SlideShare a Scribd company logo

Ignite - selfhosting WordPress - tips and tricks

E
evilzenscientist

5 minute Ignite presentation on self-hosting WordPress.

TechnologyBusiness
1 of 20
Self-hosting multiple WordPress blogsMy experience, tips and tricks Martin Buckley ezs@evilzenscientist.comtwitter: @ezs
Some history and context First on-line presence way back in 1993 Evolution over 16 years: Static HTML  something a little more automated  blogging Also my extended family are in the UK/NZ – keeping the Grandparents up to date is important.
Technology evolution Way back - ftp upload of html/content to some Unix host Since 2000 – static IP and self hosting 2000 – NetWare (!) + static content 2003 – SLES 8 + Apache + static content 2005 – SLES 9 + Apache + mysql + WordPress 1.5 2009 – virtualised web + mysql on SLES
Why self-hosting I’m a technology geek. Self hosting means live servers, a great sandbox and a real learning environment. (I also run the home infrastructure..) I get ultimate flexibility and control. Hosting elsewhere is cheaper – with the usual issues around security, platform, updates etc
Hosting for friends and family The ultimate scope creep. Started with the ‘family blog’ – added my ‘personal blog’ … … then added various additional blogs for family members; three blogs for friends and my sisters Cub Scout pack. Now over a dozen in total.
Understanding the ‘stack’.. And it all needs testing and patching Gallery2 Themes Plugins – ‘Core’ and ‘Per site’ WordPress Core Database + data Graphics helpers for Gallery2 Apache/PHP/mysql/libs SLES Hardware
Old school patching Check on a semi-regular basis for updates to WordPress (e.g. 1.5  1.6) Download; unpack; test. Check for Linux updates on a regular basis Download; update; test.
Patching today Plugins seem to be updated on an almost daily basis. WordPress at last has a more regular cadence for updates; expect the flurry of point releases after a major rev.
The challenge Each blog is built of a ‘core’ set of plugins – with some specific functionality added on top. There are a couple of hand-coded modifications in place (theme and php-exec plugin) How to keep ‘secure’ and functional – without spending 20 hours a week patching..
Change control is key Discipline keeps things sane. Consistent core blog structure Document changes; test the changes; deploy the changes Have a rollback/backup plan Plan for major, grouped updates My last one was to 2.8.3 Expect the short notice security fixes 2.8.4!
Typical change control matrix
Test, test – test again. Something unexpected will always happen. e.g. libxml2/PHP bug – trac 7771 http://core.trac.wordpress.org/ticket/7771 http://www.evilzenscientist.com/blog/2009/08/05/php-xml-parsing-bug-and-a-workaround/
Backup and recovery Backup is really important. Understand everything that needs to be archived for recovery. Mysql dump; filesystem dump Configuration files from server Documentation
Backup Weekly dump of mysql and configto offline disk. Monthly dump of photos to offline disks. Full archive every quarter. Stored in a fire safe. Looking at going back to tape to make this easier and faster.
Restore Fire/theft/hackers/malware/bad hardware. Something will eat the data. Since 2000 I have rebuilt the web servers over a dozen times – upgrade OS, moving OS, moving hardware, replacing failed hardware, upgrading hardware – all the usual reasons. Practice your data rebuild before the emergency!
Security Having anything internet facing invites intruders. Everything from casual inquiries to more serious hacking and DOS attempts. At some point someone will try and hack/attack you. Be prepared.
Security The basics ,[object Object]
Have an edge firewall and intrusion detection.
Understand your normal traffic patterns in and out
NAT helps a little

Recommended

Security 101
Security 101Security 101
Security 101Michele Butcher-Jones
 
Word press security basics
Word press security basicsWord press security basics
Word press security basicsEast Bay WordPress Meetup
 
WordPress security & performance a beginners guide
WordPress security & performance a beginners guideWordPress security & performance a beginners guide
WordPress security & performance a beginners guideMickey Mellen
 
Managing WordPress
Managing WordPressManaging WordPress
Managing WordPressSteven Watts
 
8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress websiteSiteGround.com
 
WordPress Security Implementation Guideline - Presentation for OWASP Romania ...
WordPress Security Implementation Guideline - Presentation for OWASP Romania ...WordPress Security Implementation Guideline - Presentation for OWASP Romania ...
WordPress Security Implementation Guideline - Presentation for OWASP Romania ...Dan Vasile
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Vasile
 
Dan Catalin Vasile - Hacking the Wordpress Ecosystem
Dan Catalin Vasile - Hacking the Wordpress EcosystemDan Catalin Vasile - Hacking the Wordpress Ecosystem
Dan Catalin Vasile - Hacking the Wordpress EcosystemDan Vasile
 

Recommended

Security 101
Security 101Security 101
Security 101Michele Butcher-Jones
 
Word press security basics
Word press security basicsWord press security basics
Word press security basicsEast Bay WordPress Meetup
 
WordPress security & performance a beginners guide
WordPress security & performance a beginners guideWordPress security & performance a beginners guide
WordPress security & performance a beginners guideMickey Mellen
 
Managing WordPress
Managing WordPressManaging WordPress
Managing WordPressSteven Watts
 
8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress website8 Ways to Hack a WordPress website
8 Ways to Hack a WordPress websiteSiteGround.com
 
WordPress Security Implementation Guideline - Presentation for OWASP Romania ...
WordPress Security Implementation Guideline - Presentation for OWASP Romania ...WordPress Security Implementation Guideline - Presentation for OWASP Romania ...
WordPress Security Implementation Guideline - Presentation for OWASP Romania ...Dan Vasile
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Vasile
 
Dan Catalin Vasile - Hacking the Wordpress Ecosystem
Dan Catalin Vasile - Hacking the Wordpress EcosystemDan Catalin Vasile - Hacking the Wordpress Ecosystem
Dan Catalin Vasile - Hacking the Wordpress EcosystemDan Vasile
 
Locking down word press
Locking down word pressLocking down word press
Locking down word pressZachary Russell
 
WordPress security for everyone
WordPress security for everyoneWordPress security for everyone
WordPress security for everyoneVladimír Smitka
 
Wordpress Security & Hardening Steps
Wordpress Security & Hardening StepsWordpress Security & Hardening Steps
Wordpress Security & Hardening StepsPlasterdog Web Design
 
Securing your WordPress site in 5 easy pieces
Securing your WordPress site in 5 easy piecesSecuring your WordPress site in 5 easy pieces
Securing your WordPress site in 5 easy piecesKevin Koehler
 
WordPress Plugins and Security
WordPress Plugins and SecurityWordPress Plugins and Security
WordPress Plugins and SecurityThink Media Inc.
 
WordPress security 101 - WP Turku Meetup 2.2.2017
WordPress security 101 - WP Turku Meetup 2.2.2017WordPress security 101 - WP Turku Meetup 2.2.2017
WordPress security 101 - WP Turku Meetup 2.2.2017Otto Kekäläinen
 
Technical SEO for WordPress - 2017 edition
Technical SEO for WordPress - 2017 editionTechnical SEO for WordPress - 2017 edition
Technical SEO for WordPress - 2017 editionOtto Kekäläinen
 
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017Otto Kekäläinen
 
Testing and updating WordPress - Advanced techniques for avoiding regressions
Testing and updating WordPress - Advanced techniques for avoiding regressionsTesting and updating WordPress - Advanced techniques for avoiding regressions
Testing and updating WordPress - Advanced techniques for avoiding regressionsOtto Kekäläinen
 
The moment my site got hacked - WordCamp Sofia
The moment my site got hacked - WordCamp SofiaThe moment my site got hacked - WordCamp Sofia
The moment my site got hacked - WordCamp SofiaMarko Heijnen
 
Wordpress best practices
Wordpress best practicesWordpress best practices
Wordpress best practicesAllanki Srinivas
 
Sharedhosting and WordPress
Sharedhosting and WordPressSharedhosting and WordPress
Sharedhosting and WordPressAl Davis
 
