To eliminate some security risks caused by one-click script installer, manual installation is the best solution. You can change the table prefix or remove any security risk caused by the automatic script installer after website installed, but manual installation method definitely will save you a lot of time…
Many hosting companies offer automatic script installation to help their users to create a ready to use and functional website. One-Click automatic script installer like Fantastico or SimpleScripts are the easiest and fastest way to install WordPress on a web server, especially for beginners. But behind its simplicity lies several weaknesses due to the easy-guessed installation settings. If we want to eliminate some security risks caused by one-click script installer, manual installation is the best solution. You can change the table prefix or remove any security risk caused by the automatic script installer after website installed, but manual installation method definitely will save you a lot of time. If you need help – We Do It For You Free – firstname.lastname@example.org
This tutorial digs into the basics of WordPress giving you an overview of how WordPress works internally. With the advent of cPanel, a lot of our work has been reduced – which is an amazing thing. Okay, so let’s break down this tutorial. We’ll first list the prerequisites and then move on to the major tasks.
Major Steps in Manual Installation:
- Download wordpress.zip file and upload to public_html folder via FTP, or via cPanel File Manager
- Extract the contents of wordpress.zip using cPanel File Manager.
- Create a new MySQL database and user.
- Run the famous 5 minute WordPress installation.
Step #1 – Upload WordPress Files to Server
First we download the latest version of WordPress from the WordPress.org repository. Uploading the WordPress files to your hosting server can be done in two major ways.
- You could use the cPanel File Manager to upload the zip file, OR
- Upload the file using FTP access.
Step #1.1 – Uploading WordPress ZIP archive using cPanel File Manager
Step #1.1.2 – Understanding which Directory to Install WordPress
Alright, assuming that we’ve got one domain connected in our hosting account, the Web root directory, also referred to as the www directory is the folder containing all the files in our website. Technically speaking, the web root directory for a domain or a sub-domain is the base directory containing all the files available to the public HTML port (i.e. port 80).
Step #1.1.3 – Upload, Extract and Move
Within the File Manager, locate and navigate to that directory. From the top toolbar of the cPanel, select “Upload” and browse for the file you downloaded from WordPress.org. Once the .ZIP file has finished uploading, return to the directory by clicking the “← Go Back to “/home/yourserverhere/public_html/yoursitehere” link.
Within the directory root you will now see the wordpress.zip file. Click on this file to select it and then from the cPanel tool bar at the top, click “extract”. After that click “reload” in the cPanel toolbar and you will see the extracted wordpress folder. You can now delete the .ZIP file in order to keep everything nice and clean.
Double click on the newly extracted “wordpress” folder and you should now see all the WordPress files. From the cPanel toolbar, click on the box “Select All”. All of the WordPress files should now be highlighted. In the cPanel toolbar select “Move File” and a modal will pop up with a directory link “/public_html/yourdirectoryname/wordpress”. Remove the “/wordpress” tail from the end of the path and click Move File(s). All files should now be moved to your directory root and click “Up One Level” from the toolbar to view them.
Step #2 – Creating a new MySQL Database and User
In this step we will create a new MySQL database along with a user, who would access the database.
Step #2.1 – Create a New MySQL Database in cPanel
Login to your cPanel and launch the MySQL Database Wizard.
Once inside the Database Wizard you will be prompted to create a New Database. Your database prefix will appear followed by an underscore and a blank area for you to populate your database name “yourserver_blankarea“. In the blank area you will enter your database name and keep it in a safe spot for a future step. The database name should be at least 3 characters and only contain alphanumeric characters. After filling in the name click “next step”.
You will now be prompted to create a Database User. Your database prefix will appear again followed by an underscore and a blank area for you to populate your database username “yourserver_username“. The database username cannot contain more than seven alphanumeric characters. Save the username to a safe location for future use. Now either manually enter a password of your choice or use the provided “Password Generator”… just make sure that your password is strong and secure. Now click on the button “Create User”.
Now that you have created the Database User, you will be brought to a page that asks you to assign privileges. Tick the box at the top that reads “All Privileges” and then click the button “Next Step”. Your database is now set up and you can now move on to plugging the database information into the wp-config.php file.
Step #3 – The Final Configuration
Now that we’ve completed the installation procedure, let’s run the famous five minute WordPress installation. Head over to your WordPress directory via your domain (and not via cPanel). In our case, it would be yoursite.com. This will launch the installation process.
Select the language.
This is some troubleshooting information if your wp-config.php file isn’t writeable
Enter the database information from the last step. Make sure your table prefix isn’t “wp_“. This gives attackers an added advantage. Change it to an alphanumeric value.
Run the installation!
Now this part is simple, but important. Once crucial step is not to use admin as an username, as stated in our WordPress Security Guide. We’ve also disabled search engine indexing, since it is a temporary experimental WordPress installation.
Done. We’ve successfully installed WordPress 100% manually.