How to Install WordPress
WordPress can be installed on shared hosting, a VPS, a dedicated server, or a local development machine. The core steps are the same in every environment, though the tools you use to create databases and upload files differ depending on your hosting setup. This guide covers the manual installation method, which gives you the most control and understanding of how WordPress works at the server level.
Step 1: Check Server Requirements
Before downloading WordPress, confirm that your server meets the minimum requirements. WordPress requires PHP version 7.4 or higher (PHP 8.2 or 8.3 recommended), MySQL version 5.7 or higher (or MariaDB 10.4 or higher), HTTPS support through an SSL certificate, and either Apache with mod_rewrite or Nginx as the web server.
Most modern web hosting providers meet these requirements by default. If you are setting up a VPS from scratch, install the required packages using your distribution's package manager. On Ubuntu, the packages you need are nginx (or apache2), php-fpm, php-mysql, php-xml, php-mbstring, php-curl, php-gd, php-zip, php-intl, and mysql-server (or mariadb-server).
WordPress also recommends that your PHP installation has a memory limit of at least 256 MB and that the max_execution_time is set to 300 seconds or higher. These values are configured in your php.ini file.
Step 2: Create a Database
WordPress stores all its content, settings, user accounts, and configuration data in a MySQL or MariaDB database. You need to create an empty database and a database user before running the WordPress installer.
On shared hosting, use the database creation tool in your control panel (cPanel, Plesk, or similar). On a VPS, log into MySQL from the command line and run the SQL commands to create the database, create a user, and grant that user full privileges on the database. Use a strong, randomly generated password for the database user.
Record the database name, username, password, and database host (usually "localhost" on the same server). You will need these values in the next steps.
Step 3: Download and Upload WordPress
Download the latest version of WordPress from wordpress.org/download. The download is a ZIP archive containing all the core WordPress files. Extract the archive on your local machine, which will create a folder called "wordpress" containing the application files.
Upload the contents of the wordpress folder (not the folder itself) to your web server's document root directory. On shared hosting, this is typically the public_html or www directory, accessible via FTP or the hosting panel's file manager. On a VPS, you can download the archive directly to the server using wget or curl, then extract it in place.
Alternatively, use WP-CLI (the WordPress command-line interface) to download and install WordPress in a single command. WP-CLI is pre-installed on many managed WordPress hosts and can be installed on any server that runs PHP.
Step 4: Configure wp-config.php
In the WordPress root directory, find the file named wp-config-sample.php. Rename it to wp-config.php and open it in a text editor. This file contains the configuration constants that tell WordPress how to connect to your database and how to handle security.
Replace the placeholder values for DB_NAME, DB_USER, DB_PASSWORD, and DB_HOST with the actual database credentials you created in Step 2. The DB_HOST value is usually "localhost" if the database server is on the same machine as the web server.
Scroll down to the authentication keys and salts section. Visit the WordPress secret key generator (api.wordpress.org/secret-key/1.1/salt/) to generate unique random values, then paste them into wp-config.php, replacing the placeholder text. These keys encrypt information stored in cookies and improve the security of your installation.
Set the table prefix if you want something other than the default "wp_". Using a custom prefix adds a minor layer of security by making automated SQL injection attacks slightly less predictable, though it is not a substitute for proper security measures.
Step 5: Run the Installation Wizard
Open your web browser and navigate to your domain (e.g., https://example.com). WordPress will detect that the installation has not been completed and display the setup wizard. Select your language, then fill in the site information: site title, admin username, admin password, and admin email address.
Choose a strong, unique admin username rather than "admin" to reduce the risk of brute-force login attacks. Use a strong password that the wizard generates or create your own with at least 16 characters including letters, numbers, and special characters.
If you are installing on a staging or development server that should not be indexed by search engines, check the "Discourage search engines from indexing this site" option. You can change this later in the WordPress settings when the site is ready for public access.
Click "Install WordPress" and the wizard will create the database tables, populate them with default data, and redirect you to the WordPress dashboard. Your installation is now complete.
Step 6: Secure and Optimize the Installation
Immediately after installation, take several steps to secure and optimize your WordPress site. Install an SSL certificate if one is not already configured. On a VPS, use Certbot with Let's Encrypt. On shared hosting, use the SSL tool in your hosting control panel. Then go to Settings > General in WordPress and change both the WordPress Address and Site Address to use https://.
Set correct file permissions on the server. Directories should be set to 755 and files to 644. The wp-config.php file can be set to 600 or 640 for additional security. The web server user (www-data on Ubuntu, nginx on some distributions) should own the WordPress files.
Delete the default themes you are not using (keeping one default theme as a fallback is recommended). Delete the "Hello Dolly" plugin. Remove the default sample post, sample page, and sample comment. Install a caching plugin like WP Super Cache or W3 Total Cache to serve static HTML files instead of processing PHP on every page load.
Configure permalink structure under Settings > Permalinks. The "Post name" option (/%postname%/) is the most common and SEO-friendly structure. WordPress will modify your .htaccess file (Apache) or require you to update your Nginx configuration to support pretty permalinks.
Installing WordPress with WP-CLI
WP-CLI is the official command-line tool for WordPress that can automate the entire installation process. After installing WP-CLI on your server, you can download WordPress, create the configuration file, install the database tables, and activate themes and plugins all from the terminal without using a web browser.
The command sequence is: wp core download to fetch the files, wp config create to generate wp-config.php with your database credentials, wp db create to create the database (if it does not exist), and wp core install to run the installation with your site title, admin username, and admin email as parameters. This approach is especially useful for automated deployments and staging environment creation.
Common Installation Issues
The most common problem during WordPress installation is incorrect database credentials in wp-config.php. Double-check the database name, username, password, and host values. The error message "Error establishing a database connection" almost always means one of these values is wrong or the database server is not running.
White screen or PHP errors during installation usually indicate that the server does not meet the minimum PHP requirements or that required PHP extensions are missing. Check the PHP version and installed extensions using a phpinfo() file or the command line.
Permission errors when WordPress tries to create directories or write files mean the file ownership or permissions are incorrect. The web server process needs write access to the wp-content directory for uploading media, installing plugins, and creating cache files.
WordPress installation is a straightforward process of creating a database, uploading files, editing one configuration file, and running a browser-based wizard. The more important work comes after installation: securing the site, optimizing performance, and establishing an update routine.