Scaleway Documentationtutorials
deploy wordpress managed database mysql8

Jump toUpdate content

How to deploy a Wordpress blog backed by Scaleway Database for MySQL 8

Reviewed on 10 May 2021Published on 22 June 2020
  • compute
  • database
  • mysql
  • dbaas
  • wordpress
  • blog

Wordpress backed by Scaleway Database for MySQL 8 - Overview

In this tutorial you will learn how to setup your own Wordpress blog on a Virtual Compute Instance and backed by Scaleway Database for MySQL 8 to improve your blogs speed, reliability and overall performance. Scaleway Database for MySQL 8 provides up to 48 cores and 256 GB of RAM.

WordPress is a widely used, free, and open-source content management system (CMS) written in PHP. It uses the MySQL relational database system to store its contents. The look and feel of WordPress is highly customizable using different themes and plugins.

Requirements:

Preparing the managed database

  1. Go to the Database section of your Scaleway console and choose your Managed Database Instance from the list:

  2. Click the Databases tab. A list of your existing databases exist. Click + Create Database to create a new database:

  3. Enter a name for your new database, for example wordpress and confirm by clicking on Create Database:

Your database is being created now.

Securing the managed database

Important:

This is an advanced feature and may cause unavaibility of your database. Be careful when using it.

Optionally: You can restrictaccess to your Database Instance to your Virtual Instance for increased security.

  1. Click the Allowed IPs tab to see the list of allowed IPs:

  2. Click the delete button to delete the default rule (0.0.0.0/0 Allow All).

  3. Click Add IP and enter the IP of your compute instance in CIDR notation (for example: 51.15.123.234/32)

  4. Confirm by clicking the Add IP button

Preparing the Virtual Instance

To host Wordpress on our Virtual Instance, we need to install the required software on it. In this tutorial we will use the Apache Webserver with PHP 7.4 to host our blog.

  1. Connect yourself to your compute instance using SSH.

    ssh root@your_instance_ip
  2. Update the apt package manager and upgrade the software already installed on the machine to make sure you have installed the latest upgrades and security patches:

    apt update && apt upgrade -y
  3. Install the Apache web server and PHP:

    apt install apache2 libapache2-mod-php7.4  php7.4-common php7.4-mysql php7.4-curl php7.4-json php7.4-mbstring php7.4-xml php7.4-zip php7.4-gd php7.4-soap php7.4-ssh2 php7.4-tokenizer

Downloading and installing Wordpress

  1. Download the latest Wordpress relase using wget:

    wget -c http://wordpress.org/latest.tar.gz
  2. Unpack the downloaded file using the following tar command:

    tar -xzvf latest.tar.gz
  3. Move the content of the wordpress folder in a directory under the document root for Apache by creating a new folder for your blog (i.e. blog.example.com if you want to host your blog at https://blog.example.com/).

    cp -R wordpress /var/www/html/blog.example.com
  4. Configure the ownership and file permissons on the blog directory. To make sure your blog works as expected, the directory should be owned by the Apache2 user and group called www-data.

    chown -R www-data:www-data /var/www/html/blog.example.com
    chmod -R 775 /var/www/html/blog.example.com
  5. Enter the blog directory and create a wp-config.php file by copying the example file shipped with the application:

    cd /var/www/html/blog.example.com
    cp wp-config-sample.php wp-config.php
  6. Open the configuration file in a text editor, for example nano and edit the MySQL server configuration as follows:

    Edit the hostname for your Managed database in the form: database_ip_address:database_port for example: 51.15.151.53:6241

    Save the file and exit nano.

  7. Create a Apache configuration file for your new blog by opening it in a text editor, we use nano again:

    nano /etc/apache2/sites-available/blog.example.com.conf

    Copy and paste the following content into the file, then save it and quit the text editor:

    <VirtualHost *:80>
    ServerName blog.example.com
    ServerAdmin webmaster@blog.example.com
    DocumentRoot /var/www/html/blog.example.com
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    </VirtualHost>
  8. Test the Apache configuration file for syntax errors:

    apache2ctl -t
  9. If no errors appear, enable the new site and reload Apache2 to activate the configuration:

    a2ensite blog.example.com
    systemctl reload apache2

Securing the connection using TLS

By default HTTP is a plain text protocol and does not use any encryption. To secure the connection between the client and the server, we are going to use the TLS protocol using a certificate issued by the Let’s Encrpt certificate authority. We are going to use a tool, called certbot which manages the the configuration of the Apache2 web server, the certificate creation and renewal of it. Certbot is developed and maintained by the Electronic Frontier Foundation (EFF].

