Guide library
All practical ops guides
Short, specific guides for real WordPress, hosting, migration, security, and automation problems.
Cloudflare DNS cutover runbook for website migrations
How to use Cloudflare safely during hosting migrations: proxy mode, TTLs, SSL modes, cache purge, and rollback checks.
When to hire a DevOps engineer vs managed hosting
A practical breakdown of when managed hosting makes more sense than hiring a DevOps engineer — and when you genuinely need one on payroll.
SPF, DKIM, and DMARC setup for small business domains
A plain-English guide to email authentication records, safe DMARC rollout, and common DNS mistakes that hurt deliverability.
Hidden costs of self-hosting in 2026
The real costs of running your own server — time, risk, security, and the things VPS pricing pages don't mention.
How to migrate email hosting without losing mail
A careful email migration plan: mailbox inventory, DNS TTL lowering, IMAP sync, SPF/DKIM/DMARC coordination, MX cutover sequencing, website SMTP testing, and post-migration clean-up.
Using the MySQL slow query log to fix slow WordPress sites
How to enable, read, and act on MySQL slow query logs for WordPress: identifying postmeta bloat, autoloaded option analysis, missing indexes, plugin-generated garbage queries, and Percona Toolkit usage.
Nginx and PHP-FPM tuning for busy WordPress sites
A practical tuning checklist for Nginx, PHP-FPM workers, OPcache, buffers, and slow request logging on WordPress servers.
Redis object cache for WordPress: when it helps and how to set it up
A complete guide to Redis object caching for WordPress: installation, memory configuration, eviction policies, cache key salts, WooCommerce considerations, performance benchmarks, and troubleshooting.
Server backup restore drill checklist
How to test backups properly: step-by-step database restore, file recovery, permission fixing, DNS and secret verification, restore timing measurement, and gap documentation.
Ubuntu server initial hardening checklist
The first hardening steps for a new Ubuntu web server: non-root users, SSH lockdown, UFW firewall, unattended-upgrades, fail2ban, log monitoring, and secure baseline snapshots.
Replace WP-Cron with a real system cron job
How to disable traffic-triggered WP-Cron and run WordPress scheduled events reliably from system cron: configuration, monitoring, troubleshooting, and per-site isolation.
WordPress image optimisation runbook
A complete image optimisation checklist for WordPress: resizing source images, WebP/AVIF format selection, compression targets by image type, lazy loading strategies, CDN delivery, and bulk optimisation safety rules.
WordPress security hardening without installing more plugins
Server-side and configuration-level WordPress hardening: file permissions, login protection, XML-RPC blocking, security headers, database prefix changes, backup strategies, and audit processes — all without adding another security plugin.
Zero-downtime WordPress migration checklist
A practical migration runbook for moving WordPress with no visible downtime: files, database, DNS, SSL, redirects, and rollback.
A2 Hosting review: fast WordPress hosting with some important caveats
A practical look at A2 Hosting's WordPress plans — speed performance, the Turboboost feature, and where the managed service model has gaps.
How to choose the right server location for your WordPress site
The real impact of datacenter geography on latency, and the secondary factors (legal, cost, redundancy) that make the difference for production sites.
Cron jobs explained: how to schedule tasks on WordPress and Linux servers
The difference between WP cron and system cron, how to set up proper scheduling, and how to debug jobs that are not running.
WordPress database optimisation: what to check when the site slows down
How to diagnose a slow WordPress database, the queries that fix the most common issues, and when to migrate to a dedicated database server.
DNS explained for people who manage websites
How DNS actually works — A records, CNAMEs, nameservers, TTLs, and the most common DNS mistakes that take sites offline.
Docker for WordPress development: a practical setup guide
How to containerise WordPress with Docker for local development, and the decisions that make staging and production Docker setups different.
Email deliverability: the practical checklist for WordPress sites
How to get transactional and marketing emails reliably into inboxes — SPF, DKIM, DMARC, list hygiene, and the hosting mistakes that break everything.
Managed email vs self-hosted email: the real tradeoffs
Why most WordPress sites should use a dedicated email service rather than self-hosting mail, and when self-hosting makes sense.
Managed WordPress vs VPS: a practical decision guide
What you give up and what you gain with managed WordPress hosting versus a virtual private server, and how to choose for a specific site.
How to monitor server resources: CPU, memory, disk, and network
A practical guide to server resource monitoring — which metrics actually matter, which tools to use, and how to catch problems before they become outages.
Nginx vs Apache in 2026: which web server should you choose?
A practical comparison of Nginx and Apache for hosting WordPress, static sites, and reverse-proxy workloads. Benchmarks, config differences, and when to pick each.
SSH key management for web servers: generation, deployment, and rotation
How to create SSH keys properly, deploy them to servers safely, restrict access by IP, and rotate keys without service interruption.
SSL certificate types explained: DV, OV, EV, wildcard, and when each one matters
What the certificate type actually means for your site, your users, and your certificate renewal workflow.
WooCommerce hosting requirements: what actually matters
A plain-language breakdown of the server specs, PHP version, and hosting features that WooCommerce actually needs to run well.
WordPress stuck in maintenance mode: the fast safe fix
How to clear a failed WordPress update without making the site worse: removing the .maintenance file, diagnosing the root cause, safe retry paths, and when to escalate.
The WordPress migration checklist before you touch DNS
A comprehensive pre-flight checklist for WordPress migrations: DNS inventory, email, forms, caching, integrations, rollback preparation, TTL lowering, and post-migration verification.
Setting up automated backups that actually work
How to configure automated backups for WordPress sites, databases, and server configs — and how to verify they will restore when you need them.
Understanding web application firewalls (WAF)
What a WAF does, when you need one, and how to set up ModSecurity and Cloudflare WAF for WordPress and web applications.
Docker Compose best practices for production workloads
How to structure Docker Compose files for production web apps, WordPress, and database services. Production patterns, not development shortcuts.
Lock SSH keys to specific IPs: a practical hardening guide
Restrict SSH key authentication to specific source IP addresses using the authorized_keys from directive, with testing steps, dynamic IP workarounds, and multi-key strategies.
Migrating from shared hosting to a VPS: the complete checklist
Step-by-step guide to moving a WordPress site from shared hosting to a VPS. DNS, email, database, and what breaks during migration.
Backup checks that matter more than having a backup plugin
The practical questions that decide whether a WordPress backup will actually save you during an incident: storage location, restorability testing, retention policies, alerting, and the dangerous patterns to avoid.
Optimizing WordPress performance: a practical guide
How to make WordPress fast without cargo-culting every optimization blog post. Caching, database tuning, image optimisation, and what actually moves the needle.
Setting up a mail server: what you need to know
A realistic look at self-hosting email — what it takes to run Postfix, Dovecot, and keep mail out of the spam folder. Includes managed alternatives.
Fail2Ban setup guide: protect your server from brute force attacks
How to install and configure Fail2Ban to block SSH, WordPress, and web application brute force attacks. Custom jails and real-world patterns.
Introduction to Kubernetes for hobbyists and small teams
What Kubernetes actually does, when it is worth the complexity, and a minimal setup for learning without needing a production cluster.
A quick WP-CLI plugin audit for inherited sites
A complete command-line plugin audit for inherited WordPress sites: inventory, stale detection, duplicate identification, version checks, risk scoring, and safe removal process.