By Partha Sarathy, Alibaba Cloud Tech Share Author. Tech Share is Alibaba Cloud's incentive program to encourage the sharing of technical knowledge and best practices within the cloud community.
In today's post, I'm going to show you how I deployed my website, sarathy.tech, on Alibaba Cloud.
I built my website using WordPress on Alibaba Cloud Elastic Compute Service (ECS) instance with Nginx, PHP 7.2, FastCGI, MariaDB, and Redis caching for maximum performance.
Before you get started, I'm assuming that you already have a basic understanding of the cloud, networking, and knowledge of Linux command line.
You also need a functional domain name for your website.
If you don't have an account already, you can sign up here. New users can enjoy $300-$1200 worth in free trial, valid for 2 months. If you are not sure how to do this, refer to this tutorial.
After setting up an account, you're ready to deploy a high performance WordPress website!
Log In into Alibaba Cloud Console by entering your Email and Password. You may need to enter a security code for security purposes.
In the Alibaba Cloud Console, click Products and select Elastic Compute Service from the list.
Click Instances, and choose your Region from top left drop-down menu. A list of available regions will be displayed.
Click Create Instance. For my instance, I have selected the following configurations.
I have selected an IO Optimized instance with 4GB of physical memory (RAM) and 1 virtual CPU. If your website will be hosting more dynamic content, consider purchasing a higher-spec instance.
Now you have to select an appropriate Image for your instance. I have chosen an Ubuntu 16.04 image for my server.
There are a few other configurations to consider, I have chosen the default settings for the rest.
Alibaba Cloud DNS is an authoritative highly available and highly scalable domain name resolution and management service. DNS stands for Domain Name System, which helps us to map our IP address to a domain name. To use Alibaba Cloud's DNS service, you need to update the nameservers in your Domain's control panel. The name servers will be provided by Alibaba Cloud.
Before you start, you need to get the public IP of our Instance. Follow the steps below to proceed:
A couple of Name Servers will be displayed. Update them in your Domain's control panel. DNS migration may take up to 48 hours, so you'll have to be patient!
Now, you have to add two "A" records.
Enter the following details for the first "A" record.
Enter the following details for the other "A" record.
You can connect to your instance via VNC or SSH. VNC requires high-speed internet connection whereas SSH works fine even in slow connections. So, I prefer using SSH over VNC.
Connecting through Linux / Mac
Open your command line and enter the following code:
ssh root@your-instance-ip
Type yes and enter the root password. If the password is correct, you'll successfully logged in.
Connecting through Windows
If you're using Windows machine, you'll need to use a third party program such as PuTTY. Connect to the server using PuTTY. Enter your instance's username and password to log in
When you boot your instance for the first time, it's a good practice to check for driver-related error messages and warnings. In Linux, the dmesg command is used for viewing driver messages.
The Intel RAPL driver displayed an error message. If you face the same problem, you can safely blacklist the driver by running the following command.
echo "blacklist intel_rapl" >> /etc/modprobe.d/blacklist.conf
The kernel won't load this driver during next boot. Reboot the server by typing the reboot command.
Ubuntu is based on Debian. The APT package manager is used in all Debian based distros including Ubuntu.
apt update && apt full-upgrade -y
This will update all packages and the kernel to the latest version. A reboot is recommended after a distribution upgrade.
Let's clean up the system and remove all packages that are no longer required.
apt clean -y && apt remove -y
Run the following command:
dpkg-reconfigure tzdata
Choose your geographic area and choose your city.
Nginx is a high-performance web server capable of handling thousands of concurrent connections. It's a great alternative to the Apache web server.
Before installing, let's install the required packages:
apt install software-properties-common zip sendmail vim nano -y
You're going to install the latest version of Nginx, which is not available in the official Ubuntu repository.
Add Nginx repository:
echo "deb http://nginx.org/packages/ubuntu/ xenial nginx" >> /etc/apt/sources.list.d/nginx.list
Add Nginx's signing key:
curl -O https://nginx.org/keys/nginx_signing.key && apt-key add ./nginx_signing.key
Update the package list:
apt update
Install NGINX:
apt install nginx -y
Verify whether Nginx is successfully installed or not:
nginx -v
Remove the default configurations:
rm /etc/nginx/sites-enabled/default
rm /etc/nginx/sites-available/default
Remove the default webpage:
rm /var/www/html/index.nginx-debian.html
Start Nginx during boot:
systemctl enable nginx
Add PHP 7.2 PPA:
add-apt-repository ppa:ondrej/php -y
Update the package list:
apt update
Install PHP:
apt install php7.2-fpm -y
Verify whether PHP is successfully installed or not:
php -v
Install required PHP extensions:
apt install php7.2-redis php7.2-imap php7.2-xmlrpc php7.2-mysqlnd php7.2-imagick php7.2-gd php7.2-mbstring php7.2-common php7.2-zip php7.2-curl -y
Start PHP during boot:
systemctl enable php7.2-fpm
Add MariaDB PPA:
add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://mirror.sax.uk.as61049.net/mariadb/repo/10.1/ubuntu xenial main' -y
Update the package list:
apt update
Install MariaDB server:
apt install mariadb-server -y
During the installation, you will be prompted to enter a root password. Re-enter the same password & hit Enter.
Note that the default installation is not secure. You can secure the installation by running the following command:
mysql_secure_installation
You'll be asked to enter your root password. You will then be prompted with some questions. I have used the following settings (Press Y for Yes, N for No):
Start MariaDB during boot:
systemctl enable mysql
Login as root:
mysql -u root -p
Enter your root password. You'll be logged in to MariaDB console.
