Contact UsTry it for free
© 2026 Direct Cursus Technology L.L.C.

Installing WordPress High Availability using Cloud Apps

Written by
Improved by
Updated at March 6, 2026

In this tutorial, you will install and configure WordPress, a content management system equally suitable for personal blogs and large-scale media and commercial projects. You will deploy Cloud Apps on a virtual machine with all required resources autoconfigured, including a Yandex Managed Service for MySQL® database, a web server, and Yandex Cloud Postbox integration.

To install WordPress:

  1. Get your cloud ready.
  2. Create a VPC network and subnets.
  3. Configure a DNS zone.
  4. Create a Yandex Lockbox secret.
  5. Install WordPress using Cloud Apps.
  6. Configure WordPress.
  7. Check the result.

If you no longer need the resources you created, delete them.

Get your cloud ready

Sign up for Yandex Cloud and create a billing account:

  1. Navigate to the management console and log in to Yandex Cloud or create a new account.
  2. On the Yandex Cloud Billing page, make sure you have a billing account linked and it has the ACTIVE or TRIAL_ACTIVE status. If you do not have a billing account, create one and link a cloud to it.

If you have an active billing account, you can navigate to the cloud page to create or select a folder for your infrastructure.

Learn more about clouds and folders here.

The cost of support for the new infrastructure includes:

Create a VPC network and subnets

  1. In the management console, select the folder where you want to create a cloud network.

  2. Go to Virtual Private Cloud.

  3. In the top-right corner, click Create network.

  4. In the Name field, enter a name for the network. The naming requirements are as follows:

    • Length: between 3 and 63 characters.
    • It can only contain lowercase Latin letters, numbers, and hyphens.
    • It must start with a letter and cannot end with a hyphen.

  5. Keep Create subnets enabled.

  6. Click Create network.

If you do not have the Yandex Cloud CLI installed yet, install and initialize it.

By default, the CLI uses the folder specified when creating the profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also set a different folder for any specific command using the --folder-name or --folder-id options.

  1. Create a cloud network in the default folder:

    yc vpc network create --name wordpress-network

  2. Get the list of the cloud networks in the folder:

    yc vpc network list --folder-id b1g6ci08ma55********

    Result:

    +----------------------+-------------------+
|          ID          |      NAME         |
+----------------------+-------------------+
| enpavfmgapum******** | wordpress-network |
| enplom7a98s1******** | default           |
+----------------------+-------------------+

  3. Select NAME or ID of the cloud network you need. Create a subnet in the ru-central1-a availability zone:

    yc vpc subnet create \
  --network-id enpavfmgapum******** \
  --zone ru-central1-a \
  --range 192.168.0.0/24

    Where:

    • --network-id: Cloud network ID. When creating a subnet, specify the cloud network for the subnet and CIDR.
    • --zone: Subnet availability zone.
    • --range: List of internal IPv4 addresses specified for this subnet, such as 10.0.0.0/22 or 192.168.0.0/16. Make sure the addresses are unique within the network. The minimum subnet size is /28, and the maximum subnet size is /16. Only IPv4 is supported.

    The subnet naming requirements are as follows:

    • Length: between 3 and 63 characters.
    • It can only contain lowercase Latin letters, numbers, and hyphens.
    • It must start with a letter and cannot end with a hyphen.

  4. Similarly, create a subnet in the ru-central1-d availability zone.

To create a cloud network, use the create REST API method for the Network resource or the NetworkService/Create gRPC API call and provide the ID of the folder to host the new network in the folderId parameter of your request:

To learn how to find out the folder ID, see Getting the folder ID.

To create subnets in the ru-central1-a and ru-central1-d availability zones, use the create REST API method for the Subnet resource or the SubnetService/Create gRPC API call, and provide the following in your request:

  • ID of the folder the subnet will reside in, in the folderId parameter.
  • ID of the network the subnet will be placed in, in the networkId parameter.
  • ID of the availability zone the subnet will be placed in, in the zoneId parameter.
  • List of internal IPv4 addresses specified for this subnet, in the v4CidrBlocks[] array, e.g., 10.0.0.0/22 or 192.168.0.0/16. Make sure the addresses are unique within the network. The minimum subnet size is /28, while the maximum subnet size is /16. Only IPv4 is supported.

To get the subnet ID, use the list REST API method for the Subnet resource or the SubnetService/List gRPC API call and provide the folder ID in the folderId request parameter.

Configure a DNS zone

Create a public DNS zone and delegate your domain to it. For more about delegating domains, see this guide. This DNS zone will host the WordPress domains.

