WordPress is a great tool but, to work well, it requires the right resources, come on, like any content manager.
WordPress itself requires very few resources but how many people do you know who use a WordPress to hair? Little or none. Most people look for a template that is not a Standard one, and always install some plugin that does something special. In short, although WordPress requires some basic minimum requirements, these cannot be met.
After the release of WordPress 5.0 and WordCamp US, a series of changes have begun regarding the infrastructure and minimums that WordPress is going to require.
To begin with, let’s look at the subject of PHP. WordPress runs from PHP 5.2 to PHP 7.3, which means that it supports versions that are 10 years old or older, even versions that haven’t had security support for many years. It will start January 2019 only with security support of PHP 7.1 versions, and maintenance of 7.2 and 7.3, just released.
How can we verify that we are up to date? Right now a good tool is the Surf Happy key project, currently known as the Health Check plugin.
This plugin will soon be integrated into the WordPress kernel, before the release of version 5.1, and will aim to have everyone update their PHP version to an equal or higher than 5.6 by April 2019, and to an equal or higher than 7.0 by 2020. So, if you use WordPress and you still don’t have this plugin installed, do it because it will allow you to verify the health status of your installation.
Remember: having a version lower than PHP 7.1 can affect the security of your WordPress.
Remember that keeping a few versions of PHP updated will ensure compatibility and the proper functioning of core, plugins and themes in your installation.
But this plugin not only analyzes PHP, but also databases. Nowadays there are many MySQL options (and forks) available. Besides MySQL itself, we have the version MariaDB. In the case of WordPress we can say that it doesn’t matter which edition of these I’m commenting on is the best, because it doesn’t matter, but what doesn’t matter is its version.
Although databases are compatible, what is less is their performance. That a website works well and fast depends, in large part, on the functioning of its database. This is why my recommendation is to use a MySQL +8.x or a MariaDB +10.1. With this you will ensure that the performance of the system is correct. Remember that versions older than MySQL 5.6, besides being somewhat insecure, have a performance lower by 30%.
Shared or dedicated hosting ? As for this question there are some basic elements, especially related to how much power you need. If you are simply going to have a blog or a corporate website, with a contact form but no financial transactions, my recommendation may be a shared hosting, something simple, something about 10$ a month (120$ a year) may be correct. A website of this style, in principle, does not usually have complex configurations, so something simple is enough.
If you have a more complex website, with forums, with an e-commerce, with some kind of transaction, you need something more powerful. In these cases I suggest a shared hosting that guarantees a minimum of CPU, memory, and space, or a dedicated hosting. Obviously this raises the price (not so much) but you can go to a minimum of 25$ per month (300$ per year). If you have traffic, at least you will need between 1 and 2 CPUs and at least 2 GB of RAM. If the system is well set up, this is a good base, and you can actually scale a lot more for that price.
On the other hand we have the web server. Undoubtedly the best known may be Apache HTTPD, but also appears on scene nginx. Personally in these last times my bet is for LiteSpeed, and if there is the possibility, with license. Web servers actually today, with a standard configuration, any serves, but each has its peculiarities and possibilities when it comes to caching. This is where we have the following element: the cache. Web servers play an interesting role in this.
For WordPress we have to take into account at least 3 layers of cache: browser, page and objects.
The browser cache can actually be configured at the web server level, and generally affects images and static. i also recommend you to use a CDN.
The second part is the page cache. This option is the most common and is usually configured with a WordPress plugin. One of the most common is the WP Super Cache. Its work is simple but sometimes its configuration is complicated.
The last option is perhaps the most complex but the one that, in my opinion, provides the most: the object cache. This allows, among other things, to store and pre-calculate better time elements, and even the storage of database queries that are repeated very often. In this case this system implies to have Redis or memcached configured in the server, something that not all the shared hosting have.
Another element of series that must be kept in mind are the backups. Your system has to have integrated backups (or at a very cheap price) that allows you to recover at least the information of the last week without problems. If your provider doesn’t give you automatic backups, take the time to set up a good backup plugin, especially one that allows you to create copies on a server or external service. A plugin that I like very much is BackWPup, because it has many options, although it does not restore you automatically.
Finally, the issue of security. As far as possible, your web hosting should have its own security layer against attacks, its own Firewall outside WordPress. If not, you will have to configure a plugin for it, but it will consume many more resources and make your website slower.
And remember, too, to always have a server that supports HTTP/2.0 with a TLS certificate for HTTPS.