Yesterday I finally did it — I launched my WordPress site from scratch. Not on shared hosting. Not on a free blogging platform. A real WordPress install on AWS Lightsail, connected to my own domain, secured with HTTPS, and ready to publish.
If you’re building a blog for the long game — SEO traffic, affiliate income, AdSense — this is one of the cleanest setups you can pick. It’s beginner-friendly enough that you don’t need a sysadmin background, but it gives you real control over your environment in a way shared hosting doesn’t. Once you own your domain and hosting, you’re not building traffic for someone else’s platform anymore. That shift matters more than it sounds.
This post documents exactly what I did, in the order I did it, including the parts where I got stuck.
What I completed in one day
Before getting into the steps, here’s a quick summary of what the full setup covers:
- Bought a domain via Namecheap
- Hosted WordPress on AWS Lightsail (Bitnami blueprint)
- Assigned a Static IP to the instance
- Connected root domain and www via DNS A records
- Enabled SSL (HTTPS) using Let’s Encrypt
- Fixed WordPress URL settings (WP_HOME / WP_SITEURL)
- Completed post-install WordPress setup for SEO
If you’re doing this yourself, here’s a checklist you can copy:
- Buy a domain (Namecheap or similar)
- Create WordPress instance on AWS Lightsail
- Assign a Static IP
- Add DNS A Records (@ and www)
- Enable SSL / HTTPS via Let’s Encrypt
- Fix WordPress URLs (WP_HOME / WP_SITEURL)
- Set permalinks to “Post name”
- Create legal pages (Privacy Policy, Disclaimer, Terms, Contact)
- Connect Google Search Console
- Publish your first post
Step 1: Buy your domain (Namecheap)
I started with the domain because DNS propagation takes time — sometimes minutes, sometimes a few hours. Buying it first and letting it propagate while you set up hosting saves frustration later.
I went with Namecheap. The interface is clean, the DNS management is straightforward, and the pricing is reasonable. It’s where I’d point a beginner every time. The A record setup is simple enough that you won’t need to look up a tutorial just to point your domain somewhere.
One thing worth thinking about before you buy: pick a name you’ll still want 12 months from now. Domain regret is real. Changing your site name after publishing content is painful for SEO.
Step 2: Host WordPress on AWS Lightsail (Bitnami)
Next, I set up hosting using AWS Lightsail. Instead of installing WordPress manually — configuring a web server, setting up a database, all of that — I selected the WordPress (Bitnami) blueprint in Lightsail, which gives you a pre-configured WordPress environment that’s ready to use in a few minutes.
Lightsail sits in a useful middle ground. It’s more reliable and faster than cheap shared hosting, which tends to be the first thing that kills a new blog’s performance. But it’s not as complex as setting up a full EC2 instance with manual configuration. For a blog, it’s the right tradeoff: predictable monthly cost, solid performance, and full control over the environment without needing to manage everything from scratch.
The plan I started with is their lowest tier — more than enough for a new site with no traffic yet. You can always scale up later if you need to.
Step 3: Assign a Static IP (don’t skip this)
This step is easy to overlook, and it’s caused problems for people who skip it.
When Lightsail creates a new instance, it assigns a public IP address. The problem is that IP address can change — for example, if you stop and restart the instance. If the IP changes and your DNS records still point to the old one, your site goes offline until you update them manually.
The fix is to create a Static IP in Lightsail and attach it to your instance. This takes about two minutes and makes the IP permanent. Your domain then points to an address that never changes, and you don’t have to worry about it again.
Step 4: Connect Namecheap to Lightsail (DNS setup)
With the Static IP in hand, I went into Namecheap’s DNS settings and added two A records:
- A Record — Host:
@→ Value:[Your Lightsail Static IP] - A Record — Host:
www→ Value:[Your Lightsail Static IP]
The @ record covers your root domain (e.g., toolflowlab.com). The www record covers www.toolflowlab.com.
Both need to work — people type both versions, and if only one resolves, you’ll lose visitors and create potential SEO issues if Google treats them as separate URLs.
DNS changes usually propagate within 10–30 minutes, though it can occasionally take longer. You can check propagation status at whatsmydns.net if you want to verify before moving on.
Step 5: Enable SSL (fix the HTTPS warning)
Before setting up SSL, opening my site in a browser showed this:
“Your connection is not private” — ERR_CERT_AUTHORITY_INVALID
This happens because HTTPS isn’t configured yet. It’s not a sign something went wrong — it’s just a step you have to complete.
Since I was using the Bitnami WordPress blueprint, Let’s Encrypt is the built-in way to enable SSL. Bitnami includes a helper script that handles the certificate installation automatically. After running it with my domain, the browser warning disappeared and the site loaded over HTTPS.
SSL matters beyond just the padlock. Google uses HTTPS as a ranking signal, and many visitors will leave immediately if they see a security warning — especially if they’re considering subscribing or buying anything. It’s not optional.
Step 6: Fix WordPress URLs (WP_HOME / WP_SITEURL)
This caught me off guard. Even after SSL was working correctly in the browser, WordPress was still redirecting some requests over HTTP instead of HTTPS. The fix was in wp-config.php.
