
rmdir html
mv wordpress html

Clean up:
rm latest.tar.gz

Create and edit the config file:
cd html
mv wp-config-sample.php wp-config.php
vi wp-config.php

That last command will open the config file for view. You can scroll up and down with the cursor keys and if you press i on your keyboard it will go into edit mode. You need to edit the following lines:

define(‘DB_NAME’, ‘wordpress’);
define(‘DB_USER’, ‘root’);
define(‘DB_HOST’, ‘localhost’);

When you are finished editing, you press Esc on your keyboard, and then type :wq and press enter to save the file and quit vi.

7. Assign an Elastic IP Address

One mistake I made in my early attempts was to rush on with configuring WordPress before I had assigned an Elastic IP address to the server in the AWS console. If you don't assign an Elastic IP, when you restart the server, its public DNS will change and your WordPress configuration will be broken. It's easy to fix, but can be avoided, so lets assign an Elastic IP so that we have a permanent address to work with:

In the AWS console, choose Elastic IPs and then 'Allocate New Address'. Once allocated, associate it with the server instance.

8. Configure WordPress

We are now ready to configure WordPress, so just put (replacing with your Elastic IP address of course) into your web browser and that will trigger the WordPress configuration process:

It's simple, just give your website a name and set up an admin password and your site is ready!

9. Install an FTP Server

If you want to be able to easily update the files in your WordPress installation, then you'll need an FTP server.

Back in the SSH terminal, install the FTP server by typing:
yum install vsftpd

Edit the config file at /etc/vsftpd/vsftpd.conf
cd /etc/vsftpd
vi vsftpd.conf

That last command will open the config file for view. You can scroll up and down with the cursor keys and if you press i on your keyboard it will go into edit mode. You need to edit the following lines:

Disable anonymous access:

These next 6 lines will need to be added to the config file.
Configure the FTP server for passive connections:

Configure the FTP Server to send your Elastic IP address to clients for passive connections: (Replace with your Elastic IP)

When you are finished editing, you press Esc on your keyboard, and then type :wq and press enter to save the file and quit vi.

Start the FTP service:
service vsftpd start

Set the service to start automatically:
chkconfig vsftpd on

10. Configure an FTP User

Add an FTP user, giving access only to the WordPress files and for additional security ensuring the user can not open a shell:
useradd ftpuser -d /var/www/html -s /sbin/nologin

Set the password for ftpuser:
passwd ftpuser

Set a strong password and make sure you document it!

To stop WordPress continually asking for your FTP login details every time you update a plugin or theme, edit the config file:
cd /var/www/html
vi wp-config.php

That last command will open the config file for view. You can scroll up and down with the cursor keys and if you press i on your keyboard it will go into edit mode. You need to add the following lines after the MySQL database settings:

/** FTP Settings */
define("FTP_USER", "ftpuser");

When you are finished editing, you press Esc on your keyboard, and then type :wq and press enter to save the file and quit vi.

11. Set Permissions on WordPress Files and Folders

To change the permissions on WordPress files and folders to recommended values, type:
find /var/www/html/ -type d -exec chmod 755 {} \;
find /var/www/html/ -type f -exec chmod 644 {} \;

Change the ownership of the files to 'ftpuser'. Because PHP runs in the identity of the file owner, this will ensure that WordPress can modify files as needed as well maintaining our own access and ensuring read-only access for everyone else:
chown -R ftpuser /var/www/html

12. Back Up Your Instance

As always, we should take regular backups, and so with the initial build and configuration all complete, lets take an image of the server so that if something goes wrong in the future, we never have to go through this process again!

In the AWS console, select your server and then under Instance Actions, choose 'Stop'. Once the server has shut down, again under Instance Actions, choose 'Create Image':

Fill in the details, and then press 'Yes, Create'. Once complete, this will be available in the console under Images and Snapshots and you can use it to either roll back or create a new server.

When you start your instance up again, you might have to re-associate the Elastic IP, otherwise that's it...

All done!


jameshuckabonetech said...

First! Everyone below this comment is jelly ... seriously though, thank you very much. I was able to install everything up to wordpress on my own but could not figure out the update asking for FTP access problem until reading your beautifully written tutorial. Thank you!

Anonymous said...

This was the best and most thorough tutorial on setting up Wordpress on an EC2 server that I have found on the web to date.


Stephen White said...

Thanks for the feedback! I'm glad you found it useful. I am almost ready to put the website I am building live, so I will be sure to update the article with any final changes I need to make.

Bailey Smith said...

So, I did not assign my elastic ip before setup, do you have any tips for fixing that?

Stephen White said...

The problem I remember is that the WordPress site URL is based on the IP address, so when it changes you have to change it in WordPress too. Have a read here:

Anonymous said...

Thankyou for an amazingly clear and professional tutorial.

I have 2 questions if you could possibly point me in the right direction.

1. What do i use the host address in my FTP client to connect?

2. How can i associate my domain to the elastic IP, do i have to change some DNS settings.

Thanks in0advance


Unknown said...

Hi Again... Sorry another question?

I'am having a bit of trouble adding folders in "NexGen Gallery Plugin" and general uploading of images in posts.

I think my permission are wrong, please could you help me get them correct.

This is an error i get when trying to upload an image in a new post.

Unable to create directory wp-content/uploads/2012/09. Is its parent directory writable by the server?

How do i make its parent dir writable by the server?

Thank you in-advance


Stephen White said...


The elastic IP is the host address, so you can use it in your FTP client.

To point your domain at the elastic IP address you need to go to your provider's DNS management tools and edit the host (A) record.

With regard to permissions, have you completed step 11 to set the correct permissions and file ownership? If so, then whilst these are the recommended permissions, things often need a little massaging to get them to work in the real world!