Open source technologies in Microsoft cloud
Open source technologies in Microsoft cloudOpen source technologies in Microsoft cloud
Open source technologies in Microsoft cloudAlexey Bokov
 
B wapp – bee bug – installation
B wapp – bee bug – installationB wapp – bee bug – installation
B wapp – bee bug – installationRonan Dunne, CEH, SSCP
 
8 Simple Ways to Hack Your Joomla
8 Simple Ways to Hack Your Joomla8 Simple Ways to Hack Your Joomla
8 Simple Ways to Hack Your JoomlaSiteGround.com
 
WordPress Security - Kulpreet Singh
WordPress Security - Kulpreet SinghWordPress Security - Kulpreet Singh
WordPress Security - Kulpreet Singhguest4fe370
 
Keep Your SIte Secure
Keep Your SIte SecureKeep Your SIte Secure
Keep Your SIte SecureMichele Butcher-Jones
 
Vagrant + Veewee : Barcampboston April 10-2011
Vagrant + Veewee : Barcampboston April 10-2011Vagrant + Veewee : Barcampboston April 10-2011
Vagrant + Veewee : Barcampboston April 10-2011Draco2002
 
Automate IBM Connections Installations and more
Automate IBM Connections Installations and moreAutomate IBM Connections Installations and more
Automate IBM Connections Installations and morepanagenda
 
Find WordPress performance bottlenecks with XDebug PHP profiling
Find WordPress performance bottlenecks with XDebug PHP profilingFind WordPress performance bottlenecks with XDebug PHP profiling
Find WordPress performance bottlenecks with XDebug PHP profilingOtto Kekäläinen
 
Stretching Your Food Dollars
Stretching Your Food DollarsStretching Your Food Dollars
Stretching Your Food DollarsAmerican Debt Counseling Inc
 
Blogspot
BlogspotBlogspot
Blogspotguest79964e
 

More Related Content

What's hot

WordPress security for everyone
WordPress security for everyoneWordPress security for everyone
WordPress security for everyoneVladimír Smitka
 
Wordpress Security & Hardening Steps
Wordpress Security & Hardening StepsWordpress Security & Hardening Steps
Wordpress Security & Hardening StepsPlasterdog Web Design
 
Securing your WordPress site in 5 easy pieces
Securing your WordPress site in 5 easy piecesSecuring your WordPress site in 5 easy pieces
Securing your WordPress site in 5 easy piecesKevin Koehler
 
WordPress Plugins and Security
WordPress Plugins and SecurityWordPress Plugins and Security
WordPress Plugins and SecurityThink Media Inc.
 
WordPress security 101 - WP Turku Meetup 2.2.2017
WordPress security 101 - WP Turku Meetup 2.2.2017WordPress security 101 - WP Turku Meetup 2.2.2017
WordPress security 101 - WP Turku Meetup 2.2.2017Otto Kekäläinen
 
Technical SEO for WordPress - 2017 edition
Technical SEO for WordPress - 2017 editionTechnical SEO for WordPress - 2017 edition
Technical SEO for WordPress - 2017 editionOtto Kekäläinen
 
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017Otto Kekäläinen
 
Testing and updating WordPress - Advanced techniques for avoiding regressions
Testing and updating WordPress - Advanced techniques for avoiding regressionsTesting and updating WordPress - Advanced techniques for avoiding regressions
Testing and updating WordPress - Advanced techniques for avoiding regressionsOtto Kekäläinen
 
The moment my site got hacked - WordCamp Sofia
The moment my site got hacked - WordCamp SofiaThe moment my site got hacked - WordCamp Sofia
The moment my site got hacked - WordCamp SofiaMarko Heijnen
 
Sharedhosting and WordPress
Sharedhosting and WordPressSharedhosting and WordPress
Sharedhosting and WordPressAl Davis
 
Open source technologies in Microsoft cloud
Open source technologies in Microsoft cloudOpen source technologies in Microsoft cloud
Open source technologies in Microsoft cloudAlexey Bokov
 
