Installing WordPress is quite a straightforward operation. For an experienced user it takes only a couple of minutes but for a first timer, it may be more difficult than expected. I’m showing a method I use for all my WordPress installs, local or live servers for development, testing or production.
And as it is with all simple and easy tasks, the devil is the details. The seemingly simple and easy installation and use of WordPress can also be a trap. It’s easy to get started but it’s as easy to make mistakes that later on prove to be serious, if not even fatal. For example, security is something we need to take into account from the very beginning.
In the previous tutorial, I explained how to install and use a local web server for creating a development environment. As an example, I used MAMP, a well known and easy to use but very capable local server which you can download from MAMP.info. You can read the tutorial here then continue with this tutorial and install WordPress.
The WordPress installation process in a nutshell
The whole process to install WordPress is simple. But there is a lot more to know and do than what WordPress installation guides typically show. Installing WordPress there are following phases (this is for a live, published web site). For a local development installation, we can cut a few corners but the process is mainly the same.
- Create a database for your site
- Download the latest WordPress installation package
- Extract the zip -file
- Edit the wp-config.php -file
- Copy or move WordPress files to server
- Initiate installation using a browser
- Do the post-installation settings
- Harden WordPress installation, server-side settings
- Enjoy your new site
Creating a database for WordPress using PHPMyAdmin
MAMP -installation comes with PHPMyAdmin which let you manage your MySQL databases with a browser. Alternatives to PHPMyAdmin are Sequel Pro application and Adminer but as PHPMyAdmin comes inbuilt with our chosen server, MAMP, we’ll use that. Open PHPMyAdmin from your localhost start page. Click “Open WebStart page” on MAMP application and then phpMyAdmin -link on the opened web page.
Every database needs a database user and a database user needs a password. I suggest that you create every site their own database. MySQL is capable to handle multiple WordPress installations in one database but for clarity and security, it is better to use a dedicated database for every site. Also, it is a good practice to have a dedicated database user for every database. MySQL comes with an admin user ‘root’ which has all superpowers to do anything on your database server.
Never use root as your database user
Always create every site their own database and database user.
Create a database
With PHPMyAdmin open, activate ‘databases‘ tab. Give your database a name that you find easy to connect to the website you are creating. From my experience, I can tell, that when you have multiple databases and multiple sites on your computer, some of them created a long time ago or just for testing purposes, it is difficult to know which databases are still needed. One nice trick is to name the database the same as the website. That’s how I have stayed sane in this business (opinions may vary).
The database needs a name and collation. A collation is a set of rules for comparing characters in a character set. To simplify – it is the rules how different characters are ordered in their alphabetical order. Like, the order between uppercase and lowercase character or v and w in some languages. In my example, I use utf8_swedish_ci because I’m Finnish and that version of collation is closest to my language. As of the name of the database, stick to characters from a to z and underscores. You may use some other characters but if you follow this rule, you stay in safe waters.
Create a database user
I recommend you to create a dedicated database user for every database. Right after you have crated your database, click Privileges -tab and create a new user. This will create a new user for the active, newly created database. WordPress database user needs the GRANT -privileges to the database but there is no need for the user to have any rights on any other database. So, have a different user for every database. Select Privileges -tab and then “Add user account“.
In the “Add user account” dialogue, you need to give the user a user name, Host name for the user and a password. Make sure that you have checked “Grant all privileges on database <your-db-name-here>” in Database for the user account.
Use Local for Host name. This allows us to easily connect WordPress to the database in a wp-config.php
file. Copy the password into a text file and make sure you have copied every character just as they are written in the password field. If your site is installed locally, you may use something easy to remember but for production sites, use always strong passwords.
So for this example, I have created the following:
- Database name:
wp_tutorials
- Database user:
tutor
- User password:
D16NSpePHg1PtkBS
These are values we need to know when configuring WordPress.
Installing WordPress
Now we are ready with PHPMyAdmin – Database and a database user are now created. Let’s move to WordPress installation.
