Michael Jones - Holidaypoint.com.au
14 years of search engine marketing experience,
worked with many large organisations in Australia
(both in-house and agency side), in a broad range
of industries including: shopping, insurance,
classified and service websites.
Specialising in SEO, but have experience in:
- SEM - Analytics - Social
- Local - Reputation Management
- Email Marketing
A network of 11 travel websites; managing everything from:
- Search Engine Optimisation - Social Media Marketing
- Video & Image Creation - Content Editing
- Web Programming - Website Building
- Affiliate Marketing - AdSense
- Web Analytics - Keyword Research
Web Search Strategist
Just an ordinary day in Cpanel
Not Really!
During my routine inspection of my Cpanel interface, I
noticed that my CPU usage and account executions were
significantly higher than normal and were exceeding the
usage limits. From past experience – this usually leads to
trouble…
Surely I was already safe?
Having road-tested a lot of Wordpress security plugins in the
past, I thought I was pretty safe from potential hackers,
harvesters and spamming; especially with the built in
features of Wordfence…
http://www.wordfence.com/
Wordfence – IP blocking
I was blocking whole countries from accessing my websites,
along with individual IPs that have tried accessing my admin
panel and those who were obviously not human visitors
(crawling my website too quickly, but not a search engine)
http://www.wordfence.com/
Wordfence – Firewall
Additional to this, there is a built-in firewall that automatically
blocks IPs based on certain triggers (accessing the site too
quickly, using a username that doesn’t exist, etc)
http://www.wordfence.com/
Redirections – 404 Logs
I also utilise a plugin that logs all 404 errors and easily lets
me implement 301 redirects to stop users from trying to
access those files in the future. I also block their IPs if they
apparent to be sniffing for file vulnerabilities.
https://wordpress.org/plugins/redirection/
So what did I do about it?
Ask for help
Since I have had similar issues in the past, I jumped into a
live chat session with my Web Host, who then told me to
launch a support ticket.
<<< ME
THEM >>>
Research admin-ajax.php
I just did a quick Google search and found out what this file
is used for, ways I could minimise the usage, and possible
effects of changing how it works.
Research wp-cron.php
Similar to the previous, I researched what this file is and
what it does. The default configuration of wp-cron is used to
trigger background / maintenance tasks in the background
every time a page is loaded. If you have a pretty basic
website, this really isn’t required, so I limited how often cron-
jobs are processed.
Some of my themes use Timthumb
Timthumb is a resource heavy script that automatically
compresses and resizes images on the fly.
Since it is somewhat old technology and has been a known
security vulnerability in the past - it’s no longer updated /
supported, I have a started to change themes (that’s another
story altogether), but I have also blocked external websites
from triggering the script and hotlinking images.
Awstats – Visiting Countries
Since Google Analytics only monitors pages / users that
trigger the tracking code, it is advised to look into Awstats
instead (this looks at all files on your website).
For an AU based website that normally receives nearly all
traffic from Australia, the stats below looked worrying –
especially the Pages to Hits Ratio.
Awstats – Requested Files
Similar to the list of files provided by the hosting company, I
was also able to view the most requested file on a site basis.
You can see here that xmlrpc.php has been requested an
abnormally high number of times.
Awstats – Visiting IP addresses
Similar to the country report, you can also review the most
active IP addresses. Not only can we see that the ratio
between Pages and Hits is way to low, but an IP trace
shows they are from suspicious countries outside of my
targeted audience.
IP Deny Manager
With the IP addresses in hand, I used the IP Deny Manager
tool to start blocking these suspicious IPs form accessing
my website. The good thing about this is that it applies the
blocks across all your websites at once.
I also added additional countries to Wordfence.
Surely that was enough?
Reducing Server Resources: Improve Costs, SEO, Conversions & UX
An email I get at 3am in the morning
So lets just say it was not very fun waking up to this –
especially since everything was fixed… that and I already
flagged potential issues that I was looking into.
The major issue:
Current Suggested
Not only were the suggested upgrades I needed are overkill
for what I need, but the closest hosting upgrade is more than
4 times the price.
What I responded with:
ME >>>
<<< THEM
So they unblocked my website, but
I pretty much 24 hours to turn
things around or I would be
blocked again.
Time to declare war!
Block and block some more
Using a combination of Awstats & the IP Deny Manager, I
reviewed the list of recently visited IP addresses and further
blocked anything suspicious.
Time to step up my game!
http://spyderspanker.com/
http://spyderspanker.com/
http://spyderspanker.com/
