I use this awesome skeleton setup for all my high-paying clients sorry poor people! and also of course on this blog, which I use as a bleeding-edge dev server for my crazy testing. So realize that I'm already past this setup and using it to do cooler stuff. In order for you to use these more advanced ideas, you first need to get up to speed on what I'm doing so you know what I'm talking about. This article tries to help you accomplish that... remains to be seen.
This first article is to give you some ideas and get you thinking and reading before the first article in this series comes out. This series details how to setup, configure, secure, optimize, and manage a website the best possible way I can come up with. It pieces together all the AskApache hacks and tricks and uses methods and ideas discussed all over this blog and all over the net and glues them all together to show you how to have the most optimized, fastest, best website setup I can think of.
Knowing the why and how behind the operation of a Web Server allows us to optimize that operation. For this example we will be creating the website www.askapache.com, which will be running WordPress and php. We will also set up s.askapache.net to serve all of our sites uploads, images, css and javascript files, flash files, etc. with advanced caching and security using Apache Server .htaccess files. So lets get started and take a look at this site structure for a moment.
/web/askapache.com |-- /web/askapache.com/backups/ |-- /web/askapache.com/public_html/ |-- /web/askapache.com/inc/ |-- /web/askapache.com/logs/ |-- /web/askapache.com/static/ |-- /web/askapache.com/tmp/ |-- /web/askapache.com/.htpasswd-basic `-- /web/askapache.com/.htpasswd-digest
/backups/ - For encrypted backups of WordPress database and site files. And any other backups./public_html/ - The document root for www.askapache.com/inc/ - Folder to keep your php include files for extra security and easy management./logs/ - Save your php, apache, and other logs here or create symlinks to them./static/ - The document root for s.askapache.net/tmp/ - Only need this if your host doesn't already have a /tmp folder
Indeed, security is a major part of every step of this setup process, as security concerns are what drives a lot of the motivations I have for coming up with this setup in the first place. We will be doing very simple but very effective site security like the following items, which is a short list compared to everything we will be doing.
My past work for an Internet Service Provider, followed by 4 years of auditing the security of organizations external/internal networks has given me a fresh perspective on website security, and I think it allows me to see what would really be effective at preventing and killing attacks. In fact just last night I was once again doing some research into some off-the-wall security topics, and I discovered a new defense method that I will be writing about very soon. I believe that this new method, could be quickly adopted and implemented by hosting providers and software developers, which would result in us finally taking the Internet back from all those zombies and robots. This method will be discussed in great detail soon, and will be a core part of this site setups security and optimization.
Many of the articles and research on this blog is about improving the speed and efficiency of your website. In fact that is why I am helping develop open-source software to block spammers from WordPress blogs... not because I'm bothered by the spam, but because they make the net slow! So lets look at some of the ideas we'll be implementing.
Many techniques I've been using and tweaking for several years, and recently many of them were included in the high-performance websites list. Of course we will be taking a look at this list in practical terms, meaning almost all of it, the caching, compression, etc., will be automated in keeping with our "comfort" goal, which is to say we want to make the Web Developer and Server Admin's lives as easy and comfy as possible. After all, we do the work right?
Ok it might not be the #1, but surely the top 10.. ;)
I'm very proud of the performance I am able to achieve on this site. Very proud. I started looking for ways to improve the wp-cache and wp-super-cache WordPress plugins, and came up with hacks for both of them.. but they still didn't do what I wanted so I started from scratch and wrote my own caching plugin.
With much more advanced caching options and unquestionably higher performance and lower time usage on the machine. I'm hesitant to release it to the public until I get faded on it.. I just really love it.. it has been running my site for several months now and I keep finding ways to improve it.. Stay tuned.
One feature it has is the ability to allow negotiation of a resource between apache and the client. Think almost transparent mutli-lingual blogs, mutliple formats per document (look at the rdf for this page for an example*). But that plugin is the future and this is the present.. so back to it we go.
The 57 HTTP Status Codes and Apache ErrorDocuments article is a prime example. I was simply searching for an authoritative list of HTTP status codes, an issue not many web people find worth their time, and that search led to some of the most useful stuff I've found about the Web
This "Comfort" article will include multi-language, intelligent, and optimized error documents for handling any type of HTTP error with class and allow us to stop spammers, save bandwidth, redirect correctly, etc.. You will probably be surprised at all the uses an Apache ErrorDocument can have.. It IS one of the foundations of the HTTP-based Net after all.