The default Bitnami configuration looked like this:
define( 'WP_HOME', 'http://' . $_SERVER['HTTP_HOST'] . '/' );
define( 'WP_SITEURL', 'http://' . $_SERVER['HTTP_HOST'] . '/' );I changed both lines to HTTPS:
define( 'WP_HOME', 'https://' . $_SERVER['HTTP_HOST'] . '/' );
define( 'WP_SITEURL', 'https://' . $_SERVER['HTTP_HOST'] . '/' );That resolved the redirect issue. If you set up SSL and then suddenly can’t log into your WordPress admin, or you’re seeing mixed content warnings, this is the first place to check. It’s a two-character change that fixes the problem most of the time.
Step 7: WordPress post-install setup (SEO foundation)
Once the site was stable and loading correctly over HTTPS, I went through the core setup to make it SEO-ready from day one. Most of this takes less than an hour, but skipping it means fixing things later after content is already published — which is annoying.
Core WordPress settings:
- Set permalinks to “Post name” (Settings → Permalinks) — this is important for SEO-friendly URLs
- Delete the default “Hello World” post and “Sample Page” that WordPress installs automatically
- Clean up the navigation menu so it only shows what you want
- Add footer links: Privacy Policy, Disclaimer, Terms of Service, Contact (required for AdSense approval)
SEO essentials:
- Connect Google Search Console and verify your domain
- Generate and submit a sitemap (most SEO plugins handle this automatically)
- Install a lightweight theme — speed matters more than design at this stage
- Install an SEO plugin (RankMath or Yoast — pick one and configure the basics)
The instinct to focus on design early is understandable, but the sites that grow fastest through SEO usually prioritize speed and structure first. A fast, clean site with clear hierarchy will outperform a beautifully designed slow one almost every time.
What to do next
Now that the site is live and the foundation is set, the next practical steps are:
- Publish supporting content early. Posts that walk through common issues — SSL troubleshooting, Search Console setup, plugin recommendations — help Google understand what the site is about and give readers somewhere to go after the setup guide.
- Keep plugins minimal at the start. The temptation is to install everything that sounds useful. Every plugin adds load time. Start with three: an SEO plugin, a caching plugin, and a security plugin (Wordfence is the standard choice). Add more only when you have a specific reason.
- Set up Google Analytics. You want baseline traffic data from day one so you can see what’s working once you start publishing regularly.
FAQ
Is AWS Lightsail a good choice for a WordPress blog?
Yes, especially for a new blog. Lightsail gives you a managed environment at a predictable low monthly cost — usually starting around $3.50–$5/month depending on your region. It’s significantly faster than entry-level shared hosting, which is important for SEO, and it’s much easier to set up than a full EC2 configuration. For a blog that’s just starting out and expecting to grow gradually, it’s one of the cleanest options available.
Why do I need a Static IP on Lightsail?
Lightsail instances are assigned a dynamic public IP by default. If you stop and restart the instance — which can happen during updates or troubleshooting — that IP can change. If your DNS records point to the old IP, your site goes offline until you update them. A Static IP costs nothing when attached to a running instance and permanently solves this problem.
How long does DNS propagation take after updating Namecheap records?
Usually between 10 minutes and a few hours. In rare cases it can take up to 24–48 hours, depending on TTL settings and DNS cache. You can monitor propagation in real time at whatsmydns.net — it shows which locations around the world have picked up your new records.
Why do I still see an HTTPS warning after enabling SSL?
The three most common causes are: DNS hasn’t fully propagated yet (so the certificate couldn’t be issued for both root and www), SSL was installed for only one version of the domain, or the WordPress URLs in wp-config.php still point to HTTP. Check all three before trying anything else.
Should I use www or non-www for my site?
Either works — what matters is consistency. Pick one, configure it as your canonical URL in your SEO plugin, and make sure both versions redirect to the same place. Google treats www and non-www as separate URLs unless you tell it otherwise, so leaving both active without a canonical redirect can split your SEO signals.
Is WordPress on Lightsail secure?
WordPress itself is secure, but it’s the most-targeted CMS on the internet, which means it attracts a lot of automated bot traffic looking for vulnerabilities. The practical steps: use a strong admin password (not “admin”), keep WordPress and plugins updated, install Wordfence for basic security monitoring, and enable two-factor authentication on your admin account. That covers the majority of real-world risk for a new blog.
What plugins do I actually need at the start?
Three is enough to begin: an SEO plugin (RankMath or Yoast), a caching plugin for performance, and Wordfence for security. Resist adding more until you have a specific problem each one would solve. Plugin bloat is one of the most common reasons new WordPress sites load slowly.
Final thoughts
The setup process looks complicated when you see all the steps listed out, but each one is straightforward if you do them in order. The reason people get stuck is usually that they try to do things out of sequence — enabling SSL before DNS has propagated, or configuring WordPress before the URLs are correct.
Do it in this order — Domain → Lightsail → Static IP → DNS → SSL → WordPress settings — and you’ll end up with a stable, fast, HTTPS-secured site that you fully own. After that, the real work is just publishing consistently and letting time do its job.
Part of the AI Productivity System
Start here → Start Here page
Keep Reading
If you’ve set up your WordPress site and want to keep it running smoothly, these posts cover what comes next:
👉 My Blog Suddenly Went Down — A Real DNS + SSL Failure Story — What happens when your DNS or SSL breaks after setup, and how to fix it fast.
👉 Why Your AI Productivity System Fails After 7 Days — Once your site is live, building a consistent workflow matters more than any tool. Here’s how to make it stick.