Tech

Site Optimizations

PHP 7.1 with OPcache

Didn’t had opcache installed previously for some reason
Google PageSpeed insights for server response dropped from ~0.8s to 0.2s

Caching

Added the plugin, WP Super Cache to generate static html pages
Modified Nginx conf so cached pages bypass PHP processing

# wp cache configs
set $cache_uri $request_uri;

# POST requests and URLs with a query string should always go to PHP
if ($request_method = POST) {
set $cache_uri ‘null cache’;
}
if ($query_string != “”) {
set $cache_uri ‘null cache’;
}

# Don’t cache URIs containing the following segments
if ($request_uri ~* “(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|contact|photos|wp-comments-popup.php|wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)”) {
set $cache_uri ‘null cache’;
}

# Don’t use the cache for logged-in users or recent commenters
if ($http_cookie ~* “comment_author|wordpress_[a-f0-9]+
|wp-postpass|wordpress_logged_in”) {
set $cache_uri ‘null cache’;
}

location / {
index index.php index.html index.htm;
try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args;
}

Nginx

Switched from Apache httpd to Nginx
Restoring visitor’s real IP instead of cloudflare proxy server’s in access logs
- Create the file /etc/nginx/conf.d/cloudflare.conf with the following content

# Cloudflare
# List of IPs @ https://www.cloudflare.com/ips/
# – IPv4
set_real_ip_from 199.27.128.0/21;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 172.64.0.0/13;
# – IPv6
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2c0f:f248::/32;
set_real_ip_from 2a06:98c0::/29;
real_ip_header CF-Connecting-IP;

Sub directory applications with “pretty URL” that used to worked previously with .htaccess had to be updated with the following changes to Nginx conf

# sub-directory cis320 application
location @cis320 {
rewrite ^/cis320/?(.*)$ /index.php?$1;
}
location /cis320 {
allow all;
rewrite ^/cis320/?(.*)$ /cis320/index.php?$1 last;
}

Credit: https://stackoverflow.com/questions/32554089/laravel-in-sub-folder-on-nginx

HTTPS / SSL

Enabled auto extension of certificates via letsencrypt certbot + cron

/home/webapp/certbot-auto certonly –debug –expand –keep-until-expiring –webroot -w /var/www/sites/alvinyeoh/ -d www.alvinyeoh.com -d alvinyeoh.com >> /etc/letsencrypt/logs/renew_log 2>&1

WordPress

Disabled per page access wp-cron with the following in wp-config.php

define(‘DISABLE_WP_CRON’, true);

Added to crontab

* * * * * wget -q -O – https://www.alvinyeoh.com/wp-cron.php?doing_wp_cron

Site Optimizations

Migrating data directory of MariaDB to another disk

AWS Linux AMI 2 Extra Libraries

Add SWAP to Instance

Mounting EBS on EC2

MariaDB Master Slave / Replica Setup