A vibrant ecosystem for quickly building and maintaining dynamic feature-rich websites
- WordPress has popular features
- Issues with WordPress
- Many ways to host WordPress
- wp-cli - a way to keep up
- WordPress.com online
- Scripts to install Docker image on a laptop
- Docker Compose
- Bitnami AMI
- KUSANAGI for AWS
- WordPress on Alibaba Cloud
- AWS EC2 High Availability with Auto-Scaling
- Duplicator plugin
- Salesforce Embedded Chat
The interest in WordPress here is making use of recent (working) scripts and instructions created by various people in the community to easily install and maintain WordPress. See below.
My code for this is at https://github.com/wilsonmar/DevSecOps/tree/master/wordpress
WordPress has popular features
One report states that “As of June 2019, WordPress is used by 60.8% of all the websites whose content management system is known. This is 27.5% of the top 10 million websites.” That makes it (by far) the world’s most popular blogging and content management software platform (among websites which use one).
One reason for its popularity is that WordPress is free and open source software, as are all its components, which consist of a Linux operating system, Apache web server, MySQL database, and PHP language.
- Instead of MySQL, some use MariaDB Galera Server 10.0
- PHP7 requires WordPress 4.4 or higher and compatible plugins
Its low cost of entry has resulted in WordPress being developed by a world-wide community who have contributed over 45,000 themes, plugins, and widgets that enable an unlimited combination of features. Advances in internet technologies are quickly made available in plugins.
Users can easily create and edit static webpages and blog posts using its intuitive editor. Without even thinking about details like browser compatibility or responsiveness, content creators are free to create and format text, images, and layout on every page and post.
- Rich text and HTML editing
- User roles and permissions
- Hundreds of themes, many optimized for mobile users
- wordpress.org/showcase lists thousands of add-ons for ecommerce, SEO, email, spam filtering, analytics and more
- Multi-user and multi-blogging capabilities
- Multilingual support
- SEO optimized
- Plugin architecture and template engine
Wordpress was first released on May 27, 2003 by Matt Mullenwick in San Francisco, California, USA. See Wikipedia.
Matt’s company, Automattic, makes money from providing hosting to enterprises such as the New York Times, CNN, etc. Code created is folded into the open-source repository.
Issues with WordPress
As with anything, WordPress has detractors and competition.
WordPress is comparatively slow because the HTML presented in response to each request is assembled by programs written in the PHP language, which is interpreted (rather than compiled like Java, C, or Go). That’s great for personalizing every interaction with visitors. But addition of plug-ins can slow WordPress down.
Wordpress sites also run in several processes running all the time:
- a SQL database back-end
- a Management server containing WordPress programs responding to requests
This architecture of WordPress can result in developers and users experiencing a “white screen of death” or generic “500 internal server error”. This can be the result of neglecting to replace the default .htaccess file with one for running WordPress.
Many ways to host WordPress
The many options for hosting a WordPress website:
On the cloud:
- WordPress online provides a GUI
Easy local start on your laptop:
- MAMP on your laptop requires configuration
MAMP on your laptop running within Virtualbox
- Run Docker Compose
- Run docker on a laptop
For developers to exercise more control:
Bitnami AWS EC2 AMI on AWS
- VPS (Virtual Private Server) hosts offer tools (e.g. Fantastico) to automatically install WordPress.
- AWS Lightsail to Launch a WordPress Website in Amazon
In a cloud:
- Docker image managed by Kubernetes in AWS, Azure, Google, Alibaba, and other cloud takes considerable work.
- AWS Elastic Beanstalk
- AWS AMI images of EC2 instances using AWS ECS (Elastic Container Service) using a Load Balancer and RDS replicas
- Helm charts using Amazon EKS (Elastic Kubernetes Service)
- AWS AMI images of EC2 instances using AWS Fargate, which takes care of scaling
Click on each option to view more.
wp-cli - a way to keep up
Automation is important not just during installation, but also troubleshooting, maintenance, and update.
Automation such as Noah Hearle’s plugin updater provide an easier way for WordPress administrators to keep up with the rapid pace of update, especially while WordPress migrates to use of React.
Examples of websites hosted on wordpress.com:
PROTIP: Even if you don’t want a WordPress website, register for an account and provide your profile picture. Many other websites obtain your profile picture (gravatar) based on your email.
Scripts to install Docker image on a laptop
Several have written bash/shell scripts to install WordPress locally:
- Install and update WordPress in your own language to web root or a sub directory
- Handles file and directory permissions
- Removes licence.txt and readme.html
- Checks for a working database connection
- Adds a random database prefix
- Generates random username and password for administrators
- Set the maximum upload and post limits
- Creates the .htaccess to allow for URL rewriting, adds browser caching and some basic security measures
- Uninstall functionality
- Besides the setup part, this will install WordPress without requiring WP-Cli
Wordpress: Bash Install Script – Downloads latest WP version, updates wp-config with user supplied DB name, username and password, creates and CHMOD’s uploads dir, copies all the files into the root dir you run the script from, then deletes itself!
wp-installer - Run the ‘wp-prov’ script first to check your installation envirnment is running with the right settings (automagically writes PHP.ini and other settings, installs default configs for WordPress to get up and running). Run ‘wp-install’ to build a new site in way less than 5mins… I average ~2-3min with this script, with all hosts configured and everything uninstallable easily.
