= How to host a Wordpress Site on AWS Lightsail ($3.50/month for a VPS) =
I've had a lot of experience with Wordpress on Lightsail now and I actually don't recommend this too much, especially for beginners for a couple of reasons:
1.) Boost credits are pretty intransparent since Lightsail nohere openly states there are a thing. If you run out, the site becomes unusable âÃÂàwhich can easily happen if you compress images with a plugin for example. Especially on that 3,50 instance.
This becomes an even bigger problem when you get bruteforced (which happens pretty fast on wordpress).
2.) Those bitnami wordpress Images are not well protected out of the box, so the system is pretty vulnurable from the get go. (the plesk image has fail2ban out of the box for example).
3.) Setting up SSL requires you to use either a Load Balancer or do it yourself in the terminal, setup dns and link the certificates in terminal and then you have to take care of 90 days expiry.
4.) PHP mailer doesn't work out of the box and is a pain in theto set up with AWS, so you have to go with SMTP most of the times.
5.) You need to enable FTP Access with username & password in the server configuration or you're stuck with using keys, if you want to grant access to someone else.
6.) htaccess config is also not done in the "classic" way, so you have to know which files to edit.
7.) Some PHP config is weirdly setup (in my example Imagick) so you have to change this in the apache config.
My take all in all is that you have to spend a lot of time figuring things out, googling how things are done, if you want to have a Wordpress Instance that just works, I'd go with other providers.
I mostly use it for staging servers within the 30 day frame anddem down afterwards.
This x100. Unlesd you k ow the ins andof managing a server, the money you save is quickly lost in the amount of time you waste figuring things out. Then the amount you are losing is compounded when something goes wrong.
My time is valuable and better spent making money than trying to save a few dollars at the cost of hours per month.
Everything you said is true.
You missed what I feel is one of the biggest issues - if you have a site on Lightsail for more than ~2 years, you'll eventually need to update Apache/PHP/MySQL. You'd think that would be simple - run an
apt-get to do the updates. Nope - bitnami does aof very weird config with their images that basically prevents you from upgrading anything server side. Their recommendation is to export/import your WP to a new instance - if you're running 50 clients like I do, that's 1-2 weeks wasted every 2 years when Wordpress complains about your out of date PHP version.
I also don't like that the Bitnami Wordpress images are several weeks/months old - there seems to be quite a lag in getting them from Bitnami to AWS.
That said - I do love Lightsail - you can have a WP instance up and running in 60 seconds. I took the (fairly significant) time to learn Linux and CLI. I have aof scripts that I run when I spin up a new server.
To address the issues you've raised:
1.) Boost credits are pretty intransparent since Lightsail nohere openly states there are a thing. If you run out, the site becomes unusable âÃÂàwhich can easily happen if you compress images with a plugin for example. Especially on that 3,50 instance. This becomes an even bigger problem when you get bruteforced (which happens pretty fast on wordpress).
If you're running Clouflare, that will screen out a lot of spammy botso you shouldn't ever really run into issues with boot/credits. If someone tries to DDoS you, again, that can be handled in Cloudflare. That said, the $3.50 instance doesn't seem to work well with the new WP, without setting up caching.
2.) Those bitnami wordpress Images are not well protected out of the box, so the system is pretty vulnurable from the get go. (the plesk image has fail2ban out of the box for example).
Besides that, are there any other issues you know of? I thought they were fairly secure, e.g. SSH access only, via key. Only 3 ports open. Correct permissions, etc.
3.) Setting up SSL requires you to use either a Load Balancer or do it yourself in the terminal, setup dns and link the certificates in terminal and then you have to take care of 90 days expiry.
They have a script to install SSL httpsdocs.bitnami.com/aws/how-to/generate-install-lets-encrypt-ssl/ - no need for load balancers. It handles the renewal automatically - it's set and forget.
4.) PHP mailer doesn't work out of the box and is a pain in theto set up with AWS, so you have to go with SMTP most of the times.
sudo apt-get install -y sendmail and enable it in php.ini.
5.) You need to enable FTP Access with username & password in the server configuration or you're stuck with using keys, if you want to grant access to someone else.
sudo apt-get install vsftpd
6.) htaccess config is also not done in the "classic" way, so you have to know which files to edit.
In Wordpress, Settings > Permalink will fix that straight away. Not sure what 'classic' means here?
7.) Some PHP config is weirdly setup (in my example Imagick) so you have to change this in the apache config.
I've never had any issues with PHP configs. The way their Apache config set setup is a complete mess, some are under /apache2/conf, some under /apache2/conf/bitnami - and there are 3 config files in /opt/bitnami/apache2/conf/bitnami that contain different stuff.
In summary, yes there's a lot of CLI learning in there, but I enjoy that sort of thing, it's definitely not for everyone. If you want to run your own servers, you should learn that stuff anyway.
What you are saying is that this is proof of concept but in practice it makes no sense. I agree with this totally. You will have to make significant effort to make it usable in production, and/or live with some serious tradeoffs. For a lab experimental platform for internal stuff it's ok, but in all other cases you are much better off just paying a bit more for cloudways for example. The smallest lightsail is excruciating slow, inaccessible even, once boost credits/burst cpu are exhausted.
One might be tempted of the scaling, what if I need 100 sites? Then $350 is very cheap! No. Maintaining 100 separate vps's is going to be a handfull. Much better to spend $350 on a single/handfull stronger vpses.
AWS lightsail performance is really terrible. If you spend just $2/mo more you can get something setup on a shared account at a decent host or roll your own VPS. This is only on the performance front, there are dozens of other things like security, overages, etc that are much easier to deal with in shared hosting. You are putting yourself in a potential world of hurt using lightsail out of the box.
You can create a decent instance on Google cloud and host your website for a year with their $300 credit, if you use OpenLiteSpeed, you get access to CyberPanel, and their amazing Litespeed server and Cache. Another option is DigitalOcean, you get a $100 when you signup and create a $5 droplet, also will have the option to use LiteSpeed server. Edit: it seems Google has lowered the free trial duration to 3 months with same $300 credit. But you can still use the always free resources.
== About Community ==
Members
Online
== Powerups ==
httpswww.redditstatic.com/desktop2x/img/powerups/powerups-rangers.png)
