• Stars
    star
    624
  • Rank 71,995 (Top 2 %)
  • Language
    Shell
  • License
    GNU General Publi...
  • Created about 7 years ago
  • Updated 5 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Lightning-fast WordPress on Nginx

SlickStack (Beta)

SlickStack is a free LEMP stack automation script written in Bash designed to enhance and simplify WordPress provisioning, performance, and security.

Thank you to our sponsors!

backamblock, yamanmucahit, maxalerator, konkova, HDBear, Politicalite, liwernyap, vivdev, hamzah, gingibash, damiafaw, trevplaig, hargums, volneanschi, OSO Electric Equipment, vladbejenaru

Become a sponsor and receive access to our private Discord server and changelog on the #announce channel. Your donations and public display of support for SlickStack are what keep this project going. Thank you very much!

Core Modules

Last updated: Jun 01, 2023

Module Mirrors Version What does SlickStack optimize?
Ubuntu LTS mirrors 22.04 crontab + gai.conf + sshd_config + sudoers + sysctl.conf
Nginx mirrors 1.18.x nginx.conf + server blocks
OpenSSL mirrors 3.0.x slickstack.crt + slickstack.key + dhparam.pem
Lets Encrypt mirrors 1.21.x cert.perm + chain.pem + fullchain.pem + privkey.pem
MySQL mirrors 8.0.x my.cnf
PHP-FPM mirrors 8.1.x php.ini + php-fpm.conf + www.conf
Memcached mirrors 1.6.x memcached.conf + object-cache.php
WordPress mirrors 6.2.x some WP Core junk files are removed by ss-clean
WP-CLI mirrors 2.8.x some commands are disabled
Adminer mirrors 4.8.1 default config
Git mirrors 2.34.x default config
UFW Firewall mirrors 0.36.x ufw + ufw.conf + user-rules

Abstract [read more]

Most of modern computing history can be traced back to one thing: Unix. Indeed, one of the only things about web servers that hasn't changed much in several decades is the Unix shell (Bash) command language. Keeping the same pragmatism and simplicity in mind that inspired LittleBizzy's managed hosting, SlickStack [ss] is coded entirely in Bash.

While there are clear benefits to programming languages like Python or Ruby, provisioning a server with WordPress isn't very complicated, and every Linux machine comes with Bash built into it. Plus, let's not forget what happens when typical web agencies rely on advanced dependencies like Ansible... yikes! Onward, then...

Requirements (Compatibility) [read more]

NOTE: SlickStack [ss] will never support installing multiple TLD domains on a single server. This is to ensure top speed, stability, and security (i.e. technical SEO). We will also never include any type of UI interface, to allow third party applications to integrate SlickStack [ss] with management tools as they best see fit.

SlickStack [ss] works best on cloud servers with KVM virtualization that have at least 2GB RAM from quality network providers such as DigitalOcean, Vultr, Hostwinds, and AWS Lightsail. The underlying LEMP stack configuration is meant primarily for high-traffic single-site WordPress installations, although support for Multisite installations is being planned. SlickStack [ss] supports WordPress, WooCommerce, bbPress, and BuddyPress "out of the box" with optimized settings that scale -- what this means is that you can upgrade your cloud server to a bigger or better instance, and run ss-install again, and most settings will (re)optimize themselves.

Currently, SlickStack [ss] is meant for a single origin server with a single 127.0.0.1 database, although remote databases should also work fine. Server "clustering" or "load balancing" has not been tested, and is not the goal here; complex enterprise-style configurations for WordPress are rarely needed (and can be expensive and difficult to manage), thus SlickStack [ss] aims to to provide a simple solution for the 99% of WordPress sites that don't need such complexity.

It should also be noted that SlickStack [ss] is HTTPS-only, and that HSTS is enabled by default, meaning that HTTP sites are not supported. Because OpenSSL generates self-signed certificates, SlickStack [ss] servers require CloudFlare to be active in front of your server in order for SSL certificates to be properly CA-signed and loaded by your browser, at least until the first ss-install has been completed (after that, you can switch to Certbot / Let's Encrypt).