You can try using chmod to set more relaxed permissions, such as 777, on the uploads folder - Just make sure you only do it on the uploads folder.

Note: 777 is too relaxed, but you can do it for the short term to get it working, so long as you go back and fix it up once you've worked out exactly what they should be.


Stephen White said...


Have a read of this:

In particular the bit titled 'Using the Command Line' covers permissions you should try before giving up and using 777! Also note the section titled 'The dangers of 777'!

Anonymous said...

So - this tut has been awesome except for this step when you set-up the FTP user: useradd ftpuser -d /var/www/html -s /sbin/nologin

I've tried this deployment twice in the last day and I always get this return: useradd: warning: the home directory already exists. Not copying any file from skel directory into it.

When I cat the /etc/passwd I notice that apache already has claimed the var/www/ as home.

I just did a plain useradd and then did usermod -s -d for the respective settings. It seems to work for now.

christian said...

Hi steven

many thanks for this. everything seemed to go okay, but i have a couple of niggling problems.

1) if i switch on permalinks, all pages except my homepage and admin no longer work (returning: Not Found- The requested URL /uncategorized/hello-world/ was not found on this server.)

2) if i try to upload a new theme i get another error (Unable to create directory wp-content/uploads/2012/10. Is its parent directory writable by the server?) - permission on that folder is set to 755.

any ideas? anyone? very much appreciated


Gerard said...

Christian, having the same problem with permalinks.. Apache config?? I dunno how to do that, but anyone who does?? my .htaccess is writable and WP seems to write the right stuff, but it doesn't work.

Gerard said...


Solved it.

ssh into your instance
sudo su
vi /etc/httpd/conf/httpd.conf
find the line:
AllowOverride None
after the (about line 339 or so...)

change to AllowOverride All (case matters! All not all or ALL)
:wq to save
service httpd restart

then set your setting in the permalinks area. Make sure .htaccess is writeable
TADA! (go to say this at the end....)

Kert Heinecke said...

I ran into a problem here:

When you are finished editing, you press Esc on your keyboard, and then type :wq and press enter to save the file and quit vi.

just kept pinging at me and nothing seemed to happen. so I closed the window and proceeded with the elastic ip. when I then type it into my browser, it times out. any suggestions on how to repair?



Unknown said...

This was supremely helpful (easily the most straightforward recipe for getting up and running on EC2). The only problem I had was that I just couldn't find a way for ftpuser to have ownership of the wp-content folder without stopping Wordpress being able to add plugins, upload images, etc. In the end I gave up on the FTP approach and found a reasonable compromise here.

faiz said...

Its an AMAZING article.
Thanks a lot!

Saxon Nicholls said...

Hi - I have done what you said on Amazon EC2 - I get this message when uploading media - what do i do?


Unable to create directory wp-content/uploads/2012/12. Is its parent directory writable by the server?

Alex Pompe said...

Saxon, I fixed the problem by changing the access rights for apache with the following command after you ssh into your ec2 server:

sudo chown -R apache:apache /var/www/html

this seemed to allow wordpress to upload media files and also theme zip files.

Alex Pompe said...
This comment has been removed by the author.
justinavn said...

Excellent advice! I was up and running in no time. Thank you.

tEj said...

Hi, i followed the steps at least thrice, i deleted and reinstalled ec2 instances. I followed all steps, and all are working fine, except that, i have set permalink in wordpress, i have added the code to the .htaccess file and uploaded it successfully, and in order to ensure it is writable, i have temporarily set the permission to 777. i have also changed the chown of the html folder to apache:apache. all is working fine, but after 3 trials, i an still getting error 404 for my permalinks. please help...

ps: i am a newbie to programming

tEj said...

Hello, just an update, i needed to change the AllowOveride from None to All for the /var/www/html directory.

Thanks anyways guys

Albert said...

hi, i followed your guide to install wordpress and had it successfully set up. now i'd like to install wp2cloud plugin, and it requires clouSE plugin installed in MySQL, but i'm getting the following error:

ERROR 1126 (HY000): Can't open shared library '/usr/lib64/mysql/plugin/' (errno: 2 /usr/lib64/mysql/plugin/ undefined symbol: my_pthread_fastmutex_init)

any advice please?


Brandon said...

My elastic ip address is just taking me to a tomcat server page telling me installation is complete. Does anyone know how to get to my config page to setup wordpress? I changed my folder name to blog, perhaps that has something to do with it. Please help a lad.

Anonymous said...

Thank you SO much. I spent all night trying to find a good tutorial. Everyone leaves out small details that beginners need to know. You didn't. Thank you, thank you, thank you!

Paras Mendiratta said...


Thanks a lot your wonderful article. It is very useful.

I am using multiple sites under /var/www/html/sitename

I followed the steps and managed to host the wordpress blog.

But when I am trying to update the theme then I am getting error:

Unable to locate WordPress Content directory (wp-content).

Any suggestions to resolve this?

George Wines said...

Thank you for this great post.

I was able to follow the steps without any problems.

I downloaded fileZilla on my laptop to be able to remote into the sftp server that the steps set up. I used the username and password that was set up and pointed to the sftp://elasticURL. I wasnt entirely sure what port to point to, but Ive tried plenty. I get one of the following errors.

With port 22:
Disconnected: No supported authentication methods available (server sent: publickey)

With port 14000 or 14050:
Error: Network error: Connection refused

Google searches havent really helped. Do you have any suggestions?

Stephen White said...

George, it's just regular FTP on port 21. Thanks.

George Wines said...

Thank you Stephen!!! Ive been stuck on that one for a while. Im pretty happy it was something so simple.