|
Not thrilled with Stablehost, looking for alternative...
I've been with them for about a year now and while it has mostly been a smooth ride it seems like once a month or so my entire site goes down for an hour or so, or it loads extremely slow. I'm due to pay them for another year in november and was wondering if anyone had any alternatives that were good. I just run a blog from them, nothing insanely needy .
|
See this: http://www.digitalfaq.com/forum/prem...ing-plans.html
That's one option that may work well for you. :) Other decent hosts include Site5, Arvixe, WebhostingBuzz, Namecheap and Veerotech. It really depends on what the site is, what CMS it uses (WordPress?), and what plugins are running. The Stablehost issue is odd. I've never seen that on the two servers we test regularly. |
thanks as always for the info lordsmurf <3
The blog is wordpress I'm running the following plugins Admin Menu Editor Akismet Better WP Security Floating Admin Menu Hupso Share Buttons for Twitter, Facebook & Google+ My Custom CSS NextGEN Gallery Responsive Add Ons Theme-Check not to downplay my site (but I will!) it isn't like we get a ton of visitors a month or anything..maybe high 300s as we're a very niche blog. Sadly when I put in a support ticket they (stablehost) are always fast to reply and fix whatever the issue is. I just don't understand why they can't put me on another server. |
It needs a cache. Stablehost uses CloudLinux, which doesn't let others bog down the server. Your account will bog you down instead. It's good for your shared neighbors, but it can be hard for folks to understand why their site is going slow. In this case, try a cache.
Specifically: - Hyper Cache Extended: http://wordpress.org/plugins/hyper-cache-extended/ - DB Cache Reloaded Fix: http://wordpress.org/plugins/db-cache-reloaded-fix/ You also need to password protect the wp-admin folder. Brute force attacks can make blogs crawl. (I assume you're the only user? Most WordPress admins are.) That may make all the difference. These days, overall site traffic isn't a big a deal as malicious traffic and spaghetti code in poorly written plugins. The number of visitors doesn't mean much, in terms of resource usage. Try those for a few days. Then get back me. :) I'll make sure you're where you need to be. |
thanks kpmedia! makes sense now I have hyper cache extended installed, do I need to check anything special on these settings? I've left everything checked that was checked and haven't done anything different with it.
It is myself and another user on the blog but they aren't an admin, I think that is where I'm stuck with "Better WP Security" I have the following secured You are enforcing strong passwords for all users. Your WordPress header is revealing as little information as possible. Non-administrators cannot see available updates. The admin user has been removed. The user with id 1 has been removed. Your table prefix is jk2gqf_ You have scheduled regular backups of your WordPress database. Your WordPress admin area is not available when you will not be needing it.. You are blocking known bad hosts and agents with HackRepair.com's blacklist.. Your login area is protected from brute force attacks. Your .htaccess file is fully secured. Your installation is actively blocking attackers trying to scan your site for vulnerabilities. Your installation is actively looking for changed files. Your installation does not accept long URLs. Better WP Security is allowed to write to wp-config.php and .htaccess. wp-config.php and .htacess are not writeable. Version information is obscured to all non admin users. the other 3 I can't secure or it breaks the site do I need the other 3? they are Your WordPress admin area is not hidden. You are allowing users to edit theme and plugin files from the WordPress backend (if I turn this on I can't edit files unless I download them onto my pc versus doing it through the browser) You are not requiring a secure connection for logins or for the admin area |
Either post or PM me the URL of your site. (Just the URL, nothing else, of PM'ing.)
Most WordPress "security" plugins do very little, and are not real security. Consider brute force attacks. The silly plugins still let the traffic through, which is the entire problem. wp-login.php is a PHP file, and PHP uses resources! One of the things we do on our servers, for example, is run a custom server firewalls for WordPress, to prevent brute force attacks. The IP can't even get to the server, much less the PHP file. Other hosts could do this, but do not. Many likely don't know how. (We're trying to work with two hosts now, actually, to implement this.) Two users is the same as 1, for the purpose of this discussion. Both admins can have the folder locked to their IPs. Anyway, let me test it. The most common thing to exclude on caches is the contact form. If you have a form, exclude the URL. If you switch hosts, how much can you spend per year. I know of a great option for $10/month ($120 per year). ;) |
thanks kpmedia I sent you pm :)
|
Code:
http://yoursite.com/wp-login.phpThat alone leave it open to attack, and it can thus slow down. You need to block this. What breaks if you htaccess password protect this? there's several other common locations that are not secure. Again, plugins don't really do anything. They can't really do anything, because of the nature of plugins. I bet the server logs would show lots of junk traffic, which causes site slowdowns. In case you missed it, how much can you spend per year? |
hm I checked the boxes for hiding my wp-admin and all seems to be working a ok. must have set it up wrong now with that setting I have only these 2 left
You are allowing users to edit theme and plugin files from the WordPress backend & You are not requiring a secure connection for logins or for the admin area if the plugins don't hide those areas how would I hide them? or at least make them secure for that matter I pay 47.50 for a year |
Yes, but what's the site worth to have peace of mind that (A) it's fast. and (B) it's secure?
$50 per year? $100? More? Less? A lot of good WordPress hosts -- specifically supporting WP! -- are in the $10 to $30 range, I why I ask. Or, instead, how about a one-time hardening and speed-up cost? Is it worth $30 to you? What I see now is that http://yoursite.com/wp-login.php is accessible, and I can register for the site. That opens it up to spam and hacking. It's something you do via .htaccess. Have you edited that before? In fact, the site seems to have an error right now. It's all redirecting to a registration page! None of this is really something that can be done via a plugin. It's these attacks that slow down a site. This and lack of cache. Worse yet, the plugin seems to be misbehaving. |
personally there isn't a price on peace of mind that its fast and secure so i guess i'm at a 50/50 here where I can't tell if my host is messing up or if its my site not acting right due to various things going on.
the .htaccess file I've edited before just not with how to block that stuff. i've done it for banning ip ranges exactly what i was referring to with the problem i had last time i hid my wp-admin, I've set it back so once the server updates it should be back to normal. It seems the plugin isn't doing everything it should be doing. is there a way to manually do this stuff without a fancy plugin bogging down my site? thanks for all the help kp :) (can I call you kp? if not i apologize) you've been a star |
You've got a PM, and we'll take it from there. ;)
|
KP would you mind sharing which hosts you are referring to?
Thanks |
Quote:
If you're interested in this, PM me or email us: http://www.digitalFAQ.com/forum/sendmessage.php While Stablehost is indeed a great host, and we suggest them highly, DeeSeven needed more help. You can ask him yourself, but he's all set now. I need to show him one more thing, but he's otherwise all set! |
Site design, images and content © 2002-2024 The Digital FAQ, www.digitalFAQ.com
Forum Software by vBulletin · Copyright © 2024 Jelsoft Enterprises Ltd.