How to Install WordPress: the step-by-step beginner guide

WordPress powers over 43% of all websites on the internet. No other content management system comes close. From personal blogs to enterprise-grade e-commerce stores, WordPress has earned its dominance through flexibility, a massive plugin ecosystem, and a remarkably low barrier to entry. If you are reading this, you have already made a smart decision by choosing WordPress as the foundation for your website.

The good news is that learning how to install WordPress does not require any coding knowledge. Whether you prefer a one-click solution from your hosting provider, a hands-on manual installation, a local development setup, or the speed of the command line, this guide covers every method in full detail. By the end, you will have a fully functional WordPress site, configured for performance, security, and search engine visibility.

This guide is written for complete beginners, but it also serves as a reference for developers who want a clean, repeatable installation workflow. We will walk through every method step by step, then cover the critical post-installation configuration that most tutorials skip entirely.

Before you begin: installation prerequisites

Before you download a single file, you need three things in place: a hosting account, a domain name, and confirmation that your server meets the minimum technical requirements. Skipping this step is the number one cause of failed installations.

Choosing a web hosting provider

Web hosting is the service that stores your website files on a server and makes them accessible to visitors around the world. Think of it as renting space on a computer that is always connected to the internet. The type of hosting you choose directly impacts your site's speed, reliability, and security.

There are four main categories of hosting:

• Shared Hosting -- Your site shares server resources (CPU, RAM, disk) with hundreds of other websites. Affordable and sufficient for small sites. Typical cost: $3 to $12 per month.
• VPS (Virtual Private Server) -- A virtualized portion of a physical server with dedicated resources. Better performance and isolation. Typical cost: $15 to $80 per month.
• Dedicated Server -- An entire physical server exclusively for your site. Maximum performance and control. Typical cost: $80 to $500+ per month.
• Managed WordPress Hosting -- A hosting environment specifically optimized for WordPress with automatic updates, backups, staging environments, and expert support. Typical cost: $25 to $100+ per month.

For most beginners, shared hosting or managed WordPress hosting is the right starting point. Managed hosting is particularly valuable because the provider handles server-level optimization, daily backups, and security patching on your behalf.

For a detailed breakdown of the best options, read our WordPress hosting comparison guide.

Registering a domain name

Your domain name is your website's address on the internet, the URL that visitors type into their browser to reach your site. Choosing the right domain is a decision you will live with for a long time, so it deserves careful thought.

Follow these guidelines when selecting a domain:

• Keep it short and memorable. Aim for 15 characters or fewer if possible.
• Avoid hyphens and numbers. They are harder to remember and prone to typos.
• Choose a recognizable extension. .com remains the standard, but .io, .co, and country-specific extensions like .fr or .de work well for targeted audiences.
• Make it brandable. Your domain should be easy to say out loud, easy to spell, and relevant to your brand or niche.

Many hosting providers include a free domain name for the first year with their plans. If you purchase your domain separately, popular registrars include Namecheap, Cloudflare Registrar, and Google Domains.

Server requirements: the technical checklist

WordPress has modest server requirements. Virtually every modern hosting provider meets or exceeds them by default. However, it is worth verifying before you begin:

• PHP version 7.4 or greater (PHP 8.2+ is recommended for best performance and security)
• MySQL version 5.7 or greater, or MariaDB version 10.4 or greater
• HTTPS support (an SSL/TLS certificate, often included free with hosting via Let's Encrypt)
• Apache with mod_rewrite module, or Nginx as the web server

You do not need to install or configure any of this yourself on shared or managed hosting. These requirements are met out of the box. They only become relevant if you are setting up a VPS or dedicated server from scratch.

Method 1: the one-click installation (recommended for beginners)

The one-click installation is by far the most popular way to install WordPress. Nearly every hosting provider offers an automated installer that handles the entire process in under five minutes. No file uploads, no database creation, no configuration files. You fill out a short form, click a button, and your WordPress site is live.

