AWS + UBUNTU DIFFERENCES – SEE BELOW
https://aws.amazon.com/whitepapers/
GUIDE 1:Cloudfront CDN in our AWS account that is integrated to a free AWS S3 storage bucket.
Afterwards we’ll install a WordPress plugin authored by Delicious Brains that integrates the CDN to our WordPress site.
We’ll also install a second plugin from imagify.io
GUIDE 2:S3 Offload Media
GUIDE 3:S3 Bucket to Wordpress
AWS + UBUNTU DIFFERENCES
- Redirect Rules: https://aws.amazon.com/premiumsupport/knowledge-center/redirect-http-https-elb/
- Security
- Domains
- Permalinks – https://stackoverflow.com/questions/12292992/permalinks-on-wordpress-ec2 – different for Ubuntu servers / different from traditional servers
https://guiem.info/permalinks-on-wordpress-amazon-ec2/ - Ubuntu servers – these have different rules
- Setting site limits – max-memory / max upload size etc. all in different file than php.ini / wp-config / htaccess – can be overwritten with htaccess – but is that the right one?
- File Permissions
- Coors cross domain settings
Assets Pull: Configure CORS to Resolve Web Font Issues
If you notice that font files aren’t loading correctly, or receive the following error in the browser console then you need to modify your server configuration.
This is because web fonts are subject to Cross-Origin Resource Sharing (CORS). CORS is a way for a remote host to control access to certain types of resources.
To resolve this issue you need to ensure that your server is sending the correct Access-Control-Allow-Origin header when font files are requested. If you’re unable to modify your server configuration please contact your web host and link them to this article.
Apache
Add the following block to your .htaccess file:
<FilesMatch ".(eot|otf|ttf|woff|woff2)">
Header always set Access-Control-Allow-Origin "*"
</FilesMatch>
Nginx
Add the following location block to your virtual host file (usually within the server directive) and reload Nginx:
location ~* .(eot|otf|ttf|woff|woff2)$ {
add_header Access-Control-Allow-Origin *;
}
Invalidate CloudFront Distribution
Once the changes have been made you will need to invalidate the CloudFront cache with a path of “/*”.
These procedures are intended for use with Amazon Linux. For more information about
other
distributions, see their specific documentation. Many steps in this tutorial do not
work
on Ubuntu instances. For help installing WordPress on an Ubuntu instance, see WordPress in the Ubuntu
documentation.
AWS AND WORDPRESS
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hosting-wordpress.html
https://us-west-1.console.aws.amazon.com/systems-manager/automation/execute/AWSDocs-HostingAWordPressBlog-AL?region=us-west-1
https://us-west-1.console.aws.amazon.com/systems-manager/automation/execute/AWSDocs-HostingAWordPressBlog-AL2?region=us-west-1
Amazon Lightsail – https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-tutorial-launching-and-configuring-wordpress
https://aws.amazon.com/getting-started/hands-on/launch-a-wordpress-website/
Amazon Elastic Compute Cloud (Amazon EC2) – https://aws.amazon.com/elasticache/memcached/wordpress-with-memcached/
https://aws.amazon.com/blogs/architecture/wordpress-best-practices-on-aws/
[pdf-embedder url=”http://projects.nakedsword.com/wp-content/uploads/2020/07/wordpress-best-practices-on-aws.pdf”]
[pdf-embedder url=”http://projects.nakedsword.com/wp-content/uploads/2020/06/awseb-dg.pdf”]
https://aws.amazon.com/marketplace/search/results/ref=dtl_navgno_search_box?page=1&searchTerms=wordpress
You are responsible for updating the software packages and maintaining security patches
for your server. For a more automated WordPress installation that does not require
direct
interaction with the web server configuration, the AWS CloudFormation service provides
a WordPress
template that can also get you started quickly. For more information, see Getting Started in the
AWS CloudFormation User Guide. If you’d prefer to host your WordPress blog on a
Windows instance, see Deploying a WordPress Blog on Your Amazon EC2 Windows Instance in the
Amazon EC2 User Guide for Windows Instances. If you need a high-availability solution with
a decoupled database, see Deploying
a High-Availability WordPress Website in the
AWS Elastic Beanstalk Developer Guide.
MORE NOTES::
This tutorial assumes that you have launched an Amazon Linux instance with a functional
web
server with PHP and database (either MySQL or MariaDB) support by following all of
the
steps in Tutorial: Install a LAMP Web Server with the Amazon Linux AMI for Amazon Linux AMI or
Tutorial: Install a LAMP Web Server on Amazon Linux 2
for Amazon Linux 2. This tutorial also has steps for configuring a security group
to allow
HTTP and HTTPS traffic, as well as several steps to ensure
that file permissions are set properly for your web server. For information about
adding
rules to your security group, see Adding rules to a security group.
