Description: In this project, you will develop a WordPress website using AWS services, designed for high availability, scalability, and reliability. This setup will use EC2 instances for the application layer, RDS for the database layer
Tools/Technologies:
AWS EC2: For hosting the WordPress application.
Amazon RDS: For managing the MySQL database.
Amazon VPC: To set up secure networking and subnets.
Linux: For configuring EC2 instances.
- Create the VPC
Login to the AWS Management Console.
Navigate to the VPC Dashboard by searching for "VPC" in the search bar.
Click on Create VPC.
Name: Give your VPC a descriptive name (e.g., WordPress-VPC).
IPv4 CIDR block: Define the IP range for the VPC (e.g., 10.0.0.0/16).
This range allows you to have up to 65,536 IP addresses.
Tenancy: Choose Default unless you need dedicated hardware. Click Create VPC.
- Create Public Subnets
You will create two public subnets in different Availability Zones.
In the VPC dashboard, go to Subnets and click on Create subnet.
Configure the first public subnet:
VPC ID: Select the VPC you created (WordPress-VPC).
Subnet name: Name it something like Public-Subnet-1.
Availability Zone: Choose an AZ (e.g., us-east-1a).
IPv4 CIDR block: Specify a CIDR block for the first public subnet (e.g., 10.0.1.0/24).
Click Create subnet.
Configure the second public subnet:
Repeat the steps above but select a different AZ (e.g., us-east-1b).
Name this subnet Public-Subnet-2.
Specify a different CIDR block (e.g., 10.0.2.0/24). Click Create subnet.
create 3 private subnet
- Create Private Subnets Next, create two private subnets for the database (RDS).
Click Create subnet again.
Configure the first private subnet:
VPC ID: Select the same VPC (WordPress-VPC). Subnet name: Name it Private-Subnet-1.
Availability Zone: Choose the same AZ as the first public subnet (e.g., us-east-1a).
IPv4 CIDR block: Specify a different CIDR block (e.g., 10.0.3.0/24).
Click Create subnet.
Configure the second private subnet:
Repeat the process for a different AZ (e.g., us-east-1b).
Name this subnet Private-Subnet-2.
Specify a different CIDR block (e.g., 10.0.4.0/24). Click Create subnet.
- Enable Auto-Assign Public IP for Public Subnets
This step ensures that EC2 instances in the public subnets automatically get public IP addresses.
Go to Subnets in the VPC dashboard.
Select Public-Subnet-1 and Public-Subnet-2.
Under Actions, click Modify auto-assign IP settings.
Check the box to Enable auto-assign public IPv4 address. Click Save.
- Create and Attach an Internet Gateway
To allow instances in the public subnet to access the internet, you need to create an Internet Gateway and attach it to the VPC.
In the VPC dashboard, click Internet Gateways.
Click on Create Internet Gateway.
Name tag: Provide a name (e.g., WordPress-IGW).
Click Create internet gateway.
Once the Internet Gateway is created, select it, click Actions, and choose Attach to VPC.
Select the VPC you created (WordPress-VPC) and click Attach internet gateway.
- Create Route Table for Public Subnets
Now, configure the routing for public subnets to use the Internet Gateway.
In the VPC dashboard, click on Route Tables.
Click Create route table.
Name: Name it Public-RT.
VPC: Select your VPC (WordPress-VPC).
Click Create route table.
After creating the route table, select it and go to the Routes tab.
Click Edit routes and add the following route:
Destination: 0.0.0.0/0 (this allows traffic to the internet).
Target: Select Internet Gateway and choose the gateway you created (WordPress-IGW).
Click Save changes.
- Associate Public Subnets with Public Route Table
To enable internet access for the public subnets, associate them with the public route table.
Go to the Route Table dashboard, select the Public-RT, and click on the Subnet associations tab.
Click Edit subnet associations.
Select the public subnets (Public-Subnet-1 and Public-Subnet-2).
Click Save.
- Create Route Table for Private Subnets
Private subnets should not have direct internet access. Create a route table for them.
Click Create route table.
Name: Name it Private-RT.
VPC: Select your VPC (WordPress-VPC).
Click Create route table.
Do not add an internet route to this route table. It should only have local VPC traffic routing.
Associate this route table with the private subnets (Private-Subnet-1 and Private-Subnet-2).
- Create Security Group for EC2 Instances
The Security Group for the EC2 instances will allow HTTP (port 80), HTTPS (port 443), and SSH (port 22) access. The SSH access should be limited to trusted IP ranges, while HTTP and HTTPS traffic will be open to everyone (0.0.0.0/0).
Navigate to the EC2 Dashboard:
Go to the EC2 Dashboard in the AWS Management Console.
In the left-hand menu, click on Security Groups under Network & Security.
Create the Security Group:
Click on Create Security Group.
Configure the Security Group for EC2:
Security Group Name: Provide a descriptive name (e.g., EC2-WordPress-SG).
Description: Write a description, such as "Security group for WordPress EC2 instances."