The most common auto-installers are Softaculous, Installatron, and QuickInstall. They are typically accessible through your hosting control panel, which is usually cPanel, Plesk, or a proprietary dashboard built by your host.

Step-by-step: installing WordPress via cPanel and Softaculous

Step 1: Log in to your hosting control panel. After purchasing a hosting plan, your provider sends you login credentials for your control panel. Log in using the URL provided (usually something like yourdomain.com/cpanel or a custom URL from your host).

Step 2: Locate the auto-installer. In cPanel, scroll down to the "Software" section and click on Softaculous Apps Installer (or your host's equivalent). Some hosts place a dedicated "WordPress" icon directly on the dashboard for even faster access.

Step 3: Select WordPress and click "Install Now." You will see a grid of available applications. Find WordPress (it is almost always featured prominently) and click the Install button.

Step 4: Fill out the installation form. This is where you configure the key settings for your new site:

• Choose Protocol: Select https:// if your domain has an SSL certificate (it should). Avoid http:// for security reasons.
• Choose Domain: Select your domain name from the dropdown menu.
• In Directory: Leave this field blank to install WordPress at your domain root (yourdomain.com). If you want WordPress in a subdirectory, enter the folder name (e.g., blog for yourdomain.com/blog).
• Site Name: Enter your website's title. You can change this later.
• Site Description: Enter a short tagline. You can also change this later.
• Admin Username: Choose a unique username. Never use "admin" as it is the first username attackers try during brute-force attempts.
• Admin Password: Create a strong password with at least 12 characters, including uppercase and lowercase letters, numbers, and symbols.
• Admin Email: Enter a valid email address. WordPress sends important notifications here, including password reset links.
• Choose Language: Select the language for your WordPress admin panel.

Step 5: Configure advanced options (optional). Softaculous offers optional settings such as a custom database name, table prefix, and automatic backup schedule. Beginners can safely leave these at their default values.

Step 6: Click "Install." The installer creates the database, uploads the WordPress files, runs the configuration, and sets up your admin account. This typically takes 30 to 90 seconds.

Step 7: Note your login credentials. After installation, Softaculous displays your site URL and your admin login URL (yourdomain.com/wp-admin). Bookmark the admin URL and store your credentials in a password manager.

Host-specific one-click installers

Some hosting providers offer their own streamlined WordPress installation process that is even simpler than Softaculous:

• SiteGround: Uses a custom Site Tools dashboard with a WordPress setup wizard that runs during account activation.
• Bluehost: Presents a WordPress setup wizard immediately after purchasing a hosting plan.
• Kinsta (managed): Creates a new WordPress instance through their MyKinsta dashboard with options for multisite, WooCommerce, or standard installations.
• Cloudways: Deploys WordPress on cloud infrastructure (DigitalOcean, AWS, Google Cloud) through a guided interface.

Regardless of which host you use, the one-click installation process follows the same general pattern: select WordPress, configure your site details, and click install.

Method 2: the manual installation (the famous five-minute install)

The manual installation gives you complete control over every aspect of the process. It is the method documented on the official WordPress.org website and is sometimes called the "Famous Five-Minute Install." While it requires more steps than the one-click method, it teaches you how WordPress works under the hood, and that understanding becomes invaluable when troubleshooting issues later.

This method is recommended for developers, for installations on servers without auto-installers, or for anyone who wants to understand the relationship between WordPress files, the database, and the configuration.

Phase 1: download WordPress

1. Navigate to the official download page at wordpress.org/download.
2. Click the Download WordPress button to download the latest stable version as a .zip file.
3. Save the file to a location you can easily find on your computer.
4. Extract (unzip) the archive. You will have a folder named wordpress containing all the core files.

If you have SSH access to your server, you can download WordPress directly on the server:

# Download the latest WordPress archive
wget https://wordpress.org/latest.tar.gz
 
# Extract the archive
tar -xzvf latest.tar.gz

This creates a wordpress directory on your server, ready for the next step.

