Hello, dear readers, and welcome to the second episode of the series “Webmasters Unleashed: Empowering Websites with Pagely and DevriX”. Today, we will be focusing on scaling WordPress for high traffic websites, and how it can cater to both startups and enterprise sites. We will be discussing strategies for optimizing website performance, managing increased traffic and user loads, implementing efficient caching mechanisms, and utilizing cloud enterprise hosting solutions. Before you continue to read today’s Tech Talk, head over and check out the first episode, if you haven’t already. Pagely Q&A From a hosting perspective, what are the key infrastructure considerations and resources required to support the scaling needs of a WordPress website transitioning from a startup to an enterprise-level solution? For a small site, you need a web server and a database server – they might even be the same server. As you scale up, you need more robust web and database servers. Depending on your site, you may need a caching layer; you may need a CDN; you may need to decouple your web and database servers. You will need to pay more attention to the software, as your business-specific themes and plugins will become more of a performance issue as your traffic volume increases. A managed WordPress host, that has domain-specific expertise in this, is a wise investment, as they can help with every part of the above. Can you provide insights into load balancing, auto-scaling, and server configurations that help accommodate increased traffic and ensure high availability for enterprise-level WordPress websites? The first insight I’d like to give is, “are you sure you need this?” Load-balancing and auto-scaling are one way to enable a site to handle higher volumes of traffic, but they add a lot of additional complexity. Once you introduce auto-scaling, you now must ensure your content is synced between servers in near-real-time or introduce a shared-storage component. A load-balancer is a potential single-point-of-failure, and the health checks it needs to know which back-end servers are available may increase the server load on those servers. For many use cases scaling up (making your servers larger) to handle your peak traffic, rather than scaling out (adding more servers), is more reliable. If you do really need this, the best piece of advice I can give is “test early and often.” Make sure every piece can run independently. Make sure every component can handle failure, both of other copies of itself and of pieces in other layers of the stack. Randomly turn pieces off every so often to ensure that nothing has changed. Use configuration management tooling, to keep all the components identically configured. Be sure to check recovery as well – that when one of your replicas comes back from a failure, that its configuration and content are properly synced back from the good copies. Yes, this is a lot of additional work, which is why I asked first to be sure that you need it – not everyone has a business requirement for HA. What are some recommended mechanisms that hosting companies can offer to enhance the performance and scalability of WordPress websites? In my experience, caching almost always is the most important performance boost. There is the obvious fact that you must have a cache, of course, but configuring and tuning your site to take the best advantage of that cache is where you’ll really get the most benefit. Caching content longer, and only purging the cache when necessary, helps. Make sure your site is cacheable – for WordPress, anything that involves user-unique content, even something as simple as a tracking cookie, can prevent content caching and drop performance drastically. How can hosting providers assist in managing traffic spikes and handling increased resource demands during periods of high user activity for scalable WordPress websites? A hosting provider can work with you before your high-traffic events, to be sure your server is right-sized for your anticipated volume of traffic, and also can help you make your site more suitable for that traffic volume, such that you might not need to make any hardware changes. By adding a caching layer, or identifying ways to make your site more performant, you might not need to do anything special for your event. What are some security measures and protocols that hosting companies can implement to protect enterprise-level WordPress websites and ensure data integrity and privacy? Most hosts offer a WAF (Web Application Firewall) feature, that will prevent the most common attacks, and which can be tuned for your specific site. Some also offer DDoS protection, though many choose to focus on hosting specifically and can help you integrate with a third-party solution for that. (Many DDoS protections double as CDNs, which will also make your site perform better as well.) A host that specializes in WordPress will have additional protections specific to that application, and can help you keep WordPress and your themes and plugins up-to-date, often automatically. What’s the key benefit of using an enterprise-level hosting solution? The most important benefit, by far, is experience. Even