Why I Hosted WordPress on AWS & LEMP

The Purpose of This Project

For every project there is a purpose. In my case, a colleague designed and hosted a site for me that runs the popular WordPress CMS. Due to a change in focus in his business and changing needs of mine, it became prudent to take over hosting and management of my website. While I recognize that there are limitations and caveats with WordPress, as I’m sure can be said of any CMS platform, it works for me and it’s already set up. While I have many grand ideas for my site, right now I don’t have the time or the team to implement them, and frankly they aren’t my highest business priority. So I’ve decided to stick with what already works rather than build something new and move everything into it.

In this article I’ll discuss:

An Introduction

For the last five years or so, I’ve worn my photographer hat almost exclusively. While this artistic profession brings out my humanity, takes me to some super exciting places, and brings me a great deal of joy, information technology was my first profession and is still something near and dear to my heart. Photography feeds my desire to connect with people and explore the world, while IT feeds my desire to save people time and bring order to chaos. I think of engineering and technology as art, and vice versa. One without the other is either too chaotic or too inhuman.

So even though it’s been a long time since I’ve built a server, I find that IT stuff for me is just like riding a bike. While my knowledge may not be as sharp or deep as it was a few years ago, my true skills are finding and implementing solutions that provide maximum benefits for minimum (or at least reasonable) costs. Technology constantly changes and evolves, and I’ve often found that fresh takes often come easier to newcomers than to those who live each day knee-deep in something. So I’ve employed my timeless abilities to sift through Google search results and find the best practices for building what I need.

These Are My Notes…

What follows isn’t so much of my own originality as it is a compilation of what others have already done. In addition, I’ll connect a few additional dots to provide insight into valuable alternatives and to problems I had to solve. I wouldn’t have been able to piece this together so quickly were it not for those generously documenting and publicly sharing what they have already done and why. Thank you!

As to my purpose for writing, these are really my own notes to remember how and why I did things, and I am making them available as a courtesy and starting point for others with similar needs and abilities. Building and operating your own public web server isn’t for everyone, so if you need something that’s critical to your business, please do yourself a favor and hire yourself a professional instead of doing this yourself or getting it for free from family or friends. There are a lot of risks online these days, and it’s fine to play in a sandbox, but it’s a whole other thing to risk your reputation and time by trying to do too much yourself.

Please refer to others’ work as I cite it, because they may explain it better than I do. I make no warranty that what I share will result in a robust or secure or even functional configuration for anyone else, and I can’t promise that it will be without gaps in procedure or knowledge. I can only say that this is for the most part how and why I did it, and that it is working well thus far. I am not a guru, and frankly even people out there who are way better and more experienced at this than me still can’t know everything—so trust those who are honest, humble, and confident at the same time. IT is not a realm where cowboy methodology, priestly dogma, or marketing/political razzle-dazzle result in success.

Business Requirements

To start off on any project, I find it useful to identify all of my business requirements to assure that my solution covers them. Here are mine:

  1. Marketing. I need my website to market my business. My specialty is virtual reality photography, also known as 360-degree or panoramic photography. For this I absolutely require a website to display my work, since that’s the best use of it for my clients. Besides this, I need to build value in my services and expertise by having a flexible place to write about what I do as well. A CMS like WordPress facilitates this very nicely, and the plethora of great plugins out there makes it very easy to further extend its basic functionality for new needs as they arise.
  2. Serve static content. Besides the dynamic content I need to serve on my main website, I also host custom virtual reality tours for myself and my clients. These tours are static in nature (no PHP, ASP, etc.), and they can’t be and don’t need to be managed within the WordPress environment. While these tours can work completely autonomously, they are more likely to be embedded on another web page, usually on a client’s site and in some cases on mine.
  3. Reliability. My most recent web host kept my site up and running well. This was critical because I’m not only providing a face for my business, I’m also providing one for clients as well. While I don’t currently offer SLAs to my clients and don’t currently foresee a need to so, I still want to provide service that is reasonably reliable and stable.
  4. Transport security. My website has always used insecure http. Due to the increase in hacking and surveillance, it’s likely that more of my clients will be moving to https for their websites. If they want to embed my content and it’s still running on http, that’s a risk for them and a hurdle for me in getting or keeping their business.
  5. Loading speed. My site has never really loaded as fast as I’d like. Obviously it contains a lot of high-resolution images, so it’s critical that my transfer speed and caching are optimized to make this as quick and painless for my and my clients’ site visitors. I want my images to be the leadoff star rather than the guy who always bats last in the lineup.
  6. Search engine ranking. Of course I want all of my site to rank as high as possible in searches so I can get more and better quality customers and help my clients to do the same. Again, plugins for WordPress can help make a lot of this way easier, so this is another good reason to stick with what I have. Furthermore, I can get a bump in my search rankings nowadays if I can significantly increase my loading speed.
  7. Multiple websites at a reasonable cost. This isn’t critical, but it would be nice to have the ability to host multiple sites without breaking the bank. Besides my bread and butter business website, I’ve started a travel blog that nicely showcases more of my photography. I hope it will feed me customers or even one day generate revenue of its own, but right now it isn’t getting any useful search traffic. That’s almost certainly because it is currently hosted on Blogger, which is a pretty terrible platform for a respectable site. Also, I’d like the ability to host websites for clients as well.