8 Simple Ways to Hack Your Joomla
8 Simple Ways to Hack Your Joomla8 Simple Ways to Hack Your Joomla
8 Simple Ways to Hack Your JoomlaSiteGround.com
 
WordPress Security - Kulpreet Singh
WordPress Security - Kulpreet SinghWordPress Security - Kulpreet Singh
WordPress Security - Kulpreet Singhguest4fe370
 
Vagrant + Veewee : Barcampboston April 10-2011
Vagrant + Veewee : Barcampboston April 10-2011Vagrant + Veewee : Barcampboston April 10-2011
Vagrant + Veewee : Barcampboston April 10-2011Draco2002
 
Automate IBM Connections Installations and more
Automate IBM Connections Installations and moreAutomate IBM Connections Installations and more
Automate IBM Connections Installations and morepanagenda
 
Find WordPress performance bottlenecks with XDebug PHP profiling
Find WordPress performance bottlenecks with XDebug PHP profilingFind WordPress performance bottlenecks with XDebug PHP profiling
Find WordPress performance bottlenecks with XDebug PHP profilingOtto Kekäläinen
 

What's hot (20)

Locking down word press
Locking down word pressLocking down word press
Locking down word press
 
WordPress security for everyone
WordPress security for everyoneWordPress security for everyone
WordPress security for everyone
 
Wordpress Security & Hardening Steps
Wordpress Security & Hardening StepsWordpress Security & Hardening Steps
Wordpress Security & Hardening Steps
 
Securing your WordPress site in 5 easy pieces
Securing your WordPress site in 5 easy piecesSecuring your WordPress site in 5 easy pieces
Securing your WordPress site in 5 easy pieces
 
WordPress Plugins and Security
WordPress Plugins and SecurityWordPress Plugins and Security
WordPress Plugins and Security
 
WordPress security 101 - WP Turku Meetup 2.2.2017
WordPress security 101 - WP Turku Meetup 2.2.2017WordPress security 101 - WP Turku Meetup 2.2.2017
WordPress security 101 - WP Turku Meetup 2.2.2017
 
Technical SEO for WordPress - 2017 edition
Technical SEO for WordPress - 2017 editionTechnical SEO for WordPress - 2017 edition
Technical SEO for WordPress - 2017 edition
 
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
WordPress security 101 - WP Jyväskylä Meetup 21.3.2017
 
Testing and updating WordPress - Advanced techniques for avoiding regressions
Testing and updating WordPress - Advanced techniques for avoiding regressionsTesting and updating WordPress - Advanced techniques for avoiding regressions
Testing and updating WordPress - Advanced techniques for avoiding regressions
 
The moment my site got hacked - WordCamp Sofia
The moment my site got hacked - WordCamp SofiaThe moment my site got hacked - WordCamp Sofia
The moment my site got hacked - WordCamp Sofia
 
Wordpress best practices
Wordpress best practicesWordpress best practices
Wordpress best practices
 
Sharedhosting and WordPress
Sharedhosting and WordPressSharedhosting and WordPress
Sharedhosting and WordPress
 
Open source technologies in Microsoft cloud
Open source technologies in Microsoft cloudOpen source technologies in Microsoft cloud
Open source technologies in Microsoft cloud
 
B wapp – bee bug – installation
B wapp – bee bug – installationB wapp – bee bug – installation
B wapp – bee bug – installation
 
8 Simple Ways to Hack Your Joomla
8 Simple Ways to Hack Your Joomla8 Simple Ways to Hack Your Joomla
8 Simple Ways to Hack Your Joomla
 
WordPress Security - Kulpreet Singh
WordPress Security - Kulpreet SinghWordPress Security - Kulpreet Singh
WordPress Security - Kulpreet Singh
 
Keep Your SIte Secure
Keep Your SIte SecureKeep Your SIte Secure
Keep Your SIte Secure
 
Vagrant + Veewee : Barcampboston April 10-2011
Vagrant + Veewee : Barcampboston April 10-2011Vagrant + Veewee : Barcampboston April 10-2011
Vagrant + Veewee : Barcampboston April 10-2011
 
