CMS - Installing Wordpress

October 2016


WordPress isone of the most popular a content management software (CMS) that allows you to create and easily manage an entire website or blog. In addition, WordPress is free and customizable with many themes and extensions. Word press also posses a strong community around the world.

With some basic skills in computer and web technologies, you easily create your own website and publish its own content.

System Requirements

To install Wordpress you need:
  • PHP 4.3 or later
  • MySQL 4.0 or later
  • The module for rewriting url in Apache


  • Download and Extract
  • Download Wordpress here, then unzip the archive.
  • Copy files on server
    • Use your favorite FTP client to upload the entire contents of the Wordpress directory (but not the directory itself) into the root directory of your website or in a subdirectory.
  • Database
    • Open PHPMyAdmin interface provided by your host.
    • If no database has been created, create one.
    • You also need the password for connecting to databases. (provided by your host)
  • Runnig the Installation Script
    • In your browser, go to the following address:
  • or if you installed Wordpress in a subdirectory 
  • Click on next.
  • Enter the information needed to connect to the database, then click OK.
  • Run the installer.
  • Click "Install Wordpress"
  • Wait for the installation to be completed.
  • A password is generated and is sent to you by e-mail.
  • You can now login to the admin interface.

Securing your application

Replacing the admin account

The first thing that hackers attempt to your blog is to hack the account "Admin".
Tip: Create a specific account for the administration with admin rights, then delete the default admin account.

Do not use this account "new administrator" account to post articles. Thus the hacker will not even know the login to administer the account and make piracy even more difficult.

Keep Wordpress Updated

Security holes are sometimes found in Wordpress.
Monitor new releases, and do not delay installing them.

The delay in installing the updates has already led to massive piracy of blogs in the past.

To check if you're up to date, go to the Wordpress configuration: Tools> Update.
You'll see immediately if you use the latest version.

Edit salt

To reduce the risk of recovery passwords (by rainbow-tables attack, for example), change the following settings in your wp-config.php:
define('AUTH_KEY', 'put your unique phrase here');  
define('SECURE_AUTH_KEY', 'put your unique phrase here');  
define('LOGGED_IN_KEY', 'put your unique phrase here');  
define('NONCE_KEY', 'put your unique phrase here');  

Replace put your unique phrase here by a long string of random characters, different for each of 4 parameters.
For example:

The aim is to enhance the encryption and hashing passwords and cookies to prevent certain types of attack.

Installation at

  • If you want to install Wordpress on, there are 2 small changes that must be made:
  • First, create a file .htaccess at the root of your Wordpress (i.e in the same directory as wp-config.php) containing these two lines:
  • php 1    
ErrorDocument 404 /index.php
  • Then change a line in the file \wp-admin\includes\misc.php:
  • Replace:
  • return insert_with_markers( $htaccess_file, 'WordPress', $rules );
  • by:
  • return true;
  • and continue the installation of Wordpress.
  • Remember to check your SQL database or make backups, simply go to enter your login/password.


Thanks to jeantube for this tip.

Related :

This document entitled « CMS - Installing Wordpress » from CCM ( is made available under the Creative Commons license. You can copy, modify copies of this page, under the conditions stipulated by the license, as this note appears clearly.