Blazing Fast Cloud Servers

Server set-up in less than 1 minute, Instant scaling up or down as required, 99.95% uptime guaranteed, No hardware maintenance, Simple backup and monitoring, Unbeatable pricing.

Visit Website

How To Install WordPress with WordOps (Enable Nginx FastCGI Cache)

Install WordPress

This tutorial shows you how to install WordPress with WordOps (Enable Nginx FastCGI Cache)

The VPS used in this article: Vultr (1GB RAM, 1 vCore)
Get $100 of free Vultr credits if you sign up through this link!
Demo domain: blogwp.ovh
Please resolve the domain name to an IP address in advance
Please replace blogwp.ovh with your own domain name.

WordOps is an essential toolset that eases WordPress site and server administration.

WordOps Key Features:

  • Easy to install: One step automated installer with migration from EasyEngine v3 support.
  • Fast deployment: Fast and automated WordPress, Nginx, PHP, MySQL & Redis installation.
  • Custom Nginx build: Nginx 1.18.0 – TLS v1.3, Cloudflare HTTP/2 HPACK & Brotli support.
  • Up-to-date: PHP 7.2, 7.3 & 7.4, MariaDB 10.3 & Redis 5.0
  • Secured: Hardened WordPress security with strict Nginx location directives
  • Powerful: Optimized Nginx configurations with multiple cache backends support.
  • SSL: Domain, Subdomain & Wildcard Let’s Encrypt SSL certificates with DNS API support.
  • Modern: Strong ciphers_suite, modern TLS protocols and HSTS support (Grade A+ on ssllabs)
  • Monitoring: Live Nginx vhost traffic with ngx_vts_module and server monitoring with Netdata.
  • User Friendly: WordOps dashboard with server status/monitoring and tools.

WordOps can be installed on :
Ubuntu LTS (Long Term Service) releases (Ubuntu 20.04 LTS & Ubuntu 18.04 LTS)
Also compatible:
Ubuntu 16.04 LTS, Debian 9, Debian 10, Raspbian 9, Raspbian 10

Hardware requirements
Minimum: WordOps is very lightweight, it doesn’t require a lot of resources
~100MB of storage, 512MB RAM

Recommended: However, if you are going to use WordOps in production, some services like MySQL or Redis may need more resources, and running WordOps stacks without enough resources could impact your sites performance. Resources usage also highly depend on your site traffic.
Multi-core CPU, 20GB SSD storage, 2GB RAM

WordOps support VMware, XEN, OpenVZ, KVM, Hyper-V, LXC / LXD virtualization platforms.

https://blogelegant.com/ build with Hostwinds KVM VPS

Affiliate Disclosure: This page contains affiliate links. If you click through and purchase an item, I may earn a commission.

The following part is the installation steps

1、Install WordOps

wget -qO wo wops.cc && sudo bash wo
[email protected]:~# wget -qO wo wops.cc && sudo bash wo

Welcome to WordOps install/update script v3.12.3

Installing wo dependencies      [OK]
Installing WordOps      [OK]
Running post-install steps      [OK]
WordOps (wo) require an username & and an email address to configure Git (used to save server configurations)
Your informations will ONLY be stored locally
Enter your name: blogwpwpblog
Enter your email: [email protected]
Synchronizing wo database, please wait...
WordOps (wo) installed successfully

To enable bash-completion, just use the command:
bash -l

To install WordOps recommended stacks, you can use the command:
wo stack install

To create a first WordPress site, you can use the command:
wo site create site.tld --wp

WordOps Documentation : https://docs.wordops.net
WordOps Community Forum : https://community.wordops.net
WordOps Community Chat : https://chat.wordops.net

Give WordOps a GitHub star : https://github.com/WordOps/WordOps/

Note:
Please replace blogwpwpblog with your own name
Please replace [email protected] with your own email