We strongly recommend that you associate an Elastic IP address (EIP) to the instance
you are using to host a WordPress blog. This prevents the public DNS address for your
instance from changing and breaking your installation. If you own a domain name and
you
want to use it for your blog, you can update the DNS record for the domain name to
point
to your EIP address (for help with this, contact your domain name registrar). You
can
have one EIP address associated with a running instance at no charge. For more
information, see Elastic IP addresses.
If you don’t already have a domain name for your blog, you can register a domain name
with Route 53 and associate your instance’s EIP address with your domain name. For
more
information, see Registering Domain Names Using
Amazon Route 53 in the Amazon Route 53 Developer Guide.
To complete this tutorial using AWS Systems Manager Automation instead of the following
tasks,
run one of the following Automation documents:
(Amazon Linux) or
(Amazon Linux 2).
Possible Permission Fixes
Amazon EC2 Apache Setup Permissions for WordPress
I have been doing my best to figure out the Amazon EC2 Apache setup of permissions to enable WordPress to be able to manage all of the files on my Amazon EC2 instance without WordPress asking for FTP permissions when I try to upload a plugin or theme via the Admin site. I ended up having to give file and group ownership of the files in my html folder to apache user for WordPress to run correctly. This article and its comments helped me reach this conclusion.
sudo su chown -R apache:apache /vol/html
I then set permissions to what the hardening WordPress guide recommends for my html root as all my WordPress files are there as I am running MultiSite with multiple domains.
find /vol/html/ -type d -exec chmod 755 {} ;
find /vol/html/ -type f -exec chmod 644 {} ;
As apache doesn’t have a login I feel this is worth the risk though there is probably a better way to do this. I then added ec2-user to the apache group and changed the permissions of the wp-content folder to have group write permission 775.
useradd -G apache ec2-user sudo chmod -R 775 /vol/html/wp-content
https://aws.amazon.com/blogs/startups/how-to-accelerate-your-wordpress-site-with-amazon-cloudfront/
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/php-hawordpress-tutorial.html
[pdf-embedder url=”http://projects.nakedsword.com/wp-content/uploads/2020/06/wordpress-best-practices-on-aws.pdf”]
Introduction
WordPress is an open-source blogging tool and content management system (CMS) based on PHP and MySQL that is used to power anything from personal blogs to high- traffic websites.
When the first version of WordPress was released in 2003, it was not built with modern elastic and scalable cloud-based infrastructures in mind. Through the work of the WordPress community and the release of various WordPress modules, the capabilities of this CMS solution are constantly expanding. Today, it is possible to build a WordPress architecture that takes advantage of many of the benefits of the AWS Cloud.
Simple Deployment
For low-traffic blogs or websites without strict high availability requirements, a simple deployment of a single server might be suitable. This deployment isn’t the most resilient or scalable architecture, but it is the quickest and most economical way to get your website up and running.
Considerations
We will start with a single web server deployment. There may be occasions when you outgrow it, for example:
• The virtual machine that your WordPress website is deployed on is a single point of failure. A problem with this instance causes a loss of service for your website.
• Scaling resources to improve performance can only be achieved by “vertical scaling,” that is, by increasing the size of the virtual machine running your WordPress website.
Available Approaches
AWS has a number of different options for provisioning virtual machines. There are three main ways to host your own WordPress website on AWS:
• Amazon Lightsail – https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-tutorial-launching-and-configuring-wordpress
https://aws.amazon.com/getting-started/hands-on/launch-a-wordpress-website/
• Amazon Elastic Compute Cloud (Amazon EC2) – https://aws.amazon.com/elasticache/memcached/wordpress-with-memcached/
• AWS Marketplace
https://github.com/aws-samples/aws-refarch-wordpress
https://aws.amazon.com/getting-started/hands-on/build-wordpress-website/
In this project, you will learn how to deploy and host WordPress, an open-source blogging tool and content management system (CMS) based on PHP and MySQL. You will implement an architecture to host WordPress for a production workload with minimal management responsibilities required from you. To accomplish this, you will use AWS Elastic Beanstalk and Amazon Relational Database Service (RDS). Once you upload the WordPress files, Elastic Beanstalk automatically handles the deployment, from capacity provisioning, load balancing, auto-scaling to application health monitoring. Amazon RDS provides cost-efficient and resizable capacity, while managing time-consuming database administration tasks for you.