Installation [read more]

Because it’s written purely in Bash (Unix shell), SlickStack [ss] has no dependencies and works on any Ubuntu Linux machine. Unlike heavier provisioning tools like EasyEngine or Ansible, there are no third party languages required such as Python or Docker, meaning a lighter and simpler approach to launching WordPress servers.

The below installation steps assume that you've already spun up a dedicated Ubuntu Linux VPS server (KVM) with at least 2GB RAM memory and that you are now logged in via SSH:

cd /tmp/ && wget -O ss slick.fyi && bash ss

NOTE: SlickStack [ss] requires CloudFlare to be activated on your domain before SSL (HTTPS) will be recognized as a fully secure and CA-signed domain, because of its self-signed OpenSSL certificate.

From this point forward, you can manage your SlickStack [ss] server by simply using the sudo bash command on any one of the included ss scripts located within the /var/www/ directory, as needed. However, in most cases there shouldn't be any need for much hands-on management as the server will intelligently run various cron jobs which connect to this GitHub repo (or whichever fork of this repo that your team has setup... be sure to modify all wget sources).

You can safely re-install SlickStack [ss] anytime via sudo bash /var/www/ss-install without causing any conflicts or data loss since the installation process is completely idempotent.

Philosophy

Outside of the so-called Application Layer, so much of the way computers and servers now work has been moved away from in-house teams and specialists and onto "the cloud" that terms like DevOps have become standard among recruiters, companies, and developers alike. Modern web development trends have begun to revolve entirely around concepts such as automation, APIs, cloud services, and beyond β€” a phenomenon we might refer to as Web 3.0.

While this shift is exciting, there is now a massive and growing disconnect between these emerging technologies and the humans that are expected to implement or benefit from them. Typical small business owners (SMBs), along with independent agencies or freelancers, now face a virtually impossible learning curve if they wish to maintain a competitive "webdev" edge, let alone keep up with basic standards in website performance and security.

While Silicon Valley "gurus" and corporations pump out new SaaS services (or incredibly complex Configuration Management tools like Ansible) on a daily basis, the typical small business website is still trying to figure out how to make their contact forms work correctly. The "legacy" shared web hosting monopolies β€” think EIG or GoDaddy β€” also have little motivation to education their audience, as perpetuating confusion seems to be a core pillar of their business model.

Thus, before the likes of Google and Amazon and Shopify and Wix take over the entire web and turn it into Wall Street-backed website builders that feed into their private ecosystems, SlickStack hopes to bridge the knowledge gap between emerging technology and old-school web development to empower SMBs to achieve top notch website performance and security by offering a "controlled" LEMP-stack environment with limited options that is perfectly suited to the world's most popular open-source CMS: WordPress.

More Repositories

1

speed-demon

Performance hacks for WordPress
PHP
59
star
2

force-https

HTTPS enforcement for WordPress
PHP
26
star
3

hovercraft

No maintenance WordPress theme
PHP
26
star
4

dashboard-cleanup

Cleans up the WP Admin backend by disabling various core WP and WC bloat features including Automattic spam, nag notices, tracking, and other items.
22
star
5

disable-cart-fragments

Completely disables the AJAX cart fragments feature in WooCommerce for a huge boost in loading speed (redirect to cart page highly recommended).
20
star
6

seo-genius

Lightweight WordPress SEO plugin
Hack
17
star
7

index-autoload

Adds an index to the autoload in wp_options table and verifies it exists on a daily basis (using WP Cron), resulting in a more efficient database.
17
star
8

autoloader

Enables standard WordPress plugins contained in a folder to be placed in the mu-plugins directory and loaded prior to others (forked from Bedrock).
PHP
16
star
9

wplite

WordPress boilerplate focused on speed, security, and lightweight code that includes several Must Use plugins and also supports Composer (Packagist).
15
star
10