if your internal IT teams have expertise in all the different technologies involved in hosting a website, outsourcing that function allows them to work on projects more directly tied to your business. For an enterprise host like Pagely, that is our business. DevriX Q&A As a WordPress agency, what are the key considerations and best practices when it comes to scaling a WordPress website from a startup-level solution to an enterprise-level solution? Scalability is one of the must powerful value propositions that WordPress presents among all open-source systems out there. Mario Peshev, CEO, DevriX When launching a new website, site builders can be scrappy. Putting up an MVP is an easy feat, an exercise that often involves a premium theme, a powerful builder, and heavy components that leverage the power of the plugin ecosystem. This often works well enough in the first months (or while the website generates several dozen/a couple of hundred daily visits). As brands grow in popularity and gain following – or start to introduce paid traffic, turnkey solutions become threatened by three factors (we call them the 3S): Speed, Stability, and Security. A minor bug – or a rarely visited website – is prone to regressions or slow load times, but this doesn’t pose severe business risks due to the minimal traffic. However, accelerating further inevitably impacts the user experience due to excessive SQL queries or dozens of scripts and styles loaded across the site, outages coming up every now and then, and plugin updates causing regressions among each other. Part of the scaling process is identifying the bottlenecks and incrementally optimizing them one at a time. Minifying and combining assets being a standard procedure for improving load times. Offloading image assets to S3 and performing lossless compression. Hooking into filters to optimize SQL queries. Rewriting some heavy components into simplified, lightweight plugins that solve the core problem. WordPress can truly scale – as we’ve proven dozens of times, generating hundreds of millions of monthly views across our larger publishers and B2B magazines. But performing professional engineering practices is a hard requirement – which is the norm for any WordPress enterprise solution, regardless of its core technical stack. Can you provide insights into building modular and extensible WordPress architectures that can easily accommodate growth and scalability as the website’s traffic and user base increase? There are different aspects to scaling a solution. First and foremost, in-depth understanding of computer architecture and operating systems is pretty helpful. WordPress is a CMS built with PHP, HTML, and JavaScript, running on a web server (like nginx or Apache) with core modules (php-fpm or mod php). Content (anything from posts and pages through options and users) is stored in a MySQL database – or an RDS instance in AWS’s case. User sessions run on the corresponding processes and take a certain volume of resources – including processing power and data volume pulled from the database. Growing platforms start to hit certain limits. But this could be caused for different reasons, for instance: High traffic (concurrent users on site) Heavy SQL queries (suboptimal data pulls fetching tons of data or a number of JOIN statements causing a heavy load) Too many queries (plugins fetching data through a long set of queries that aren’t necessarily optimal) Excessive non-cached sessions – due to heavy traffic, bots, DDoS attacks, maxing out PHP processes Browser overload due to too many scripts or timing out assets General sluggishness due to large page sizes, lack of lazy loading and critical CSS, degraded CSS animations, etc. Work with your agency to establish the weak links. Are you maxing out the CPU usage? Or running out of RAM? Are there excessive I/O operations on the disk? Is the MySQL instance powerful enough to accommodate that load? Professional architectures are designed in a way to mitigate these outages. In certain cases, reengineering the data layer could help normalize the database and running more optimal queries. Or moving certain data points to a different storage. Separating the web server instance from the database one is a standard best practice that regular hosts often don’t present – but is a pretty common procedure for our Pagely hosted customers. What are some recommended approaches for managing large databases and optimizing database performance on WordPress when dealing with high traffic volumes? Running a benchmark of your current build can be a great starting point. One of the simplest (and fastest) ways to assess problematic queries for every site is using a profiling plugin like Query Monitor. The app runs on every page load and compiles all SQL queries run on the page (both front-end and back-end). This could outline some expensive queries generated via a premium theme or heavy plugins. If possible, enable MySQL’s slow query log. Site owners and developers can set a threshold logging all expensive queries taking a certain amount of time to run (say, over 2 seconds or 5 seconds). Keep an eye on the log and optimize accordingly. Integrating a better