Usually with a budget of 70 to 150 USD per month, you’ll get a decent dedicated server to host a WordPress site with medium traffic. We are discussing unmanaged budget dedicated servers from any reputed web host. With proper optimization of the backend, the server can reliably run without 24×7 monitoring.
You must take regular backups and probably keeping a cheap OpenVZ server as live standby is a good idea since quickly changing the DNS will keep the website online. VPSDime is a good OpenVZ server provider for staging, testing etc. It is a costly option but less costly than adding a managed layer.
What Server Software/Packages We Need
We will need:
---
- Latest Apache2 web server with some modules
- PHP with some module
- Latest MariaDB
- IPTables
- Fail2Ban
- PageSpeed module
- APCu
and some time in hand. We suggest using Apache and PHP from Ondřej’s repository. Avoid installing a lot of server packages on the main server since they will consume resources. Avoid installing a web hosting panel and PHPMyAdmin in case you host a single website or a couple on one server and the server is unmanaged. They will consume resources and will increase security risks.
How to Optimize the Server for WordPress
Install Apache2:
1 2 3 | sudo apt-get update sudo add-apt-repository ppa:ondrej/apache2 sudo apt-get install apache2 |
Usually, you’ll need the below Apache modules (running apache2ctl -M command will list the modules):
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 | core_module so_module watchdog_module http_module log_config_module logio_module version_module unixd_module access_compat_module alias_module auth_basic_module authn_core_module authn_file_module authz_core_module authz_host_module authz_user_module autoindex_module brotli_module deflate_module dir_module env_module expires_module filter_module geoip_module headers_module http2_module mime_module mpm_prefork_module negotiation_module pagespeed_module php7_module (shared) or php8_module reqtimeout_module rewrite_module setenvif_module slotmem_shm_module socache_dbm_module socache_shmcb_module ssl_module status_module unique_id_module |
You need to install PHP to enable some of them. We have a lot of guides on Apache2 on this website (perform a site search with the phrase Apache2). These two guides will help you:
The MPM prefork handles one connection at a time without creating separate threads. Running apache2ctl -V command will list the required info. It is good for non-thread-safe modules like mod_php. There are at least two ways of running PHP, one is by using CGI and the second way is to run PHP as an Apache module (mod_php). We have a guide on optimizing MPM prefork. There is a shell script to check the memory used by Apache2:
1 2 3 | wget http://cloudinservice.com/wp-content/uploads/2011/03/ap.sh.zip unzip ap.sh.zip sh ap.sh |
mpm_prefork cannot be made performant which is the reason people are abandoning it. But for WordPress, it is risky for the plugins to avoid mpm_prefork since it is the PHP code which makes the other modules to safe to use. Even with mpm_prefork, you’ll get PHP warnings from a few plugins. Optimization depends on traffic and plugins.
Next is PHP. Here is our old guide on installation of PHP 7.2. The installation will be similar in all versions of PHP and PHP will not need radical tweaking.
Install and tweak APCu, install iptables and Fail2Ban and Apache PageSpeed.
The final thing is MariaDB. It is a straightforward installation. Here is an example configuration file as GitHub gist.
You can secure the server with FTP software and port knocking. You can install memcached to test the response time. But, APCu will deliver a better result with WP Super Cache.
Required WordPress Plugins
You’ll need certain plugins to support and control the server software. All of them are free:
- APCu Manager
- DecaLog
- IP Geo Block
- MySQL query cache stats
- PageSpeed Module
- Prevent XSS Vulnerability
- WP Super Cache
- WP Fail2Ban Redux
Install tuned:
1 2 3 | sudo apt install tuned tuned-utils tuned-utils-systemtap tuned-adm active sudo tuned-adm profile throughput-performance |
You need to reboot the server. Always remember that any dedicated server takes a long time to reboot than a virtual server. Always check the status of major components after a reboot.
