How to Install WordPress Manually Using cPanel (Step-by-Step Guide 2026)

Want full control over your Install WordPress setup? Installing WordPress manually using cPanel is the most reliable way to get your site up and running — no auto-installer limitations, no guesswork. 

Whether you’re a beginner who wants to learn the ropes or an experienced developer managing multiple sites, this guide from ZenvySEO walks you through every step clearly and simply.

Manual installation gives you control over your database prefix, file permissions, and directory structure from day one — things that matter a lot for security and SEO performance.

What You Need Before You Start

Before diving in, make sure you have the following ready:

• An active web hosting account with cPanel access
• A registered domain name pointed to your hosting
• A computer with internet access
• About 15–20 minutes of your time

Quick Answer: To manually install WordPress via cPanel, you download WordPress from wordpress.org, upload it to your public_html directory, create a MySQL database, configure wp-config.php with your database credentials, and run the installation wizard from your browser.

Manual vs. One-Click WordPress Installation

Feature	Manual Installation	One-Click (Softaculous)
Control over setup	Full control	Limited
Custom database prefix	Yes	Sometimes
Time required	15–20 minutes	2–5 minutes
Learning value	High	Low
Security customization	Yes	Basic
Recommended for	Developers, learners	Beginners in a hurry

Manual installation is slightly more involved but gives you a cleaner, more secure foundation — especially when you customize the database table prefix and file permissions from the start.

---

Step 1: Download WordPress

Start by grabbing the latest version of Install WordPress directly from the official source.

1. Visit wordpress.org/download
2. Click the blue Download WordPress button
3. Save the .zip file to your computer

Always download from wordpress.org. This ensures you get the most up-to-date, malware-free version of the CMS.

Step 2: Upload WordPress to Your Hosting Account via cPanel File Manager

Once you have the Install WordPress zip file, it’s time to upload it to your server.

1. Log in to your cPanel dashboard (usually at yourdomain.com/cpanel)
2. Navigate to the Files section and open File Manager
3. Click on the public_html directory (this is your website’s root folder)
4. Click the Upload button in the toolbar
5. Select the WordPress .zip file you downloaded and wait for the upload to complete
6. Once uploaded, right-click the zip file and select Extract
7. After extraction, you’ll see a folder named wordpress inside public_html
8. Open the wordpress folder, select all files, and move them one level up to public_html
9. Delete the now-empty wordpress folder and the original zip file

Pro tip from ZenvySEO: If you’re install WordPress in a subdirectory (e.g., yourdomain.com/blog), create a new folder inside public_html and move the files there instead.

---

Step 3: Create a MySQL Database and User

WordPress needs a database to store all of your site’s content, settings, and user data. Here’s how to set one up in cPanel:

1. Go back to your cPanel dashboard
2. Scroll to the Databases section and click MySQL Database Wizard
3. Step 1 – Create a Database: Enter a name for your database (e.g., mysite_wp) and click Next Step
4. Step 2 – Create a Database User: Enter a username and a strong password, then click Create User
5. Step 3 – Add User to Database: Check the All Privileges checkbox and click Next Step
6. Note down the following — you’ll need them shortly:
   • Database name
   • Database username
   • Database password
   • Database host (usually localhost)

Security note: Avoid using generic names like admin or wordpress for your database username. A unique name makes it harder for brute-force attacks to succeed.

Step 4: Configure wp-config.php

This is the most important configuration step. The wp-config.php file connects your install WordPress to the database you just created.

1. In File Manager, navigate to your public_html directory
2. Locate the file named wp-config-sample.php
3. Right-click on it and select Rename — change it to wp-config.php
4. Right-click on wp-config.php and select Edit
5. Find and update the following lines with your actual database details:

php

define( ‘DB_NAME’, ‘your_database_name’ );

define( ‘DB_USER’, ‘your_database_username’ );

define( ‘DB_PASSWORD’, ‘your_database_password’ );

define( ‘DB_HOST’, ‘localhost’ );

6. While you’re in the file, also update the $table_prefix value from the default wp_ to something custom like zs7x_. This simple change significantly reduces your exposure to automated SQL injection attacks.
7. Visit api.wordpress.org/secret-key/1.1/salt/ to generate unique security keys and replace the placeholder values in the config file.
8. Click Save Changes and close the editor.

