DazeStack WP is a powerful automation utility that provisions and manages a high-performance WordPress LEMP stack on Ubuntu 24.04+. This comprehensive guide covers installation, architecture, security, and daily operations.
Quick Start Installation
Requires a fresh server running Ubuntu 24.04+ with root/sudo access. Minimum recommended hardware: 2 vCPU, 2GB RAM, 10GB SSD.
curl -fsSL https://raw.githubusercontent.com/DazeStack/DazeStackWP/main/dazestack-wp.sh -o dazestack-wp.sh
chmod +x dazestack-wp.sh
sudo bash dazestack-wp.shSite Creation & SSL
Once the base stack is installed, create your first WordPress site and enable Let’s Encrypt SSL (ensure your DNS A records point to the server IP first):
sudo bash dazestack-wp.sh create-site example.com admin@example.com
sudo bash dazestack-wp.sh enable-ssl example.comArchitecture Snapshot
DazeStack WP automatically wires your services for speed and safety. It installs a complete WordPress hosting foundation, not just WordPress files.
- Nginx: Sits at the front, handling TLS, Brotli/Zstd compression, and FastCGI microcaching.
- PHP-FPM: Requests are passed to isolated, per-site PHP-FPM pools so one noisy site won’t degrade others.
- MariaDB: Stores all persistent WordPress data.
- Redis: A dedicated Redis database allocation (DB 1-15) is provided per site for lightning-fast object caching.
Security Baseline
The security baseline is applied through isolation, encryption, hardened defaults, and safer operational flows.
Encrypted Artifacts
Credentials: WordPress and Database credentials are encrypted (AES-256-CBC) and stored in /root/.dazestack-wp/.
Backups: Scheduled database dumps are encrypted before storage in /var/backups/dazestack-wp/.
Host-level defense is established natively using a UFW (Uncomplicated Firewall) and fail2ban baseline configuration to guard against brute force attacks.
FAQ & Troubleshooting
How do I access decrypted credentials?
Run sudo bash dazestack-wp.sh show-credentials example.com.
How do I verify Nginx Cache health?
Run sudo bash dazestack-wp.sh cache-status --all for a HIT/MISS report, or sudo bash dazestack-wp.sh cache-deep-check example.com to run cache behavior probes.
Where are the error logs located?
System installer logs are at /var/log/dazestack-wp/. Individual site error/access logs are at /var/www/<domain>/logs/.
Command Reference
You can run sudo bash dazestack-wp.sh menu for an interactive UI, or run these direct lifecycle commands from the CLI wrapper:
| Command | Description | Example |
|---|---|---|
health-check |
Runs full diagnostics across stack components. | sudo bash dazestack-wp.sh health-check |
auto-tune |
Recalculates tuning presets based on host resources. | sudo bash dazestack-wp.sh auto-tune |
rebalance-pools |
Recomputes PHP-FPM pool sizing for existing sites. | sudo bash dazestack-wp.sh rebalance-pools |
protocol-check |
Deep check for HTTP/2 and modern routing paths. | sudo bash dazestack-wp.sh protocol-check --all |
remove-old-backups |
Cleans up encrypted backup artifacts. | sudo bash dazestack-wp.sh remove-old-backups 30 |