WordOps is a simple tool that provides the ability to deploy WordPress sites from the command line using an optimized LEMP stack.
The LEMP software stack consists of a group of software that describes a Linux Operating System, an Nginx web server (pronounced engine-x), a MySQL database with the dynamic processing being handled by PHP. LEMP is an acronym for Linux, Engine-x (Nginx), MySQL and PHP.
WordOps simplifies so much of the process of installing and configuring all the packages from the LEMP stack needed to deploy a site while taking care of creating virtual hosts in Nginx, installing WordPress, and even gets you a SSL certificate.
It also installs some components that allow you to see statistics about the server’s workload.
In this tutorial we’ll use WordOps to quickly and easily install WordPress on an Ubuntu 20.04 machine, and we’ll check out and explain some of the extra features that WordOps offers.
The primary motivation for writing this tutorial is for users who don’t feel ready to install WordPress themselves on a server.
A while ago I wanted to move from shared hosting to a DigitalOcean $5 server, because I needed better performance for a smaller price. I’m not knocking on shared hosting, it was just the right choice for me at the time. The transition was a pain, however, because I didn’t have much Linux experience.
I think WordOps can be beneficial to many users who are in a similar situation, and I think it’s not as well known as it should be. It would’ve been great if I knew of such as solution when I started out.
Table of Contents
- Quick Demo [Video]
- Step 1 – Download & Install WordOps
- Step 2 – Install WordPress using WordOps
- Step 3 – Installing WordOps Stacks (Optional)
- Questions I’ve Asked Myself
- Why is WordOps better than regular WordPress + Nginx?
- Why is it important that WordOps also installs caching plugins? Can’t I simply install them myself?
- What is HSTS and why does it matter?
- What is Fail2Ban?
- Why use WordOps over EasyEngine?
- Why doesn’t WordOps currently support PHP 8? (March 4th, 2021)
- Does WordOps work with W3 Total Cache?
Quick Demo [Video]
To get to the point early on, so you can decide if this tutorial is right for you, let’s start with a quick video demo on how we can quickly set up a WordPress website.
The entire process took only a few commands and filling out input when prompted. It took about 7 minutes, but only because of waiting for WordOps and it’s dependencies to be downloaded and installed. I believe this is an isolated case, in many other instances you’re done in less than 5 minutes.
That video is primarily to demonstrate how fast and easy you can set up an optimized WordPress install using WordOps.
If you’re not familiar with the options you’ve seen in that command, then I highly recommend you take just a bit of time to understand what they mean, and what alternatives you have to those options, so you can configure the installation to your specific needs.
I try to explain those options further down in this tutorial, and you definitely should check all of them in the WordOps docs. They’re laid out in a very straightforward manner.
If you’re convinced that WordOps is a good choice for you, then let’s see in a bit more detail how it can help you to manage/configure/install WordPress.
- Access to a server running Ubuntu 20.04, with at least 1GB RAM. If you plan to have a larger, more dynamic site then we recommend 2GB+ RAM
- A domain pointing to your server
- We recommend being logged in as a
non-root sudo user. This is because when you’re acting as root you run the risk of harming your system if you’re not careful.
Step 1 – Download & Install WordOps
We’ll install WordOps using the provided installer script, so all the dependencies and WordOps are installed automatically.
There are also the options of cloning the repository from Github or installing it manually. If you’re interested in one of those methods, then you can find the instructions in the installation documentation.
First we’ll update the server’s software package index:
sudo apt update
To perform the automated install, run the following command, which downloads and runs the WordOps install script.
wget -qO wo wops.cc && sudo bash wo
Sometime during the installation you’ll be prompted for a username and an email address. Those details will only be stored locally in the .gitconfig file, and will be used for saving server configurations.
Here is my output:
Enable WordOps Auto-Completion (optional)
You can enable WordOps auto-completion, so that commands autocomplete when you write them partially and press Tab. To do this run the following command:
Creating an alias to easily use sudo wo as a non-root user (optional)
The wo command needs to be used with sudo. To easily use it without typing sudo wo every time, you can create an alias for it to always automatically add sudo in front of wo.
To do this run the following command:
echo -e "alias wo='sudo -E wo'" && $HOME/.bashrc
Step 2 – Install WordPress using WordOps
Now that WordOps is installed you can get to setting up WordPress.
