High traffic WordPress architecture using AWS Lightsail

Here is how I built a high-performance WordPress website in AWS Lightsail for aier.org.  While low-traffic blogs can be hosted on a shared hosting service or a cheap VPC, if your site hosts millions of visitors each month, you will need a more ambitious service-oriented architecture.

The key to high-performance WordPress is a service-oriented architecture that splits the application into independent layers.  Amazon provides a reference architecture for high-performance WordPress hosting on AWS.  While this is a great start, all those services get expensive and complex to manage.  I wanted a lot fewer moving parts and to make things maintenance-free.  I also included important performance and management optimizations such as a dedicated editor server and git-based deployment.  To lower costs, I used AWS Lightsail and Cloudflare to get significant cost savings versus AWS’s EC2 and CloudFront-based reference architecture.

High-performance WordPress requirements for my project:

  • Lower the cost of hosting from well over $20K/year to under $1500/year while supporting many millions of monthly users.
  • Keep backend 100% available and fast regardless of traffic.
  • Highly available and highly scalable architecture: easy recovery from failure, and ability to quickly scale without any downtime.
  • Minimal administrative management overhead (the servers should maintain themselves after I set them up).
  • Minimal configuration – the server should be set up with just a few commands: I promised to build this out in two hours.
  • Git-based deployment process. Deploy website updates via git merge.


Below, I explain why I used specific tools and configuration, then I’ll provide one technical details to help you do the same.

  1. Configure a basic WordPress hosting environment
  2. Migrate or build your WordPress site
  3. Upgrade the hosting environment for scalability
  4. Configure analytics and alerting tools

Continue reading “High traffic WordPress architecture using AWS Lightsail”

Search Engine Optimization: Proven Strategies for Nonprofits in 2019

According to a recent survey by Zogby Interactive, the Internet is by far the most popular source of information and the preferred choice for news ahead of television, newspapers, and radio. The majority of Americans now prefer the Internet as their primary and most reliable source of news. Specifically, online publications are preferred over social media sites such as Facebook and Twitter.

If your mission is to influence opinions, the web cannot be ignored. You must achieve an effective online presence to be a part of conversations that matter. To discover content online, two sources dominate today; social media and search engines, specifically, Facebook and Google.

Publishers need to understand search engine trends to stay relevant

Google and Facebook dominate referral traffic to nearly all news sites today. As dynamic tech companies, Google and Facebook and constantly tweaking their algorithms, so online publishers need to stay informed.

Because the exact algorithms used by search engines and social media sites are secret and ever-changing, a mythology has arisen around the field of Search Engine Optimization or SEO. There are numerous online debates between “white hat” and “black hat” SEO “experts” who recommend and criticize technical tricks to improve search rankings. Because search engines and social feeds have the power to entirely kill most online businesses and publishers, an adversarial attitude dominates the thinking about SEO strategies.

Content is still king in online publishing

The reality is that content is still king. Creating interesting and relevant content that people want to watch or read is still by far the most important factor in the success of a website. The goal of search engines and social networks is not to destroy independent publishers or ruin businesses, but to provide value to their users by showing them the most relevant, reputable, and quality content. Content is key, but it needs to be organized and presented in a way that is easy for search engines to find it, understand what it’s about, and assess its quality.

Google and Facebook want to be your partner, not your adversary

It’s critical to understand that Google and Facebook want to tell you exactly how to be successful on their platform. Their need for secrecy on the details of their algorithm comes mainly from the need to deter malicious actors that attempt to get more traffic than the quality of their content merits. Google and Bing will tell you exactly how they see your website and suggest how to improve your search visibility. They want to work with publishers to promote higher-quality content and rewarding experiences for users.

As a publisher, Google’s Search Console and Bing’s Webmaster Tools is your most valuable asset for improving search performance. Furthermore, on-site content changes (“onsite SEO”) usually can have far more impact on search performance than external tweaks to search engines and link-building (“offsite SEO”).

Continue reading “Search Engine Optimization: Proven Strategies for Nonprofits in 2019”

How to safely store Bitcoin and other cryptocurrencies

I’ve seen people lose their Bitcoin in every way imaginable, and I want to help you avoid the most common mistakes. Are you thinking long-term? Will your storage medium last 10 years? Will your family be able to access it in the event of your death? Have you considered that the same events that will cause Bitcoin to go up in value may cause you to lose control of it?

What is the best way to store Bitcoin?

