= Ingabe ukuzibamba ngokwakho isiza se-WordPress ku-inthanethi yokuhlala kuyasebenza? =
Bengibheka ukusingatha isiza se-WordPress kuseva yami yasekhaya kunokuba ngikhokhele ukusingathwa. Ngohlelo lwami lwe-inthanethi lwamanje ngino-100 phansi ngo-15 phezulu, ngeshwa ubukhulu be-ISP yami enginikezayo endaweni yami. Ngibheke nje ukuthumela ibhulogi elula. Yini engingayilindela ngokweqiniso ngokuhlakanipha kwethrafikhi? Zingaki izivakashi engingazithatha ukuze kube nomthelela obonakalayo ekusetshenzisweni kwami kwe-inthanethi?
Ngokuhlakanipha kwethrafikhi cishe ngeke ube nezinkinga ezinkulu, ngaphandle uma isayithi lakho lisindwa yimidiya.
Kodwa-ke, ungamela isayithi lakho ngohlelo lwamahhala lwe-Cloudflare futhi uma usetha ama-plugin ahlukahlukene we-Wordpress SEO / caching ngendlela efanele, uzokhipha. umthamo wethrafikhi oya ku-Cloudflare futhi uzonciphisa kakhulu inani ledatha elayishwayo kusuka kuseva yakho yasekhaya lapho othile evakashela isayithi lakho.
Ungase futhi ufune ukuhlola ukuthi ayikho yini imikhawulo evela ku-ISP yakho yokubamba amawebhusayithi ngoxhumano lwakho lwe-inthanethi yasekhaya, okuhlanganisa imigomo yokusebenzisa kanye nemikhawulo yobuchwepheshe (isb. I-CGNAT). Uma ungenalo ikheli le-IP lomphakathi bese umisa i-VPS eshibhile futhi i-WireGuard izosebenza, kodwa-ke ungase uphathe i-WordPress nakhona ngaphandle uma kunezizathu ezithile ozifunayo. kuseva yakho yasekhaya.
Uma i-OP inquma ukusebenzisa i-Cloudflare noma yiziphi izinkinga ze-CGNAT / imikhawulo ye-ISP kumachweba angenayo ingancishiswa ngokushicilela isayithi nge-Cloudflare Tunnel (
cloudflared kanambambili).
Isebenza kahle kakhulu futhi iyindlela ephephe kakhudlwana yokuthola insizakalo ku-inthanethi nge-Cloudflare noma kunjalo futhi inzima kakhulu kune-VPS fronting njll.
Ngisingatha cishe izinsiza eziyi-10 ezivela ekhaya ezibonakalayo (inani lezinsizakalo ezingama-30). Indlela engiphatha ngayo lokhu:
Vala irutha yami ye-ISP ukuze uvumele imbobo engu-80 kanye ne-443 kuphela ukungena, vimbela nayo yonke i-UPnP.
Sebenzisa i-firewall ezinikele (Yehlisa) futhi uvimbele i-geo wonke amazwe ngaphandle kweyami. Nginebhulogi encane kakhulu futhi iningi lezinsiza zami ngezami kuphela, ngakho-ke angidingi ukutholakala emhlabeni jikelele. Lokhu kuvimbela kunciphisa cishe yonke imizamo yokuskena imbobo. I-F/W iphinde isebenzise ukutholwa kokungenela kanye nokufanayo (ivimbe) ngokumelene namakheli e-IP awaziwayo, ngakho imisa yonke into.
Zonke izinsiza zami ziqhutshwa nge-nginx reverse proxy enegama lokufaniswa kwephasi kuphela. Uma i-URL efakiwe ingafani ncamashi iyayekwa. Amarekhodi Ami ayizintambo ezingahleliwe ingxenye enkulu (ngaphandle kwebhulogi) ngakho-ke bekungeke kwenzeke ukuqagela futhi awashicilelwa noma kuphi. Zonke izinkonzo ziyi-SSL kuphela ngokuvuselelwa okuzenzakalelayo kwe-certbot. Izixhumanisi ku-port 80 ziqondiswe kabusha ngokuzenzakalelayo ku-443.
Zonke izinsiza zisebenza ezitsheni eziku-Kubernetes ngakho-ke noma yikuphi ukuyekethisa uma kulinganiselwe kakhulu.
Yonke into ingeniwe futhi zonke izinsiza zinamagama ayimfihlo ezinhlamvu ezingu-20 kanye ne-2FA, ngakho azikwazi ukuphoqelelwa ngonya ekukhiqizeni iphasiwedi. I-Fail2ban ithatha imizamo ephindaphindiwe ehlulekile kanye nokuvinjwa kwezinsuku ezingu-30.
Nginelayisensi egcwele ye-Veeam (ilayisensi ye-dev) engivumela ukuthi ngenze isipele ku-AWS S3 nsuku zonke ukuze ngilulame. I-S3 inguqulo ngakho nginekhophi engu-1 kuphela efwini kanye "nezinguqulo"ezingu-29, okunginika ukubuyisela emuva inyanga egcwele uma kudingeka. Ngiphinde ngigcine amakhophi endawo angu-2 ku-NAS kanye nedrayivu ye-USB3 yangaphandle.
