Odin SQL

Programming, software and technology

You are here: Home / Archives for nginx

The Nginx web server

The Nginx web server

.NET Core runtime CoreCLR released on GitHub

by Leave a Comment

coreclr opensource on github

coreclr opensource on github

 

If you’re a .NET developer you’re probably exited to hear that the .NET Core run time AKA CoreCLR has been released on GitHub.

The code currently is running on Windows with support for Linux and Mac promised in the cumming months. Very soon we will have the ability to write MVC 6 web apps in C# or your favorite .NET language using Visual Studio 2015 and then deploy to a Linux servewith official support from Microsoft.

What is .NET Core?

.NET Core is basically a stripped down and streamlined and rewritten version of the .NET framework removing all of the windows specific code and functionality. .Net Core will provide the core functionality of just in time compilation and garbage collection of your .NET code and will allow support running and deploying ASP.NET vNext Model View Control (MVC) web apps on Windows, Linux and Mac.

Why did Microsoft release CoreCLR as open source?

It isn’t altruism that has led Microsoft to open up CoreCLR. Over the past several years Microsoft has been loosing market share on the web server. PHP has been around for years and despite it’s bad design and numerous security issues it doesn’t seem to be going anywhere.  Ruby has been gaining ground for years, Java won’t die despite Oracles best efforts and many new start ups are taking a look at Go.  More than a few .NET developers are tempted to leave the Microsoft development world behind and take up development with one of these open source alternatives. Developers and development tools have been a major reason for Microsoft past successes. Microsoft is scared of losing these developers and the the “enterprise” customers that they work for, which make up the majority of their profits.  Opening up ASP.NET vNext and CoreCLR and giving away Visual Studio  for free is Microsoft’s attempt at keeping as many developers as possible in the Microsoft sphere of influence while at the same time hopefully attracting a few additional developers. They are hoping that once a developer gains experience working on C# in Visual Studio they are more likely to work on a desktop app using C# and Visual Studio than abandoning windows entirely for Linux.

Why am I so excited about CoreCLR on Linux?

I’ve been working with ASP.NET since it was in beta with brief hiatuses while working on Java, Perl and PHP web sites. During that time I’ve come to appreciate Visual Studio and C#.  C# is a great programming language and Visual Studio is undoubtedly the best IDE available today. Unfortunitly I’ve found myself working less with C# over the past couple of years. This has primary been due to the fact that deploying ASP.Net apps on Windows Servers is significantly more costly than deploying apps on an inexpensive Linux VPS. Soon the cost of deployment should no longer be an issue. I’m looking forward to writing ASP.NET MVC apps in C# using Visual Studio and deploying them to a Nginx web server.

Another area of concern that I’ve has is the performance of .NET apps vs. apps written in code that is natively complied such as C and Go. Fortuitously Microsoft has also announced .NET Native. Apps compiled with .NET Native utilizes significantly less memory and provides greater performance than apps using the just in time compiled common language runtime.

A year ago I doubt anyone would have believed you if you told them that Microsoft would be releasing ASP.NET for Linux and now it looks like it will be here by summer 2015.

 

Leave me a comment and Let me know your thought on .NET Core, ASP.NET vNext and .NET Native.

A comparison of WordPress caching options

by 2 Comments

Wordpress logo

WordPress logo

 

I’ve spent the past couple of days bringing my site up and down while comparing the many caching options available to WordPress. This is the synopsis of my research. Hopefully this information can help someone else make a more informed decision about the many caching options available.

If you want to implement any of these you’re going to need to be hosting WordPress on your own VPS unless your hosting company is willing to implement caching for you.

The server that this was tested on is a $10 1 CPU Linode VPS with SSD.  The memory and CPU constraints of a low-cost VPS guided my decision-making process. If I had more RAM available I probably would have used memcached more despite the fact that the performance I’m able to get out of an SSD is great.  The initial installation of Nginx was done using EasyEngine which greatly simplifies the configuration required for WP Super Cache or W3 Total Cache. I’ve outlined getting WordPress up and running using EasyEngine here. I’m not going  into details in how to configure each one of these options I just wanted to outline some the pros and cons of the options that I have implemented.

What is Caching?

If you’re reading this you already know. When a request is made for certain content the response from your web server can be stored for a predetermined amount of time either on disk or in memory.  That storage is referred to as a cache.

Why cache?

Your website will serve dynamically generated pages much more quickly while putting your server under far less load.

Which caching options were compared?

  • WP Super Cache
  • W3 Total Cache
  • WP-FFPC
  • Pagespeed for Nginx
  • Nginx Proxy Cache

WP Super Cache

WP Super Cache is probably the most popular caching plugin for wordpress. I used EasyEngine which generates the the necessary nginx config and stores it at /etc/nginx/common/wpsc.conf I was able to server 15,000 page requests per minute using it and the response times were good.  Nginx is very good at serving up static content quickly with minimal system requirements. The only negative about it is that the settings revert to the default and need to be reset if you disable the cache and then re-enable it which is fairly annoying.