2、Install WordPress + FastCGI Cache + PHP 7.4 + Let’s Encrypt SSL certificate

wo site create blogwp.ovh --wpfc --php74 --letsencrypt
[email protected]:~# wo site create blogwp.ovh --wpfc --php74 --letsencrypt
Start : wo-kernel [OK]
Adding repository for MySQL, please wait...
Adding repository for NGINX, please wait...
Adding repository for PHP, please wait...
Updating apt-cache              [OK]
Installing APT packages         [OK]
Applying Nginx configuration templates
Testing Nginx configuration     [OK]
Restarting Nginx                [OK]
Testing Nginx configuration     [OK]
Restarting Nginx                [OK]
Configuring php7.4-fpm
Restarting php7.4-fpm           [OK]
Tuning MariaDB configuration
Stop  : mysql     [OK]
Start : mysql     [OK]
Running pre-update checks       [OK]
Setting up NGINX configuration  [Done]
Setting up webroot              [Done]
Downloading WordPress           [Done]
Setting up database             [Done]
Configuring WordPress           [OK]
Installing WordPress            [OK]
Installing plugin nginx-helper  [OK]
Setting plugin nginx-helper     [OK]
Testing Nginx configuration     [OK]
Reloading Nginx                 [OK]
HTTP Auth User Name: WordOps
HTTP Auth Password : Dh9i5b44i7pBSsU0Lp40LVih
WordOps backend is available on https://45.32.205.204:22222 or https://blogwp-test:22222
WordPress admin user : blogwpwpblog
WordPress admin password : nwd2kS8NzXtMcY1xT9BVD60l
Nginx-Helper configuration :    http://blogwp.ovh/wp-admin/options-general.php?page=nginx
Successfully created site http://blogwp.ovh
Certificate type : domain
Validation mode : Webroot challenge
Issuing SSL cert with acme.sh   [OK]
Deploying SSL cert              [OK]
Securing WordOps backend with current cert
Adding HTTPS redirection        [OK]
Updating site url with https    [OK]
Testing Nginx configuration     [OK]
Reloading Nginx                 [OK]
Congratulations! Successfully Configured SSL on https://blogwp.ovh

After performing the above steps, you have installed WordPress, FastCGI Cache, PHP 7.4, and Let’s Encrypt SSL.

Log in to the WordPress Admin Dashboard: https://blogwp.ovh/wp-login.php

WordPress admin user : blogwpwpblog
WordPress admin password : nwd2kS8NzXtMcY1xT9BVD60l

You can update WordPress admin password with the following command:

wo site update blogwp.ovh --password

The Nginx Helper plugin also has been installed and activated. “Caching Method” choose “nginx Fastcgi cache”. “Purge Method” choose “Using a GET request to PURGE/url (Default option)”.

You can also clean NGINX FastCGI cache via:

wo clean --fastcgi
[email protected]:~# wo clean --fastcgi
Cleaning NGINX FastCGI cache
Testing Nginx configuration     [OK]
Restarting Nginx                [OK]

WordOps Nginx fastcgi_cache cache pages for 24 hours, as set in /etc/nginx/conf.d/fastcgi.conf: fastcgi_cache_valid 200 24h;

Testing WordOps Nginx fastcgi cache:

curl -Ik https://blogwp.ovh/sample-page/
[email protected]:~# curl -Ik https://blogwp.ovh/sample-page/
HTTP/2 200
server: nginx
date: Wed, 14 Oct 2020 06:18:04 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://blogwp.ovh/xmlrpc.php
link: <https://blogwp.ovh/wp-json/>; rel="https://api.w.org/"
link: <https://blogwp.ovh/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json"
link: <https://blogwp.ovh/?p=2>; rel=shortlink
x-powered-by: WordOps
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
x-fastcgi-cache: MISS

On the first request, Nginx returns x-fastcgi-cache: MISS

[email protected]:~# curl -Ik https://blogwp.ovh/sample-page/
HTTP/2 200
server: nginx
date: Wed, 14 Oct 2020 06:20:27 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://blogwp.ovh/xmlrpc.php
link: <https://blogwp.ovh/wp-json/>; rel="https://api.w.org/"
link: <https://blogwp.ovh/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json"
link: <https://blogwp.ovh/?p=2>; rel=shortlink
x-powered-by: WordOps
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
x-fastcgi-cache: HIT

