Recommendations for WordPress Hosting
WordPress is a lightweight CMS solution, but it does have certain hosting requirements to make everything tick-over smoothly… Here are our recommendations and why you need them:
Please note: If you already host with us, you don’t need to worry about any of this. It will all be taken care of when we upload and configure your website.
- Linux with Apache or NGINX
We only recommend running WordPress on Linux with Apache or NGINX, make sure you have all of the correct modules installed to allow for keyword friendly URLs (rewrites), without these your search engine optimisation will suffer.
- Dual Core CPU+
The more CPU’s you have, the faster your website can process data. Two CPU’s is typically enough for a small businesses WordPress website. However, if you have 1000’s of pages, or 1000’s of visitors per day, then you may find you need to upgrade your hosting performance. If you’re on budget ‘shared’ hosting, you won’t normally know how many CPU’s you have assigned, or how many websites ‘share’ them. So make sure you test your website for speed/performance at peak times throughout the day.
PHP5.6 will become end of life in the not too distant future, so make sure your website is running on the latest version of PHP (currently PHP7).
- 1GB+ Disk Space (Web Space)
The minimum amount of disk space for a typical website is around 1GB. Your WordPress media folder will grow over time as you upload more images. This is more than likely where most of your disk space will get used and you need to allow for plenty of slack. If you backups run ‘within’ your Web Space allocation, then you’ll need to account for this, backups typically compress to around 30%-40% of the website ‘size’. So a 1GB website with 10x backups will need around 5GB space.
Running PHP7 means you’ll probably have MySQLi installed anyway.
- 256MB Memory Limit
Loading pages uses very little memory, especially when your website has been speed-test optimised. But your hosting ‘memory limit’ comes into play when your website has to process batches of data or resize images. A memory limit of 256MB+ will keep everything ticking over nicely.
- Max Upload File Size 20MB
If you need to upload a chunky PDF document, you’ll find your Max Upload File Size is normally what prevents the file from uploading. Set this to 20MB and the majority of files you wish to upload will be work fine.
- Max Input Vars 1000
This setting allows your website administration panel to process 1000 form fields before the form submission is stopped. Its not too uncommon for an administration panel to have 1000 or more form fields when using plug-ins like Advanced Custom Fields (ACF) or User Role Editor.
- PHP Short Tags
Some plug-ins (especially those written bespoke), may use the PHP short-hand notation “<?” instead of the full “<?php”. Most servers have this enabled by default anyway (in fact, we’re yet to find a live server where this isn’t enabled).
- WordPress Required PHP Extensions
We recommend (and WordPress requires) the following PHP extensions. These need to be enabled within your hosting account and can often only be set-up by the hosting company:
- Curl and CurlSSL
- Zip Zlib
Others may be required depending on your theme, plug-ins and WordPress version.
- Custom SMTP
We recommend sending emails from WordPress via SMTP to prevent bounce backs and emails being marked as spam.
- Correct SPF/DNS
Check your domain names DNS is correctly set up, and that you have SPF records set for the email server you use for emails direct from your WordPress website.
- Correct File Permissions
It is absolutely mission critical to have the correct file permissions set for your WordPress website. If you set these too strict, you’ll find you can’t upload images. Set them too ‘free’ and you’ll face security issues. It’s normally up to your web developers and hosting company to work in partnership to get this correct.
We don’t recommend many third-party plug-ins, but Wordfence currently offer a free-of-charge WordPress Plug-in to help identify malicious traffic, failed log-in attempts and has other security features. Just be careful logging in though as too many failed attempts will lock you out!
- Web Application Firewall
We recommend having a Web Application Firewall (WAF) in front of your WordPress installation; this will simply filter-out lots of malicious traffic and hacking attempts automatically. Most hosting companies charge a premium for WAF protection.
We recommend both automated backups, with ability for you to take backups of the website on demand via your hosting control panel. Both website files and database need to be backed up regularly so you can recover files in case of a failed plug-in or WordPress update, security issue or just accidentally deleting data.
We realise that this can be a lot to take in so if you would like more information about how to get the most out of your CMS solution, please do not hesitate to contact us today – we will be more than happy to help and can answer any questions that you may have.