TODO: This is under construction (I’m working on it).
In 2019. Using a Docker image managed by Kubernetes is the most modern approach.
If you have Docker installed on your Mac, install WordPress run by triple-clicking this URL and paste it in your Terminal:
sh -c “$(curl -fsSL https://raw.githubusercontent.com/wilsonmar/DevSecOps/master/wordpress/wp-docker.sh)”
The command makes use of the official but still public wordpress Docker image in DockerHub.
Bitnami certifies its images to be secure, up-to-date, and packaged using industry best practices. The company monitors all components and libraries for vulnerabilities, outdated components, and application updates.
View Bitnami’s marketing page:
KUSANAGI for AWS
The KUSANAGI framework is an open source and free “ultrafast” WordPress virtual machine</strong> that it’s developer, Prime Strategy, claims speeds of 3 milliseconds at 1,000 requests per second, which is 10-15x that of standard machines without the page caching that it provides. That’s important for SEO page ranking.
KUSANAGI for AWS is provided AMI or as a business AMI supported by its developer: Prime Strategy – a cloud integrator and managed services provider which began in Tokyo, Japan, but has expanded to a presence in New York, Singapore, and Jakarta. Prime Strategy Co.’s marketing page: https://en.kusanagi.tokyo/about
The caching that it uses means aystem requirements of at least an AWS instance type of t.2medium (minimum 4GB memory). The AMI costs $0.046/hour. There are also charges for EC2 instance usage.
https://www.monsterinsights.com/how-to-add-google-analytics-to-wordpress-without-a-plugin/ MonsterInsights plugin
WordPress on Alibaba Cloud
Just for comparison, Alibaba’s WordPress cloud servers cost $4.6/Month.
CAUTION: Restrictions on foreign trade imposed by China’s government include the need for a China partner to host sites in China.
- Provide Username
- ECS Purchase Wizard, to select the billing and ECS configuration from cloud regions to instance type families.
- Select an ecs.t5-lc1m1.small instance from instance type families as the WordPress instance.
Setting Up a Server Cluster for Enterprise Web Apps April 23, 2018
AWS EC2 High Availability with Auto-Scaling
Running WordPress in the cloud provides options for High-Availability, logging (CloudWatch), backups, CDN (CloudFront), etc:
- Create an AWS root account
Define permissions to create, update, and delete:
- Amazon Route 53 DNS
- EC2 instances
- RDS (Relational Data Store) with read replicas
CloudWatch monitoring logging
- ELB (Elastic Load Balancer)
- CloudFront CDN
Route 53 DNS
Elastic Load balancer (EBS) distribute load among several EC2 instances. in 2-3 separate AZs inside a region Start with EC2 m1.Large instances Combine AWS on-demand and Reserved instances to get more savings
The DB Layer RDS
RDS MySQL supports only Innodb engine A RDS Master and Standby provide HA RDS Read Replicas provide read performance Use HyperDB plugin to use multiple endpoints like RDS master and RDS read replicas DB security groups allow DB access only to WP EC2 instances Periodic dumps, snapshots, point-in-time recovery
Design the Storage Pool layer with HA (ver critical) Minimum 2 EC2 Large instances for Storage Pool Layer for HA and better IO No more than 5 RDS Read Replicas are recommened
Keep Read replicas and RDS Master same EC2 size for better performance
APC or Xcache plugin for PHP opscode caching
CDN for static assets, templates, themes, images W3TotalCache+CloudFront or BatCache + Memchaed for Page caching
Distributed File Storage Pool configured between WordPress Management and Content instances which share the common storage pool for files and plugins
Deployment of files and plugins thru the WP management node
Amazon CloudWatch monitors CPU and Network utilization of setup
Amazon CloudWatch alarms config. with Amazon SNS for email/SMS alerts to SysAdmins.
Custom ops scripts periodically backup files from Storage pool to S3 Configure S3 to remove old backups automatically RDS MySQL configured to take periodic data dumps and DB snapshots RDS layer can be recovered point in time from the backups
Install WP Security plugins
Log files generated have to be rotated.
Once the instance is running, enter the public DNS provided by Amazon into your browser. You will then see the WordPress application.
You can go to ‘/wp-admin/’ from your browser to access the application administration panel. The default server administrator is ‘user’. Please check our documentation at https://docs.bitnami.com/aws/faq/#how-to-find-application-credentials to learn how to get your password. You may change this username and password within the application settings. You can also access your instance via SSH using the username ‘bitnami’ and your Amazon private key. For additional setup instructions and frequently asked questions please go to https://docs.bitnami.com/aws/apps/wordpress/
#!/bin/bash cd public_html/ echo "Comparing both htaccess files..." wget http://aws-default-files.com/cleanhtaccess/cleanwphtaccess if diff .htaccess cleanwphtaccess >/dev/null ; then echo "THIS FILE IS SAFE AND NOT CORRUPTED" else echo "THIS FILE SEEMS TO BE CORRUPTED. RENAMING IT NOW!" && mv .htaccess .htaccess.corrupted fi mv cleanwphtaccess .htaccess
Salesforce Embedded Chat
After configuring it with their AWS account credentials, users can generate audio feeds for their content through the Amazon Polly service (https://aws.amazon.com/polly/).