Loading...

Bluehost Self-Managed VPS: Reimage Your Server for WooCommerce (WordPress) Installation

Learn how to reimage your  Bluehost Self-Managed VPS server for WooCommerce (WordPress) installation. This article will guide you on how to use the Bluehost Portal to install WooCommerce, log in to your dashboard, and understand the key responsibilities for maintaining your server. Whether you're setting up WooCommerce for the first time or looking to manage your application efficiently, this guide will help you get started securely and quickly.

Reimage Server for WooCommerce Installation

  1. Log in to your Bluehost Portal.
  2. Click Hosting in the left-hand menu.

    Bluehost Portal - Hosting Tab
     

  1. Click the Manage button on the Self-Managed VPS package.

    BH AM - Select Server - Manage
     

  2. Click the Reimage button.

    BH AM - Manage Server - Overview - Reimage button
     

  3. Select the Applications tab.

    BH AM - Manage Server - Overview - Install Application
     

  4. From the list, find WooCommerce (WordPress) and click Select.

    BH AM - Manage Server - Select Application
     

  5. To confirm, please type "reimage" and then click Proceed to start the process.

    BH AM - Proceed with Reimaging - WooCommerce (WordPress)
     

  6. Wait a few moments while the installation completes.

    BH AM - Install - Portrainer
     

    • Once completed, you will see WooCommerce (WordPress) listed in the Server Image section.

      BH AM - Server Overview
       

How to Access your WooCommerce (WordPress) Dashboard

Welcome to your new WooCommerce virtual machine! This guide walks you through setting up, accessing, and managing your online store.

We design this image with security in mind, meaning we never bake a fixed password into the system. Instead, your server automatically generates unique, secure credentials on its very first boot.

Follow these simple steps to launch your store.

Step 1: Set Up and Secure Your VPS

  1. Log in to your Bluehost Portal.
  2. In the left-hand menu, click the Hosting tab.

    Self Managed VPS
     

  3. Look for the server you want to manage then click the View Details to see more options.

    Self Managed VPS
     

  4. Click the Reset Password.

    Self Managed VPS
     

  5. In the pop-up window, type your new root password, then click Reset Password again to confirm and save the changes.

    Self Managed VPS
     

  1. Connect to your VPS via SSH.
    Open your computer's terminal (or an SSH client like PuTTY) and run the following command to log into your server as the administrator, using your server's public IP address:
    ssh root@your_server_ip
    Follow the prompts and enter the new root password you created in the step above.
  2. If you ever need to quickly review the system's deployment notes directly inside your server terminal, you can print out the original README file by running:
    cat /root/README.md

Step 2: Get Your Automatically Generated Password

In this next step, you will retrieve the secure, system-generated password created for your account.

  1. Look at the MOTD (Message of the Day) text that pops up immediately upon login to your SSH. It will show you exactly where your credentials are.
  2. Run the following command in your terminal to view your admin credentials:
    sudo cat /var/www/html/.env

    Example Output:

    Last login: Thu Jun 25 14:14:16 2026 from 180.190.7.63
    root@server-123456:~# sudo cat /var/www/html/.env
    # WooCommerce / WordPress runtime credentials
    # Read this file to get your admin password:
    #   cat /var/www/html/.env
    WP_ADMIN_USER=admin
    WP_ADMIN_PASSWORD=rcUFObLZ0qk7R04JuBzhQM
    [email protected]
    WP_SITEURL=https://12.1.230.123.166
    WP_DB_PASSWORD=QUWtfsin7sbgLGe2m0sPJpu

Step 3: Log into your WordPress / WooCommerce Dashboard

Now that you have your credentials, you can open your browser and navigate to your site.

  • WordPress Admin Panel:https://server-ip/wp-admin or (/wp-login.php)

    Woocommerce+WP admin dashboard log in
     

  • Your Storefront:https://server-ip/shop

    Woocommerce+WP store dashboard log in
     

  • Main Homepage:https://server-ip/

    Woocommerce+WP admin dashboard log in
     

Essential Management Commands

You can manage your entire server stack directly from the command line. Here are the most useful shortcuts for maintaining your store:

  1. Managing System Services

    Control your web server, database, and background PHP processors smoothly:

    • Check Web Server Status:
      systemctl status nginx
    • Safely Reload Web Config (No Downtime):
      nginx -t && systemctl reload nginx
    • Restart PHP Processors:
      systemctl restart php8.3-fpm
    • Access Database Shell:
      mysql -u root
  2. Managing WordPress via Command Line (WP-CLI)

    You don't always need the web browser to update your site. Use the built-in global wp command to manage your store rapidly:

    • List Installed Plugins:
      wp plugin list --path=/var/www/html/wordpress --allow-root
    • Update All Plugins at Once:
      wp plugin update --all --path=/var/www/html/wordpress --allow-root
    • Force Process Scheduled Actions (Cron):
      wp cron event run --due-now --path=/var/www/html/wordpress --allow-root
  3. Monitoring Live Logs

    Track visitors or diagnose system behaviors in real-time:

    • Watch Web Traffic & Errors:
      tail -f /var/log/nginx/access.log /var/log/nginx/error.log
    • View WooCommerce Logs:
      tail -100 /var/log/woocommerce/woocommerce.log

Additional Information and Example Documentation Output

You can run cat /root/README.md to see more information and useful commands:

Example Output:
root@server-123456:~# cat /root/README.md
# WooCommerce (WordPress)

## Description

WooCommerce is an ecommerce platform that lets you add a fully featured online store to any WordPress website.
It supports product listings, inventory management, payment processing, shipping, and tax configuration,
giving you everything you need to sell physical or digital products directly from your site.

---

## Image contents

This template installs and configures:

- WordPress (latest) from the official WordPress.org download
- WooCommerce plugin (latest stable) pre-downloaded and activated on first boot
- MariaDB 10.11 as the local database backend
- Nginx as the web server - handles TLS termination and serves static files
- PHP 8.3-FPM with all extensions required by WooCommerce (curl, gd, intl, mbstring, mysqli, soap, xml, zip, bcmath, imagick)
- WP-CLI 2.12.0 installed globally at `/usr/local/bin/wp`
- certbot installed at `/opt/certbot/` for automatic TLS certificate provisioning
- UFW firewall rules for SSH (22), HTTP (80), and HTTPS (443)
- `wp-config.php` hardened above webroot at `/var/www/html/wp-config.php` (mode 0600)
- Operator credentials store at `/var/www/html/.env` (mode 0600)
- First-boot initialization script at `/var/lib/cloud/scripts/per-instance/001_onboot`
- Logrotate config at `/etc/logrotate.d/woocommerce`

---

## Services

| Service | Ports | Purpose |
|---------|-------|---------|
| Nginx | 80, 443 | TLS termination, static files, front controller |
| PHP-FPM 8.3 | unix socket | PHP execution for WordPress / WooCommerce |
| MariaDB | local | Database backend for WordPress |
| OpenSSH | 22 | Remote access |

Ports are protected using UFW.

---

## WordPress / WooCommerce configuration

The default WordPress configuration file is `/var/www/html/wp-config.php`.

Key settings include:

- `DB_NAME = wordpress` - WordPress database
- `DB_USER = wpuser` - dedicated database user
- `DB_PASSWORD` - placeholder, replaced at first boot from `.env`
- `DB_HOST = localhost` - local MariaDB instance
- DocumentRoot - `/var/www/html/wordpress`
- WooCommerce plugin - `/var/www/html/wordpress/wp-content/plugins/woocommerce/`

The Nginx site config is at `/etc/nginx/sites-available/woocommerce`.

---

## First boot behavior

On the first boot, the cloud-init per-instance script `/var/lib/cloud/scripts/per-instance/001_onboot`:

- Detects the real public IP (via cloud metadata service, falling back to `hostname -I`)
- Requests a TLS certificate from Let's Encrypt for the **public IP address** using certbot; falls back to a self-signed certificate if certbot fails
- Writes the HTTPS nginx config (HTTP redirects to HTTPS; HTTPS terminates TLS and serves WordPress via PHP-FPM)
- Updates WordPress `siteurl` and `home` options in the database to `https://`
- Reads and applies `WP_ADMIN_PASSWORD`, `WP_ADMIN_USER`, and `WP_ADMIN_EMAIL` from `.env`
- Ensures WooCommerce is active and flushes rewrite rules with the real URL
- Restarts PHP-FPM and nginx

This guarantees that no fixed admin password is ever baked into the image.