On the next request, Nginx returns x-fastcgi-cache: HIT

Note:
If you want to install WordPress + Redis Full-page cache + PHP 7.4 + Let’s Encrypt SSL certificate, please execute the following command:

wo site create blogwp.ovh --wpredis --php74 --letsencrypt
[email protected]:~# wo site create blogwp.ovh --wpredis --php74 --letsencrypt
Start : wo-kernel [OK]
Adding repository for MySQL, please wait...
Adding repository for NGINX, please wait...
Adding repository for PHP, please wait...
Updating apt-cache              [OK]
Installing APT packages         [OK]
Applying Nginx configuration templates
Testing Nginx configuration     [OK]
Restarting Nginx                [OK]
Testing Nginx configuration     [OK]
Restarting Nginx                [OK]
Configuring php7.4-fpm
Restarting php7.4-fpm           [OK]
Tuning MariaDB configuration
Stop  : mysql     [OK]
Start : mysql     [OK]
Tuning Redis configuration      [OK]
Restarting redis-server         [OK]
Running pre-update checks       [OK]
Setting up NGINX configuration  [Done]
Setting up webroot              [Done]
Downloading WordPress           [Done]
Setting up database             [Done]
Configuring WordPress           [OK]
Installing WordPress            [OK]
Installing plugin nginx-helper  [OK]
Setting plugin nginx-helper     [OK]
Installing plugin redis-cache   [OK]
Testing Nginx configuration     [OK]
Reloading Nginx                 [OK]
HTTP Auth User Name: WordOps
HTTP Auth Password : lIPGjYHxIpBqVpaNSkvfWEql
WordOps backend is available on https://45.32.205.204:22222 or https://blogwp-test:22222
WordPress admin user : blogwpwpblog
WordPress admin password : NtgW9eS5LHTsp6mivjw3ICql
Configure redis-cache:  http://blogwp.ovh/wp-admin/options-general.php?page=redis-cache
Object Cache:           Enable
Successfully created site http://blogwp.ovh
Certificate type : domain
Validation mode : Webroot challenge
Issuing SSL cert with acme.sh   [OK]
Deploying SSL cert              [OK]
Securing WordOps backend with current cert
Adding HTTPS redirection        [OK]
Updating site url with https    [OK]
Testing Nginx configuration     [OK]
Reloading Nginx                 [OK]
Congratulations! Successfully Configured SSL on https://blogwp.ovh

The above command will automatically install and activate the “Nginx Helper” plugin and “Redis Object Cache” plugin. But when you remove “Redis Object Cache” plugin, your site will only use full-page cache in redis.

You need “Nginx Helper” plugin to automatically clear the redis full-page cache. After performing the above steps, if everything goes well, you have installed WordPress, Redis Full-page cache, PHP 7.4, Let’s Encrypt SSL certificate.

Note:
Issue an ssl certificate with WordOps and enable HSTS

For an existant site without SSL:

wo site update blogwp.ovh --letsencrypt --hsts

For an existant site already secured with Let’s Encrypt:

wo site update blogwp.ovh --hsts

Delete site including webroot and database:

wo site delete blogwp.ovh
wo site delete blogwp.ovh --no-prompt    delete website without confirmation prompt
wo site delete blogwp.ovh --files        delete only website files
wo site delete blogwp.ovh --db           delete only database

Move into a site webroot directory:

wo site cd blogwp.ovh

List all sites managed with WordOps:

wo site list

Display site Nginx configuration:

wo site show blogwp.ovh

Disable site Nginx vhost:

wo site disable blogwp.ovh

Enable site Nginx vhost:

wo site enable blogwp.ovh

3、Check SSL Installation

4、SSL Test

5、Install Redis Object Cache, In step 2, When you execute this command:

wo site create blogwp.ovh --wpfc --php74 --letsencrypt

FastCGI Cache has been installed, but if you want to do FastCGI for the Page Cache and Redis for Object Cache, You need to execute the following command:

wo stack install --redis

Additionally, you need to install “Redis Object Cache” plugin to automatically clear the object cache.

You can also clean Redis Object Cache via:

wo clean --redis

Note: “Nginx Helper” plugin support for purging redis full-page cache and FastCGI Cache.“Nginx Helper” plugin does not support for purging Redis Object Cache.

6、Change backend credential and Change backend port

The user name and password of WordOps backend is showed when you create a first site. If you don’t remember and want to reset, please use below command:

wo secure --auth

7、Install WordOps Dashboard, PHPmyAdmin, Adminer, Opcache, Netdata

wo stack install --admin

If you don’t like it, please do not perform this step. If it is installed, you can remove it via:

wo stack remove --admin

(Remove stacks, without removing configurations or data for APT packages)

wo stack purge --admin

(Remove and purge stacks, including configurations and data)

8、Get site information

wo site info blogwp.ovh
[email protected]:~# wo site info blogwp.ovh
Information about blogwp.ovh (domain):