Create a new user:
CREATE USER "example-user"@"localhost" IDENTIFIED BY "password";
Replace "example-user" and " password" with you own username and password.
Create a new database:
CREATE DATABASE wordpress;
Grant all permissions to newly created user:
GRANT ALL PRIVILEGES ON . to "example-user"@"localhost";
Reload the privilege table:
FLUSH PRIVILEGES;
Exit the console:
EXIT;
Open Nginx configuration file:
nano /etc/nginx/nginx.conf
Don't forget to replace example.com with your actual domain name.
Paste the following:
user www-data;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 10240;
multi_accept on;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
fastcgi_cache_path /var/www/cache levels=1:2 keys_zone=example.com:200m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
sendfile on;
tcp_nopush on;
tcp_nodelay on;
types_hash_max_size 2048;
server_tokens off;
keepalive_timeout 15;
client_max_body_size 512M;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Referrer-Policy "strict-origin-when-cross-origin";
add_header X-FastCGI-Cache $upstream_cache_status;
gzip_vary on;
gzip_comp_level 5;
gzip_min_length 1024;
gzip_proxied any;
gzip_buffers 16 8k;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js;
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
limit_req_status 444;
gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 444;
}
}
This is our global Nginx configuration. To exit nano, press Ctrl+O then hit Enter.
You have to create another one for your domain:
nano /etc/nginx/sites-enabled/example.com
Paste the following:
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
root /var/www/html;
index index.php;
set $skip_cache 0;
if ($request_method = POST) {
set $skip_cache 1;
}
if ($query_string != "") {
set $skip_cache 1;
}
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
set $skip_cache 1;
}
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}
if ($request_uri ~* "/cart/*$|/checkout/*$|/my-account/*$") {
set $skip_cache 1;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
fastcgi_cache example.com;
include fastcgi.conf;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache_valid 10m;
}
location ~* \.(jpg|jpeg|gif|png)$ {
expires 365d;
}
location ~* \.(pdf|css|ico|js|swf)$ {
expires 10d;
}
}
Test Nginx configuration:
nginx -t
If the test is successful, restart nginx by typing:
systemctl restart nginx
Install Redis server:
apt install redis-server -y
Start Redis server during boot:
systemctl enable redis-server
Configure Redis server's memory limit:
echo "maxmemory 256mb" >> /etc/redis/redis.conf
Restart Redis server:
systemctl restart redis-server
Restart PHP:
systemctl restart php7.2-fpm
Open PHP 7.2 configuration file:
nano /etc/php/7.2/fpm/php.ini
Change the following values:
max_execution_time = 60
max_input_time = 60
memory_limit = 512M
max_input_vars = 6000
upload_max_filesize = 512M
post_max_size = 512M
Add Let's Encrypt PPA:
add-apt-repository ppa:certbot/certbot
Update the package list :
apt update
Install certbot for Nginx:
apt-get install python-certbot-nginx -y
Obtain SSL:
certbot --nginx -d example.com -d www.example.com
Press 2 & hit Enter.
You'll obtain your SSL certificate & certbot will automatically configure it for you.
Keep in mind that the SSL certificate will expire in 90 days. Run the following command to manually renew the certificate:
certbot renew
Move to Nginx root directory:
cd /var/www/html
Download WordPress:
wget wget https://wordpress.org/latest.zip
Unzip the package
unzip latest.zip
Move all files to the Nginx's root directory:
mv wordpress/* ./ && rmdir wordpress
Create a directory for storing caches:
mkdir -p /var/www/cache
Change ownership of the Nginx's root directory:
chown -R www-data:www-data /var/www/
Now type the URL of your website in your browser's address bar.
Complete the installation by following the instructions on the screen. You will need to enter the DB details from step 10.
Also, don't forgot to install Nginx Cache and Redis Cache plugins.
I hope you enjoyed this guide. This is how I deployed my blog on Alibaba Cloud using WordPress and an Elastic Compute Service (ECS) instance. If you are experiencing any issues do let me know in the comments section!
Best Practices for Working with Alibaba Cloud Function Compute
2,599 posts | 758 followers
FollowAlibaba Clouder - June 2, 2020
Alibaba Clouder - July 8, 2020
Alibaba Clouder - September 27, 2019
Alibaba Cloud MVP - May 6, 2022
Alibaba Tech - September 24, 2019
Alibaba Clouder - August 2, 2018
Yes would like to know the cost? Also you are deploying a static personal website? The blog post above is way to complex, why not deploy it to OSS static site, you dont have to manage any of the server side infrastructure? Person blog deployment should not be so difficult. Sorry i don't get this post for deploying a "personal site", but i would really like your input.
My original title of the article was Deploying a High Performance LEMP stack on Alibaba Cloud for hosting WordPress. Alibaba Cloud tram modified the title
My original title of the article was Deploying a High Performance LEMP stack on Alibaba Cloud for hosting WordPress. Alibaba Cloud tram modified the title
This is quite handy Partha. It can help people to venture out immediately.
2,599 posts | 758 followers
FollowElastic and secure virtual cloud servers to cater all your cloud hosting needs.
Learn MoreCloud-based and lightweight servers that are easy to set up and manage
Learn MoreAn encrypted and secure cloud storage service which stores, processes and accesses massive amounts of data from anywhere in the world
Learn MoreMore Posts by Alibaba Clouder
Sanjay August 15, 2018 at 5:54 am
what is the total cost for above project (cost for domin, ecs and everything...)