clear-caches

Purge all of the WordPress caches
PHP
15
star
11

plugin-boilerplate

PHP boilerplate used in all WordPress plugins released by LittleBizzy that supports automatic updates for both public and private GitHub repos.
PHP
14
star
12

cloudflare

Easily manage CloudFlare's free features including purge proxy cache (CDN) and enable dev mode, with Dashboard widgets for DNS Records and Analytics.
13
star
13

security-guard

Super easy security for WordPress
10
star
14

inline-styles

Automagically loads styles from your active theme and plugins in the site-wide head of your site as internal (embedded) CSS for faster page render.
9
star
15

export-database

Quickly and easily export your WordPress database with a single click for the purposes of migration, testing, or backup (in either SQL or ZIP format).
8
star
16

server-status

Useful statistics about the server OS, CPU, RAM, load average, memory usage, IP address, hostname, timezone, disk space, PHP, MySQL, caches, etc.
8
star
17

plugin-blacklist

Allows web hosts, agencies, or other WordPress site managers to disallow a custom list of plugins from being activated for security or other reasons.
7
star
18

disable-xml-rpc

Completely disables all XML-RPC related functions in WordPress including pingbacks and trackbacks, and helps prevent attacks on the xmlrpc.php file.
7
star
19

minify-html

Tactfully minifies HTML output and markup to remove line breaks, whitespace, comments, and other code bloat to cleanup source code and improve speed.
6
star
20

404-to-homepage

Redirects all 404 (Not Found) errors to the homepage for a better user experience, less abuse from bots, and 100% elimination of Google GSC warnings.
6
star
21

sftp-details

Displays a small Dashboard widget to remind logged-in Admin users of their server SFTP login information for easy reference (uses defined constants).
6
star
22

disable-embeds

Disables both external and internal embedding functions to avoid slow page render, instability and SEO issues, and to improve overall loading speed.
6
star
23

disable-customizer

Completely disables the Customizer in WP Admin for websites using custom themes or that otherwise wish to hide that submenu from all WordPress users.
6
star
24

download-theme

Quickly and easily download a ZIP file of any theme currently installed on your WordPress website without requiring SFTP info or fancy dependencies.
5
star
25

great-migration

Offers the easiest way to migrate an entire WordPress site (themes, plugins, media, and database) with a single click using the standard ZIP format.
5
star
26

disable-admin-ajax

Completely disables frontend access to admin-ajax.php regardless of Heartbeat settings, to avoid unwanted AJAX calls and vastly improve performance.
5
star
27

duplicate-post

Easily duplicate (clone) any post, custom post, or page which are then saved in Draft mode, saving you tons of time and headache (no settings page).
5
star
28

disable-woocommerce-status

Completely disables the WooCommerce Status widget in the WP Admin dashboard to greatly improve backend performance on shops with large inventories.
5
star
29

custom-functions

Enables the ability to input custom WordPress functions such as filters in a centralized place to avoid the dependence on a theme functions.php file.
5
star
30

object-cache

Drop-in persistent object cache for WordPress based on Redis in-memory storage that supports Predis, clusters, and WP-CLI (forked from PressJitsu).
PHP
5
star
31

disable-gutenberg

Completely disables the Gutenberg block editor and enables the classic WordPress post editor (TinyMCE aka WYSIWYG) for lighter coding and simplicity.
5
star
32

header-cleanup

Cleans up most of the unnecessary junk meta included by default in the WordPress header including generator, RSD, shortlink, previous and next, etc.
5
star
33

xml-sitemap

Generates a complete XML sitemap for WordPress or WooCommerce including posts, custom posts, pages, products, etc for better search engine indexing.
4
star
34

dns-prefetch

Enables a centralized settings page for DNS prefetching to be customized while removing any pre-existing DNS prefetch code added by WordPress themes.
4
star
35