W3 Total Cache

The second most popular cache plugin for WordPress W3 Total Cache. It has a lot of options that allow caching objects and database queries in memcached but if you’re using it to generate static pages those options aren’t extremely useful. If you have a word press site with several thousand posts it’s possible that those options could speed up access to less frequently visited posts but it’s not the case with my blog so I didn’t see any befit from storing objects in memcached. It performed approximately equivalently to WP Super Cache but I would recommend WP Super Cache over W3 Total Cache because of the simplicity and the fact that W3 Total Cache has an incredibly annoying popup nag screen every time you open the setting page.

WP-FFPC

WP-FFPC is another cache plugin for WordPress that can be configured to cache your PHP pages to memcahed which theoretically should be much faster than disk based caching.  Unfortunately the plugin wasn’t playing well with my system and some pages were being cached as completely blank.  It seems that this is an issue that more than one other person in experiencing and I wasn’t able to find a solution to the problem. I also had some concerns about the limited amount of memory available on my VPS. This could be a good solution if you’re on Apache and have a decent amount of available memory but it wasn’t working on Nginx with PHP-FPM for me.

Pagespeed

The pagespeed module is available fo Nginx and Apache caches and optimized the content being server. On Nginx it actually needs to be compiled as part of the server. It analyses the content of the pages and images being served and can make changes to them such as removing comments and white space, minifying and combining js and css, and optimizing images. This all can theoretically reduce the amount of time that it takes to download and render a page.  Pagespeed actually accesses and optimizes not only the page that you are serving but will access and optimize the content of all the included page resources such as js, css and images and can then store the results in either on disk or in memcached.

I had numerous problems with Pagespeed each “fetch” to an included resource is handled in a separate thread which isn’t ideal for a server with only one CPU. Even after the request is cached requests are handled much more slowly than when compared to the static caching options and in addition I was never able to configure Pagespeed to server more that 1000 page requests per minute reliably. I also had an issue with a cached and optimized image being corrupt. I finally gave up on dealing with pagespeed after configuring an Nginx proxy cache in front of it and then discovering that pagespeed sets the headers so that the resulting content won’t be stored in the cache and there’s no simple way to change this behavior in pagespeed.  A lot of the functionality that’s built into page speed is already handled by other WordPress plugins and using plugins and a a static page cache is a much easier option resulting in better response times.  These are my results of a load test with 1000 page requests per minute with pagespeed enabled. These we the best results I managed to get out of pagespeed with several hours of effort.  1/15th the number of simultaneous page quests and 4X the response time.

Nginx Proxy Cache

A proxy cache sits in front of your actual web server and depending on the data being requested will either serve a cached version of the data or pass the request for the data onto another webserver. A proxy cache can exist on the same physical server or on a separate one and can also work as a load-balancer between multiple servers. In order to get this to work in WordPress it required adding a couple of lines of code to the wp-config.php so that the site would stop trying to redirect back to the secure version of its self. The issue and resolution are discussed here.    Implementing this takes a bit more effort and research than a plugin like WP Super Cache but it also performs a bit better and the configuration can be easily updated adding in load balancing or fail over.

After implementing this I was able to handle 20,000 page requests per minute fairly well. Here are the results of the load test.

 

Conclusion

If you’re looking for a caching option that is the simplest to implement while offering great performance WP Super Cache is an excellent option.

WP 3 total Cache has a lot of options that will be of no use for the vast majority of people using it. It’s also sporting an annoying repetitive nagging popup.

WP-FFPC wasn’t playing well with Nginx for me but if you’re on Apache and have enough available memory it could be a good option for you.

Pagespeed actually made everything slower and dramatically decreased the number of simultaneous users that my site could support. It may work well on a dedicated server with many processors but on a low end VPS it’s literally worse than not implementing any caching at all.

Nginx proxy cache offers better performance than any of the WordPress plugins. You can put it in front of Apache or any website if that’s your preference. Fail-over and load-balancing are also both possible with a proxy cache. If at some point I upgrade my $10 Linode VPS to something with more memory I can even configure Nginx to use memcached instead of disk.

How to cloak affiliate links with Nginx

by 1 Comment

Nginx logo

Nginx logo

What’s covered in this post

In this post I cover how to set up 301 redirects for affiliate links quickly and efficiently without the use of any plugin or redirect script using only the built in functionality of Nginx.

 

Why you should cloak your affiliate links

Analytics

I love numbers and the most accurate way to track if a link is clicked is by logging each click.  If you’re serous about making money off of your affiliate links you’re going to want to know how much each click  is worth for each program.

If you are relying on something like Google analytics, which is dependent on JavaScript being run on your web site, you could be missing a significant amount of data.  You will not be seeing links that were shared on twitter, via email or for users that have disabled JavaScript. The method I’m going to outline will log every click to an affiliate link via your servers access logs.

Search Engine Optimization (SEO)

Google and other search engines will penalizes sites for using affiliate links that are not marked as “nofollow” links. This solution will use a robots.txt file to disallow any following.

Easy to remember

A short link like “https://r.odinsql.com/digitalocean”  is easier to remember than “https://www.digitalocean.com/?refcode=f1ad4e30b2a2

Easier to update

Lets say that one of the affiliate programs that you’re taking part of has a special offer at a different URL that will result in a larger number of conversions that you’re usually getting.  It’s a whole lot easier to update the link in a centralized location than to have to go through every blog post and update each link individually.

