Linode provides affordable cloud compute, storage, and networking services. Their $5/month shared instance plan is a perfect starting point for a WordPress site. I got started with Linode because I wasn't happy with my hosting provider's declining performance and increasing price. Read on to learn how to host WordPress with Linode Marketplace Apps, configure an SSL certificate, upgrade PHP and other tips and tricks.
There are a few things you will want to do before deploying your WordPress node:
- Create a Linode account if you don't already have one
- Purchase a domain name for your site
If you want to manage your domain DNS records at Linode, you will need to set your domain to use the Linode name servers. Additional information regarding the Linode DNS Manager can be found here.
Deploy WordPress Marketplace App
The Linode App Marketplace allows for rapid one-click deployment of popular applications. To deploy the WordPress app:
- Log in to the Linode Cloud Manager
- From the Linode dashboard, click Marketplace in the left-hand navigation menu
- Under the Select App section, select the "WordPress - Latest" app
- Scroll down to the "WordPress - Latest Options"
- E-Mail Address: Email address for the WordPress administrator account. Required.
- Admin Username: The user name for your WordPress admin account. This is the user name that you will use to log into your WordPress site. Required.
- Admin Password: The password for your WordPress admin account. Required.
- MySQL root Password: The root password for your MySQL database. Required.
- WordPress Database Password: The root password for your WordPress database. Required.
For security, it is recommended that all passwords are different!
Now for the Advanced Options. These are all preset and optional to configure.
- WebSite Title: Enter a name for your WordPress site. The default for this option is "My WordPress Site". For example if you want your web site to be called "The World's Greatest Blog", enter that here.
- The limited sudo user to be created for the Linode: This is a recommended setting. If you do not configure a limited sudo user account, then you will be using the root account for SSH access.
- The password for the limited sudo user: If you are creating a limited sudo user, enter the password here. Must meet strong password requirements.
- The SSH Public Key that will be used to access the Linode: If you wish to access SSH via Public Key instead of by password, enter the public key here. This public key will be used by the limited sudo user.
- Disable root access over SSH: The default is NO. If you create a limited sudo user, suggest setting this to YES to block root access via SSH.
- The following advanced options are only relevant if you are using Linode to manage your domain DNS records:
- Your Linode API token: If this is provided along with the subdomain and domain fields, the installation attempts to create DNS records via the Linode API.
- Subdomain: The subdomain for the DNS record. If your domain is example.com, entering www here would create a DNS record for www.example.com.
- Domain: The domain for the DNS record. If your domain is example.com, then enter example.com here.
- Would you like to be able to send password reset emails for WordPress: I'm not 100% sure as I could not find any documentation on this setting, but I believe this will create MX records for your domain. The default is NO.
- Would you like to use a free Let's Encrypt SSL certificate: Select Yes if you would like the install to create an SSL certificate for you, or No if you do not. The default is NO.
- Select an Image: This one is easy, as Debian 10 is the only image you can select.
- Region: Select where you want your Linode to reside. In general, you should select a region that is closest to you. For example, if you live on the west coast of the United States, select Fremont, CA.
- Linode Plan: Select your Linode's hardware resources. WordPress is very lightweight, so the Nanode 1GB plan should be more than sufficient. As your site grows, you can resize your Linode.
Now let's finish up the final remaining options.
- Linode Label: Enter a name for your Linode. It must be unique amongst all Linodes in your account. The default is Marketplace app name followed by region. In this example it's wordpress-latest-us-west. Required.
- Add Tags: You can create tags for your Linodes to group them together. Then, when you are logged into the Linode Cloud Manager you can group your Linodes by tag.
- Root Password: The primary administrative password for your Linode. This password must be provided when you log in to your Linode via SSH. Must meet strong password requirements.
- SSH Keys: If you have uploaded public keys to your Linode Profile, you can select which one to use, if any.
