2019-06-30 00:00:00

Security|Technologyblog|hosting|self-hosted|server|site|Wordpress

The do's and dont's when setting up a self-hosted Wordpress site

Installing a basic Wordpress system really is a straightforward task, but configuring it to survive unexpected technical problems and inevitable hacking attempts requires some planning.

If you have decided to get all the features that WordPress software has and perhaps tweak the system a bit, or you simply want to have total control over everything the Wordpress system does, you are going to have to find a web hosting service for your site. Finding a web hosting service is easy, but setting up and configuring your own web server needs some planning.

Wordpress has documented the main steps for moving from a Wordpress.com blog to a self hosted server. In this article, we focus on the key things you should do and not do when configuring your own system.

Tevya Washburn wrote a long blog post where he told the story of his Wordpress service business. After a number of years with persistent problems, he finally mastered Wordpress, and was able to list the key tasks to do when running multiple Wordpress sites. Since most people who are setting up a Wordpress for themselves or for a small business, need only one or two web sites, I have adopted Tevya Washburn's tips and made them relevant for someone who is starting his or her journey with self-hosted Wordpress.

There are plenty of web hosting companies that are specifically marketing Wordpress hosting. The best thing with them is that you usually get a system that has the basic installation already running: web server (usually Apache), Mysql or Maria database, and PHP. They are all required by Wordpress.

That's not all. Even before the Wordpress site is up and running, it is important to configure all the dependencies between system components so that you can avoid the single point of failure.

When you are running and administering your own web server, you will quickly find out that all kinds of things happen on the internet that cause problems for your site. It maybe a massive wave of spam email, an attempt to hack into your system, comment spam storm, or something else, but things happen 24/7 online.

man looking at program code on computer monitor. photo: Jefferson Santos

The do's and don'ts of Wordpress configurations

After running Typo3 and Drupal web servers, and now Wordpress sites, we have learned two key things:

  1. Avoid single point of failure and
  2. Secure your system from day one.

In concrete terms, this means that you should:

  • Get a cloud hosting service with WordPress-optimized configuration.
  • Set up separate Wordpress instance for each Wordpress site (don't use Wordpress Multisite feature).
  • If you are setting up multiple sites, consider spreading them across two or more servers.
  • Configure the DNS for your server with the registrar where you bought your domain name.
  • Whichever web hosting service and control panel you choose, learn common Linux commands (bash shell) well. You will need it. Especially, troubleshooting and monitoring what is going on in the system are common command prompt tasks. Creating small scripts that automate routine tasks is another reason for learning Linux commands.
  • Install a Linux firewall.
  • Install Wordpress security plugins that are relevant to your system.

Avoid these items in your Wordpress installation:

  • Don't use shared hosting or hosting that uses cPanel.
  • Don't use Wordpress Multisite feature.
  • Don't run an email server in the same system as Wordpress. Email server can be a resource hog, and it is another point of entry to the system.
  • Don't make your Wordpress installation available to the internet before basic security elements are in place.
  • Don't rely on your web hosting service backup alone (of course, this varies by hosting company - some services have excellent backup plans that can quickly recover from a disaster), but consider backing up your web data to another server where you can quickly recover it.

Wordpress security

We have been running a dedicated traffic monitoring/hacker blocking program on our Wordpress servers for awhile now. The program runs on Linux, and monitors traffic before it enters Wordpress. It is designed to scan for Wordpress-specific hacking attempts.

The statistics that the program collects are scary. Wordpress sites attract hackers like happy hikers attract mosquitoes.

Hackers tend to bombard Wordpress servers with attempts (top 3 on our sites):

  • to login as admin
  • to run a php program on the server
  • to get into the system via xmlrpc.php

This is just a brief introduction to security challenges that Wordpress sites have. Hopefully it is enough to convince everyone that securing a Wordpress server is essential. More information on how to actually do it can be found here.