In 2019, a hardware wallet is unquestionably the best way to store Bitcoin. There are three good options: Trezor, Ledger, and KeepKey. I prefer the Trezor, but pick any of them, then write down your seed on paper, and put that paper in a safe.

What’s your excuse for not using a hardware wallet?

Most of you are not using a hardware wallet. You keep Bitcoin with an exchange like Coinbase, or an app running on your phone or desktop. But these come with major risks:

Will your Bitcoins survive the shift to a Bitcoin economy?   

Bitcoin is an extremely risky investment. If Bitcoin goes up tenfold or a hundredfold, what will come down? It could be the dollar’s value. It could be the banking sector. It could be the entire global economic regime. We have no idea how governments will react: will they try to ban Bitcoin, confiscate it, or embrace it?  If you are relying on someone else to keep your Bitcoin safe, will they survive that change?

Don’t trust exchanges and other third-party custodians

Mt Gox logoWhen you buy cryptocurrencies, you are betting that our economy will experience a dramatic shift to digital money. We have no idea which businesses or apps will survive that shift or how long it will take. Imagine if you had to pick just one company to bet on the future of the Internet during the dot com boom. Are you smart enough to pick Amazon.com rather than AOL or Pets.com? The only thing that you can trust to survive almost any economic upheaval is a backup stored on paper (or even better, metal) under your control. 

Don’t trust desktop or mobile wallets

Most people who decided to keep their Bitcoin in an app came to regret it. Bitcoin Core took a few hours to sync in 2013 but now can take weeks -if your Internet is fast enough. Multibit was a great wallet in 2015 but now doesn’t work on many computers.  Many people who you got Bitcoin in 2010 forgot the password they used by 2019.  Modern computers are notoriously insecure.  Key loggers and remote access trojans can record your keystrokes and copy all your files. At one point in the lifetime of Windows XP, it only took a few minutes for the average computer to become infected once exposed to the Internet. Operating systems today are much more secure but are you willing to bet that someone won’t find a catastrophic Windows zero-day exploit when the Bitcoin market cap is $1 trillion?

Don’t trust file backups

Did you know that DVDR’s can fail in as little as five years?  Flash drives might fail after 10 years – we really have no idea how stable flash memory is over the long term. Hard drives last 3-5 years when used, and we don’t really know how long they last in storage, but the oils will dry up and the motor bearings will eventually fail. Archival grade gold DVDR’s are supposed to last 100 years, but will you still have access to a DVD reader in 2030? In short, we have no idea which digital storage mediums are safe for the long term, so all your Bitcoin wallet backups might get corrupted.

Don’t trust paper wallets

Photo by Steve Johnson on Unsplash

Paper wallets and brain wallets were good for their time, but I know many people who misplaced their paper wallet or forgot the exact phrase they used for their brain wallet. Some people who used a paper wallet found out that it could only be decrypted using the exact browser used to make it. Paper wallets and brain wallets also compromise your privacy by forcing you to keep all your Bitcoin in a single address.

What about my altcoins?

Trezor and Ledger now both support many coins and hundreds of tokens, so you have no excuse not to use them for your entire portfolio.  Both Shapeshift and Exodus now work with hardware wallets to let you visualize and manage your entire portfolio.

A BIP-39 seed is the way to go

Hardware wallets today use a BIP-39 mnemonic code for generating deterministic keys. A BIP-39 seed phrase is a list of words (usually 24 for a hardware wallet) which generates an infinite number of addresses.

BIP39 codes are supported by many different coins besides Bitcoin. While something better than BIP39 may come along, it’s very likely that as long as Bitcoin is around, there will be some implementation of the BIP39 algorithm to restore your wallet. You’ll be able to get your Bitcoin back even if the company that made your hardware wallet is long gone.

Keep your recovery seed safe

You can generate the seed completely offline and without usinTrezor with Cryptosteelg a computer – just plug in your hardware wallet directly to a power source.  Instead of paper, use a Billfodl or CryptoSteel to keep your recovery words protected against fire or flood.

Because they are universal, a BIP-39 seed is also the best way to secure your legacy for your family, so consider adding instructions to locate your recovery seed in your will.

If you are concerned about the security of your seed words, you can cut the list of 24 words in half and keep them in two places.

Never type your seed directly into your computer — even just to print it on paper because your handwriting is bad.   Remember that hardware wallets will never ask you to type your seed directly into your computer.  When restoring your seed, they all use some kind of indirect entry method (such as entering the words out of order) to protect against keyloggers.

So, what’s your excuse for not using a hardware wallet for your Bitcoin?


Originally posted at WalletRecovery.info