Phase 2: create a database and database user

WordPress stores all your content (posts, pages, comments, settings, user accounts) in a MySQL or MariaDB database. Before running the installer, you need to create an empty database and a user with permission to access it.

Using cPanel (MySQL Databases tool):

1. Log in to cPanel and navigate to MySQL Databases under the "Databases" section.
2. Under "Create New Database," enter a name for your database (e.g., yourdomain_wp) and click Create Database.
3. Under "MySQL Users," create a new user with a strong password. Click Create User.
4. Under "Add User to Database," select the user and database you just created, then click Add.
5. On the privileges screen, check ALL PRIVILEGES and click Make Changes.

Record these three values. You will need them in the next phase:

• Database name (e.g., yourdomain_wp)
• Database username (e.g., yourdomain_wpuser)
• Database password (the password you created for this user)

Using phpMyAdmin:

1. Open phpMyAdmin from your hosting control panel.
2. Click the Databases tab at the top.
3. Enter a database name in the "Create database" field and select utf8mb4_general_ci as the collation.
4. Click Create.
5. Navigate to the User accounts tab, click Add user account, and create a user with full privileges on the database you just created.

Phase 3: upload WordPress files to your server

You need to transfer the WordPress files from your local computer to your web server. There are two common approaches.

Option A: Using an FTP client (FileZilla)

FTP (File Transfer Protocol) is the traditional method for uploading files to a web server. FileZilla is a free, open-source FTP client available for Windows, macOS, and Linux.

1. Download and install FileZilla.
2. Open FileZilla and enter your FTP credentials (provided by your hosting company): Host, Username, Password, and Port (usually 21 for FTP or 22 for SFTP).
3. Click Quickconnect.
4. In the remote panel (right side), navigate to your site's root directory. This is typically public_html, www, or htdocs.
5. In the local panel (left side), navigate to the extracted wordpress folder.
6. Select all files and folders inside the wordpress folder (not the folder itself) and drag them to the remote panel.
7. Wait for the upload to complete. This can take several minutes depending on your internet connection.

Option B: Using cPanel File Manager

If you prefer not to install an FTP client, cPanel's built-in File Manager works well for smaller uploads.

1. Open File Manager in cPanel.
2. Navigate to the public_html directory.
3. Click the Upload button in the toolbar.
4. Upload the original .zip file you downloaded from WordPress.org.
5. After the upload completes, return to File Manager, right-click the .zip file, and select Extract.
6. Move the contents of the extracted wordpress folder into the public_html root directory.
7. Delete the now-empty wordpress folder and the .zip file to keep things clean.

Phase 4: configure wp-config.php

The wp-config.php file is the heart of your WordPress configuration. It tells WordPress how to connect to your database and contains important security settings.

1. In your site's root directory (where you uploaded the WordPress files), locate the file named wp-config-sample.php.
2. Rename this file to wp-config.php.
3. Open the file in a text editor (or use the cPanel File Manager editor).
4. Find the following lines and replace the placeholder values with your actual database information from Phase 2:

// ** Database settings - You can get this info from your web host ** //
 
/** The name of the database for WordPress */
define( 'DB_NAME', 'your_database_name' );
 
/** Database username */
define( 'DB_USER', 'your_database_username' );
 
/** Database password */
define( 'DB_PASSWORD', 'your_database_password' );
 
/** Database hostname */
define( 'DB_HOST', 'localhost' );
 
/** Database charset to use in creating database tables. */
define( 'DB_CHARSET', 'utf8mb4' );
 
/** The database collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', '' );

5. Generate unique security keys. Scroll down to the section labeled "Authentication Unique Keys and Salts." Visit the WordPress secret key generator in your browser, copy the entire output, and paste it into wp-config.php, replacing the placeholder lines.

6. Optional: change the table prefix. The default table prefix is wp_. For added security, change it to something unique like elv_ or site1_. This makes SQL injection attacks slightly harder.

