WordPress was started in 2003 and is now used by over 20% of the top 10 million websites. Use WordPress for your next website or blog.
WordPress supports both themes and plugins - many of which are provided for free by the WordPress service and its user community. The software makes it simple to add new themes and switch between them. Web developers can also create their own designs for WordPress.
To view the publicly accessible instance, visit https://use.your.ip/. See our instructions to bypass the HTTPS warning for self-signed SSL/TLS certificates if a Commercial or Let's Encrypt SSL/TLS certificate is not going to be installed (instructions for both options are below).
The WooCommerce plugin can be installed manually, or the Marketplace WooCommerce app can be used to start with the functionality included already.
The WordPress Administration panel is accessible via https://use.your.ip/wp-admin/:
* Username: wpauserWordPress Administrator Username
* Password: WordPress Administrator Password
Cockpit control panel is accessible via https://use.your.ip:9080/:
* Credentials are the same as provided on the Server Information page
If you use the Vultr Firewall, make sure to allow access to port 9080.
Cockpit can be disabled by connecting as the root user and running:
# systemctl disable --now cockpit.socket
PHPMyAdmin is accessible via https://use.your.ip/mysqladmin/:
* Username for both security modal and logging in: pmauserPHPMyAdmin Username
* Password for security modal: PHPMyAdmin htaccess modal Password
* Password for logging in to PHPMyAdmin: PHPMyAdmin Password
XHProf Performance Analysis panel can be accessed via https://use.your.ip/xhprof/xhprof_html/:
* Username for security modal: xhprofuserXHProf htaccess modal Username
* Password for security modal: XHProf htaccess modal Password
If a SSL/TLS certificate is not installed initially, it may be necessary to install a HTTPS WordPress plugin to force all content to HTTPS, which will address any unencrypted links stored internally by WordPress previously.
To access the WordPress server with a domain name, instead of use.your.ip, it is possible to register a domain name from a domain registrar, and either follow the registrar's documentation on updating DNS records, or utilize Vultr's DNS.
Once DNS has finished propagating, and the registered domain name resolves to use.your.ip, connect to the server via console or SSH as the
Certbot is installed by default on Vultr's One-Click WordPress. If you need to update or reinstall, please see the recommended installation steps at eff.org.
The below example shows installing multi-domain certificate for the bare or root domain of
example.com as well as the fully-qualified domain name (FQDN) of
www.example.com. The email provided is used for registering an account with Let's Encrypt and is not sent to Vultr:
# certbot --nginx --redirect -d www.example.com -d example.com -m firstname.lastname@example.org --agree-tos --no-eff-email
Upon successfully requesting certificates, a message should be shown that includes text similar to the following:
Successfully deployed certificate for www.example.com to /etc/nginx/conf.d/wordpress_https.conf
Congratulations! You have successfully enabled HTTPS on https://www.example.com
(Optional) To update the Cockpit Control Panel to use the same certificate, a script is available to be invoked via:
In case a certificate issued by Let's Encrypt via
certbot is to be revoked, or otherwise needs to be uninstalled, these steps should be followed:
1. Back up current web server configuration files:
# cp -r /etc/nginx /root/nginx
2. Revoke the certificate:
# certbot delete
3. Restore default web server configuration:
If a commercial certificate is desired instead of the free Let's Encrypt certificate, install the public certificate as
/etc/nginx/ssl/server.crt and the private key as
/etc/nginx/ssl/server.key. Refer to the certificate vendor's documentation for any further details. Once these files are in place, reboot the server to ensure all services are using the correct certificate:
While strongly discouraged, it is possible to disable HTTPS access by running the following:
# mv /etc/nginx/conf.d/wordpress_https.conf /root/; reboot
To access the MariaDB (MySQL) database server, connect as the root user via console or SSH and run:
# mysql -u root
The root password is located in the configuration file
Logs for the database server can be viewed with:
# journalctl -eu mariadb.service
Linux Malware Detection is enabled by default, but can be disabled:
# systemctl disable --now maldet.service
To address the common concern of reliable mail delivery, SMTP Mailer is preinstalled and can be configured to authenticate with an external SMTP server by logging in to the WordPress Administration Panel and navigating to the Plugins > Installed Plugins page and updating the necessary settings there.
Wordfence , an endpoint firewall and security scanning plugin is also preinstalled.
After connecting as the root user via console or SSH as the
root user, the following scripts can be invoked to assist in configuration tasks.
If the administrator password for the WordPress Administration Panel needs to be reset, a new strong password can be set via:
To reset the NGINX web server configuration to its original settings, use:
Our support team may request OS and WordPress version information, which can be obtained via:
Certbothas been utilized to generate Let's Encrypt certificates) :
Report an application with malicious intent or harmful content.