profiling and monitoring system such as New Relic provides deeper intelligence into run times, the number of callbacks through each system (including function calls), and other areas for improvement. WordPress is a robust system designed to solve every case. This necessitates a loosely defined database able to accommodate any data types (leading to the early introduction of custom post types in the core CMS). At scale, creating custom database tables and running lightweight database layers may be a preferred strategy. In some cases, building micro apps and fetching data asynchronously – or via the REST API – may yield better results for high-scale websites, too. Understanding the triggers causing excessive load is the first step. Refining the database layer and optimizing SQL queries can alleviate the database further. And implementing the right caching layers will get rid of constant calls pulling the same data set all over again. Can you highlight the strategies and techniques employed for WordPress websites that successfully scaled from startups to enterprise-level solutions? WordPress websites are no different from other real-life examples. There are $30 chairs on the market and $5K ones with ergonomics designed for people spending 12 hours a day working professionally. NASCAR and Formula 1 don’t run races with the mass-produced cars on the market. A Target screwdriver used twice a year isn’t up to the standards of professional construction workers and mechanics. Bottom line, shifting from a hobbyist website to a professional build requires a professional level of attention, expertise, and the right architecture – hosting environment and code base. And working with the right providers experienced in scaling enterprise-grade solutions is the first step to success. How can agency expertise contribute to scaling WordPress websites effectively? Apart from computer science know-how and understanding the core principles of web solutions, in-depth WordPress expertise is integral to making the most out of a WordPress build. One aspect of scale is understanding the weak spots of WordPress. Certain outdated vectors such as xmlrpc.php can lead to brute force attacks or taking excessive server load if left unattended. Directory indexing can expose sensitive files unless the host has disabled indexing. Using prepared statements and the right functions to create queries (instead of raw statements) prevents SQL injections and other loopholes. Many shortcomings of WordPress arise in most scaling projects – and experienced teams often know what to expect and how to mitigate them. Avoiding bloated plugins, moving to a lightweight theme specifically designed for the project, creating custom database table when it makes sense, improving the editorial workflow with core components and the recent Gutenberg updates are just a few of the common optimizations veteran engineering teams perform. The core Pagely team additionally optimizes the server layers for maximum performance, introduces redis caching opportunities for database queries, patches zero-day vulnerabilities on a regular basis (as reported), and works closely with the agencies on offloading assets externally to cloud systems or managing resources across multiple instances. This is what enables startups to grow consistently for years to come. David (he/him) is a devops engineer at Pagely, with over a dozen years of experience with WordPress (and far more years than he cares to admit working in IT generally). He specializes in high-availability and resiliency for WordPress sites and is very bad at video games. Mario Peshev I work with SMEs, agencies, and individual consultants on increasing revenue and securing long-term business opportunities. Having built my first website in 1999 and with over a decade of experience in software engineering and business consulting, I’ve dedicated my career to leveraging technology to solve complex business problems and drive growth. I’m passionate about open-source software and its potential to change the world. As an active contributor to the WordPress community, I’ve not only coded, but also offered strategic advice to businesses navigating the digital landscape with WordPress. I try to bring omnichannel customer experience that expands the traditional business-to-consumer journey into a myriad of additional channels. In the context of eCommerce, it’s not just about the single flow of a customer browsing a catalog and making a purchase, but longer pathways from support interactions to post-purchase automation.