  1. Prepare the system by installing the required dependencies:

    apt install software-properties-common
    add-apt-repository universe
    apt update
  2. Install certbot using the apt package manager:

    apt install certbot python3-certbot-apache
  3. Run certbot to configure the Apache2 web server and to request the certificate for your domain name:

    certbot --apache

    During the certificate generationn, you will be prompted the following questions:

    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator apache, Installer apache
    Enter email address (used for urgent renewal and security notices) (Enter 'c' to
    cancel): me@myemail.com <-- Enter your e-Mail address here, then press Enter to confirm

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Please read the Terms of Service at
    https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
    agree in order to register with the ACME server at
    https://acme-v02.api.letsencrypt.org/directory
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    (A)gree/(C)ancel: A <-- Type A to agree, confirm by pressing Enter

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Would you be willing to share your email address with the Electronic Frontier
    Foundation, a founding partner of the Let's Encrypt project and the non-profit
    organization that develops Certbot? We'd like to send you email about our work
    encrypting the web, EFF news, campaigns, and ways to support digital freedom.
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    (Y)es/(N)o: Y <-- Press Y to share your email address with the Electronic Frontier Foundation or N to refuse sharing your email address. Confirm your choice by pressing Enter.

    Which names would you like to activate HTTPS for?
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    1: blog.example.com
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Select the appropriate numbers separated by commas and/or spaces, or leave input
    blank to select all options shown (Enter 'c' to cancel): 1 <-- Enter the appropiate numbers of the domain names you want to activate HTTPS for, leave the form empty to activate HTTPS for all domain names. Then confirm your choice by pressing Enter.
    Obtaining a new certificate
    Performing the following challenges:
    http-01 challenge for blog.example.com
    Enabled Apache rewrite module
    Waiting for verification...
    Cleaning up challenges
    Created an SSL vhost at /etc/apache2/sites-available/blog.example.com-le-ssl.conf
    Enabled Apache socache_shmcb module
    Enabled Apache ssl module
    Deploying Certificate to VirtualHost /etc/apache2/sites-available/blog.example.com-le-ssl.conf
    Enabling available site: /etc/apache2/sites-available/blog.example.com-le-ssl.conf

    Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    1: No redirect - Make no further changes to the webserver configuration.
    2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
    new sites, or if you're confident your site works on HTTPS. You can undo this
    change by editing your web server's configuration.
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2 <-- Type 2 to redirect all HTTP connections to HTTPS, type 1 to your vistors decide if they want to use HTTP or HTTPS. Confirm your choice by pressing Enter

    Enabled Apache rewrite module
    Redirecting vhost in /etc/apache2/sites-enabled/blog.example.com.conf to ssl vhost in /etc/apache2/sites-available/blog.example.com-le-ssl.conf

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Congratulations! You have successfully enabled https://blog.example.com

    You should test your configuration at:
    https://www.ssllabs.com/ssltest/analyze.html?d=blog.example.com
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    IMPORTANT NOTES:
    - Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/blog.example.com/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/blog.example.com/privkey.pem
    Your cert will expire on 2020-09-21. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot again
    with the "certonly" option. To non-interactively renew *all* of
    your certificates, run "certbot renew"
    - Your account credentials have been saved in your Certbot
    configuration directory at /etc/letsencrypt. You should make a
    secure backup of this folder now. This configuration directory will
    also contain certificates and private keys obtained by Certbot so
    making regular backups of this folder is ideal.
    - If you like Certbot, please consider supporting our work by:

    Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
    Donating to EFF: https://eff.org/donate-le

You have now successfully requested a TLS certificate for your blog. The connection between your vistors and the server is encrypted and secured.

Configuring Wordpress

Now, as Wordpress is successfully installed and connections between your users and the server are using a secure HTTPS connection, it is time to finally configure your blog.

  1. Open your web browser and type your blogs URL in the address bar of your web browser (for example: https://blog.example.com).

  2. The Wordpress installation wizard displays. Choose the desired language for your blog from the list and click Continue:

  3. Enter the details of your new blog, such as the title, choose a name for the admin user and set a secret password. Then click Install Wordpress to complete the installation of your blog:

  4. The installation of your blog has been successfully. You can log in now and write your first articles or configure the look and feel of Wordpress by installing additonal themes and modules.

You have now installed and configured your blog successfully completed using a powerful Scaleway Database for MySQL 8. All content and information of your blog is being stored in this database. For more information how to customize your wordpress installation to change its look and feel, refer to the official Wordpress developer documentation.