21 Apr, 2010 | mayankTopics: Wordpress Tutorials
WordPress has been considered as a memory hog and I can agree to that as I’ve faced the issues in the past as well. If you don’t use plug-ins like WP Super Cache or W3 Total Cache, you’d get an email from your shared hosting provider to upgrade the hosting plan pretty soon. As traffic increases you’d have to change the hosting plan and then the question will arise, to go for managed hosting or unmanaged hosting?
Personally I like things under my control where I can change just about anything as that way I don’t have to depend on anyone and things get done much faster as compared to a situation, where I’d have to call the tech support hoping that the support guy will help me in finishing the task and I’d get less than satisfactory answer. Anyway, to cut the story short, I got an email from my fantastic web hosting company i.e. WPWebHost, however as I was looking for cloud based hosting [I definitely like buzz words], I thought that I would rather go for Rackspace Cloud Servers as I get more control over things. Here are few things that you’d have to keep in mind, if you are interested in going for Cloud Servers -
You do get the complete control of the server but that also means that you have to setup everything from the scratch! You just get a server with a vanilla linux installation and that you’d have to install and configure – web server, database server, take care of the security issues and just about everything that you can imagine! So if you are weak heart then you should not read this guide and instead you should carry on your research for other hosting plans that offer managed servers.
However, More control over server means that you’d be able to have to have a much faster running site and that also means that you will get better rankings in Google!
One of the main purpose for getting the cloud server was that I wanted to run WordPress on Nginx, a much better and light alternative to Apache web server and wanted to play around with HipHop for PHP, pure innovation from Facebook! Here’s what HipHop for PHP is all about [I'm still working on this part and will be sharing my experiences in upcoming posts]-
HipHop transforms your PHP source code into highly optimized C++ and then compiles it with g++ to build binary files. You keep coding in simpler PHP, then HipHop executes your source code in a semantically equivalent manner and sacrifices some rarely used features – such as eval() – in exchange for improved performance.
And now lets find out that how can we setup an optimized web server that would handle lots of traffic with minimum amount of resources that would make your blog load faster as well.
Setting up Linux server from scratch!
Note 1- In this case we are using CentOS 5.3 and all the commands will be mentioned step wise, so you can simply copy and paste them one by one and you should be good to go, I will give explanation of all the steps as we go along -
Note 2 - If you are new to these things, then make sure that you should go through this guide properly and should not skip anything.
1. Setting up basic security
When you get a fresh installed Linux box that you want to use as a web server, it can be vulnerable to various attacks and in order to avoid them we will setup basic security settings that a linux web server should have and for that you should connect to your linux server through SSH [ssh root@YOUR SERVER IP ADDRESS] and then run the following commands -
- passwd [First time you login as Root and we must change the password of the root. Here's a guide for keeping secure password.]
- adduser wordpress
- passwd wordpress
- usermod -a -G wheel wordpress
- visudo [for newbies - vi is a text editor and here are the commands that will help you operate it.]
- Find # %wheel ALL=(ALL) ALL and remove # from it.
These commands will basically setup a new user called “wordpress” in the Wheel group and will ensure that the user will be able to gain the root privileges at required times. If you want to use a different username then simply replace “wordpress” with your desired name.
Now we’d configure SSH to disable the root access and change the port to ensure that no hacker will be able to easily access the server. For that fun the following commands -
- nano /etc/ssh/sshd_config
And you need to ensure that the following settings should be in the whole file. Nano is also a text editor and it displays the most basic and useful commands at the bottom so you won’t need to go through a guide. I definitely like it more than vi. Anyhow, here are the settings that you need to keep in SSH’s configuration file -
- Port 30000 <— change to a port of your choosing
- Protocol 2
- PermitRootLogin no
- X11Forwarding no
- UsePAM no
- UseDNS no
- AllowUsers wordpress <——- of course, this will be the username that you chose in the first steps.
Once we are done with the SSH configuration, we’d make changes in the IP Tables which is like the firewall settings to only allow certain ports that would be open. Run the following commands to ensure that IP Table settings are as per the way we desire -
- iptables -L <—- this will show the current IP Table configuration. Just copy and paste it in a text file.
- iptables -F <– this flushes the existing IP table rules. The following commands set desired new rules.
- iptables -A INPUT -i lo -j ACCEPT
- iptables -A INPUT -i ! lo -d 127.0.0.0/8 -j REJECT
- iptables -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
- iptables -A OUTPUT -j ACCEPT
- iptables -A INPUT -p tcp –dport 80 -j ACCEPT
- iptables -A INPUT -p tcp –dport 443 -j ACCEPT
- iptables -A INPUT -p tcp -m state –state NEW –dport 30000 -j ACCEPT <— this should be the port that you selected in last settings.
- iptables -A INPUT -p icmp -m icmp –icmp-type 8 -j ACCEPT
- iptables -A INPUT -j REJECT
- iptables -A FORWARD -j REJECT
- service iptables save
- /etc/init.d/sshd reload <— this will reload the new settings.
Now open a new tab of Terminal (Mac Users)/Putty (Windows Users) and try to connect to the server using the new settings that we’ve put all this while. If it connects then everything is fine, else go back to the previous tab, flush the settings again and try the above commands again.
- ssh -p 30000 wordpress@Your Server’s IP Address
2. More CentOS configuration and setting development tools
In this section we’d configure CentOS to use external repositories, so that installation of various tools becomes easier and that in case you want to install any software then it should be able to find the dependencies without much issues. One of the most known repository other than default one is RPMFORGE and we need to configure our server for that. Please follow this article to install RPMFORGE. Once we are done with that, we will run the following commands -
- sudo yum update
- sudo yum groupinstall ‘Development Tools’ ‘Development Libraries’
This will update the YUM and will install most of the development tools and its libraries that you’d need in future. I hope that most of you would not find problems till this point of time as these are some simple steps, however things will start getting a little complicated when we’ll start installing Nginx, WordPress, MySQL, caching systems configuring them for optimum results. So gear up for the fun and awesome challenge that we’ll experience in forthcoming posts.