How To Setup a VPS for WordPress (Part 1)

In this part of the series we will be conducting the preliminary setup of a virtual private server running the CentOS server operating system.


In the first part of our tutorial series on setting up and optimising a VPS for WordPress we will be going through the steps of setting up a CentOS based server. In this series will be setting up a virtual private server provided by Digital Ocean (signing up via this link will provide you with $10 worth of free credit), however you can use a VPS from any provider for this same tutorial although be warned a few things may be a little different for different providers.

Throughout this tutorial we will be using CentOS, the reasons for this include the long support duration of releases and the close relation of CentOS with Red Hat Enterprise adding even greater security. Otherwise we also have a little more familiarity with the ins and outs of CentOS than other operating systems such as Fedora and Ubuntu.

Setting Up a VPS

Setting up a DropletWhen greeted with the “Create Droplet” panel we suggest picking a configuration with at least 1GB of RAM since we need a little overhead to run the Varnish Cache server. When choosing a region we recommend choosing a location close to home for better latency, however if your site receives a majority of its users from elsewhere, you may wish to choose a location closer to them.

Once the option to choose an OS image is presented we suggest choosing CentOS 6.5. Both 32 bit and 64 bit versions of CentOS are available and truthfully either flavour is fine although there is very little advantage of using the 64 bit version of CentOS unless you have more than 4GB of RAM.

For this tutorial we will be ignoring setting up an SSH Key as it may lead to a few conflicts and issues with users who are using different operating systems and SSH clients to connect to their VPS from. Ideally for top notch security it is advisable to use an SSH key rather than a password as it is much more secure and pretty much impossible to hack. Nonetheless a lengthy password consisting of various letters, numbers and symbols is still considered to be very secure. To finish up simply click “Create Droplet” and your VPS will quickly spring into life.

To login to your VPS you will have received a password from Digital Ocean along with the IP address of your server. To connect to your VPS you will need a SSH client, for Windows I use PuTTY and on OS X the Terminal application has its own built in SSH client. When you first login to your VPS you will probably notice that it asks for you to change your root password. This is a common security practice for added security, when choosing a new password make sure that it is complex enough so that it is reasonably hard to guess and familiar enough such that you can remember it. If you do choose to make a note of your password for safe keeping we recommend using a secure password manager.

Logging in on OS X

Open up a new Terminal window and type the following, removing your_server’s_ip_address with the IP address that was sent to you via Digital Ocean’s welcome email.

ssh root@your_server’s_ip_address

If everything checks out your server should ask you for the root user’s password. Simply copy and paste the password was sent you and hit enter. You should now be logged in to your very own VPS.

Logging in on Windows

After you have downloaded PuTTY or have a SSH of your liking ready, we can login to our server. To login to your VPS type root@your_server’s_ip into the host name input, leaving the port as its default 22 and ensure that everything looks more or less similar to the image below.


If everything has worked out correctly you should be presented with a SSH session window which prompts you for the root user’s password. Simply copy and paste (to paste into the PuTTY window you must right-click) the default password you received from Digital Ocean’s welcome email and hit enter. If you have trouble copying and pasting, try entering the password manually. Be aware that CentOS and other Linux Distributions do not replace entered characters with asterisks like in many other operating systems – in many cases the password field will appear to be blank.

Securing the Server From Intruders

Any server connected to the internet is at risk to being hacked or compromised, in reality nothing is infallible, but we can make a few changes to ensure that the risk of our server being compromised is as minimal as possible. To do this we will be going through the process of disabling remote root access to the server and setting up a secondary account with sudo privileges.

Adding a New User

The first step we must take to securing our VPS is to make a new user with sudo privileges. To do this type in the command below whilst changing the username of what follows from the “adduser” command. Make sure you press enter on completion of each command.

adduser c3po

passwd c3po

Unfortunately we will not receive any sort of acknowledgement of the command being successful, but alas that is just how Linux is. Now we have added this new user, we must now add them to the sudoers file to give them more or less unlimited access to system commands.

Editing the Sudoers File

This is were it can get a little tricky if you don’t have a great deal of experience working with Linux systems, so if you do get stuck leave a comment below or contact us via the “Get in Touch” page for some advice. The first command we need to enter is:

chmod +w /etc/sudoers

This command makes the sudoers file writeable such that we can edit it and add our new user account to have sudo privileges. Next enter the following command:

vi /etc/sudoers

This command opens the following sudoers file with Vim, a common file editor used on many Linux distributions. To navigate through a text file using Vim simply use the up and down arrow keys, and to begin editing press the ‘a’ key once. This part can seem a little tricky, although fortunately we only need to edit and add a couple of lines. Find the following lines in the sudoers file as seen below:

## Allow root to run any commands anywhere
root ALL=(ALL) ALL
c3po ALL=(ALL) ALL

Simply replace “c3po” with the username you created earlier on in the tutorial, and you should be good to go. Once you have added the above line hit the escape key and type :wq and hit enter. To make the sudoers file unwritable once again type the following command below:

chmod -w /etc/sudoers

Disabling Root SSH Access

We now have a new username account with full sudo privileges, however the root account is still accessible via SSH leaving a small but significant security vulnerability. To get around this issue we must edit just one more file, just one more file we swear. Open up the SSH Config file:

vi /etc/sshd_config

Navigate to the line that says:

#PermitRootLogin yes

As you’ll probably notice there is a hashtag in front of this line, this means that this statement is ignored by the server and is viewed simply as a comment. As with before press the ‘a’ key once to enable editing mode and remove the hashtag before the line, whilst also changing the ‘yes’ to ‘no.’ To finish editing the file press escape and type :wq and hit enter. Before these changes are parsed we must restart the SSH service, to do this enter the command below:

service sshd restart

To finish up type logout into the console and once again log back in with your new user account to make sure everything is working as it should. To log back into the root account you must type su of which you will then be required to enter the root account’s password.