The whole setup is geared to make hassle-free WordPress/PHP/application upgrades possible by keeping different types of files in separate places, keeping backups, other misc tricks and since all of these files are in /web/askapache.com, your FTP connection can still access every file easily. Sometimes security and optimizing your server can lead to it being more of a pain to do updates, backups, and general maintenance. This article tries to overwhelm the balance with a trifecta of goals.
Comfort to me also means being able to pack up the whole website and database and move to another web host in under an hour. I can move the whole AskApache site to one of several other hosting providers accounts I have in about 30minutes. If this was a clients site or I was getting paid more, I'd also be focused on round-robin DNS technology, balance-load setups, and just go crazy making it fast.
Ever since I started sharing information and software to stop all these resource hogging zombies attacking everything I've been attacked several times. Normally I get over 10K exploit attempts or requests per day, which I pretty much block 100%. But a few times they've actually tried to DDOS me off the net in a distributed attack. I have implemented several "poor mans" techniques to put up your best effort at surviving, which I did. Basically you want to configure your server to KILL connections just as fast as possible and prevent your server resources from skyrocketing and surpassing your quotas. A skilled attacker could easily shut you down even without the use of a widespread botnet if they are clever, which could be devastating to your small blog or site if it goes down at a crucial instant.
I used to work with a guy who did alot of the coldfusion programming for us, and I used to cringe every time I was called in to upgrade a site or do a re-design. Files and folders EVERYWHERE! Literally images in every folder, multiple index.html, index1.html, index-old.html, and on and on it went.. It would take me hours just to reverse-engineer the site enough so I could modify files on it without having some unkown consequence happen.
Everyone has this problem, what I do all the time is just grab everything on my desktop and put it in a folder named with the date. Then the process repeats itself and invariably a few months later I'm looking at a cluttered screen again.
This absolutely is the worst thing that can happen to a website, worst for security, comfort for webmaster, and speed. So this setup addresses that issue completely heads on. With all the different pages, tools, and resources available on this blog, I can almost promise you that my site has less files than yours. No small feat to be sure, but worth every second I spent researching how to do it now that its on and popping.
All hosts are different, but any host worth their salt is running some kind of BSD/Linux operating system, and that is good news because those operating systems all use very similarly excellent file/folder structures with huge organization systems. If your web hosting provider is running on a Windows based operating system or other locked/proprietary software than this article is not for you and I would recommend switching hosts to a BSD/Linux open-source operating system.
First you set your website up so it can start serving.
This is a very cool method I've been using more and more frequently because it makes updates, upgrades, and changes so much easier to manage. And segmenting various parts of the site is smart security, and even smarter in the way of speeding up a website and keeping your servers running mean and lean.
/web/askapache.com |-- /web/askapache.com/backups/ |-- /web/askapache.com/public_html/ | |-- /web/askapache.com/public_html/about/ | |-- /web/askapache.com/public_html/admin/ | |-- /web/askapache.com/public_html/cgi-bin/ | |-- /web/askapache.com/public_html/.htaccess | |-- /web/askapache.com/public_html/index.php | `-- /web/askapache.com/public_html/robots.txt |-- /web/askapache.com/inc/ | |-- /web/askapache.com/inc/config.inc.php | `-- /web/askapache.com/inc/settings.inc.php |-- /web/askapache.com/logs/ | |-- /web/askapache.com/logs/access.log | |-- /web/askapache.com/logs/error.log | |-- /web/askapache.com/logs/logins.log | |-- /web/askapache.com/logs/modsec_audit.log | |-- /web/askapache.com/logs/modsec_debug.log | `-- /web/askapache.com/logs/php_error.log |-- /web/askapache.com/static/ | |-- /web/askapache.com/static/css/ | |-- /web/askapache.com/static/flv/ | |-- /web/askapache.com/static/img/ | |-- /web/askapache.com/static/js/ | |-- /web/askapache.com/static/mp3/ | |-- /web/askapache.com/static/pdf/ | |-- /web/askapache.com/static/swf/ | |-- /web/askapache.com/static/.htaccess | |-- /web/askapache.com/static/index.html | `-- /web/askapache.com/static/robots.txt |-- /web/askapache.com/tmp/ |-- /web/askapache.com/.htpasswd-basic `-- /web/askapache.com/.htpasswd-digest
/web/askapache.com |-- /web/askapache.com/backups/ |-- /web/askapache.com/public_html/ | |-- /web/askapache.com/public_html/about/ | | `-- /web/askapache.com/public_html/about/index.html | |-- /web/askapache.com/public_html/admin/ | | |-- /web/askapache.com/public_html/admin/.htaccess | | `-- /web/askapache.com/public_html/admin/index.html | |-- /web/askapache.com/public_html/cgi-bin/ | | |-- /web/askapache.com/public_html/cgi-bin/bin/ | | | |-- /web/askapache.com/public_html/cgi-bin/bin/.htaccess | | | |-- /web/askapache.com/public_html/cgi-bin/bin/php.cgi* | | | |-- /web/askapache.com/public_html/cgi-bin/bin/php.ini | | | |-- /web/askapache.com/public_html/cgi-bin/bin/php4.cgi* | | | `-- /web/askapache.com/public_html/cgi-bin/bin/php5.cgi* | | |-- /web/askapache.com/public_html/cgi-bin/private/ | | | |-- /web/askapache.com/public_html/cgi-bin/private/.htaccess | | | |-- /web/askapache.com/public_html/cgi-bin/private/debug.php | | | `-- /web/askapache.com/public_html/cgi-bin/private/stats.php | | |-- /web/askapache.com/public_html/cgi-bin/.htaccess | | |-- /web/askapache.com/public_html/cgi-bin/login.php | | |-- /web/askapache.com/public_html/cgi-bin/printenv.cgi* | | `-- /web/askapache.com/public_html/cgi-bin/redir.cgi* | |-- /web/askapache.com/public_html/.htaccess | |-- /web/askapache.com/public_html/index.php | `-- /web/askapache.com/public_html/robots.txt |-- /web/askapache.com/inc/ | |-- /web/askapache.com/inc/config.php | `-- /web/askapache.com/inc/functions.php |-- /web/askapache.com/logs/ | |-- /web/askapache.com/logs/access.log | |-- /web/askapache.com/logs/error.log | |-- /web/askapache.com/logs/logins.log | |-- /web/askapache.com/logs/modsec_audit.log | |-- /web/askapache.com/logs/modsec_debug.log | `-- /web/askapache.com/logs/php_error.log |-- /web/askapache.com/static/ | |-- /web/askapache.com/static/css/ | | `-- /web/askapache.com/static/css/apache.css | |-- /web/askapache.com/static/flv/ | | `-- /web/askapache.com/static/flv/apache.flv | |-- /web/askapache.com/static/img/ | | |-- /web/askapache.com/static/img/apache.gif | | |-- /web/askapache.com/static/img/apache.jpg | | `-- /web/askapache.com/static/img/apache.png | |-- /web/askapache.com/static/js/ | | `-- /web/askapache.com/static/js/apache.js | |-- /web/askapache.com/static/mp3/ | | `-- /web/askapache.com/static/mp3/apache.mp3 | |-- /web/askapache.com/static/pdf/ | | `-- /web/askapache.com/static/pdf/apache.pdf | |-- /web/askapache.com/static/swf/ | | `-- /web/askapache.com/static/swf/apache.swf | |-- /web/askapache.com/static/.htaccess | |-- /web/askapache.com/static/index.html | `-- /web/askapache.com/static/robots.txt |-- /web/askapache.com/tmp/ |-- /web/askapache.com/.htpasswd-basic `-- /web/askapache.com/.htpasswd-digest
If you want to make it easier for your customers to shop at your site, check out merchant account services from Network Solutions. Services like these can help bring credibility and security to your online business.
The buzz about apache and open-source is very real, apache is becoming more of a discussed topic as people realize the power and importance of Doing it and Doing it and Doing it well.
- Movable Type Apache Installs made easy, Checking out Apache Web logs, Securing Wordpress with .htaccess, WordPress Permalinks and .htaccess, New search and replace module for apache!, creating an .htaccess template, .htaccess allow directive
Check back in a week for the first article, or better yet subscribe to my rss feed or use the comment form below to get notified.