Download WordPress installation package
Navigate to wordpress.org/download -page. Click the Download WordPress -button. My native language is Finnish and I use a Finnish version of WordPress even if I intend to use it only in English. This is because by doing so, I get a version of WordPress that has the timezone, time and date formats already configured to my liking. Even if you download WordPress in your own native language, you’ll always get an English language pack too.
Unzip the installation files and rename the wordpress folder
When you have downloaded the installation files (a zip-file), unzip it on your local hard drive. All the WordPress files are located in a folder named “wordpress“. It is best to rename the folder according to the site you are creating. The folder will be moved to the localhost web server and the URL to the site will become like http://localhost/foldername
. Acting like this you can have multiple sites on your local server, every site in their own folder. You can move the folder noow or later but in this tutorial, I move the folder now.
Site address in localhost environment
In my computer (this is a mac) the MAMP localhost web server root folder is kariselovuo/mamp_www
for this tutorial and tutorials to come, I have named the folder wptutorials
. The URL to my examples will then be http://localhost/wptutorials
Editing wp-config.php file
The next step is to edit the file wp-config.php
. When you unzipped the downloaded WordPress installation package the file is named as wp-config-sample.php
.
Step One is to rename the file to wp-config.php
! All you need to do is to remove the “-sample” from the file name.
This file can configure the WordPress installation in so many ways but in this tutorial, I show what you absolutely need to do and some settings you should do. The file itself deserves its own tutorial which I may write in the future. The wp-config.php
file will have the information WordPress needs to connect to the database and a few other settings.
In the wp-config.php
file you define:
- database name for WordPress to use
- database user
- password for the database user
- database collation
- database address
- table prefixes for database tables
- the salt keys
- database table prefix
- debug mode
- disable file editor (in my installations)
Database connection info
In wp-config.php file you define the database for WordPress and how to connect to the database. These are what we created earlier in PHPMyAdmin when creating the database. When installing on a hosted server your hosting provider will most likely provide you with this information or you need to create the database and user using CPanel or DirectAdmin or similar. Open the file in a code editor. I recommend Brackets which you can download from http://brackets.io/
The file is almost ready. You only need to change the database name, user, password, and server to match your setup. In this case, it would look like this.
Note that the database host, DB_HOST, may be something else than localhost if you install WordPress on a live server. Check you hosting provider what is the correct address to the database server.
Authentication Unique Keys and Salts
WordPress uses cookies to recognize a logged in user. These unique keys are used in the cookies and it is for security to have these keys unique and as hard as possible to decrypt. How these cookies act and what kind of vulnerabilities weak keys mean, are out of the scope of this tutorial. If you want, you can read more about this in WordPress Codex.
Retrieve fresh keys and salts from https://api.wordpress.org/secret-key/1.1/salt/ and replace the lines in your wp-config.php
file.
Database table prefix
You do not need to change this! You only need to change this if you intend to install multiple WordPress sites using the same database. All the WordPress installations need individual prefixes. The table prefix would then separate the different installations from each other.
Debug mode
If you are developing a plugin or your own theme it may be a good idea to enable debug mode so that you can see if there is something wrong with your code. do this by changing the WP_DEBUG
value to true
.
define('WP_DEBUG', true);
Disabling file editor from WordPress
In my opinion, no one and I mean NO ONE need to edit theme source files from inside WordPress! The end user never needs to edit the files and a developer edits the files only in a testing environment with a proper editor and uploads edited the file to the server when ready. In all my WordPress installations I disable file edit and I strongly recommend you to do the same. This simple command will disable file editor.
define('DISALLOW_FILE_EDIT', true);
Now we are ready with the configuration file. Next step is to “activate” or install the WordPress on our server.
Finishing the WordPress installation
This part of the installation is easy. Just navigate to the localhost and your WordPress directory with your browser to initiate the installation.This is where you give your site a name and create the (first) admin user. In this tutorial the address is http://localhost/wptutorials
. When you go to that page and WordPress note that it is not installed it will automatically initiate the /wp-admin/install.php
.
Give your site the info you want and click the “Install WordPress” button. If you get a success note and a prompt to login you are ready. Log into your newly installed WordPress and enjoy.
Configuring WordPress after installation
In the next tutorial, I explain the procedure to finish the installation and check the settings.