disable-author-pages

Disables author pages and links
PHP
4
star
36

force-strong-hashing

Forces all user passwords generated by WordPress to be hashed using Bcrypt, the most secure and popular PHP hashing algorithm currently available.
4
star
37

disable-search

Completely disables the built-in WordPress search function to prevent snoopers or bots from querying your database or slowing down your website.
4
star
38

disable-dashicons

Easily remove the bloated Dashicons CSS assets and related icons from loading on both the frontend and backend for a cleaner and faster WordPress.
4
star
39

disable-feeds

Completely disables all RSS, Atom, and RDF feeds generated by WordPress to simplify code and avoid aggregate indexing of feed data across the web.
4
star
40

download-media

Quickly and easily download a raw file of any media currently uploaded on your WordPress website without requiring SFTP info or fancy dependencies.
3
star
41

disable-emojis

Completely disables both the old and new versions of WordPress emojis, removes the corresponding javascript calls, and improves page loading times.
3
star
42

download-plugin

Quickly and easily download a ZIP file of any plugin currently installed on your WordPress website without requiring SFTP info or fancy dependencies.
3
star
43

restrict-profile-changes

3
star
44

remove-category-base

Removes and 301s category base
PHP
3
star
45

disable-image-compression

Disables all JPEG compression
PHP
3
star
46

delete-expired-transients

Deletes all expired transients upon activation and on a daily basis thereafter via WP-Cron to maintain a cleaner database and improve performance.
3
star
47

statcounter

Optimized StatCounter tracking
PHP
3
star
48

disable-woocommerce-styles

Completely disables all of the CSS stylesheets that are loaded by WooCommerce in order that styling can be better managed by a single style.css file.
3
star
49

remove-query-strings

Removes all query strings from static resources meaning that proxy servers and beyond can better cache your site content (plus, better SEO scores).
3
star
50

disable-media-uploads

Prevents user levels from uploading media files within the Media menu in WP Admin and also via Posts, Pages, or otherwise (for staging sites, etc).
3
star
51

repo-man

Adds GitHub search for WordPress plugins and themes to avoid WordPress.org lock-in, and supports one-click installation and automatic plugin updates.
3
star
52

mirrors

Collection of custom scripts and configs for LEMP server management released and maintained by LittleBizzy, the best managed WordPress hosting in the world.
Shell
3
star
53

metadata

Complete solution for WordPress metadata and meta tags, including custom title tags and meta descriptions, for massive SEO and usability benefits.
3
star
54

disable-pinging

Completely disables the Update Services feature in WordPress to stop the pinging of third party services (an outdated technology) and reduce bloat.
3
star
55

disable-post-via-email

Completely disables and hides the Post Via Email feature included in WordPress core for stronger security and to simplify the backend settings page.
3
star
56

disable-jquery-migrate

Easily prevent the jQuery migrate script that is included with WordPress core from being loaded to slim down source code (for advanced users only).
2
star
57

restrict-usernames

Stops new WordPress users from registering accounts or posting comments with existing usernames, undesirable usernames, or custom defined usernames.
2
star
58

delete-old-revisions

Limits the number of post revisions saved to your WordPress database and automatically deletes older revisions and auto-drafts via WP Cron each day.
2
star
59

multisite-billing-manager

Billing for Multisite networks
PHP
2
star
60

disable-archives

Completely disables the date-based archives (year, month, day) generated by WordPress for a cleaner frontend and to avoid duplicate content issues.
2
star
61

disable-empty-trash

Stops WordPress emptying trash
PHP
2
star
62

anonymous-bbpress

Anonymous bbPress guest posting
PHP
2
star
63

block-referrer-spam

Easily block referral traffic from specified domains or URLs who are low quality visitors or who you otherwise wish to not show up in your analytics.
2
star
64

limit-heartbeat

Limits the Heartbeat API in WordPress to certain areas of the site (and a longer pulse interval) to reduce AJAX queries and improve resource usage.
2
star
65

