-

July 24, 2025

Guide To Deploying Next.js to Cloudways with GitHub Actions

In modern web development, speed and reliability are paramount. Manually deploying a Next.js application, especially one optimized for SEO, can be a tedious and error-prone process. The ideal solution is an automated “push-to-deploy” system where your application updates itself every time you push code to your repository.This guide provides a comprehensive walkthrough on how to create a powerful, automated CI/CD pipeline. We will leverage the strengths of Next.js for building high-performance, SEO-friendly applications, the simplicity and power of Cloudways managed hosting, and the flexibility of GitHub Actions to tie it all together. By the end of this article, you will have a production-ready workflow that deploys your Next.js project to Cloudways automatically and securely. Interactive Guide: Deploying Next.js to Cloudways with GitHub Actions

HostingXP.com View on GitHub

Cloudways + Next.js + GitHub Actions

A Comprehensive Guide to Deploying a Next.js Application on Cloudways with GitHub Actions

From code commit to live production, master the art of automated deployments. This guide details a powerful CI/CD pipeline integrating Next.js, Cloudways, and GitHub Actions for a seamless "Git push to deploy" experience.

Strategic Overview

The Modern Web Deployment Triad

The successful deployment of modern web applications hinges on a robust and efficient architecture. This report details a powerful deployment strategy that integrates three core components: Next.js, a leading React framework; Cloudways, a managed cloud hosting platform; and GitHub Actions, a flexible CI/CD engine. This combination provides development velocity, hosting stability, and deployment reliability.

The "Git Push to Deploy" Workflow

1. Git Push

Developer commits code to `main` branch.

→

2. Build & Test

GitHub Actions builds the Next.js app.

→

3. Secure Transfer

`rsync` build artifacts to server via SSH.

→

4. Deploy & Restart

PM2 restarts the app with zero downtime.

Preparing the Next.js App

The 'Standalone' Output: A Critical Optimization

For self-hosted environments like Cloudways, the single most important optimization is to configure the Next.js build to produce a standalone output. This drastically reduces the size of the deployment artifact.

// next.config.js
/** @type {import('next').NextConfig} */
const nextConfig = {
  output: 'standalone',
};

module.exports = nextConfig;

Build Output Comparison

Default Build

~250MB+

Includes ALL dependencies from `node_modules`, including `devDependencies`.

'Standalone' Build

~25MB

Traces and includes ONLY production dependencies. Lean and fast.

Final Build Step: Including Static Assets

To ensure all necessary assets are part of the final build artifact, the `build` script in `package.json` should be modified to copy the `public` and `.next/static` directories.

{
  "scripts": {
    "build": "next build && cp -r public .next/standalone/ && cp -r .next/static .next/standalone/.next/"
  }
}

Provisioning the Cloudways Server

Launch a new server using the "Custom App" option. This provides a clean environment ideal for Node.js. Once active, connect via SSH and install Node.js and the PM2 process manager.

# Install Node.js (e.g., version 18.x)
curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
sudo apt-get install -y nodejs

# Install the PM2 process manager globally
sudo npm install pm2@latest -g

Architecting Secure Access

Principle of Least Privilege

For CI/CD automation, never use Master credentials. Always create a dedicated, restricted SFTP/SSH user for each application to limit potential security risks.

Credential Security Model

RISKY

Master Credentials

✗ Grants access to ALL applications on the server.
✗ A single key compromise affects the entire server.
✗ Violates principle of least privilege.

SECURE

Dedicated App User

✓ Access is restricted to a single application.
✓ A key compromise is contained and limited.
✓ Follows security best practices.

Storing Credentials in GitHub Secrets

All sensitive credentials must be stored as encrypted secrets in GitHub. They should never be hardcoded into the workflow file.

Secret Name	Value Source from Cloudways
`CW_HOST`	Server's Public IP
`CW_USER`	Dedicated deployment username (e.g., `deployer`)
`CW_SSH_PRIVATE_KEY`	Content of the private key file (`deploy_key`)
`CW_TARGET_PATH`	Full path to the application directory

Constructing the GitHub Actions Workflow

The workflow file, `deploy.yml`, defines the entire CI/CD pipeline. It is triggered on a push to the `main` branch, checks out the code, sets up Node.js, builds the application, and finally deploys it.

name: Deploy Next.js to Cloudways

on:
  push:
    branches:
      - main

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '18'
          cache: 'npm'

      - name: Install dependencies & Build
        run: |
          npm ci
          npm run build

      - name: Deploy to Cloudways
        uses: easingthemes/ssh-deploy@main
        env:
          SSH_PRIVATE_KEY: ${{ secrets.CW_SSH_PRIVATE_KEY }}
          REMOTE_HOST: ${{ secrets.CW_HOST }}
          REMOTE_USER: ${{ secrets.CW_USER }}
          REMOTE_PORT: ${{ secrets.CW_PORT }}
          SOURCE: ".next/standalone/"
          TARGET: ${{ secrets.CW_TARGET_PATH }}
          SCRIPT_AFTER: |
            echo "Deployment successful. Running post-deployment script..."
            cd ${{ secrets.CW_TARGET_PATH }}
            npm install --production
            # The following line is corrected to prevent syntax errors.
            # It now correctly uses '||' to fall back to 'pm2 start' if 'pm2 reload' fails.
            pm2 reload my-nextjs-app || pm2 start server.js --name my-nextjs-app
            pm2 save
            echo "Deployment complete."

PM2 Command Cheatsheet

PM2 is a powerful process manager for Node.js. Here are the key commands used in a CI/CD context and for debugging.

Command	Purpose in Workflow
`pm2 reload <name>`	Performs a zero-downtime reload. The primary command for updates.
`pm2 start`	Starts a new process. Used as a fallback for the initial deployment.
`pm2 save`	Essential for production. Saves the process list to restore on server reboot.
`pm2 logs <name>`	Crucial for debugging. Displays real-time application logs on the server.
`pm2 monit`	Displays a real-time dashboard of CPU and Memory usage.

Interactive Troubleshooting

Deployment pipelines can sometimes fail. Click on a common error below to see the likely causes and solutions.

Error: "Permission denied (publickey)"

Cause: This indicates an SSH authentication failure. The `CW_SSH_PRIVATE_KEY` secret in GitHub may be incorrect, the public key may not be on Cloudways, or server file permissions are wrong.

Solution: Carefully verify the private key is correctly copied into the GitHub secret. Confirm the public key is associated with the correct application user on Cloudways. Test the connection manually from your local machine to isolate the issue.

Error: "Connection timed out"

Cause: The runner cannot connect to the server. This is likely an incorrect server IP (`CW_HOST`) or a firewall rule on Cloudways blocking the GitHub Actions runner's IP.

Solution: Double-check the `CW_HOST` and `CW_PORT` secrets. Check the firewall settings in your Cloudways panel under **Security → Shell Access**.

GitHub Action Fails on `npm install` or `npm run build`

Cause: A common cause is a mismatch between the Node.js version in the GitHub Actions runner and the version your project requires.