VPC: Select the VPC you created earlier (e.g., WordPress-VPC).
Inbound Rules: Add the following rules to allow traffic to your EC2 instances:
SSH Access:
Type: SSH
Protocol: TCP
Port Range: 22
Source: Your trusted IP range (e.g., 0.0.0.0/0).
This limits SSH access to your IP only for security.
HTTP Access:
Type: HTTP
Protocol: TCP
Port Range: 80
Source: 0.0.0.0/0 (Allowing access from anywhere).
HTTPS Access:
Type: HTTPS
Protocol: TCP
Port Range: 443
Source: 0.0.0.0/0 (Allowing access from anywhere).
Outbound Rules:
By default, AWS Security Groups allow all outbound traffic.
You can leave this as-is, ensuring the EC2 instances can communicate with the internet.
Create the Security Group:
Once the rules are defined, click Create Security Group. Associate the Security Group with EC2 Instances:
When launching your EC2 instances in the public subnets (later), attach this Security Group (EC2-WordPress-SG) to them.
- Create Security Group for RDS Instances
This Security Group will allow access only from EC2 instances within the VPC, specifically the private subnets, for database traffic (MySQL/Aurora on port 3306).
Create the Security Group:
Navigate to the Security Groups section in the EC2 Dashboard.
Click on Create Security Group.
Configure the Security Group for RDS:
Security Group Name: Provide a descriptive name (e.g., RDS-MySQL-SG).
Description: "Security group for MySQL RDS allowing access only from EC2 instances."
VPC: Select your VPC (e.g., WordPress-VPC). Inbound Rules:
MySQL/Aurora Access:
Type: MySQL/Aurora
Protocol: TCP
Port Range: 3306
Source: Select Custom and choose the EC2 Security Group (EC2-WordPress-SG). This will ensure that only instances within this Security Group (EC2 instances) can access the RDS database.
Outbound Rules:
Leave the default All traffic rule to allow RDS instances to initiate outbound connections if necessary.
Create the Security Group:
Click Create Security Group to finish.
Step-by-Step Instructions: Launching EC2 Instances and Installing WordPress
- Launch EC2 Instances in Public Subnets
Navigate to the EC2 Dashboard:
Go to the EC2 Dashboard in the AWS Management Console.
- Launch an EC2 Instance:
Click on Launch Instance.
- Configure EC2 Instance Settings:
Name and Tags: Name your instance (e.g., WordPress-EC2-1).
- Choose AMI (Amazon Machine Image):
Select Amazon Linux 2 as the AMI (or another Linux distribution of your choice).
- Choose Instance Type:
Select t2.micro (or larger depending on traffic requirements) under Instance type. This is free-tier eligible for small-scale testing.
- Configure Network Settings:
VPC: Select the VPC you created earlier (WordPress-VPC). Subnet: Choose one of the public subnets (Public-Subnet-1 or Public-Subnet-2).
Auto-assign Public IP: Ensure that Auto-assign Public IP is enabled so the instance can be accessed from the internet.
- Select Security Group:
Use the existing EC2-WordPress-SG Security Group created earlier.
This Security Group allows HTTP, HTTPS, and SSH traffic.
- Launch EC2 Instance:
Select a key pair to enable SSH access (you can create a new one if needed). Make sure to download the private key .
pem file if you create a new key pair.
Click Launch Instance.
- Repeat the process for the second instance:
Launch another EC2 instance in the second public subnet (Public-Subnet-2), following the same steps as above, and name it WordPress-EC2-2.
You can choose between LAMP (Linux, Apache, MySQL, PHP)
Option 1: Install LAMP Stack (Apache)
connect previous creted instance
Option 1: Install LAMP Stack (Apache)
sudo yum update -y
sudo yum install httpd -y
sudo systemctl start httpd
sudo systemctl enable httpd
sudo yum install php php-mysqlnd -y
sudo yum install mariadb-server -y
sudo systemctl start mariadb
sudo systemctl enable mariadb
you have a problem mariadb-server is not install then you next command try
sudo rm /etc/yum.repos.d/MariaDB.repo
sudo yum install mariadb105-server mariadb105 -y
sudo systemctl start mariadb
sudo systemctl enable mariadb
Verify PHP Installation:
Create a PHP info file:
sudo echo "<?php phpinfo(); ?>" > /var/www/html/info.php
when you permission denied then you run this command other then you not run
echo "<?php phpinfo(); ?>" | sudo tee /var/www/html/info.php
Visit (http:///info.php) to confirm PHP is working.