7. Save the file.

Phase 5: run the installation script

1. Open your web browser and navigate to your domain: https://yourdomain.com.
2. If WordPress cannot find a wp-config.php file, it will display a setup screen asking you to create one. If you completed Phase 4, you will skip this step.
3. The WordPress installation screen appears. Fill in the following:
   • Site Title: The name of your website.
   • Username: Your admin username (again, never use "admin").
   • Password: A strong password. WordPress will generate one for you, which you can accept or replace.
   • Your Email: A valid email address for admin notifications.
   • Search Engine Visibility: Leave this unchecked unless you are building a staging or development site. Checking this box adds a noindex directive that tells search engines not to index your site.
4. Click Install WordPress.
5. You will see a success message with a link to log in. Click it, enter your credentials, and you are in.

Congratulations. You have just completed a manual WordPress installation.

Method 3: installing WordPress on your local computer

A local installation runs WordPress on your own computer without needing a live server or domain name. This is ideal for development, testing themes and plugins, learning the platform, or building a site before pushing it to a production server. No one else can see your local site, so you can experiment freely without risk.

Using Local (formerly Local by Flywheel)

Local is the most popular tool for local WordPress development, and for good reason. It is free, cross-platform (Windows, macOS, Linux), and dramatically simplifies the process. No manual server configuration, no database setup, no FTP.

1. Download Local from localwp.com and install it.
2. Open Local and click the + button (or "Create a new site").
3. Enter a name for your site (e.g., "My Test Site"). Local automatically creates the local URL based on this name.
4. Choose your environment. Select Preferred unless you have a specific reason to customize PHP and MySQL versions.
5. Create your WordPress admin username and password.
6. Click Add Site. Local downloads and configures WordPress automatically. This takes one to three minutes.
7. Once complete, click Open Site to view your site, or WP Admin to access the dashboard.

Local also includes features like one-click SSL certificates, live link sharing (so others can preview your local site temporarily), and the ability to push sites directly to hosting providers like WP Engine or Flywheel.

Using XAMPP or MAMP

XAMPP (Windows, macOS, Linux) and MAMP (macOS) are software packages that install a local server environment on your computer: Apache (web server), MySQL (database), and PHP. Once running, you can install WordPress just like you would on a remote server using the manual method.

1. Download and install XAMPP or MAMP.
2. Start the Apache and MySQL services from the control panel.
3. Open phpMyAdmin (typically at http://localhost/phpmyadmin) and create a new database.
4. Download WordPress from wordpress.org and extract the files into the htdocs folder (XAMPP) or htdocs folder (MAMP). The default path on macOS with XAMPP is /Applications/XAMPP/htdocs/.
5. Rename wp-config-sample.php to wp-config.php and enter your database details. The default MySQL username for XAMPP is root with an empty password. For MAMP, it is root with the password root.
6. Open your browser and navigate to http://localhost/your-folder-name to run the WordPress installer.

Using Docker

For developers who want reproducible, isolated environments, Docker provides a containerized approach to running WordPress locally. A docker-compose.yml file defines the WordPress and MySQL services, and a single command brings the entire stack up.

version: '3.8'
services:
  wordpress:
    image: wordpress:latest
    ports:
      - "8080:80"
    environment:
      WORDPRESS_DB_HOST: db
      WORDPRESS_DB_USER: wpuser
      WORDPRESS_DB_PASSWORD: wppassword
      WORDPRESS_DB_NAME: wordpress
    volumes:
      - wordpress_data:/var/www/html
  db:
    image: mysql:8.0
    environment:
      MYSQL_DATABASE: wordpress
      MYSQL_USER: wpuser
      MYSQL_PASSWORD: wppassword
      MYSQL_ROOT_PASSWORD: rootpassword
    volumes:
      - db_data:/var/lib/mysql
 
volumes:
  wordpress_data:
  db_data:

Run docker-compose up -d in the directory containing this file, then visit http://localhost:8080 in your browser to complete the WordPress setup wizard.