In this example I’ll install WordPress using my domain mrtest.site, using PHP 7.4, a Let’s Encrypt SSL certificate, Nginx fastcgi_cache, and HSTS. I’ll also set my desired WordPress user/password.
To do this I’ll run:
sudo wo site create mrtest.site --php74 --letsencrypt --wpfc --hsts --user=Ed --pass="[email protected]_"
Here is my output for this command:
You can also leave the command without --user or --password and WordOps will automatically use your name that you set when installing it, and it will generate a random complex password that you’ll be shown when WordPress is finished installing.
If the password you’re setting contains special characters, you can put single quotes around the password, as in the example above:
Right before the installation is finished you’ll be shown the login credentials to access your WordOps backend and separate credentials to access the WP dashboard. It should look something like this:
HTTP Auth User Name: WordOps HTTP Auth Password : khT8hHVNmxK7IQ7DzYaS3dQf WordOps backend is available on https://188.8.131.52:22222 or https://mrtest.site:22222 WordPress admin user : Ed WordPress admin password : [email protected]_
And that’s it! With just a few commands you can easily set up a solid WordPress install.
Configurable Features (Caching/SSL/PHP Versions/HSTS)
WordOps enables you to install WordPress and configure it with a few popular features, such as:
- Multiple cache mechanisms: NO Cache, WP Super Cache plugin, Nginx fastcgi_cache, Redis cache, WP-Rocket plugin , Cache-Enabler plugin
- SSL certificates with Let’s Encrypt for your domain, subdomain, and also Wildcard SSL
- Issuing Let’s Encrypt certificates with DNS validation – such as when you have CloudFlare enabled
- Multiple versions of PHP – 7.2, 7.3, 7.4
- Enabling HSTS, which basically forces all connections to use HTTPS. To learn more about this, you can check out this really nice article from GlobalSign and this one from mozilla.org
To perform website specific actions, you can use the wo site command. The structure of this command is:
sudo wo site (command) [options]
And to create a website we use the wo site create command. The structure of this command is:
sudo wo site create [<yourdomain.tld>] [options]
I’m not going to get into all the configurations, since the docs have a comprehensive list already, but I’ll give a few examples since you’re already here, to give you an idea:
# standard WordPress site sudo wo site create yoursite.com --wp # WordPress site + Nginx fastcgi_cache sudo wo site create yoursite.com --wpfc # WordPress site + WP Super Cache & Nginx properly configured to work with it sudo wo site create yoursite.com --wpsc # WordPress site + WP-Rocket & Nginx properly configured to work with it sudo wo site create yoursite.com --wprocket # WordPress site + Cache-Enabler plugin & Nginx properly configured to work with it sudo wo site create yoursite.com --wpce # WordPress site + Redis Cache & Nginx properly configured to work with it sudo wo site create yoursite.com --wpredis # WordPress site + WP Super Cache & Nginx properly configured to work with it + Let’s Encrypt SSL sudo wo site create yoursite.com --wpsc --letsencrypt # WordPress site + WP-Rocket & Nginx properly configured to work with it + Let’s Encrypt SSL + PHP 7.4 sudo wo site create yoursite.com --wpsc --letsencrypt --php74 # WordPress site + Nginx fastcgi_cache & Nginx properly configured to work with it + Let’s Encrypt SSL + PHP 7.4 + HSTS Enabled sudo wo site create yoursite.com --wpsc --letsencrypt --php74 --hsts
Step 3 – Installing WordOps Stacks (Optional)
The WordOps stacks are basically additional software packages that help you manage your server.
You install all the recommended software packages by running the following command:
sudo wo stack install
The components that will be installed are:
Nginx – WordOps web server
PHP 7.4 – PHP7.4-FPM
MariaDB 10.5 – Open-source version of MySQL
WP-CLI – The WordPress command-line tool
Composer – PHP packages manager
MySQLTuner – Command-line tool to tune MySQL
Fail2ban – Authentication bruteforce protection
phpMyAdmin – MySQL server web interface
Adminer – lightweight phpMyAdmin alternative
OpcacheGUI – web interface for Opcache monitoring
Netdata – Monitoring suite
Anemometer – MySQL Slow Query Monitor
WordOps dashboard – Bootstrap template for WordOps backend
eXtplorer – Web File manager
cheat.sh – Command-line Linux cheatsheet
Sendmail – Sendmail MTA
It would look something like this:
After that, you should be able to access the WordOps dashboard in your browser, which you can access by visiting https://your_ip:22222 or https://yourhostname:22222. You’ll be presented with an authentication prompt where you can enter your WordOps username/password.
