Complete Guide to Domain Setup for WordPress on OCI: From IP Address to Domain Name (2025)
Hello! Today we’ll explore how to properly connect a domain name to your WordPress site running on Oracle Cloud Infrastructure (OCI). While this guide focuses on OCI compute instances, most steps apply to other hosting environments as well.
Understanding Domain Names
A domain name serves as your website’s address on the internet. Instead of using complex IP addresses (like 123.456.789.012), you can use a memorable name like ‘yourdomain.com’. Think of it as giving your website a permanent, professional home address that’s easy for visitors to remember and trust.
Why Domain Names Matter for OCI WordPress Sites
When running WordPress on an OCI compute instance, having a proper domain name becomes even more crucial for several reasons:
- SSL Certificate Management
- IP-based SSL certificates have significant limitations
- Domain names enable free Let’s Encrypt certificate usage
- Easier to maintain secure HTTPS connections
- Database Stability and Backup
- Maintain consistent site settings despite IP changes
- Simplify backup and migration processes
- Prevent database connection issues during infrastructure updates
- Cloud Infrastructure Flexibility
- Keep the same address during instance recreation
- Enable load balancer implementation
- Facilitate regional expansion and scaling
Prerequisites
Before we begin, ensure you have:
- Domain Requirements
- A purchased domain name
- Access to domain registrar’s control panel
- DNS management permissions
- Server Information
- Your OCI compute instance’s public IP address
- SSH access credentials
- Sudo privileges on the server
- WordPress Access
- WordPress admin credentials
- Current site functionality verification
DNS Configuration: Connecting Domain to Server
DNS (Domain Name System) acts as the internet’s address book. It tells browsers where to find your website when someone types in your domain name. Let’s set this up step by step.
Setting Up DNS Records
Log in to your domain registrar’s control panel. You’ll need to create two types of records:
[A Record] Host: @ (or leave blank) Answer: [Your OCI Instance IP] TTL: 3600
The A record creates a direct link between your domain and server IP, while the CNAME ensures your site works with “www” prefix. Think of the A record as your main address and the CNAME as a forwarding address.
[CNAME Record] Host: www Answer: yourdomain.com TTL: 3600
WordPress Settings Update
Now we need to tell WordPress about its new address. This step requires careful attention – a wrong setting here could temporarily lock you out of your site.
- Access your WordPress admin panel
- Navigate to Settings > General
- Update these two crucial URLs:
Site Address (URL): https://yourdomain.com
After saving, WordPress will redirect you to the new domain. Don’t panic if you temporarily lose access – this is normal during the transition.
Apache Web Server Configuration
WordPress on OCI runs on Apache, and we need to configure it to recognize your domain. Let’s break this down into manageable steps:
1. Create Virtual Host Directory Structure
sudo mkdir -p /etc/httpd/sites-available
sudo mkdir -p /etc/httpd/sites-enabledThese directories help organize your Apache configurations – think of sites-available as your filing cabinet and sites-enabled as your active workspace.
2. Create Domain Configuration
sudo nano /etc/httpd/sites-available/yourdomain.com.confAdd this configuration (with explanations for each section):
<VirtualHost *:80>
ServerName yourdomain.com
ServerAlias www.yourdomain.com (ex. www.datainhands.com)
DocumentRoot /var/www/html
<Directory /var/www/html>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost> This configuration:
- Tells Apache to listen for your domain
- Handles both www and non-www versions
- Sets the website file location
- Enables .htaccess file usage
- Sets up proper logging
3. Activate the Configuration
# Create symbolic link sudo ln -s /etc/httpd/sites-available/yourdomain.com.conf /etc/httpd/sites-enabled/ # Add configuration directory to Apache echo "IncludeOptional sites-enabled/*.conf" | sudo tee -a /etc/httpd/conf/httpd.conf # Restart Apache sudo systemctl restart httpd
Securing Your Site with SSL Certificate
Security is crucial for modern websites. We’ll use Let’s Encrypt to obtain a free SSL certificate that encrypts data between your website and its visitors. Let’s break this down into manageable steps.