Hello, dear readers, and welcome to the first episode of the new series “Webmasters Unleashed: Empowering Websites with Pagely and DevriX”. Pagely and DevriX are starting this bi-weekly column with the ultimate goal of keeping our users up-to-date with the latest trends, best practices, and know-how from the world of WordPress. Make sure you follow our website and social media, so you don’t miss out on the actionable tips and expert opinions we’ll be publishing. Why are we starting this initiative? Pagely are the gurus of Managed WordPress Hosting solutions, while DevriX are a world-class WordPress agency, specialized in long-term maintenance and development. We have worked with mutual clients In the past and have a long-term business relationship. We believe that our combined expertise is unmatched. Today, we’re hosting a Tech Talk about Unlocking the Power of WordPress. Our special guests are David Smith, Senior DevOps Engineer at Pagely, Arman Zakaryan, Director of Hosting Operations at Pagely, and Bojidar Valchovski, Tech Lead at DevriX. They’ll be talking about common issues website owners face when managing WordPress websites, best practices for optimizing speed and performance of websites, emerging trends in the WP ecosystem, and much more. Grab a cup of coffee, make yourself comfortable, and let’s get started. In your experience, what are some of the most common challenges faced by website owners when managing and maintaining their WordPress sites? By far, the most challenging aspect of managing a WordPress site is keeping the whole stack up to date. There’s WordPress itself, of course; however there are also the plugins and themes, both custom and third-party. Not to mention the web host itself – the operating system, the database, and the web server. There are a LOT of moving parts! Updates can include bug fixes, security fixes, or performance improvements, and on a large, complex site, there can be updates literally every day. The benefit of using a managed host like Pagely is that we keep track of all this for you. We make sure that the servers are not only updated, but we keep WordPress and its themes and plugins current. And while we can’t update your custom code, by relieving the pressure of all the rest, your development staff are free to focus on the code that’s most relevant to your site and to your business. David Smith, Senior DevOps Engineer, Pagely How does a reliable hosting environment contribute to the overall performance and security of a WordPress website? A reliable hosting environment is THE most important factor – if your site isn’t online, it doesn’t matter how performant it is, because nobody can see it. Pagely has partnered exclusively with AWS, the oldest and most experienced public cloud provider, to keep our customers’ websites online. AWS services are highly reliable on their own, but for customers with the most demanding SLA requirements, we can build additional redundancy on top of the AWS stack. We offer various high-availability strategies, such as spinning up multiple web servers and databases in different AWS availability zones, so that even if an entire AWS zone should fail, a customer’s web presence can quickly fail over to a secondary setup. David Smith, Senior DevOps Engineer, Pagely What are some essential factors to consider when selecting a WordPress service provider? This is a tricky question because every customer’s needs are different. But here are a few factors you might consider: Reliability – Will your site be up when you need it? Reputation – Who else uses this host? What do their customers (or detractors) have to say about it? Price – Does what they offer fit within your budget? Support – Do they offer round-the-clock support? What parts of the stack can they help with (and which are out-of-scope)? David Smith, Senior DevOps Engineer, Pagely The first and foremost thing to look for is a managed DevOps and support team that are capable of helping you out with any inquiries in a timely fashion. This is vital to every business owner out there.While most providers advertise that they provide this, truth be told, the majority rely on tier 1 support, which can sometimes be frustrating and limiting in terms of capabilities.The second factor to weigh in is what QoL improvements the hosting provides and how it benefits you or your development team in the long run (SSH access, CI/CD integrations, control panel for server configurations, etc.). Bojidar Valchovski, Tech Lead, DevriX Can you share any success stories where a mutual client achieved significant growth or improved performance with the help of specific hosting configurations or site optimizations? Absolutely! One success story that comes to mind is our work with “The South African”, a popular news website. They were facing challenges with stabilizing and rehabilitating their site, which was affecting their overall performance. To tackle the issue, we suggested a unique solution – switching to a headless frontend. By decoupling their frontend from their backend, we were able to optimize their CPU usage and improve their site’s overall efficiency. Additionally, we implemented an ARES rule that enforces the trailing slash in URLs at the gateway level. This meant that requests to URLs like www.thesouthafrican.com/news would no longer be redirected to www.thesouthafrican.com/news/ via PHP, reducing unnecessary server load. The results were remarkable. With these hosting configurations and site optimizations in place, The South African saw significant online growth. They went from being the 5th news source in South Africa to claiming the number 2 spot. This improvement not only boosted their traffic and engagement but also solidified their position as a reputable news outlet. This success story showcases the power of tailored hosting