Docker is the preferred method for teams that need consistent development environments across different operating systems and machines. However, it has a steeper learning curve than Local or XAMPP and is generally not recommended for absolute beginners.

Method 4: installing WordPress with WP-CLI (the developer's way)

WP-CLI is the official command-line interface for WordPress. It allows you to install, update, configure, and manage WordPress entirely from the terminal, without ever opening a web browser. For developers, system administrators, and anyone who manages multiple WordPress installations, WP-CLI is indispensable.

Prerequisites

• SSH access to your server (or a local environment with WP-CLI installed)
• WP-CLI installed on the server. Installation instructions are available at wp-cli.org.
• An empty database already created (or sufficient MySQL privileges to create one)

Step-by-step WP-CLI installation

The entire WordPress installation can be completed with four commands:

# Step 1: Download the WordPress core files
wp core download --path=/var/www/yourdomain.com
 
# Step 2: Create the wp-config.php file
wp config create \
  --dbname=your_database_name \
  --dbuser=your_database_user \
  --dbpass=your_database_password \
  --dbhost=localhost \
  --path=/var/www/yourdomain.com
 
# Step 3: Create the database (if the user has sufficient privileges)
wp db create --path=/var/www/yourdomain.com
 
# Step 4: Run the installation
wp core install \
  --url="https://yourdomain.com" \
  --title="Your Site Title" \
  --admin_user="your_admin_username" \
  --admin_password="YourSecurePassword123!" \
  --admin_email="you@example.com" \
  --path=/var/www/yourdomain.com

That is it. Four commands and your WordPress site is fully installed and ready to use. No browser required.

WP-CLI is particularly powerful for automation. You can script the entire installation process, including plugin installation, theme activation, and settings configuration, into a single shell script that provisions a new WordPress site in seconds.

First steps after installing WordPress (post-installation checklist)

Installing WordPress is only half the job. A fresh WordPress installation ships with default settings that are not optimized for real-world use. The following configuration steps are essential before you start building pages or publishing content.

Configure general settings

Navigate to Settings > General in your WordPress admin panel and verify or update the following:

• Site Title: Confirm it matches your brand name.
• Tagline: Write a concise description of your site. This often appears in search engine results and in your theme's header.
• WordPress Address (URL) and Site Address (URL): Both should use https:// and match your domain exactly.
• Administration Email Address: Confirm this is a monitored email address.
• Timezone: Set it to your local timezone or your primary audience's timezone.
• Date and Time Format: Choose formats appropriate for your audience's locale.

Set SEO-friendly permalinks

This is one of the most important post-installation steps. WordPress defaults to a permalink structure like ?p=123, which is meaningless to both users and search engines.

1. Navigate to Settings > Permalinks.
2. Select the Post name option (/%postname%/).
3. Click Save Changes.

This produces clean, readable URLs like yourdomain.com/how-to-install-wordpress/ instead of yourdomain.com/?p=42. Clean URLs improve click-through rates in search results and help search engines understand your content structure.

For a deeper understanding of how this impacts your rankings, read our guide on SEO benefits of WordPress.

Delete default content

Every fresh WordPress installation includes placeholder content that you should remove immediately:

• Delete the "Hello World!" post. Navigate to Posts > All Posts and trash it.
• Delete the "Sample Page." Navigate to Pages > All Pages and trash it.
• Delete the "Hello Dolly" plugin. Navigate to Plugins > Installed Plugins. Deactivate and delete Hello Dolly. It is a charming tribute to the original WordPress release, but it serves no functional purpose.
• Remove unused default themes. Keep only one default theme as a fallback (e.g., Twenty Twenty-Five). Delete the rest to reduce your attack surface.

