Reduce RAM usage for your WordPress websites

I’m using for most of my servers ServerPilot as the server management tool. With ServerPilot your server will be installed an optimized with Nginx and PHP-FPM. This configuration makes your server very fast.

If you host multiple WordPress websites on your VPS you need to check the RAM memory usage frequently. Even if your WP sites doesn’t have a lot of traffic, they might consume a lot of memory. One of the reason might be the dynamic PHP-FPM configuration, which is very good because each site will respond fast even after some time of inactivity. This happens because there is always at least one active task running inside the applications PHP-FPM pool. If your website becomes more active, it’s possible that a websites pool will activate (and keep) more than one tasks. At this moment your low-traffic website might consume more than 250MB of RAM memory! Continue reading Reduce RAM usage for your WordPress websites

Disable Emoji for WordPress

Today I’ve read some article at PostStatus about the Trojan Horse Emoji and I’m still wondering why the Emoji feature becomes a part of the WordPress core. There are so many important features which could improve WordPress, but we got something no one likes :( … Wait, I disabled Emoji for this website and I’m still seeing this new Frownie image???

After the update to WP 4.2, the first thing I have noticed was a long JS/CSS snippet inside the HEAD of my website. Something I don’t like for a feature I didn’t asked for. The old smiley replacement function has got some new images and that is enough for me. So I decided to disable Emoji for this and many other websites I manage. Continue reading Disable Emoji for WordPress

Store your Twitter API results with Memcache

Recently I needed a dynamic cache function for some PHP based, custom website. Most pages are a kind of mash-up with different results and one of them was dynamic Twitter feed that shows the latest tweets for some static “search” value.

Using the PHP library Twitter OAuth by Abraham is it very easy to create a Twitter search or any other Twitter API request. The only preparation you need to do is, create an app in the Twitter developer section. Continue reading Store your Twitter API results with Memcache

Limit brute force attacks for WordPress websites

On of the biggest issues for WordPress attacks are brute force attacks. Even a smaller website might slow down your server if a bot is trying to hack your website or is sniffing for vulnerable files or locations.

By default each page request to a WordPress website will produce several database queries. Also page requests for non-existing pages and files! Continue reading Limit brute force attacks for WordPress websites

Keep your SSH sessions alive

Most Internet service provider will try shutdown active Internet connections after a view minutes to prevent their network from streaming videos or other bandwidth killers. This happens often because of some router setting you can’t change. As a web developer your SSH session (and other active connections) will freeze, if you stop working in the terminal window for just 5 minutes or by getting a fresh cop of coffee.

To get rid of this problem you need to change your SSH config file, enter the following inside to the terminalwindow

sudo nano /etc/ssh/ssh_config

and add this setting to the end of the file

ServerAliveInterval 60

Safe your file and start a new SSH session which will stay active because the client sends every 60 seconds a bit of data to the server.
Check also this article for more information.

Optimize Apache and MySQL for a 256MB VPS

For small websites or not so popular WordPress blogs a small VPS with only 256MB of RAM should be enough. If you’ve followed this guide to install a Ubuntu web server you need to optimize your server a little bit.

Start installing MySQLtuner

Download the Perl script to your (admin) home directory:

wget http://mysqltuner.pl/mysqltuner.pl

Create also a file nano .my.cnf and add this code:

[client]
user=someusername
pass=thatuserspassword

After running MySQLtuner script perl mysqltuner.pl you should get this warning:

Reduce your overall MySQL memory footprint for system stability

To resolve this an other memory related issues we need to optimize the MySQL database settings. Continue reading Optimize Apache and MySQL for a 256MB VPS

SSH Authentication without entering a password

Follow the instructions below to create and install a SSH public key on your remote server. After you followed these steps your able to login via SSH without entering a password. This is extremely useful for backups with rsync or for other automatic tasks you like to execute.

  1. Change to your user’s home directory (local system)
    cd ~
  2. create a pair of private keys
    ssh-keygen -f .ssh_key -t rsa -N ''
  3. *** upload the public key to the remote system using rsync via SSH
    rsync -e ssh ~/.ssh_key.pub user@YourServer:key1.pub
  4. login to your server via SSH using the command line or Putty
    ssh user@YourServer

    (you need to enter your password too)

  5. check if the .ssh directory exists, if not create it
    mkdir .ssh
  6. add the public key to the user authorized key files
    cat key1.pub >> .ssh/authorized_keys
  7. remove the uploaded key from your home directory (remote system)
    rm key1.pub
  8. test your new “private” connection
    rsync -avz -e "ssh -i .ssh_key" "someFolder" user@YourServer

Now you’re able to access the remote system (YourServer) from your local system without using a password. This tutorial is for Linux only.

*** UPDATE: 12th december 2011

If you can’t create a persistent SSH connection to you backup server this way you need a small workaround:

After the creation of your “local” keys you need to download the “authorized_keys” file from the backup server

rsync -e ssh user@YourServer:.ssh/authorized_keys ~/authorized_keys

(check the exact locations first)

Now add your public key to the downloaded file

cat .ssh_key.pub >> authorized_keys

Upload the modified “authorized_keys” file to the backup server

rsync -e ssh ~/authorized_keys user@YourServer:.ssh/authorized_keys

Remove the downloaded file and test you connection like described in step 8.