openpress

OpenPress - High-Performance WordPress WebServer

A super fast, secure, and scalable web server setup for WordPress with built-in WAF, DDoS protection, and automatic HTTPS.

⚠️ Early Development Notice: This project is in early development and has undergone limited testing. While designed with security and performance in mind, it should be thoroughly tested in your specific environment before production deployment. Use at your own discretion and consider additional security measures for production workloads.

Features

Quick Start

  1. Clone and configure: 
    git clone <repository>
cd openpress
  2. Configure your domain: Edit docker-compose.yml and replace:
    • yourdomain.com with your actual domain
    • admin@yourdomain.com with your email
  3. Start the services: 
    docker-compose up -d
  4. Install WordPress:
    • Access your domain
    • Follow the WordPress installation wizard
    • Database credentials are pre-configured in docker-compose.yml

Configuration

Environment Variables

Set these in your docker-compose.yml:

SSL Certificates

Security Features

WAF (Web Application Firewall)

DDoS Protection

Performance Optimizations

File Structure

openpress/
β”œβ”€β”€ Dockerfile              # Main container configuration
β”œβ”€β”€ docker-compose.yml      # Service orchestration
β”œβ”€β”€ nginx/                  # Nginx configuration
β”‚   β”œβ”€β”€ nginx.conf         # Main nginx config
β”‚   β”œβ”€β”€ sites-available/   # Site configurations
β”‚   └── sites-enabled/     # Enabled sites
β”œβ”€β”€ modsecurity/           # WAF configuration
β”‚   β”œβ”€β”€ modsecurity.conf   # Main ModSecurity config
β”‚   └── crs-setup.conf     # OWASP CRS setup
β”œβ”€β”€ fail2ban/              # DDoS protection
β”‚   β”œβ”€β”€ jail.local         # Fail2Ban jails
β”‚   └── filter.d/          # Custom filters
β”œβ”€β”€ scripts/               # Automation scripts
β”‚   β”œβ”€β”€ start.sh          # Container startup script
β”‚   β”œβ”€β”€ renew-ssl.sh      # SSL renewal script
β”‚   └── cron-ssl-renewal  # Cron configuration
β”œβ”€β”€ wordpress/             # WordPress files (mounted)
β”œβ”€β”€ logs/                  # Log files (mounted)
└── ssl/                   # SSL certificates (mounted)

Monitoring

Health Checks

Logs

Security Best Practices

  1. Keep Updated: Regularly update Docker images
  2. Monitor Logs: Check logs regularly for suspicious activity
  3. Firewall: Configure host firewall to only allow necessary ports
  4. Backups: Regular WordPress database and file backups
  5. SSL: Monitor certificate expiry and renewal

Troubleshooting

Common Issues

  1. SSL Certificate Issues
    • Check domain DNS configuration
    • Verify email address is valid
    • Check Let’s Encrypt rate limits
  2. Performance Issues
    • Monitor resource usage
    • Adjust rate limiting if too restrictive
    • Check PHP-FPM configuration
  3. WordPress Issues
    • Verify database connection
    • Check file permissions
    • Review PHP error logs

Logs and Debugging

# View container logs
docker-compose logs

# View specific service logs
docker-compose logs webserver

# Access container shell
docker-compose exec webserver sh

Contributing

  1. Fork the repository
  2. Create a feature branch
  3. Make your changes
  4. Test thoroughly
  5. Submit a pull request

License

This project is licensed under the MIT License - see the LICENSE file for details.

Created by: Chris Bunting

Support

For issues and questions: