Deploy your Bitnami WordPress Stack on AWS Cloud now! Launch Now

Bitnami WordPress for AWS Cloud


Wordpress is the world's most popular blogging and content management platform. Powerful yet simple, everyone from students to global corporations use it to build beautiful, functional websites.

If you've just launched the Bitnami WordPress Stack using the AWS Marketplace, get started quickly with our guides for beginner and intermediate users.

First steps with the Bitnami WordPress Stack

Welcome to your new Bitnami application running on Amazon Web Services! Here are a few questions (and answers!) you might need when first starting with your application.

What credentials do I need?

You need two sets of credentials:

  • The application credentials that allow you to log in to your new Bitnami application. These credentials consist of a username and password.
  • The server credentials that allow you to log in to your AWS Cloud server using an SSH client and execute commands on the server using the command line. These credentials consist of an SSH username and key.

Watch the following video to learn quickly how to obtain the application credentials of those applications deployed using the AWS Console:

What are the default ports?

A port is an endpoint of communication in an operating system that identifies a specific process or a type of service. Bitnami stacks include several services or servers that require a port.

Remember that if you need to open some ports you can follow the instructions given in the FAQ to learn how to open the server ports for remote access.

Port 22 is the default port for SSH connections.

Bitnami opens some ports for the main servers. These are the ports opened by default: 80, 443.

How to start or stop the services?

Each Bitnami stack includes a control script that lets you easily stop, start and restart services. The script is located at /opt/bitnami/ Call it without any service name arguments to start all services:

$ sudo /opt/bitnami/ start

Or use it to restart a single service, such as Apache only, by passing the service name as argument:

$ sudo /opt/bitnami/ restart apache

Use this script to stop all services:

$ sudo /opt/bitnami/ stop

Restart the services by running the script without any arguments:

$ sudo /opt/bitnami/ restart

Obtain a list of available services and operations by running the script without any arguments:

$ sudo /opt/bitnami/

How to change the WordPress domain name?

If you are using WordPress v3.3.1-5 or higher, only specify your domain name in the /opt/bitnami/apps/wordpress/htdocs/wp-config.php file. Edit and replace the following lines as shown, remembering to replace the DOMAIN placeholder with the actual domain name you wish to use:

define('WP_SITEURL', 'http://' . $_SERVER['HTTP_HOST'] . '/');
define('WP_HOME', 'http://' . $_SERVER['HTTP_HOST'] . '/');


define('WP_SITEURL', 'http://DOMAIN/');
define('WP_HOME', 'http://DOMAIN/');
NOTE: Your domain name should be correctly propagated for this to work. You can verify the new DNS record by using the Global DNS Propagation Checker and entering your domain name into the search field.

How to change the interface language?

Bitnami WordPress has already installed English and Spanish translations currently. To change the WordPress language, follow the steps below:

Change language using the WordPress administration panel

If the language you wish to use is already available in WordPress, follow these steps:

  • Log in to the WordPress administration panel.

  • Click on the "Settings -> General" tab located in the menu on the left.

  • Scroll down until "Site Language" and select the one you prefer and click ."Save Changes".

WordPress change language

Change language manually

If the language you wish to use is not available in WordPress, you must first install the necessary translation files:

  • Download the translation files for your language from

  • Once you have downloaded the files, copy the .po and .mo files into the /opt/bitnami/apps/wordpress/htdocs/wp-content/languages directory. If this directory does not exist, create it manually as follows:

     $ sudo mkdir /opt/bitnami/apps/wordpress/htdocs/wp-content/languages
  • Log in to the WordPress administration panel.

  • Click on the "Settings -> General" tab located in the menu on the left.

  • Scroll down until "Site Language". The newly-installed language should now appear in the list. Select it and click "Save Changes".

WordPress change language

How to access the administration panel?

Access the administration panel by browsing to http://SERVER-IP/wp-admin/.

How to reset the WordPress admin password from the command line?

Use the command below to reset the administrator password from the command line. Remember to replace the NEWPASSWORD placeholder with your desired password.

$ mysql -u root -p bitnami_wordpress -e "UPDATE wp_users SET user_pass=MD5('NEWPASSWORD') WHERE ID='1';"

How to disable the WordPress cron script?

The wp-cron.php script will run once a user visits your site. If you get a lot of traffic, this could be a problem. This cron task is really necessary when you make updates in the blog. You can move this cron script to a system cron task to help lower resource usage on the server.

Disable the wp-cron.php script in the /opt/bitnami/apps/wordpress/htdocs/wp-config.php file. The location is important - add the line below just before the database settings:

 define('DISABLE_WP_CRON', true);

Then, add the cron task to the system. For example, this cron task will run the wp-cron.php process every hour. You can add it using the following command:

 $ sudo crontab -e
 0 * * * * su daemon -s /bin/sh -c "cd /opt/bitnami/apps/wordpress/htdocs/; /opt/bitnami/php/bin/php -q wp-cron.php"

How to enable multi-site support?

Use the Bitnami WordPress Multisite Stack.

How to configure outbound email settings?

You can install or enable the "WP Mail SMTP" plugin from the WordPress administration page. Follow these steps to activate this plugin.

  • Log in to the WordPress administration panel.
  • Navigate to "Plugins" and click the "Activate" option for the "WP-Mail-SMTP" plugin.

    Activate WP-Mail-SMTP

  • Go to the "Settings -> WP Mail SMTP" panel and the "Settings" tab to configure the SMTP settings of your email provider. Select "Other SMTP" as the mailer.

    Mailer selection

  • Here is an example of configuring WordPress to use a Gmail account. Replace USERNAME and PASSWORD with your Gmail account username and password respectively.
    • SMTP Host:
    • SMTP Port: 587
    • Encryption: Use TLS encryption.
    • Authentication: On
    • SMTP Username:
    • SMTP Password: PASSWORD

      WordPress SMTP Options

    If you are using a different provider, remember to replace these values with the valid data for your SMTP provider.

  • Click "Save Settings" to save the changes.
  • Send a test email using the "Email Test" tab to ensure that everything is working smoothly.

To configure the application to use the SMTP service provided by Amazon Simple Email Service (SES), refer to the guide on using Amazon SES.

To configure the application to use other third-party SMTP services for outgoing email, such as SendGrid or Mandrill, refer to the FAQ.

Troubleshooting Gmail SMTP issues

If you are using Gmail as the outbound email server and you are not able to send email correctly, Google may be blocking sign-in attempts from your apps or devices. Depending on whether or not you use Google Apps, the steps to correct this will differ.

For Google Apps users

If you are a Google Apps user, you will need your administrator to allow users to change the policy for less secure apps. If you are a Google Apps administrator, follow these steps:

  • Browse to the Google Apps administration panel.

  • Click on "Security" and then "Basic settings".

  • Look for the section "Less secure apps" and then click on "Go to settings for less secure apps".

  • Select "Allow users to manage their access to less secure apps".

For other Google users

If you do not use Google Apps, follow the steps in the following sections, depending on whether 2-step verification has been enabled on the account or not.

If 2-step verification has not been enabled on the account, follow these steps:

  • Browse to the "Less secure apps" page and log in using the account you are having problems with. This option is typically required by many popular email clients, such as Outlook and Thunderbird, and should not be considered unsafe.

  • Select the "Turn on" option.

    Security settings

If 2-step verification has been enabled on the account, you have to generate an app password. Follow these steps:

  • Browse to the "App passwords" page.

  • Click "Select app" and choose the app you're using.

  • Click "Select device" and choose the device you're using.

  • Click the "Generate" button.

  • Enter the app password on your device.

  • Click the "Done" button.

Here are other options you may try:

  • Browse to the web version of Gmail and sign in to your account. Once you're signed in, try to enable access for the application again.

  • Browse to the "Unlock Captcha" function page and sign in with your Gmail username and password.

  • Disable IMAP from the Gmail web server interface and enable it again.

    IMAP settings

How to install a plugin on WordPress?

You can install any plugin or theme from the WordPress administration panel.

  • Browse to the "Plugins -> Install Plugins" menu item and then click the "Add New" button to search for plugins.

    WordPress plugin installation

  • Once you find a plugin, click the "Install Now" button to download and install it.

    WordPress plugin installation

  • Once the plugin is installed, activate it from the "Install Plugins" page. You can also deactivate it later if you wish.

    WordPress plugin installation

For more information about installing and managing plugins, such as Full API Access, refer to the WordPress documentation.

How to install the All-in-One WP migration plugin?

The following steps assume that

  • You are using the Bitnami WordPress Stack (not the WordPress Multisite) and
  • You are able to log in to the WordPress dashboard by visiting http://SERVER-IP/wp-admin.php.

Follow these steps:

  • Log in to your WordPress dashboard.
  • Select the "Plugins -> Installed Plugins" option.
  • Find the plugin named "All-in-One WP Migration" and select "Activate" to activate it.

    WordPress plugin configuration

    NOTE: If you are using a version of the Bitnami WordPress Stack lower than v4.0, the "All-in-One WP Migration" plugin is not pre-installed. You must manually install the plugin first following these instructions.

The plugin will now be installed.

How to install the WP Encrypt plugin for Let's Encrypt certificate generation?

Development of the WP Encrypt plugin is currently on hold.

If you wish to use a Let's Encrypt certificate with WordPress, you will find detailed instructions in our Let's Encrypt guide.

How to install the Amazon Polly plugin in WordPress?

NOTE: The Amazon Polly WordPress plugin requires an Amazon Web Services (AWS) account. If you don't have an AWS account, you can register for one on the AWS website.

Amazon Polly is a text-to-speech service from Amazon Web Services. It supports multiple languages and voices, and its audio stream can be played back directly in an application or stored in a standard file format.

Amazon Polly can be used in WordPress via the included Amazon Polly plugin, which is activated by default. To configure it, follow these steps:

  • Log in to the AWS Console.
  • In the AWS services menu, scroll down until you see the "Security, Identity & Compliance" section. Select the IAM service.
  • Select the "Policies" menu item and click the "Create Policy" button.

    AWS policy creation

  • On the next page, select the JSON tab and enter the following content:

          "Version": "2012-10-17",
          "Statement": [
                  "Sid": "Permissions1",
                  "Effect": "Allow",
                  "Action": [
                  "Resource": "*"
                  "Sid": "Permissions2",
                  "Effect": "Allow",
                  "Action": [
                  "Resource": "arn:aws:s3:::audio_for_wordpress*"

    Click "Review Policy" to proceed.

    AWS policy creation

  • Set the policy name to "PollyForWordPressPolicy" and click "Create Policy" to save the new policy.

    AWS policy creation

  • Select the "Users" section in the left navigation bar and click the "Add user" button.

    AWS user creation

  • On the "Details" page, enter a user name for use with the plugin. Ensure that the "Programmatic access" checkbox in the "Select AWS access type" section is selected. Click the "Next: Permissions" button to proceed.

    AWS user creation

  • On the "Permissions" page, select the option to "Attach existing policies directly". From the list of policies, find the new "PollyForWordPressPolicy" policy. Select it and click the "Next: Review" button.

    AWS user creation

  • On the "Review" page, review the selected options and click the "Create user" button.
  • A new user and corresponding key pair, consisting of an "Access Key ID" and "Secret Access Key", will be generated and displayed. The "Secret Access Key" value will not be displayed again, so it is important to accurately note down the "Access Key ID" and "Secret Access Key" values displayed on the screen at this point.

    AWS credentials creation

  • Log out of the AWS Console.
  • Log in to your WordPress dashboard.
  • Select the "Plugins -> Installed Plugins" menu item.
  • Find the "Amazon Polly" plugin and click the "Activate" link to activate it.

    Plugin activation

  • Select the "Settings -> Amazon Polly" menu item.
  • Enter the AWS Access Key and Secret Key obtained earlier and click "Save Changes".

    Plugin configuration

You can verify that the plugin is working by creating and publishing a new post. The published version of the post should automatically display an Amazon Polly audio bar with playback controls. Clicking the "Play" button should result in Amazon Polly reading out the content of the post.

Plugin usage

How to install WP-DBManager?

If you install WP-DBManager you will need to create the /opt/bitnami/apps/wordpress/htdocs/wp-content/backup-db directory. To do it, you must connect to your machine through SSH, and run this command:

   $ mkdir /opt/bitnami/apps/wordpress/htdocs/wp-content/backup-db

Once you have done it, you must add the htaccess example provided by the plugin into the htaccess.conf file and you must create an empty .htaccess file in the backup-db directory to pass the plugin checks. To do it, run the commands below:

   $ echo '<Directory "/opt/bitnami/apps/wordpress/htdocs/wp-content/backup-db">' >> /opt/bitnami/apps/wordpress/conf/htaccess.conf
   $ cat /opt/bitnami/apps/wordpress/htdocs/wp-content/plugins/wp-dbmanager/htaccess.txt >> /opt/bitnami/apps/wordpress/conf/htaccess.conf
   $ echo '</Directory>' >> /opt/bitnami/apps/wordpress/conf/htaccess.conf
   $ touch /opt/bitnami/apps/wordpress/htdocs/wp-content/backup-db/.htaccess

Finally, once you activate the plugin in your WordPress dashboard, you must ensure that in the plugin DB Option the mysql and mysqldump paths are correct. For example, use the paths /opt/bitnami/mysql/bin/mysql and /opt/bitnami/mysql/bin/mysqldump.

How to install the Accelerated Mobile Pages (AMP) plugin in WordPress?

Install the Accelerated Mobile Pages (AMP) plugin via the WordPress dashboard and run a scan of your WordPress installation, as follows:

  • Log in to your WordPress dashboard.
  • Select the "Plugins -> Add New" option.
  • Type "amp" in the search box.
  • Install the "AMP" plugin by clicking the "Install Now" button.

    WordPress plugin installation

  • Click the "Activate plugin" link.

    WordPress plugin installation

You can verify that the plugin is working by adding /amp prefix to any WordPress post URL, as shown below:

WordPress AMP post

Read more about the Accelerated Mobile Pages project.

NOTE: As of this writing, the AMP plugin only works for WordPress posts and not pages.

How to enable CORS in WordPress?

Edit the WordPress configuration file for Apache (/opt/bitnami/apps/wordpress/conf/httpd-app.conf) and add the following line inside the Directory directive

<Directory /opt/bitnami/apps/wordpress/htdocs/>
Header set Access-Control-Allow-Origin "*"

Enable other methods or headers for other directories (e.g /opt/bitnami/apps/wordpress/htdocs/wp-admin):

<Directory /opt/bitnami/apps/wordpress/htdocs/wp-admin>
Header set Access-Control-Allow-Origin "\*"
Header set Access-Control-Allow-Methods "GET, OPTIONS, POST"
Header set Access-Control-Allow-Headers "origin, x-requested-with, content-type, accept"

If the request is an OPTIONS request, the script exits with either access control headers sent, or a 403 response if the origin is not allowed. By default, only the server where the application is hosted is allowed (see /opt/bitnami/apps/wordpress/htdocs/wp-includes/http.php). For other request methods, you will receive a return value.

How to enable installed plugins?

Bitnami WordPress Stack comes with the following plugins preinstalled but disabled:

  • Akismet
  • All in One Seo Pack
  • All in One WP Migration
  • Google Analytics for WordPress
  • Jetpack
  • Simple tags
  • WordPress MU Domain Mapping
  • WP Mail STMP

Bitnami WordPress Stack v4.5.1-0 removed several plugins, such as "Contact Form", "WP Touch" and "Google XML Sitemaps". The functionality previously provided by those plugins is now included in the Jetpack plugin in form of switchable features.

All the installed plugins are disabled by default. To enable them follow the instructions below:

  • Log in to the WordPress dashboard.
  • Browse to the "Plugins" menu item.
  • Look for the plugin you want to activate and click the "Activate" link that appears below the plugin name.

    WordPress enable plugins

To enable several plugins at once, follow the instructions below:

  • Select the checkboxes of the plugins to be enabled.
  • Click the dropdown that says "Bulk Actions", select "Activate" and click on the "Apply" button next to the dropdown.

    WordPress enable plugins

How to create a full backup of WordPress?


The Bitnami WordPress Stack is self-contained and the simplest option for performing a backup is to copy or compress the Bitnami stack installation directory. To do so in a safe manner, you will need to stop all servers, so this method may not be appropriate if you have people accessing the application continuously.

Follow these steps:

  • Change to the directory in which you wish to save your backup:

      $ cd /your/directory
  • Stop all servers:

      $ sudo /opt/bitnami/ stop
  • Create a compressed file with the stack contents:

      $ sudo tar -pczvf application-backup.tar.gz /opt/bitnami
  • Restart all servers:

      $ sudo /opt/bitnami/ start

You should now download or transfer the application-backup.tar.gz file to a safe location.


Follow these steps:

  • Change to the directory containing your backup:

      $ cd /your/directory
  • Stop all servers:

      $ sudo /opt/bitnami/ stop
  • Move the current stack to a different location:

      $ sudo mv /opt/bitnami /tmp/bitnami-backup
  • Uncompress the backup file to the original directoryv

      $ sudo tar -pxzvf application-backup.tar.gz -C /
  • Start all servers:

      $ sudo /opt/bitnami/ start

If you want to create only a database backup, refer to these instructions for MySQL and PostgreSQL.

How to upgrade WordPress?

It is strongly recommended to create a backup before starting the update process. If you have important data, create and try to restore a backup to ensure that everything works properly.

You can update WordPress easily from its administration panel, as follows:

  • Log in to WordPress using the administrator account.

  • Select the "Dashboard -> Updates" menu item.

    WordPress update

  • Review the resulting page to see if WordPress needs an update. If an update is available, you can install it by clicking the "Update Now" button.

    WordPress update

How to enable HTTPS support with SSL certificates?

NOTE: The steps below assume that you are using a custom domain name and that you have already configured the custom domain name to point to your cloud server.

Bitnami images come with SSL support already pre-configured and with a dummy certificate in place. Although this dummy certificate is fine for testing and development purposes, you will usually want to use a valid SSL certificate for production use. You can either generate this on your own (explained here) or you can purchase one from a commercial certificate authority.

Once you obtain the certificate and certificate key files, you will need to update your server to use them. Follow these steps to activate SSL support:

  • Use the table below to identify the correct locations for your certificate and configuration files.

    Variable Value
    Current application URL https://[custom-domain]/
      Example: or
    Apache configuration file /opt/bitnami/apache2/conf/bitnami/bitnami.conf
    Certificate file /opt/bitnami/apache2/conf/server.crt
    Certificate key file /opt/bitnami/apache2/conf/server.key
    CA certificate bundle file (if present) /opt/bitnami/apache2/conf/server-ca.crt
  • Copy your SSL certificate and certificate key file to the specified locations.

    NOTE: If you use different names for your certificate and key files, you should reconfigure the SSLCertificateFile and SSLCertificateKeyFile directives in the corresponding Apache configuration file to reflect the correct file names.
  • If your certificate authority has also provided you with a PEM-encoded Certificate Authority (CA) bundle, you must copy it to the correct location in the previous table. Then, modify the Apache configuration file to include the following line below the SSLCertificateKeyFile directive. Choose the correct directive based on your scenario and Apache version:

    Variable Value
    Apache configuration file /opt/bitnami/apache2/conf/bitnami/bitnami.conf
    Directive to include (Apache v2.4.8+) SSLCACertificateFile "/opt/bitnami/apache2/conf/server-ca.crt"
    Directive to include (Apache < v2.4.8) SSLCertificateChainFile "/opt/bitnami/apache2/conf/server-ca.crt"
    NOTE: If you use a different name for your CA certificate bundle, you should reconfigure the SSLCertificateChainFile or SSLCACertificateFile directives in the corresponding Apache configuration file to reflect the correct file name.
  • Once you have copied all the server certificate files, you may make them readable by the root user only with the following commands:

     $ sudo chown root:root /opt/bitnami/apache2/conf/server*
     $ sudo chmod 600 /opt/bitnami/apache2/conf/server*
  • Open port 443 in the server firewall. Refer to the FAQ for more information.

  • Restart the Apache server.

You should now be able to access your application using an HTTPS URL.

How to create an SSL certificate?

OpenSSL is required to create an SSL certificate. A certificate request can then be sent to a certificate authority (CA) to get it signed into a certificate, or if you have your own certificate authority, you may sign it yourself, or you can use a self-signed certificate (because you just want a test certificate or because you are setting up your own CA).

Follow the steps below:

  • Generate a new private key:

     $ sudo openssl genrsa -out /opt/bitnami/apache2/conf/server.key 2048
  • Create a certificate:

     $ sudo openssl req -new -key /opt/bitnami/apache2/conf/server.key -out /opt/bitnami/apache2/conf/cert.csr
    IMPORTANT: Enter the server domain name when the above command asks for the "Common Name".
  • Send cert.csr to the certificate authority. When the certificate authority completes their checks (and probably received payment from you), they will hand over your new certificate to you.

  • Until the certificate is received, create a temporary self-signed certificate:

     $ sudo openssl x509 -in /opt/bitnami/apache2/conf/cert.csr -out /opt/bitnami/apache2/conf/server.crt -req -signkey /opt/bitnami/apache2/conf/server.key -days 365
  • Back up your private key in a safe location after generating a password-protected version as follows:

     $ sudo openssl rsa -des3 -in /opt/bitnami/apache2/conf/server.key -out privkey.pem

    Note that if you use this encrypted key in the Apache configuration file, it will be necessary to enter the password manually every time Apache starts. Regenerate the key without password protection from this file as follows:

     $ sudo openssl rsa -in privkey.pem -out /opt/bitnami/apache2/conf/server.key

Find more information about certificates at

How to force HTTPS redirection?

Add the following to the top of the /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf file:

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]

After modifying the Apache configuration files:

  • Open port 443 in the server firewall. Refer to the FAQ for more information.

  • Restart Apache to apply the changes.

How to debug Apache errors?

Once Apache starts, it will create two log files at /opt/bitnami/apache2/logs/access_log and /opt/bitnami/apache2/logs/error_log respectively.

  • The access_log file is used to track client requests. When a client requests a document from the server, Apache records several parameters associated with the request in this file, such as: the IP address of the client, the document requested, the HTTP status code, and the current time.

  • The error_log file is used to record important events. This file includes error messages, startup messages, and any other significant events in the life cycle of the server. This is the first place to look when you run into a problem when using Apache.

If no error is found, you will see a message similar to:

Syntax OK

Updating the IP address or hostname

WordPress requires updating the IP address/domain name if the machine IP address/domain name changes. The bnconfig tool also has an option which updates the IP address, called --machine_hostname (use --help to check if that option is available for your application). Note that this tool changes the URL to http://NEW_DOMAIN/wordpress.

$ sudo /opt/bitnami/apps/wordpress/bnconfig --machine_hostname NEW_DOMAIN

If you have configured your machine to use a static domain name or IP address, you should rename or remove the /opt/bitnami/apps/wordpress/bnconfig file.

$ sudo mv /opt/bitnami/apps/wordpress/bnconfig /opt/bitnami/apps/wordpress/bnconfig.disabled
NOTE: Be sure that your domain is propagated. Otherwise, this will not work. You can verify the new DNS record by using the Global DNS Propagation Checker and entering your domain name into the search field.

You can also change your hostname by modifying it in your hosts file. Enter the new hostname using your preferred editor.

$ sudo nano /etc/hosts
  • Add a new line with the IP address and the new hostname. Here's an example. Remember to replace the IP-ADDRESS and DOMAIN placeholders with the correct IP address and domain name.


How to find the database credentials?

How to connect to the MySQL database?

You can connect to the MySQL database from the same computer where it is installed with the mysql client tool.

$ mysql -u root -p

You will be prompted to enter the root user password. This is the same as the application password.

How to debug errors in your database?

The main log file is created at /opt/bitnami/mysql/data/mysqld.log on the MySQL database server host.

How to change the MySQL root password?

You can modify the MySQL password using the following command at the shell prompt. Replace the NEW_PASSWORD placeholder with the actual password you wish to set.

$ /opt/bitnami/mysql/bin/mysqladmin -p -u root password NEW_PASSWORD

How to reset the MySQL root password?

If you don't remember your MySQL root password, you can follow the steps below to reset it to a new value:

  • Create a file in /home/bitnami/mysql-init with the content shown below (replace NEW_PASSWORD with the password you wish to use):

     UPDATE mysql.user SET Password=PASSWORD('NEW_PASSWORD') WHERE User='root';

    If your stack ships MySQL v5.7.x, use the following content instead of that shown above:

     UPDATE mysql.user SET authentication_string=PASSWORD('NEW_PASSWORD') WHERE User='root';
    TIP: Check the MySQL version with the command /opt/bitnami/mysql/bin/mysqladmin --version or /opt/bitnami/mysql/bin/mysqld --version.
  • Stop the MySQL server:

     $ sudo /opt/bitnami/ stop mysql
  • Start MySQL with the following command:

     $ sudo /opt/bitnami/mysql/bin/mysqld_safe --pid-file=/opt/bitnami/mysql/data/ --datadir=/opt/bitnami/mysql/data --init-file=/home/bitnami/mysql-init 2> /dev/null &
  • Restart the MySQL server:

     $ sudo /opt/bitnami/ restart mysql
  • Remove the script:

     $ rm /home/bitnami/mysql-init

How to access phpMyAdmin?

For security reasons, phpMyAdmin is accessible only when using as the hostname. To access it from a remote system, you must create an SSH tunnel that routes requests to the Web server from This implies that you must be able to connect to your server over SSH in order to access these applications remotely.

IMPORTANT: Before following the steps below, ensure that your Web and database servers are running.
NOTE: The steps below suggest using port 8888 for the SSH tunnel. If this port is already in use by another application on your local machine, replace it with any other port number greater than 1024 and modify the steps below accordingly. Similarly, if you have enabled Varnish, your stack's Web server might be running on port 81. In this case, modify the steps below to use port 81 instead of port 80 for the tunnel endpoint.

Accessing phpMyAdmin on Windows

Watch the following video to learn how to easily access phpMyAdmin on Windows through an SSH tunnel:

In order to access phpMyAdmin via SSH tunnel you need an SSH client. In the instructions below we have selected PuTTY, a free SSH client for Windows and UNIX platforms. The first step is having PuTTY configured. Please, check how to configure it in the section how to connect to the server through SSH using an SSH client on Windows.

Once you have your SSH client correctly configured and you tested that you can successfully access to your instance via SSH, you need to create an SSH tunnel in order to access phpMyAdmin. For doing so, follow these steps:

  • In the "Connection -> SSH -> Tunnels" section, add a new forwarded port by introducing the following values:

    • Source port: 8888
    • Destination: localhost:80

    This will create a secure tunnel by forwarding a port (the "destination port") on the remote server to a port (the "source port") on the local host ( or localhost).

  • Click the "Add" button to add the secure tunnel configuration to the session. (You'll see the added port in the list of "Forwarded ports").

    PuTTY configuration

  • In the "Session" section, save your changes by clicking the "Save" button.
  • Click the "Open" button to open an SSH session to the server. The SSH session will now include a secure SSH tunnel between the two specified ports.
  • Access the phpMyAdmin console through the secure SSH tunnel you created, by browsing to
  • Log in to phpMyAdmin by using the following credentials:

    • Username: root
    • Password: application password. (Refer to our FAQ to learn how to find your application credentials).

Here is an example of what you should see:

Access phpMyAdmin

If you are unable to access phpMyAdmin, verify that the SSH tunnel was created by checking the PuTTY event log (accessible via the "Event Log" menu):

PuTTY configuration

Accessing phpMyAdmin on Linux and Mac OS X

To access the application using your Web browser, create an SSH tunnel, as described below.

  • Open a new terminal window on your local system (for example, using "Finder -> Applications -> Utilities -> Terminal" in Mac OS X or the Dash in Ubuntu).
  • Make sure that you have your SSH credentials (.pem key file) in hand.
  • Run the following command to configure the SSH tunnel. Remember to replace KEYFILE with the path to your private key and SERVER-IP with the public IP address or hostname of your server:

       $ ssh -N -L 8888: -i KEYFILE bitnami@SERVER-IP
NOTE: If successful, the above command will create an SSH tunnel but will not display any output on the server console.
  • Access the phpMyAdmin console through the secure SSH tunnel you created, by browsing to
  • Log in to phpMyAdmin by using the following credentials:

    • Username: root
    • Password: application password. (Refer to our FAQ to learn how to find your application credentials).

Here is an example of what you should see:

Access phpMyAdmin

How to modify PHP settings?

The PHP configuration file allows you to configure the modules enabled, the email settings or the size of the upload files. It is located at /opt/bitnami/php/etc/php.ini.

For example, to modify the default upload limit for PHP, update the PHP configuration file following these instructions.

After modifying the PHP configuration file, restart both Apache and PHP-FPM for the changes to take effect:

$ sudo /opt/bitnami/ restart apache
$ sudo /opt/bitnami/ restart php-fpm

How to modify the allowed limit for uploaded files?

Modify the following options in the /opt/bitnami/php/etc/php.ini file to increase the allowed size for uploads:

; Maximum size of POST data that PHP will accept.
post_max_size = 16M

; Maximum allowed size for uploaded files.
upload_max_filesize = 16M

Restart PHP-FPM and Apache for the changes to take effect.

$ sudo /opt/bitnami/ restart apache
$ sudo /opt/bitnami/ restart php-fpm    

How to upload files to the server with SFTP?

Although you can use any SFTP/SCP client to transfer files to your server, the link below explains how to configure FileZilla (Windows, Linux and Mac OS X), WinSCP (Windows) and Cyberduck (Mac OS X). It is required to use your server's private SSH key to configure the SFTP client properly. Choose your preferred application and follow the steps in the link below to connect to the server through SFTP.

How to upload files to the server

How to enforce WordPress security?

How to detect malicious software on a WordPress installation?

Install the Wordfence Security plugin via the WordPress dashboard and run a scan of your WordPress installation, as follows:

  • Log in to your WordPress dashboard.
  • Select the "Plugins -> Add New" option.
  • Type "wordfence" in the search box.
  • Install the "Wordfence Security" plugin by clicking the "Install Now" button.

    WordPress plugin installation

  • Click the "Activate plugin" link. A new entry should now appear in the left navigation menu.

    WordPress plugin installation

  • Click the "Wordfence" menu item and then the "Start a Wordfence Scan" option.
  • Wait until the scan ends.

    WordPress plugin installation

How to re-enable the XML-RPC pingback feature?

A pingback is a special type of comment that is created when you link to another blog post and it is a functionality of the WordPress XML-RPC module.

IMPORTANT: Since the Bitnami WordPress Stack 4.4.2-3, the pingback feature in the XML-RPC module has been disabled.

Other XML-RPC features continue working as before so you can still publish content in your WordPress blog/website from Web clients or smartphone apps.

In order to enable it again, edit the WordPress configuration file (located at /opt/bitnami/apps/wordpress/htdocs/wp-config.php) and remove the last two filters related to XML-RPC and pingback. Specifically these lines:

    // remove x-pingback HTTP header
    add_filter('wp_headers', function($headers) {
      return $headers;
    // disable pingbacks
      add_filter( 'xmlrpc_methods', function( $methods ) {
      unset( $methods[''] );
      return $methods;

Why is pingback functionality disabled by default?

WordPress implements an interface to use the XML-RPC protocol. This allows features like remote publishing from Web clients, smartphone apps and more. You can find more info in the WordPress Codex XML-RPC Page.

The XML-RPC feature of WordPress is known to be susceptible to two types of attacks:

If most of the entries in your logs come from the same IP address, it's likely your site is either under a brute force amplification attack or being used to launch a pingback attack towards a different site. If the entries come from different IP addresses, your site is probably the victim of a pingback attack.

Please keep in mind that none of these attacks are related to a security issue, but are the result of abusing pingbacks and the XML-RPC mechanism.

The DDoS attack became more popular after WordPress version 3.5 was released with the pingback feature enabled by default.

Current countermeasures:

  • Since Bitnami WordPress Stack 4.4, the brute force amplification attack is no longer exploitable, although a common brute force attack is still possible.
  • Since Bitnami WordPress Stack 4.4.2-3, the pingback feature has been disabled. This means a malicious agent won't be able to use your WordPress to perform DDoS attacks on other instances.
  • We also ship the Jetpack plugin, which can help protect a site against Brute Force attacks thanks to the Protect module. You can find more information at Jetpack website. The plugin is inactive by default, you should enable it using the WordPress admin panel.

Even with these actions, you will still be vulnerable to common brute force attacks using the XML-RPC module.

Apart from these, there are at least two more countermeasures you can apply, although each one has their own drawbacks:

  • Enable mod_security: The mod_security Apache module supplies an array of request filtering and other security features to the Apache HTTP server.
  • Disable XML-RPC: It will avoid both types of attacks but smartphone apps, remote publishing and some plugins won't work. You can find more information at this blog post about disabling XML-RPC in WordPress.
  • Block the offending IP addresses: This should be considered a fragile, short-term solution.

Troubleshooting WordPress

I cannot access my WordPress application

First, check that the URL is correct and the servers are running. If the server has recently restarted, the domain name and IP address could have changed. Check in the server administration panel that you are trying to access the correct URL.

To check if the servers are running, connect to the remote machines and run the following commands:

 $ sudo /opt/bitnami/ status
 $ sudo /opt/bitnami/ restart

If the servers are not running, check the web and database servers log files.

WordPress cannot load images or CSS

This usually happens when the server's IP address changes. WordPress saves the IP address or the domain name in the database so if the IP address changes, it is necessary to update the database as well.

Issue in WordPress with CSS or images

Use the MySQL command-line client to change the exact field in the database:

$ sudo mysql -u root -p -e "USE bitnami_wordpress; UPDATE wp_options SET option_value='http://SERVER-IP:PORT/wordpress/' WHERE option_name='siteurl' OR option_name='home';"

WordPress tries to contact external sites when I log in. What can I do?

WordPress tries to contact external resources such as,, or Most of these connections are performed to feed the widgets in the dashboard and are completely harmless. To prevent them, remove the widgets by selecting the "Screen Options" menu in the top right corner:

Screen Option

Then, deselect all the widgets:

Dashboard Widgets

Note some external connections may still be seen when WordPress or its plugins check for updates.

The plugin I installed is not working

Bitnami Wordpress is configured taking security in mind. It means that permissions for the configuration files are tied up. While Wordpress will work with most of plugins out there (and most popular ones), some plugins require further configuration or have issues with permissions (e.g. WP Super Cache).

If you are having permission issues while installing, activating or updating a plugin, log into your server and execute the following command:

$ sudo chmod g+w /opt/bitnami/apps/wordpress/htdocs/wp-config.php

Please retrieve the previous permissions configuration after activating the plugin.

$ sudo chmod g-w /opt/bitnami/apps/wordpress/htdocs/wp-config.php

Since Bitnami WordPress Stack 4.5-1, we ship WordPress with the latest version of PHP7. WordPress Core already supports PHP7 but some plugins may not support it yet. If you experience any issue with plugins related to this, check that the plugin you are installing already supports PHP7 or needs to be updated.

We also provide the latest version of WordPress, bundled with the latest version of PHP 5.6 that will avoid possible compatibility issues with plugins not prepared for PHP7. This version should be considered as legacy, WordPress recommends to move to PHP7.

WordPress enters into Maintenance mode after upgrading or activating a plugin. What can I do?

As mentioned before, Bitnami Wordpress is configured taking security in mind. It means that permissions for directories and files are strongly tied up. In the unlikely case that WordPress enters into Maintenance mode after upgrading or activating a plugin, you can try to disable all the plugins in the MySQL database named bitnami_wordpress by connecting to MySQL and running the SQL sentence below:

UPDATE wp_options SET option_value = 'a:0:{}' WHERE option_name = 'active_plugins';

You can connect to the bitnami_wordpress database using the user bn_wordpress and the random password located in the /opt/bitnami/apps/wordpress/htdocs/wp-config.php file running the command below:

$ mysql -u bn_wordpress -p bitnami_wordpress;

After that, restart all the services for changes to take effect running the command below and try to connect to your website again:

$ sudo /opt/bitnami/ restart

If you want to activate the plugin that caused you the issue, you need to upgrade it first and then connect to your server via SSH and execute:

$ sudo chown -R bitnami:daemon /opt/bitnami/apps/wordpress/htdocs/wp-content
$ sudo chmod -R g+w /opt/bitnami/apps/wordpress/htdocs/wp-content

After that, you should be able to activate the plugin from the WordPress Admin Panel.

How to configure Varnish for WordPress?

NOTE: The steps below assume that WordPress is already running at the root URL of the server, such as at

Follow these steps:

  • Log in to the server console using SSH.

  • Backup the Varnish configuration file:

     $ sudo cp /opt/bitnami/varnish/etc/varnish/default.vcl /opt/bitnami/varnish/etc/varnish/default.vcl.backup
  • Add the WordPress-specific Varnish configuration by executing the following commands:

    • For Varnish < 4.0:

        $ sudo cp wordpress.vcl /opt/bitnami/varnish/etc/varnish/default.vcl
        $ sudo sed -i 's/port\s*=\s*"[^"]*"/port = "80"/g' /opt/bitnami/varnish/etc/varnish/default.vcl
    • For Varnish >= 4.0:

        $ sudo cp wordpress.v4 /opt/bitnami/varnish/etc/varnish/default.vcl
        $ sudo sed -i 's/port\s*=\s*"[^"]*"/port = "80"/g' /opt/bitnami/varnish/etc/varnish/default.vcl
  • Restart Varnish:

     $ sudo /opt/bitnami/ restart varnish
  • Open port 81 in the server firewall.

  • Check if your website is being served properly by Varnish on port 81 by adding :81 to the domain name in your browser - for example, There is also a Web page to check Varnish status and obtain information about the configuration, at

  • If Varnish is working correctly, switch the Apache and Varnish ports and activate Varnish on port 80:

     $ sudo sed -i 's/^\s*Listen .*$/Listen 81/g' /opt/bitnami/apache2/conf/httpd.conf
     $ sudo sed -i 's/\:80/\:81/g' /opt/bitnami/apache2/conf/bitnami/bitnami.conf
     $ sudo sed -i 's/at port.*"/at port 81"/g' /opt/bitnami/apache2/scripts/
     $ sudo sed -i 's/\:80/\:81/g' /opt/bitnami/apps/*/conf/httpd-vhosts.conf
     $ sudo sed -i 's/=80/=81/g' /opt/bitnami/properties.ini
     $ sudo sed -i 's/port\s*=\s*"[^"]*"/port = "81"/g' /opt/bitnami/varnish/etc/varnish/default.vcl
     $ sudo sed -i 's/VARNISH_PORT=.*$/VARNISH_PORT=80/g' /opt/bitnami/varnish/scripts/
     $ sudo /opt/bitnami/ restart
  • Remove the firewall rule for port 81.

Download the different files used in the example as a reference:

How to optimize a default Bitnami WordPress install?

Web application performance problems are not easy to fix properly. The responsiveness of your application at a given moment depends on many factors: the application code, installed plugins, AWS load, server type, caching mechanism, etc.

The most common reason for performance issues is lack of any caching. Turning it on, which for most Bitnami stacks is not that difficult, dramatically improve the server performance.

IMPORTANT: To apply each cache plugin, it is assumed that your WordPress instance is already running at the domain root URL, such as at or Please use the bnconfig tool to accomplish this.

W3 Total Cache

Follow these steps:


If you have problems configuring W3 Total Cache, try to enable "Debug mode". Browse to the W3 Total Cache admin and select at least the "Page Cache" option in the "Debug" section. Then, browse to one of your Web pages and check the source code. There should be debugging information at the end, which you can use to check if caching works properly.

If WordPress is installed at the /wordpress path, there may be a conflict between the permalink rewrites and the ones added by the W3 Total Cache plugin. To resolve this, ensure that all the Rewrite entries are removed or commented out in the /opt/bitnami/apps/wordpress/conf/httpd-app.conf file:

WP Super Cache

Follow these steps:

  • Download the plugin from

  • Upload this directory to your plugins directory. It will create a /opt/bitnami/apps/wordpress/htdocs/wp-content/plugins/wp-super-cache/ directory.

  • If you are using WordPress MU or WordPress Multisite, activate it "network wide".

  • Browse to "Settings -> WP Super Cache" and enable caching.

Using mod_rewrite Caching

To enable this option, modify the file at /opt/bitnami/apps/wordpress/conf/htaccess.conf with the content that the application displays when you click the "Update Mod_rewrite rules" link. Update your htaccess.conf file so it looks like this:

<Directory "/opt/bitnami/apps/wordpress/conf/">
# BEGIN WPSuperCache
<IfModule mod_rewrite.c>
RewriteEngine On
# END WPSuperCache

Also add these lines to the bottom of the file:

<Directory "/opt/bitnami/apps/wordpress/htdocs/wp-content/cache">
    # BEGIN supercache
    <IfModule mod_mime.c>
        <FilesMatch "\.html\.gz$">
            ForceType text/html
            FileETag None
        AddEncoding gzip .gz
        AddType text/html .gz
    <IfModule mod_deflate.c>
        SetEnvIfNoCase Request_URI \.gz$ no-gzip
    <IfModule mod_headers.c>
        Header set Cache-Control 'max-age=3, must-revalidate'
    <IfModule mod_expires.c>
        ExpiresActive On
        ExpiresByType text/html A3
    </IfModule> `` # END supercache

If you have problems configuring WP Super Cache, try to enable "Debug mode". Browse to the WP Super Cache settings, click on "Debug" and enable the "debugging" option. One you have saved the changes, you will find the current log file at the top of the web page.