Which Hosting Service Is Best For Me?

I know not all web hosts are created equal. In the past I’d had incredibly unreliable service that made me climb the walls. Also, I’ve seen how terribly slow things can get when a server or connection is overtaxed. I needed a web host that had a reputation for serving dynamic websites and a high volume of images with speed and reliability. Furthermore, the new hosting service needed to have flexible options for running https, and hopefully could do it on a budget. I didn’t want to commit to something expensive and have it not work out and need to move yet again.

There were basically two types of services that interested me:

  • Shared web hosting, where the company offers space for you to configure your site and they manage most of the technical stuff for you, and
  • Virtual private server hosting, where the company offers you a processor core, a memory allotment, disk space, and usually a set amount of bandwidth, and the you basically build and manage your own server.

Pros & Cons of Shared Web Hosting

There’s a huge upside with shared hosting in that I don’t have to manage anything but the site content. This means I spend less time managing the server and more time running my business. I liked the sound of that, but the downside was that any special server configurations I might need may not happen because I’ll be at the mercy of the web host, who may or may not be willing to offer what I need. That could really kill things and actually set me back further than where I’d already been.

When I investigated this further, I realized that it was unlikely this would work for me. None of the shared hosting providers I found carried a consistent reputation I felt comfortable with, and it looked as if meeting all my requirements would be a bit of a long shot. A host I spent a lot of effort evaluating was Bluehost, which probably would have worked great for me a few years ago. They are recommended by WordPress, but just didn’t quite seem to match up with what I needed.

Pros & Cons of VPS Hosting

This led me to investigate setting up a virtual private server with Amazon Web Services, DigitalOcean, or Linode. The big downside to these services is that it will be a huge undertaking to learn and build everything I need to get up and running. Also, it scared me to death to think about bandwidth costs—I mean, what if something I publish goes viral? Another scary proposition was that I was on the hook for securing my server and dealing with any problems that develop.

On the other hand, I would have ultimate control over every aspect of my server, and I will be able to implement every tweak I can find in order to maximize my service. I can run several low-traffic websites on one server with zero additional cost. It will be fairly easy to scale up to a more robust server as my business grows. And I can readily and easily create a backup image of everything I’ve done and have it on hand in the event of a disaster. It was really hard to pass up the unlimited possibilities.

Which VPS Service Should I Use?

Even though the thought of having to do everything myself scared me more than the shared hosting option, I thought that most risks could be mitigated and that the upside was too huge to ignore. All of the services I checked out seemed comparable in cost and value, but it was Amazon’s Free Tier that got me hooked. I could set up a server and test everything thoroughly in the real world with minimal risk of incurring any costs at all…and when I was good and comfortable, I could go live.

Besides all of this, AWS has a great reputation among my colleagues in the panoramic photography community. Most use their S3 and CloudFront services to host static content (which won’t work for WordPress), but I’ve never heard any complaints about EC2. The speed and reliability along with Amazon’s support capability all sounded like a good fit. Furthermore, I can move to Amazon’s Lightsail service if I need more prepaid bandwidth, or I could even move to a competitor if I so desire now that I know what I need to build and run my own server.

Addressing My Reservations With AWS Free Tier

Now the cool thing with Amazon is that you pay only for what you use…but the bad thing is that you pay for what you use. This got me tied up in knots on bandwidth, because I had no idea how much I used in a given month. On the Free Tier, you get an allowance that makes it possible to run a basic server and some of their main services for an entire year before you get billed per use or pay a lower rate to allocate your use ahead of time. The allowance is really designed for development and testing, but I’ve read that it can be adequate for very small production websites (like mine, I hope). I really wanted to be sure about whether taking advantage of Amazon’s free service would actually be free or not, and I was really concerned about whether the cost would be affordable after the first year.

I eventually came to the conclusion that I just needed to push forward anyway to get this up, and let the cards fall where they will. I contacted Amazon to talk to a sales rep to see if they could answer some questions and put some of my fears to rest, but somehow I slipped through the cracks and never heard back. Eventually a sales rep contacted me on his own, and in our conversation I was lead to believe that they’re very reasonable with their customers. Were it not for Amazon’s reputation as an honest and responsive dealer, I think my paranoia would have persisted. In the end though, I felt I could trust them not to bankrupt me if something seriously beyond my control were to occur (like a DDoS attack *gulp*). Besides this, it is easy to move over into Lightsail where I get pretty much the same service with far higher bandwidth limits and very reasonable costs.

