Optimal configuration for news website

December 14, 2014 2.2k views

I have an average load news website, on which I get a few thousand hits per day, sometimes at once when specific writers publish. Currently I have a LAMP on a 1GB RAM droplet serving a Wordpress website, which obviously is not enough to handle a lot of requests, and even though I'm using caching but I still get database failures in the peak times

I need to make some decisions which I need experts help with

  1. Should I use Nginx, Apache, or both? And if the later, which configuration?
  2. Which is better, having my LAMP/LNMP stack on a 2GB droplet or separate MySQL on one 1GB droplet and the others on another 1GB?
  3. Currently I'm caching using W3 Total Cache Wordpress plugin. Should I keep it or replace/add to it a memcached? And if the later, should it be on a different droplet?

I noticed a similar question here, but it's not exactly my situation

Thanks in advance

  • There have been quite a few discussions on using a separate server for MySQL. I have been following some of the discussions with interest; only one person so far has asked questions and then reported back after doing it. He noted excellent results. Here is that post:
    Should I put my MySQL database on a separate server?

    just as a side note:
    On one droplet I have that runs a few WordPress sites, MySQL was crashing often until I hardened my WordPress login pages and added some extra security on all Wordpress installs. I think some brute-force attacks were crashing the database(but not crashing Apache).

  • Good insight. I didn't think about bruteforcing login/reg as a cause. I have already added captcha and TFA. Any other thoughts?

  • There is a way to switch your login page from wp-login.php to something different. Just google to find how to do that. I should probably write a short tutorial for it.

    The gist is that you change your wp-login.php to something custom, like alt-login.php, and then block access to wp-login.php with your .htaccess file.

    You could just delete wp-login.php, but it will be re-added on Wordpress updates, so blocking with .htaccess works better for long-term.

    Doing that will reduce brute force attacks to almost 0. At least for now!

1 Answer

Personally, I would use Apache and Nginx as a reverse proxy. I don't get as much traffic as you do but it has been working great for me. Also I have varnish as my cache system.

Checkout this Article/Tutorial. They talk about optimizing a wordpress heavy content site with varnish.

hope this helps

Have another answer? Share your knowledge.