throwaway-theme

A throwaway default theme created for SlickStack servers to delete WP Core junk and prepare cleaner WordPress installations (inspired by iThemes).
PHP
2
star
66

stage-director

The easiest way to safely pull your entire WordPress production site over to a temporary staging server without ever leaving the WP Admin dashboard.
2
star
67

clicky-analytics

Inserts Clicky Analytics code just above the closing body tag to ensure fastest performance possible and to avoid conflicting with any other scripts.
2
star
68

view-defined-constants

Displays all defined constants found by PHP (and WordPress) using a simple print method that can be easily accessed under the Tools menu in WP Admin.
2
star
69

disable-email

Completely disables all email sending functions in WordPress, including messages sent by email APIs (but only compatible with our sister plugins).
2
star
70

disable-thumbnail-regeneration

Disables the default image meta and thumbnail regeneration functions that occur in WooCommerce Core to improve performance and retain better control.
PHP
2
star
71

disable-comments

Quickly disables commenting functions site-wide without altering your database or post settings (useful during site migrations, maintenance, etc).
2
star
72

google-analytics

Inserts Google Analytics code just above the closing body tag to ensure fastest performance possible and to avoid conflicting with any other scripts.
2
star
73

.github

1
star
74

redirect-attachment-pages

Redirect attachment page URLs
PHP
1
star
75

shortcode-manager

Allows you to centrally manage custom shortcodes for cleaner and easier web development, along with a few popular pre-coded shortcuts for widgets and more.
1
star
76

noindex-manager

Noindex thin WordPress content
PHP
1
star
77

check-email

1
star
78

enable-subtitles

Creates a new the_subtitle function for use in WordPress posts and pages, such as for H2 subtitles, that can be used in template files or shortcodes.
1
star
79

convert-database-tables

1
star
80

virtual-adstxt

1
star
81

login-redirect

1
star
82

maintenance-mode

Minimalistic plugin with a simple one-click on/off switch and zero settings to worry about, featuring default WordPress styling without any images.
1
star
83

taxonomies-widget

1
star
84

contact-details

Contact information shortcodes
PHP
1
star
85

superuser

Continually ensures that a superuser exists in the WordPress database for customer support reasons or to assist with emergency user login recovery.
1
star
86

301-redirects

Easily manage all of your 301 redirects in one place to vastly improve SEO and usability, while avoiding messy solutions like htaccess rules, etc.
1
star
87

codeguard

Intuitive and lightweight interface for CodeGuard that supports on-demand site backups and restores, with zero local storage and remote SSH support.
1
star
88

sendgrid

1
star
89

facebook-pixel

Inserts the Facebook Pixel site-wide just above the closing body tag to ensure fastest performance and to avoid conflicting with any other scripts.
1
star
90

hovercraft-child

HoverCraft child theme example
PHP
1
star
91

genghis-khan

An intuitive suite of tweaks and tools for WordPress that allow you to penetrate the Great Firewall Of China and appease the communist overlords.
1
star
92

manifest-destiny

PHP
1
star
93

email-log

Creates an easily accessible log of all emails generated and sent via WordPress (but not PHP), including email APIs (if used with our sister plugins).
1
star
94

stackpath

1
star
95

force-full-names

Forces all frontend and backend display names to show both a first and last name, and disables display name and nickname fields, to reduce confusion.
1
star
96

mailgun

1
star
97

material-icons

Rapidly loads the latest Material Icons version using a single CSS file hosted by Google with no JS whatsoever, and disables any other MI functions.
1
star
98

latin-slugs

Forces permalinks (posts, pages, etc) and other slugs (filenames, etc) to be transliterated to their Latin equivalent for better SEO and readability.
1
star
99

virtual-robotstxt

Replaces the default virtual robots.txt generated by WordPress with an editable one, and deletes any physical robots.txt file that may already exist.
1
star
100

direct-checkout

Enables a direct checkout capability for WooCommerce so that your visitors can skip the shopping cart, meaning less clicks and higher conversions.
1
star