Nginx configuration      wp wpfc (enabled)
PHP Version              7.4

SSL                      enabled
SSL PROVIDER             Lets Encrypt
SSL EXPIRY DATE          89

access_log               /var/www/blogwp.ovh/logs/access.log
error_log                /var/www/blogwp.ovh/logs/error.log
Webroot                  /var/www/blogwp.ovh

DB_NAME                  blogwp_ovh_G1HeQUMj
DB_USER                  blogwpovhETMo
DB_PASS                  eJqcpiFI6YVm8L30BGaQvXAZ

Through this command you can view the basic information of the website, such as the database user name and password. You can also find the database user name and password in the my.cnf file. my.cnf file is located in the path /etc/mysql/conf.d/my.cnf

Note: You need to use the database user name and password to log in to PHPmyAdmin or Adminer.

9、Access to phpMyAdmin and other tools, default port is 22222

https://45.32.205.204:22222
Access to phpMyAdmin:
https://45.32.205.204:22222/db/pma/
Access to Adminer:
https://45.32.205.204:22222/db/adminer/
phpMyAdmin and Adminer are database management tools.

For more security, the default port should be changed. Change backend port:

wo secure --port
[email protected]:~# wo secure --port
WordOps admin port [22222]:25907
Testing Nginx configuration     [OK]
Reloading Nginx                 [OK]
Successfully port changed 25907

Now you can use the following links to access phpMyAdmin and other tools:
https://45.32.205.204:25907/

HTTP Auth User Name: WordOps
HTTP Auth Password : Dh9i5b44i7pBSsU0Lp40LVih

Note: Perform step 6 to get the username and password of WordOps backend, if you don’t remember.

10、Manage server stack operations

Stack upgrade

wo stack upgrade --admin      Upgrade admin tools stack
wo stack upgrade --nginx      Upgrade Nginx stack
wo stack upgrade --php74      Upgrade PHP 7.4 stack
wo stack upgrade --mysql      Upgrade MySQL stack
wo stack upgrade --redis      Upgrade Redis

wo stack upgrade make sure packages repositories are properly added, then it upgrade packages and for main stacks (Nginx, PHP-FPM & MySQL, Redis), it also update configurations from the templates included in the current WordOps release and apply optimizations (especially for MySQL & Redis)

stack remove (without removing configurations or data for APT packages)

wo stack remove <stack> [options]
wo stack remove --all     Remove all stacks at once

stack purge (Remove and purge stacks, including configurations and data)

wo stack purge <stack> [options]
wo stack purge --all      Remove all stacks at once

stack restart

wo stack restart [options]

stack reload

wo stack reload [options]

stack start

wo stack start [options]

stack stop

wo stack stop [options]

stack status

wo stack status [options]

11、Install Fail2Ban

wo stack install --fail2ban
[email protected]:~# wo stack install --fail2ban
Updating apt-cache              [OK]
Installing APT packages         [OK]
Restarting fail2ban             [OK]
Configuring Fail2Ban
Successfully installed packages

12、Install UFW Firewall

wo stack install --ufw
[email protected]:~# wo stack install --ufw
Updating apt-cache              [OK]
Installing APT packages         [OK]
Configuring UFW                 [OK]
Successfully installed packages

Check UFW Firewall Status:

ufw status
[email protected]:~# ufw status
Status: active

To                         Action      From
--                         ------      ----
22                         LIMIT       Anywhere
80/tcp                     ALLOW       Anywhere
443/tcp                    ALLOW       Anywhere
123                        ALLOW       Anywhere
22222                      LIMIT       Anywhere
37269                      LIMIT       Anywhere
22 (v6)                    LIMIT       Anywhere (v6)
80/tcp (v6)                ALLOW       Anywhere (v6)
443/tcp (v6)               ALLOW       Anywhere (v6)
123 (v6)                   ALLOW       Anywhere (v6)
22222 (v6)                 LIMIT       Anywhere (v6)
37269 (v6)                 LIMIT       Anywhere (v6)

13、Install Ultimate Nginx bad bots blocker

wo stack install --ngxblocker
[email protected]:~# wo stack install --ngxblocker
Downloading ngxblocker           [Done]
Testing Nginx configuration     [OK]
Restarting Nginx                [OK]
Configuring packages            [OK]
Successfully installed packages

14、Enable Brotli and Disable Gzip

Enable Brotli
mv /etc/nginx/conf.d/brotli.conf.disabled /etc/nginx/conf.d/brotli.conf