- Backups: For $2 per month you get automatic backups and the ability to take an on demand snapshot. That's a small price to pay for peace of mind. As it only takes a typo to bring your site down, I highly recommend this option!
- Private IP: Do NOT select this option. Giving your Linode a private IP will make it inaccessible from the public internet.
Now click the Create Linode button. Your Linode should be ready for use in about 5 minutes.
Access Your WordPress Linode
Once you click the Create Linode button you will be take to the Linode status display. You can also view the status of your Linode by clicking on Linodes in the left hand navigation menu and selecting the Linode you just created.
- Note the IPV4 address of your Linode.
- Copy and paste the IPV4 address into a new browser window or tab. You should see the home page of your WordPress site.
- Copy and paste the IPV4 address into your SSH client. You should be able to log into your Linode using either the sudo account (if created) or root account (if enabled).
Create DNS Records
If you are managing your own domain DNS records you should configure them now. At a minimum the IPV4 and IPV6 host records should be configured.
- Note the IPV4 and IPV6 addresses of your Linode.
- Add an IPV4 wild card A record to your DNS with a name of '@' pointing to your Linode IPV4 address.
- Add an IPV6 wild card AAAA record to your DNS with a name of '@' pointing to your Linode IPV6 address.
- If your web site has a subdomain such as www.example.com, add IPV4 A and IPV6 AAA records for the subdomain www.
If you plan to use your Linode to send e-mail or simply want your reverse DNS lookup to resolve to your domain name:
- Click Linodes in the left hand navigation menu and select the Linode you just created.
- Click Network.
- Under IP Addresses, select Edit RDNS and enter your domain name for both the IPV4 - Public and IPV6 - SLAAC addresses.
Configure SSH Public Key Authentication
If you did not specify any SSH Keys to use for public key authentication you can configure that now.
- SSH to your Linode IPV4 address. For example ssh [email protected] or [email protected]
- Login as root or the sudo account (if you created one during installation).
- Enter your password.
- mkdir ~/.ssh
- chmod 700 ~/.ssh
- vi ~/.ssh/authorized_keys
- Press I to enter insert mode.
- Paste the contents of your public key.
- If you are using putty or have issues pasting the contents of your public key, try entering paste mode by pressing escape, then type :set paste <enter> and then press I. The status bar should now say -- INSERT (paste) --. Then press the right mouse button to paste your public key.
- Enter :wq to save the file.
- chmod 600 ~/.ssh/authorized_keys
You should now be able to SSH into your Linode without having to type in a password.
Configure LetsEncrypt SSL Certificate
If you did not request a LetsEncrypt SSL certificate during installation or are managing your own DNS records, let's set that up now:
- SSH into your Linode.
- Make a backup copy of your Apache WordPress configuration file.
- cp /etc/apache2/sites-available/wordpress.conf /etc/apache2/sites-available/wordpress.conf.orig
- Edit /etc/apache2/sites-available/wordpress.conf with your favorite editor (vi, vim, nano, etc).
- Change ServerName from IP address to your domain name if necessary.
- If you are using a subdomain like www, add ServerAlias www.domain.name under the ServerName.
- If you ONLY want to respond to www.domain.name, make that the ServerName and do not add a ServerAlias.
- Install the CertBot Apache package:
- sudo apt install python-certbot-apache
- Verify your Apache configuration file is good:
- sudo apache2ctl configtest
- You should see "Syntax OK". If not, edit your config file or replace it from the backup (wordpress.conf.orig) and try again until you get a "Syntax OK" response.
- Reload Apache for the new configuration file to take effect:
- sudo systemctl reload apache2
- Start the CertBot Apache wizard:
- Enter an e-mail address to be used for renewal and security notices. LetsEncrypt certificates are only good for three (3) months, so make sure you enter a valid e-mail address so you can stay on top of renewing the certificate.
- Agree to the terms of service by pressing A <enter>.