http://spyderspanker.com/
http://spyderspanker.com/
Spyder Spanker - Settings Panel
Blacklist Whitelist
IP Blocking
Country Blockinghttp://spyderspanker.com/
Spyder Spanker – Project Honeypot
If a visitor doesn’t get matched to your whitelist or
blacklist, their IP is submitted to Project Honeypot
where they are matched
against an up to the minute
list of comment spammers,
harvesters, hackers and
suspicious IPs.
http://spyderspanker.com/
EWWW Image Optimiser
A great free and easy to use Wordpress Plugin that
bulk optimises your existing images files and new
optimises new images on the fly.
https://wordpress.org/plugins/ewww-image-optimizer/
Caching Plugins
So even though I was using the built-in
mod_pagespeed apache module provided by my
webhost, there was several things that I wasn’t able
to implement and the settings were quite basic… so
I went looking around.
https://www.w3-edge.com/products/w3-total-cache/
W3 Total Cache
After road-testing several plugins by looking at their
configuration options, their functionality, pagespeed
scores and page loading times, I settled on W3
Total Cache for their manual control of Javascript
minifying and deferring and cache settings.
Here are some of the key benefits of these plugins:
https://www.w3-edge.com/products/w3-total-cache/
W3 Total Cache: Setting Examples
Manual
control of
Javascript
Delivery
CDN
Support for
popular
providers
Full control
on the file
types to
cache / CDN
deliver
https://www.w3-edge.com/products/w3-total-cache/
CDN Delivery
“A content delivery network (CDN) is an
interconnected system of cache servers that use
geographical proximity as a criteria for delivering
web content.
Why use a CDN?
https://www.keycdn.com/
Which CDN provider to use?
Apart from reading a lot of online reviews and
endorsements, I also used a few calculators that would
compare pricing on monthly bandwidth and traffic origin.
Some providers have the nerve to charge extra for different countries and also
will look to charge you a flat fee regardless of how much data you use. http://www.cdncalc.com/
http://www.webperformancetoday.com/2014/04/09/web-page-speed-affect-conversions-infographic/
http://www.webperformancetoday.com/2014/04/09/web-page-speed-affect-conversions-infographic/
http://www.webperformancetoday.com/2014/04/09/web-page-speed-affect-conversions-infographic/
http://www.webperformancetoday.com/2014/04/09/web-page-speed-affect-conversions-infographic/
http://www.webperformancetoday.com/2014/04/09/web-page-speed-affect-conversions-infographic/
http://www.webperformancetoday.com/2014/04/09/web-page-speed-affect-conversions-infographic/
After all that, what did I see?
BEFORE AFTER
My server resources normalised
I got a response back from my web host that
server resources have fell back to normal rates
and that the ticket has been closed.
If anything, these are the lowest they have
been in a long time, which means I can afford
to use additional plugins and launch more
websites to maximise my existing hosting
package.
CDN Impact
You can see from the below bandwidth graph below that
even though my website traffic increased, the data served
from my server has fallen considerably. This is an indication
that content is being servers via my CDN by the closet data
centre for users.
Pagespeed: Before & After
Measuring 2 different websites using the same theme on the
same host, we can see that the one that uses W3 Total
cache and EWWW has halved their page load time, is 520k
lighter and has 16 less requests – even though website A is
loaded with affiliate widgets and Adsense units.
Website A
Website B
Website A Performance: Pre vs Post changes
Using the same website and the same testing tool, we can
see that by using EWWW, we successfully trimmed 500k
from the page weight, and due to the improved code & asset
delivery, the website’s visual progress has improved by 1
second at both the 50% and 100% marks.
Summary
So even though I have added several new plugins to my
website to make it more secure and to improve delivery, I
have actually negated any noticeable impacts by installing
them.
Even though I was pretty confident with mod_pagespeed’s
out of the box functionality, it actually goes to show that you
can always go that little bit further to improve your results,
and you shouldn’t become
complacent believing what you have
is always the best solution – test, test
and test again – and forever strive for
the best results possible (backed up
by actual data).
Final Advice
• Monitor your website, check your stats and logs
• Utilise plugins / modules to automatically block bad bots /
visitors
• Block whole countries that serve no purpose accessing
your website
• Lock down your login page
• Utilise plugins / systems to make your website load faster
and reduce your page weight (it’s part of the Google
Algorithm and great for UX)
• Use a CDN – they are actually very cheap – even if you
host locally
• Forever test!
Follow Me
https://www.facebook.com/HolidayPointAU
https://twitter.com/HolidayPointAU
https://plus.google.com/+HolidaypointAu
http://www.flickr.com/photos/holidaypointau/
http://pinterest.com/holidaypointau/
http://www.youtube.com/user/HolidayPoint/
http://www.holidaypoint.com.au/