  1. In the management console, select a folder where you want to create your DNS zone.

  2. Go to Cloud DNS.

  3. Click Create zone.

  4. Specify the DNS zone settings:

    • Zone: Specify your registered domain with a trailing dot, e.g., example.com..
    • Type: Select Public.
    • Name: Enter a name for the zone, e.g., example-zone.

  5. Click Create.

  6. Delegate your domain to Yandex Cloud servers. Do it by specifying the addresses of the ns1.yandexcloud.net and ns2.yandexcloud.net DNS servers in your domain registrar's account.

    Delegation does not take effect immediately. It usually takes up to 24 hours for internet service providers to update records. You can check domain delegation using Whois or the dig utility:

    dig +short NS example.com

    Result:

    ns2.yandexcloud.net.
ns1.yandexcloud.net.

  1. Create a public DNS zone:

    yc dns zone create \
  --name example-zone \
  --zone example.com. \
  --public-visibility

    Where --zone is your domain name, e.g., example.com.. The --zone parameter value must end with a trailing dot.

    Result:

    id: dns39gihj0ef********
folder_id: b1g681qpemb4********
created_at: "2024-09-09T15:23:34.919887Z"
name: example-zone
zone: example.com.
public_visibility: {}

    For more information about the yc dns zone create command, see the CLI reference.

  2. Delegate your domain to Yandex Cloud servers. Do it by specifying the addresses of the ns1.yandexcloud.net and ns2.yandexcloud.net DNS servers in your domain registrar's account.

    Delegation does not take effect immediately. It usually takes up to 24 hours for internet service providers to update records.

To create a public DNS zone, use the create REST API method for the DnsZone resource or the DnsZoneService/Create gRPC API call.

Delegate your domain to Yandex Cloud servers. Do it by specifying the addresses of the ns1.yandexcloud.net and ns2.yandexcloud.net DNS servers in your domain registrar's account.

Create a Yandex Lockbox secret

Yandex Lockbox secrets will store the Yandex Managed Service for MySQL® database password and the WordPress admin password.

To create a secret that will store the Yandex Managed Service for MySQL® database password:

  1. In the management console, select the folder where you want to create a Yandex Lockbox secret.
  2. Go to Lockbox.
  3. Click Create secret.
  4. In the Name field, specify the secret name: db-password-secret.
  5. In the Secret type field, select Custom.
  6. In the Key field, enter db_password.
  7. In the Value field, paste the Yandex Managed Service for MySQL® database password.
  8. Click Create.

Similarly, create a secret named wp-admin-password-secret that will store the WordPress admin password. In the Key field, specify wp_admin_password.

To create a secret that will store the Yandex Managed Service for MySQL® database password, run this command:

yc lockbox secret create \
  --name db-password-secret \
  --payload "[{'key': 'db_password', 'text_value': '<password>'}]"

Where text_value is the Yandex Managed Service for MySQL® database password.

Result:

id: e6q0rdjdggjp********
folder_id: b1g681qpemb4********
created_at: "2025-07-12T18:23:49.844Z"
name: db-password-secret
status: ACTIVE
current_version:
  id: e6qbp772i014********
  secret_id: e6q0rdjdggjp********
  created_at: "2025-07-12T18:23:49.844Z"
  status: ACTIVE
  payload_entry_keys:
    - db_password

Similarly, create a secret that will store the WordPress admin password. Specify wp_admin_password in the key parameter.

To create a secret, use the create REST API method for the Secret resource or the SecretService/Create gRPC API call.

Specify db_password in the key parameter for the key to contain the Yandex Managed Service for MySQL® database password. Specify wp_admin_password for the key to store the WordPress administrator password.

Note

Creating a secret with a WordPress admin password is not mandatory: you can omit it in the application settings; in this case, it will be created automatically with a random password when installing the application.

Install WordPress

Install WordPress High Availability using Cloud Apps:

  1. In the management console, select the folder where you want to install the app.

  2. Go to Cloud Apps.

  3. Click Choose application.

  4. In the window that opens, select WordPress High Availability.

  5. Configure the application:

    • Application name: Name of your WordPress High Availability instance.

    • Application description. This is an optional property.

    • Service account with the admin role for the folder, or select Auto to have the service account created when installing the application.

    • DNS zone ID.

    • Site subdomain for WordPress. This is an optional property. By default, the subdomain is empty. The website domain is formed by adding a subdomain to the DNS zone domain.