configurations and site optimizations. It highlights how the right technology can make a substantial impact on a website’s performance and growth.At Pagely, we are committed to helping our clients achieve their goals by providing innovative solutions and optimizing their hosting environment. By sharing such success stories, we hope to inspire and educate industry professionals about the possibilities that exist when partnering with a managed WordPress host like Pagely. David Smith, Senior DevOps Engineer, Pagely Performance optimizations are not usually a one-sided process – they are a product of the effort put in by the hosting provider and the website development team.With Pagely, we have successfully utilized the server and CDN caching layers (Redis, NGINX, Cloudfront, etc…) to scale publishers comfortably generating up to 900 million monthly unique page views, , and have handcrafted client-side optimizations (lazy loading scripts, images, critical CSS & JS, etc…), resulting in a pleasant and swift end-user experience.Not only publishers, but eCommerce businesses, affiliate partners, marketing websites and everyone can benefit from optimizations tailored to the feature-specifics of the platform. Bojidar Valchovski, Tech Lead, DevriX Can you share some best practices for optimizing the speed and performance of a WordPress website? To understand the best way to optimize a site, let’s first think about how a WordPress page is generated. The web server must run the WordPress software, which will have to pull in the theme, and potentially dozens of plugins, and make dozens of queries to the database behind your site. On a large, complex site, this can take hundreds of milliseconds, or even longer. If your site has a few pages that are frequently visited by many people – and that’s true of most sites – the best way to insulate yourself from this is with caching. A content cache will save the output of all the hard work done for the first visitor to a site, and then serve the cached output the next time someone else requests the same page. This pre-generated version drastically reduces the response time and improves the visitor experience. Designing a site that works well with caching takes some forethought. Sites that heavily use AJAX functionality, eCommerce sites, sites that use cookies, all require careful planning. You want to be sure that as much of the site as possible can be cached – but you don’t want to go too far the other way, as some content shouldn’t be shared between visitors. Imagine an eCommerce site where visitors are sharing the same shopping cart! It would be a disaster. If you’re using a smaller-scale web host, there are several WordPress plugins that can add content caching to your site. A better approach, though, is a separate caching layer that higher-end managed WordPress providers (like Pagely) will have content caching as part of their service. Another way to improve your visitors’ experience is using a global CDN (content distribution network) – imagine taking that cached content, and making it readily available around the globe, so that visitors’ requests don’t have to travel thousands of miles to reach your web server. There are still more ways to optimize a site – combining scripts and styles into single files; optimizing images before uploading them; disabling WordPress plugins and features you don’t need.Improving your site for effective content caching is the single biggest step you can take to optimize a site. David Smith, Senior DevOps Engineer, Pagely Keeping speed in check is an ongoing process rather than a one-off initiative. Mindfulness about how recurring use of the platform, plugin updates and new features affect the performance in the long-run is paramount.Regardless, best practices dictate that the configuration of your server-side optimizations is done well – not caching checkout pages for eCommerce websites or sections that should always show up-to-date information without any delay.In addition to the above, client-side optimizations to look for would be lazy loading images, serving them compressed and in next-gen formats, as well as handling JavaScript and CSS assets with care – asynchronously, extracting the critical CSS & JS and serving it inline, and most importantly, getting rid of anything that doesn’t serve any purpose and only clutters up user browsers.In any case, a combination of client-side and server-side optimizations is required in order to meet a fulfilling speed and feel for the end-users. Bojidar Valchovski, Tech Lead, DevriX What are some emerging trends or future developments in the WordPress ecosystem that website owners should be aware of? 1. WordPress Core has announced they are dropping support for PHP 5. Some see this as the first step toward new PHP versions being adopted at an accelerated pace, by eliminating the need to support older releases. In other words, we may see support for PHP 7.X dropped much sooner than it took to drop PHP 5 support. More importantly, it should result in earlier adoption of new PHP releases in WordPress Core, which would be a significant signal to downstream developers of themes and plugins to include support early on as