Automate IBM Connections Installations and more
Automate IBM Connections Installations and moreAutomate IBM Connections Installations and more
Automate IBM Connections Installations and more
 
Find WordPress performance bottlenecks with XDebug PHP profiling
Find WordPress performance bottlenecks with XDebug PHP profilingFind WordPress performance bottlenecks with XDebug PHP profiling
Find WordPress performance bottlenecks with XDebug PHP profiling
 

Viewers also liked

Email and Social Media 2010
Email and Social Media 2010Email and Social Media 2010
Email and Social Media 2010Steve Kemish
 
Caribbean higher education seen with European eyes
Caribbean higher education seen with European eyesCaribbean higher education seen with European eyes
Caribbean higher education seen with European eyesFabio Nascimbeni
 
Presentazione Touchword
Presentazione TouchwordPresentazione Touchword
Presentazione Touchwordalexrogora
 
Reactions And Mixtures
Reactions And MixturesReactions And Mixtures
Reactions And Mixturesamr hassaan
 
Olaf Janssen on benefits of collaboration between Europeana and archives duri...
Olaf Janssen on benefits of collaboration between Europeana and archives duri...Olaf Janssen on benefits of collaboration between Europeana and archives duri...
Olaf Janssen on benefits of collaboration between Europeana and archives duri...Olaf Janssen
 
Social media observations in Asia
Social media observations in AsiaSocial media observations in Asia
Social media observations in AsiaRobin Low
 
Artistic Hub Overview
Artistic Hub OverviewArtistic Hub Overview
Artistic Hub Overviewmbnxrb
 
高専カンファレンスというエコシステムの一歩先
高専カンファレンスというエコシステムの一歩先高専カンファレンスというエコシステムの一歩先
高専カンファレンスというエコシステムの一歩先Ryoichi SEKIGUCHI
 
Whistler Real Estate Company 2009 Sales Stats Comparison
Whistler Real Estate Company 2009 Sales Stats ComparisonWhistler Real Estate Company 2009 Sales Stats Comparison
Whistler Real Estate Company 2009 Sales Stats Comparisondlinnell
 
TRG Capabilities Statement 2009
TRG Capabilities Statement 2009TRG Capabilities Statement 2009
TRG Capabilities Statement 2009bpolzak
 
Westernciv Danandtom
Westernciv DanandtomWesternciv Danandtom
Westernciv Danandtomguest14803c
 

Viewers also liked (20)

Stretching Your Food Dollars
Stretching Your Food DollarsStretching Your Food Dollars
Stretching Your Food Dollars
 
Blogspot
BlogspotBlogspot
Blogspot
 
Email and Social Media 2010
Email and Social Media 2010Email and Social Media 2010
Email and Social Media 2010
 
Bio Powerpoint
Bio PowerpointBio Powerpoint
Bio Powerpoint
 
Victorian Era
Victorian EraVictorian Era
Victorian Era
 
Caribbean higher education seen with European eyes
Caribbean higher education seen with European eyesCaribbean higher education seen with European eyes
Caribbean higher education seen with European eyes
 
Presentazione Touchword
Presentazione TouchwordPresentazione Touchword
Presentazione Touchword
 
Reactions And Mixtures
Reactions And MixturesReactions And Mixtures
Reactions And Mixtures
 
Olaf Janssen on benefits of collaboration between Europeana and archives duri...
Olaf Janssen on benefits of collaboration between Europeana and archives duri...Olaf Janssen on benefits of collaboration between Europeana and archives duri...
Olaf Janssen on benefits of collaboration between Europeana and archives duri...
 
