How to Self-Host an eCommerce Store
Self-hosting gives you complete control over your store's code, data, and infrastructure. You eliminate monthly platform fees, avoid transaction percentages charged by hosted platforms, and gain the freedom to customize every aspect of the shopping experience. The trade-off is that you are responsible for server administration, security updates, backups, and performance optimization. This guide makes each step concrete and actionable.
Step 1: Choose Your Hosting Provider and Server
Your server choice directly impacts store performance, reliability, and monthly costs. For most open source ecommerce stores, a VPS (Virtual Private Server) provides the right balance of performance, control, and cost.
Recommended providers and pricing:
DigitalOcean offers Droplets starting at $6 per month (1GB RAM) with straightforward pricing and excellent documentation. For ecommerce, their $24 per month plan (4GB RAM, 2 vCPUs, 80GB SSD) handles WooCommerce and PrestaShop stores with up to 10,000 products and several hundred daily visitors comfortably.
Hetzner offers significantly more resources per dollar, with their CX31 plan providing 8GB RAM and 2 vCPUs for approximately $8 per month (EU data centers) or $12 per month (US). This makes Hetzner the best value for self-hosted ecommerce.
Linode (now Akamai) and Vultr offer competitive VPS plans in the $12 to $48 per month range with global data center options.
Minimum server specifications by platform:
WooCommerce or OpenCart: 1GB RAM, 1 vCPU, 25GB SSD (functional but tight). 2GB RAM recommended for comfortable operation.
PrestaShop: 2GB RAM, 2 vCPUs, 50GB SSD for stores with up to 20,000 products.
Magento Open Source: 4GB RAM minimum, 2+ vCPUs, 100GB SSD. Needs Elasticsearch, Redis, and ideally Varnish.
Saleor or Medusa: 2GB RAM, 1 vCPU for the application server, plus PostgreSQL and Redis (can run on the same server for smaller stores).
Choose a data center location close to your primary customer base. If most of your customers are in North America, choose a US data center. If in Europe, choose an EU location. Latency between your server and your customers directly affects page load times.
Step 2: Set Up Your Server Stack
Once your server is provisioned, you need to install the software stack your ecommerce platform requires. The most common stack for PHP-based platforms (WooCommerce, PrestaShop, Magento, OpenCart) is Linux, Nginx, MySQL, and PHP, often called LEMP.
Initial server hardening. Before installing anything, secure your server. Create a non-root user with sudo privileges. Disable root SSH login. Change the SSH port from 22 to a non-standard port. Install and configure UFW (Uncomplicated Firewall) to allow only ports 80 (HTTP), 443 (HTTPS), and your SSH port. Install fail2ban to block brute-force login attempts. These basic steps prevent the most common automated attacks.
Web server. Nginx is recommended over Apache for ecommerce because it handles concurrent connections more efficiently and uses less memory. Install Nginx from your distribution's package manager. For Ubuntu or Debian, this is a single command. Configure a server block (virtual host) for your domain with the document root pointing to where you will install your ecommerce platform.
PHP (for WooCommerce, PrestaShop, Magento, OpenCart). Install PHP 8.1 or newer with the extensions your platform requires. Common required extensions include mysql, curl, gd, mbstring, xml, zip, intl, and opcache. Configure PHP-FPM for processing PHP requests through Nginx. Set reasonable memory limits (256MB for WooCommerce, 512MB to 768MB for Magento) and upload limits (at least 64MB for product image uploads).
Node.js (for Medusa, Saleor frontend). Install Node.js 18 LTS or newer using nvm (Node Version Manager) for easy version management. Install PM2 as a process manager to keep your Node.js application running and automatically restart it after crashes or server reboots.
Database. Install MySQL 8.0 or MariaDB 10.6+ for PHP-based platforms. Install PostgreSQL 14+ for Saleor and Medusa. Create a dedicated database and user for your ecommerce application with only the necessary privileges (no GRANT ALL on the entire server). Configure automated daily database dumps stored in a separate location from your primary server.
Redis (recommended for all platforms). Install Redis for object caching and session storage. Redis dramatically improves performance by caching database queries and storing user sessions in memory rather than on disk. Configuration is minimal, as defaults work well for most ecommerce deployments.
Step 3: Install Your eCommerce Platform
Each platform has its own installation process. Here are the essentials for the most common options.
WooCommerce: Install WordPress first by downloading the latest release, extracting it to your web root, and running the browser-based installer at your domain. After WordPress is configured, go to Plugins, search for WooCommerce, install and activate it. The WooCommerce Setup Wizard walks through store location, currency, product types, and payment gateway configuration. The entire process from bare WordPress to working store takes about 20 minutes. For a detailed walkthrough, see our WooCommerce installation guide.
