Installing WordPress in Azure In 15 Minutes

July 9, 2018

~$9 a month for a custom domain that does not supports using SSL
- If you’re interested in having SSL support, you’ll need to jump to the B1 level. This costs ~$32 a month.
~$25 a month for the lowest setting capabilities for Azure Database for MySQL This assumes a fresh installation of WordPress, with no existing databases available on your current Azure instance. If you have a MySQL Server already set up in Azure, you’ll change the directions a bit to just use the existing instance.

Step 1: Create a WordPress Resource

After logging into the Azure portal, click on ‘Create a resource.’ Search for ‘WordPress and select the image published by WordPress.
You’ll be asked to provide some information, including:

App Name: a unique name you would like to use for the app.
Resource Group: type in the name of the new resource group to include the resources in. You can also add these resources to an existing resource group.
App Service plan/Location: select the app service plan to use for the WordPress instance. this is what drives the overall cost for all resources running – you can read more here.
Database: To use WordPress, Azure needs to create a MySQL server. Azure provides using the ‘Azure Database for MySQL’ service. Using this, you’ll set the server admin credentials and the pricing tier to be used. This will also create a database name for you for immediate use that you can change to use a more friendly name.

After about 5 minutes, the WordPress instance should be created. You can test it by accessing the URL **https://{your-app-name}.azurewebsites.net. **If you can see the WordPress installation screen, you’re good to go.

Step 2: Complete WordPress Installation

Once the database user has been created, run through the standard WordPress installation. If you’re familiar with this process, you’ll notice the wp-config screen is skipped. That’ because the file is already generated for you when installing the system in Azure.
Although this is the fastest way to get started, there are a few issues that you’ll want to address as you begin development:

Setting up a database user that only has access to the newly created database. This ensures that the user accessing the database only have the rights needed for WordPress. If the wp-config.php file is compromised, you don’t want to have the server admin credentials exposed.
Securing the Azure Database for MySQL Server to only allow access for particular IP addresses. The current setup allows for all IP addresses to connect in. Convenient, but not very secure.
Adding an SSL connection requirement. This ensures a secure connection to the database server.

I’ll write more on the above in the upcoming weeks on securing your WordPress installation.]]>