- If you want to share your e-mail address with the Electronic Frontier Foundation, press Y <enter> otherwise press N <enter>.
- If you configured a ServerAlias in your WordPress config file, you will see both the ServerName and ServerAlias domains listed.
- Press enter to activate HTTPS for your domain(s).
- Determine if you want to redirect HTTP traffic to HTTPS:
- Enter 1 for no redirection
- Enter 2 to redirect all HTTP traffic to HTTPS
- Test your web site in a browser by going to https://your.domain.name and or https://www.your.domain.name.
- You can also test your HTTPS setup at SSL Labs.
Update WordPress General Settings
If you access https://your.domain.name or https://www.your.domain name the site may look pretty messed up at this point. However, if you go to http://linode.ipv4.address the site looks fine. This is because Apache is now configured to handle requests for the actual domain name(s) rather than the IP address but WordPress is configured to expect the IP address. To reconfigure WordPress to expect the domain name:
- Open http://linode.ipv4.address/wp-admin in a browser.
- Log in with the WordPress admin user name and password specified during installation.
- Navigate to Settings > General from the left hand navigation menu.
- Chances are, the WordPress Address (URL) and Site Address (URL) are pointing to http://your.ipv4.address. If so, change both to https://your.domain.name or https://www.your.domain.name.
- You may also wish adjust other settings on this page such as site tagline and time zone.
- When finished, click Save Changes.
- Open https://(www.)your.domain.name in a browser. The site should come up without any warnings or errors.
Disable Search Indexing
While you are building your site, you probably don't want search engines trying to index it. Make the following changes to prevent search engines from indexing your site:
- Open https://(www.)your.domain.name/wp-admin in a browser and log in.
- Navigate to Settings > Reading from the left hand navigation menu.
- Check the "Discourage search engines from indexing this site" option to enable it.
- Click Save Changes.
- SSH to your Linode and log in.
- Navigate to /var/www/wordpress and create a robots.txt file:
- cd /var/www/wordpress
- touch robots.txt
- chown www-data robots.txt
- chgrp www-data robots.txt
- Edit robots.txt with your favorite editor (vi, vim, nano, etc) and add the following lines:
- User-agent: *
- Disallow: /
- Test and verify your robots.txt file at Technical SEO.
At the time of writing this guide, the Linode Marketplace WordPress App comes with PHP 7.3. I would suggest upgrading PHP to 7.4. WordPress Site Health (Tools > Site Health) will also complain, stating "Your site is running an older version of PHP". SSH into your Linode and perform the following steps to upgrade PHP to 7.4:
- sudo apt install lsb-release apt-transport-https ca-certificates
- # Download the signing key
- sudo wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
- # Add repo
- echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/php.list
- # Update the list of available packages
- $ sudo apt update
- # Install PHP 7.4
- sudo apt install php7.4
- # Check version
- php -v
- # Install packages
- sudo apt install -y php7.4-common php7.4-xml php7.4-mysql php7.4-pdo php7.4-phar php7.4-simplexml php7.4-curl php7.4-mbstring php7.4-imagick php7.4-zip php7.4-gd php7.4-tidy php7.4-xsl
- # Disable 7.3
- sudo a2dismod php7.3
- sudo a2enmod php7.4
- sudo systemctl restart apache2
Log into your WordPress site and check Tools > Site Health. The PHP warning should now be gone.
Verify Zend OpCache
The Linode Marketplace WordPress app comes with the Zend OpCache preinstalled. Perform the following steps to ensure it's running:
- SSH into your Linode.
- Add the open source OpCache page:
- sudo curl -o /var/www/wordpress/opcache.php https://raw.githubusercontent.com/amnuts/opcache-gui/master/index.php
- Browse to https://(www.)your.domain.name/opcache.php and review the results
- When satisfied, remove the OpCache page:
- sudo rm /var/www/wordpress/opcache.php
Your WordPress Linode should now be up and running, properly configured and optimized. Happy hosting!