PrestaShop: Download the latest release from the PrestaShop project website. Extract it to your web root and navigate to your domain in a browser. The web-based installer checks system requirements, creates the database, and walks through store configuration including language, country, and admin account setup. After installation, delete the /install directory and rename the /admin directory to a custom name for security.
Magento Open Source: Magento installation requires Composer. Install Composer, then use it to create a new Magento project. Before running the installer, ensure Elasticsearch is running and accessible. Run the Magento CLI installer with your database credentials, admin URL, and Elasticsearch connection details. Initial indexing and static content deployment can take 10 to 30 minutes. Magento's installation is the most complex of any open source ecommerce platform, and the official documentation should be followed precisely.
Medusa or Saleor: Both platforms use Docker for the simplest deployment path. Clone the repository, copy the example environment file, configure your database connection and API keys, and run docker-compose up. For production deployment without Docker, follow the platform's production deployment guide, which involves configuring the application server, database, Redis, and a reverse proxy (Nginx) to route traffic to the application.
Step 4: Configure SSL and Domain
SSL (HTTPS) is mandatory for ecommerce. Browsers warn users about insecure sites, search engines penalize non-HTTPS pages, and payment gateways require encrypted connections.
DNS configuration. Log into your domain registrar and create an A record pointing your domain (www.yourdomain.com and yourdomain.com) to your server's IP address. DNS propagation typically takes 1 to 24 hours, though most registrars propagate within an hour.
SSL certificate with Let's Encrypt. Install Certbot on your server. Run Certbot with the Nginx plugin, which automatically obtains a free SSL certificate, configures Nginx to use it, and sets up automatic renewal. Let's Encrypt certificates are valid for 90 days and Certbot renews them automatically via a cron job or systemd timer. There is no reason to pay for an SSL certificate for a standard ecommerce store when Let's Encrypt provides the same encryption for free.
Force HTTPS. Configure Nginx to redirect all HTTP requests to HTTPS. Ensure your ecommerce platform's site URL is set to https:// so that all internal links, static assets, and API calls use encrypted connections. Test your SSL configuration using an online SSL checker to verify that your certificate chain is complete and your server is not vulnerable to known TLS attacks.
Step 5: Connect Payment Gateways
Payment processing is the most critical integration in your store. Set up at least two payment methods to maximize checkout conversion.
Stripe is the recommended primary payment gateway. Create a Stripe account, obtain your API keys from the Stripe dashboard, and install the Stripe payment plugin for your ecommerce platform. Configure the plugin with your publishable key and secret key. Enable the payment methods you want to accept: credit cards, Apple Pay, Google Pay, and any buy-now-pay-later options Stripe supports in your country. Start in Stripe's test mode, run several test transactions with Stripe's test card numbers, and verify that orders appear correctly in both Stripe and your ecommerce admin before switching to live mode.
PayPal should be your secondary payment method. Create a PayPal Business account, generate API credentials in the PayPal Developer Portal, and install the PayPal payment plugin for your platform. Configure it with your credentials and enable PayPal Checkout, which allows customers to pay with their PayPal balance, credit cards through PayPal, or Pay Later options. Test with PayPal sandbox accounts before going live.
Verify the complete payment flow: customer adds items to cart, proceeds to checkout, selects payment method, completes payment, receives order confirmation email, and the order appears in your admin with correct totals and payment status. Also test refunds to ensure they process correctly through both the payment gateway and your store's order management.
Step 6: Configure Shipping and Tax Rules
Shipping. Start simple and add complexity as needed. Configure flat-rate shipping zones for your primary selling regions. Most platforms let you define zones (domestic, international) with flat rates or weight-based rates per zone. If you ship via USPS, UPS, or FedEx, install the carrier's plugin to provide real-time calculated rates at checkout. For free shipping promotions, set a minimum order threshold (free shipping over $50, for example) as a shipping rule.
Tax rules. Tax configuration depends on your jurisdiction and where you have tax obligations (nexus). For US-based stores selling domestically, you can configure tax rates manually by state, or integrate with an automated tax service like TaxJar or Avalara that calculates the correct rate based on the ship-to address. For EU-based stores, configure VAT rates by country and set up the VAT exemption validation for B2B orders. Most platforms handle basic tax scenarios natively, but cross-border selling with complex tax requirements benefits from a dedicated tax calculation service.
Step 7: Set Up Backups and Monitoring
Your ecommerce store contains customer data, order history, and product information that cannot be recreated if lost. Backups are not optional.