Configure discussion settings

Navigate to Settings > Discussion to decide how your site handles comments:

• Enable or disable comments globally.
• Require comment authors to provide a name and email.
• Enable comment moderation to review comments before they appear publicly.
• Consider enabling the "Comment must be manually approved" option to prevent spam from appearing on your site.

Set up your user profile

Navigate to Users > Profile and update:

• Nickname and Display Name: Choose a display name that is not your login username, for security reasons.
• Biographical Info: Write a brief author bio that appears on posts (if your theme supports it).
• Profile Picture: WordPress uses Gravatar for profile images. Create a Gravatar account linked to your admin email to display a custom avatar.

Choosing a theme and essential first plugins

Selecting your first theme

Your theme controls the visual design and layout of your WordPress site. For a new installation, prioritize themes that are lightweight, well-coded, regularly updated, and compatible with the latest version of WordPress.

Recommended starter themes:

• Astra -- Lightweight, fast, and highly customizable with hundreds of starter templates. Excellent for beginners and professionals alike.
• GeneratePress -- Minimalist, performance-focused, and developer-friendly. Generates exceptionally clean HTML output.
• Kadence -- Modern design with a powerful header/footer builder. Great balance between ease of use and flexibility.
• Twenty Twenty-Five -- The latest default WordPress theme. A solid choice if you want to use the full site editor (block-based editing) without third-party dependencies.

To install a theme, navigate to Appearance > Themes > Add New Theme, search for the theme by name, and click Install then Activate.

Must-have first plugins

Plugins extend the functionality of WordPress. While there are over 60,000 free plugins in the WordPress repository, you only need a handful to start:

To install a plugin, navigate to Plugins > Add New Plugin, search by name, click Install Now, then Activate.

Initial security hardening

A fresh WordPress installation is reasonably secure, but there are immediate steps you should take to harden it against the most common attack vectors. WordPress's popularity makes it a prime target for automated attacks. The good news is that basic security hygiene blocks the vast majority of threats.

Strong credentials and login protection

• Use a unique admin username (not "admin," "administrator," or your domain name).
• Use a password with at least 16 characters, combining uppercase, lowercase, numbers, and symbols.
• Install a security plugin (Wordfence, Sucuri, or iThemes Security) and enable Two-Factor Authentication (2FA) for all admin accounts.
• Limit login attempts to prevent brute-force attacks. Most security plugins include this feature.

Keep everything updated

The majority of WordPress hacks exploit known vulnerabilities in outdated software. Set up a routine to check for updates weekly, or enable automatic updates for minor releases:

• WordPress core: Enable automatic minor updates (they are enabled by default). For major updates, test on a staging site first.
• Plugins: Update regularly. Remove any plugins you are not actively using.
• Themes: Update the active theme and any fallback theme. Delete all others.

Additional security measures

• Change the default database prefix from wp_ to something unique if you did not do this during installation.
• Disable file editing in the WordPress admin by adding define( 'DISALLOW_FILE_EDIT', true ); to wp-config.php. This prevents attackers who gain admin access from modifying plugin and theme files through the dashboard.
• Install an SSL certificate and force HTTPS across your entire site. Most hosts provide free SSL via Let's Encrypt.
• Set correct file permissions: Directories should be 755, files should be 644, and wp-config.php should be 400 or 440.

For a comprehensive security strategy, read our complete WordPress security guide.

Performance optimization basics

Site speed directly impacts user experience, conversion rates, and search engine rankings. Google uses Core Web Vitals (LCP, INP, CLS) as ranking signals, and a slow WordPress site will lose visibility in search results. Fortunately, basic performance optimization is straightforward.

Install and configure a caching plugin

Caching stores a pre-built version of your pages so WordPress does not need to query the database and process PHP on every single request. This alone can reduce page load times by 50% or more.

If your host uses LiteSpeed web server, install LiteSpeed Cache. For Apache or Nginx servers, W3 Total Cache or WP Super Cache are solid choices. Enable page caching, browser caching, and GZIP compression at minimum.

