4 min read

I find wordpress to be sufficient for my needs for a blog, so it’s my go-to for a really simple site or blog. If custom logic is needed, it’s a no-go, and it’s all the way custom based on what’s needed. “Right tech for the job.”


In this series I’ll show how to create a simple, fast and security-conscious blog.

Part 1: Hosting / installation

Part 2: Plugins, upgrading PHP, HTTP security headers

Part 3: Caching, WAF and Optimizations

Part 4: Monitoring and performance testing


Hosting / Installation

Azure, AWS and GCP have great free offerings for getting started, and free-tier that’s probably sufficient for small blogs. WordPress.com could be a good option as well. I prefer Digital Ocean in this case, because I have full control over the VM, it’s really cheap ($6/month), it’s a one-click deploy droplet, and really fast. Digital Ocean also monitors security bulletins and sends me relevant info on vulnerabilities, so I can patch anything that’s needed, and they handle backups seamlessly.

Sign up for an account at https://www.digitalocean.com/

Create droplet

In your dashboard, at the top right, click Create -> Droplets

Building a fast and secure blog - Part 1 1

Under Choose an image, switch to the Marketplace tab and scroll down to the end, and choose WordPress

Building a fast and secure blog - Part 1 3

Choose a plan. Standard is usually good, and scroll to the left and choose the $5/month plan (you can choose a higher one if you think you need it, but we’ll be caching a lot)

Next choose your datacenter region

Select additional options you need. I go with IPv6 and Monitoring

Building a fast and secure blog - Part 1 5

Choose your Authentication mode (SSH keys are more secure). Create a new ssh key with ssh-keygen or check out this guide on creating SSH Keys with Putty

Scroll down to Add backups and Enable backups (costs an extra $1/month and well worth it)

Building a fast and secure blog - Part 1 7

Click Create Droplet

Building a fast and secure blog - Part 1 9

In a few seconds (around 30 seconds) you’ll be good to go and your blog will be up.

Click on the newly created droplet. You’ll see its IP address, and some info on allocated resources.

Building a fast and secure blog - Part 1 11

Click on Access -> Launch Console

Building a fast and secure blog - Part 1 13


Once you logged in, you’ll start the wordpress setup.

The script will ask you a bunch of questions and configure wordpress for you. Enter a domain name for your blog, enter your email address, set up an admin account on wordpress (always use a different password then your Digital Ocean or VM account if you went with OTP instead of SSH)

Secure the blog with a LetsEncrypt certificate, basically just follow the wizard until finished, and your wordpress should now be up and running.


Restart Apache

In the VM’s console run

service apache2 restart


Update your DNS server to point to your new blog

Buy a new domain (ex: GoDaddy, Google Domains, Azure, etc)

Go to DNS settings, and change the A records for @ and www to point to your VM’s IP address (it’s listed in the VM’s dashboard under ipv4)

Building a fast and secure blog - Part 1 11


Add Firewall Rules

Go to Networking -> Firwalls tab -> Create Firwall

Give it a friendly name

Under Inbound Rules, remove All IPv4 and All IPv6 and add your IP Address(es), then add HTTP and HTTPS and leave those open to all for now, then scroll down and under Apply to Droplets, select your VM and click Create Firwall.

Building a fast and secure blog - Part 1 17