I felt like I could get everything I wanted working with Amazon at a price I was very comfortable with. I would be my own hosting service, and I’d have to brush up on my knowledge, but I was confident I was adequate to the task. When my business grows, I can hire a regular techie to take over.

So You’ve Decided to Build Your Own WordPress Server…

In the past, I’d dabbled with Linux servers when it was necessary (mainly because it was free), but for the most part I’ve been a Microsoft guy, and much more experienced with Windows, IIS, SQL Server, and ASP.NET, than Linux, Apache, MySQL, and PHP. But I knew I didn’t want to be beholden to Microsoft, mainly due to cost, but also due to system overhead.

I felt like a Linux solution was my best bet, and I thought I’d be up for the challenge. After getting everything up and running (which did take longer than I expected) I feel like I definitely made the right choice. It takes some getting used to, but Linux really is an elegant OS. Working with it now is so much easier than it used to be, especially on these cloud services.

Go With Best Practices & Wide Support

So again I was faced with more decisions. For those of you wading into the Linux Universe for the first time, know that there are always a dozen to a million different ways to skin a cat. Most of those choices are totally open source and therefore cost the same—but the choices are often endless and results are not always the same. I’d love to say I have a comprehensive list of technical reasons for using something instead of something else, but honestly, I looked for people I felt I could trust and then went with a blend of their recommendations and my own judgement based on past experience. I don’t think you can know everything, so it’s better if you just find a good consensus on best practices and run with it.

It’s also valuable to go with solid tools that are used by huge numbers of people rather than being one of the elite few running something cutting edge…and that’s mainly due to support. I chose tools that offer tons of support and tons of value at the same time, and went with getting things done rather than getting them perfect. I can go back and refine things later. Setting up a web server is not an intensive feat anymore (it no longer takes hours even to install Windows because hardware is so much faster), so even if I have to rebuild from scratch, it’s not going to take days once I get it figured out the first time.

I fully expect any techies who find this blog to have opinions on how to make this better. I welcome learning of any way I can improve my setup, but I decided beforehand (and often had to remind myself) that I wouldn’t get bogged down on getting things perfect. I’ve heard that engineers at Facebook are constantly reminded that “done is better than perfect”. Therefore, what follows is my setup to start out…

I Love LAMP

Again, for those of you new to the Linux Universe, the stack of applications used to build a web applications server is commonly referred to as “LAMP”. Typically this means the Linux operating system, Apache web server, MySQL database management server, and PHP programming language. As with any stack, however, there are many flavors for each letter, except for the A, which is pretty much always Apache. You can use innumerable flavors of Linux, you can substitute MariaDB for MySQL, and you can substitute PERL or Python for PHP.

Since Linux is open source, there’s no one commercial entity writing and releasing the software (like Microsoft with Windows or Apple with OS X), so pretty much anybody can do it if they feel like it. Every Linux distribution is a lot like a mix tape (or mix CD, or a playlist for the younger kids) of operating system components and configurations that a given group puts together. Sometimes there are even a few different distributions released by the same group (workstation and server distributions for instance). Some distributions are even sold instead of just given away, usually because they come with support services offered by the group creating them.

Now there are quirks with various flavors of Linux, but the base OS does pretty much the same thing for all of them. MySQL and MariaDB are flavors of the same base as well. PHP, PERL, and Python, however, are not quite interchangeable, but they are common and have been around for a long time. For WordPress, we have to have PHP. The operating system (you can even run Windows, then it’s called WAMP), the flavor of MySQL and the web server technology don’t really matter, but you definitely need something MySQL-compatible and PHP-compatible to run WordPress.

Create Your Own Development & Testing Cloud

Now no good techie works without a good test or development environment, so besides signing up for AWS, I installed Microsoft’s Hyper-V virtualization software on my Windows 10 machine, allowing me to create my very own virtual servers whenever I need. Hyper-V is totally free and incredibly easy to use, and you don’t need a special edition of Windows to run it.

While I can’t make an exact duplicate of my production server, I created a virtual test server that matches the configuration as closely as I know how. Now I can test changes and identify problems before I hose my production site.

LEMP Instead of LAMP?

So here is the shopping list of technologies I used to build my server. As you may have already guessed, I’m using an alternative to Apache. I’d like to give a big thank you and shout-out to Tim at Photographers Tech Support, whose articles about his own AWS setup got me started and offered valuable insight.