Do not leave any extra spaces before or after your database name, username, or password. Even a single stray space will break the connection.

---

Step 5: Run the WordPress Installation Script

With your files uploaded and database configured, you’re ready to run the famous “Famous 5-Minute Install.”

1. Open your web browser
2. Navigate to your domain: https://yourdomain.com
3. WordPress will detect the setup and redirect you to the installation screen
4. Select your preferred language and click Continue
5. On the next screen, you’ll be prompted to enter your database details — but since you’ve already configured wp-config.php, WordPress should automatically detect them and proceed
6. Click Run the Installation

Step 6: Complete the WordPress Installation

Now you’ll set up your actual install WordPress admin account and site details.

Fill in the following information:

Field	What to Enter
Site Title	Your website’s name
Username	A unique admin username (avoid “admin”)
Password	A strong, unique password
Your Email	A valid admin email address
Search Engine Visibility	Leave unchecked unless site is not ready

Once you’ve filled everything in, click Install WordPress. In a few seconds, you’ll see a success message.

Click Log In and enter your credentials to access your WordPress dashboard for the first time. Welcome to your new site!

---

Step 7: Secure Your WordPress Installation

Don’t skip this step. A fresh install WordPress has several default settings that need to be tightened before you publish anything.

File Permission Settings

Set correct file permissions to prevent unauthorized access:

• Directories: 755
• Files: 644
• wp-config.php: 600 or 640 (most restrictive)
• Never use 777 — this gives full read, write, and execute access to everyone on the server

To change permissions in cPanel’s File Manager, right-click any file or folder and select Change Permissions.

Additional Security Steps

• Install a security plugin such as Wordfence or Solid Security
• Enable two-factor authentication (2FA) on your admin account
• Keep WordPress, themes, and plugins updated at all times
• Delete the default “Hello Dolly” plugin and unused themes
• Change the default login URL (/wp-admin) using a plugin like WPS Hide Login
• Disable the file editor in wp-config.php by adding: define(‘DISALLOW_FILE_EDIT’, true);

---

Quick Recap: The Full Installation Checklist

• Downloaded WordPress from wordpress.org
• Uploaded and extracted files to public_html
• Created MySQL database, user, and assigned all privileges
• Renamed wp-config-sample.php to wp-config.php
• Updated database credentials and table prefix in wp-config.php
• Added unique security keys/salts
• Ran the installation wizard from the browser
• Created admin account with a strong, unique username and password
• Set correct file permissions (755/644/600)
• Installed a security plugin

Conclusion

Manually install WordPress through cPanel is one of the most valuable skills you can develop as a website owner or developer. It gives you a deeper understanding of how WordPress works under the hood, and it sets you up with a much more secure foundation than most automated installers provide.

At ZenvySEO, we always recommend the manual route for clients who want control, transparency, and long-term site health. The extra 10 minutes you invest now can save hours of troubleshooting later.

Once your site is live, your next focus should be on speed optimization, SEO configuration, and setting up automated backups — all of which we cover in detail across our blog.

Frequently Asked Questions (FAQs)

Do I need coding knowledge to install WordPress manually?

No. The process involves basic file management and filling in text fields — no coding required. Following this guide step by step is enough.

What is the wp-config.php file used for?

It stores your database credentials, security keys, and core configuration settings. WordPress reads this file every time your site loads.

Can I install WordPress in a subdirectory instead of the root?

Yes. Create a folder inside public_html (e.g., /blog), upload WordPress files there, and follow the same steps. Your site will be accessible at yourdomain.com/blog.

What’s the difference between DB_HOST values?

In most shared hosting environments, DB_HOST is set to localhost. Your hosting provider will specify a different value only if they use a remote database server.

Why should I change the default wp_ table prefix?

The default prefix is publicly known, making your database tables easier targets for automated SQL injection attacks. A custom prefix like abc7_ adds a simple but effective layer of protection.