Give us a call: (800) 252-6164
How to make your website load in under 2 seconds using Apache, Nginx, Redis, PHP7, MySQL, and WordPress

Load Times Under 2s: SSL Certificate & Apache Configuration

May 6, 2018 | By David Selden-Treiman | Filed in: hosting.

Creating a Self-Signed SSL Certificate

Next we need to create a self-signed SSL certificate. This is very useful for testing purposes but should not be used in a production environment. That said, this will be the similar process to what needs to be done for a production, verified SSL certificate. We will take care of those later on.

First step we need to install the SSL certificate generation utility. To do this, run:

 

Now we need to create a directory for the SSL certificates to go. We also need to set the correct permissions to for this directory so that only the root user can access them. This is to help secure the certificates against any hacking.

 

No we actually need to create the certificate. To do this we’re going to run the openssl command. There are set of parameters here that will define how the certificate should be created. The important ones are the “keyout” file name and the “out” file name. These will specify where the files should be sent to once created.

 

Now we’re going to create a diffie-hellman encryption. This allows for the public key to be securely transmitted over an open channel.

 

Afterward we need to append the Diffie Hellman encryption key to the self-signed certificate.

 

Configuring Apache

Now we need to make some configuration changes to the Apache configuration files. This will specify that we need to have Apache listen on ports 8080 and 8081 instead of 80 and 81, respectively. We also need to change the IP address of the server update the SSL configurations to match our new self-signed certificates. You’re going to want to run:

 

… and make the following changes:
Change “Listen 80” to “Listen 8080”
Change “ServerName” to “ServerName [[Your IP Address]]:8080”
Change the “/var/www” section’s “AllowOverride None” to “AllowOverride All”
Change the “/var/www/html” section’s “AllowOverride None” to “AllowOverride All”

… in the end, your file should look something like:

In ssl.conf…

 

… you need to make the following modifications:
Set: Listen 8081 https
Change: to
Set: DocumentRoot “/var/www/html”
Set: ServerName [[Your IP Address]]
Comment out ‘SSLProtocol’ and ‘SSLCipherSuite’
Change: SSLCertificateFile /etc/ssl/certs/test-selfsigned.crt
Change: SSLCertificateKeyFile /etc/ssl/private/test-selfsigned.key

… and add the following to the end of the file:

 

… in the end, your file should look something like:

Once these files have been updated, restart apache.

 

If you have SELinux, you’ll need to enable ports 8080 and 8081, as well as open ports 80 and 443 on the firewall. To do this, run:

 

Now, restart Apache. If there aren’t any error messages, this should indicate that everything is loading properly.

 

Now at this point, if you go to http://[[Your IP Address]]:8080 you should see the default Apache notification page and if you go to your http://[[Your IP Address]]:8080/phpmyadmin you should see the phpmyadmin page. You should be able to log in to. Now if you go to https://[[Your IP Address]]:8081 you should see an SSL warning. This is fine it’s just indicating that it cannot independently verify your SSL certificate. Allow your browser to continue past this error message and you should see the default Apache page.

If you run into connection issues, you may have to temporarily flush your iptables (they should be back when you restart your server):

 

Automatic Installation?

If you like the result of the tutorial, but run into problems or would just like to have the work done automatically, we can help you with that. We have an automated script that can SSH into your server and run this tutorial from beginning to end (as long as it’s running CentOS 7). If you would like this done for you ($100), please contact us using the form below.

 

    Get Started







     


    Part 1: Introduction and Planning

    Why it’s important to have your pages load in under 2 seconds, and a plan of how we will set up and configure the server.

    David Selden-Treiman, Director of Operations at Potent Pages.

    David Selden-Treiman is Director of Operations and a project manager at Potent Pages. He specializes in custom web crawler development, website optimization, server management, web application development, and custom programming. Working at Potent Pages since 2012 and programming since 2003, David has extensive expertise solving problems using programming for dozens of clients. He also has extensive experience managing and optimizing servers, managing dozens of servers for both Potent Pages and other clients.

