Introduction
RCS's One-Click WordPress application provides everything you need to launch your cloud website hosting with minimal effort. Simply select a server location, choose your size, and click Deploy Now. Your cloud web hosting will deploy in about a minute, and then you are ready to set up WordPress.
WooCommerce Supported
You can install WooCommerce yourself, or use our One-Click WooCommerce app. WooCommerce users should follow the same steps in this guide.
1. Install SSL Certificate
This step is optional but recommended. For better security and convenience, register a domain name and install an SSL certificate. If you plan to use a commercial SSL certificate, see the Commercial SSL section.
If you skip this step:
Substitute the server IP address for www.example.com.
You will encounter a certificate security warning.
Proceed past the warning to complete setup. See our instructions to bypass the HTTPS warning for self-signed SSL/TLS certificates.
To install a free Let's Encrypt SSL certificate:
Register a domain name and create a DNS record for the server's IP address. Consult your DNS provider for instructions, or see our guide if using RCS's DNS.
Verify that DNS has finished propagation, and the name is visible throughout the internet before proceeding. Propagation usually happens quickly but could take up to 48 hours in some cases.
Connect to your server console or via SSH. Use the root login from the Server Information screen.
Install the SSL certificate with certbot. Replace the domain name and email with your values. Notice there are two domain names listed:
example.com is the domain root. This is sometimes called the apex domain or the bare domain.
www.example.com is the fully-qualified domain name (FQDN).
It's common for websites to respond to both the FQDN and the domain root. For example, the command below creates a multi-domain certificate for both.
# certbot --nginx --redirect -d www.example.com -d example.com -m admin@example.com --agree-tos --no-eff-email
Certbot should report success when finished.
If you skip this step now and install HTTPS later, you may need one of the popular WordPress plugins to force all content to HTTPS, which fixes any unencrypted links WordPress stored previously.
Certbot is installed by default on RCS's One-Click WordPress. If you need to update or reinstall, please see the recommended installation steps at eff.org.
2. Log in to WordPress Admin Area
Log in to the admin area:
https://www.example.com/wp-admin/
Substitute your domain, or use the IP address if you didn't register a domain name. If you do not install an SSL certificate, you'll receive a privacy warning for the server's self-signed certificate. It is safe to proceed. See our instructions to bypass the HTTPS warning for self-signed SSL/TLS certificates.
It's also possible, but insecure, to complete this step using the HTTP URL:
http://192.0.2.123/wp-admin/
Enter the security user credentials in the Sign in pop-up. This extra security protects your server while you install WordPress. After your installation is complete, you can disable this pop-up by following these directions.
3. Run the WordPress Wizard
Select your language and click Continue.
Enter your site title, username, and email address. Make a note of the suggested password, or enter your preferred password. Click Install WordPress.
Wait for WordPress to finish the installation, then log in to your WordPress dashboard.
4. Set the Domain Name
Set your domain name in the WordPress dashboard.
Navigate to Settings > General.
Edit the WordPress Address (URL) and Site Address (URL) to match your domain name.
Click the Save Changes button.
WordPress stores complete URLs in the database. If you create content before changing the site URL, some pages may have incorrect links. If you have this problem, make a backup, then consider using a database search-and-replace plugin.
More Information
SMTP Mailer
Reliable mail delivery is a common issue with WordPress sites. The One-Click WordPress server has the SMTP Mailer plugin preinstalled, which authenticates with your SMTP server to send mail. You can activate the plugin in your dashboard under Plugins > Installed Plugins.
Once activated, look for the settings link under the plugin name. Configure the plugin to enable outbound email.
Wordfence Security
Wordfence is an endpoint firewall and malware scanner to protect WordPress. We recommend activating the preinstalled Wordfence plugin for additional security logging and scanning.
Cockpit Control Panel
Access your Cockpit control panel at port 9080. For example:
https://www.example.com:9080
You'll find the username and password on your Server Information page. If you use the RCS Firewall, make sure to allow access to port 9080.
Cockpit Let's Encrypt SSL certificate
Configure Cockpit for SSL with these steps.
Edit /etc/nginx/conf.d/cockpit.conf
# nano /etc/nginx/conf.d/cockpit.conf
Look for this line.
server_name _;
Replace the underscore with your server's domain name. The top of the file should now look like this.
server { listen 9080 ssl; server_name www.example.com;
Save and exit the file.
Edit /etc/cockpit/cockpit.conf
# nano /etc/cockpit/cockpit.conf
Replace both instances of the server's IP address with the server's domain name.