---

## First-time access (How to use)

### How admin credentials work

This image **never bakes a fixed password** into the image. Instead:

1. During the image build, WordPress is installed with a throw-away placeholder password that is never written anywhere accessible.
2. The `.env` file is written with `WP_ADMIN_PASSWORD=CHANGEME_ON_BOOT` as a sentinel value.
3. On **first boot**, `001_onboot` detects the sentinel, generates a secure 24-character random password using `openssl rand`, updates the WordPress admin account in the database, and saves the real password back to `.env`.
4. The generated password is printed to the first-boot log. The MOTD (shown on every SSH login) tells you where to retrieve it.

**You do not need to set a password manually.** It is generated automatically.

-

### 1. Get your credentials after first boot

**On every SSH login the MOTD shows where credentials are stored:**
```
  - Admin Credentials ---------------------------
  Username  : admin
  Password  : sudo cat /var/www/html/.env
```

**Read the credentials file directly:**
```bash
sudo cat /var/www/html/.env
```

**Or check the first-boot log:**
```bash
sudo grep -A 6 "First Boot Credentials" /var/log/cloud-init-output.log
```

-

### 2. If the password in `.env` is still CHANGEME_ON_BOOT

The first-boot script did not run yet (can happen if cloud-init did not execute). Run it manually:

```bash
# Fix Windows line endings if needed (run once)
sudo sed -i 's/\r//' /var/lib/cloud/scripts/per-instance/001_onboot

# Run the first-boot script
sudo bash /var/lib/cloud/scripts/per-instance/001_onboot
```

Then check the password:
```bash
sudo grep 'WP_ADMIN_PASSWORD' /var/www/html/.env
```

-

### 3. Override with a custom password (optional)

If you want a specific password instead of the generated one, edit `.env` **before** first boot:

```bash
sudo nano /var/www/html/.env
```

Set your values:
```env
WP_ADMIN_USER=admin
WP_ADMIN_PASSWORD=YourChosenPassword123
[email protected]
WP_SITEURL=http://your-domain-or-ip
WP_DB_PASSWORD=changeme_on_first_boot
```

Save with `Ctrl+X`, `Y`, `Enter` - then run `001_onboot` and it will use your password instead of generating one.

-

### 4. Access your store

After the VM boots, access WooCommerce at:

| URL | Purpose |
|-----|---------|
| `https:///wp-admin` | WordPress / WooCommerce admin panel |
| `https:///wp-login.php` | WordPress login page |
| `https:///shop` | WooCommerce storefront |
| `https:///` | WordPress front page |

> **Note:** On first login you may be redirected to `wp-login.php`. Use an incognito/private browser window if you experience redirect issues during local testing.

---

## Manage

### Web Interface

| URL | Purpose |
|-----|---------|
| `https:///wp-admin` | WordPress / WooCommerce admin panel |
| `https:///shop` | WooCommerce storefront |
| `https:///` | WordPress front page |

### Nginx

```bash
# Check status
systemctl status nginx

# Reload config without downtime (safe - no dropped connections)
systemctl reload nginx

# Test config before reloading
nginx -t
```

### PHP-FPM

```bash
# Check status
systemctl status php8.3-fpm

# Restart
systemctl restart php8.3-fpm
```

### MariaDB

```bash
# Check status
systemctl status mariadb

# Open MySQL shell
mysql -u root

# Show all databases
mysql -u root -e "SHOW DATABASES;"

# Show wpuser grants
mysql -u root -e "SHOW GRANTS FOR 'wpuser'@'localhost';"
```

### UFW Firewall

```bash
# Check firewall status
ufw status verbose

# View active rules
ufw status numbered
```

### WordPress via WP-CLI

```bash
# List plugins
wp plugin list --path=/var/www/html/wordpress --allow-root

# Update all plugins
wp plugin update --all --path=/var/www/html/wordpress --allow-root

# Activate WooCommerce
wp plugin activate woocommerce --path=/var/www/html/wordpress --allow-root

# Run cron manually
wp cron event run --due-now --path=/var/www/html/wordpress --allow-root

# Check WordPress version
wp core version --path=/var/www/html/wordpress --allow-root

# List active themes
wp theme list --path=/var/www/html/wordpress --allow-root

# Update site URL (useful for local testing)
wp option update siteurl 'http://localhost:8080' --path=/var/www/html/wordpress --allow-root
wp option update home 'http://localhost:8080' --path=/var/www/html/wordpress --allow-root
```