Database backups. Configure automated daily database dumps using a cron job that runs mysqldump (for MySQL) or pg_dump (for PostgreSQL) and compresses the output. Store backups in at least two locations: on the server itself (for quick restoration) and off-server (for disaster recovery). Cloud storage services like Backblaze B2, AWS S3, or DigitalOcean Spaces provide affordable off-site backup storage at $5 to $10 per month for typical ecommerce database sizes.
File backups. Back up your ecommerce application files, uploaded product images, and any custom code or configuration files. These change less frequently than the database, so a weekly full backup with daily incremental backups is usually sufficient. Use rsync to a remote server or a tool like restic for encrypted, deduplicated backups to cloud storage.
Test your backups. A backup you have never restored is a backup you cannot trust. At least once a month, restore a backup to a test environment (a separate VPS or a local Docker setup) and verify that the store loads correctly with all products, orders, and customer data intact.
Uptime monitoring. Use a free monitoring service like UptimeRobot (free for up to 50 monitors) or Better Stack to check your store's availability every few minutes and alert you via email, SMS, or Slack if it goes down. Monitor both the homepage and the checkout page, as different parts of the application can fail independently.
Step 8: Optimize for Performance
Page speed directly impacts conversion rates. Research consistently shows that each second of additional load time reduces conversion rates by 7 to 12 percent. An ecommerce store that loads in 4 seconds instead of 2 seconds loses measurable revenue.
Enable object caching with Redis. Configure your ecommerce platform to use Redis for caching database queries, session data, and frequently accessed objects. WooCommerce uses the Redis Object Cache plugin. PrestaShop has built-in cache configuration. Magento uses Redis for both cache and session storage. This single optimization typically reduces page generation time by 40 to 60 percent.
Configure a CDN. A Content Delivery Network serves static assets (images, CSS, JavaScript) from edge servers close to your customers. Cloudflare offers a free plan that provides CDN caching, DDoS protection, and SSL. BunnyCDN charges approximately $0.01 per GB for a pull-zone CDN with global coverage. Configure your ecommerce platform to serve static assets through the CDN URL.
Optimize images. Product images are typically the largest assets on ecommerce pages. Resize images to the maximum display size needed (800 to 1200px wide for product pages), compress them with tools like jpegoptim or pngquant, and serve them in WebP format where browser support allows. Many ecommerce platforms have plugins that automate image optimization on upload.
Enable OPcache for PHP. PHP OPcache stores compiled PHP scripts in memory, eliminating the overhead of parsing and compiling PHP code on every request. This is typically enabled by default in modern PHP installations but verify it is active and configure adequate memory (128MB to 256MB) for your application size.
Target benchmarks. Your homepage should load in under 2 seconds. Product pages should load in under 2.5 seconds. The checkout page should load in under 3 seconds. Use Google PageSpeed Insights and GTmetrix to measure performance and identify specific bottlenecks.
Step 9: Test and Launch
Before opening your store to real customers, test every user-facing workflow end to end.
Checkout testing. Place test orders with every payment method you offer. Verify that order confirmation emails are sent to the customer and to your admin address. Check that order totals, tax calculations, and shipping costs are correct. Process a refund and verify it appears in both the payment gateway dashboard and your store's order records.
Mobile testing. Over 60% of ecommerce traffic comes from mobile devices. Test your store on actual phones (iPhone and Android) and not just desktop browser resize. Verify that the product catalog, cart, and checkout are fully functional on small screens. Pay attention to form fields, button sizes, and navigation on touch devices.
Email testing. Verify that transactional emails (order confirmation, shipping notification, password reset, account creation) are delivered reliably. If your server's IP address is not established for email sending, use a transactional email service like Mailgun, Postmark, or Amazon SES ($0.10 to $1.00 per 1,000 emails) to ensure deliverability.
Security testing. Run your store's URL through a security scanner. Verify that your admin area is not accessible at an obvious path like /admin (rename it on PrestaShop and Magento). Confirm that directory listing is disabled in Nginx. Check that sensitive files (.env, configuration files, database backups) are not publicly accessible.
Once testing is complete and all issues are resolved, update your DNS to point your production domain to your server, switch payment gateways from test mode to live mode, and your store is open for business.
Self-hosting an ecommerce store requires upfront effort for server setup, platform installation, and security configuration, but the result is a store you fully own and control. Monthly infrastructure costs run $20 to $100 for most stores, compared to $39 to $399 per month for proprietary platforms, and you retain complete ownership of your code, data, and customer relationships.