diff --git a/templates/WordPress_2_Instances_With_EBS_Volume.template b/templates/WordPress_2_Instances_With_EBS_Volume.template
index e3b3608a20..e408d0132f 100644
--- a/templates/WordPress_2_Instances_With_EBS_Volume.template
+++ b/templates/WordPress_2_Instances_With_EBS_Volume.template
@@ -151,6 +151,10 @@
                           { "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] },
         "InstanceType"   : { "Ref" : "InstanceType" },
         "KeyName"        : { "Ref" : "KeyName" },
+        "SecurityGroups" : [
+          {"Ref" : "AdminAccessSecurityGroup"},
+          {"Ref" : "WebServerSecurityGroup"}
+        ],
         "UserData"       : { "Fn::Base64" : { "Fn::Join" : ["", [
           "#!/bin/bash -v\n",
           "sed --in-place --e s/database_name_here/", { "Ref" : "DBName" }, "/ --e s/username_here/", { "Ref" : "DBUsername" }, "/ --e s/password_here/", { "Ref" : "DBPassword" }, "/ --e s/DB_HOST/", "/ /usr/share/wordpress/wp-config.php\n",
@@ -184,6 +188,10 @@
                           { "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] },
         "InstanceType"   : { "Ref" : "InstanceType" },
         "KeyName"        : { "Ref" : "KeyName" },
+        "SecurityGroups" : [
+          {"Ref" : "AdminAccessSecurityGroup"},
+          {"Ref" : "MySQLSecurityGroup"}
+        ],
         "UserData"       : { "Fn::Base64" : { "Fn::Join" : ["", [
           "#!/bin/bash -v\n",
           "# Wait for the EBS volume to show up\n",
@@ -216,6 +224,37 @@
       }
     },
 
+    "AdminAccessSecurityGroup" : {
+      "Type" : "AWS::EC2::SecurityGroup",
+      "Properties" : {
+        "GroupDescription" : "Enable ICMP and SSH",
+        "SecurityGroupIngress" : [
+          {"IpProtocol" : "icmp", "FromPort" : "-1", "ToPort" : "-1", "CidrIp" : "0.0.0.0/0"},
+          {"IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : "0.0.0.0/0"}
+        ]
+      }
+    },
+
+    "WebServerSecurityGroup" : {
+      "Type" : "AWS::EC2::SecurityGroup",
+      "Properties" : {
+        "GroupDescription" : "Enable HTTP access via port 80",
+        "SecurityGroupIngress" : [
+          {"IpProtocol" : "tcp", "FromPort" : "80", "ToPort" : "80", "CidrIp" : "0.0.0.0/0"}
+        ]
+      }
+    },
+
+    "MySQLSecurityGroup" : {
+      "Type" : "AWS::EC2::SecurityGroup",
+      "Properties" : {
+        "GroupDescription" : "Enable MySQL access via port 3306",
+        "SecurityGroupIngress" : [
+          {"IpProtocol" : "tcp", "FromPort" : "3306", "ToPort" : "3306", "CidrIp" : "0.0.0.0/0"}
+        ]
+      }
+    },
+
     "DataVolume" : {
       "Type" : "AWS::EC2::Volume",
       "Properties" : {