    Part 2: Installing Software

    Initial setup of the server, including installing CentOS7, installing tools, installing SSH and SSL, enabling repositories, and installing support packages.

    David Selden-Treiman, Director of Operations at Potent Pages.

    David Selden-Treiman is Director of Operations and a project manager at Potent Pages. He specializes in custom web crawler development, website optimization, server management, web application development, and custom programming. Working at Potent Pages since 2012 and programming since 2003, David has extensive expertise solving problems using programming for dozens of clients. He also has extensive experience managing and optimizing servers, managing dozens of servers for both Potent Pages and other clients.

    Part 3: MySQL, Apache, PHP7, & Composer
    David Selden-Treiman, Director of Operations at Potent Pages.

    David Selden-Treiman is Director of Operations and a project manager at Potent Pages. He specializes in custom web crawler development, website optimization, server management, web application development, and custom programming. Working at Potent Pages since 2012 and programming since 2003, David has extensive expertise solving problems using programming for dozens of clients. He also has extensive experience managing and optimizing servers, managing dozens of servers for both Potent Pages and other clients.

    David Selden-Treiman, Director of Operations at Potent Pages.

    David Selden-Treiman is Director of Operations and a project manager at Potent Pages. He specializes in custom web crawler development, website optimization, server management, web application development, and custom programming. Working at Potent Pages since 2012 and programming since 2003, David has extensive expertise solving problems using programming for dozens of clients. He also has extensive experience managing and optimizing servers, managing dozens of servers for both Potent Pages and other clients.

    Part 5: SSL Certificate & Apache Configuration
    David Selden-Treiman, Director of Operations at Potent Pages.

    David Selden-Treiman is Director of Operations and a project manager at Potent Pages. He specializes in custom web crawler development, website optimization, server management, web application development, and custom programming. Working at Potent Pages since 2012 and programming since 2003, David has extensive expertise solving problems using programming for dozens of clients. He also has extensive experience managing and optimizing servers, managing dozens of servers for both Potent Pages and other clients.

    Part 6: FTP & DNS
    David Selden-Treiman, Director of Operations at Potent Pages.

    David Selden-Treiman is Director of Operations and a project manager at Potent Pages. He specializes in custom web crawler development, website optimization, server management, web application development, and custom programming. Working at Potent Pages since 2012 and programming since 2003, David has extensive expertise solving problems using programming for dozens of clients. He also has extensive experience managing and optimizing servers, managing dozens of servers for both Potent Pages and other clients.

    Part 7: Installing Nginx
    David Selden-Treiman, Director of Operations at Potent Pages.

    David Selden-Treiman is Director of Operations and a project manager at Potent Pages. He specializes in custom web crawler development, website optimization, server management, web application development, and custom programming. Working at Potent Pages since 2012 and programming since 2003, David has extensive expertise solving problems using programming for dozens of clients. He also has extensive experience managing and optimizing servers, managing dozens of servers for both Potent Pages and other clients.

    Part 8: Configuring Nginx
    David Selden-Treiman, Director of Operations at Potent Pages.

    David Selden-Treiman is Director of Operations and a project manager at Potent Pages. He specializes in custom web crawler development, website optimization, server management, web application development, and custom programming. Working at Potent Pages since 2012 and programming since 2003, David has extensive expertise solving problems using programming for dozens of clients. He also has extensive experience managing and optimizing servers, managing dozens of servers for both Potent Pages and other clients.

    Part 9: Adding a WordPress Website

    How to add a WordPress website to the server including configuring the DNS Server, adding a verified SSL certificate, either manually or for free using Let’s Encrypt, setting up FTP for your site, configuring Apache, configuring Nginx, uploading your WordPress site files, and importing your MySQL database.

    David Selden-Treiman, Director of Operations at Potent Pages.

    David Selden-Treiman is Director of Operations and a project manager at Potent Pages. He specializes in custom web crawler development, website optimization, server management, web application development, and custom programming. Working at Potent Pages since 2012 and programming since 2003, David has extensive expertise solving problems using programming for dozens of clients. He also has extensive experience managing and optimizing servers, managing dozens of servers for both Potent Pages and other clients.