Disable Gzip
mv /etc/nginx/conf.d/gzip.conf /etc/nginx/conf.d/gzip.conf.disabled

Restart Nginx to apply changes

wo stack restart --nginx
[email protected]:~# wo stack restart --nginx
Testing Nginx configuration     [OK]
Restarting Nginx                [OK]

Brotli Test:

15、HTTP/2 Test

16、Get configuration information related to Nginx, MySQL and PHP

Get Nginx configuration information:

wo info --nginx
[email protected]:~# wo info --nginx

NGINX (1.18.0 ):

user                             www-data
worker_processes                 auto
worker_connections               50000
keepalive_timeout                8
fastcgi_read_timeout             300
client_max_body_size             100m
allow                            127.0.0.1 ::1

Get MySQL configuration information:

wo info --mysql
[email protected]:~# wo info --mysql

MySQL (10.3.25-MariaDB) on localhost:

port                             3306
wait_timeout                     60
interactive_timeout              28800
max_used_connections             4
datadir                          /var/lib/mysql/
socket                           /var/run/mysqld/mysqld.sock
my.cnf [PATH]                    /etc/mysql/conf.d/my.cnf

Get PHP 7.4 configuration information:

wo info --php74
[email protected]:~# wo info --php74

PHP (7.4.11):

user
expose_php                       Off
memory_limit                     128M
post_max_size                    100M
upload_max_filesize              100M
max_execution_time               300

Information about www.conf
ping.path                        /ping
pm.status_path                   /status
process_manager                  ondemand
pm.max_requests                  1500
pm.max_children                  50
pm.start_servers                 10
pm.min_spare_servers             5
pm.max_spare_servers             15
request_terminate_timeout        300
xdebug.profiler_enable_trigger   off
listen                           php74-fpm.sock

Information about debug.conf
ping.path                        /ping
pm.status_path                   /status
process_manager                  ondemand
pm.max_requests                  1500
pm.max_children                  50
pm.start_servers                 10
pm.min_spare_servers             5
pm.max_spare_servers             15
request_terminate_timeout        300
xdebug.profiler_enable_trigger   on
listen                           127.0.0.1:9174

17、Update WordOps

wo update

18、Access the website files (website files are in the following path)

Site files /var/www/blogwp.ovh/htdocs

Perform steps 19, 20, 21 to strengthen VPS security

19、Set custom ssh port

wo secure --sshport 37269
[email protected]:~# wo secure --sshport 37269
Restarting ssh                  [OK]
Successfully changed SSH port to 37269

WordOps will automatically allow the new SSH port if UFW is enabled.

20、Setting Up SSH Key

https://blogelegant.com/ uses Hostwinds VPS, setting SSH Key is relatively simple. However, after setting to log in with SSH key, Hostwinds VPS can still log in with password at this time. The next step is to prohibit password login.

21、forbid root authentification with password

To harden SSH security you can use the command:

wo secure --ssh

After performing the above steps, you can only use SSH Key to log in to Putty at this time, and password login has been prohibited.

Additional informations:

Component               Path
Site files	            /var/www/blogwp.ovh/htdocs
wp-config.php	        /var/www/blogwp.ovh/wp-config.php

Additional Nginx conf	/var/www/blogwp.ovh/conf/nginx/
Site access/error logs	/var/www/blogwp.ovh/logs

Note: You can find MySQL database details in wp-config.php. Such as MySQL database username and MySQL database password.

22、Uninstall WordOps
If you need/want to uninstall WordOps, you can use the following commands :
make a backup of your databases before purging wordops packages

# Purge WordOps stacks (nginx, mysql, php etc..)
wo stack purge --all
# Uninstall WordOps
wget -qO wo wops.cc && sudo bash wo --purge

23、WordOps Backup

WordOps is easy to use, but it has no backup function, which is a pity. I use WPvivid Backup Plugin to backup my site. WPvivid Backup Plugin free features is enough for me.

Install WPvivid Backup Plugin, set default remote storage. I use Google Drive for my default remote storage.

Back Up Manually, Save Backups to Local or Send Backup to Remote Storage.

WPvivid Backup Plugin Schedule Settings:

Sources:
https://docs.wordops.net/how-to/microcaching-with-nginx/
https://docs.wordops.net/commands/stack/
https://docs.wordops.net/commands/site/

Copied title and URL