mikelittle.org @mikelittlezed1MIKE LITTLE

VPS hosting for speed and security

mikelittle.org @mikelittlezed1MIKE LITTLE

Mike Little

WordPress specialist

https://mikelittle.org/ @mikelittlezed1

http://mikelittle.me/

mikelittle.org @mikelittlezed1MIKE LITTLE

Intro• Servers

• Application Stack

• Security Pt 1

• Performance

• Security Pt 2

• Other Stuff

mikelittle.org @mikelittlezed1MIKE LITTLE

Technical but not..

mikelittle.org @mikelittlezed1MIKE LITTLE

ServerShared vs Dedicated vs VPS vs Cloud

mikelittle.org @mikelittlezed1MIKE LITTLE

Server

• Shared : - Cheap, low traffic, overloaded

• Dedicated: - Expensive, high traffic, inflexible

• VPS: - Cheap, high traffic, flexible

• Cloud: Cheap/Expensive, ultimate flexibility

mikelittle.org @mikelittlezed1MIKE LITTLE

Server

• Memory

• CPU

• Storage (SSD)

• Bandwidth

• Location, location, location

mikelittle.org @mikelittlezed1MIKE LITTLE

Server• Different eggs in different baskets

• Domain Registration

• DNS Hosting

• Site Hosting

• Email Hosting

• Backup Storage

mikelittle.org @mikelittlezed1MIKE LITTLE

Application StackLinux/CentOS/Ubuntu

LAMP/LEMP/LIMP/LUMP

mikelittle.org @mikelittlezed1MIKE LITTLE

Application Stack

• Linux

• Ubuntu

mikelittle.org @mikelittlezed1MIKE LITTLE

LEMP

• Linux

• NginX (“Engine X”)

• MySQL / MariaDB

• PHP (FPM)

mikelittle.org @mikelittlezed1MIKE LITTLE

Easy Enginehttps://rtcamp.com/easyengine/

mikelittle.org @mikelittlezed1MIKE LITTLE

SecurityOS and server level security

mikelittle.org @mikelittlezed1MIKE LITTLE

Security

• Firewall - Block ports

• Fail2Ban - Ban naughty IPs

• Minimise attack surface

• Monitor and Alert

• Backups - OS and configuration - Offsite

mikelittle.org @mikelittlezed1MIKE LITTLE

Performance

mikelittle.org @mikelittlezed1MIKE LITTLE

Performance

• Lemp Stack

• Caching

• Page caching x 2

• Memory caching

• DB caching

mikelittle.org @mikelittlezed1MIKE LITTLE

Security Part 2

mikelittle.org @mikelittlezed1MIKE LITTLE

Security Part 2

• Strong Passwords

• Up-to-date: WP, plugins, and themes

• Update Notifications

• Limit Login attempts

• WordPress Backup - Plugin or external

mikelittle.org @mikelittlezed1MIKE LITTLE

Manage Remotely

• WPRemote

• ManageWP

• JetPack/WordPress.com

mikelittle.org @mikelittlezed1MIKE LITTLE

Backups

• Full backups

• Automated

• Off-site

• Restorable

mikelittle.org @mikelittlezed1MIKE LITTLE

Security Part 2

• Security plugins - not all are good

• Web Application Firewall

• Extending Fail2Ban

• External WAF

mikelittle.org @mikelittlezed1MIKE LITTLE

Other Stuff…

mikelittle.org @mikelittlezed1MIKE LITTLE

Other Stuff…• Site monitoring

• Email

• Performance testing

• Cron

• Backups

• Control Panel

• sFTP

mikelittle.org @mikelittlezed1MIKE LITTLE

Site Monitoring

• Status Cake

• Uptime Robot

• Pingdom

mikelittle.org @mikelittlezed1MIKE LITTLE

Site Monitoring

mikelittle.org @mikelittlezed1MIKE LITTLE

Site Monitoring - Munin

mikelittle.org @mikelittlezed1MIKE LITTLE

Site Monitoring - Munin

mikelittle.org @mikelittlezed1MIKE LITTLE

Site Monitoring - Munin

mikelittle.org @mikelittlezed1MIKE LITTLE

Email

• External - Use a ‘big’ provider

• SPF - Sender Policy Framework

• DKIM - DomainKeys Identified Mail

• Outgoing only

mikelittle.org @mikelittlezed1MIKE LITTLE

Performance Testing

mikelittle.org @mikelittlezed1MIKE LITTLE

Performance Testing

mikelittle.org @mikelittlezed1MIKE LITTLE

Performance Testing

mikelittle.org @mikelittlezed1MIKE LITTLE

Other Stuff…

• Cron — (not WordPress)

• Backups — (not a plugin)

• sFTP — secure and restricted (chroot)

mikelittle.org @mikelittlezed1MIKE LITTLE

Control Panel

• Not cPanel or Plesk

• Webmin — Open source

mikelittle.org @mikelittlezed1MIKE LITTLE

Links• https://www.vultr.com/

• https://www.digitalocean.com/

• http://www.ubuntu.com/

• https://rtcamp.com/easyengine/

• http://www.fail2ban.org/

• https://sucuri.net/

• https://wpremote.com/

• http://munin-monitoring.org/

• https://www.statuscake.com/

• https://uptimerobot.com/

• http://www.dkim.org/

• https://www.blitz.io/

mikelittle.org @mikelittlezed1MIKE LITTLE

Links • https://wordpress.org/plugins/wp-simple-firewall/

• https://wordpress.org/plugins/limit-login-attempts/

• https://wordpress.org/plugins/backupwordpress/

• http://www.webmin.com/

• https://www.gandi.net/

• https://pointhq.com/

• http://www.rsync.net/

mikelittle.org @mikelittlezed1MIKE LITTLE

Questions?

• Mike Little

• @mikelittlezed1

• https://mikelittle.org

• https://wp-hosting.co.uk