Category: Linux

HTTP/3 (based on QUIC, RFC 9000) reduces page load time by eliminating TCP head-of-line blocking and reducing connection setup latency — connections over QUIC complete in 0-RTT on repeat visits compared to 1-RTT for TLS 1.3 over TCP. Nginx 1.25+ includes experimental QUIC/HTTP3 support that can be enabled alongside HTTP/2, giving browsers that support QUIC…

Podman is a daemonless, rootless container engine that is a drop-in CLI replacement for Docker — podman run accepts the same flags as docker run — but runs containers as an unprivileged user with no background daemon. For WordPress server deployments, rootless Podman containers provide stronger isolation than Docker (no root daemon to compromise) and…

The Linux Audit daemon (auditd) records file accesses, process executions, and privilege changes at the kernel level — events that application-level logging never captures. For WordPress servers, auditing writes to wp-config.php, executions of PHP in the uploads directory, and su/sudo events gives you a tamper-evident log trail that survives even if the attacker deletes application…

eBPF (extended Berkeley Packet Filter) lets you attach lightweight programs to kernel and userspace tracepoints with zero application code changes. For WordPress performance work, bpftrace and the BCC toolkit can trace every PHP function call, MySQL query, or file I/O event in real time — far more granular than APM tools and without the overhead…

Linux network namespaces let you run multiple WordPress instances on the same physical server with completely isolated network stacks — each namespace has its own loopback, virtual interfaces, routing table, and iptables rules. Combined with veth pairs and a bridge device, you get per-site firewall policies and the ability to run multiple MySQL instances on…

On a shared WordPress server running multiple PHP-FPM pools, one pool’s CPU spike or memory leak can starve the others. Linux cgroups v2 — exposed through systemd slices and service limits — lets you assign hard CPU and memory ceilings to each pool so a runaway plugin cannot take the entire server down. This requires…

The default Linux kernel parameters are tuned conservatively for general workloads. A WordPress server handling thousands of concurrent visitors benefits from a small set of sysctl tweaks: larger TCP buffers, faster TIME_WAIT recycling, increased file-descriptor limits, and a more aggressive vm.swappiness. These changes require no reboot and can be applied live.

The Linux OOM (Out-Of-Memory) Killer terminates processes when the system runs out of RAM and swap space. On WordPress servers, it typically kills either MySQL or PHP-FPM — causing database corruption or 502 errors. Correct swap and OOM configuration makes the difference between a graceful slowdown and a hard crash.

PHP-FPM (FastCGI Process Manager) is the PHP runtime behind most production WordPress servers. Its pool configuration controls how many worker processes handle requests, how they’re managed, and how to detect slow scripts — getting these settings right prevents both OOM crashes and request queuing under load.