Prior installation

If you have WP-Cache installed already, please disable it. Edit wp-config.php and make sure that the WP_CACHE and WPCACHEHOME defines are deleted. Remove the files /opt/bitnami/apps/wordpress/htdocs/wp-content/wp-cache-config.php and /opt/bitnami/apps/wordpress/htdocs/wp-content/advanced-cache.php. These will be recreated when you install this plugin.

Quick Cache

Follow these steps:

Permission issues

You might see the following errors:

Permissions: Please check permissions on /wp-content/cache . Quick Cache needs write-access to this directory. Permissions need to be 755 or higher.
Permissions: Please check permissions on /wp-config.php . Quick Cache needs write-access to this file. Permissions need to be 755 or higher.

This arises because the default ownership of the application files is usually set to the bitnami user and daemon group, so users can edit the files directly as the bitnami user and the Web server is also able to read them. In this case, when the Web server needs to be able to modify any files or directories, it becomes necessary give write permissions to the group too.

Execute the commands below:

$ sudo chown -R bitnami:daemon /opt/bitnami/apps/wordpress/htdocs/wp-content/cache
$ sudo find /opt/bitnami/apps/wordpress/htdocs/wp-content/cache -type f -exec chmod 664 {} \;
$ sudo find /opt/bitnami/apps/wordpress/htdocs/wp-content/cache -type d -exec chmod 775 {} \;
$ sudo chown bitnami:daemon /opt/bitnami/apps/wordpress/htdocs/wp-config.php
$ sudo chmod g+w /opt/bitnami/apps/wordpress/htdocs/wp-config.php


This plugin uses the Minify engine to combine and compress JS and CSS files to improve page load time. There are several plugins for the same purpose: Minify, WP Minify or Better WordPress Minify. You can install one of them and it should improve your page load time. In all cases it is necessary to have WordPress running in the root URL.

How to move WordPress to a different URL path on the same domain?

By default, WordPress is available at the domain or IP address root URL, such as http://SERVER-IP or To move WordPress to a different path on the same domain or IP address, such as http://SERVER-IP/blog or, follow these steps:

  • Log in to the server console using SSH.
  • Edit the /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf file and find the lines below:

    #Alias /wordpress/ "/opt/bitnami/apps/wordpress/htdocs/"
    #Alias /wordpress "/opt/bitnami/apps/wordpress/htdocs"

    Uncomment and update the Alias directives to reflect the new path. For example, to move WordPress to the /blog path, update the file to look like this:

    Alias /blog/ "/opt/bitnami/apps/wordpress/htdocs/"
    Alias /blog "/opt/bitnami/apps/wordpress/htdocs"
  • Look for the lines below in the file /opt/bitnami/apps/wordpress/htdocs/wp-config.php file:

    define('WP_SITEURL', 'http://' . $_SERVER['HTTP_HOST'] . '/');
    define('WP_HOME', 'http://' . $_SERVER['HTTP_HOST'] . '/');

    Modify them to reflect the new path, as below:

    define('WP_SITEURL', 'http://' . $_SERVER['HTTP_HOST'] . '/blog');
    define('WP_HOME', 'http://' . $_SERVER['HTTP_HOST'] . '/blog');
  • Restart Apache:

    $ sudo /opt/bitnami/ restart apache

How to use the WP-CLI command line tool?

WP-CLI is the command-line interface for WordPress. You can update plugins, configure multisite installs and much more, without using a Web browser. It is already included with the Bitnami solution so you can start using it easily. In order to check that everything is working properly, you can run the info command:

$ /opt/bitnami/apps/apps/wordpress/bin/wp cli info
NOTE: The wp utility is also included in the system path so you can run the command without specifying the whole path to the file.

How to configure WordPress for cloud storage on Amazon S3?

NOTE: Before following the steps in this guide, ensure that you have an Amazon Web Services account with (optionally) an IAM user account and the corresponding AWS access key and secret key. You should also install and activate the Amazon Web Services plugin and the WP Offload S3 Lite plugin in your WordPress blog (instructions).

To configure Amazon S3 storage for your WordPress blog, follow these steps:

  • Log in to your server console.

  • Open the file /opt/bitnami/apps/wordpress/htdocs/wp-config.php in a text editor and add the following lines to the file, after the initial <?php PHP tag:

     define( 'AWS_ACCESS_KEY_ID', 'XXXX');
     define( 'AWS_SECRET_ACCESS_KEY', 'XXXX');

    Remember to replace the XXXX placeholder in the above lines with your actual AWS access key and secret key.

    S3 configuration

  • Save the file.


  • Log in to your WordPress blog as an administrator.

  • Select the "AWS -> S3 and Cloudfront" menu item.

  • On the resulting page, create a new S3 bucket to store your WordPress media files by entering a unique bucket name and hitting the "Create" button. You can also choose an existing bucket if you prefer.

  • Once the bucket has been created, you'll be transferred to a page where you can configure plugin behaviour. Ensure that the "Copy Files to S3" and "Rewrite File URLs" options are turned on. Other settings can be left at their default values or modified per your preference.

    S3 configuration

  • Click "Save Changes" to save your settings.

You can now add pages and posts to WordPress as normal. When you add a media file using the WordPress editor or media library, your media file will be uploaded to both the WordPress blog and the chosen S3 bucket.

The Amazon S3 and CloudFront plugin will automatically rewrite URLs so that the media is served from S3 instead of from your WordPress host. In the screenshot below, refer to the browser status bar, which shows the S3 bucket URL for the image.

S3 usage in WordPress