Question

Optimal configuration for news website

Posted December 14, 2014 2.3k views

I have an average load news website, on which I get a few thousand hits per day, sometimes at once when specific writers publish. Currently I have a LAMP on a 1GB RAM droplet serving a Wordpress website, which obviously is not enough to handle a lot of requests, and even though I’m using caching but I still get database failures in the peak times

I need to make some decisions which I need experts help with

  1. Should I use Nginx, Apache, or both? And if the later, which configuration?
  2. Which is better, having my LAMP/LNMP stack on a 2GB droplet or separate MySQL on one 1GB droplet and the others on another 1GB?
  3. Currently I’m caching using W3 Total Cache Wordpress plugin. Should I keep it or replace/add to it a memcached? And if the later, should it be on a different droplet?

I noticed a similar question here, but it’s not exactly my situation

Thanks in advance

3 comments
  • There have been quite a few discussions on using a separate server for MySQL. I have been following some of the discussions with interest; only one person so far has asked questions and then reported back after doing it. He noted excellent results. Here is that post:
    Should I put my MySQL database on a separate server?

    just as a side note:
    On one droplet I have that runs a few WordPress sites, MySQL was crashing often until I hardened my WordPress login pages and added some extra security on all Wordpress installs. I think some brute-force attacks were crashing the database(but not crashing Apache).

  • Good insight. I didn’t think about bruteforcing login/reg as a cause. I have already added captcha and TFA. Any other thoughts?

  • There is a way to switch your login page from wp-login.php to something different. Just google to find how to do that. I should probably write a short tutorial for it.

    The gist is that you change your wp-login.php to something custom, like alt-login.php, and then block access to wp-login.php with your .htaccess file.

    You could just delete wp-login.php, but it will be re-added on Wordpress updates, so blocking with .htaccess works better for long-term.

    Doing that will reduce brute force attacks to almost 0. At least for now!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Personally, I would use Apache and Nginx as a reverse proxy. I don’t get as much traffic as you do but it has been working great for me. Also I have varnish as my cache system.

Checkout this Article/Tutorial. They talk about optimizing a wordpress heavy content site with varnish.

hope this helps

Submit an Answer