Optimizing Website Performance

I used JetPack Boost and Google's PageSpeed Insights to optimize CSS and improve website performance.

?I’m always looking to improve the performance of my website. I’m using the free version of [JetPack Boost] and Google’s PageSpeed Insights services to check my website performance. I look at the recommendations for improvement and implement them where I can. I have turned on features in JetPack Boost to optimise CSS load and defer non-essential Javascript until after the page loads, so the important stuff loads faster. I enabled lazy image loading to load only images the user can see. Doing all of that can make the website feel snappier.

The Image CDN feature delivers images from Jetpack's Content Delivery Network (CDN). The CDN Automatically resizes your images to an appropriate size, converts them to modern, efficient formats like WebP, and serves them from a worldwide network of servers. When I have uploaded later edits of images, I have had issues with the CDN serving the old versions of images instead of the updated version. I did not enable the Image CDN feature.

JetPack Boost Config
JetPack Boost Config

However, I was only partially happy with the results. When I ran a test using PageSpeed Insights, I got a pretty shitty score with a message that the website had failed the Core Web Vitals Assessment. I wanted to do better. The cool thing about PageSpeed Insights is that it will diagnose performance issues and suggest recommendations for improvement. PageSpeed Insights recommended using a more optimised theme, an optimisation plugin, or upgrading the server.

JetPack Boost Score
JetPack Boost Score

I’m using an IndieWeb version of the Twenty Sixteen theme. It has an additional markup for microformat2, which could be causing some performance issues. However, removing that code is not an option since I need microformat2 support to use the IndieWeb plugins. I’m using a fairly robust virtual private server from Digital Ocean. I don’t see any issues in the Digital Ocean dashboard to indicate that server performance is an issue.

PageSpeed Insights
PageSpeed Insights

The other recommendation from PageSpeed Insights was to use the Performance Lab plugin to convert uploaded JPEG images into WebP automatically. The Image CDN feature of JetPack Boost does this, but as I mentioned before, I have had issues with the CDN serving the old versions of images even after new ones are uploaded.

Digital Ocean VPS Dashboard
Digital Ocean VPS Dashboard

That left me with one viable option: an optimisation plugin. The WordPress HealthCheck feature kept complaining that I had no object caching service installed. It recommended Redis. After reading How to Setup Redis Caching for WordPress with Ubuntu 20.04 and Nginx and How to Install Redis on Ubuntu 20.04 / 18.04, I installed and configured a Redis server. I also installed and configured the Redis Object Cache plugin by Till Krüss.

Configuration

As a starting point, I used the following settings from the INSTALL.md on the Redis GitHub. ** Please make sure to change the cache keys to something unique**. I used the wordpress.org salt generator to create a unique key for my installation. By default, the object cache will connect to Redis Server over TCP at 127.0.0.1:6379. For security reasons, I explicitly defined the host and port settings.

//Adjust Redis host and port if necessary ?define( 'WP_REDIS_HOST', '127.0.0.1' );?define( 'WP_REDIS_PORT', 6379 );??// Set a cache key salt and enable a persistent cache with the Redis object cache plugin?define('WP_CACHE_KEY_SALT', ’example.com');?define('WP_CACHE', true); ??// Reasonable connection and read+write timeouts?define( 'WP_REDIS_TIMEOUT', 1 ); ?define( 'WP_REDIS_READ_TIMEOUT', 1 );?

There are other Redis settings that I want to learn more about before enabling them.

Configuration constant Description
WP_REDIS_PASSWORD The password of the Redis server. Supports Redis ACLs arrays: ['user', 'password']

Since I have set the Redis server to only listen on localhost, setting WP_REDIS_SCHEME isn’t critical. However, this setting would add another layer of security.

Results and Up Next

JetPack Boost Score Worese
JetPack Boost Worse

JetPack Boost said my website performance had fallen after enabling Redis. There was a caveat message from JetPack Boost Most of the time, JetPack Boost will increase website speed, but there may be cases where the score does not increase. The JetPack Boost documentation on improving the Site Speed Score recommended using Google’s PageSpeed Insights tool. I found that suggestion humorous. I considered if there was a conflict between JetPack Boost and Redis and how JetPack Boost reports performance. I decided to rely on the results from PageSpeed Insights.