More Related Content

PDF
How I learned to stop worrying and love the .htaccess file
PDF
Lots of ways to speed up your site
PDF
Web Unleashed '19 - Measuring the Adoption of Web Performance Techniques
PDF
International Site Speed Tweaks - ISS 2017 Barcelona
PPTX
.htaccess for SEOs - A presentation by Roxana Stingu
ODP
A Holistic View of Website Performance
PDF
The 5 most common reasons for a slow WordPress site and how to fix them
PDF
SearchLeeds 2018 - Bastian Grimm - Peak Ace - International site speed: Going...
How I learned to stop worrying and love the .htaccess file
Lots of ways to speed up your site
Web Unleashed '19 - Measuring the Adoption of Web Performance Techniques
International Site Speed Tweaks - ISS 2017 Barcelona
.htaccess for SEOs - A presentation by Roxana Stingu
A Holistic View of Website Performance
The 5 most common reasons for a slow WordPress site and how to fix them
SearchLeeds 2018 - Bastian Grimm - Peak Ace - International site speed: Going...

What's hot (20)

PPTX
What's in my SEO Toolbox: Linkbuilding Edition - SMX Milan 2014
PDF
Browser Changes That Will Impact SEO From 2019-2020
PPTX
Seozone - 5 tips
PPTX
SearchLove San Diego 2018 | Mat Clayton | Site Speed for Digital Marketers
PPTX
All About HTML Tags
PPTX
Crawl the entire web in 10 minutes...and just 100€
PDF
Is your website's speed letting you down?
PPTX
Technical SEO: Crawl Space Management - SEOZone Istanbul 2014
PDF
Log analysis and pro use cases for search marketers online version (1)
PPTX
SearchLove London 2016 | Dom Woodman | How to Get Insight From Your Logs
PDF
The Need for Speed (5 Performance Optimization Tipps) - brightonSEO 2014
PDF
Hey Googlebot, did you cache that ?
PPTX
Accelerated Mobile - Beyond AMP
PDF
SEO Tools of the Trade - Barcelona Affiliate Conference 2014
PDF
Optimizing web performance (Fronteers edition)
PPTX
High Performance Websites
PPTX
Optimizing your WordPress website
PPTX
Everyone Screws Up HTTPS
PPTX
SMX Advanced 2018 SEO for Javascript Frameworks by Patrick Stox
PPT
Getting More Traffic From Search Advanced Seo For Developers Presentation
What's in my SEO Toolbox: Linkbuilding Edition - SMX Milan 2014
Browser Changes That Will Impact SEO From 2019-2020
Seozone - 5 tips
SearchLove San Diego 2018 | Mat Clayton | Site Speed for Digital Marketers
All About HTML Tags
Crawl the entire web in 10 minutes...and just 100€
Is your website's speed letting you down?
Technical SEO: Crawl Space Management - SEOZone Istanbul 2014
Log analysis and pro use cases for search marketers online version (1)
SearchLove London 2016 | Dom Woodman | How to Get Insight From Your Logs
The Need for Speed (5 Performance Optimization Tipps) - brightonSEO 2014
Hey Googlebot, did you cache that ?
Accelerated Mobile - Beyond AMP
SEO Tools of the Trade - Barcelona Affiliate Conference 2014
Optimizing web performance (Fronteers edition)
High Performance Websites
Optimizing your WordPress website
Everyone Screws Up HTTPS
SMX Advanced 2018 SEO for Javascript Frameworks by Patrick Stox
Getting More Traffic From Search Advanced Seo For Developers Presentation
Ad

Similar to Reducing Server Resources: Improve Costs, SEO, Conversions & UX (20)

PDF
WordPress at Peak Performance (Radio Edit)
PDF
23 Ways To Speed Up WordPress
PPTX
I Can Haz More Performanz?
PPTX
Caching 101
PDF
Caching and Optimization By M Asif Rahman @ WordCamp Orlando 2012 Final
PPT
WebHosting Performance / WordPress - Pubcon Vegas - Hendison
PDF
WordPress Optimization Tips for Performance & Speed
PDF
Optimizing the performance of WordPress
PPTX
Optimizing Your WordPress Site: Why speed matters, and how to get there
PDF
Wordpress horsepower
PDF
Introduction to Optimizing WordPress for Website Speed
PDF
Responsible [digital] Home Ownership
PDF
Does This Theme Make My Website Look Fat? (Wordcamp SLC 2013)
PPTX
WordPress Plugins and Security
PPTX
Show Me The Cache!
PDF
Optimizing Wordpress For Speed And Security
PDF
Wp Host - Best Hosting Service Provider.
PPTX
Wordpress plugin directory
PDF
Optimizing wp
PPTX
WCBos13 intermediate workshop
WordPress at Peak Performance (Radio Edit)
23 Ways To Speed Up WordPress
I Can Haz More Performanz?
Caching 101
Caching and Optimization By M Asif Rahman @ WordCamp Orlando 2012 Final
WebHosting Performance / WordPress - Pubcon Vegas - Hendison
WordPress Optimization Tips for Performance & Speed
Optimizing the performance of WordPress
Optimizing Your WordPress Site: Why speed matters, and how to get there
Wordpress horsepower
Introduction to Optimizing WordPress for Website Speed
Responsible [digital] Home Ownership
Does This Theme Make My Website Look Fat? (Wordcamp SLC 2013)
WordPress Plugins and Security
Show Me The Cache!
Optimizing Wordpress For Speed And Security
Wp Host - Best Hosting Service Provider.
Wordpress plugin directory
Optimizing wp
WCBos13 intermediate workshop
Ad