    Part 10: WordPress Website Speed Improvements

    Speeding up your WordPress installation using a Redis plugin and a caching plugin.

    David Selden-Treiman, Director of Operations at Potent Pages.

    David Selden-Treiman is Director of Operations and a project manager at Potent Pages. He specializes in custom web crawler development, website optimization, server management, web application development, and custom programming. Working at Potent Pages since 2012 and programming since 2003, David has extensive expertise solving problems using programming for dozens of clients. He also has extensive experience managing and optimizing servers, managing dozens of servers for both Potent Pages and other clients.


    David Selden-Treiman, Director of Operations at Potent Pages.

    David Selden-Treiman is Director of Operations and a project manager at Potent Pages. He specializes in custom web crawler development, website optimization, server management, web application development, and custom programming. Working at Potent Pages since 2012 and programming since 2003, David has extensive expertise solving problems using programming for dozens of clients. He also has extensive experience managing and optimizing servers, managing dozens of servers for both Potent Pages and other clients.


    Tags:

    Comments are closed here.

    What Is The Best Web Hosting Provider?

    Finding the best web hosting provider for your needs is an important step in optimizing your website. There's a lot to consider. Here are our basic recommendations:

    Simple Websites

    For simple websites, you have a lot of options. Most web hosts will do acceptably for a simple small-business website or blog.

    That said, we recommend avoiding website builders so that you maintain control of your website.

    VPS Hosting

    If you just need a simple VPS, most providers will work well. Different providers have different downtimes, but the big differentiators are cost.

    Providers like AWS and Google Cloud tend to be much more expensive than more specialized providers.

    We recommend Digital Ocean and Hetzner if you're looking for a good VPS provider at a good price (it's what we use.)

    High Performance Hosting

    If you're looking for high performance web hosting, you're going to need something more specialized.

    You can't just expect a simple cPanel host to give you what you'll need. You need a custom configuration.

    Generally, you'll need either a managed host, or you'll need to get your servers configured with custom configurations.

    If you're looking for a high performance hosting provider, we offer hosting designed for high-availability and high-traffic.

    WordPress Hosting

    What WordPress Hosting Should You Get?

    There are many considerations when getting a WordPress hosting provider. Focus on the performance needs of your website.

    WordPress Hosting Setup

    When setting up your WordPress hosting, or switching hosts, there are a number of steps to complete. These include:

    WordPress & Security

    There are a number of WordPress security threats to contend with. We recommend using a plugin like WordFence to help secure your site.

    WordPress Backups

    Make sure to also back-up your site. It's absolutely essential, and ideally use an off-site backup provider that's different from your hosting provider.

    WordPress Speed Improvements

    There are a number of ways to improve the speed of your WordPress site on its hosting.

    There are a number of plugins that can help improve your site's speed.

    DNS

    DNS Records

    There are many different types of records, each with their own purpose. These include: SOA, A, TXT, CNAME, PTR (reverse DNS), and more. On some servers, you can also set up wildcard records.

    The records you need will depend on what you're doing; WordPress sites require different records than mail servers, for example.

    Propagation

    The process of your records transmitting to DNS servers around the world is called propagation. It normally takes 48 hours, but you can speed it up a bit with some planning.

    Testing

    To test your DNS records, there are 2 main tools: dig and nslookup. Each is very helpful in its own specialty.

    Reliability & Security

    There are a number of ways to improve your DNS reliability and security.

    • Split Horizon allows you to separate networks, either for intranets or for separating by geographic region.
    • GeoDNS allows you to give different records to different locations based on the requesting IP address. This allows you to create your own CDN, speeding up your site.
    • DNS over QUIC speeds up your DNS requests and gives you better DNS security by encrypting your DNS connection.
    • DNSSEC allows you to sign and encrypt your DNS connection, ensuring that nobody is changing your records.
    • DNS over HTTPS allows your visitors to request your DNS records over an encrypted connection.

    Internationalized Domains

    Internationalized domain names allow character encodings other than Latin characters. They have their own methods for backward compatibility.

    Scroll To Top