Optimize images

Images are typically the largest files on any web page. Unoptimized images are the most common cause of slow load times.

• Install an image optimization plugin like ShortPixel or Smush to automatically compress images on upload.
• Use WebP format when possible. It delivers 25-35% smaller file sizes compared to JPEG at equivalent quality.
• Implement lazy loading for images below the fold. WordPress enables native lazy loading by default since version 5.5.
• Resize images to the maximum display size before uploading. There is no reason to upload a 4000x3000 pixel image if it will only ever be displayed at 800x600.

Use a CDN

A Content Delivery Network distributes copies of your static assets (images, CSS, JavaScript) across servers worldwide. When a visitor loads your site, assets are served from the server geographically closest to them, reducing latency.

Popular CDN options include Cloudflare (free tier available), BunnyCDN, and KeyCDN. Most can be set up in under 15 minutes.

Choose a lightweight theme

As mentioned earlier, your theme choice significantly impacts performance. Avoid themes bloated with features you will never use. A theme that loads five JavaScript libraries, three CSS frameworks, and a dozen font files on every page is a performance liability regardless of how many caching plugins you install.

For ongoing performance monitoring, our WordPress maintenance guide covers the tools and techniques to keep your site fast over time.

Common installation errors and troubleshooting

Even with careful preparation, installation issues can arise. Here are the most frequent problems and their solutions.

Error establishing a database connection

Cause: Incorrect database credentials in wp-config.php, or the MySQL service is not running.

Solution:

1. Open wp-config.php and verify that DB_NAME, DB_USER, DB_PASSWORD, and DB_HOST are all correct. Pay attention to capitalization and trailing spaces.
2. Confirm that the database user has been granted privileges on the correct database.
3. If DB_HOST is set to localhost, try replacing it with 127.0.0.1 or ask your hosting provider for the correct hostname.
4. Contact your hosting support to verify that the MySQL service is running.

White screen of death (WSOD)

Cause: A PHP fatal error, typically caused by a theme or plugin conflict, exhausted memory, or a syntax error in wp-config.php.

Solution:

1. Enable WordPress debug mode by adding define( 'WP_DEBUG', true ); and define( 'WP_DEBUG_LOG', true ); to wp-config.php. Check the wp-content/debug.log file for error details.
2. Increase the PHP memory limit by adding define( 'WP_MEMORY_LIMIT', '256M' ); to wp-config.php.
3. If the error started after installing a plugin or theme, use FTP to rename the problematic plugin's folder in wp-content/plugins/ or switch themes by renaming the active theme's folder in wp-content/themes/.

404 errors on all pages except the homepage

Cause: Permalink rewrite rules are not configured correctly, or the .htaccess file is missing or unwritable.

Solution:

1. Navigate to Settings > Permalinks and click Save Changes without making any modifications. This regenerates the rewrite rules.
2. If the problem persists, verify that the .htaccess file exists in your site's root directory and is writable by the server (permissions 644).
3. For Nginx servers, you need to add rewrite rules to your Nginx configuration file manually, as Nginx does not use .htaccess.

"Headers already sent" warning

Cause: Extra whitespace, blank lines, or a BOM (Byte Order Mark) before the opening <?php tag or after the closing ?> tag in wp-config.php or another PHP file.

Solution:

1. Open wp-config.php in a plain text editor (not a word processor).
2. Ensure there are no characters, spaces, or blank lines before <?php on the first line.
3. Remove the closing ?> tag at the end of the file if present. PHP does not require it, and removing it prevents this entire category of errors.
4. Save the file with UTF-8 encoding without BOM.

Connection timed out or 504 gateway error

Cause: The server is overloaded, PHP execution time limit is too low, or there is a network issue between you and the server.

Solution:

1. Wait a few minutes and try again. Shared hosting can experience temporary resource constraints.
2. Increase the PHP max_execution_time directive in php.ini or .htaccess if your host allows it.
3. Contact your hosting provider if the issue persists.