Okokugcina ngineskripthi esisebenza njalo ngehora esiskena i-IP yami ye-ISP ngokumelene nerekhodi lami le-R53 A (nginerekhodi elilodwa elingu-A kanye namarekhodi angama-20 noma ngaphezulu e-CNAME, ngakho kufanele ngishintshe elilodwa kuphela lombhalo) futhi ngilishintshe uma i-ISP yami iphoqa. ushintsho lwe-IP. Ngezinye izikhathi benza lokhu phakathi kwamabili njalo emavikini angu-2 noma ngaphezulu, kodwa ngezinye izikhathi ngingathola ukwehla kwe-ADSL phakathi nosuku okuzophumela ekhelini elisha le-IP.
I-geo block ingitholile kamuva nje. Ngikwenze kwasebenza lokho ku-firewall yami yokuhlanganisa kamuva nje, futhi ngavimba amazwe amaningi. Kuvele ukuthi ezinye izinsiza ezisingathwa emazweni anjalo ngeke zisebenze - noma ngabe isicelo sokuqala sivela ku-PC yakho. Umkami ubengajabule kakhulu lapho engasakwazi ukufinyelela kuphothali yenkampani yakhe, futhi engakwazi ukwenza ishidi lakhe lesikhathi.. ngokusobala lezo zinsizakalo usingathwe emazweni anezindleko eziphansi kumqashi wakheâÃÂæ
Endabeni yami i-fail2ban ivumela umzamo owodwa ohlulekile esikhathini esingamahora angama-24 futhi phezu kwalokho kwehluleka ivimbela i-IP. Konke ukufinyelela kusevisi nge-SSH kungeniwe futhi i-imeyili ithunyelwa. Ngisebenzisa iseva ye-SSH enemininingwane eminingi edinga i-8k bit rsa.
I-Fail2ban ihlanganisa inqwaba yezinsizakalo ezisetshenziswa eziphakelini zami zasekhaya.
Bengilokhu ngikwenza lokhu ngengxenye engcono kakhulu yeminyaka engu-20+ edlule.
Ngiphinde ngibe ne-/28 evela kubo bonke abahlinzeki engike ngaba nensizakalo, ukuze kube lula, ngama-IP ayi-16 agxile emphakathini engingasebenza nawo.
Ungase ufune ukuyihambisa nge-cloudflare ukuze uvimbele isiRashiya, isiShayina namanye amazwe aziwa kakhulu ekufinyeleleni isayithi. Uma kungenjalo uzoba "nezivakashi"eziningi ezivamile.
Lapho ngikwenzile lokho angizange ngithole izivakashi kusayithi lami.
Ingabe kuyafana ngokobuchwepheshe uma ngifuna ukuvumela izivakashi zaseRussia nezaseShayina kodwa ngivimbe i-United States of America ukuthi ivakashele isayithi?
Angikholelwa kule ndlela, ikakhulukazi uma ithrafikhi yakho ingakhawulelwe ezweni lakini. Vele uvumele i-firewall icushwe ekufinyeleleni okusolisayo futhi uvimbele unomphela ikheli ngalinye; okungenani yilokho engikwenzile. Ngaphandle kokuhlaziywa kwezokuphepha kungaba nzima noma kungenzeki ngokuqondile nge-CDN ngaphambili. I-SSL, i-service abstraction (isitsha, i-vm) nawo wonke amanye amazinga okuphepha ayashiwo
Noma sebenzisa i-pfsense njengomzila wakho. Engeza i-pfblocker-ng futhi usebenzise i-geoip blocking ukuze uvimbele noma yiliphi izwe olifisayo.
Ungakwenza. Kepha kulula kakhulu ukusingatha isiza sakho ngokubamba okuphansi okwabiwe ngama- $ 10- $ 12 ngonyaka. Ungakwazi ukusingatha isayithi lakho ngezindleko eziphansi ze-vps nge-$ 15-$ 20 ngonyaka. Izindleko zikagesi zokusebenzisa iseva ye-x86 zizoba ngaphezulu kakhulu kwama-$20 ngonyaka ngicabanga, ngakho-ke akunangqondo ukusebenzisa iseva yonke ukuze nje ubambe ibhulogi. Uma uhlela ukwenza okuningi ngeseva, mhlawumbe kufanelekile ukuyisingatha endaweni.
Uma ufuna ngempela ukusingatha isayithi lakho endaweni, ngizophakamisa ukuthi uthenge i-raspberry pi noma i-pi clone efana ne-orange pi. Bese ubamba iwebhusayithi kulokho, lawo makhompyutha amancane ebhodi elilodwa adla amandla amancane kakhulu.
Uma ngikhuluma iqiniso impela, ngingamangala uma omunye umuntu ngaphandle kwakho, abanye abangani obatshele, futhi, kuye nge-SEO yakho, abanye abantu abangahleliwe ku-inthanethi bathola indlela eya kusayithi lakho. Inqobo nje uma ungenakho okungaphezu kokuthi abasebenzisi abangu-3-5 ngesikhathi esisodwa ngingacabanga ukuthi ungaba muhle. Ngingathi mhlawumbe abasebenzisi abakanye nabo abayi-10 baqaphele ukucwiliswa kwezivinini zokulayisha.
Ngihlela ukubhala izindatshana ngizithumele ezinkundleni zokuxhumana. Ngethemba ukuthi ngizothola izivakashi eziningi kunalokho, kodwa angizange ngibambe umoya.
== Mayelana Nomphakathi ==
Amalungu
Ku-inthanethi
I-Reddit
