Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Ignite - selfhosting WordPress - tips and tricks

5 minute Ignite presentation on self-hosting WordPress.

  • Login to see the comments

Ignite - selfhosting WordPress - tips and tricks

  1. 1. Self-hosting multiple WordPress blogsMy experience, tips and tricks<br />Martin Buckley<br />ezs@evilzenscientist.comtwitter: @ezs<br />
  2. 2. Some history and context<br />First on-line presence way back in 1993<br />Evolution over 16 years:<br />Static HTML  something a little more automated  blogging<br />Also my extended family are in the UK/NZ – keeping the Grandparents up to date is important.<br />
  3. 3. Technology evolution<br />Way back - ftp upload of html/content to some Unix host<br />Since 2000 – static IP and self hosting<br />2000 – NetWare (!) + static content<br />2003 – SLES 8 + Apache + static content<br />2005 – SLES 9 + Apache + mysql + WordPress 1.5<br />2009 – virtualised web + mysql on SLES<br />
  4. 4. Why self-hosting<br />I’m a technology geek. <br />Self hosting means live servers, a great sandbox and a real learning environment.<br />(I also run the home infrastructure..)<br />I get ultimate flexibility and control.<br />Hosting elsewhere is cheaper – with the usual issues around security, platform, updates etc<br />
  5. 5. Hosting for friends and family<br />The ultimate scope creep.<br />Started with the ‘family blog’ – added my ‘personal blog’ …<br />… then added various additional blogs for family members; three blogs for friends and my sisters Cub Scout pack.<br />Now over a dozen in total.<br />
  6. 6. Understanding the ‘stack’.. And it all needs testing and patching<br />Gallery2<br />Themes<br />Plugins – ‘Core’ and ‘Per site’<br />WordPress Core<br />Database + data<br />Graphics helpers for Gallery2<br />Apache/PHP/mysql/libs<br />SLES<br />Hardware<br />
  7. 7. Old school patching<br />Check on a semi-regular basis for updates to WordPress (e.g. 1.5  1.6)<br />Download; unpack; test.<br />Check for Linux updates on a regular basis<br />Download; update; test.<br />
  8. 8. Patching today<br />Plugins seem to be updated on an almost daily basis.<br />WordPress at last has a more regular cadence for updates; expect the flurry of point releases after a major rev. <br />
  9. 9. The challenge<br />Each blog is built of a ‘core’ set of plugins – with some specific functionality added on top. There are a couple of hand-coded modifications in place (theme and php-exec plugin)<br />How to keep ‘secure’ and functional – without spending 20 hours a week patching..<br />
  10. 10. Change control is key<br />Discipline keeps things sane.<br />Consistent core blog structure<br />Document changes; test the changes; deploy the changes<br />Have a rollback/backup plan<br />Plan for major, grouped updates<br />My last one was to 2.8.3<br />Expect the short notice security fixes<br />2.8.4!<br />
  11. 11. Typical change control matrix<br />
  12. 12. Test, test – test again.<br />Something unexpected will always happen.<br />e.g. libxml2/PHP bug – trac 7771<br /><br /><br />
  13. 13. Backup and recovery<br />Backup is really important.<br />Understand everything that needs to be archived for recovery.<br />Mysql dump; filesystem dump<br />Configuration files from server<br />Documentation<br />
  14. 14. Backup<br />Weekly dump of mysql and configto offline disk.<br />Monthly dump of photos to offline disks.<br />Full archive every quarter.<br />Stored in a fire safe.<br />Looking at going back to tape to make this easier and faster.<br />
  15. 15. Restore<br />Fire/theft/hackers/malware/bad hardware.<br />Something will eat the data.<br />Since 2000 I have rebuilt the web servers over a dozen times – upgrade OS, moving OS, moving hardware, replacing failed hardware, upgrading hardware – all the usual reasons.<br />Practice your data rebuild before the emergency!<br />
  16. 16. Security<br />Having anything internet facing invites intruders. Everything from casual inquiries to more serious hacking and DOS attempts.<br />At some point someone will try and hack/attack you.<br />Be prepared.<br />
  17. 17. Security<br />The basics<br /><ul><li>Keep things up to date!
  18. 18. Have an edge firewall and intrusion detection.
  19. 19. Understand your normal traffic patterns in and out
  20. 20. NAT helps a little
  21. 21. Don’t run your web site on your laptop/games machine/home server</li></li></ul><li>Security<br />The basics<br /><ul><li>Minimise the attack profile – less is better. Turn off/don’t install unwanted modules and features.
  22. 22. Anti-virus for Windows
  23. 23. Host firewall rules
  24. 24. Have good quality passwords
  25. 25. Don’t use root; have separation of priviledges</li></li></ul><li>Summary<br />I love hosting my own WordPress – it’s been a great learning experience.<br />Keep on top of patching and updates!<br />Share your experiences – WordCamp and – the community needs us all<br />Enjoy!<br />
  26. 26. Resources<br />Microsoft/Web – WordPress<br /><br />Microsoft WebsiteSpark<br /><br />OpenSUSE<br /><br />OpenSUSE software search/multi distro<br /><br />