If You’re Looking For Hosting

Before you contact me, we’re a good match if your site(s) sees sustained traffic
And you know better speed + stability will increase your conversions + profit.

Skype ID davidfavor reaches me best. Be sure to mention reason you’re contacting me in your Skype Add Contact request, to ensure I accept your request.

My Life Hosting Sites

My claim to fame revolves around hosting https://WordPress.org sites tuned for speed + stability.

1994 was first year I setup a garage server, which was a monumental feet, as I was using dreaded Win-doze with self hosting a Web server + DNS server + SMTP server running a ISDN line.

Today I private host 100s of high traffic client sites.

History

These services arose out of several ongoing Private Mastermind Groups where people kept asking, "Why do your sites run so fast?"

After several years of these questions, the thought occurred about offering Hosting Services.

Took me a while to realize this, because I figured out of the 1000s of Hosting Companies, surely most provided good speed + stability.

I was wrong. Most Hosting Companies provide astounding incompetence, especially related to problem determination + resolution.

Anytime a company or individual says you require some additional hardware or software to fix a problem, ask them to provide you with their analysis procedure details. Likely you’ll hear only crickets, as most people just throw out random solutions, rather than go through full on problem determination + resolution.

Fast + Stable Hosting Secrets

The reason Hosting Companies fail with these simple steps relates to level of expertise + patience of human resources involved.

When you reach Savant level expertise, what you do becomes deadly boring. I handle this by rolling up repetitive tasks into tools which do the heavy lifting for me. Minor problems are healed by tools. This allows me only to invest time dealing with catastrophic problems + rolling my intelligence into better tools.

  1. Speed

    • Arrange for sites to run entirely out of memory, rather than disk. Memory speed trumps Disk I/O speed any day.

    • Use recent tech like using MariaDB rather than MySQL.

    • Avoid fragile tech like SSD drives + proxies (Varnish/NGINX/Squid).

    • Avoid glitchy tech like CDNs, load balances, DOS/DDOS blockers.

  2. Realtime Tuning + Problem Resolution

    • For every part of Stack - TCP/IP + Linux + Apache + MariaDB + PHP + WordPress (core/theme/plugins) - enable deepest debug logging available.

    • Track logs daily.

    • Retune system as required.

This Site’s Aim

Over the years I’ve published a good bit about WordPress performance in various forms. This site aim to merge + update all this past content.

Some of the sites I’ll be merging include:

Expected Site Format/Contents

Content will arranged as articles + videos related to LAMP Stack tuning including these topics…​

  1. Hardware

    • Dedicated vs. VMs + Cloud

    • 250K page views/hour on $100 hardware

    • It’s more about tuning than cores + memory

    • IP + Bandwidth cost considerations

    • Why more slow cores are better than fewer fast cores (context switching + CPU affinity)

    • sizing hardware using top + sysctl -w vm.drop_caches=1 for existing sites, before migration

    • Provisioning vs. Hosting

    • What "managed" really means - over priced addons + zero problem resolution skills

  2. Linux Distro Choice

    • Debian vs. RedHat derivatives.

    • Why I prefer Ubuntu.

    • Why WHM + CPanel + Apache ITK MPM are all the bane of performance.

  3. Networking

    • TCP/IP tuning

    • Dropped packet monitoring + acceptable loss

    • Monitoring Ethernet adapter + upstream router settings to know when ISPs screw up + bandwidth drops to near zero.

  4. Linux Tuning

    • nmap continuous testing

    • Why LAMP tuning trumps addons every time - CDNs + proxies (Varnish + NGINX) + Load Balancer

    • Swappiness

    • Preload

    • Scheduler

    • Whether /tmp lives in memory via tmpfs or lives on disk.

    • Bringing up 100s of IPs very fast + connecting them to containers fast.

    • Backup considerations of database based sites, both simple + multi-master sites.

    • Measuring true memory usage by splitting out code + data + cache buffers.

  5. Disk Subsystems

    • Choosing filesystem type.

    • Mount options for both speed + stability.

    • RAID considerations.

    • Why platter drives are preferable to SSD drives.

  6. LXC/LXD

    • Containering sites.

    • Firewalling sites to avoid hacked sites being include into SSH + SMTP Botnets.

    • Wiring local LXC IPs to public IPs ensuring

      • Public access of containers works.

      • Host access of containers works.

      • Intra-container access works, where sites can access themselves inside their own containers.

    • Disk Quota management

    • Unprivileged containers for increased security

  7. Apache

    • Tuning to survive DOS/DDOS attacks, till Fail2Ban can sense log activity + block Attacker IPs.

    • Close Wait Reapers, when required

    • My Apache + Fail2Ban works far better than expensive + error prone hardware solutions.

    • Blocking all Bot traffic using Javascript + Fail2Ban.

    • Surprising performance boost using embedded PHP MPMs vs. external PHP running inside FPM.

  8. MariaDB

    • Performance boosts by just replacing MySQL with MariaDB.

    • MariaDB Galera for multi-master replication.

    • Tuning tools mysql-tuner + mysql-tuning-primer.

    • Slow log enabling + analysis using pt-query-digest + quick greps.

  9. PHP

    • php.ini settings

    • Opcache settings + monitoring + tuning

  10. WordPress

    • Block Data Leechers

      • Vet Themes

      • Vet Plugins

      • Core checksum verification when core file changes

      • Block Strategy (Future Item)

        • Installation/Update Immediate/Deferred Role applies even to Admins

        • Known good code - scores - Performance + Exploit + Futureproof

        • Known good code - immediate or deferred installation allowed, per user’s role

        • Known bad code - installation disallowed

        • Unknown code

          • Pro version allows adding to vetting queue

          • Pro version allows paid queue escalation

          • Free version adds code to voting queue + prioritizes via number of requests

    • Surfacing General Performance Killers

      • Redirection Plugins

      • Retina Images Serving generating 404s

    • Benefits of running with WP_DEBUG enabled + SAVEQUERIES

      • Why to do this

      • Why this presents no server load problems

      • Why wp-content/debug.log should be moved + how to do it

      • Setting up logrotate to rotate debug.log + keep 10 days worth of logs

    • WordPress Fail2Ban Recipes

      • Supporting wp-fail2ban plugin for wp-admin + xmlrpc login attacks

      • Supporting stop-user-enumeration plugin

      • wpscan continuous testing

  11. Security

    • VPNs

      • How many hacks begin (DNS + plain text user + pass triplets*

      • Wifi network 15 minute hacking

    • sftp over ftp

    • SSL wrapping entire sites.

    • Click Arbitrage Site special considerations

      • Avoid using wp-config.php FORCE_SSL_ADMIN

      • Instead using Apache rules to force HTTPS admin + HTTP content

    • Always update - OS packages + WordPress core/themes/plugins

  12. SSL

    • Setup + Tuning referencing Bulletproof SSL + TLS book.

    • http://LetsEncrypt.org certs

      • Setup once + forget forever.

      • Generation + cronjob auto renewals.

    • Setup considerations like Pure HTTPS + Mixed HTTP/HTTPS content, specifically HSTS consideration of both bare domains + hosts.