copy your current running instnace of public ip and paste here (http:///info.php)
paste public ip
your successful step
Install and Configure WordPress
Download WordPress:
Navigate to the web directory and download WordPress:
cd /var/www/html
sudo wget https://wordpress.org/latest.tar.gz
sudo tar -xzf latest.tar.gz
sudo mv wordpress/* ./
sudo chown -R apache:apache /var/www/html
sudo chmod -R 755 /var/www/html
reate WordPress Configuration File:
Copy the sample WordPress config file
sudo cp wp-config-sample.php wp-config.php
Configure the WordPress Database:
Create a new database for WordPress in MySQL:
sudo mysql -u root -p
CREATE DATABASE wordpress;
CREATE USER 'wp_user'@'%' IDENTIFIED BY 'your_password';
GRANT ALL PRIVILEGES ON wordpress.* TO 'wp_user'@'%';
FLUSH PRIVILEGES;
EXIT;
then you enter your password (12345678) are you enter in mariadb server successfully next exit
In this step, you will create an RDS instance with Multi-AZ deployment for redundancy and high availability, using either MySQL or Amazon Aurora. The RDS instance will be placed in the private subnet, and you will enable automatic backups. Finally, you'll configure WordPress to connect to the RDS database.
Step-by-Step Instructions: Setting Up RDS and Connecting WordPress
- Launch RDS Instance (MySQL or Amazon Aurora) Navigate to the RDS Dashboard:
In the AWS Management Console, go to the RDS Dashboard.
- Create Database:
Click Create database.
- Choose Database Creation Method:
Select Standard create.
- Engine Options:
Choose MySQL or Amazon Aurora based on your preference.
- Version:
For MySQL, choose the latest stable version.
For Aurora, choose a compatible version of Aurora MySQL.
- Database Instance Specifications:
DB Instance Class: Select an instance class that matches your expected workload.
For testing purposes, you can choose db.t3.micro (free tier eligible) or a larger instance if required.
Multi-AZ Deployment: Check the Multi-AZ option for high availability.
This will create a secondary standby instance in another availability zone.
- Settings:
DB Instance Identifier: Name your database (e.g., WordPress-RDS).
Master Username: Set the username (e.g., admin).
Master Password: Set a strong password and confirm it.
- DB Instance Connectivity:
VPC: Choose the VPC created earlier (e.g., WordPress-VPC).
Subnets: Select the private subnets created for the database.
Public Access: Ensure No is selected for public access, as this will keep the database private.
Security Group: Select the RDS-MySQL-SG Security Group that only allows access from the EC2 instances (created earlier).
- Database Storage:
Choose storage type, and enable Auto-scaling to allow automatic increases in storage capacity when needed.
- Enable Automatic Backups to protect your data:
Set the Backup retention period (e.g., 7 days).
- Encryption:
Enable encryption if desired for enhanced security (optional).
- Database Authentication:
Use password authentication for simplicity, though you can enable IAM authentication if you prefer.
- Monitoring:
Enable Enhanced Monitoring and set the monitoring level based on your needs.
- Maintenance:
Enable Auto minor version upgrade to apply minor DB version updates during the maintenance window.
- Launch the RDS Instance:
Review the settings and click Create database
you enter a password 12345678
open a new tab and go RDS service an create a subnet group for availability
enter name.
enter DISCRIPTION .
chose a pervious creted vpc .
slsect 3 diffrent availability zone.
and choose 3 private subnet .
and create a subnet group
go to return current RDS service and start process .
select only RDS-security group
create database
hold on 5 min and cheak you RDS instance active status
then go to terminal
Edit the wp-config.php File:
Open the wp-config.php file located in the /var/www/html directory
sudo vi /var/www/html/wp-config.php
but 1stly you copy your RDS database of endpoint
Update the Database Connection Details:
Find the following lines in the wp-config.php file
define('DB_NAME', 'database_name_here');
define('DB_USER', 'username_here');
define('DB_PASSWORD', 'password_here');
define('DB_HOST', 'localhost');
Replace these lines with the following, using the RDS endpoint and database details
define('DB_NAME', 'wordpress');
define('DB_USER', 'admin');
define('DB_PASSWORD', 'your_password');
define('DB_HOST', 'your_rds_endpoint');
your password :- 12345678
copy your rds endpoint and paste
Test the WordPress Setup
sudo systemctl restart httpd
Access WordPress:
Visit http:// in your browser and complete the WordPress setup process. The database connection should now be handled by RDS.
copy your instance public ip adress and paste
then your web site is error next you run next command
mysql -h wordpress-rds-instance-1.cxc8kccketxl.us-east-1.rds.amazonaws.com -u admin -p
copy your upload rds endpoint and paste here
mysql -h < RDS Endpoint copy and paste > -u admin -p
then enter your password (12345678)
start your maria db
Check for Existing Database:
If you can connect, ensure that the (wordpress) database exists on the RDS instance. You can check this by running:
SHOW DATABASES;
If the wordpress database does not exist, create it with
CREATE DATABASE wordpress;
copy your ec2 instnace public ip adress and paste website
Access WordPress:
Visit ( http:// ) in your browser and complete the WordPress setup process. The database connection should now be handled by RDS.
congratulations your project run.
click a continue button
enter . username:- admin
password:- 12345678
confirm password
your email
install wordpress
your Installation successful
login
enter your email, and password
login
wlcome to wordpress