News

2025-07-10 13:26:00

Behavior rules are being documented as town-specific or national-level regulation in European countries, especially in the south where sun seeking tourists may forget that the town belongs to local people who simply want to live in their home town. #travel #Europehttps://klaava.com/nitpickers-travel-journal-behave-or-else-unwritten-cultural-rules-in-europe/


But there are three fortresses on the other side of border.

2025-07-08 16:06:04

But there are three fortresses on the other side of border.


Border town safety net.

2025-07-07 18:24:59

arihak

Border town safety net.


News

2025-07-07 16:16:00

Instead of fumbling with plastic chips, you download a mobile profile directly onto the secure micro-chip already soldered inside most recent phones (think iPhone XR and newer, Google Pixel 3+, Samsung Galaxy S20 series and up). #phone #travelhttps://klaava.com/esim-the-tiny-tech-that-makes-big-adventures-stress-free/


News

2025-07-01 16:15:00

Canyon road is a magnet for cyclists and motorists.#photography #travelphotography #europeflic.kr/p/2rdW4Mfhttps://flic.kr/p/2rdW4Mf


The historic center of Krakow in Poland features castles, churches, palaces ... and tourists.

2025-06-23 13:31:04

The historic center of Krakow in Poland features castles, churches, palaces ... and tourists.


A man with his donkey.

2025-06-19 15:54:21

arihak

A man with his donkey.


News

2025-06-19 15:11:00

An eye-catching place for a painting.#streetphotographyhttps://wordpress.org/photos/photo/9536554ee4/


News

2025-06-15 15:33:00

There are many ways to classify the best countries for road trips, and that is why we are going to take a look at a few different types of ways to select the best here. #roadtrip #Europehttps://klaava.com/which-countries-in-europe-are-the-best-for-road-trips/


News

2025-06-11 16:24:00

Let's go.#streetphotographyflic.kr/p/2r3EuJNhttps://flic.kr/p/2r3EuJN


News

2025-06-04 18:08:00

A #photographer has been using sunglasses with a camera and loudspeakers for 8 months: "I quite enjoy them, and they’ve quickly become my daily wear as far as sunglasses are concerned."https://fstoppers.com/artificial-intelligence/ray-ban-meta-glasses-photographers-perspective-701899


News

2025-06-02 14:42:00

Today, digital nomads recognize the benefits but also risks of their lifestyle. An extensive study among traveling workers reveals the highs and lows of the nomad life. #remotework #digitalnomadhttps://klaava.com/digital-nomads-feel-powered-by-their-lifestyle-but-recognise-inevitable-downsides-as-well/


Aland archipelago

2025-05-30 16:59:41

Aland archipelago


Highway across a swamp.

2025-05-30 11:14:51

arihak

Highway across a swamp.


News

2025-05-26 16:29:00

Flower market, but she is selling fruit trees.#streetphotographyhttps://unsplash.com/photos/TfQ6uYmI9QQ


News

2025-05-22 14:19:00

In Spain, the Balearic government asked influencers to help ease pressure on overcrowded hotspots by promoting less-visited areas. Instead, influencers have unintentionally drawn large crowds of tourists to remote, ecologically sensitive locations. #photography #selfiehttps://petapixel.com/2025/05/21/spanish-islands-ban-influencers-after-4000-tourists-flock-to-tiny-beach-for-selfies/


News

2025-05-18 18:23:00

Most travelers already knew that south Europe is the warm and sunny zone of #Europe, and this ranking confirms it. Spain and Italy have most cities in the top 30, followed by France and Portugal. #travelhttps://klaava.com/sunniest-cities-in-europe/


Popular sight in Sevilla

2025-05-16 17:51:34

Popular sight in Sevilla


News

2025-05-14 16:03:00

Bordeaux is ready for hot summer days.#streetphotographyhttps://pixelfed.social/p/arihak/827854641319295061


Cooling zone.

2025-05-13 12:38:47

arihak

Cooling zone.