1. Installing Required Packages
First, let’s install the necessary tools:
sudo dnf -y install oracle-epel-release-el8
# Install Certbot and its Apache plugin
sudo dnf -y install certbot python3-certbot-apache
2. Setting Up SSL Environment
Before getting our official certificate, we’ll create a basic SSL setup:
sudo mkdir -p /etc/pki/tls/certs
# Generate a temporary self-signed certificate
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout /etc/pki/tls/private/localhost.key \
-out /etc/pki/tls/certs/localhost.crt
# Restart Apache to apply changes
sudo systemctl restart httpd
Don’t worry about the questions during certificate generation – default values are fine for this temporary certificate.
3. Obtaining Let's Encrypt Certificate
Now for our official SSL certificate:
# Request certificate and configure Apache
sudo certbot --apache -d yourdomain.com -d www.yourdomain.comDuring this process, Certbot will:
- Verify your domain ownership
- Generate secure certificates
- Configure Apache automatically
- Set up HTTPS redirection
4. Setting Up Automatic Renewal
Let’s Encrypt certificates expire after 90 days, but we can automate the renewal:
sudo certbot renew –dry-run
# Check automatic renewal service status
sudo systemctl status certbot-renew.timer
If you see the timer is inactive, activate it with:
sudo systemctl enable certbot-renew.timer
sudo systemctl start certbot-renew.timer
Run the following command to check if the status is ‘active’.
When you check the timer status with sudo systemctl status certbot-renew.timer, you’ll see important information about the renewal service. For example, if you run the command now, you might see that:
- The command was executed 8 seconds ago
- The certbot-renew.timer is in an active state
- The next execution time is set to
2025-02-09 19:36:02 GMT
Here’s how the automatic renewal system works:
- Certbot is configured to run every 12 hours by default
- This means it checks twice daily for certificate renewal needs
- Let’s Encrypt certificates are valid for 90 days
- Certbot attempts automatic renewal when there are 30 days or less remaining
- While the
certbot renewcommand runs regularly, it only performs the actual renewal when needed
This system ensures your SSL certificate stays valid without manual intervention. Even though the renewal check happens twice daily, the actual renewal only occurs when the certificate is approaching expiration. This redundancy helps ensure your site’s security is never compromised due to an expired certificate.
If you see that the timer is “inactive”, you’ll need to activate it using the commands provided in the previous section. This automatic renewal system is crucial for maintaining uninterrupted HTTPS service for your website.
5. Alternative Renewal Method Using Cron (Optional)
For additional reliability, you can also set up a cron job:
sudo crontab -e
# Add this line to run renewal check daily at 2 AM
0 2 * * * certbot renew –quiet && systemctl reload httpd
이렇게 하면 매일 새벽 2시에 Certbot이 인증서를 갱신하고, 갱신된 인증서를 적용하기 위해 Apache 웹 서버를 재시작하게 됩니다.
6. Finalizing Security Settings
Configure SELinux and firewall for secure connections:
sudo setsebool -P httpd_can_network_connect 1
# Allow HTTPS through firewall
sudo firewall-cmd –permanent –add-service=https
sudo firewall-cmd –reload
Final Verification Checklist
Before considering the setup complete, let’s verify everything:
1. DNS Propagation
What is DNS Propagation?
DNS propagation is the process where your domain information spreads to DNS servers worldwide. Think of it like updating a global phone book – it takes time for all the copies to get the new information. This process typically takes several hours, but can take up to 48 hours in some cases.
How to Check DNS Settings
You can verify your DNS settings using these commands:
ping yourdomain.com
# Get detailed DNS information
nslookup yourdomain.com
Interpreting the Results
When you run these commands, compare the IP address in the response with your OCI instance’s IP address:
- If they match: DNS propagation is complete for your location
- If they differ: DNS propagation is still in progress
- If you get no response: There might be an issue with your DNS configuration
Troubleshooting Steps
- Initial Check: Wait at least a few hours after making DNS changes
- 12-Hour Mark: If no changes after 12 hours:
- Review your DNS settings in your domain registrar’s control panel
- Verify the A record points to the correct IP address
- Check CNAME record configuration
- 48-Hour Mark: If still no resolution:
- Contact your domain registrar’s support
- Verify there are no conflicting DNS records
- Check for any DNS zones that might override your settings
Remember, DNS propagation delays are normal and don’t indicate a problem with your configuration. However, if changes haven’t propagated after 12 hours, it’s worth double-checking your DNS settings to ensure everything is configured correctly.