Solution: Ensure the `node-version` in the `actions/setup-node` step of your workflow matches your project's requirement (e.g., from `.nvmrc` or `package.json`). Use `npm ci` for more reliable builds in CI environments.

PM2 Process Fails to Start or Enters a Crash Loop

Cause: This is an application-level issue, not a deployment issue. It's typically an error in your code, a missing environment variable on the server, or an incorrect start command.

Solution: SSH into the Cloudways server and use `pm2 logs my-nextjs-app` to view the real-time error logs. The logs will reveal the specific runtime error causing the crash.

HTTP/3 Hosting Support Checker Tool – Live QUIC Speed Test

Hosting

HostingXP Staff Writer

-

July 10, 2025

0

HTTP/3 Hosting Support Checker Tool – Live QUIC Speed Test

HTTP/3 is marketed as the next big leap in page-load speed, but hosts rarely show hard numbers—and some still fall back to HTTP/2 without telling you. QUIC Compare cuts through the noise: plug in any URL (or test our preset WordPress sites on Bluehost, HostGator, Hostinger, and Cloudways) and the tool runs paired Lighthouse tests—one with QUIC enabled, one with it disabled.In seconds you get side-by-side metrics for TTFB, LCP, INP, and CLS, plus a verdict badge that shows whether QUIC actually delivers on its promise. Fast, transparent, and screenshot-ready, it’s the easiest way to verify which host really gives you that extra performance edge.

5 Cheapest Ways to Host a Photo-Album Website in 2025 Guide

Hosting

HostingXP Staff Writer

-

July 9, 2025

0

5 Cheapest Ways to Host a Photo-Album Website in 2025 Guide

Affordable Photo Album Hosting (July 2025)

The Savvy Photographer's Guide

Affordable Photo Hosting in 2025

A rundown of the most cost-effective ways to host your online photo album.

Quick Decision Guide

Scenario	Monthly Cost*	What You Manage	When It Shines	Gotchas
Pure-static (Jamstack)	$0	Image optimization, code	Portfolios, family albums	No upload UI, manual rebuilds
Static + Object Storage	$1–5	Same as above + storage bucket	Large libraries, keeping originals	Pay-per-GB traffic costs can spike
Self-Hosted Gallery (VPS)	$4–8	Server, backups, updates, security	Full features (tags, users) on a budget	Requires technical skill, 1GB+ RAM
Managed Open Source	$7–19	Nothing (host handles it)	Open-source flexibility, no ops	Storage caps before price jumps
Photo-centric SaaS	$10–30	Zero (just upload)	Unlimited storage, selling prints	Platform lock-in, rising prices

*Rough list prices, paid monthly. Annual pre-pay is usually ~20–30% cheaper.

Monthly Cost Comparison (USD)

1. Totally-Free Jamstack

Generate a static site and host it for free. Maximum control for zero cost, if you're comfortable with code.

Best For: DIYers, slow-growing family albums, portfolios.

Providers: GitHub Pages, Cloudflare Pages, Netlify.

$0 / month

2. Static Site + Object Storage

Offload large original photos to an affordable storage bucket. Here's how providers compare for 100GB/month.

$1-5 / month

3. Self-Hosted Open Source

Run powerful gallery software on your own cheap virtual server for ultimate customization.

Best For: Those wanting albums, tags, search, and user logins on a budget.

Software: Piwigo, Lychee, PhotoPrism.

$4-8 / month

4. Managed Open Source

Get all the features of software like Piwigo, but without the headache of managing the server yourself.

Best For: Disliking server maintenance but wanting open-source flexibility.

Providers: Piwigo.com

$7-19 / month

5. Full-Service SaaS

The "hands-off" option. Just upload your photos and let the platform handle everything else, from storage to sales.

Best For: Pro photographers, selling prints, password-protected galleries.

Providers: SmugMug, Flickr Pro.

$10-30 / month

Cost-Cutting Tips

Save money regardless of the platform you choose with these best practices.

Convert thumbnails to modern formats like WebP/AVIF.
Lazy-load below-the-fold images.
Resize images on the server to save bandwidth.
Offload old originals to cold storage (e.g., Glacier).
Automate backups to a separate provider.

Hosting.com’s Quiet Managed VPS Clamp-Down – Restrictions

Hosting

HostingXP Staff Writer

-

July 9, 2025

0

Hosting.com’s Quiet Managed VPS Clamp-Down – Restrictions

Hosting.com’s post-merger limits created a vacuum. Traffic-rich sites that depended on root access and broad PHP customisation are scrambling for answers—yet no single article maps price + performance + location in one place. That were we come in to help you offer alternatives.Hosting.com's Managed VPS Clamp-Down: An Infographic

The Great VPS Clamp-Down

What happened after the A2 Hosting merger with Hosting.com, and how to escape.

Your Managed VPS Just Got Downgraded

When A2 Hosting became Hosting.com, they promised a better experience. Instead, power users lost the critical features they relied on, with no warning.

NO

Root Access

The single most impactful change. You are now a jailed user, unable to install agents, tweak services, or harden your OS.

48

Hour Support SLA

Need a simple `sudo` command run? Reports indicate a 2-day turnaround, making urgent fixes impossible.

Backup History Slashed

Your safety net is gone. Softaculous rotations were cut from user-defined to just 3 copies, drastically reducing your rollback history.

7822 → 22

Locked SSH Port

You can no longer hide SSH on an alternate port, exposing your server to a much larger automated attack surface.

New Relic

Observability Blackout

Despite their KB, support now refuses to install monitoring agents. You can't see what's happening on your own server.

⚙️

"One-Size-Fits-All" PHP

Custom `php.ini` overrides are gone. All your apps share the same conservative defaults, killing performance on busy sites.

The Escape Routes: Regain Your Freedom

Hosting.com's advice is to switch to their "Unmanaged" plan, but true managed providers still offer root access. Here’s how they stack up.

Provider	Root on Managed?	Key Perks
Hosting.com (New)	No	Faster infrastructure (as claimed).
ScalaHosting	Optional	SPanel, NVMe storage, free daily backups.
KnownHost	Yes	cPanel/WHM or DirectAdmin bundles, 2x daily backups.
Liquid Web	Yes	InterWorx/cPanel choice, 100% uptime SLA.

VPS Provider Cheat Sheet: Managed with Root Access

Below is a quick-scan “cheat sheet” that readers on Reddit (and your blog) are likely to hunt for when they realise Hosting.com’s Managed VPS no longer fits their needs. I focused on plans that still give root access (or equivalent) and have public pricing as of July 2025.

