Server Maintenance Guide

Introduction

This maintenance guide provides essential tasks and procedures for keeping your WordPress server secure, optimized, and running smoothly. It is based on the server installation and configuration documentation and focuses on regular maintenance activities that should be performed to ensure the health and performance of your server.

The guide is organized by maintenance frequency (daily, weekly, monthly) and by component (server, WordPress, database, etc.), making it easy to create a maintenance schedule that works for your needs.

Daily Maintenance Tasks

System Monitoring

Check System Resources

Monitor CPU, memory, and disk usage to identify potential issues before they become critical.
```
# Check current system resource usage
htop

# Check disk space usage
df -h

# Check memory usage
free -m
```

Review System Logs

Regularly check system logs for errors, warnings, or unusual activity.

# Check system logs
sudo journalctl -p err..emerg --since "24 hours ago"

# Check authentication logs for failed login attempts
sudo grep "Failed password" /var/log/auth.log

Monitor Fail2ban Status

Check if Fail2ban is actively blocking malicious IP addresses.

# Check Fail2ban status
sudo fail2ban-client status

# Check specific jail status (e.g., sshd)
sudo fail2ban-client status sshd

WordPress Maintenance

Check for WordPress Updates

Regularly check for WordPress core, theme, and plugin updates.

# Navigate to your WordPress installation
cd /var/www/example.com/public_html

# Check for WordPress updates using WP-CLI
sudo -u www-data wp core check-update
sudo -u www-data wp plugin list --update=available
sudo -u www-data wp theme list --update=available

Review WordPress Error Logs

Check WordPress error logs for PHP errors or warnings.

# Check WordPress error log
sudo tail -n 100 /var/www/example.com/logs/php_errors.log

Weekly Maintenance Tasks

Security Maintenance

Update System Packages

Keep your system up-to-date with the latest security patches.

# Update package lists
sudo apt update

# Install available updates
sudo apt upgrade -y

# Remove unused packages
sudo apt autoremove -y

Check for Unauthorized Access

Review user accounts and login history for any unauthorized access.

# List all user accounts
cat /etc/passwd | grep /home

# Check login history
last

# Check for failed login attempts
sudo grep "Failed password" /var/log/auth.log | tail -n 20

Verify Firewall Rules

Ensure your firewall rules are properly configured and active.
```
# Check UFW status
sudo ufw status verbose
```

WordPress Updates

Apply WordPress Updates

Apply any pending WordPress core, theme, and plugin updates.

# Navigate to your WordPress installation
cd /var/www/example.com/public_html

# Update WordPress core
sudo -u www-data wp core update

# Update plugins
sudo -u www-data wp plugin update --all

# Update themes
sudo -u www-data wp theme update --all

Test Website Functionality

After applying updates, test your website to ensure everything is working correctly.
```
# Check WordPress site health
sudo -u www-data wp site health status
```

Database Maintenance

Optimize WordPress Database

Regularly optimize your WordPress database to improve performance.

# Navigate to your WordPress installation
cd /var/www/example.com/public_html

# Optimize WordPress database
sudo -u www-data wp db optimize

Backup WordPress Database

Create regular backups of your WordPress database.

# Navigate to your WordPress installation
cd /var/www/example.com/public_html

# Backup WordPress database
sudo -u www-data wp db export /var/www/example.com/backups/db-backup-$(date +%Y%m%d).sql

Monthly Maintenance Tasks

Performance Optimization

Check and Optimize Swap Space

Verify that swap space is properly configured and functioning.

# Check swap status
sudo swapon -s

# If swap is not enabled or needs to be recreated, follow the instructions in the server hardening guide:
# [Server Hardening Guide - Configuring Swap Space](/server-installation-and-configurations/06-server-hardening#62-configuring-swap-space)

Verify Network Optimization Settings

Check that network optimization settings are still in place.

# Check network optimization settings
sudo sysctl -a | grep -e "net.ipv4.tcp_syncookies" -e "net.core.somaxconn" -e "net.ipv4.tcp_max_syn_backlog"

# If settings are not optimal, follow the instructions in the server hardening guide:
# [Server Hardening Guide - Network Layer Optimization](/server-installation-and-configurations/06-server-hardening#65-hardening-and-optimizing-the-network-layer)

Check PHP OPcache Settings

Verify that PHP OPcache is properly configured for optimal performance.