well. PHP releases are supported for three years with bug fixes and security updates, so taking a year or longer to even add support for the latest version really puts everyone behind the ball. 2. Headless WordPress, whether as a client-side SPA (Single Page Application) frontend such as GatsbyJS or as an SSR (Server-side Rendering) frontend with additional server components such as Next.js, is gaining momentum. While the vast majority of WordPress sites are not using this technology yet, some websites (like GoDaddy’s new godaddy.com/resources/ blog) are certainly making use of the technology.This is currently in its early stages, with managed WordPress hosts like Pagely and WPEngine providing support for running SSR apps on their platform, as well as third party services, such as Vercel, that provide SSR frontend hosting only, with the WordPress backend hosted anywhere. Having a unique looking website that is powered by WordPress, but not using the typical WordPress frontend experience, opens some very compelling opportunities, both from a creative point of view and achieving better results on Core Web Vitals and Page Speed assessments. The truth of it is, it’s very hard to put together in the current ecosystem. And while some hosts are making it a little easier by adding more ways of setting it all up, nobody has yet created the full turnkey experience that a default WordPress site can be. 3. Commerce! More and more businesses are turning to WooCommerce and WordPress for their online stores, gaining 1% market share in 2023 (23%) compared to 2022 (22%) of the top 1 million sites using e-commerce technologies. As more specialized hosting products are made available, we expect to see that market share increase. Namely, GoDaddy’s new Managed WooCommerce Stores, developed in partnership with Pagely, which is a prime example of a scalable WordPress hosting service aimed specifically at making the WooCommerce experience better. The GoDaddy product is actually designed to bridge the gap between online and in-person commerce. Many of its features are intended to help someone coming from one end of the ecosystem to join the other end and have them be connected.By including the most common plugins and providing out-of-the-box features designed for connecting commerce, we reduce the barrier to entry for many merchants who, otherwise, wouldn’t have attempted to jump into the ecosystem if they have easier solutions available, so as WooCommerce becomes more approachable we expect it to grow in market share. Arman Zakaryan, Sr. Dir – SRE, Pagely It’s hard to accurately predict the future of the ecosystem, simply because of all cutting-edge technologies that keep evolving every day.We are already a step into the era of AI. It took the world by storm recently and is definitely something that everyone can join in on and integrate into their website, be it powering a customer service CRM, chatbots, support, content generation or anything else that comes to mind.From a technical standpoint, WordPress has been actively evolving and adapting more JavaScript to power up core functionalities, and it took a big leap since the introduction of Gutenberg. We’re very likely to see more of that. Bojidar Valchovski, Tech Lead, DevriX How can website owners ensure the security of their WordPress sites, and what are some proactive measures that should be taken to prevent vulnerabilities? Making sure that all WordPress users have a strong password is a very important factor to keep in check. Brute forcing is an easy mechanism to crack weak passwords, which is a major security threat, especially if someone with malicious intent gets their hands on an administrator-level account.Separately, WordPress maintenance under the form of recurring updates to plugins, themes, and the WordPress core is also paramount – this helps avoid those vulnerabilities that are reported daily and sometimes pose a critical risk to the integrity of the platform. Bojidar Valchovski, Tech Lead, DevriX That’s it for today’s expert discussion. We really hope you enjoyed it! Remember that “Webmasters Unleashed: Empowering Websites with Pagely and DevriX” is the new bi-weekly column, powered by Pagely and DevriX, so you can expect more helpful information from us very soon. David Smith is a Senior DevOps Engineer at Pagely. With over a dozen years of experience with WordPress (and far more years than he cares to admit working in IT generally). He specializes in high-availability and resiliency for WordPress sites and is very bad at video games. Arman Zakaryan is the Director of Hosting Operations at Pagely. He’s a fan of technology, cars, and gaming. Like many others at Pagely, he has a passion for helping people succeed in their online endeavors. As Pagely’s Dir. of Hosting Operations, Arman brings 12 years of web hosting experience to the table – helping our very talented DevOps team do great things every day. Bojidar Valchovski is the Tech Lead at DevriX. Passionate about IT security, exploring how systems work, self-improvement, and growth. He has over 5 years of experience in the tech industry, his motto is that pressure makes diamonds and comparison is the thief of joy.