Weather your web server is apache or nginx you should:

  • disable image hotlinking: when other websites serve images directly from their website by using the URLs from your website, instead of uploading them to their own servers. In effect, they’re stealing your web hosting bandwidth, and you don’t get any traffic to show for it.
  • Use the latest PHP version (the fastest)
  • Limit post revisions:
    define(‘WP_POST_REVISIONS’, 4 );
  • Use DNS level website firewalls (block malicious requests even before they reach your website, blocks brute-force attacks, hacking attempts and malware) like Sucuri and Cloudflare.
  • Add page caching,
  • Minify & compress (gzip) your HTML, CSS and JS files
  • Use Object cache (cache database query results) Redis.
  • Use Page cache (no PHP or MySQL requests at all, static page served from the Page cache)
  • Compress your images.
  • Fix Crontab to use the UNIX system time events, not on the user hitting the server.
  • Best Tech stack to use
    • Nginx over Apache (Nginx can use PHP’s FastCGI process manager called PHP-FPM)
    • Varnish over FastCGI (Varnish is more flexible, but FastCGI Cache is easier to configure, uses less resources and performs better. Also FastCGI cache i easier to maintain because it comes included with Nginx)
    • Memcached vs Redis (Redis is a newer, more modern in-memory data store than Memcached. It has more features and seems to be a more popular choice in the WordPress community)
    • MariaDB over MySQL (MariaDB is faster and fully open-source)
  • Constant Application (Server) Monitoring (New Relic)(constantly pinging the server and making sure that it’s always up and running. Monitoring high resource usage (CPU or SQL). If Nginx or PHP appear at the top of the list for CPU usage we should check our access and error logs, if it’s MySQL then we need to enable the slow query log.
  • Ongoing Maintenance (keeping WordPress core and plugins up to date) Checking for newly discovered vulnerabilities and making sure the website can’t be attacked.