2. SSL Certificate
SSL certificate problems can be frustrating but are usually straightforward to diagnose and fix. Most issues stem from either the certificate issuance process or Apache configuration. Let’s walk through a systematic approach to troubleshooting:
sudo apache2ctl configtest
This command checks for any syntax errors in your Apache configuration files. If you see “Syntax OK”, your configuration is valid. If not, the output will point you to specific problems that need fixing.
sudo certbot certificates
This command shows you:
- Which domains your certificates cover
- When they were issued
- When they expire
- Whether they’re valid or have problems
Look for important information like:
- Expiration dates
- Domain name matches
- Certificate chain integrity
- Renewal status
sudo tail -f /var/log/httpd/error.log
The error log is your best friend for debugging SSL issues. When examining the log:
- Look for entries containing “SSL” or “certificate”
- Pay attention to timestamps of errors
- Note any specific error codes or messages
- Watch the log in real-time while accessing your site
Common SSL Issues and Solutions
- Certificate Not Found
- Verify certificate paths in Apache configuration
- Check if files exist in specified locations
- Ensure file permissions are correct
- Certificate-Domain Mismatch
- Confirm ServerName matches certificate domain
- Check for missing www or subdomain configurations
- Verify all domain aliases are included in the certificate
- Chain Issues
- Ensure intermediate certificates are properly installed
- Verify certificate chain order
- Check for missing intermediate certificates
Remember, after making any changes to SSL configuration or certificates, you’ll need to restart Apache.
This systematic approach should help you identify and resolve most SSL certificate issues. If you’re still experiencing problems after following these steps, the error log will usually provide the clues needed for further troubleshooting.
3. WordPress Admin Access Issues After Domain Change
After changing your domain, you might find yourself unable to access the WordPress admin panel. This is a common issue that occurs due to how WordPress stores URL information in its database. Let’s understand why this happens and how to fix it:
When you change your domain, WordPress needs to update URLs in two places:
- The WordPress settings interface (which you can’t access if locked out)
- The WordPress database (which stores all site configuration)
You can temporarily override WordPress’s URL settings by adding these lines to your wp-config.php file:
define(‘WP_HOME’,‘https://yourdomain.com’);
define(‘WP_SITEURL’,‘https://yourdomain.com’);
Here’s how to implement this fix:
- Access your wp-config.php file:
- Connect to your server via SSH or FTP
- Navigate to your WordPress root directory
- Locate wp-config.php (usually in the main WordPress directory)
- Add the code:
- Open wp-config.php in a text editor
- Add the two lines above, just after the opening PHP tag
- Replace ‘yourdomain.com’ with your actual domain
- Save the file
- After regaining access:
- Log in to your WordPress dashboard
- Go to Settings > General
- Update your URLs properly through the interface
- Remove the temporary code from wp-config.php
These define statements tell WordPress to use the new domain regardless of what’s stored in the database. Think of it as a temporary override that helps you regain access to fix the permanent settings.
Remember to remove these lines once you’ve updated the URLs through the WordPress interface, as it’s better to manage URLs through WordPress’s built-in settings for long-term maintenance.
Regular Maintenance Guide
To keep your site running smoothly, establish a regular maintenance schedule:
Monthly Checks
Run these commands monthly:
sudo certbot certificates
# Check renewal service
sudo systemctl status certbot-renew.timer
Quarterly Tasks
Every three months:
- Check domain expiration date
- Verify DNS settings
- Backup Apache configurations
- Install security updates
This comprehensive setup ensures your WordPress site on OCI is professionally hosted with a secure domain name. Remember, while these steps might seem numerous, they create a robust foundation for your website’s security and reliability.
Feel free to leave a comment if you encounter any issues or need clarification on any steps.