### Logs

```bash
# Nginx error log
tail -f /var/log/nginx/error.log

# Nginx access log
tail -f /var/log/nginx/access.log

# WooCommerce log
tail -100 /var/log/woocommerce/woocommerce.log

# MariaDB log
journalctl -u mariadb -f

# Cloud-init first boot log
cat /var/log/cloud-init-output.log
```

---

## Security hardening

| Hardening | Detail |
|-----------|--------|
| UFW firewall | Only ports 22, 80, 443 open. Default deny all incoming |
| SSH rate limiting | Port 22 set to LIMIT - brute force protection |
| wp-config.php location | Moved above webroot - not accessible via browser |
| wp-config.php permissions | Mode `0600` - owner read only |
| .env permissions | Mode `0600` - owner read only |
| Credentials | Never baked into image - set at runtime via `.env` |

---

## Validation tests

The template includes a TAP test suite at `/root/app_test/main.t` that checks:

- PHP 8.3 is installed and PHP-FPM is enabled and active
- Nginx is enabled and active
- MariaDB is enabled and active
- WP-CLI is installed
- WordPress core files are present at `/var/www/html/wordpress`
- WooCommerce plugin files are present
- `wp-config.php` exists with mode `0600`
- `.env` file exists with mode `0600`
- Nginx woocommerce site is enabled in `sites-enabled`
- WordPress database exists in MariaDB
- First-boot script is in place
- UFW firewall is active

---


## Configuration files reference

| File | Purpose | Permissions |
|------|---------|-------------|
| `/var/www/html/wp-config.php` | WordPress DB and salt config | `0600` |
| `/var/www/html/.env` | Operator credentials for first-boot | `0600` |
| `/etc/nginx/sites-available/woocommerce` | Nginx site config (rewritten at first boot with HTTPS) | `0644` |
| `/etc/php/8.3/fpm/pool.d/www.conf` | PHP-FPM pool config | `0644` |
| `/var/lib/cloud/scripts/per-instance/001_onboot` | First-boot script | `0755` |
| `/var/log/woocommerce/woocommerce.log` | WooCommerce application log | `0640` |
| `/etc/logrotate.d/woocommerce` | Log rotation config | `0644` |

---

## Notes

- The WooCommerce plugin is pre-downloaded at build time and activated on first boot via WP-CLI.
- `wp-config.php` is intentionally placed above the webroot so it cannot be accessed via a browser.
- The `.env` file holds placeholder credentials - always replace before first boot.
- Nginx serves WordPress directly via PHP-FPM (no Apache). PHP-FPM runs as `www-data` on a unix socket at `/run/php/php8.3-fpm.sock`.
- The TLS certificate is issued for the server's **public IP address** (not hostname) so it works immediately without DNS configuration.
- On first boot, if Let's Encrypt cannot issue a certificate (NAT, rate limit), a self-signed cert is generated automatically. Replace it later with: `certbot certonly --ip-address `

---
## Links

- Manage: [Manage](http://localhost:8080/wp-admin)
- WordPress Documentation: [https://wordpress.org/documentation/](https://wordpress.org/documentation/)
- WooCommerce Documentation: [https://woocommerce.com/documentation/](https://woocommerce.com/documentation/)
- WP-CLI Documentation: [https://wp-cli.org/](https://wp-cli.org/)
- MariaDB 10.11 Documentation: [https://mariadb.com/kb/en/mariadb-10-11/](https://mariadb.com/kb/en/mariadb-10-11/)
- PHP 8.3 Documentation: [https://www.php.net/releases/8.3/](https://www.php.net/releases/8.3/)
- Ubuntu 24.04 LTS Release Notes: [https://wiki.ubuntu.com/NobleNumbat/ReleaseNotes](https://wiki.ubuntu.com/NobleNumbat

Summary

In this guide, we covered how to reimage your Bluehost Self-Managed VPS to install WooCommerce (WordPress) and manage it from the dashboard. Remember to use the one-click installer for a streamlined setup, but do not forget to always back up or confirm your data first, since this will completely wipe your existing data. For advanced updates or manual installations, SSH access is available. Need to change or remove your setup down the road? Just check out the linked support for further instructions.

Loading...