Setting up Hostinger goes faster when you take the steps in the right order. Skipping ahead to install WordPress before you have added your domain forces you to redo the install, and skipping SSL configuration means visitors hit a security warning the first time they load the site. This walkthrough lays out the order that avoids those reworks and the configuration choices that matter for performance and security.
What You Need Before You Start
Three things make the setup smooth. A Hostinger plan suited to your site (Premium for a single hobby site, Business for anything that handles real traffic, ecommerce, or needs daily backups and staging). A domain name, either registered through Hostinger or at a separate registrar. A clear answer to whether you are starting fresh or migrating an existing site, because the two paths diverge after Step 2. If you are migrating, the broader Hostinger setup and migration guide covers the four ways to bring an existing site over.
Step 1: Create Your Hostinger Account
Pick your plan on the Hostinger plans page, then pick a term. The intro price applies only to the first term; renewals run 2.5 to 4 times higher depending on plan. A 12-month term is the safest first commitment because it locks in the intro rate without betting four years on a host you have not used yet.
During checkout, decline the recommended domain registration if you already have one or want to keep it at Cloudflare, Porkbun, or Namecheap. Keeping domain and hosting separate makes it easier to change hosts later. Decline the SEO toolkit, the daily backup add-on (Business and Cloud plans include backups), and the privacy registration if your domain already has WHOIS privacy.
Step 2: Add Your Domain in hPanel
Hostinger's control panel is called hPanel, and it replaces cPanel with a custom interface. After checkout you land on the onboarding wizard. Pick "Skip" or "Set up later" if you do not want the wizard's guided WordPress install, since you will get more control by setting things up manually in the next steps.
Go to Domains in the left sidebar and add your domain. If you registered through Hostinger, the domain is already attached. If you registered elsewhere, type it in and hPanel will tell you which DNS step to take next. Do not change nameservers yet; you want SSL and WordPress in place before you flip real traffic. The dedicated how to point a domain to Hostinger guide covers the DNS cut-over once you are ready.
Step 3: Enable Free SSL
Go to SSL in the left sidebar (or the SSL card on the main hPanel dashboard) and click Install or Force HTTPS for your domain. Hostinger uses Let's Encrypt for the free certificate, which auto-renews every 90 days. The certificate provisions once your domain is added, even before DNS points at Hostinger.
Turn on Force HTTPS in the same panel so any HTTP request automatically redirects to HTTPS. This setting is off by default on a fresh account, which causes the "site loads at http but breaks at https" problem that catches a lot of new Hostinger users.
Step 4: Install WordPress
There are four WordPress install paths in hPanel, and the one you should use depends on how much control you want.
- Onboarding wizard: Fastest, 5 to 10 minutes, available on Business and Cloud plans. Walks you through theme selection and AI site generation. Skip if you want a clean WordPress install without preinstalled plugins.
- Auto Installer: Websites > Dashboard > Auto Installer. Select WordPress, fill in site name, admin email, and admin password, and click install. This is the cleanest install: empty site, no preinstalled plugins, full control.
- WordPress option in Websites: Websites > Create or Migrate a Website > Create New > WordPress. Lands you in the same flow as the onboarding wizard.
- Manual: Download WordPress from wordpress.org, upload via SFTP or File Manager, create the database in hPanel, edit wp-config.php. Use this only if you need a non-standard install (multisite, custom directory, custom database prefix).
For most sites, Auto Installer is the right choice. It gives you a clean WordPress install you can customize from scratch.
Step 5: Configure WordPress Basics
Log in to /wp-admin at the URL Auto Installer shows you. Set the timezone, date format, and weekly start day under Settings > General. Set permalinks to "Post name" under Settings > Permalinks; the default is unfriendly for SEO and changing it later breaks all your inbound links. Set the default category, default post format, and discussion settings to match your editorial workflow.
Delete the two default plugins Hostinger ships (Hostinger AI Assistant and the Hello Dolly plugin) unless you actively want them. Delete the default Twenty Twenty-Four theme if you have already installed your own theme. Remove the "Hello world!" sample post and the "Sample Page" page from the trash so they do not get indexed.
Step 6: First-Week Security Checklist
WordPress is secure out of the box but most attacks target lazy defaults. These six changes shut the common doors.
- Use a 16+ character admin password. Store it in a password manager, never email it to yourself.
- Enable two-factor authentication on your Hostinger account under Account > Security. This protects hPanel itself, which controls every site you host there.
- Install Wordfence, Solid Security, or Limit Login Attempts Reloaded to throttle brute force attempts at /wp-admin.
- Change the WordPress admin username from "admin" if Auto Installer let you set it. Default usernames are the first thing brute forcers try.
- Disable XML-RPC unless you actively need it for the Jetpack mobile app. Disabling it cuts off the most common WordPress attack surface.
- Run weekly malware scans through Wordfence or via hPanel's built-in malware scanner under Security > Malware Scanner.
Step 7: Enable LiteSpeed Cache and Object Cache
Hostinger runs LiteSpeed Web Server, which has the fastest WordPress caching available on shared hosting. Install the LiteSpeed Cache plugin from Plugins > Add New, activate it, then go to LiteSpeed Cache > Cache and turn on Enable Cache. Most defaults are correct; you do not need to touch the advanced settings unless you have a specific problem.
Object Cache is a separate setting that caches database queries in memory. Go to LiteSpeed Cache > Cache > Object and toggle Object Cache on. Memcached is the default and is included on every Hostinger plan. This single setting cuts time-to-first-byte (TTFB) by 30 to 50% on most WordPress sites.
Step 8: Set Up Daily Backups
Business and Cloud plans include daily automatic backups, found under Files > Backups in hPanel. Confirm they are enabled and check that the most recent backup completed. Premium plans get weekly backups only, which is too infrequent for active sites; if you are on Premium, install UpdraftPlus and configure daily backups to Google Drive or Dropbox as a free workaround.
Test the restore path now while the site is empty. Restoring from a backup is the worst time to discover the backup did not actually back up your database, so confirm the workflow works before you have real data to lose.
Step 9: Connect Search Console and Analytics
Add your site to Google Search Console and verify ownership through the DNS TXT record method (under hPanel > DNS > Manage). Submit your XML sitemap once WordPress generates one (Yoast SEO or Rank Math do this automatically). Add Google Analytics 4 through a tag manager or directly through your SEO plugin.
Do this on day one even if you are pre-launch. Search Console needs weeks to accumulate signal, and you want that data flowing as soon as the site has real content.
What to Do Next
With the site set up, the next decisions are about content, design, and traffic. If you are pointing a real domain at it, walk through the cut-over steps in the how to point a domain to Hostinger guide so MX records and propagation do not bite you. If you are bringing in content from an old site, the WordPress migration walkthrough covers the four paths from existing host to Hostinger. For the full picture of what Hostinger does well and where it falls short, the Hostinger review is the honest read.