Wrapping Up

Part 1 of our WordPress web hosting series has now finally come to an end. We hope all of you who have followed this tutorial through have had success and if you haven’t comment below in order for us to provide you with further advice. In the next instalment of the series we will be going through configuring IPTables and installing services such as Apache, PHP and MySQL ready for a WordPress Installation.

How To Setup up a VPS for WordPress (Introduction)

In this series we will be going through the steps of setting up and optimising a virtual private server (VPS) for a large capacity WordPress install.

Table of Contents


Since quite recently we have been posting out quite a bit of content relating to optimising websites and their hosting, we are pleased to announce that over some time in the near future we hope to release a tutorial series on optimising a virtual private server or VPS for a WordPress install. The ensuing series will be aimed at both beginners and intermediates in the field of self hosting a web server. We hope the series will allow you to firstly set-up and then optimise a linux web server of your own, and then later manage it by applying update and performing general web server maintenance. Throughout the series we will be using a VPS provided by Digital Ocean which means we will also be going through the process of installing and configuring a web server such as Apache.

Not only will this series cover the set-up of a web server we will also be covering managing and optimising a WordPress install, this will include plugins to speedup WordPress through the use of add ons such as W3C Total Cache and ensuring that a WordPress install is secure from intruders. Next we will discuss the use of caching servers such as Varnish, to serve static pages rather than dynamic pages.

We will be posting the next parts of the series throughout the next few months, and we will try to keep them to a regular schedule, although this will depend on whether or not we have to give time to other commitments. To keep up to date with the series you can follow us on Twitter, Google+ or Facebook or if you’d rather, you can subscribe to our RSS feed.

How To Load Test a Website Using

We’ve recently been doing a little work on optimising web sites for the best possible performance. To achieve this performance we’ve made optimisations to Apache’s httpd.conf and set-up static caching servers such as Varnish. Some of these changes in themselves have made huge changes to how a site performs, for example we recently installed Varnish on our own hosting platform, allowing us to serve many more users with exactly the same hardware. However, a tutorial on optimising a server for the best performance is perhaps for another time. In this post we will be discussing post optimisation of a website via load testing.

Load testing services can be expensive depending on where you look, however we have been fortunate enough to find a more or less free alternative. The service in question is called, a somewhat free service depending on whether you opt for the more premium options, although for many small website owners the standard tools should work just fine. Setting up for testing is relatively simple, simply register for an account and add a domain name. As an added security measure you will have to verify that the domain is yours as obviously they don’t want you using their services as a means of a DDoS Botnet. Another apt point to mention is that we’d recommend you only really use this service on your own private hosting such as a VPS or a dedicated server. Using load testing on shared hosting could add unnecessary load on resources slowing down not just yours but the websites of others. Verification

After verifying your site in question we can move on to creating our first test. When going through the stages of setting up a new test you can experiment with any of the testing modes with as many users as you wish. In our case we went with maintaining a client load over a large range of users to see how our hosting held up. The details of our testing set-up can be seen below.

Our Test Settings

As the test runs you should find that the response rate of your server increases as the number of clients increases. This is perfectly normal and makes sense since with more load the server is going to increasingly struggle to serve web pages to users. Although high response times are not ideal it is not until the response time becomes so great that it really becomes an issue. The amount of stress a server comes under can often be tied to the complexity of the website, for example a html site will be able to serve many more users than a fully fledged CMS.

Web Tech Gadgetry Load Test Results

Interpreting the Results

The graph above allows us to get an idea for how much load our server can take. Although a server can continue serving pages with a very stressful load it will become increasingly slower in doing so. So in interpreting these results we can determine what the most acceptable response time for our server should be. In all reality a response time greater than 3000ms or three seconds would probably cause users to turn away from your site. For the example on the graph above we had 280 clients connected to our site when the response time of the server was 3000ms, we can then use this result to further optimise our Apache web server to allow for this many user connections. Although to be on the safe side you should probably set the number of users a little lower such that there is room for a small margin of error.

We very much hope that this post has been of use to you, if you currently aren’t getting particularly good results with your load testing feel free to comment below on what kind of hosting set-up you’re currently using as we plan to make some posts on optimising both websites and servers in the future.

SnapPower Charger: USB Chargers Built Into Power Sockets

The latest gadget hit to make its way to Kickstarter is called SnapPower. The concept behind SnapPower is to have a USB charger built into conventional wall socket that can be used to charge any device, from your phone to your tablet and just about any other device that is powered via a USB cable. SnapPower is being created to solve an ever increasing problem, and that is our desire to own more and more gadgets and with more gadgets come more power adaptors. The issue with conventional power adaptors is that they are required for charging many of today’s devices, and are often not available to us in the most convenient fashion and can occasionally become misplaced.


The huge advantage of the SnapPower Charger is that we would be able to charge any of our USB based charging devices using a power outlet in any one room in our homes, without having to look for that ever elusive power adaptor. In itself the SnapPower Charger is hugely advantageous around the home, but its possibilities would be almost endless if it were to be mass adopted in a more commercial setting. For example, if you were going away for a bit and happened to forget your adaptor but had a spare USB cable, you could simply charge your devices from a power outlet in a hotel. Of course the added benefit of this is you wouldn’t have to carry your power adaptors around with you, but simply the USB cable.

Multiple Sockets SnapPower USB Charger

The picture above shows just how practical this invention really is, as it doesn’t interfere with any other devices in your home as it is of course connected via its own socket, and therefore there are more free power outlets available to you should you need them. More information on the SnapPower Charger can be found on its official Kickstarter page.