WordPress logo
Preview of the Vultr management interface for WordPress on a mobile device.
WordPress logo|trans
Preview of the Vultr server deploy page control panel for WordPress on a web browser.

WordPress was started in 2003 and is now used by over 20% of the top 10 million websites. Use WordPress for your next website or blog.

WordPress supports both themes and plugins - many of which are provided for free by the WordPress service and its user community. The software makes it simple to add new themes and switch between them. Web developers can also create their own designs for WordPress.

WordPress Details

To view the publicly accessible instance, visit https://use.your.ip/. See our instructions to bypass the HTTPS warning for self-signed SSL/TLS certificates if a Commercial or Let's Encrypt SSL/TLS certificate is not going to be installed (instructions for both options are below).

WooCommerce Supported

The WooCommerce plugin can be installed manually, or the Marketplace WooCommerce app can be used to start with the functionality included already.

Configuration and Administration

WordPress Administration Panel

The WordPress Administration panel is accessible via https://use.your.ip/wp-admin/:
* Username: wpauserWordPress Administrator Username
* Password: WordPress Administrator Password

Cockpit Control Panel

Cockpit control panel is accessible via https://use.your.ip:9080/:
* Credentials are the same as provided on the Server Information page
If you use the Vultr Firewall, make sure to allow access to port 9080.

Cockpit can be disabled by connecting as the root user and running:
# systemctl disable --now cockpit.socket


PHPMyAdmin is accessible via https://use.your.ip/mysqladmin/:
* Username for both security modal and logging in: pmauserPHPMyAdmin Username
* Password for security modal: PHPMyAdmin htaccess modal Password
* Password for logging in to PHPMyAdmin: PHPMyAdmin Password

HTTPS: SSL/TLS Certificates

If a SSL/TLS certificate is not installed initially, it may be necessary to install a HTTPS WordPress plugin to force all content to HTTPS, which will address any unencrypted links stored internally by WordPress previously.

To access the WordPress server with a domain name, instead of use.your.ip, it is possible to register a domain name from a domain registrar, and either follow the registrar's documentation on updating DNS records, or utilize Vultr's DNS.

Once DNS has finished propagating, and the registered domain name resolves to use.your.ip, connect to the server via console or SSH as the root user.

Let's Encrypt via Certbot

Certbot is installed by default on Vultr's WordPress Marketplace app. If you need to update or reinstall, please see the recommended installation steps at eff.org.

Requesting a Certificate

The below example shows installing multi-domain certificate for the bare or root domain of example.com as well as the fully-qualified domain name (FQDN) of www.example.com. The email provided is used for registering an account with Let's Encrypt and is not sent to Vultr:
# certbot --nginx --redirect -d www.example.com -d example.com -m admin@example.com --agree-tos --no-eff-email
Upon successfully requesting certificates, a message should be shown that includes text similar to the following:

Successfully deployed certificate for www.example.com to /etc/nginx/conf.d/wordpress_https.conf
Congratulations! You have successfully enabled HTTPS on https://www.example.com

(Optional) To update the Cockpit Control Panel to use the same certificate, a script is available to be invoked via:
# /opt/vultr/cockpit-certificate.sh

Revoking a Certificate

In case a certificate issued by Let's Encrypt via certbot is to be revoked, or otherwise needs to be uninstalled, these steps should be followed:
1. Back up current web server configuration files:
# cp -r /etc/nginx /root/nginx
2. Revoke the certificate:
# certbot delete
3. Restore default web server configuration:
# /opt/vultr/fix-vhost.sh

Commercial SSL/TLS Certificate

If a commercial certificate is desired instead of the free Let's Encrypt certificate, install the public certificate as /etc/nginx/ssl/server.crt and the private key as /etc/nginx/ssl/server.key. Refer to the certificate vendor's documentation for any further details. Once these files are in place, reboot the server to ensure all services are using the correct certificate: # reboot

Disabling HTTPS

While strongly discouraged, it is possible to disable HTTPS access by running the following:
# mv /etc/nginx/conf.d/wordpress_https.conf /root/; reboot

SQL Database Access

To access the MariaDB (MySQL) database server, connect as the root user via console or SSH and run:
# mysql -u root

The root password is located in the configuration file /root/.my.cnf.

Logs for the database server can be viewed with:
# journalctl -eu mariadb.service

Malware Detection

Linux Malware Detection is enabled by default, but can be disabled:
# systemctl disable --now maldet.service

WordPress Plugins Installed by Default

SMTP Mailer

To address the common concern of reliable mail delivery, SMTP Mailer is preinstalled and can be configured to authenticate with an external SMTP server by logging in to the WordPress Administration Panel and navigating to the Plugins > Installed Plugins page and updating the necessary settings there.

Wordfence Security

Wordfence , an endpoint firewall and security scanning plugin is also preinstalled.

Helper Scripts

After connecting as the root user via console or SSH as the root user, the following scripts can be invoked to assist in configuration tasks.

Reset WordPress Password

If the administrator password for the WordPress Administration Panel needs to be reset, a new strong password can be set via:
# /opt/vultr/reset-wp-pass.sh

Reset NGINX Server Configuration

To reset the NGINX web server configuration to its original settings, use:
# /opt/vultr/fix-vhost.sh

Check Software Versions

Our support team may request OS and WordPress version information, which can be obtained via:
# /opt/vultr/version.sh

Files and Folders of Interest

  • php.ini : /etc/php/8.1/fpm/php.ini
  • NGINX virtual host configuration : /etc/nginx/conf.d/
  • NGINX virtual host SSL files (unless Certbot has been utilized to generate Let's Encrypt certificates) : /etc/nginx/ssl/
  • WordPress web root : /var/www/html
  • WordPress uploads : /var/www/html/wp-content/uploads
  • wp-cli : /usr/local/bin/wp

Support Information

Support Contact

Support URL

Maintainer Contact

Report Application

Report an application with malicious intent or harmful content.

Thank you for your report!

Our Team has received your report and will respond accordingly as possible.