# Check PHP OPcache settings
sudo grep -r "opcache" /etc/php/8.3/fpm/pool.d/

# If settings need adjustment, follow the instructions in the WordPress optimization guide:
# [WordPress Optimization Guide - PHP OPcache](/server-installation-and-configurations/16-optimize-wordpress#166-implementing-php-opcache)

Verify Caching Configuration

Check that your caching solution (FastCGI Cache or WP Super Cache) is working correctly.

# For FastCGI Cache, check if cache files exist
ls -la /var/run/SITE/

# Test cache with curl
curl -I https://example.com

# For WP Super Cache, check plugin status in WordPress
cd /var/www/example.com/public_html
sudo -u www-data wp plugin status wp-super-cache

Security Auditing

Run Security Scans

Perform regular security scans to identify potential vulnerabilities.

# Install and run Lynis security scanner
sudo apt install lynis
sudo lynis audit system

Check for File Modifications

Verify that critical system and WordPress files haven’t been modified unexpectedly.

# For WordPress core files
cd /var/www/example.com/public_html
sudo -u www-data wp core verify-checksums

# For system files, if you have AIDE installed
sudo aide.wrapper --check

Review User Permissions

Ensure that file and directory permissions are set correctly.

# Check WordPress file permissions
cd /var/www/example.com/public_html
find . -type f -exec stat -c "%a %n" {} \; | grep -v "644"
find . -type d -exec stat -c "%a %n" {} \; | grep -v "755"

# If permissions need correction, follow the instructions in the WordPress hardening guide:
# [WordPress Security Guide - File Permissions](/server-installation-and-configurations/15-hardening-wordpress)

Comprehensive Backups

Full System Backup

Create a complete backup of your server, including all files and databases.

# Create a backup directory if it doesn't exist
sudo mkdir -p /var/backups/wordpress

# Backup WordPress files
sudo tar -czf /var/backups/wordpress/files-backup-$(date +%Y%m%d).tar.gz -C /var/www/example.com .

# Backup WordPress database
cd /var/www/example.com/public_html
sudo -u www-data wp db export /var/backups/wordpress/db-backup-$(date +%Y%m%d).sql

# Compress the database backup
sudo gzip /var/backups/wordpress/db-backup-$(date +%Y%m%d).sql

Test Backup Restoration

Periodically test your backup restoration process to ensure backups are valid.

# Create a test directory
sudo mkdir -p /var/www/backup-test

# Extract files to test directory
sudo tar -xzf /var/backups/wordpress/files-backup-$(date +%Y%m%d).tar.gz -C /var/www/backup-test

# Check if critical files exist
ls -la /var/www/backup-test/public_html/wp-config.php

# Clean up test directory
sudo rm -rf /var/www/backup-test

Quarterly Maintenance Tasks

System Optimization

Review and Optimize Server Configuration

Periodically review your server configuration for potential optimizations.

# Check Nginx configuration
sudo nginx -t

# Check PHP-FPM configuration
sudo php-fpm8.3 -t

# Check MariaDB configuration
sudo mysqlcheck --all-databases --check --optimize

Update SSL Certificates

Ensure SSL certificates are up-to-date and properly configured.

# Check SSL certificate expiration
sudo certbot certificates

# Renew certificates if needed
sudo certbot renew --dry-run

WordPress Cleanup

Clean Up Post Revisions

If you haven’t limited post revisions in wp-config.php, manually clean them up.

# Navigate to your WordPress installation
cd /var/www/example.com/public_html

# Clean up post revisions using WP-CLI
sudo -u www-data wp post delete $(wp post list --post_type=revision --format=ids) --force

Remove Unused Themes and Plugins

Delete any themes or plugins that are not being used.

# List inactive plugins
sudo -u www-data wp plugin list --status=inactive

# Delete inactive plugins
sudo -u www-data wp plugin delete $(wp plugin list --status=inactive --field=name)

# List inactive themes
sudo -u www-data wp theme list --status=inactive

# Delete inactive themes (except for Twenty* themes which are WordPress defaults)
sudo -u www-data wp theme delete $(wp theme list --status=inactive --field=name | grep -v "^Twenty")

Maintenance References

For more detailed information on specific maintenance tasks, refer to the following guides:

Conclusion

Regular maintenance is essential for keeping your WordPress server secure, optimized, and reliable. By following this maintenance guide and establishing a regular maintenance schedule, you can prevent many common issues and ensure your server continues to perform at its best.

Remember to adapt this guide to your specific needs and server configuration. Some tasks may need to be performed more or less frequently depending on your traffic volume, security requirements, and other factors.