[WebService] Origins = https://www.example.com:9080 wss://www.example.com:9080 ProtocolHeader = X-Forwarded-Proto
Save and exit the file.
Run certbot, following the instructions in the article Install Let's Encrypt SSL on One-Click WordPress App. For example:
# certbot --nginx --redirect -d www.example.com -d example.com -m admin@example.com
Certbot will detect the files you updated and automatically install the certificate for Cockpit.
Disable Cockpit
If you need to disable Cockpit, SSH to the server as root and run the following command:
# systemctl disable --now cockpit.socket
Maldet Security Scan
By default, Maldet is disabled. However, activating Maldet is highly recommended to remove malware from your WordPress site. SSH to the server as root to enable or disable this feature.
Enable Maldet
# systemctl enable --now maldet
Disable Maldet
# systemctl disable --now maldet
PHPMyAdmin Database Manager
Access your PHPMyAdmin installation at https://www.example.com/mysqladmin/
.
You'll find the username and password on your Server Information page.
SQL Database Access
WordPress uses the MySQL database server. For direct access, SSH to the server as root.
Connect to MySQL
# mysql -u root
The MySQL root password is located in /root/.my.cnf
.
XHProf Performance Analysis
Access your XHProf installation at https://www.example.com/xhprof/xhprof_html/
.
You'll find the username and password on your Server Information page.
RCS Helper Scripts
RCS provides helper scripts for common issues. SSH to the server as root to run these scripts.
Reset WordPress Password
If you need to reset your WordPress admin password, the reset-wp-pass.sh
script generates a new strong password and updates WordPress for you.
# /opt/RCS/reset-wp-pass.sh
The new password for the account 'AmazingAdmin' is: [redacted password]
Reset Nginx
If Nginx fails to load, you may have a typo or corruption in your configuration files. The fix-vhost.sh
script will reset the Nginx configuration to default.
# /opt/RCS/fix-vhost.sh
All vhosts have been restored to their default state!
Check Software Versions
For debugging purposes, our support team may ask for your WordPress and Ubuntu versions. Run the version.sh
script.
# /opt/RCS/version.sh
OS: '18.04.4 LTS (Bionic Beaver)'
WordPress: '5.3.2'
Commercial SSL
You can use a Commercial SSL certificate instead of the free Let's Encrypt certificate.
How to install a commercial SSL certificate
Obtain a certificate from a certificate authority for your domain.
Replace the server.crt and server.key files in /etc/nginx/ssl/ with the commercial certificate. Refer to your certificate vendor's documentation for details.
Reboot the server.
# reboot
Certbot considerations
Certbot makes changes to the Nginx configuration. If you used certbot to obtain a Let's Encrypt certificate, return the Nginx configuration files to default before proceeding.
Back up your existing Nginx configuration files
# cp -r /etc/nginx/ /root/nginx
Revoke your certbot certificate.
# certbot delete
Restore the default Nginx configuration.
# /opt/RCS/fix-vhost.sh
How to Disable HTTPS
Disabling HTTPS security is possible but not recommended.
SSH to the server as root.
Move
wordpress_https.conf
out of the Nginx configuration folder and reboot the server.# mv /etc/nginx/conf.d/wordpress_https.conf /root/ # reboot
Files and Folders of Interest
phi.ini:
/etc/php/7.4/fpm/php.ini
MySQL logs:
/var/log/mysqld*.log
Virtual host conf:
/etc/nginx/conf.d/
Virtual host SSL:
/etc/nginx/ssl
WordPress web root:
/var/www/html/
WordPress uploads:
/var/www/html/wp-content/uploads
wp-cli:
/usr/local/bin/wp
Remove wp-admin Security
This script has been removed and is no longer needed for One-Click WordPress deployments after June 2021.
One-Click WordPress has an extra security prompt for the /wp-admin/
page. To remove this feature, run the remove-htaccess.sh
script.
# /opt/RCS/remove-htaccess.sh
All basic authentication has been removed!
You will no longer see the extra security pop-up when logging into the WordPress dashboard after running this script.
About One-Click Apps
One-Click apps are updated regularly without notice. When launching a One-Click app, you'll receive our latest version. We do not update deployed instances, and you are responsible for keeping the instance up-to-date. If you design an infrastructure based on One-Click apps and need to ensure the same app version in the future, take a snapshot of the initial deployment and create new instances from the snapshot.