I’ve just completed a move of this site to a new host, it should be transparent to everyone else – modulo a few brief intervals during the move – so please let me know if anything appears broken. There is also an exciting new feature in that (almost) everything should now be accessible via SSL. Notes on vendors and selections below the fold.
The move was triggered by the end of my three-year contract with Bluehost. I wasn’t overly pleased with them – there were no major problems, but there were periodic slowdowns, occasional outages, annoying limitations on shared hosting (ex:no long-running processes), and a general distaste for Endurance International Group. I also wanted to get away from having DNS, Email, and Hosting with the same vendor, as there are quite a collection of horror stories stemming from that situation. Most importantly, their renewal rates are terrible compared to their teaser rates.
My new stack is:
- DigitalOcean – Reputable source for VMs with a VERY nice, fast, and almost disturbingly friction-less interface. They offer a nice library of install media, and seem to support all the OSes they offer. Their teaser $5/mo 512MB Memory, 1 Core, 20GB SSD Disk, 1TB Transfer plan is plenty for a little personal web host, and certainly more resources than I actually got from my shared hosting. Their community documentation is good but not great, and I got a prompt and honest answer to the one support question I had. Their use policies are remarkably permissive and they bill by the hour, so I’m likely to use them to try out pet projects in the future. (Full disclosure: that is a referral link).
- Namecheap – I’m using them for DNS and Email by wide recommendation and low price. If you’re buying one thing from them, extra features seem to become instantly cheap – my first year of an email account and whoisguard appear to have been comped with the domain transfer. There was also an offer for a $2 SSL cert, but I decided to try StartSSL’s free offering anyway. Their DNS management interface isn’t my favorite – the level of abstraction from a zone file is a little to much to make the mapping entirely obvious, and not quite enough to make it so you don’t care. That said, it’s very flexible, their documentation is excellent, and their servers propagate quickly enough to figure things out.
I had a bit of trouble getting my email to activate after the domain transfer, filed a ticket shortly after 2AM EST, and got a fix and a polite response within 5 minutes, which is a good sign for their service in general.
- StartSLL – Their admin page was down for a while over the weekend, which did not inspire confidence, but once back up, it’s a free key from a generally-trusted CA, which is a more convenient way to get encryption than self-signing. Good instructions, both internal and external. Be careful that you have a real email address exposed in your whois while registering.
- Debian 7 – I went with Debian 7 for my OS, because Debian is and will forever be Debian. It is well documented, it moves at Debian speed so it will remain well supported and stable for years to come, and it doesn’t do anything I really despise. I am having a little bit of resiszing-ssh-windows issues, which might be one of the various ancient SIGWINCH bugs on Debian systems, and might be a funny interaction with the ssh configuration and/or my xfce4-Terminal, I’m not ready to assign blame yet.
I was pleased to note that Digital Ocean offers and supports Arch images, which is my choice for interactive and/or short-term use, but I always find Arch a poor choice on machines you don’t want to be updating regularly. If the timing had worked out I might have tried CentOS 7 just for the experiment value, but my old contracts will be up before it comes out.
- Nginx – I decided to try Nginx over Apache on reputation, and because I hadn’t played with it before. It’s faster, has vastly smaller footprint, and far clearer configuration. I don’t think I’ll be using Apache again if I can avoid it. Don’t forget that individual server sections (including http and https to the same root) need php set up individually (or sourced from a common config), that took me longer than I care to admit even after it went and downloaded my index.php as happens when you don’t have an interpreter in place. It seems to slow down noticeably with ssl, but there are some configuration suggestions floating around that seem to mitigate the problem.
- MySQL – Sucks as hard as ever, but I didn’t want to add moving off of WordPress, and it won’t use other back-ends. My databases knowledge has always been a motley assemblage of “just enough” so I’m probably partly to blame. Their documentation at least is pretty excellent. Turn off performance_schema (
performance_schema = 0in my.cnf) if you don’t need profiling and want to cut the RAM footprint in half.
- WordPress – The universal hammer. I really have no love for it or it’s bulky dependencies, but my content is already in, everything you could imagine has already been done for it, and the internet is full of only-slightly-wrong documentation. The only trouble I had relocating was a little bit of touching up to repair some prior sloppyness with my canonical domain between www and naked domain, but that was easy enough.
I have a little bit of tuning and security improvements left to do, especially around SSL configuration, and I need to get my monitoring cleaned up (awstats is a bit of a pest to configure), but I’m pretty happy with the move thus far.