Why I use Nginx for affiliate link redirection

Performance

Nginx is incredibly fast at serving redirects and logging then. In the world on affiliate marketing even a few milliseconds of extra processing time can end up costing you money. You won’t find a script or plugin that will handle redirects as quickly as Nginx natively can.

Log analysis

Each click will be logged and can later be analyzed using a log analysis tool such as AWStats.

It’s free

If you already have an Nginx web server there’s no need to pay for a plugin or or script.

 

How to use Nginx for affiliate link cloaking

Create a sub-domain

First we’ll need to create a sub-domain used exclusively for redirection. In my case I’ve created the sub domain r.odinsql.com

This needs to be done with whom ever is hosting your DNS records.  I use CloudFlare  to host my DNS records. If you’re not already using a free CloudFlare for content distribution I highly recommend them.

Create a website for the new sub-domain

If you need instructions on how to configure and setup a website using Nginx take a look at my tutorial on how to do it with EasyEngine. EasyEngine is literally the easiest and most fool proof way of setting up a new website on a VPS.

Create a robots.txt file

This new website for your sub-domain is going to have a single file “robots.txt”

This is what your robots.txt should look like.

User-agent: *
Disallow: /

This tells the search engines that you don’t want them accessing anything on this site.

Put your redirect links in the new sites Nginx config file

This is what the actual config file for r.odinsql.com looks like

# HTML NGINX CONFIGURATION

server {
listen 80;
listen [::]:80;

server_name r.odinsql.com;

access_log /var/log/nginx/r.odinsql.com.access.log;
error_log /var/log/nginx/r.odinsql.com.error.log;

root /var/www/r.odinsql.com/htdocs;
index index.html index.htm;

error_page 404 = @foobar;
error_page 403 = @foobar;

location / {
try_files $uri $uri/ /index.html;
}

location @foobar {
return 301 https://odinsql.com;
}
location /hireme
{
return 301 https://www.elance.com/s/benjaminfredrick/;
}
#cloudflare
location /cloudflare
{
return 301 https://cloudflare.com;
}
#hosting sites

#linode
location /linode
{
return 301 https://www.linode.com/?r=dc324ab41e66f3facfcc6eff74acfe74a414e739;
}

location /linode-n
{
return 301 https://www.linode.com/;
}

#digitalocean
location /digitalocean
{
return 301 https://www.digitalocean.com/?refcode=f1ad4e30b2a2;
}

location /digitalocean-n
{
return 301 https://www.digitalocean.com;
}

#vultr
location /vultr
{
return 301 http://www.vultr.com/?ref=6817742;
}

location /vultr-n
{
return 301 http://www.vultr.com;
}

location /cloudways
{
return 301 http://www.cloudways.com/en/?id=18942;
}

location /bluehost
{
return 301 http://www.bluehost.com/track/odinsql/;
}

location /amazon
{
return 301 http://www.amazon.com;
}
#ramnode
location /ramnode
{
return 301 http://www.ramnode.com;
}

#sendgrid
location /sendgrid
{
return 301 http://mbsy.co/sendgrid/17518355;
}

#loaderio
location /loaderio
{
return 301 https://loader.io/s/xewK7;
}

location /loaderio-n
{
return 301 https://loader.io;
}

#amazon
location /amazon-ec2
{
return 301 http://aws.amazon.com/ec2/?_encoding=UTF8&camp=1789&creative=9325&linkCode=ur2&tag=o0c22-20&linkId=744HAUET442HAPV4;
}
}

I’ve created a location block for each affiliate link. The location is just a short name that I use for the affiliate link followed by a 301 redirect to the actual affiliate URL.  Any 404 or 403 errors result in a redirect back to my blog odinsql.com. If I need to add or edit a link I open the config edit it and then run

sudo service nginx reload

This reloads any updates that I’ve made to the config into Nginx.

For now I don’t have that many affiliate links. As I continue to blog and add more affiliate links I may decide to break this config file into separate smaller includes. For now it’s a quick and easy solution that’s fast and free.

 

If you’re in need of a quality VPS host to test this out on I would recommend Vultr. TVultr offers low cost high performance VPS with SSD whit hourly and monthly billing options available.

Sign up for Vultr

 

That’s it for this post it might be a bit too technical of the average affiliate marketer but it’s how I cloak affiliate links. If you have a question about this please leave me a comment. If you would like to stay updated regarding this blog join my mailing list by filling out the form on the right hand navigation.

PHP – Maximum upload file size

by Leave a Comment

What does this post cover?

In this post I cover how to update the php maximum file upload size. Although this post is php-fpm specific the same variables will need to be edited in what ever version of PHP you are using. I also cover updating nginx.conf which is nginx specific.

Why this topic?

I manage the server for a client that is hosting WordPress on a Linode VPS. Recently they’ve decided to start doing a pod cast. When my client went to upload the audio for the podcast they encountered the following error in WordPress.

Maximum upload file size: 8mb

8mb is the default post_max_size set in the php.ini that is part of the php5-fpm package for Ubuntu 14.04 other distributions may see a similar error but with a different value

After checking and updating all of the relevant values it was suggested, and I agreed to write a brief blog post about what needs to be updated.

So if you’re encountering an error like “Maximum upload file size: 8M” here’s the solution.

