Real Metal Hosting

Overview

The premise of Real Metal Hosting is simple.

Say goodbye to expensive + slow *Cloud + VPS Servers* (virtual machine instances).

Say hello to cheap + obscenely fast *Real Metal Servers*.

How it Works

This is the process I suggest for my clients. My focus here is to create an infrastructure that is decoupled from me. In other words, if a bus hits me, then my clients will have to replace me + their business will still continue.

Services Offered

For the DIYers (Do It Yourself-ers), follow my checklist. You can also contract me to implement my checklist on your site. Please be aware, my checklist requires you run a dedicated server with complete root access via ssh. This is a must. No exceptions.

Price      Detail
---------------------------------------------------------------------------------------
Machines   Monthly machine leases run from $100 - $250ish. These machines
           are capable of easily running 100K/hour uniques along with
           1000s of individual sites/domains.
---------------------------------------------------------------------------------------
$ 497.00   External site audit - Speed + Security + SEOity.

$1250.00   Provision a new server machine + Apache SSL/HTTP1.1 Stack,
           MariaDB (MySQL that works) + PHP + WordPress + working WP Caching.

$2500.00   Provision a new server machine + w/optimized Apache SSL HTTP/2.0 Stack.
           Note: mod_spdy used, till true HTTP/2.0 available. Includes installing
           SSL cert + testing for one domain.

$1000.00   10 Hour Prepaid Retainer ($100/hour) for Malware Cleansing, site migration,
           Bricked Site recovery, Security Hardening, Blocking "High Value Attacks"
           or any other Website related consulting or development.

$1000.00   Monthly retainer (per physical machine) to admin your machines,
           track logs + continually retune your machines + block any new
           High Value Attacks as they arise in the wild. This includes
           normal admin functions like keeping software updated.
---------------------------------------------------------------------------------------

Server Machine Setup

In almost every case I use OVH Infrastructure Servers, because in most cases I can provision one of these in a few minutes. Provisioning is the time from purchase to when the server is online.

OVH is has a few features that make them shine.

  1. Servers usually become available in 5-10 minutes, where other companies may take hours to days.
  2. Servers come with zero software installed, which means someone competent has partition the disk + install the operating system + install software services, like Apache + PHP + MariaDB (MySQL that works).
  3. Servers come with built in rescue mode. This is incredibly important for production servers. If a problem occurs in the middle of the night or on a holiday, the client or admin person, can boot the server into rescue mode in 5 minutes + have complete control of server repair.

Since the entire initial installation is under client control, initial installations are always correct. No mistakes are ever made by OVH personnel, because they have zero to do with initial install.

Software + Content Tuning Checklist

Here's my software setup checklist...

  1. Operating System - Ubuntu. Implementing these options takes less than 5 minutes + reboot time.
  2. File Systems - which set the speed of your entire content serving process. Implementing these options takes 30 seconds + reboot time.
  3. Database Tuning
  4. Webserver Tuning
  5. PHP Tuning
  6. WordPress Tuning
  7. WordPress Code Vetting means only installing exploit vector free code - themes + plugins. Here's how you do this...
  8. Blocking Site Attacks which includes DDOS Attacks + Brute Force Dictionary Login Attacks + High Value Attacks.
  9. SSL Site Wrapping which means wrapping an entire site, all content + images + .js + .css files inside SSL. After running all sorts of tests, I can say SSL sites run almost as fast as normal sites. Usually 95%+ the speed of a normal site + block many High Value Attacks + provide SSL Google Signal For SEO. An all around win + for this to work SSL must be configured correctly, which is no small feat. SSL is in massive flux right now as mod_spdy is being deprecated + replaced by the new HTTP/2.0 spec. As such you'll have to refer to the current crop of SSL tuning documentation for you SSL setup. You know your SSL is setup correctly when you run your site through https://www.ssllabs.com/ssltest + get the following output...
  10. Content Conversion Optimization