When the entire WordPress multisite installation runs off a really tiny server, I have to use pretty much every single tip and trick I know in order to keep it on an acceptable performance level (while being secure).
These are the 4 techniques I used to optimize my WordPress installation.
Caching (WP Supercache)
If there’s anything that I missed out, please let me know and I’ll test it out.
In my attempts to get a valid SSL certificate for this site, I ended up cheating a little and making use of Cloudflare to do the securing for me instead.
Getting it set up was pretty straightforward, though I ran into some issues as I wasn’t familiar with Cloudflare’s infrastructure. I managed to set up a full SSL encryption as shown in the diagram below.
First, point my DNS NS records to Cloudflare, then generate the keypair on Cloudflare, import them into my server then update the Nginx config file to point to those keys. And everything just automagically become secured with TLS just like that. Made a few more optimizations on to minify JS/CSS/HTML as well as enforcing HTTPS for all of my sub-domains. Worked like a freaking charm.
SSL was my main concern when I decided used Cloudflare, but even on the free-tier there is basic protection against DDOS attacks, and my content will be cached closer to any visitors. This provides a nice boost in performance which is noticeable; it also provides a good boost in security, helping my tiny server stay available, just in case.
In the midst of working on this, I ended up optimizing the site at the same time, it should feel a lot more responsive now. In the next post, I’ll write about the tweaks I made to make WordPress run a lot faster.
I’m transitioning to the security industry, since it’s an area that I do not have much experience in, this will be a brand new journey and I would pretty much have to learn everything from the ground up.
Hence, I’ve decided to start a new category for Security and Learning to document all the things that I’m learning along the way.
I’ll also attempt to develop some mini-applications in order to test all the concepts that I’ve learnt. Let’s see how this will go.
Estimated deadline: 31st December 2017. Let’s do this.
I was sick of downloading my shows manually, it actually takes up quite a bit of time especially if you add them up over the years. Before I had my server set up, I was running Deluge with the YaRSS2 plugin which works wonderfully well as long as my computer was turned on. (kind of a power hog)
So… wow, I finally managed to get it all up and running. The amount of effort is way more than I would’ve liked but at least it’s done now. There’s a ton of things I would like to write about, especially the troubleshooting steps I did so that it’ll be easier to migrate this configuration in the future.
First of all, I tried on my own to get the subdomain routing working with jwilder/Nginx-proxy along with MariaDB and official WordPress image.
I ended up not doing the docker-compose method because I was trying to troubleshoot why I wasn’t able to obtain an SSL certificate from Let’s Encrypt. Bad news, SSL still isn’t working yet but while I was debugging it I hit the rate limit for the number of certificates I could request for in an hour/day/week. Hopefully when that’s sorted out this site will have a proper SSL certificate.
I wanted to have the ability to host multiple WordPress sites, for my own testing/development as well as for my freelance work. Instead of running a separate new WordPress installation every time I need a new site, multi-site allows me to run multiple sites off a single installation and manage them through a centralized zone.
There are two ways of running this.
The reason for choosing sub-directory was pretty easy for me.
There is no need for pretty URLs eg. xyz.lordofgeeks.com for the sites I’m hosting
Let’s Encrypt doesn’t offer wildcard certificates where 1 certificate can cover all sub-domains under *.lordofgeeks.com
It makes sense that all of the sites belong to blog.lordofgeeks.com/[name-of-site]
For point 2, starting from 2018 onwards, Let’s Encrypt will offer wildcard certificates. So all my effort for setting all these up will be for nought, but it’s still a good learning experience.
Everything went on fine until I added a new site blog.lordofgeeks.com/dev/ and tried to upload a file that’s >1 megabyte.