Social media observations in Asia
Social media observations in AsiaSocial media observations in Asia
Social media observations in Asia
 
Id
IdId
Id
 
Artistic Hub Overview
Artistic Hub OverviewArtistic Hub Overview
Artistic Hub Overview
 
高専カンファレンスというエコシステムの一歩先
高専カンファレンスというエコシステムの一歩先高専カンファレンスというエコシステムの一歩先
高専カンファレンスというエコシステムの一歩先
 
Whistler Real Estate Company 2009 Sales Stats Comparison
Whistler Real Estate Company 2009 Sales Stats ComparisonWhistler Real Estate Company 2009 Sales Stats Comparison
Whistler Real Estate Company 2009 Sales Stats Comparison
 
Id
IdId
Id
 
TRG Capabilities Statement 2009
TRG Capabilities Statement 2009TRG Capabilities Statement 2009
TRG Capabilities Statement 2009
 
Blogspot
BlogspotBlogspot
Blogspot
 
Westernciv Danandtom
Westernciv DanandtomWesternciv Danandtom
Westernciv Danandtom
 
Sepsis Guidelines 2007
Sepsis Guidelines 2007Sepsis Guidelines 2007
Sepsis Guidelines 2007
 
Sesión 1
Sesión 1Sesión 1
Sesión 1
 

Similar to Ignite - selfhosting WordPress - tips and tricks

Neo word press meetup ehermits - how to keep your blog from being hacked 2012
Neo word press meetup ehermits - how to keep your blog from being hacked 2012Neo word press meetup ehermits - how to keep your blog from being hacked 2012
Neo word press meetup ehermits - how to keep your blog from being hacked 2012Brian Layman
 
Migrating to WP Engine
Migrating to WP EngineMigrating to WP Engine
Migrating to WP Enginemesmonde
 
Word Camp Ph 2009 Word Press In The Wild
Word Camp Ph 2009 Word Press In The WildWord Camp Ph 2009 Word Press In The Wild
Word Camp Ph 2009 Word Press In The Wildrebelpixel
 
PHP North-East - Automated Deployment
PHP North-East - Automated DeploymentPHP North-East - Automated Deployment
PHP North-East - Automated DeploymentMichael Peacock
 
Automated Deployment
Automated DeploymentAutomated Deployment
Automated Deploymentphpne
 
Sanjay and Ganesh Work Report 25.06.09
Sanjay and Ganesh Work Report 25.06.09Sanjay and Ganesh Work Report 25.06.09
Sanjay and Ganesh Work Report 25.06.09Ganesh Tamang
 
Presentation_On_25June09
Presentation_On_25June09Presentation_On_25June09
Presentation_On_25June09Sanjay Kumar
 
Introducing WordPress Multitenancy (Wordcamp Vegas/Orlando 2015/WPCampus)
Introducing WordPress Multitenancy (Wordcamp Vegas/Orlando 2015/WPCampus)Introducing WordPress Multitenancy (Wordcamp Vegas/Orlando 2015/WPCampus)
Introducing WordPress Multitenancy (Wordcamp Vegas/Orlando 2015/WPCampus)Cliff Seal
 
Connections install in 45 mins
Connections install in 45 minsConnections install in 45 mins
Connections install in 45 minsSharon James
 
WordCamp Philippines 2009: WordPress In The Wild
WordCamp Philippines 2009: WordPress In The WildWordCamp Philippines 2009: WordPress In The Wild
WordCamp Philippines 2009: WordPress In The Wildrebelpixel
 
WordPress Setup and Security (Please look for the newer version!)
WordPress Setup and Security (Please look for the newer version!)WordPress Setup and Security (Please look for the newer version!)
WordPress Setup and Security (Please look for the newer version!)Michael Carnell
 
Midwest php 2013 deploying php on paas- why & how
Midwest php 2013 deploying php on paas- why & howMidwest php 2013 deploying php on paas- why & how
Midwest php 2013 deploying php on paas- why & howdotCloud
 
Rock Solid WordPress
Rock Solid WordPressRock Solid WordPress
Rock Solid WordPressErik Osterman
 
Simple flexible deployments with openstack ansible
Simple flexible deployments with openstack ansibleSimple flexible deployments with openstack ansible
Simple flexible deployments with openstack ansibleJean-Philippe Evrard
 
Website releases made easy with the PEAR installer, OSCON 2009
Website releases made easy with the PEAR installer, OSCON 2009Website releases made easy with the PEAR installer, OSCON 2009
Website releases made easy with the PEAR installer, OSCON 2009Helgi Þormar Þorbjörnsson
 
