Welcome to Tech Talk Tuesday!
Every Tuesday, a member of the BigScoots team or one of our wonderful partners from our ecosystem will be digging into a variety of WordPress topics and trends. Each #TechTalkTuesday is designed to expand your understanding of a WordPress topic and give you an opportunity to learn more about what everyone is doing for you behind the scenes!
Week 1 – How can I improve security on my WordPress site?
It is important to be aware that using security plugins will have both positive and negative impacts to your site. Oftentimes they are found blocking legitimate requests and more critically the scans they perform can greatly impact overall website performance.
That said, if you are someone who chooses to manage the security of your WordPress website yourself without the help of a managed WordPress provider, a security plugin can be a very helpful tool providing you with an extra set of eyes on your WordPress security.
How Can BigScoots Help?
At BigScoots, we block access to all scripts that do not need to be accessed from the outside world to prevent attackers from sending requests to scripts that are potentially vulnerable. If the script does have a vulnerability the attacker can exploit and they attempt to do so, we will immediately block the request.
With our managed WPO plans, we will also proactively monitor for irregular resource consumption which can be an early indicator of an exploit. We dig deep into stuck PHP processes and database conflicts which can be a result of malware. We also regularly upgrade and expand our on-premise security appliances designed to block attacks before they impact you or your visitors.
CloudFlare Pro is a fantastic paid security option that adds an industry leading Web Application Firewall (WAF) to your site. The WAF will sit in front of your site, so any and all load a WordPress security plugin would normally expose your site to will be handled entirely off server at Cloudflare, resulting in zero impact to the performance of your website.
Pro Tip: WordPress Security is only as strong as the weakest point – don’t forget about a secure password! A password manager is a fantastic way to create long and secure passwords without running into the hassle of forgetting them.
Justin, Co-Founder and SVP of BigScoots.
As SVP, Lead Systems Engineer and co-founder, Justin controls the BigScoots helm in day-to-day operations. He studied network security, advanced Linux administration and has over 15 years of hands on experience.
In addition to overseeing the support desk, Justin is lead on all configuration, proactive monitoring and ongoing maintenance of BigScoots infrastructure.
When not in Chicago, you can find Justin in Southern New Jersey with my wife and three children.
Week 2 – What Is Caching And Which Caching Plugins Does BigScoots Recommend?
Caching is the process of storing frequently-accessed data temporarily in a ‘cache’ so that it can be reused for subsequent requests.
When cache is disabled, your server is required to process the requests, compile the data, and send it back to the browser each time a visitor browses your website. These requests include various file types such as HTML, PHP files, scripts, images, fonts, and all other content stored within your WordPress database.
A WordPress website generating high traffic will result in a much heavier workload for the server as it will be required to work significantly harder to process and compile multiple pages per second as requests flow in. This increase in workload will result in an inevitable decrease in website performance.
This is where caching comes in!
When cache is enabled, it can assist with decreasing the workload on your server by storing a copy of each request to ensure when a subsequent request flows in, it is served directly from the stored cache.
Caching plugins can further assist with website performance in that they will create a static page of your web pages. When a visitor browses your website, they will see a cached version. When content is updated on your website, the plugin will empty the stored cache, and regenerate with updated content and files. Not only will this minimize the amount of data transmitted between the browser and server, it will improve the overall speed and performance of your website.
Common Types of Caching
- Page Cache – The simplest of the caching mechanisms. Page Cache is the process of storing content for each and every web page; created at the time the request is received from visitors browsing a web page.
- Object Cache – The process of storing database queries in a cache. As WordPress is heavily dependent on databases, efficiency is crucial.
- Opcode Cache – Saves all compiled PHP codes as the requests flow in.
- CDN Cache – CDN’s use edge servers located all around the world to store static website files for faster and more efficient delivery to users that are geographically distant from the host server.
BigScoots Recommended Caching Plugins
- WP Cloudflare Super Page Cache – Recommended for WordPress websites using Cloudflare services. Allows Cloudflare to handle all page caching to ensure all web pages are served over the Cloudflare CDN rather than static content. This plugin is becoming more and more favored as it continues to be developed as there are many great features including a fallback cache which services cache from the server if it doesn’t currently exist at Cloudflare.
