My Ultimate Setup For Secure and High Performance WordPress

Over the years, I have set up a lot of WordPress sites for my self as well as some of my clients. I have a secret source to setup a high performance WordPress on both back and front end.

Other than fast loading, the WordPress site also need to be tough enough to handle traffic spike with minimum server requirements.

In my achievement list, the ultimate setup of the WordPress site must be:

  1. Secure and Spam Free
  2. Fast Loading
  3. Minimum Resource consuming
  4. High Availability
  5. Search Engine Optimized

To meet these goals, you must optimize on both your software and hardware. It might require a little technical knowledge on the server optimization, but why stop yourself from being adventurous and learn it from trial and error?

Step 1: Setup an Amazon AWS Ubuntu Nginx Instance

I will recommend Amazon AWS Ubuntu Nginx instance for the performance. If you are already using other server OS other than Ubuntu Nginx, you can still proceed to read this guide for optimizing WordPress performance.

I have once have my website with 3 – 5 millions pageviews a month on Lunux and Windoes server. Windows server general consume more resources than Linux. I have tried apache on Centos but it create a lot zombies (idle processes) when you get a lot of traffic. I have then adventure to use Nginx on Centos as reverse proxy. Performance dramatically improved but the server still become slow and ends up restart when traffic spike.

Eventually I’ve move to Nginx on Ubuntu. This setup so far has the best performance but you have to sacrifice some graphic user interfaces such as Cpanel and WHM.

Step 2: Install WordPress to your Instance

Installing Wordpres on Nginx can be a little different compared with what you have experienced using GUI such as Cpanel. You need to SSH to your server and type some commands to install WordPress.

Step 3: Optimize your WordPress for better performance

My goals for the optimization are simple: fast loading, secure and Search Engine optimized. You can do it by using some trusted plugins or fine tuning some WordPress settings if you are a technical person.

Step 4: Enable HTTPS and HTTP/2

A lot of people took a step back when it comes to enabling https. Other than the SEO concerns, website with https will load slower than http in general.

But if you have also enabled HTTP/2 with https, the trade-off of the speed will become very little. Follow this guide to enable HTTPS for free.

Step 5: Install Cloudflare

You need Cloudflare to boost your WordPress performance for a few reason:

  • Security – Cloudflare able to blocks most of the bots traffic and attack attempts.
  • Performance – Cloudflare will serve the cached version of your WordPress content to the user without hitting your server.
  • A Free Cloudflare Account would be sufficient to get you all these basic protections and speed optimizations.

However, you need to configure the Cloudflare settings right in order to get the things work. Follow this guide to setup and configure your Cloudflare.

Conclusion

This is my ultimate WordPress setup to fully utilize the server and internet  resources. It covered the security, performance, high availability and scalability. Feel free to give it a try and leave your feedback here.

FacebookTwitterInstagramPinterestLinkedInGoogle+YoutubeRedditDribbbleBehanceGithubCodePenEmailWhatsappEmail
×
facebook
Hit “Like” to follow us and stay tuned for the latest posts