It’s been 2 years since I started writing the Hosting WordPress Yourself series, and in that time a lot has changed! If you had tried following along with the series recently you will probably have noticed that a few of the steps outlined in the articles no longer worked, or were no longer relevant. A few exciting new technologies and services have also been introduced over the last few years (e.g. PHP 7.1, Let’s Encrypt, HTTP/2) which can improve both the performance and security of your sites. As such, Brad suggested that I update the entire series to reflect what’s changed over the last couple of years.
The existing articles in this series have already been updated with the changes that follow. This article serves as a changelog and documents what’s changed in each article.
Part 1 – Setting Up a Virtual Server
The steps involved with setting up a secure virtual server have mostly remained the same. The only change in this article is that Ubuntu 16.04 is installed, which is the latest LTS release.
Part 2 – Installing Nginx, PHP and MariaDB
A lot has changed in part 2, and I’ll explain each section separately.
Previously, I recommended that you install Nginx with the fastcgi_cache_purge third party module compiled-in. This would allow you to conditionally purge the FastCGI cache whenever your site content changed. However, I’ve since stopped using this module for a few reasons:
- The module hasn’t been updated in over 2 years.
- Updating Nginx to the latest version was often tedious as it involved compiling Nginx from source. The majority of Nginx repos don’t include the fastcgi_cache_purge module and those that do often ship older versions of Nginx.
- It’s difficult to determine which cache keys should be purged when your content changes. If you publish a new post, various other pages need clearing from the cache, such as the blog index and archives. I found it more reliable to clear the entire cache when the site content changed.
I now recommend that you install the latest mainline version of Nginx directly from the community repos, which are updated often and contain the most useful modules pre-compiled.
PHP 7 landed just over 12 months ago and introduced a number of new features, the standout feature being the significant increase in performance. To test the performance gains for myself I decided to run some benchmarks using Blitz. The exact same server was used to perform these tests, the only difference being the
fastcgi_pass directive in Nginx, which I switched between PHP 5.6 and PHP 7.1.
PHP 5.6 was able to handle 525 hits in 60 seconds:
PHP 7.1 managed 2,004 hits in 60 seconds:
That’s almost a 300% increase! If your site has pages that can’t be cached, upgrading to PHP 7+ is a no brainer and can significantly decrease your server load.
I switched from using MySQL to MariaDB a while back and have had no problems in doing so. It’s actually a fork of MySQL and is maintained by the original MySQL authors. I choose MariaDB because it offers more features and speed improvements over MySQL. It’s also a drop in replacement so works just like MySQL with the exact same APIs.
Part 3 – Setting Up Sites
Not a lot has changed in this article. The only difference is the inclusion of IPv6 directives in Nginx.
Part 4 – Server Monitoring and Caching
The section on Opcode caching has been removed because it’s enabled by default in PHP 7. The only other change was touched upon earlier with the removal of the fastcgi_cache_purge module. Due to this I now use the Nginx Cache plugin by Till Krüss, which purges the entire FastCGI cache whenever your content changes.
Part 5 – Cron, Email and Automatic Backups
At the beginning of last year Mandril announced that they were ending their free plan for outgoing email. I’ve since switched to Mailgun, which is a product by Rackspace. I’ve had no issues whatsoever and it’s free for your first 10,000 emails each month.
Part 6 – HTTPS and HTTP/2
The steps in this article have been greatly simplified due to the introduction of Let’s Encrypt. It’s no longer necessary to purchase an SSL certificate and instead I demonstrate how to use the new Certbot client to obtain and automatically renew certificates. I’ve also replaced the steps on enabling SPDY with enabling HTTP/2.
Part 7 – Nginx Security Tweaks, WooCommerce Caching, and Auto Server Updates
Everything in this article is still relevant. The only changes made were how to enable automatic server updates for Ubuntu 16.04.
Part 8 – Complete Nginx Configuration
Nothing in this article has changed. The GitHub repo has continued to be updated over the last couple of years and in my opinion it’s still the best base configuration for hosting WordPress on Nginx.
Although this article is relatively short it’s taken a fair amount of time to update the entire series. I really hope that you’ve found the updates useful and welcome any comments you may have.