Ok I just got my first VPS, small one, 512 ram, 20gb ssd, 1 core
I just installed VestaCP which installs on its own, nginx, apache, php, mysql, ftp and some other stuff. It uses nginx for all static content and forwards the dynamic one to apache, which is supposed to give you the best of both worlds (right?)
Also I believe, VestaCP does some configuration of those so I don't have to? (or if I do please let me know) But as far as I can see it e ven has few templates for apache and nginx depending on your needs.
Just in case I put on top of this the free plan of cloudflare with the optimisation settings to the max (minifaction, cashing, compression) and security on medium.
Security wise I plan to put ssh key authentication instead of password and sftp instead of ftp. (but not sure if i need even this behind cloudflare, since I suppose they filter out attemps on those ports?)
So, what i'm asking is the following (please remember i'm a newbie in this)
1. Do i need to configure something else on the server, performance wise?
2. Do I need to do something else security wise?
3. What are the best methods to test this setup so i can compare after each change?
It will be used mostly for hosting bunch of WP based sites with little traffic. Also please note that so far, this setup has costed me $5 (per month) and like 10 mins to do. This VestaCP seems to do all the magic on it's own. Pretty damn cool
And the goals are performance and security.
I just installed VestaCP which installs on its own, nginx, apache, php, mysql, ftp and some other stuff. It uses nginx for all static content and forwards the dynamic one to apache, which is supposed to give you the best of both worlds (right?)
Also I believe, VestaCP does some configuration of those so I don't have to? (or if I do please let me know) But as far as I can see it e ven has few templates for apache and nginx depending on your needs.
Just in case I put on top of this the free plan of cloudflare with the optimisation settings to the max (minifaction, cashing, compression) and security on medium.
Security wise I plan to put ssh key authentication instead of password and sftp instead of ftp. (but not sure if i need even this behind cloudflare, since I suppose they filter out attemps on those ports?)
So, what i'm asking is the following (please remember i'm a newbie in this)
1. Do i need to configure something else on the server, performance wise?
2. Do I need to do something else security wise?
3. What are the best methods to test this setup so i can compare after each change?
It will be used mostly for hosting bunch of WP based sites with little traffic. Also please note that so far, this setup has costed me $5 (per month) and like 10 mins to do. This VestaCP seems to do all the magic on it's own. Pretty damn cool
And the goals are performance and security.