  1. Linux Distribution: Ubuntu Server 16.04 LTS. I have heard and read many good things about Ubuntu Server over the years and used it in test environments I’ve built. It’s always been good to me, so I decided to go with the latest LTS release (Long Term Support) since I won’t have to fret over updating the OS until I’m darned good and ready. AWS has a ready-made image which has worked marvelously (Tim’s setup used Amazon Linux, which has some key differences with Debian-based distributions like Ubuntu, so his instructions will be different from mine). It’s worth noting that Ubuntu gives their releases a name…this distribution is called “xenial”.
  2. Web Server: Nginx. Tim recommended going with Nginx (pronounced “engine ex”…it’s the E in LEMP) over Apache because it runs with far fewer resources and is used in large scale environments because of its superior speed and efficiency. Since I’m going with Nginx rather than Apache in my setup, this means I really opted for the LEMP stack rather than LAMP.
  3. Database Management Server: MariaDB. Tim recommended MariaDB over MySQL, since it is a more advanced fork with the same functionality and full compatibility.
  4. Applications Engine: PHP 7.0. In Tim’s well-documented setup he also went with HHVM rather than PHP 5…but he did recommend PHP 7 over HHVM in a later note, so I had to fill this bit in for myself. I went with the version of PHP that comes with my Ubuntu release rather than the latest version (7.2) for now.
  5. SSL Certificates: Let’s Encrypt. Once I got my basic http server running, I needed to make sure my sites were using the secure https protocol when they went live. In the past I’ve set up my own certificate authority and self-signed my sites since commercial SSL certificates were so expensive. I wanted my site to be 100% legitimate and professional here though, especially since most modern browsers throw up all sorts of scary warnings if https isn’t handled just right. Thanks to our friends at the Electronic Frontier Foundation and the Internet Security Research Group, it was way easy and totally free to do this with Let’s Encrypt server certificates and the automatic service that installs and renews them. Tim’s setup predated much easier use of this service, so I’m including instructions to fill in the gap.

Additional Tweaks

Another extremely useful part of Tim’s documentation was his discussion of setting up server and browser caching rules within Nginx. I’ll be including some insight on this as well as detail on:

  • How to set Nginx up to host multiple sites
  • How to transition a WordPress installation from http to https and
  • How to move your WordPress site over from another server under less than ideal circumstances.

Last of all, I will include some of my plugin recommendations and possibly some detailed setup instructions if I think it’s useful and necessary.

Along the way I’ve definitely run into problems and I’ve had to troubleshoot them. Sometimes these problems were easy to identify, and many times they were issues I never saw coming because things just didn’t work the same in my little flavor of doing things. I’m going to write these up as best I can to help some of you find your way back to the road a bit easier than I did.

If you have any questions, please feel free to leave a comment or send me an email. I am happy to answer questions publicly for free (within reason). If you want more specific personalized help, I’m happy to provide it at a reasonable consulting rate.

Now that you understand my purposes and requirements, along with the resulting decisions I made, we can move on to the nitty-gritty of how to implement them and overcome any likely issues that can occur.

Save

Save

Save

2 thoughts on “Why I Hosted WordPress on AWS & LEMP”

  1. Good to hear my article was helpful! I agree PHP 7 is best, but some older themes don’t support it. MySQL/MariaDB is really personal choice. I definitely agree with Ubuntu 16.04, I’m not a big fan of Amazon Linux, Ubuntu has much more documentation and support. With that setup you can get a full LEMP stack working on a t2.nano, though I did need to add a bit of swap – I have an article on that on my blog too. Disabling the MySQL performance schema really reduces MySQL memory usage – there’s an article on my blog about that too.

    You will get a small bill in your first year, mostly for things like EBS (disk) snapshots (backups) and extra instances you start to play with things. I’m past the free tier now, I’m paying around $10/month for a t2.nano with sufficient EBS disk, snapshots for backups, bandwidth including enough to export my data and database each night, 100GB of S3 storage, and 100GB of Glacier storage.

    I’d suggest considering EasyEngine, which will get things up and running quickly in comparison with doing it all from scratch. It’s not as interesting but far more practical.

    Good luck, and feel free to get in touch with blog comments / email if you need any help 🙂

    Reply

    1. Hi Tim, thanks for commenting back! I’ll check into that. Being an old techie, I like to know how things work for myself rather than taking it all for granted…I learn enough in the process to know what broke and maybe even how to fix it. I suppose I’d have tried EasyEngine straight away had I discovered it, but I’m up now and very happy with it.

      By the way, I discovered that I can install the cache purge and more headers modules on Ubuntu by installing nginx-extras rather than the normal nginx install. I kept looking at all of the steps to compile things (which I may eventually do) and looked around and found that shortcut. I have no idea what sorts of things were installed that I don’t need (and hopefully nobody will exploit them :-/ ) but it worked right out of the gate and it is just marvelous!

      I’m just so happy to be up and live, and really thankful for you documenting everything! It really did help!

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *