[lug] web site advice needed

Sean Reifschneider jafo at tummy.com
Tue Sep 10 22:48:04 MDT 2013


On 09/01/2013 08:21 PM, Zan Lynx wrote:
> Well what you can do is use another web server as a proxy. For example, you
> could run the PHP application on an isolated web server behind the firewall

Indeed, you ideally want to run a caching reverse proxy server in front of
WordPress.  This is because once you load PHP and WordPress into an Apache
instance, it can start taking 30+MB per process.  However, serving a static
page can be done with very few resources.

The default Ubuntu Apache configuration is to allow 150 simultaneous
connections.  30MB*150 connection is 4.5GB.  That EC2 Micro instance has
600MB RAM.  Linode with enough RAM to handle 4.5GB of Apache processes is
$160/month.  Etc...

So, yes, splitting up processes is probably worthwhile.  Though they may
not NEED to be separate machines.

Remember, you can't design for average loading, you have to design for PEAK
utilization.

As far as PHP and security...  Pretty much any app is going to have some
security problems.  The issue boils down to: how hard is it to upgrade to
the latest stuff?  I've been running my personal blog on WordPress for a
couple of years, and WordPress *REALLY* has got its shit together in this
regard.  I go to my admin interface, and it tells me there are X upgrades
available.  I click a button or two, and they are applied.

I'd also recommend having WordPress.com host it, or someone who is going to
pay attention to the site.  Because you do need it to do it right.  But I
wouldn't agree that just because it's PHP it is necessarily a security
problem.

Sean


More information about the LUG mailing list