Skip to main content

Self-hosting WordPress

Stop hopping from one managed host to another. It's time to take full ownership and control.
Learn how to self-host your WordPress site. Your specs, your limits, your rules, your WordPress.

Enroll
Learn more

About this course

Managed WordPress hosting feels like a joke.

I made this course out of frustration, having dozens of my consulting clients spend hundreds or thousands of dollars per month with large and reputable WordPress hosting providers, only to get dumpster performance, vague and silly limitations, overage charges and fair use policies, up-sells to the more expensive plan on every possible blip and blop.

Self-hosting WordPress is not hard, and it gives you all the flexibility in the world:

  • Any core and PHP version you like, including extensions
  • Any theme, any plugin, including page and object caching
  • Any backup destination, retention, size and frequency
  • Any number of installs, users, sites, page views, workers, memory limits, and execution times

However most importantly, self-hosting WordPress unlocks bare metal hardware, which easily results in a 10-20x performance increase over traditional shared, VPS and cloud-based managed platforms for an equivalent or cheaper monthly cost.

By the end of this course, you’ll be able to:

  • Provision and secure a new Linux server with monitoring and alerting
  • Install and configure various services, including PHP, Nginx, MariaDB, Redis/Memcache, Postfix, Logrotate, Monit
  • Configure scheduled backups and work out disaster recovery plans
  • Perform ongoing server maintenance, upgrade the system and services, diagnose errors and performance issues, run load tests

This is a hands-on course. Most of the work will be done in the terminal, running commands and editing configuration files. You must be comfortable with a command line interface, and know the basics of text editing in a Terminal.

Enroll

What you will learn

You will define what production ready means for your site. You will set up a project repository for configs, scripts, and docs. You will get a domain to use with this project and leave with a launch day checklist so nothing is missed.

You will choose a provider and plan that fit your goals and budget. You will learn how to read CPU models, core counts, frequency, storage, and network specs so you can pick with confidence. By the end you will have a fresh server online and reachable over SSH.

You will put safe defaults in place from day one. You will create a non-root user, tune SSH and sudo, install and configure fail2ban to reduce brute force attempts, and enable a simple firewall that allows only required services. You will also enable unattended security updates and configure logrotate.

You will install Nginx and PHP, and configure the FastCGI service. You’ll fine tune the number of PHP and Nginx workers, configure sane memory and file size limits, execution time and more. You will map a domain to your server, hide your HTTP service behind Cloudflare, and make sure no alternative route is possible.

You will install a MariaDB server and right-size it to your server specs. You will create a database user for your future WordPress application. You will enable and test the MariaDB slow query log for future performance troubleshooting.

You will download and install WP-CLI management utility. You will then use it to install the latest WordPress core version, create a configuration file, run the installation. You will update the Nginx configuration to support WordPress permalinks. You will also configure the server cron service to run the WordPress Cron.

You will install Postfix and configure it to relay email through an SMTP service of your choice. You will then make sure PHP is configured to relay mail through the postdrop service. You will verify delivery and health of a test email from wp_mail().

You will install and configure Redis for object caching in WordPress. You will also install a page caching plugin of your choice. You will also ensure you can measure response times, and easily find the slowest requests from your server logs. You will run some load test against your application.

You will configure fail2ban for bruteforce protection against common attack vectors in WordPress: including application passwords, XML-RPC and wp-login.php. You will update your Nginx configuration to ensure sensitive files remain private and enable rate limiting. You will write some helper scripts to determine and quickly ban bad actors from server logs.

You will determine everything that needs to be backed up. You will create scheduled jobs to perform on-site backups, and ship them to an off-site location. You will configure a retention policy to delete old backups. You will also learn how to quickly make on-demand backups and explore existing backups.

You will ensure all your services can survive a server reboot. You will create alerts for various system resources and spikes in errors, high response times, slow queries, email delivery errors and more. You will also set up a third-party uptime monitor.

You will learn how to schedule core, theme and plugin updates. You will also write and test a helper script to roll back updates when things break. You will learn how to put your site into maintenance mode to perform PHP and MariaDB upgrades.

Advanced modules include: Deploying & CI/CD pipelines, Multisite and multiple sites, staging and migrations, disaster recovery, Docker containers and more caching and performance strategies.

Explore the full course plan to learn more.

I'm Karl Kubelet

I will teach you how to host WordPress, and everything around it.

I run a firm called Koddrio, a small team of freelance consultants with over three decades of combined WordPress experience. We've consulted top-tier WordPress hosting providers and enterprise brands for their scaling and performance needs.

In this course I will teach you how to do what I do best: configure and manage servers for WordPress applications. From launching your first server, to running a load test and realizing why "managed" hosting feels like a gimmick.

Karl Kubelet

What people are saying

  • Gennady Kovshenin

    Even after years as a sysadmin, I was blown away by how much I didn't know. Karl's ability to explain complex stuff is incredible.

    Gennady Kovshenin

    WordPress Core Contributor, Speaker

  • Olga Goryaeva

    Karl helped us move off of WP Engine to a Hetzner server, saving 3.5k/yr. Our sites run faster and we have plenty of room to grow.

    Olga Goryaeva

    Spot Digital, WP Magazine

  • Mystery Man

    Share a little testimonial after completing the course, and I'll pay up to $50 towards your hosting bill.

    Enroll

Get started for free

Starter

Free
No risk, big reward
  • 10 lessons
  • Access to source/config repos
  • Partner discounts
Enroll

Premium

$ 96
Lifetime access
  • All 92+ and future lessons
  • Advanced modules
  • Discord community
Enroll

Elite

Custom
Rent-a-Karl
  • Premium access
  • Migration assistance
  • 1-1 training/consulting
Contact me

Frequently asked questions

What are the prerequisites?

Server management is mostly done via a command line interface, so you will need to be able to use one. You don't need to be an expert in Vim or Nano, but you should be able to edit and save a config file.

How much time do I need to manage a server?

Initial setup can take a few hours. Ongoing maintenance tasks typically total to 30-60 minutes every month. Big OS upgrades can take longer, though you can choose to do them only once every 5 years with LTS releases.

Do I need expensive hardware?

No, you can start with a single-core $5 VPS. Everything you learn will be applicable to a 128-core $1400 dedicated server, colocated hardware, and your homelab Raspberry Pi.

When will my subscription renew?

Never. All plans include lifetime access with no recurring membership fees.

Start learning today

Enroll