Containers for grownups migrating traditional & existing applications[1...
Containers for grownups migrating traditional & existing applications[1...Containers for grownups migrating traditional & existing applications[1...
Containers for grownups migrating traditional & existing applications[1...DevOps.com
 
A Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container PlatformsA Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container PlatformsSalman Baset
 
Security, more important than ever!
Security, more important than ever!Security, more important than ever!
Security, more important than ever!Marko Heijnen
 

Similar to Ignite - selfhosting WordPress - tips and tricks (20)

Neo word press meetup ehermits - how to keep your blog from being hacked 2012
Neo word press meetup ehermits - how to keep your blog from being hacked 2012Neo word press meetup ehermits - how to keep your blog from being hacked 2012
Neo word press meetup ehermits - how to keep your blog from being hacked 2012
 
Migrating to WP Engine
Migrating to WP EngineMigrating to WP Engine
Migrating to WP Engine
 
Word Camp Ph 2009 Word Press In The Wild
Word Camp Ph 2009 Word Press In The WildWord Camp Ph 2009 Word Press In The Wild
Word Camp Ph 2009 Word Press In The Wild
 
PHP North-East - Automated Deployment
PHP North-East - Automated DeploymentPHP North-East - Automated Deployment
PHP North-East - Automated Deployment
 
Automated Deployment
Automated DeploymentAutomated Deployment
Automated Deployment
 
Sanjay and Ganesh Work Report 25.06.09
Sanjay and Ganesh Work Report 25.06.09Sanjay and Ganesh Work Report 25.06.09
Sanjay and Ganesh Work Report 25.06.09
 
Presentation_On_25June09
Presentation_On_25June09Presentation_On_25June09
Presentation_On_25June09
 
Introducing WordPress Multitenancy (Wordcamp Vegas/Orlando 2015/WPCampus)
Introducing WordPress Multitenancy (Wordcamp Vegas/Orlando 2015/WPCampus)Introducing WordPress Multitenancy (Wordcamp Vegas/Orlando 2015/WPCampus)
Introducing WordPress Multitenancy (Wordcamp Vegas/Orlando 2015/WPCampus)
 
Introducing Wordpress Multitenancy
Introducing Wordpress MultitenancyIntroducing Wordpress Multitenancy
Introducing Wordpress Multitenancy
 
Connections install in 45 mins
Connections install in 45 minsConnections install in 45 mins
Connections install in 45 mins
 
WordCamp Philippines 2009: WordPress In The Wild
WordCamp Philippines 2009: WordPress In The WildWordCamp Philippines 2009: WordPress In The Wild
WordCamp Philippines 2009: WordPress In The Wild
 
WordPress Setup and Security (Please look for the newer version!)
WordPress Setup and Security (Please look for the newer version!)WordPress Setup and Security (Please look for the newer version!)
WordPress Setup and Security (Please look for the newer version!)
 
Midwest php 2013 deploying php on paas- why & how
Midwest php 2013 deploying php on paas- why & howMidwest php 2013 deploying php on paas- why & how
Midwest php 2013 deploying php on paas- why & how
 
Rock Solid WordPress
Rock Solid WordPressRock Solid WordPress
Rock Solid WordPress
 
Simple flexible deployments with openstack ansible
Simple flexible deployments with openstack ansibleSimple flexible deployments with openstack ansible
Simple flexible deployments with openstack ansible
 
J+s
J+sJ+s
J+s
 
Website releases made easy with the PEAR installer, OSCON 2009
Website releases made easy with the PEAR installer, OSCON 2009Website releases made easy with the PEAR installer, OSCON 2009
Website releases made easy with the PEAR installer, OSCON 2009
 
Containers for grownups migrating traditional & existing applications[1...
Containers for grownups migrating traditional & existing applications[1...Containers for grownups migrating traditional & existing applications[1...
Containers for grownups migrating traditional & existing applications[1...
 
A Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container PlatformsA Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container Platforms
 
Security, more important than ever!
Security, more important than ever!Security, more important than ever!
Security, more important than ever!
 