Here’s a very quick preview of the WordOps dashboard:
For more on the stack command, you can read this article from the WordOps docs: https://docs.wordops.net/commands/stack/
Questions I’ve Asked Myself
Not an ideal title for this section – I would’ve preferred to have a FAQ section, but I don’t know if these are frequently asked.
These are just questions I’ve had myself and I hope some may help you. If you have any other questions that you can’t find an answer to, then please feel free to leave them in the comments or contact us.
You can also check the WordOps FAQ for more info.
Why is WordOps better than regular WordPress + Nginx?
I don’t know all of the advantages, and I don’t know any disadvantages, but here are my reasons for using WordOps:
- Fast WordPress Install: I used to set up WordPress + Nginx myself manually, or automated via some scripts. But it would be a quick and dirty solution – nowhere near how WordOps does it, with all the additional features, ready made configurations, and security.
- CLI: Simple and intuitive command-line utility to easily manage sites.
- Secure: Already secured by knowledgeable developers, and I can add extra layers of security if I want.
- Caching Plugins Configured for Nginx: Automatically configured Nginx for several caching plugins. I believe that most of these caching plugins require you to make extra configurations when using them with Nginx, instead of Apache. WordOps automatically configures those caching plugins, so you don’t have to.
- Simple Documentation: I find the docs to be uncomplicated and beginner friendly.
- Active/Helpful Community: If you have questions or issues you can’t find a solution to you can just ask here https://community.wordops.net. It’s very welcoming and easy to navigate, in my opinion.
Why is it important that WordOps also installs caching plugins? Can’t I simply install them myself?
Some popular caching plugins may require configuring Nginx so they can work. WordOps does that for you, so you don’t have to bother finding the correct way to configure them.
What is HSTS and why does it matter?
HSTS (HTTP Strict Transport Security) is a policy that you can enable, which basically makes your website declare that it can only be accessed via HTTPS.
This isn’t enabled by default when you set up SSL for your website, and your website will have a 301 redirect from HTTP to HTTPS, which makes it significantly weaker, as it presents a window of opportunity for potential hackers to use downgrade attacks on your users.
If you’d like to better understand HSTS, I recommend this article from mozilla.org
What is Fail2Ban?
Fail2Ban is a tool that helps prevent unauthorized access to both your server and your WordPress install. It notes failed login attempts, and based on a set of rules (that you can adjust), it bans those IPs by modifying the server’s firewall rules.
This helps, as your server and site often deals with login attempts from bots. At least my sites do.
I use Simple History, a plugin to easily log recent changes and such, and here’s the latest attempts I’m seeing at the time of writing (March 4th, 2021)
The “similar events” are failed login attempts.
Why use WordOps over EasyEngine?
WordOps is a fork of the previous version of EasyEngine (version 3). The current version of EasyEngine (version 4) uses Docker.
The reason I prefer WordOps is that I’m not familiar enough with Docker. Other than that, I don’t have any reasons to believe WordOps is better than EasyEngine.
Why doesn’t WordOps currently support PHP 8? (March 4th, 2021)
WordOps doesn’t support PHP 8 right now because it’s probably a bit too early, but it’s planned.
Does WordOps work with W3 Total Cache?
WordOps doesn’t have a configuration for W3 Total Cache, like it has for the other caching plugins. From what I understand, support for W3TC was dropped as a security precaution, when they forked WordOps from EasyEngine v3.
I don’t know the reason behind it however – I suspect W3TC had some security issues at the time. [Link to Discussion Thread on WordOps Community Forum]
I believe you can configure Nginx to work with W3 Total Cache yourself, but I haven’t tried it myself. If you’re adamant about using WordOps with W3TC then I’d suggest consulting with WordOps community at https://community.wordops.net