Last month, I introduced the easiest way of setting up a WordPress blog on a Ubuntu-Nginx server. LEMPress is a bash script which automatically installs Nginx, PHP, MySQL, Varnish and finally WordPress within under 10 minutes. But LEMPress doesn’t do anything about server security. This post will cover that part and some optimization tips for WordPress.
Although my main goal is a better page speed, I must take care of security before doing anything else. Ubuntu has built-in firewall called iptables. But it needs initial configuration. You can find lots of tutorials related to iptables on Google. I’m not going to bother with it here since I have more user-friendly solution for this.
Following methods work on any server. You don’t need LEMPress on your server to any of following to work.
Server Security & Firewall by Dome9
Dome9 offers excellent security and firewall for any OS. With Dome9, you no longer have to worry about getting hacked. Just set it up and forget it. Although it’s a paid service, it offers free service for small servers, which of course have less functionality than paid plans. But free plan will be enough for most of us. So just register an account at Dome9 and follow their instructions to set it on your server.
What Dome9 does is that it closes all open ports other than port 80 on the server. Port 80 is used by the web server to serve web content. Hackers often target port 22 which is the default port for SHH to hack/ get access to the server. By closing port 22, your server becomes inaccessible. Neither a hacker nor you can get access to your server when port 22 is closed. That protects server from any kind of attack. And when you need access, you can gain it by going to Dome9 control panel.
Further Optimization for WordPress
Since you’re here, you should probably have your first WordPress blog on a highly optimized and solidly protected Ubuntu server. There are few more steps you can take to further enhance your WordPress performance. These are optional but recommended steps. The first step is to install and configure caching Plugin for WordPress.
Use a WordPress Caching Plugin
There are few easy to setup caching plugins for WordPress such as WP Super Cache & Hyper Cache. But I prefer W3 Total Cache since its the most complete caching plugin out there and performs best on VPS when well configured. The only downside with this plugin is that it takes time and testing to get most out of it. If you don’t have any of those or necessary knowledge to setup, you can always hire a freelancer to do it for you on odesk. That will cost you money. Alternatively, you can find some good tutorials on Google. But to get most out of this plugin, you must configure it according to your server specifications.
Use CDN to Serve Images and Static Content
It’s important that you serve images, css files and js files through a CDN service. It improves overall speed of your pages and reduces load on the server. Amazon CloudFront is a good CDN service you can configure with W3 total cache. It’s a very cheap service that only cost pennies per month most of the times.
Or you can install JetPack for WordPress, which offers free CDN for your images with bunch of other cool features. You can even use both JetPack and Amazon CloudFront at the same time to cut the cost on your amazon web services. Configure Amazon CDN settings on W3 Total cache to avoid image serving and activate Photon feature in JetPack. This way, JetPack will serve images and Amazon CloudFront will serve css and js files.