    • Mail sender. This is an optional property. The default is noreply@website_domain. Used to set up SMTP via Yandex Cloud Postbox.

    • WordPress administrator username: Username for the WordPress admin account. This is an optional property. The default value is admin.

      Warning

      Once created, the WordPress admin login cannot be edited.

    • The WordPress administrator email to use for creating the WordPress admin account, sending system notifications, and resetting the password.

    • ID of the wp-admin-password-secret secret with the WordPress administrator password you created earlier. This is an optional property. If you do not specify a secret, it will be created automatically with a random password when installing the application.

    • VPC subnets in the ru-central1-a and ru-central1-d availability zones for deploying a Managed Service for MySQL® cluster and VMs with a file system.

    • Instance group size: The number of VMs in the group. This is an optional property. The default value is 2.

    • Number of vCPUs. This is an optional property. The default value is 2.

    • RAM in GB. This is an optional property. The default value is 2 GB.

    • vCPU guarantee. This is an optional property. The available values are 20%, 50%, or 100%. The default value is 100%.

    • Public SSH key. This is an optional property. It will be added to the WordPress user's authorized_keys. To learn how to create an SHH key, see this guide.

    • File system size in GB. This is an optional property. The default value is 100 GB.

    • ID of the db-password-secret secret you created earlier to store the database password for accessing the Managed Service for MySQL® cluster.

    • Managed Service for MySQL® cluster disk size in GB. This is an optional property. The default value is 20 GB.

  6. Click Install.

    In the window that opens, you will see the resources that will be created when installing the application. As soon as all resources are created, the VM will start configuring the website, installing plugins, and issuing TLS certificates. Wait for the installation to complete. This may take five to ten minutes.

Note

Automatic installation of the app creates a Yandex Cloud Postbox address and a DNS record for its verification.

Configure WordPress

  1. In your browser, open the main website address: https://<website_domain>, where <website_domain> is the main website subdomain or the DNS zone domain, if no subdomain was provided.

  2. In your browser, open the admin dashboard address: https://<website_domain>/wp-admin.

  3. Log in to the admin dashboard using:

    • Username: Admin username you provided when installing the application.

    • Password: Admin password. If you did not specify a secret containing the admin password in the application settings, you can find the password value in the secret that was generated automatically during the installation. The secret name is wp-admin-password-secret.

      Note

      If you forget the password, you can recover it via the standard WordPress password reset form using the admin email address specified during installation.

Once you log in, you will be redirected to the WordPress admin dashboard page where you can start managing your website.

Check the result

Make sure WordPress is working correctly:

  1. In your browser, open the main website subdomain, if specified during installation. Otherwise, open the DNS zone domain. You should see the WordPress home page.

  2. Create a test post:

    1. In the admin dashboard, click PostsAdd New.
    2. Provide the post title and content.
    3. Upload an image to the post. It will be automatically saved to the Object Storage bucket.
    4. Publish the post.

  3. Make sure that the post appears on the website home page.

  4. Test email notifications:

    1. In the admin dashboard, go to the settings section.
    2. Try recovering the password using the "Lost your password?" function.
    3. Check the mailbox you specified for the password reset email.

    Note

    Integration with Yandex Cloud Postbox supports user sign-ups and password resets. Yandex Cloud Postbox does not support bulk mailing because the feature requires a special API.

  5. Check the installed plugins:

    1. In the admin dashboard, go to Plugins.
    2. Make sure the following plugins are installed:
      • S3 Uploads: For integration with Yandex Object Storage to store media files.
      • WP Mail SMTP: For integration with Yandex Cloud Postbox to send email notifications.

  6. Open the database admin dashboard domain in your browser:

    1. Log in to the database admin dashboard.
    2. Use these credentials:
      • Server: db.
      • Engine: MySQL.
      • Username: wordpress.
      • Password: Database password you specified in db-passwords-secret.

How to delete the resources you created

To shut down the resources you created and stop paying for them:

  1. Delete the Yandex Cloud Postbox address and the associated DNS record because they will not be deleted after you delete the application.

  2. Delete all objects from the Object Storage buckets created when installing the application because non-empty buckets cannot be deleted.

  3. Delete WordPress High Availability:

    1. In the management console, select the folder the application is installed in.
    2. In the list of services, select Cloud Apps.
    3. Find WordPress High Availability in the list.
    4. Click next to the app and select Delete.
    5. Confirm the app deletion.

  4. Delete the public DNS zone.

  5. Delete the Yandex Lockbox secrets.

  6. Delete the VPC network and subnets.

Previous
Terraform
Next
Overview