Yes, you heard it correctly! wetopi now has additional/redundant IP address to access the infrastructure of Load Balancer and Web Application Firewalls.
Table of Contents
- Why I need a redundant network ?
- How does it work?
Why I need a redundant network ?
To Increase the High Availability (HA) of your WordPress servers.
Wetopi now has a second line of Load Balancers and Web Application Firewalls with its own new IP address. For those who doesn’t know what is WAF Balancers and HA, keep reading the post, you will get an idea in a little while 🙂
How does it work?
By pointing your site to two IP addresses, Your WordPress site will have dual traffic routes.
- When you type an URL in the web browser
- The web browser queries the DNS requesting for the resolution of our domain.
- The DNS, in our case, will respond with 2 IP addresses. Meaning: yes this domain has two points of access, two possible routes.
- The browser then stores the two wetopi IP addresses. (check your chrome DNS cache here: chrome://net-internals/#dns or learn more in this crash course in net internals).
- Browser opens a pool of connections using alternatively both addresses to serve content.
The benefits are;
When one route fails, the browser removes the IP address from the connection pool and your site will be available continuously without any connection disruption.
What does High Availability (HA) mean?
High availability refers to systems that are durable and likely to operate continuously without failure for a long time. The term implies that parts of a system have been fully tested and that there are accommodations for failure in the form of redundant components.
Main wetopi HA redundant components:
- Double IP address on each POA (Point Of Access)
- Double Load Balancer per network route.
- Double WAF reverse proxies per network route.
- WordPress CVMs (Containerized Virtual Machines) run on a cluster of nodes.
- Manager nodes in charge of CVMs orchestration: 4 per cluster. Manager nodes are responsible for maintaining your WordPress server alive. If your server fails, the manager moves it to an active node.
- SSD Storage: replica 3. Each file is stored three times to ensure your files are safe when we have Storage hardware failures.
What is a WAF?
A web application firewall (or WAF) filters, monitors, and blocks HTTP traffic to and from a web application. A WAF is differentiated from a regular firewall in that a WAF is able to filter the content of specific web applications while regular firewalls serve as a safety gate between servers. By inspecting HTTP traffic, it can prevent attacks stemming from web application security flaws, such as SQL injection, cross-site scripting (XSS), file inclusion, and security misconfigurations.
|Data injection from untrusted source||Identify and block requests that contain untrusted data or code|
|Invalid authentication||Protect against exploitation|
|Cross site scripting||Protection against malicious code entry|
|Incorrect access control||Enforced access control|
|Misconfiguration||Protection from misconfiguration|
|Exposed Data||Protection against leaked information|
|Attack Protection||Secondary layer protection|
|Cross site forgery||Protection against forged request|
What does the load balancer do?
A load balancer is a device that distributes web traffic across multiple back end servers in order to improve website response time and provide redundancy.
How do i enable High Availability for my WordPress site?
You need to update your Domain DNS record to enable High Availability for your WordPress site.
Go to your wetopi panel → select your site→ click the “Domain DNS config”.
There, you will find the IP addresses that you need to add to your DNS server for enabling High Availability for your website.
For your reference, you may view this video:
We are techies passionate about WordPress. With wetopi, a Managed WordPress Hosting, we want to minimize the friction that every professional faces when working and hosting WordPress projects.
Not a wetopi user?
Free full performance servers for your development and test.
No credit card required.