Update php.ini

you will need to edit the following two variables in your php.ini

The default location for the php.ini on Ubuntu 14.04 with the php5-fpm package is /etc/php5/fpm/php.ini

post_max_size = 100M

upload_max_filesize = 100M

In the above example i’ve set the size to 100M for 100 mega bytes.  For 100 kilobytes you would use 100K and if you wanted to set the values to 1 giga byte you could use 1G. So the value is a number followed by  K, M or G without a space. You should only set the size to a maximum file size that you are likely to upload. Although it’s tempting to set the values to an enormous size this could result in the exustion of all system resources and crashing your server, so be reasonable. The value for “upload_max_filesize” is only valid up to the the limit imposed by “post_max_size”. In practice you will most likely set them both to the same value.

Update nginx.conf

You will also need to edit your nginx.conf located by default at /etc/nginx/nginx.conf on Ubuntu 14.04 when Nginx is installed via apt-get.

edit the the “client_max_body_size” in the http block of your nginx.conf

client_max_body_size 100m;

Restart PHP

You will need to restart php5-fmp before the changes take effect. Here’s how to do that on Ubuntu.

sudo service php5-fmp restart

Reload Nginx

You will need to reload the ngixn.conf before the changes that you’ve made take effect. Here’s how you reload the nginx.conf

sudo service nginx reload

 

That’s it. You should now be able to upload your files without encountering the error “Maximum upload file size: 8mb”

 

After reading through all of this you’ve decided that you would rather leave the management of you server in the hands of professionals have a look at

CloudWays Managed VPS

CloudWays offers VPS management on top of DigitalOcean’s network

If you were encountering this error I hope that this post has been helpful. If you have any comments, questions, or suggestions please let me know in the comments section below.  If you would like to have me answer your individual questions please join my mailing list by submitting the form on the right hand navigation of this page.

Free SSL with CloudFlare, OpenSSL and Nginx on Ubuntu

by 9 Comments

How to Save up to $750 in SSL fees for free

In this post I’m going to show you how to set up your site so that you will have an absolutly free fully SSL secured site that automatically redirects non secure HTTP traffic to your secure HTTPS URL.  A basic SSL certificates commonly cost $45 – $75 per year.  I’m going to show you how to create and install an SSL cert that’s good for the next 10 years and cost you absolutely nothing.  Google now gives SSL secured site a boost in it’s search algorithm.  Implementing the solution outlined in this post has both SEO as well as security benefits.  For this tutorial I’m using Ubuntu 14.04 if your using another distribution the steps will be pretty much the same but the paths to the config files may be different.

What you will need

      • root or sudo user Access to your Linux VPS (Virtual Private Server) or dedicated server
      • An existing web site on an Nginx web server ( you’ll have to improvise if you’re on Apache  in this post I’m only covering Nginx)
      • A 100% free CloudFlare.com account (No BS It really is 100% free they don’t ask for a credit card. I’m sure that they would like you to sign up for one of their premium packages but they’re not forcing it down your throat)

 

If your in the need of a good, low cost reliable VPS provide I personally recommend and use both Linode and DigitalOcean with my preference between the two being Linode. This site is hosted on a Linode VPS behind CloudFlare’s reverse proxy service. If you sign up to either Linode or DigitalOcean using links on this page I’ll get a free month of hosting.  In addition DigitalOcean will add a $10 credit to your account.

If you’re not already using Nginx to host your site I’ve created another tutorial of how to easily configure Nginx on a VPS right here. This tutorial begins with the assumption that you already have a site up and running and that you are using Nginx as your web server.

The 4 basic steps

      1. Set up CloudFlare
      2. Create an self signed SSL cert using OpenSSL
      3. Configure our website to use our new SSL cert and redirect everything to HTTPPS;
      4. Flip the switch on CloudFlare to enable full SSL.

Basic step #1 Set up CloudFlare

What is CloudFlare and what do they do?

CloudFlare

CloudFlare

CloudFlare runs DNS based content distribution network that also has some pretty nifty analytic and security features. If you’re using their service and someone goes to www.your-site.com they send the request to the nearest server on their network which tries to serve the cached content if it already exist and they are able to do that or forwards the request to your server. This is whats more commonly knows as a reverse proxy. All of this ends up taking milliseconds and results in your server being put under less stress and your pages loading faster for your users. In addition to that they’re able to filter out malicious bots and mitigate denial of service attacks.  At the end of September 2014 they announced that they were going to give this service away for free and they were also going to provide a free SSL cert. They explain it a bit better in their Universal SSL blog post. We can set up SSL with CloudFrare in two different ways either they can access your non secure site and then proxy it to to port 443 on their servers or they can access your secure site and then proxy it to their server. The second option is more secure and what we will be implementing in this post. If you you would like to give the first method a try all you need is to set your domain up on CloudFlare.

I think their service is awesome I’m using it for free on this site and I would recommend that pretty much everyone else use it as well.

Sign Up

Head over to CloudFlare and sign up for their service. It’s fairly painless and easy. They don’t ask for any billing information or require a credit card. All you need is an email address.

Add your domain name

After you’ve signed up your going to enter your domain name.  CloudFlare will then pull down the DNS records for the domain you’ve entered.

Verify your DNS records

CloudFlare DNS entry screen

CloudFlare DNS entry screen (click image to expand)

CloudFlare is pretty good about pulling everything down but if you have any special txt records like sfp records it’s possible that they could miss them.  You should open up your dns records with your current dns host. Enter anything that’s missing or incorrect before moving onto the next step.

Update your name servers

Once all of your DNS records are correctly entered into CloudFlare you will need to update your existing name servers with your domain name register (godaddy, namescheap, networksolutions etc..). You will need to check the documentation provided by your domain name register on how to do this. You’ll replace the old name servers with the name servers that CloudFlare has provided you.  For me they were “sri.ns.cloudflare.com” and “vera.ns.cloudflare.com” but you should use what is provided by CloudFlare for your domain.  Once you’ve updated your name server it can take up to 48 hours before all of the DNS servers on the internet update their information and know that they should be requesting DNS information about your domain from CloudFlare.

CloudFlare Green status Icon

CloudFlare Green status Icon

Usually the update happens within an hour or two. Cloudflare will dispaly a green icon next to your domain name in their control panel letting you know when everything has updated.

At this point you can move on to step #2 but don’t start step #3 until after cloudflare is handleing your DNS 2 – 48 hours from now. You might want to bookmark this page and come back.

 

Once your DNS is on CloudFlare You should be able to enable basic SSL by going to your settings page.

CloudFlare Settings

CloudFlare Settings (Click image to expand)

On the settings page enable “Flexable SSL”

CloudFlare Flexable SSL

CloudFlare Flexable SSL (Click image to expand)

At this point you should be able to enter https://your-site.com into your browser.  You should see the lock icon next in the address bar to the left of your domain name. The SSL encrypted connection is between your browser and CloudFlare’s proxy server however the connection between CloudFlare and your server isn’t yet encrypted.  If we want to encrypt the connection between your server and CloudFlare and enable redirection to only the SSL secured version of your site you are going to need to install an SSL Cert on your server.  The good news is that you can use a self signed SSL cert that won’t cost you a penny and I’m going to show you how to do that.

Basic step #2 Create your SSL Cert

sudo mkdir /etc/nginx/ssl

sudo openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout /etc/nginx/ssl/server.key -out /etc/nginx/ssl/server.crt

So on the first line we’re creating a directory to store our SSL certs in. On the second link we’re telling OpenSSL to create a self signed SSL cert that expires ten years from now and put it in our newly created directory. You’re going to be asked a few questions about your location, company name, department, common name the only one of these that is important is common name it should match your site exactly if your site is www.your-site.com enter www.your-site.com if you plan on accessing your site without the www the it would be just your-site.com for example on this site I don’t use the www prefix so I would just use “odinsql.com” as the common name.  None of this is really all that important as CloudFlare won’t be using the information from this cert to your users. In fact I have several different web sites using CloudFlare using the the same self signed cert.

Basic step #3 Enable SSL on your site

Before you begin this step it’s important that your DNS is now being handled by CloudFlare if it’s not this next step is going to end up bringing your site down. So double check.  The icon next to your domain name should be green in CloudFlare.

Let’s move to the nginx config directory for your available web sites on Ubuntu we would do the following to get a list of the config files for the sites on your server.

cd /etc/nginx/sites-available

ls

sudo cp example.com.conf example.com.conf.bk

sudo nano example.com.conf

The command cd changes the directory in this case to the directory containing the config files for our web sites.

We should create a backup copy of your sites config and to do that we use the “cp” command. The first parameter of cp is the file that we want to make a copy of and the second is the name that we are going to give the copy.

Nano is a text editor replace “you-site.conf” with the the file name for your site.
Your config file should look something like this.

server {

server_name example.com www.example.com;

access_log /var/log/nginx/example.com.access.log rt_cache;
error_log /var/log/nginx/example.com.error.log;

root /var/www/example.com/htdocs;
index index.php index.htm index.html;
include common/locations.conf;

}

Were going to need to make a few changes so that it looks more like this.

# block #1 : redirect non secure traffic to your secure site
server {
listen 80;
listen [::]:80;
server_name wwwexample.com example.com;
return 301 https://example.com$request_uri;
}

#block # 2 :  redirect the www. version to the non www version
server {
listen 443;
listen [::]:443;
server_name www.example.com;
return 301 https://example.com$request_uri;

}

#block #3 :  This is what is where all of the parameters for serving your site are defined
server {
listen 443;
listen [::]:443;
access_log /var/log/nginx/example.com.access.log rt_cache;
error_log /var/log/nginx/example.com.error.log;

root /var/www/example.com/html;
index index.php index.htm index.html;

server_name example.com;

ssl on;

ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

#I use a set of includes for handling common items like PHP, WordPress, Common Locations,  Security
#If you host multiple sites, I would recommend that you do the same.
include common/locations.conf;

}

There are 3 server blocks in this file block.

In server block 1 we listen on port 80

“listen 80;” means that should handle requests on TCP port 80 for IPV4

listen [::]:80 listens of port 80 for IPv6

Port 80 is the standard port used by web servers to server non secure data.

“server_name” specifies which site names this block is corresponding to. Here we have it responding to the domain example.com and the sub-domain www.example.com.

“return 301 https://example.com$request_uri;” On this line we’re telling Nginx to return a 301 (permanent redirect) to the users browser that sends them to the secure version of example.com and to append the page that was requested with “$request_uri” if one was specified.

In server block 2 we listen on port 443

We have basically the same thing in server block 2 as we did in server block 2 execpt here were telling nginx to listen on port 443 which is the standart port used by browsers for SSL.

“server_name www.example.com;” This time were only redirecting the www version to the non www verision.  It’s important that you only have the www version of your domain name on this line. If you were to enter them both your site will not be available.

In server block 3 we listen on port 443 and serve your site

In block 3 we have the code  that actually serves your site.  You will need to take your original server block that you started with and have added

listen 443;
listen [::]:443;

To the top of it so that this block will now only listen on the default secure port 443

server_name example.com;

The site only responds to the non www version of example.com as specified by the “server_name”.  www.example.com is being redirected in block 2 redirecting to the non www version in block 3.

ssl on;

ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

This is the code that actually enables SSL the line “ssl_certificate” needs the path to the .crt file that we generate. The other lines pertaining to SSL should be copied verbatim and define which encryption protocols we will support and how the browser should communicate with the server. !In the “ssl_protocols” do not enable ssl3. It posses a security risk and should remain disabled.

Double check that every comment line start with “#” and every parameter ends in “;”

Hit Ctrl+x to save the changes you’ve made then “y” when prompted followed by “enter”

Now we need to load your modified config into Nginx and we do that by typing this

sudo service nginx reload

If you don’t see an error then you’ve done everything correctly if you do get an error open your config back up and take look everything over again.  It’s most likely the path to the cert, key or a missing semicolon.

Basic step #4 : Enable full SSL in CloudFlare

If you didn’t have an error restarting Nginx at the end of step #3 you can now enable Full SSL in CloudFlare.

CloudFlare Full SSL

CloudFlare Full SSL

Try visiting http://your-site.com then http://www.your-site.com the https://www.yourssite.com they should all now redirect to http://your-site.com where your-site is the name of the website you’ve just configured.

If you are setting this up for a WordPress website you should also install the HTTPS plugin for wordpress.

 

If you need a great virtual server I highly recommend that you
Sign up for a Linode SSD VPS

After reading through all of this you’ve decided that you would rather leave the management of you server in the hands of professionals have a look at

CloudWays Managed VPS

CloudWays offers VPS management on top of DigitalOcean’s network

That’s it. Hopefully you’ve gotten everything working without too many headaches.  If you’ve found this tutorial useful, are having problems, noticed a mistake or have a suggestion please leave me a comment here on this page.

The quick and EasyEngine WordPress on Ubuntu 14.04

by 2 Comments

In my previous post I discussed how to to configure WordPress so that it’s super fast. If you haven’t read over that yet I would recommend reading it and then come back over to this post.

In this post I’m going to cover the easiest way to get WordPress up and running on a newly deployed copy of Ubuntu 14.04.  We’re going to do this using EasyEngine. Not only is it the easiest way to get WordPress installed on Ubuntu It’s also the easiest way to get a (LEMP) stack installed on Ubuntu.

If you haven’t heard of EasyEngine before, you wouldn’t be the only one. I just found out about it a few days ago.  EasyEngine is designed to make it easy to configure your server, create new sites and deploy WordPress.

This method is going to save you a significant amount of time and effort compared to the methods I’ve outlined previously.

If you’re considering moving your WordPress blog from a shared hosting account to your own virtual private server (VPS) I would personally recommend either Linode or DigitalOcean. I currently use them both and they are both reasonably priced and have excellent service. This site is being hosted on a Linode VPS.  If you sign up for either one of them using the links in this article and remain a happy customer I will receive a $20 hosting credit.  In addition DigitalOcean will add a $10 credit to your account.    The methods that I outline here are just as applicable to any other Ubuntu 14.04 server as they are to a VPS with Linde or DigitalOcean.

Log into your Server

Let’s get started first you’re going to need to open a terminal on your server and log in. If you’re not sure how to do that follow your hosting providers instructions.

Update Everything

Now  make sure everything on your server is up to date.  You may be asked to enter your password again after the first sudo command. At the end of each line press enter.

sudo apt-get update

sudo apt-get upgrade

sudo apt-get dist-upgrade

 

“sudo” Allows permitted users to run commands with elevated permissions.

“apt-get update” looks to see if there are any new versions of the software you already have installed.

“apt-get upgrade” actually upgrades the software to a newer version if one was found when you ran “apt-get update”

” apt-get dist-upgrade” will actually download, remove or install software that has been added, removed or upgraded from the distribution

So now everything on your server should be updated, upgraded and better than ever.

Install EasyEngine

This next step is where all the magic is at.

wget -qO ee rt.cx/ee && sudo bash ee

sudo ee stack install

“wget” can download a file from the internet in this case it’s downloading a file and naming it “ee” from  “rt.cx/ee” then it runs “ee” in “bash”

The second line tells EasyEngine(ee) to install the stack of MySQL, PHP, Nginx and all the dependencies.

 

Check if everything is working

Let’s take a look and see if everything is up and running correctly. To do that we’re going to need a web browser.

sudo apt-get install lynx

lynx localhost

The first line is going to download and install the lynx text only web browser onto your server.

The second line is going to try to open the default web site being hosted on your server.

You should see something pretty much like this.

Nginx Welcome page in Lynx

Nginx Welcome page in Lynx

Hit “ctrl+q” to quit lynx

 Install Nano

sudo apt-get install nano

Nano is a very simple text editor that we’re going to use to edit a configuration file.

Make EasyEngine more secure

I’m going to recommend making a few changed to the default EasyEngine install.

EasyEngine installs some administration tools on port 22222 to a site named 222222 by default that are used for managing PHP and MySQL. I don’t recommend having unnecessary services and applications running. Let’s disable  these admin tools.  I’m of the opinion that they pose a security risk if you want to re-enable them and secure them via your firewall at a later point you could do that

sudo ee site disable 22222

Here we tell EasyEngine (ee) to disable the site 22222.  What ee actually does is  remove the symlink for the sites config file for 22222 from “/var/nginx/sites-enabled/”.  Think of a symlink as being like the directions or a map to another file.

We didn’t actually delete the contents of the file 22222 we just removed the directions to it from the site-enabled folder. Nginx uses this folder to keep track of which sites it should server.

If at some point you decide that you want to add it back in you can recreate the symlink like this

sudo ee site enable 22222

This tells ee to create a symlink for the 22222 file in “/var/nginx/site-available/” int the “/var/nginx/sites-enabled” directory.

now let make a small change to Nginx config

sudo nano /etc/nginx/nginx.conf

This will open the nginx.conf in the nano text editor. Find the line.

add header X-Powered-By “EasyEngine 2.x.x”

Change “EasyEngine 2.x.x” to something else. Maybe “Fluffy bunny web server” It doesn’t really matter. The reason we’re changing it is that  if there’s ever a bug in on of the packages that are installed by EasyEngine that could allow hackers access to your site or server,  you don’t want to be broadcasting to everyone on the internet that you’ve using it.

Hit “ctrl+x’ to exit from nano you’re going to be prompted if you want to overwrite and save changes hit “y” for yes.

 

Hopefully none of this has been too painful so far now were ready to create our first wordpress site on your new server.

Create your WordPress site using EasyEngine

Creating a new WordPress site with WP Super Cache enabled with EasyEngine

sudo ee site create your-site.com –wpsc

With this line you’re telling EasyEngine(ee) that you want to create a new site in this case “your-site.com” and to also install and configure the server side portion of WP Super Cache so that your site will be nice and fast.

You should see something like this

EasyEngine User & Pass

EasyEngine User & Pass

Write down this username and password

Write down the username and password that was created by EasyEngine when you created your site.  You can change it once your into your wordpress admin but you’re going need it to get in.

 

 

That’s it your new WordPress site is now installed and configured on your Ubuntu server.

You’re going to need to either alter the hosts file on your computer or update your DNS records for your domain before you’ll be able to access your site on your new server. I would recommend creating a free CloudFlare account and using them to host your DNS and use their free content distribution network (CDN).  As I’ve outlined in step #7 of my post 7 steps to make WordPress fast.

EasyEngine can do more than just configure WordPress sites.  I would recommend on heading over and taking a look at everything at it’s capabilities.

 

If you need a great virtual server I highly recommend that you
Sign up for a Linode SSD VPS

 
After reading through all of this you’ve decided that you would rather leave the management of you server in the hands of professionals have a look at

CloudWays Managed VPS

CloudWays offers VPS management on top of DigitalOcean’s network

If you have any comments,questions, suggestions or problems please leave post a comment here.

7 steps to make WordPress fast

by Leave a Comment

Wordpress logo

WordPress logo

By default WordPress is slow. Not a little slow or kind of slow but really slow. WordPress’s slow page load times are costing you money. Whether you are a small business using WordPress as your content management system a blogger making a bit of money from advertising revenue, you should follow these 7 steps that will greatly decrease page load times and increase your revenue.

I’m not going to lie to you and claim that each of these steps is easy but for someone who is fairly computer literate and willing to learn something new you should be able to make it through them with only a moderate headache and well-earned sense of accomplishment. If you would like to forgo the headache you could always hire someone to do the dirty work for you.

#1 Hosting

If you’re using a cheap shared hosting plan you need to stop it now.  If you’re making more than $10 a month of your website or if you plan on making more than $10 a month off of your website  sign up for a cloud based virtual private server(VPS) with a solid state drive.  To be on the safe side you need to plan on spending the greater of $10 or $10 per 30,000  page views per day at peak utilization.   (For example. if your site is doing great and you’re getting 60,000 page views per day on averaged but every Friday you update your blog and you’re getting 140,000 page views on Friday  you would  do the math like this 140/30 * 10 = $46.60)  For the vast majority of you that means you should plan on spending $10 a month. If however you were following this very simplified formula and you came up with a number greater than $100 you should hire me or someone else that is qualified to evaluate your hosting needs more accurately. You should also consider setting up managed hosting.  Do not take this as an opportunity to try to save a couple of dollars.

