Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Recently, a customer said that his website is located abroad, but the domestic website opens very slowly, because domestic and foreign users visit frequently, and hopes to improve the domestic access speed of their website. In general, WordPress plug-in templates load more data, even if caching plug-ins such as wp rocket installed, js, css compression, or database optimization. In fact, the speed of the website will not be greatly improved.
After some simple analysis, I plan to move their website to the space provider of the cn2 gia line, which may be the fastest way to increase the speed of the website. The following are some of my actual combat sharing, and how to quickly switch data when the website encounters an attack.
Note: Although this machine is placed abroad, the probability of errors such as 403 in Baidu spider crawling is almost gone.
Before the relocation of the website, the space was placed in the digital ocean, and the CDN was Cloudflare. Although the digital ocean is a very good space provider in foreign countries, for domestic users, the access has gone to Cloudflare, so the speed is still very slow.
In addition, it is possible to analyze the DNS of the sub-line, but the operation will be more troublesome. So this article does not discuss this.
Through the incognito browser Chrome, it can be seen that the speed is only opened in 6.35 seconds. Pre-rendering took 4.46 seconds.
In addition, it can also be seen through the speed measurement of the webmaster’s home. Telecom lines are slightly faster. However, the speed of China Unicom and China Mobile is obviously more than 4 seconds.
Regarding the choice of a space provider, in fact, you only need to choose a stable space and a good line. Basically, everything is possible. I am now choosing cn2 gia e-commerce for bricklayers. The biggest advantage of cn2 gia is that the domestic three network access is very fast. And this space quotient is also the most stable speed. I’m currently $49.99 a quarter, which is actually equivalent to $16 a month.
1
2
3
4
|
SSD: 20 GB RAID-10 RAM: 1 GB CPU: 2x Intel Xeon Transfer: 1000 GB/mo |
This can be different according to each person’s situation, choose a different host. But it is recommended that you do not need to buy a particularly good host if the traffic is not very large at the beginning, and you can expand the capacity later.
I am using Ubuntu 20.04. php 7.4 + nginx + mysql. Why choose this? Because PHP 7.4 is 30% faster than PHP 7.2.
Why not a pagoda? Because some time ago, the pagoda had a big loophole. And for the website, I feel that other third-party tools should be used as little as possible. In addition, the built VPS can also be as clean and tidy as possible. Fewer external programs.
The following command lines are based on Ubuntu 20.04. Just follow orders. Basically can not go wrong.
ssh root@***.***.***.*** -p port number
The asterisk above is the IP address. -p is to specify the port. Because the default ssh port of the bricklayer is not 22, it must be specified here.
Step 1: Install nginx
sudo apt update
sudo apt install nginx
Step 2: Turn on the firewall
1
2
3
4
5
|
sudo ufw app list sudo ufw allow ‘OpenSSH’ sudo ufw allow ‘Nginx HTTPS’ sudo ufw allow ‘Nginx HTTP’ sudo ufw enable — — |
Step 3: Install mysql
sudo apt install mysql-server
sudo mysql_secure_installation (this step is optional, this is a secure script).
Enter y and press Enter, select 2, the strongest password, and enter a new password, which is the root password of MySQL.
Then choose y for all. One is to remove anonymous users, the other is to prohibit remote login of the database root, and the last is to remove the test database.
Finally, choose y. The script works immediately.
Step 4: Install the PHP module
1
2
3
|
sudo apt install php-imagick php7.4-fpm php7.4-mbstring php7.4-bcmath php7.4-xml php7.4-mysql php7.4-common php7.4-gd php7.4-json php7.4-cli php7.4-curl php7.4-zip sudo systemctl reload php7.4-fpm nginx |
Step 5: Move the website data over
Because the website is WordPress, your website may be written by other programs, so the content is different. I won’t write it here. In addition, remember to make nginx. conf under the /etc/nginx/sites-enabled/ directory
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
server { listen 80; server_name your_domain www.your_domain; root /var/www/your_domain; index index.html index.htm index.php; location / { try_files $uri $uri/ =404; } location ~ \.php$ { include snippets/fastcgi-php.conf; fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; } location ~ /\.ht { deny all; } |
Replace your_domain in the configuration file with your domain name ****.com
Step 6: Configure and install SSL
I use let’s Encrypt for ssl.
1
2
|
sudo apt install certbot python3-certbot-nginx sudo certbot — nginx -d example.com -d www.example.com |
Replace example.com with your own website domain name. If there are multiple subdomains. Just add it yourself.
It should be noted here that the DNS must be pointed to the current VPS first, otherwise, the configuration will fail, if Cloudflare is used. To turn off the CDN.
See the last sentence. Congratulations! Your certificate and chain have been saved at:
It means the installation is successful.
This certificate is valid for 90 days, but Certbot will run two system timers every day to check the validity of the certificate and automatically renew the certificate. You want to check if the timer is valid.
sudo systemctl status certbot.timer
The output is as follows, which means it is normal.
1
2
3
4
5
|
● certbot.timer - Run certbot twice daily Loaded: loaded (/lib/systemd/system/certbot.timer; enabled; vendor preset: enabled) Active: active (waiting) since Mon 2020-05-04 20:04:36 UTC; 2 weeks 1 days ago Trigger: Thu 2020-05-21 05:22:32 UTC; 9h left Triggers: ● certbot.service |
Directly using domestic telecommunications to access, the opening time of the website has been significantly improved. Compared with the previous speed, it is about 2-3 times faster. And this is the speed at night. The access speed at night was not affected at all.
Except for one address marked in red, the DNS resolution has not yet taken effect, and the speed of the other effective IPs is obviously opened within 2 seconds.
Here I recommend using Cloudflare to configure your website. By default, CDN is not enabled. That is, the domain name directly points to the IP. However, if you encounter attacks such as DDoS, it is recommended to immediately open the Cloudflare proxy and point the IP to your backup clone space. Because the IP is hidden, and a large amount of attack data of the attacker will be filtered out by Cloudflare, so as long as the response is timely, your website can be restored in just a few minutes.
In addition, you can locate your attack source IP through the access.log access log. And in Cloudflare’s firewall, directly filter suspicious IP. For example, use blocking access or verification codes to locate attackers. And the cf option can also block the entire country.
Also, turn on the under-attack mode. Can effectively prevent small and medium attacks.
This article was contributed by www.pjcourse.com, which is not responsible for the authenticity or availability of the content.