Recently uploaded

[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 

Recently uploaded (20)

[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

Ignite - selfhosting WordPress - tips and tricks

  • 1. Self-hosting multiple WordPress blogsMy experience, tips and tricks Martin Buckley ezs@evilzenscientist.comtwitter: @ezs
  • 2. Some history and context First on-line presence way back in 1993 Evolution over 16 years: Static HTML  something a little more automated  blogging Also my extended family are in the UK/NZ – keeping the Grandparents up to date is important.
  • 3. Technology evolution Way back - ftp upload of html/content to some Unix host Since 2000 – static IP and self hosting 2000 – NetWare (!) + static content 2003 – SLES 8 + Apache + static content 2005 – SLES 9 + Apache + mysql + WordPress 1.5 2009 – virtualised web + mysql on SLES
  • 4. Why self-hosting I’m a technology geek. Self hosting means live servers, a great sandbox and a real learning environment. (I also run the home infrastructure..) I get ultimate flexibility and control. Hosting elsewhere is cheaper – with the usual issues around security, platform, updates etc
  • 5. Hosting for friends and family The ultimate scope creep. Started with the ‘family blog’ – added my ‘personal blog’ … … then added various additional blogs for family members; three blogs for friends and my sisters Cub Scout pack. Now over a dozen in total.
  • 6. Understanding the ‘stack’.. And it all needs testing and patching Gallery2 Themes Plugins – ‘Core’ and ‘Per site’ WordPress Core Database + data Graphics helpers for Gallery2 Apache/PHP/mysql/libs SLES Hardware
  • 7. Old school patching Check on a semi-regular basis for updates to WordPress (e.g. 1.5  1.6) Download; unpack; test. Check for Linux updates on a regular basis Download; update; test.
  • 8. Patching today Plugins seem to be updated on an almost daily basis. WordPress at last has a more regular cadence for updates; expect the flurry of point releases after a major rev.
  • 9. The challenge Each blog is built of a ‘core’ set of plugins – with some specific functionality added on top. There are a couple of hand-coded modifications in place (theme and php-exec plugin) How to keep ‘secure’ and functional – without spending 20 hours a week patching..
  • 10. Change control is key Discipline keeps things sane. Consistent core blog structure Document changes; test the changes; deploy the changes Have a rollback/backup plan Plan for major, grouped updates My last one was to 2.8.3 Expect the short notice security fixes 2.8.4!
  • 12. Test, test – test again. Something unexpected will always happen. e.g. libxml2/PHP bug – trac 7771 http://core.trac.wordpress.org/ticket/7771 http://www.evilzenscientist.com/blog/2009/08/05/php-xml-parsing-bug-and-a-workaround/
  • 13. Backup and recovery Backup is really important. Understand everything that needs to be archived for recovery. Mysql dump; filesystem dump Configuration files from server Documentation
  • 14. Backup Weekly dump of mysql and configto offline disk. Monthly dump of photos to offline disks. Full archive every quarter. Stored in a fire safe. Looking at going back to tape to make this easier and faster.
  • 15. Restore Fire/theft/hackers/malware/bad hardware. Something will eat the data. Since 2000 I have rebuilt the web servers over a dozen times – upgrade OS, moving OS, moving hardware, replacing failed hardware, upgrading hardware – all the usual reasons. Practice your data rebuild before the emergency!
  • 16. Security Having anything internet facing invites intruders. Everything from casual inquiries to more serious hacking and DOS attempts. At some point someone will try and hack/attack you. Be prepared.
  • 17.
  • 18. Have an edge firewall and intrusion detection.
  • 19. Understand your normal traffic patterns in and out
  • 20. NAT helps a little
  • 21.
  • 24. Have good quality passwords
  • 25.
  • 26. Resources Microsoft/Web – WordPress http://www.microsoft.com/web/gallery/WordPress.aspx Microsoft WebsiteSpark http://www.microsoft.com/web/websitespark/ OpenSUSE http://www.opensuse.org/en/ OpenSUSE software search/multi distro http://software.opensuse.org/search