How to Deploy Your First Website on VPS in 2026 – Full Beginner Tutorial

After getting a VPS, many beginners hit the same wall: they know they want to deploy a website, but have no idea where to start. This tutorial breaks the entire process into seven steps, each with the specific commands you need—follow along and you'll have a live site at the end.

Step 1: Create your VPS server

Purchase a server from Vultr, DigitalOcean, or Hostinger with the following configuration:

Once the server is created, the control panel will display your public IP address. Write it down—you'll need it throughout this process.

Step 2: Connect via SSH

Open a terminal (Mac/Linux users can use the system terminal directly; Windows users should use PowerShell or PuTTY):

ssh root@your_server_IP

On your first connection, you'll be prompted to confirm the server fingerprint. Type yes and press Enter, then enter your password to log in.

Once inside, update the system to ensure all packages are current:

apt update && apt upgrade -y

Step 3: Install Nginx web server

Nginx is one of the most widely used web servers available, efficient at handling concurrent requests with low memory overhead:

apt install nginx -y
systemctl enable nginx
systemctl start nginx

After installation, enter your server IP in a browser. If you see the Nginx default welcome page, the installation was successful.

Step 4: Install WordPress

WordPress powers over 43% of websites globally and remains the most widely used CMS for VPS hosting. It requires a database and PHP to run.

Install MySQL:

apt install mysql-server -y
mysql_secure_installation  # Recommended: run secure initialization

Create a dedicated WordPress database:

mysql -u root -p

Once inside MySQL, run:

CREATE DATABASE wordpress;
CREATE USER 'wpuser'@'localhost' IDENTIFIED BY 'your_password';
GRANT ALL PRIVILEGES ON wordpress.* TO 'wpuser'@'localhost';
FLUSH PRIVILEGES;
EXIT;

Install PHP and required extensions:

apt install php php-fpm php-mysql php-xml php-curl php-gd php-mbstring -y

Download and configure WordPress:

cd /var/www/html
wget https://wordpress.org/latest.tar.gz
tar -xzf latest.tar.gz
mv wordpress/* .
rm -rf wordpress latest.tar.gz
chown -R www-data:www-data /var/www/html

Configure Nginx to work with WordPress by editing the default site configuration:

nano /etc/nginx/sites-available/default

Find the index line and make sure it includes index.php:

index index.php index.html index.htm;

Find the location ~ \.php$ block and confirm PHP-FPM is configured correctly:

location ~ \.php$ {
    include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
}

Restart Nginx:

systemctl restart nginx

Open your server IP in a browser. If the WordPress installation wizard appears, the configuration is working correctly.

Step 5: Point your domain name to the server

A domain name makes your website more professional and is a prerequisite for configuring HTTPS. In the DNS management panel of your domain registrar (Porkbun, Cloudflare, Namecheap, etc.), add an A record:

Type: A
Hostname: @ (root domain)
Value: your VPS public IP
TTL: 3600

Add a second record for the www subdomain:

Type: A
Hostname: www
Value: your VPS public IP
TTL: 3600

DNS propagation typically takes a few minutes to a few hours. Use ping yourdomain.com to confirm it's resolving to your server IP.

Once DNS is active, update server_name in your Nginx configuration:

server_name yourdomain.com www.yourdomain.com;

Restart Nginx to apply the change:

systemctl restart nginx

Step 6: Configure HTTPS

HTTPS protects user data and has a positive effect on SEO rankings. Let's Encrypt provides free SSL certificates, and Certbot is the simplest way to set them up:

apt install certbot python3-certbot-nginx -y
certbot --nginx -d yourdomain.com -d www.yourdomain.com

Follow the prompts to enter your email address and accept the terms of service. Certbot will automatically request the certificate and configure Nginx. Once complete, your domain will display the HTTPS padlock in the browser.

Let's Encrypt certificates are valid for 90 days. Certbot handles automatic renewal—no manual action required. Test that renewal is working correctly:

certbot renew --dry-run

Step 7: Basic VPS security configuration

Complete these security steps before your site goes live to protect against unauthorized access and common attacks.

Configure the firewall to allow only necessary ports:

ufw allow ssh       # SSH access
ufw allow 80/tcp    # HTTP
ufw allow 443/tcp   # HTTPS
ufw enable
ufw status          # Confirm rules are active

Install Fail2ban to block SSH brute-force attempts:

apt install fail2ban -y
systemctl enable fail2ban
systemctl start fail2ban

Change the default SSH port to reduce scanner exposure (optional but recommended):

nano /etc/ssh/sshd_config

Find #Port 22 and change it to:

Port 2222

Update your firewall rules accordingly:

ufw allow 2222/tcp
ufw delete allow ssh  # Remove the old port 22 rule
systemctl restart sshd

From now on, include the port number when connecting:

ssh -p 2222 [email protected]

Troubleshooting common issues

Browser can't display the Nginx page: Check that the service is running with systemctl status nginx, and confirm that port 80 is open in UFW.

WordPress shows a database connection error: Verify the database name, username, and password are entered correctly, and confirm MySQL is running with systemctl status mysql.

Certbot fails to issue a certificate: Confirm your domain's DNS is pointing to the correct server IP (test with ping yourdomain.com), check that port 80 is open, and verify Nginx is running.

How many WordPress sites can a 2GB VPS handle? Typically 3–5 low-traffic sites running stably, with capacity for more when Redis object caching is configured.

Full process overview

Following this process, getting from a blank VPS server to a live WordPress site with HTTPS takes 15–20 minutes of actual work. Don't worry if you hit an error the first time—copy the error message into Google or ChatGPT and you'll find a ready-made solution for almost anything that comes up.