VPS Hosting for Speed and Security
-
Upload
mike-little -
Category
Internet
-
view
840 -
download
0
Transcript of VPS Hosting for Speed and Security
mikelittle.org @mikelittlezed1MIKE LITTLE
VPS hosting for speed and security
mikelittle.org @mikelittlezed1MIKE LITTLE
Mike Little
WordPress specialist
https://mikelittle.org/ @mikelittlezed1
http://mikelittle.me/
mikelittle.org @mikelittlezed1MIKE LITTLE
Intro• Servers
• Application Stack
• Security Pt 1
• Performance
• Security Pt 2
• Other Stuff
mikelittle.org @mikelittlezed1MIKE LITTLE
Technical but not..
mikelittle.org @mikelittlezed1MIKE LITTLE
ServerShared vs Dedicated vs VPS vs Cloud
mikelittle.org @mikelittlezed1MIKE LITTLE
Server
• Shared : - Cheap, low traffic, overloaded
• Dedicated: - Expensive, high traffic, inflexible
• VPS: - Cheap, high traffic, flexible
• Cloud: Cheap/Expensive, ultimate flexibility
mikelittle.org @mikelittlezed1MIKE LITTLE
Server
• Memory
• CPU
• Storage (SSD)
• Bandwidth
• Location, location, location
mikelittle.org @mikelittlezed1MIKE LITTLE
Server• Different eggs in different baskets
• Domain Registration
• DNS Hosting
• Site Hosting
• Email Hosting
• Backup Storage
mikelittle.org @mikelittlezed1MIKE LITTLE
Application StackLinux/CentOS/Ubuntu
LAMP/LEMP/LIMP/LUMP
mikelittle.org @mikelittlezed1MIKE LITTLE
Application Stack
• Linux
• Ubuntu
mikelittle.org @mikelittlezed1MIKE LITTLE
LEMP
• Linux
• NginX (“Engine X”)
• MySQL / MariaDB
• PHP (FPM)
mikelittle.org @mikelittlezed1MIKE LITTLE
Easy Enginehttps://rtcamp.com/easyengine/
mikelittle.org @mikelittlezed1MIKE LITTLE
SecurityOS and server level security
mikelittle.org @mikelittlezed1MIKE LITTLE
Security
• Firewall - Block ports
• Fail2Ban - Ban naughty IPs
• Minimise attack surface
• Monitor and Alert
• Backups - OS and configuration - Offsite
mikelittle.org @mikelittlezed1MIKE LITTLE
Performance
mikelittle.org @mikelittlezed1MIKE LITTLE
Performance
• Lemp Stack
• Caching
• Page caching x 2
• Memory caching
• DB caching
mikelittle.org @mikelittlezed1MIKE LITTLE
Security Part 2
mikelittle.org @mikelittlezed1MIKE LITTLE
Security Part 2
• Strong Passwords
• Up-to-date: WP, plugins, and themes
• Update Notifications
• Limit Login attempts
• WordPress Backup - Plugin or external
mikelittle.org @mikelittlezed1MIKE LITTLE
Manage Remotely
• WPRemote
• ManageWP
• JetPack/WordPress.com
mikelittle.org @mikelittlezed1MIKE LITTLE
Backups
• Full backups
• Automated
• Off-site
• Restorable
mikelittle.org @mikelittlezed1MIKE LITTLE
Security Part 2
• Security plugins - not all are good
• Web Application Firewall
• Extending Fail2Ban
• External WAF
mikelittle.org @mikelittlezed1MIKE LITTLE
Other Stuff…
mikelittle.org @mikelittlezed1MIKE LITTLE
Other Stuff…• Site monitoring
• Performance testing
• Cron
• Backups
• Control Panel
• sFTP
mikelittle.org @mikelittlezed1MIKE LITTLE
Site Monitoring
• Status Cake
• Uptime Robot
• Pingdom
mikelittle.org @mikelittlezed1MIKE LITTLE
Site Monitoring
mikelittle.org @mikelittlezed1MIKE LITTLE
Site Monitoring - Munin
mikelittle.org @mikelittlezed1MIKE LITTLE
Site Monitoring - Munin
mikelittle.org @mikelittlezed1MIKE LITTLE
Site Monitoring - Munin
mikelittle.org @mikelittlezed1MIKE LITTLE
• External - Use a ‘big’ provider
• SPF - Sender Policy Framework
• DKIM - DomainKeys Identified Mail
• Outgoing only
mikelittle.org @mikelittlezed1MIKE LITTLE
Performance Testing
mikelittle.org @mikelittlezed1MIKE LITTLE
Performance Testing
mikelittle.org @mikelittlezed1MIKE LITTLE
Performance Testing
mikelittle.org @mikelittlezed1MIKE LITTLE
Other Stuff…
• Cron — (not WordPress)
• Backups — (not a plugin)
• sFTP — secure and restricted (chroot)
mikelittle.org @mikelittlezed1MIKE LITTLE
Control Panel
• Not cPanel or Plesk
• Webmin — Open source
mikelittle.org @mikelittlezed1MIKE LITTLE
Links• https://www.vultr.com/
• https://www.digitalocean.com/
• http://www.ubuntu.com/
• https://rtcamp.com/easyengine/
• http://www.fail2ban.org/
• https://sucuri.net/
• https://wpremote.com/
• http://munin-monitoring.org/
• https://www.statuscake.com/
• https://uptimerobot.com/
• http://www.dkim.org/
• https://www.blitz.io/
mikelittle.org @mikelittlezed1MIKE LITTLE
Links • https://wordpress.org/plugins/wp-simple-firewall/
• https://wordpress.org/plugins/limit-login-attempts/
• https://wordpress.org/plugins/backupwordpress/
• http://www.webmin.com/
• https://www.gandi.net/
• https://pointhq.com/
• http://www.rsync.net/
mikelittle.org @mikelittlezed1MIKE LITTLE
Questions?
• Mike Little
• @mikelittlezed1
• https://mikelittle.org
• https://wp-hosting.co.uk