DEV Community

Cover image for Creating a WordPress blog using AWS Lightsail and Cloudflare
Oksana Horlock for AWS Community Builders

Posted on • Originally published at

Creating a WordPress blog using AWS Lightsail and Cloudflare

I started my own blog a little more than one year ago. I had wanted to have my own blog for a while and had a lot of ideas about how I wanted to create it and experiment with different tools and services. However, since having a child, the time I have for learning and exploring has become a really precious commodity. So I knew that the sooner I launched the website, the better. The final little nudge was reading Steve Gordon’s post about blogging which you can find here.

This post describes how I set up a simple site for my blog. Time constraint has been the main reason why I chose using WordPress and AWS Lightsail. I was quite surprised by how easy and quick it was to set everything up.

Prerequisites: AWS account

Creating a server

I followed this blog post up to part 6: to create a WordPress instance and attach a static IP to it. It is very easy and clear. FYI, Bitnami is an application stack that lets you host a WordPress website. So when you select the WordPress blueprint in AWS Lightsail, you are installing all the applications necessary to run WordPress on your server.

I had bought a template to use, so after logging in to WordPress admin dashboard, I navigated to Appearance->Themes->Add new ->Upload, and uploaded my theme. The website was up on the internet and could be navigated to on the Internet by using its IP address! Wasn’t it supereasy?

Registering a domain name/creating DNS records

I didn’t have a domain name, so I registered using AWS Route 53, which is a Domain Name Service. Before you register a domain, you should check the pricing here: It varies depending on the top-level domain (the last part of the url, for example, .com or When registering a domain, a public hosted zone is created for you. This hosted zone has records about routing Internet traffic for your domain/subdomains. Two records will be created by default:

  • type NS record – a nameserver record; it tells the Internet where to go to find out a domain’s IP address. There are several NS values – this is to ensure that if one name server is not available, the queries can go to another one.

  • type SOA – a Start of Authority record; it contains some DNS information about the hosted zone, such as name name server that created the record, a serial number that you change when you can increment when you update the zone, retry interval and so on (info on record types AWS supports is here)

Following that I created an A record in my hosted zone. An A record is the most fundamental record and it routes traffic to a resource such as a web server. I mapped my brand spanking new domain name to the static IP of my WordPress instance.

Image description

After that was navigable on the Internet.

Making the site secure

First of all, I restricted access for port 22 to my own IP address (so that nobody else could SSH into the instance). I also didn’t want anyone to be able to access the empty blog so I restricted HTTP/HTTPS access to my own IP address too. These rules can be changed using the Networking tab of the Lightsail Console:

Image description

I followed these tutorials to create an SSL certificate, firewall rules and securing the site using Cloudflare:

Useful tip: since the instance runs on Linux, I had to use CLI. Since I didn't have a lot of experience with it at the point I was doing the setup, it was slightly tricky to edit and save files. The easiest way for me was to run sudo nano path/to/file command, edit the file, type Ctrl+X, and then Y or N, or Ctrl+C to Cancel.

I also removed Bitnami banner from the bottom right hand corner of the site pages by following the steps from this guide:

Although there is no need to change your DNS from Route53 to Cloudflare, after some time I did it for the sake of experiment, since I had not had much experience with anything to do with DNS before.
To be able to use Cloudflare for DNS management, AWS name servers for the NS record in your hosted zone need to be changed to Cloudflare name servers. You would think that you would just go to the hosted zone, select the NS record from the list, and edit it, right? However, after waiting for a couple of days for the record to be updated, I started investigating what was wrong. It turned out the records needed to be changed from the Registered domains page:

Image description

From the moment you change your DNS provider, you will need to put all the DNS records there.


The pricing for deploying a WordPress on AWS Lightsail in the way that I did comprises:

  • domain registration cost ($12)
  • a monthly instance plan ($3.50)
  • half a dollar per hosted zone per month
  • DNS queries less than half a dollar per 1 000 000 000 queries (this will also include you using the site, for example amending the theme).

I sincerely hope my experience will help somebody out there to make deploying a WordPress website on AWS Lightsail a plan sailing.

Top comments (0)