Frequently asked questions

Can I install WordPress for free?

Yes. The WordPress software itself is 100% free and open-source under the GPL license. However, you need to pay for two things to put your site on the internet: a domain name (typically $10 to $15 per year) and web hosting (starting from $3 per month for shared hosting). Some hosting providers include a free domain for the first year.

How long does it take to install WordPress?

Using a one-click installer, the entire process takes 3 to 5 minutes. A manual installation takes 15 to 30 minutes for someone doing it for the first time. With WP-CLI, an experienced developer can complete the installation in under 2 minutes.

Do I need coding skills to install WordPress?

No. The one-click installation method requires zero coding knowledge. You fill out a form, click a button, and WordPress is installed. The manual method involves editing one configuration file (wp-config.php), but you are only replacing placeholder text with your database credentials, not writing code.

What is the difference between WordPress.com and WordPress.org?

WordPress.org is the self-hosted version covered in this guide. You download the software for free and install it on your own hosting. You have full control over your site, can install any theme or plugin, and own all your data.

WordPress.com is a for-profit hosted service run by Automattic. It offers convenience (no hosting to manage) but restricts what plugins and themes you can install on lower-tier plans. The free plan displays ads on your site and does not allow a custom domain. For serious websites, the self-hosted WordPress.org version is almost always the better choice.

Can I install WordPress on a subdomain or subdirectory?

Yes. You can install WordPress on a subdomain (e.g., blog.yourdomain.com) by creating the subdomain in your hosting control panel and then running the installation as usual. For a subdirectory (e.g., yourdomain.com/blog/), specify the directory name during the installation process. The one-click installer has a dedicated field for this, and the manual method simply requires placing the files in the appropriate folder.

I installed WordPress in a subdirectory but want it on the root domain. How do I move it?

This is a common scenario. WordPress has built-in support for this:

1. In the WordPress admin, navigate to Settings > General.
2. Change the Site Address (URL) to your root domain (e.g., https://yourdomain.com). Leave the WordPress Address (URL) unchanged.
3. Save changes.
4. Copy the index.php and .htaccess files from the subdirectory to the root directory.
5. Edit the copied index.php and change the require path to point to the subdirectory (e.g., change /wp-blog-header.php to /blog/wp-blog-header.php).

How do I install WordPress on multiple sites?

You have two options. WordPress Multisite allows you to run multiple sites from a single WordPress installation, managed from one dashboard. This is ideal for networks of related sites. Alternatively, you can create entirely separate WordPress installations, each with their own database, files, and admin panel. The second approach provides complete isolation between sites and is generally simpler to manage.

Is WordPress secure enough for a business website?

WordPress core is developed by a dedicated security team and is regularly audited. The vast majority of WordPress security breaches are caused by outdated plugins, weak passwords, and misconfigured hosting, not vulnerabilities in WordPress core itself. By following the security hardening steps outlined in this guide and maintaining a regular update schedule, WordPress is secure enough for any business website. For enterprise-level security requirements, a managed WordPress host adds an additional layer of protection.

What comes next

You now have a fully installed, configured, and hardened WordPress site. That is a significant accomplishment, and you should take a moment to appreciate it. But the real work of building a successful website is just beginning.

Your next steps should include:

• Create your essential pages: Home, About, Contact, Privacy Policy, and Terms of Service.
• Set up Google Search Console and submit your XML sitemap to ensure search engines can discover and index your content.
• Install Google Analytics (or a privacy-respecting alternative like Plausible or Fathom) to track visitor behavior.
• Plan your content strategy before publishing. Identify your target keywords and create a content calendar.
• Set up automated backups to a remote location (cloud storage, not the same server). Test your backup restoration process at least once.

For a comprehensive overview of everything WordPress can do for your business, explore our complete WordPress guide. And if you need expert help with SEO, performance optimization, or ongoing maintenance, the ElevaSEO team is here to support you every step of the way.