Disabling the Optimize Critical CSS Loading of JetPack boost improved the Desktop Score but worsened the Mobile Sore significantly. I’ll keep experimenting and reading and learning about Redis. I want to ensure I have optimised my website as much as possible. Seeing the word, Failed on the PageSpeed Insights test agitates me.

Jim Grey appears to be using the Yoast SEO caching plugin. I ran one of his posts through PageSpeed Insights, and his website got a Core Web Vitals Assessment: Passed. I’ll try using a caching plugin with Redis and see what happens.?

Ed25519 Keys for SSH

A technical article detailing how I switched my SSH login on a remote Linux server to use Ed25519 keys.

I changed my SSH login to my remote Linux server to use Ed25519 keys. This is one of the few technical articles I wrote this year. Writing these articles helps me better understand the technologies I use.

Ed25519 is a widely used public-key signature algorithm based on elliptic curve cryptography (ECC). It was designed by Daniel J. Bernstein, Niels Duif, Tanja Lange, Peter Schwabe, and Bo-Yin Yang. The "ed" in its name stands for the Edwards curve, which is the elliptic curve used in the algorithm.

Ed25519 is designed to provide high security while maintaining excellent performance. It offers 128-bit security, which means it is resistant to known cryptographic attacks. The algorithm is specifically optimised for speed, making it efficient for various applications.

Ed25519 is based on the twisted Edwards curve called Curve25519, which Daniel J. Bernstein also developed. The choice of this curve offers several advantages, including resistance against certain types of side-channel attacks and efficient implementation across different platforms.

Ed25519 uses elliptic curve key pairs for signing and verification. Key generation involves selecting a random 256-bit secret scalar, which is used to compute the corresponding public key. The secret scalar should be generated using a cryptographically secure random number generator.

To create a signature using Ed25519, the signer uses their secret scalar and the message they want to sign. The algorithm applies a series of mathematical operations to produce a 64-byte signature. This signature can be verified using the corresponding public key.

Signature verification involves using the signer's public key, the received message, and the signature. The verification process applies a set of mathematical operations to confirm the authenticity and integrity of the message. If the verification is successful, the signature is valid, and the message hasn't been tampered with.

Ed25519 has gained significant adoption in various domains, including cryptography libraries, protocols, and applications. It is commonly used for secure communications, digital signatures, key exchange, and other cryptographic operations. Many popular libraries and frameworks, such as OpenSSL, libsodium, and GnuPG, support Ed25519.

Ed25519 offers advantages over older signature algorithms like RSA and DSA. It has shorter key lengths, making it more efficient in terms of computation and storage. Additionally, Ed25519 is resistant to many types of attacks, including those based on side-channel information leakage.

Ed25519 has been widely recognised as a reliable and secure signature algorithm and has found extensive use in various cryptographic applications due to its performance and security characteristics.

To generate an Ed25519 key pair on macOS for logging into my Linux server, I followed these steps:

  1. Open the Terminal application on macOS.
  2. The ssh-keygen command generates the Ed25519 key pair. In the Terminal, type the following command:ssh-keygen -t ed25519 -f linux_server_key
  3. This command generates a new Ed25519 key pair with the specified filename (linux_server_key in this example).
  4. You will be prompted to provide a passphrase for the key pair. I recommend entering a strong passphrase to protect your private key. Press Enter if you want to leave it empty (not recommended).
  5. Two files will be generated in the current directory: linux_server_key (private key) and linux_server_key.pub (public key).
  6. Copy the public key to your Linux server. I used the ssh-copy-id command to copy the public key to the server. In the Terminal, type the following command:ssh-copy-id -i linux_server_key.pub username@server_ip
  7. Replace username with your username on the Linux server and server_ip with the IP address or hostname of the Linux server. This command will copy the public key to the appropriate location on the server and enable key-based authentication.
  8. If the ssh-copy-id command is not available on your macOS, you can manually copy the contents of the linux_server_key.pub file and append it to the ~/.ssh/authorized_keys file on the Linux server.
  9. Once the public key is copied, you can use SSH to log in to the Linux server using your private key. In the Terminal, type the following command: ssh -i linux_server_key username@server_ip
  10. Replace username with your username on the Linux server and server_ip with the IP address or hostname of the Linux server. This command will use the specified private key for authentication when connecting to the server.
  11. If you set a passphrase for the private key, you will be prompted to enter it before establishing the SSH connection.

That's it! You have now generated an Ed25519 key pair on macOS and configured it to log into a Linux server using SSH.