More from Michael Jones (6)

PPTX
SEO Practices for Blogs - Stop Blogging a Dead Horse
PPTX
SEO Case Study: Choosing the Correct TLD (Top Level Domain)
PPTX
The Wonderful Wide World of Seo
PPTX
The SEOs Guide to Making a Website
PPTX
My Panda / Penguin Algorithm Recovery Story - Cheers, Tears and Jeers
PPTX
Social Media Automation
SEO Practices for Blogs - Stop Blogging a Dead Horse
SEO Case Study: Choosing the Correct TLD (Top Level Domain)
The Wonderful Wide World of Seo
The SEOs Guide to Making a Website
My Panda / Penguin Algorithm Recovery Story - Cheers, Tears and Jeers
Social Media Automation

Recently uploaded (20)

PPTX
Introduction to networking local area networking
PPTX
KSS ON CYBERSECURITY INCIDENT RESPONSE AND PLANNING MANAGEMENT.pptx
PDF
Virtual Guard Technology Provider_ Remote Security Service Solutions.pdf
PPTX
Digital Project Mastery using Autodesk Docs Workshops
PDF
JuanConnect E-Wallet Guide for new users.pdf
PPTX
Partner to Customer - Sales Presentation_V23.01.pptx
PPTX
Networking2-LECTURE2 this is our lessons
PDF
Buy Cash App Verified Accounts Instantly – Secure Crypto Deal.pdf
PPTX
购买林肯大学毕业证|i20Lincoln成绩单GPA修改本科毕业证书购买学历认证
PDF
The_Decisive_Battle_of_Yarmuk,battle of yarmuk
PPTX
Viva Digitally Software-Defined Wide Area Network.pptx
PPTX
Concepts of Object Oriented Programming.
PPTX
Artificial_Intelligence_Basics use in our daily life
PDF
Testing & QA Checklist for Magento to Shopify Migration Success.pdf
DOCX
Powerful Ways AIRCONNECT INFOSYSTEMS Pvt Ltd Enhances IT Infrastructure in In...
PPTX
Basic_of_Computer_System.pptx class-8 com
PPTX
Top Website Bugs That Hurt User Experience – And How Expert Web Design Fixes
PPTX
Basic understanding of cloud computing one need
PPTX
最新版美国埃默里大学毕业证(Emory毕业证书)原版定制文凭学历认证
PPTX
IT-Human Computer Interaction Report.pptx
Introduction to networking local area networking
KSS ON CYBERSECURITY INCIDENT RESPONSE AND PLANNING MANAGEMENT.pptx
Virtual Guard Technology Provider_ Remote Security Service Solutions.pdf
Digital Project Mastery using Autodesk Docs Workshops
JuanConnect E-Wallet Guide for new users.pdf
Partner to Customer - Sales Presentation_V23.01.pptx
Networking2-LECTURE2 this is our lessons
Buy Cash App Verified Accounts Instantly – Secure Crypto Deal.pdf
购买林肯大学毕业证|i20Lincoln成绩单GPA修改本科毕业证书购买学历认证
The_Decisive_Battle_of_Yarmuk,battle of yarmuk
Viva Digitally Software-Defined Wide Area Network.pptx
Concepts of Object Oriented Programming.
Artificial_Intelligence_Basics use in our daily life
Testing & QA Checklist for Magento to Shopify Migration Success.pdf
Powerful Ways AIRCONNECT INFOSYSTEMS Pvt Ltd Enhances IT Infrastructure in In...
Basic_of_Computer_System.pptx class-8 com
Top Website Bugs That Hurt User Experience – And How Expert Web Design Fixes
Basic understanding of cloud computing one need
最新版美国埃默里大学毕业证(Emory毕业证书)原版定制文凭学历认证
IT-Human Computer Interaction Report.pptx

Reducing Server Resources: Improve Costs, SEO, Conversions & UX

Editor's Notes

  • #2: http://www.universityoffarmers.com/
  • #53: http://www.universityoffarmers.com/