Select a plan from either Linode or DigitalOcean. I’ve personally used them both and have had excellent experience with both.  As of the time of writing these are the only two companies that I’m willing to recommend.  (Full disclosure this site is being hosting on a Linode VPS and if you use one the Linode or Digitalocean links in this article and stay with the service for 3 months, I stand receive a $20 hosting credit.) In addition DigitalOcean will add a $10 credit to your account.

#2 Setting up your VPS OS and software

Once you’ve selected your hosting plan you’ve got your virtual server but you’re going to need to install and Configure the OS and software.  I would recommend the latest long-term release of Ubuntu Server. Currently that would be 14.04.  it’s relatively simple to install all of the necessary software using apt-get. Installation of the OS should be as simple as selecting the Ubuntu 14.04 from either Linode or DigitalOcean immediately after choosing your hosting package by following the onscreen instructions.  Now we’re needing  to install the web server. Thankfully DigitalOcean has created an excellent tutorial on how to set up and configure Nginx. Nginx web server is able to serve up pages faster while using less memory than the older and more commonly used Apache web server. After you’ve completed the Nginx tutorial ,You should have a working static website . Now you’re ready to install MySQL, PHP and WordPress we’re going to head back over to DigitalOcean you should be able to skip to step two in this tutorial on how to get WordPress up and running on Nginx.

Edit: for an even easier way to install and configure everything read my post “The quick and EasyEngine WordPress on Ubuntu 14.04

If you’ve done everything correctly you’re probably exhausted but you should be staring at an empty word press site.

IMPORTANT! You’re now the one responsible for keeping your server secure and updated.  I would recommend logging into your server at least once a month and doing “sudo apt-get update” followed by “sudo apt-get upgrade”. You can automate this by following this Ubuntu tutorial. You should also configure a firewall and Fail2Ban.

#3 Move your site to the new server

Install the duplicator WordPress plugin on both your old and new server.  Follow the directions provided by the plugin to backup everything from your old site then copy the backed up files over to your new site and restore them. You should now have a copy of your site on your new server.  One last thing for this step disable any plugins that you have installed that you are not using.

#4 Install Smoosh.it

Install the Smoosh.it wordpress plugin. Smoosh.it will optimize your images making them smaller files that download more quickly. You can even use it to batch process the existing images on your site.

#5 Install and configure WP Super Cache

Install the WP Super Cache plugin  and select the “Use mod_rewrite to serve cache files” and the “Compress pages so they’re served more quickly to visitors” options under the advanced tab.  This is the step that will result in the greatest increase in server performance. Instead of each page request needing to be generated by PHP on each page request a static version of the page will be generated on the first page request. For a period of time (3600 seconds by default) a static and compressed version. will be served by Nginx. Nginx is very good at serving static files quickly and you’ve now turned WordPress into a static file generator.

#6 Install WP DB-Manager

Install WP DB-Manager and use it to optimize and repair your DB. You should use this plugin to schedule the database to be Optimized and Repaired at least once per Month. If your site is frequently being updated and many comments are being posted you should schedule this to occur once per week.

If you’ve made it this far you’re doing great.  Your WordPress site is on your own new VPS and should be amazingly fast but there’s still one more step before your site is live on the new server.

#7 Set up a Free CloudFlare account

Sign up for a free CloudFlare account. Cloudflare is a content delivery network CDN.  The way cloudflare works is that you use them to manage your DNS records.  You’ll need to log in to your domain name registrar to update your name servers. Then when someone makes a request to your site they send that request to the closest server on their network which has a cached version of your site which it then serves to the requester. This results in a much quicker response time for the end-user and significantly less load on your VPS. Their free service is fast but they offer an even faster paid service with additional functionality.

 

You’ve done it! You’re WordPress site is now incredibly fast.  If you’re still in the need for greater speed many WordPress templates make way too many requests to external js and css files and should also be optimized.

 

If you need a great virtual server host for your WordPress site I highly recommend that you
Sign up for a Linode SSD VPS

After reading through all of this you’ve decided that you would rather leave the management of you server in the hands of professionals have a look at

CloudWays Managed VPS

CloudWays offers VPS management on top of DigitalOcean’s network

 

I’ve been a bit brief in some of my descriptions on how to make WordPress Fast. If you have followed all the steps in this tutorial and you’re having an issue or need further details, please ask a question in the comments and I’ll update the article to address your concerns.

 

Featured Post

How I improved my WordPress GTmetrix grade

I’ve managed to improve my GTmetrix page speed and Ylow grades from the mid 70’s to 98% for Page Speed and 97% for YSlow with a page load time of only 1.18 seconds. Here’s a link to the report (if the link is dead feel free to re-run the test). In this post I’m going to […]

Featured Post

Linode vs. DigitalOcean vs. Vultr vs. RamNode

Comparing SSD cloud VPS hosting providers can be difficult A virtual cpu core at one hosting provider won’t be equivalent to a virtual cpu core at another host or even another virtual cpu core at the same host depending on the specifications of the underlying hardware and the underlying hardware’s utilization at the time of […]

Featured Post

Digital Ocean vs. Linode – Which virtual server?

If you’re reading this you’re probably on the hunt For the best Virtual Private Server (VPS) that you can find and you’ve come to the correct conclusion that it comes down to DigitalOcean vs. Linode. In this post I’m going to outline the pros and cons of each, present you the benchmarks and hopefully help […]