Add SSL to WordPress

Add SSL to WordPress

I had to add SSL to WordPress recently. I’d tried it before without success, but this time it was surprisingly easy. My downtime was minutes, at most, and I saw a small bump in traffic within days.

My walkthrough assumes you are running WordPress on Linux and you have shell access. It will be different on other setups.

Read more

Finding and blocking an abusive host from your Apache log

Finding and blocking an abusive host from your Apache log

My web site slowed to a crawl last night, my CPU usage soared to 100%, and my built-in security measures weren’t helping. I ended up having to do some old-school Linux sysadmin work to stop them.

I haven’t been an everyday sysadmin since 2009. But every once in a while I can still come off the bench and do this stuff.

Read more

Another easy Apache tweak

I ran my site through Google Page Speed on Tuesday, and scored a surprising 88 out of 100–higher than I expected. Getting above 90 is going to take some optimizations on files that WordPress updates may change, so I’m hesitant to do that, but one thing it told me to do was to cache more aggressively. That’s pretty easy, as it turns out, and I could definitely feel a difference afterward.

Here’s the trick. Read more

Use Apachebench to test your webserver optimizations

If your web server is slow and you want to fix it, it’s nice to be able to quantify what you got. Enter Apachebench, which is part of Apache and probably already on your server. Read more

DROP DATABASE wordpress;

This week, I doubled back down in earnest to get my webserver running on the hardware I bought a year ago.

After  getting Apache, PHP and MySQL installed on the box and playing together nice, I installed WordPress and got it running. Then I tried backing up and restoring files from my existing server, and the server didn’t like that one bit.

Read more

Tag your imported WordPress content with Simple Tags

Unlike many bloggers, I blogged for a decade before moving to WordPress. That meant I had a pile of old posts with no tags on them. One of the nice things about WordPress is that you can use the tags in conjunction with a plugin like Similar Posts to display links to related content at the end of each post. And trust me, when you blog for a decade, a lot of your stuff is related.

It’s also sad how much of that old content becomes obsolete, but the 2% that stands the test of time and continues to get readers year over year is satisfying, too.

Here’s how to tag your old content–wherever it came from–quickly and easily.

Read more

Four simple steps to optimize WordPress

A couple of years ago, I stood up a WordPress server. I made no effort to tune it, let alone turbocharge it, which is a decision I later came to regret. If your site gets more than a few hundred hits per day, you need to tune it. If you want to get more than a few hundred hits per day, you need to tune it because Apache and MySQL’s default settings are by no means one-size-fits-all. And you can never have too much speed. There are two reasons for that: Google favors fast sites over slow sites, and Amazon found that a one-second delay in page load drops traffic by 7 percent.

There’s a lot of advice out there on tuning WordPress, some of which seems to be good, and some of it not so good.

Here are four things that I know work. I run Apache and MySQL under Linux; these tools may run under Windows or OS X too.
Read more

A minor (but vital) Apache performance tweak

My problems seem to have become more rare since I started blocking spambots and tuned PHP and Apache but last night my server ran out of memory again and started timing out.

It turns out I still had a critical problem, but one that’s easy to fix with a relatively simple Perl script.

Read more

Cutting Apache preforks seems to help small web servers

I’ve had a ton of downtime this week (this seems to be the busy time of year for my web server), but I think I traced the problem to a known issue.

Read more

Webserver Wednesday

Yesterday must have been Webserver Wednesdsay, because two things happened. A new version of Apache was released, and a new tool for testing the vulnerability of webservers to denial of service (DoS) was released.

Read more