Question
Steps to take after creating One-Click Install WordPress on Ubuntu 14.04?
I run Savageminds.org, an anthropology blog which gets over 50k page views per month (about 2k per day). I’m thinking of moving it to DigitalOcean and created a copy of my site using the One-Click Install WordPress on Ubuntu 14.04 instructions. I picked the most basic droplet, at $5 a month for 512MB of RAM. Worried that this might not be enough (we run a fair number of plugins) I also enabled swap following the instructions here. I also use Hyper Cache to cache my webpages (along with some other optimization plugins). (And I use updraft plus for backups.)
So, my question is. Will this setup be enough that I can sleep at night knowing my site won’t go down? Do I need to pay for a larger droplet? Or do I need to install additional software to optimize and/or secure my system? This is the first time I’ve tried using a VPS. I’ve used shard hosting for the past decade, so I know my way around wordpress and the command line a bit, but I would appreciate any tips or advice more experienced DigitalOcean users might have.
Thanks.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Want to learn more? Join the DigitalOcean Community!
Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.
After the (hopefully) forced password change I would go and install the tool fail2ban so that brute force password cracking is prevented. Then I would setup basic firewall rules. Good practice seems to be to set all 3 default policies to “drop” and allow explicitly only what you really need. But be careful. this will also affect the console from the website. So you need to allow incoming port 22 (SSH) from your ISP at home. You need incoming and outgoing port 80 (HTTP) and port 443 (HTTPS). You need outgoing port 53 (DNS, tcp and udp). The next thing I would do is to enable SYN_COOKIES and disable the suggested router features via /etc/sysctl.conf.
I keep the system up to date and observe in /var/log whats going on on the system.
In case your website needs more resources you can upgrade to a more expensive plan via the Digital Ocean website with only little downtime.
Good Luck!
Running a full LAMP stack like the one on the Wordpress one-click on a 512MB droplet is possible as you have seen but it really is the bare minimum to keep the MySQL service running. Adding the swap file makes a huge difference and with this it should handle 2k visits per day. I would recommend that you look into using CloudFlare in front of your droplet. Their free plan will act as a reverse proxy between your droplet and your visitors, caching content and reducing the load on your droplet quite a bit, especially in times of high traffic.
There are some steps here that you can take with any new Ubuntu droplet to provide a bit more security. Additionally you can set up fail2ban on your droplet which will help prevent brute force attacks on your server.
Should you see the need to upgrade to a larger droplet plan in the future you can do so from the control panel using the available resize options. The flexible resize option will allow you to upgrade your RAM and CPU and then downgrade again if you no longer need the extra capacity. The permanent resize will resize your RAM, CPU and disk space but is not reversible.
ServerPilot now has a one-click WordPress installer, too, so you can get all of the security, configuration, and management benefits of ServerPilot and still have one-click WordPress hosting.
https://serverpilot.io/blog/2015/07/22/one-click-wordpress-and-automatic-serverpilot-installer.html