When the entire WordPress multisite installation runs off a really tiny server, I have to use pretty much every single tip and trick I know in order to keep it on an acceptable performance level (while being secure).
These are the 4 techniques I used to optimize my WordPress installation.
If there’s anything that I missed out, please let me know and I’ll test it out.
In my attempts to get a valid SSL certificate for this site, I ended up cheating a little and making use of Cloudflare to do the securing for me instead.
Getting it set up was pretty straightforward, though I ran into some issues as I wasn’t familiar with Cloudflare’s infrastructure. I managed to set up a full SSL encryption as shown in the diagram below.
First, point my DNS NS records to Cloudflare, then generate the keypair on Cloudflare, import them into my server then update the Nginx config file to point to those keys. And everything just automagically become secured with TLS just like that. Made a few more optimizations on to minify JS/CSS/HTML as well as enforcing HTTPS for all of my sub-domains. Worked like a freaking charm.
SSL was my main concern when I decided used Cloudflare, but even on the free-tier there is basic protection against DDOS attacks, and my content will be cached closer to any visitors. This provides a nice boost in performance which is noticeable; it also provides a good boost in security, helping my tiny server stay available, just in case.
In the midst of working on this, I ended up optimizing the site at the same time, it should feel a lot more responsive now. In the next post, I’ll write about the tweaks I made to make WordPress run a lot faster.
I’m transitioning to the security industry, since it’s an area that I do not have much experience in, this will be a brand new journey and I would pretty much have to learn everything from the ground up.
Hence, I’ve decided to start a new category for Security and Learning to document all the things that I’m learning along the way.
I’ll also attempt to develop some mini-applications in order to test all the concepts that I’ve learnt. Let’s see how this will go.
Estimated deadline: 31st December 2017. Let’s do this.