- WP Rocket – Ranked the fastest and most feature-rich caching plugin for WordPress websites, while this plugin is very good, it still relies on the cache to be stored locally on the server, we recommend pairing this plugin with WP Cloudflare Super Page Cache so you can utilize the script optimization WP Rocket provides with the page caching being handled by Cloudflare.
- Cache Enabler – For those not using Cloudflare, we recommend this plugin. For those using our Fully Managed WordPress services, we have a specific configuration for it to improve its performance by serving the cache directly by the web server and bypassing PHP. This can also be done for those using Apache on our shared/VPS plans using the following:
- Shibin’s Pro Tip: Installing Autoptimize with Cache Enabler may lead to further performance improvements.
- LiteSpeed Cache – Recommended specifically for BigScoots shared hosting. Provides object cache support, image optimization, LazyLoad images, Content Delivery Network (CDN) support, and much more!
At BigScoots we use different forms of caching in order to speed up and optimize your site. Caching is a critically important part to any efficient and well performing site.
Depending on your workflow and development routine, it may be necessary for you to clear this cache from time to time from your live environment. At any time you are free to clear your OPCache, Page Cache, Object Cache, All Server Cache as well as Cloudflare Cache from within your BigScoots WordPress Optimized (WPO) Portal.
Although the WPO Portal gives you option to manually clear your site(s) cache with a single click at any time, if you are the least bit weary about doing so, or would like some additional insight and direction on a particular issue you believe is related to caching, please feel free to reach out to our team here at BigScoots – we are always happy to assist!
Shefin, AKA Shibin, Support Specialist at BigScoots.
Shibin is passionate about providing each and every one of our amazing clients with the highest level of support available on the market.
Shibin is a newlywed! When not working, you will find him enjoying his family time with his wife.
Week 3 – Why Does BigScoots Choose CloudFlare?
Handling over 10% of all global requests from websites, Cloudflare has gained its popularity within the hosting industry due to its excellence as both a Domain Name Server (DNS) and a Content Delivery Network (CDN). Though not limited by these services, Cloudflare has extended their scope to include domain name registrations, website optimization, enhanced security and performance improvements.
Benefits of Using Cloudflare
1. Content Delivery Network (CDN) – Cloudflare’s CDN capabilities stores your websites static files across multiple data centers that are geographically distributed around the world. Using a CDN allows your websites visitors to load your sites files much quicker by pulling data from a data center more geographically favorable to them, thus, improving website speed and load time.
2. Bandwidth – Cloudflare helps to reduce bandwidth usage on the server side as only dynamic requests for your website will reach the server, while Cloudflare will load the previously stored static files through its CDN capabilities.
3. Faster Domain Name Server (DNS) – DNS are responsible for converting your registered domain name to its respective IP address, allowing your browser to download your website’s data. With the addition of Cloudflare DNS, you can reduce all possible DNS query delays to under 15 seconds.
4. Security – Cloudflare provides several excellent options for enhancing the security of your website. For example, if you were to ever experience an attack or hacking attempt, Cloudflare provides an attack mode which allows you to instantly enable additional security features, such as additional IP address checks or Captcha. Additionally, extensive DDOS scans are completed for each visit on the server.
5. Page Rules – Cloudflare grants you the ability to activate specific page and/or traffic rules to your website, Not only does this include allowing your website the capability of disabling cache as required, you can also create page rules for redirecting to additional websites.
6. Analytics – Cloudflare can provide analytical data based on the unique visitors your site generates at the DNS level, and without needing to add any additional code to your website. This ensures that all data is accurate as there is no possibility of adsense code being blocked at the user-side in the way it would be by plugins and scripts if the analytical code had been added to your site.
Prasul, Support Specialist at BigScoots.
While ensuring all clients receive the highest level of support and service available on the hosting market, Prasul is responsible for testing and maintaining all operating systems.
Prasul has a degree in information technology, and when not working you will find him traveling with his family and friends.