Provider & Entry Plan	Price / Mo	Key Performance Spec†	Root?	Data-centre Options (High-Level)
ScalaHosting – Build #1	$19.95 intro, $24.95 renew	Custom-build RAM/CPU (+ NVMe). Servers run up to 4.1 GHz and 10 Gbps network	Yes	13 sites on 4 continents incl. Dallas, New York, Sofia, Amsterdam, Tokyo, Mumbai, Sydney …
KnownHost – Basic Managed VPS	$43.25	4 vCPU ▸ 6 GB RAM ▸ 100 GB NVMe ▸ 3 TB bandwidth	Yes	Atlanta (US-E), Seattle (US-W), Amsterdam (EU)
Liquid Web – General Ubuntu VPS	$17	2 vCPU ▸ 4 GB RAM ▸ 80 GB SSD ▸ 3 TB bw (100 % uptime SLA)	Yes	Lansing (MI), Phoenix (AZ), Ashburn (VA), San Jose (CA), Amsterdam (EU)
BigScoots – Pure SSD VPS 1	$54.95	2 dedicated cores ▸ 2.5 GB RAM ▸ 25 GB SSD (RAID-10) ▸ 1.5 TB bw	Yes	Own gear in Tier III+ Chicago carrier-hotel facility
Cloudways – Vultr High-Freq 1 GB	$13	1 vCPU @ 3 GHz+ ▸ 1 GB RAM ▸ 32 GB NVMe ▸ 1 TB bw	Limited	32 + Vultr POPs worldwide (NYC, LA, London, Frankfurt, Singapore, Tokyo, Sydney …)
DigitalOcean – Basic Droplet 1 GB	$6	1 vCPU ▸ 1 GB RAM ▸ 25 GB NVMe ▸ 1 TB bw (unmanaged)	Yes	13 DCs in 9 regions (NYC, SFO, Toronto, London, Frankfurt, Amsterdam, Bangalore, Singapore, Sydney, ATL1, etc.)

†Numbers are the public “entry” tier of each family; higher tiers scale proportionally.

How to Read (and Use) the Grid

Cost vs. Management Effort

ScalaHosting and KnownHost price higher than totally unmanaged clouds, but they still bundle security patching, firewalls and daily backups, making them closest to what ex-Hosting.com users had—plus full root.
Liquid Web is the price-leader among classic managed hosts but only in US/EU regions.
Cloudways sits in the middle: you get a managed control plane, but underlying servers are single-tenant Vultr nodes you can leave any time.
DigitalOcean is bargain-level but self-serve; pair it with a panel like CyberPanel or buy their optional “Cloudways” addon if you need hand-holding.

Performance Flags That Matter

NVMe storage is now table-stakes for everyone except some Liquid Web tiers (still SSD).
KnownHost publicly advertises AMD EPYC 9000-series hosts, great for heavy PHP/Node workloads.
Cloudways’ Vultr HF nodes run >3 GHz clocks, giving single-thread wins for WordPress and WooCommerce.
ScalaHosting lets you graphically add CPU/RAM on the fly—handy if you’re worried about outgrowing another fixed-tier plan.

Location, Location, Location

Latency is the main SEO + UX driver once you leave a host. Use the table to shortlist providers with POPs near your readership (e.g., Mumbai or Sydney), then run a quick ping or Lighthouse test.

Migration Friction

KnownHost KickStart, Liquid Web migration and BigScoots white-glove all copy sites + email for you. If you go Cloudways/DO, you’ll likely use SSH/Rsync or a plugin such as All-in-One WP Migration.

Typical Decision Patterns Community Members Ask About

Scenario	What People Usually Pick	Why
Want a managed VPS that still allows kernel-level tweaks	KnownHost or ScalaHosting	Hands-off but no “jailed” shell; direct firewall rules, Docker, etc.
Need the cheapest exit from Hosting.com just to regain root	DigitalOcean (with optional CyberPanel)	$6–$7 gets you full root + NVMe; you self-admin backups & updates.
Global-audience SaaS wants edge POPs in APAC & EU	Cloudways / Vultr HF	30 + DCs and anycast CDN; click-deploy clones to a new region.
Heavy e-commerce, US traffic peaks, wants 100 % SLA	Liquid Web	Dual US DCs + Amsterdam, 100 % uptime guarantee, 59-sec support.
Agency with 20+ WordPress installs, values phone-number support	BigScoots	Fixed Chicago DC gives consistent latency to NA/EU, proven WP expertise.

Bottom Line

Hosting.com’s post-merger “managed” VPS has quietly shifted from a flexible, power-user product to a locked-down, entry-level service—removing root, custom PHP tuning, extra backup rotations, and even basic monitoring installs. If you need control, speed, or audit-grade backups, you now have just two practical options:Switch to an unmanaged VPS or a root-friendly managed provider (ScalaHosting, KnownHost, Liquid Web, etc.) and migrate on your own timetable.Stay put and accept the restrictions—but budget for slower troubleshooting, higher risk, and potential performance ceilings.

Free Domain Transfer Readiness Checker & IP geolocation Lookup

Tools

HostingXP Staff Writer

-

July 8, 2025

0

Free Domain Transfer Readiness Checker & IP geolocation Lookup

How to Enable Gzip Compression in WordPress using htaccess – Steps

SEO

HostingXP Staff Writer

-

June 24, 2021

0

How to Enable Gzip Compression in WordPress using htaccess – Steps

The smaller file sizes result in quick loading time on a WordPress site. It is possible to decrease the size of your webpage with the help of Gzip compression. The same helps reduce the size of JavaScripts, HTML files, XML files, and CSS stylesheets.Additionally, Google warns for sites that are devoid of compression enabled. When the Gzip Compression is allowed in your WordPress with a plugin, there will be a data reduction in the range of 60%-80% of your website. The present article discusses how to enable Gzip compression into your WordPress website by editing the .htaccess file:

The working mechanism of Gzip Compression:

The Gzip compression utilizes an algorithm that manages repetitive strings in one place only as an alternative to saving those strings repeatedly. Moreover, it controls such strings and their location values when compressing and recovering data from compressed files.Generally, Gzip compression works well with stylesheets as well as web pages. This is because every such resource file contains several repeated strings. Due to its compression mechanism, Gzip can decrease the file size by 80 to 90%.

Steps to enable Gzip compression a WordPress website through .htaccess file

HostingXP - Apache Compression Configurator

HostingXP Apache Compression Configurator

Get the right GZIP/DEFLATE configuration for your Apache server.

This tool helps you generate the correct compression configuration for your Apache web server. Select your Apache version below, and we'll provide the optimized code snippet for either `mod_gzip` (Apache 1.3) or `mod_deflate` (Apache 2.x and newer), along with important details and next steps for implementation.

Apache 1.3 (mod_gzip) Apache 2.x (mod_deflate)

Configuration Code

Key Details & Next Steps

Select an Apache version above to see relevant details and next steps.

Step-1: Firstly, login into your cPanel using your username and password.
Step-2: Now click on File Manager in the Files section.
Step-3: Find out the .htaccess file present in the public_html directory. Alternatively, you can use the Filezilla client application to find out the .htaccess file.
Step-4: Now right-click the .htaccess file and then click on ‘Edit.’ This will show the Edit menu as it popped up. Now click on the ‘Edit.’ Button.
Step-5: Include the below line of codes at the bottom of your .htaccess document:

# BEGIN GZIP COMPRESSION

<IfModulemod_gzip.c>

mod_gzip_onYes

mod_gzip_dechunkYes

mod_gzip_item_includefile.(html?|txt|css|js|php|pl)$

mod_gzip_item_includehandler^cgi-script$

mod_gzip_item_includemime^text/.*

mod_gzip_item_includemime^application/x-javascript.*

mod_gzip_item_excludemime^image/.*

mod_gzip_item_excluderspheader^Content-Encoding:.*gzip.*

</IfModule>

# END GZIP COMPRESSION

If your website is hosted on an Nginx server, include the below lines of codes:

gzipon;

gzip_comp_level2;

gzip_http_version1.0;

gzip_proxied any;

gzip_min_length1100;

gzip_buffers168k;

gzip_types text/plain text/html text/css application/x-javascript text/xml 
application/xml application/xml+rss text/javascript;

gzip_disable"MSIE [1-6].(?!.*SV1)";

gzip_varyon;

Step-6: To save all your changes, click on ‘Save Changes.’
Step-7: Use the W3 Total Cache plugin:

There are WordPress plugins accessible to let you enable the Gzip compression to your website. The W3 Total Cache is one of the widely used and famous caching plugins on WordPress. With the help of this plugin, it is easy to enable Gzip compression.Go to the settings page to enable Gzip compression through the W3 Total Cache. Next, enable the HTTP compression option and finally click on ‘Save Changes.’

How do I make fewer HTTP requests on Shopify? Step by Step Guide

Hosting

HostingXP Staff Writer

-

June 24, 2021

0

How do I make fewer HTTP requests on Shopify? Step by Step Guide

Website speed optimization is key to SEO success. If you are trying to make fewer HTTP requests on Shopify, then check out our recommendations.Also Read: Tutorials & Examples: How to configure and set up a Reverse Proxy (Nginx & Apache)For any website, one of the most significant facets is the page load time. A great number of visitors can depart from your website if it requires 3 seconds or more to load the page. Whenever a user visits a website, various technical operations are executed in the backend. However, the images and words are loading in front of your screen; in the background, the browser requests and receive files from the server. If the number of HTTP requests your site sends to the server is fewer, the site loading will be faster.Firstly, let’s look at the meaning of HTTP requests and ways to decrease HTTP requests on your website.What does it mean by the HTTP requests?

Whenever a user visits your website, their browser contacts your web server and also requests the files that contain the page content. Such files comprise CSS, HTML, JavaScript files, icons, images, and other files. The corresponding request is an HTTP request. The complete form of HTTP is the Hypertext Transfer Protocol. Essentially, the browser sends out a request for a file, and also the server transfers the file to that browser. Whenever the server gets an HTTP request from a user’s browser, your server reverts by sending the necessary files. Subsequently, the user’s browser renders the page.

Significance of keeping track of the HTTP requests:

Each time somebody visits your website, their browser has to create a specific HTTP request for every single file. There are lots of websites that use plenty of images, graphics, and other vibrant content. When you decrease the number of elements in your site’s pages, it is possible to reduce the number of HTTP requests. As a result, there will be a boost in the load time for your website.

How to decrease your website’s HTTP request:

Method-1: Decrease the number of Shopify apps:

One of the best ways to achieve this is to decrease the number of Shopify apps already installed.A considerable number of apps available on the Shopify store automatically include few CSS/JavaScript files into your store. If your app is not in use, then the CSS or JavaScript files persist in executing in the background and decreasing the performance of your store. Therefore, it is recommended to look at your store, check the apps that are no more in use, and delete them. By doing this, your website will load quicker. As far as the unused apps stay installed, they will continue running their CSS or JavaScript files.

Method-2: Lazy image loading:

Another method to reduce HTTP requests is to perform lazy image loading. This method incorporates using a Javascript library for loading images only when they must be visible to the visitor of your site. Consequently, there will be an improvement in the page load time.Lazy Image Loading is chiefly valuable when the theme you are using has lots of images that are not visible to your visitor until they navigate down. This means that there will be fewer HTTP Requests. Henceforth, you have to load all the images at the beginning.Make sure to optimize the images and discard the file information which you think is useless. Additionally, make sure the size of the image files is not excessively big.

Method-3: Simplify Store code:

Occasionally, many stores depict lots of images that are loaded on the home page. Moreover, there are lots of new server calls towards the home page.Firstly, examine server requests and find out which requests are needles for the current page.To understand this, for instance, in one store a home page loads review associated with CSS and JS file. It is not essential on the home page related to JS and CSS files, but it is necessary for the product page. Hence, recognize and simplify the store code.

Tips to reduce the HTTP requests:

Use the HTTP Requests Checker Tool by GiftOfSpeed to inspect the number of HTTP requests your site sends.
Combine CSS and ascertain that they are all in-line
Check that JavaScript is in-line
Combine all JavaScript
Keep design images to the smallest amount
Create sprites of CSS images
Transform images to Base64
Decrease the number of social sharing buttons

Also Read:

How to Add CAPTCHA in WordPress Login and Registration Forms

HostingXP Staff Writer

-

June 8, 2021

0

In this post, we explain how to add CAPTCHA in WordPress Login and Registration Forms.Are you interested in adding CAPTCHA to your WordPress site’s login and registration forms? And are you interested in using CAPTCHAs to keep off bots and spammers from accessing your WordPress site? Well, the below article helps you to achieve this.

Also Read: Best WordPress Security Plugins

Generally, the WordPress login page and user registration page are major targets for spammers and hackers. The intention of these attackers is usually to obtain unauthorized access to your WordPress admin part to allocate malware. In some other cases, they may crash the whole network of websites hosted with a particular web hosting company to gather ransom.

Also Read: How to Edit or Change Your WordPress Homepage

In any such case, a breach can lead to pre-eminent damage to your website. But since the hackers use bots to quickly and successfully attacking your websites, it may feel that odds are loaded up against you.Luckily, there is an easy-to-use tool that you can utilize to keep away spammers and bots from your WordPress site. The use of a Completely Automated Turing test to tell Computers and Humans Apart (CAPTCHA) is an easy way to enhance the security of your website.The following guide familiarizes you with CAPTCHAs and the way they can assist in protecting your website against spam and hackers. The later section highlights the ways to add them to your website. Also, you will be introduced to a few of the finest WordPress CAPTCHA plugins.One of the best ways to prevent such attacks is to use CAPTCHA that successfully blocks spambots and defends your site from getting hacked.The below article will discuss how to include CAPTCHA within WordPress login and the registration form effortlessly. But before that, let us understand what this CAPTCHA is:

What is CAPTCHA?

In simple terms, a CAPTCHA is a computer program utilized to differentiate between human and automated bot users. The same is done by carrying out a test that can be easy for a human to pass. The same test is difficult and nearly impossible for the automatic scripts to get through.The CAPTCHAS can adopt a wide range of forms, and one of the most widespread ones is distorted text which you need to decode. Some other test demands you to choose images that can fulfill some specifications from a collection of low-resolution photos.In these cases, usually, humans can easily complete the challenge presented. But, even the contemporary bots are not able to decipher the distorted or pieces of images. Once they are incapable of getting through the test, they would be blocked from accessing your site.The same is inevitable since bots are utilized in various situations that can negotiate the security and integrity of your website. One of the most widespread hacking strategies is brute force attacks. It utilizes bots to frequently type in credentials inside your login form until they attain access to your website.One more kind of cyber attack is cross-site scripting (XSS). In that, hackers implement the malicious code within your site through a form like your login page or the comments section. The same can lead to malware saved on your site, misplaced information, and other ill outcomes.The bots are also useful for spamming your comments part with low-quality links, which damage your Search Engine Optimization (SEO) and daunt legitimate users. In addition to being annoying, spam makes your website look less protected and badly monitored.All those places on your site where users can enter information, i.e., any form in your site, are susceptible to attacks from bots. The inclusion of a CAPTCHA before submissions of form deters non-humans from attaining access to your website or inserting malicious code within it.Throughout the inception of CAPTCHA, users were prompted to enter the text they observe in an image. The corresponding image showcased random letters, numbers, or words in an unclear style.Subsequently, a newer technology entitled reCAPTCHA was implemented. It represented random words in the form of a challenge and utilized the input from the user to digitalize books.The mentioned technology got hold of by Google in the year 2009. Since then, it helps to digitalize thousands of books as well as complete New York Times archives.But, such new CAPTCHAs were still irritating and damaged the user experience on the websites.Though CAPTCHAs offer a wide range of advantages and protections to your website, it comes with some limitations. For instance, they can negatively influence User Experience (UX). By making users sluggish, such simple tests come into the way of visitors and rapidly fulfill their targets on your site.Additionally, users suffering from visual impairments or a few other challenges like dyslexia may find it difficult to complete their CAPTCHAs. Unintentionally keeping human users away from the site is beneficial to anyone. This holds even if it prevents bots in the procedure.In 2014, Google launched its No CAPTCHA reCAPTCHA, a successor to the image tests and distorted word it has continued to use since 2007. This novel system demands users to choose a checkbox beside the words “I’m not a robot” to verify their legitimacy.It displays a simple checkbox for human users to click on easily. Some other wary traffic will show slightly more difficult CAPTCHA, like recognizing objects in the shown images.When you add a CAPTCHA to your WordPress website, you get the freedom to select which kind of test to use. But bear in mind that executing Google reCAPTCHA v2 or v3 must help make your website more enjoyable and easily accessible.Now let’s go through how WordPress websites can enhance security through CAPTCHA.

Reasons to Use CAPTCHA for WordPress Login and Registration:

WordPress login and registration pages serve as a simple target for hackers and spammers and malicious force attacks.This is because WordPress is the most well-known website builder (CMS) prevalent in the world. This makes it a frequent target for malicious attempts.The simplest solution to defend your WordPress site from attacks is to use a WordPress firewall plugin such as Sucuri. The same will block bad traffic from landing on your website and stops unwarranted access.One more solution is implementing a secondary layer of password protection on the WordPress login and registration pages. But the issue with this method is you need to share that second password with every user. This would not scale for huge multi-author blogs or membership sites.CAPTCHA offers a simpler alternative to such solutions. It uses AI technologies from Google to identify genuine visitors and offer CAPTCHA challenges to doubtful users.

Default vs. Custom WordPress Login and Registration Form

The default WordPress login and registration form offer a fundamental collection of features.The login page enables users to easily access your website’s backend as per their relevant user roles and permissions.With the help of the default WordPress registration form, visitors can make an account on your website. After they are registered, they can log in to the backend of your website and carry out precise tasks permitted by their user function.Plenty of website owners wish to tailor the default WordPress login and registration page using their personal styles, logos, etc. They use several plugins to make up their own custom login and registration page to substitute the default ones.The following section covers how to add captcha whether you use the default pages or custom pages.You will be made familiar with the ways to set up reCAPTCHA for default and custom login and registration pages present in WordPress.Now let’s start on how to add reCAPTCHA in the default WordPress login and the registration form.How to add reCAPTCHA to Default WordPress Login and Registration Form:

Firstly, you have to install and activate the Advanced noCAPTCHA & reCAPTCHA (v2 & V3) plugin.After this plugin gets activated, follow the below path:Settings > Advanced noCAPTCHA & Invisible CAPTCHA page available within our admin panelNow WordPress will land you on the general settings page of the plugin.From here on, you have to select a Google reCAPTCHA version and find out reCAPTCHA API keys to allow the service on your website.It is recommended to use v2 since it is believed that v3 is not so stable, at least not yet!To get those API keys, visit the reCAPTCHA website, and then click on the ‘Admin Console‘ button.In the subsequent screen, Google will request to sign in to your account. After you have successfully logged in, you will observe the ‘Register a new site‘ page.As a first step, enter the name of your website in the Label field. Now, choose a reCAPTCHA type. It is up to you to select reCAPTCHA v2 ‘I’m not a robot’ named checkbox.Now, you have to mention your domain name within the Domains section. Ascertain that your domain name is devoid of ‘https://www.’The Owners section displays your email address as well as allows you to add a new owner.Once done, you have to check the box beside ‘Accept the reCAPTCHA Terms of Service.’ It is optional to check the ‘Send alerts to owners‘ box to get email alerts regarding doubtful traffic or captcha misconfiguration occurring on your site.After this is done, click on the ‘Submit’ button.Now, you will notice a success message and the site and secret keys that can be used on your website.As a next step, open your WordPress dashboard and follow the below path:

Settings >Advanced noCAPTCHA & Invisible CAPTCHA page

This allows you to set up Google reCAPTCHA.After you are landed on the plugin settings page, select the Google reCAPTCHA version. Because we have already registered our website for Google reCAPTCHA v2 ‘I’m not a robot,’ it is necessary to choose that option from the dropdown menu.Now enter the site key and secret key given by Google reCAPTCHA before.In the next step, you will find the ‘Enabled Forms‘ option. You need to check the box besides the forms wherein you wish to enable the Google reCAPTCHA. In this step, select the Login Form and Registration Form.Once done, you have to scroll down the page to check other options. When done with selecting options, click on the ‘Save Changes’ button present at the bottom.Now you have successfully included reCAPTCHA in the default WordPress login and registration form. If you want to preview it, you can open up your WordPress login URL inside your browser. For instance: www.website.com/wp-login.php.If you wish to review the reCAPTCHA on the registration form, click on the Register link underneath the login form. Once done, the WordPress registration form would open, and also you can observe how reCAPTCHA functions.

Set-Up of reCAPTCHA in Custom WordPress Login and Registration Form:

The custom login and registration forms of WordPress provide new user-friendly membership possibilities to visitors of your website.Firstly, you can enable users to either register or login into your website directly from the frontend. As a result, it enhances the user experience and allows you to retain the same design experience throughout the website.Subsequently, it allows you to include your website logo and personalize the registration and login page according to your preference.Making a custom WordPress login form and user registration form is quite simple using the intuitive WordPress form plugin named WPForms. This plug is the most user-friendly and being utilized by 2+ million websites.For getting started, you need to install and activate the WPForms plugin over your WordPress site.To create the custom WordPress user registration form, switch to at least the WPForms Pro plan.Once activated, you have to open ‘Settings‘ from ‘WPForms.’ This will let you enter your WPForms license key. Actually, you will receive this key from your account area present on the WPForms website.Once this is done, click on the reCAPTCHA option available at the upper part to organize reCAPTCHA for your customized WordPress forms. As the first step, select a reCAPTCHA type.Because we have already selected v2 before, now we will select reCAPTCHA v3 in this step. However, the recommended option is still v2.Now you will observe the secret key field and the site key field. For obtaining such keys, register your website on the Google reCAPTCHA website.Now open the Google reCAPTCHA website and click on the Admin Console button present at the uppermost right corner.Now Google will inquire you to sign in to the account. After that, you will notice the ‘Register a new site‘ page.Now mention your website name and then choose the reCAPTCHA v3 option from the reCAPTCHA type option.In the next step, mention your domain name but make sure it is without https://www.Suppose you wish to add one more Gmail user in the form of the owner of the reCAPTCHA. After that, you could add the email address within the Owners section.Now accept the ReCaptcha terms of service. It is also possible to check the box beside the ‘Send alerts to owners’ option to receive notification emails from Google regarding mistrustful traffic over your site.After that is one, you need to click on the Submit button.Now Google will display a success message accompanied by the site key and the secret key to supplement reCAPTCHA to your website.By now, you possess the Google reCAPTCHA API keys. Follow the below path

WPForms > Settings ? reCAPTCHA

The reCAPTCHA page will open up in your WordPress dashboard.In the settings page of the WPForms reCAPTCHA, mention the site key and secret key. Now save your settings.After successfully adding the reCAPTCHA on WPForms, it is easy to enable the reCAPTCHA within the user registration form, your custom login form, or any forms created using WPForms.Now let’s make a custom WordPress registration form.Open ‘Addons’ page from ‘WPForms’. Now find out ‘User Registration Addon’ and then click on ‘Install Addon.’WPForms will now download and set up the addon. After that, you will observe the User Registration Addon’s status to be ‘Active.’ This indicates that you are now ready to include a fresh user registration form.Now follow the bellow path to start the WPForms Builder:

WPForms > Add New

From the WPForms setup page, you need to choose the ‘User Registration Form’ template.Once done, WPForms automatically creates a custom user registration form and also opens the Form Setup page.It is now easy to personalize your form with new fields or edit the available field options. In case you prefer the default form, then use it without creating any modifications.Now click on the Settings option to organize your form settings as well as enable the Google reCAPTCHA.Within the General Settings page, it is possible to modify your form name, include a form description, and also edit the Submit button text, etc. In the base, you will notice the checkboxes containing Enable Google v3 reCAPTCHA box.Just check the box to enable the Google reCAPTCHA within your user registration form. When this is done, click on the Save button available in the upper right corner.You can close the form builder by simply clicking on the ‘Close’ button beside the Save button.Finally, you made a custom WordPress user registration form as well as included reCAPTCHA to it.The next task you have to do is to include the custom user registration form on your website. It is possible to add forms to your pages, posts, or any widget-ready area. For instance, the below section describes how to make a new page and include its form.Follow this path:

Pages > Add New

This opens up a new page from your WordPress dashboard, allowing you to create a new page. On the page’s screen, click on the ‘Add New Block’ icon, and choose the WPForms block.Now you can observe the WPForms widget already added to your page edit screen. Choose the Custom User Registration Form which you created before. Once done, the widget automatically loads the form within the page editor.Subsequently, you can add other vital content and post the page.You can now open the page on your web browser to observe the custom user registration form along with Google reCAPTCHA implemented.Because reCAPTCHA v3 is already selected, you will not notice a Google reCAPTCHA checkbox such as ‘I’m not a robot.’ The reason is the reCAPTCHA v3 functions in the background. However, you will still observe a tiny badge at the lowermost right corner.The method of building a custom login form is nearly the same. However, the mere difference is that you have to select the User Login Form template available from the WPForms setup page.Subsequently, the entire process is identical.————————————–Adding a CAPTCHA to Your Login Page:Generally, your login page is a key target for Cross-Site Scripting (XSS) attacks and brute force.For the addition of a CAPTCHA into it using the Google Captcha plugin, follow this path:Google Captcha > Settings > General > Enable reCAPTCHA for inside WordPressNow choose ‘Login Form‘ within ‘WordPress Default‘.Now your login page stays protected.Including a CAPTCHA on Your Password Reset Page:When hackers’ attempts to log in to your website go futile, they might be landed on a page wherein users could reset their passwords. For the addition of a CAPTCHA to secure this page, follow this path within your WordPress dashboard:

Google Captcha > Settings > General > Enable reCAPTCHA form

Now choose the ‘Reset password form’ from the ‘WordPress Default’ list.

Securing Your WooCommerce Login Page using a CAPTCHA:

Your WooCommerce Login page is equally vulnerable to a malicious attack like your core WordPress page. For protecting it using Google Captcha, you will require the premium version of the plugin. Once you are ready, follow the below path within your WordPress dashboard:

Google Captcha > Settings > General > Enable reCAPTCHA

At this point, you can choose the ‘WooCommerce Login form’ from the ‘External Plugins’ list.

Including a CAPTCHA on Your Contact Form:

It is possible to protect your contact form using a CAPTCHA identical to the others already discussed above. But many different contact form plugins can integrate with Google CAPTCHA, like:

Contact Form 7
Ninja Forms
Jetpack Contact Form

It is necessary to activate any of the above tools on your site to add a CAPTCHA to your contact form. Now follow the below path:

Google Captcha > Settings > General > Enable reCAPTCHA

Now click on the checkbox for your chosen plugin:Doing this will terminate the process. One more contact form plugin is available for use on your WordPress website; you may need to use a different CAPTCHA plugin that combines with it. Also, few form builder plugins include CAPTCHAs on their own, like WPForms.

Summary:

Keeping your site free from malicious bots is inevitable if you intend to protect your users, your content, your users, and the reputation of your brand. One of the simplest approaches to deter their activities is to add a CAPTCHA into the forms of your WordPress site.

The addition of CAPTCHA to your WordPress needs these 3 steps:

Setup and activate a WordPress CAPTCHA plugin.
Make your Google reCAPTCHA and include it on your site.
Organize your settings to secure key areas.

Tutorials & Examples: How to configure and set up a Reverse Proxy (Nginx & Apache)

Hosting

HostingXP Staff Writer

-

June 5, 2021

0

Tutorials & Examples: How to configure and set up a Reverse Proxy (Nginx & Apache)

Reverse proxy positions ahead of a web server and get all the requests before reaching the origin server. This proxy functions identically to a forward proxy, apart from the case that is the webserver utilizing the broker instead of the client or user. Usually, reverse proxies are used to boost the performance, reliability, and security of the webserver.

Also Read: How to Edit or Change Your WordPress Homepage

To understand more, for instance, you can host a non-WordPress site on example.com domain on say Server A and let its blog running on the WordPress setup at example.com/blog URL that is hosted on say Server B. This is easy to achieve by adding a reverse proxy for that server hosting your top site. It is possible to configure the reverse proxy to pass on requests to the blog to a different server.The present article discusses the fundamentals of reverse proxy servers, how they function, their key benefits, and how you can use them to quicken and secure your WordPress site.

Related: Best Practices to Setup W3 Total Cache Plugin

What Is a Reverse Proxy?

To get knowledge on a reverse proxy server, firstly, you need to know its role and know about all its associated terms.Whenever you browse the web in general by typing in a domain name or clicking a link, the website’s server gets directly connected to your browser or device. Subsequently, it begins the download process of its resources.If you intend to anonymize your IP address directly from those websites you visit, there is an option to use a proxy server to send all your requests to it first. Next, it will promote your requests to the DNS resolver. Subsequently, it will download the resources of the website from its root server.A reverse proxy is a server that sits in front of web servers and forwards client (e.g., a web browser) requests to those web servers. Reverse proxies are typically implemented to help increase security, performance, and reliability. To better understand how a reverse proxy works and the benefits it can provide, let us first define what a proxy server is.Later, it will forward those resources towards your device, which is termed a forward proxy.You are entirely concealed from the website because it assumes that your request comes from the forward proxy.

Info:

The way few hosting providers like Web hosting companies calculate site visits, they demand the users put a header to inform their actual IP address to the root server. Thus, the privacy advantages do not apply in some instances like these.In addition to improving user privacy, using a forward proxy is primarily to avoid geographical content limitations. For example, you desire to watch a blocked video in that region, then a forward proxy and an IP address are helpful. On this IP address, you can watch the video.Forward proxy functions are nearly identical to a Virtual Private Network (VPN). However, both are different technologies with specific use cases (however, they may occasionally overlap).

Reverse Proxy Server vs. Forward Proxy Server:

A reverse proxy server functions in the form of a front for the root servers to uphold anonymity and boost security. It is identical to how a user or client uses a forward proxy to attain the same result. It makes sure no client or user directly communicates with the root server.Though the difference between forward and reverse proxy is slight, they work uniquely.Both of them can work collectively because there is no overlap among their functioning. Generally, users or clients utilize a forward proxy, whereas the root servers use a reverse proxy.Because a server admin can manage the way reverse proxy would function, you can utilize it to allow several valuable features.All its advantages will be discussed later in this article.

Why Use a Reverse Proxy?

Several businesses, massive enterprises, use personalized websites that are custom-made to their unique requirements. Moreover, they are not operating on WordPress. Certain instances include websites focused on banks and insurance.In another case, a business may host their website on an external service that disallows them to install external software. Typically, they are small to average-sized retailers who use an e-commerce platform like Shopify.Because WordPress possesses powerful CMS features, several businesses, including big enterprises with personalized websites, may host their blogs through WordPress setup.One effective way to solve this issue is to set up WordPress on the subdomain of the primary website and organize the navigation menus so that users can easily toggle between the primary website and the blog.The subdomains act in the form of a unique domain to influence the SEO of your site. Though Google equally considers subdomains and subdirectories, it needs more effort to optimize any website for SEO rankings if the hosting is done on a subdomain than a subdirectory.Google has again confirmed that it equally considers both subdirectories and subdomains. However, certain SEO experts conflict with it. Even if it does no influence the SEO of your site, a site that is hosted within a subdirectory is relatively simpler to maintain.This is why you could use a reverse proxy to forward requests to the blog of the site hosted on a separate server. To understand clearly, for instance, a bank can securely host its primary website on its servers. However, they can even host their WordPress-driven blog distinctly on a managed WordPress host such as Web hosting companies.Combining 2 various sites within a single domain name is an excellent benefit of using a reverse proxy. Moreover, it assists the brands to let their site stay ordered, look professional, and uphold credibility.Now let’s learn how a reverse proxy can boost security, performance, and reliability.

Advantages of Using a Reverse Proxy:

Apart from the above use case, the reverse proxies too offer several other advantages. The below section discusses a few of their key benefits:

Load Balancing:

A single root server cannot manage all the traffic incoming for a website having millions of visitors daily. Especially in such cases, you can smartly allocate the traffic amongst a group of multiple servers. Typically, every server will host identical content to discard a single point of breakdown. Hence, the particular website turns more reliable.Generally, a reverse proxy is found to be an excellent way to install this. This is because it can collect the incoming traffic before it goes into the root server. If the root server is overloaded or falls short completely, it can allow the distribution of the traffic to other servers. During this process, it makes sure the site’s functionality is unaffected.Reverse proxies are also capable of forwarding incoming requests to multiple servers. In these cases, every server performs an explicit function for which they are optimized. Subsequently, the reverse proxy can amass responses from every server and submits them to the client.Because we utilize the most famous reverse proxies chiefly for load balancing, they are too regarded as Load Balancers.

Global Server Load Balancing (GSLB):

GSLB is well-known as an advanced load balancing system for allocating website traffic among multiple servers strategically organized all over the globe. Usually, it is accomplished through the anycast routing technique. In this technique, the reverse proxy chooses the server node depending on the quickest travel time between the server and the client.Apart from boosting the reliability and security of the website, GSLB also decreases latency and load times. Henceforth, it enhances the user experience. It is allowed to use GSLB with some other network optimization methods like Spoon Feeding. When you use it with such scenarios, the computational resources of the origin servers will be freed up.You can manually set up GSLB on your server, but dedicated CDNs like Cloudflare and KeyCDN typically monitor it. Web hosting companies serve every website hosted via a Load Balancer (powered by Google Cloud Platform).

Enhanced Security:

Reverse proxies can hide the IP address as well as some other aspects of origin servers. So, the origin server of your website can better uphold its anonymity and thus significantly boosting its security.As the reverse proxy would get all the traffic before it goes into the primary server, hackers or attackers will perceive it more challenging to target your site with security threats like DDoS attacks.A strict firewall can strengthen the reverse proxy with more robust security to resist the general cyber-attacks. If a reverse proxy is not installed, it is hard to discard malware or begin takedowns.

Info:

Web hosting companies utilize reverse proxies within its backend architecture and provides free WordPress hack solutions to every website it hosts.A reverse proxy, including HAProxy, can add basic HTTP access authentication into a web server that is not enabled. Also, you can use a reverse proxy to include centralized verification for different kinds of requests.

Powerful Caching:

A reverse proxy is also helpful in increasing the speed of the website. It accomplished this by caching static and dynamic content. As a result, there will be a reduction of the origin server load, which leads to a faster website.Consider an example in which your origin server is based in the USA and suppose a user living in Europe visits your website. In this case, you can provide a cached version of your website from the convenience of a reverse proxy server located in Europe. Because the reverse proxy is situated nearer to the user than the origin server, the website takes time to load. Hence, performance is efficient.Varnish and Nginx FastCGI are well-known examples of reverse proxies that are useful for caching web content. When you choose Kista as the host of your site, you can stay stress-free about caching. This is because Web hosting companies look after all the caching groundwork to reduce your effort.

Superior Compression:

Generally, server responses utilize a much amount of bandwidth. If the server responses are compressed before delivering them to the client, it can decrease the bandwidth needed. Hence, the server responses will speed up across the network.A reverse proxy works perfectly to compress server responses because it is positioned amongst the client and the origin servers.

Optimized SSL Encryption:

For the origin server, encrypting and decrypting the SSL/TLS requests for every client can be highly taxing. This task can be handled by a reverse proxy to free up the resources of the origin server. The idea behind freeing up is to focus on other significant tasks like serving content.Another benefit of delegating SSL/TSL encryption & decryption is to decrease latency for clients who are physically far from the origin server.There is an option to choose a reverse proxy with dedicated SSL/TLS acceleration hardware to optimize this task even more. This kind of reverse proxy is termed an SSL/TLS termination proxy. Few servers like Varnish are not compatible with the SSL/TSL protocols. Hence, an SSL/TSL termination reverse proxy could assist in securing the traffic through them.

Better A/B Testing:

The majority of the A/B testing tools demand you to use the external JavaScript libraries for loading their functions. But, the process of loading third-party scripts can result in slowing down the page load times. Also, it can lead to a weird experience for users.A reverse proxy can be helpful to make two distinct flows at the server level as an alternative. For instance, you can use split_clients or sticky route methods of Nginx to manage traffic redirection.Go through the tutorials on freeCodeCamp and Nginx to know more about carrying out A/B testing through a reverse proxy.

Monitoring and Logging Traffic:

Whatever requests go across a reverse proxy is being captured. So, you can utilize them as a fundamental hub to supervise and record traffic. Irrespective of you using single or multiple web servers for hosting all components of your website, using a reverse proxy makes it simpler to supervise all the incoming & outgoing data from your website.

The Most Popular Reverse Proxies:

According to W3Techs, nearly 83% of the websites utilize no reverse proxy services, which they examine.Out of the 17% of websites using a reverse proxy, you will observe that majority of them are CDNs. The reason is a majority of the reverse proxies, by default, conceal their existence for a safety measure. Therefore, you cannot trust website monitoring services such as W3Techs to discover which reverse proxies are the most famous ones.Based on our research and knowledge, the most famous reverse proxies valid presently are Nginx, Varnish, Apache Traffic Server, and HAProxy. They are discussed below:

Nginx:

Nginx is famously known as an open-source web server capable of working as a reverse proxy. In addition to working as a host for websites, it is one of the most extensively used reverse proxy and load balancing solutions. According to Netcraft, more than 479 million web servers were utilizing Nginx in December 2019. This makes it the front-runner in the webserver market share.This proxy offers every reverse proxy benefit described above. Furthermore, it boosts web performance, reliability, security, and scalability. It is easy to configure Nginx through its configuration file.The Nginx Plus, a commercial offering, is only helpful to gain access to the API-based configuration options and other functionalities appropriate for big enterprise websites.Web hosting companies control all their websites via Nginx. It got rank in Top Tier web hosting status by Review Signal in every category it participated in. Few other leading companies that make use of Nginx are Netflix, MaxCDN, and Cloudflare.It is easy to set up Nginx as a fundamental reverse proxy. Moreover, Nginx also offers you various directives to tailor your server’s reverse proxy according to your needs. The way to accomplish it is discussed in a later section. A Web hosting companies customer can learn how to use a reverse proxy for websites hosted via Web hosting companies in that section.

The Advantages of Using Nginx Reverse Proxy

Let’s delve into the reasons explaining why this tool is so popular:

It is simple to implement and provides the user with high-end security against Web server attacks such as DDoS and DoS
Nginx Reverse proxy helps create a balanced load among several back-end servers and provides caching for a slower back-end server
Nginx does not require setting up a new process for each web request from the client. Instead, the default configuration is to comprise one work process per CPU
It can act as a reverse proxy server for various protocols such as HTTP, HTTPS, TCP, UDP, SMTP, IMAP, and POP3
It can handle over 10000 connections with a low memory footprint. Nginx can operate multiple web servers via a single IP address and deliver each request to the correct server within a LAN
Nginx is one of the best web servers for improving the performance of static content. Additionally, it can also be helpful to serve cache content and perform SSL encryption to lower the load from the webserver
It can also be beneficial when optimizing content by compressing it to boost the loading time
Nginx can perform randomized experiments or A/B tests without placing JavaScript codes into pages.

Varnish:

Varnish is an open-source HTTP reverse proxy equipped with a cache engine. It is primarily created for high-traffic websites that serve dynamic content. Furthermore, you are free to use Varnish in the form of a load balancer, or a web app firewall (WAF), or an edge authentication and authorization server.This proxy functions on all latest versions of Linux and FreeBSD, utilized primarily as a front for Apache or Nginx web servers. The efficient and flexible Varnish Configuration Language (VCL) allows you to define various features like managing HTTP requests, caching, and establishing connections to single or multiple web servers.Due to this reason, several CDNs use Varnish in the form of their crucial foundation for sending content quickly.

Varnish supports Edge Side Includes (ESI), known as a language that assists you to reprocess sections of one web page in some other web pages. If your website uses plenty of recurring content on various pages, ESI can increase the speed of page load times of your site. It does this by caching recurrently used sections.You can expand Varnish through its different modules (VMODs). Go through Varnish’s official tutorial to know how to set up Varnish in the form of a reverse proxy for WordPress.

Apache Traffic Server:

This is an open-source caching proxy server famous for its quick, scalable features. Formerly, it was a commercial product by Yahoo! However, they turned it to be open source and contributed it to the Apache Foundation for safeguarding.Certain critical content networks and CDNs like Akamai, Yahoo, LinkedIn, and Apple utilize Apache Traffic Server to control their technology.Also, you can use Apache HTTP Server (i.e., Apache HTTPd), known as an HTTP server daemon, for setting up a reverse proxy across your web server. Besides behaving as a virtual web server, it assists you in serving static and dynamic content to the users. The later section of the article discusses the setup process of Apache as a reverse proxy.

HAProxy:

HAProxy works as an open-source reverse proxy and also as a load balancer. It is created to incorporate the most prevalent web server architectures like cloud platforms and Linux distributions. Just like Nginx, HAProxy implements an event-driven I/O model. Furthermore, it supports splitting requests over numerous worker procedures.For HTTP requests, HAProxy works efficiently even when subjected to heavy loads. Few of the substantial traffic websites on the Internet like Airbnb, Instagram, Reddit, Tumblr, Stack Overflow, GitHub, and Imgur use HAProxy to deliver their websites efficiently.The process to implement HAProxy is beyond the reach of the article. However, you can go through their documentation to know how it works.Note: Envoy and Traefik are two more open-source substitutes to HAProxy. Both of them are efficient reverse proxies and load balancers with several cutting-edge features.Few other famous reverse proxies are GLBC, AWS Elastic Load Balancer, Google Cloud Load Balancer, and DigitalOcean Load Balancer. To know about an in-depth list of the premium reverse proxies and load balancers currently in use, check out Stackshare.io.

Reverse Proxy: Use Cases for WordPress Sites:

Chiefly, there are 3 use cases for implementing a reverse proxy for all WordPress sites.For this example, only Nginx is used because it is the most famous reverse proxy for WordPress sites. However, the same fundamental principles will be valid to other reverse proxies.Reverse proxies are usually difficult to install, organize, and support. So, Web hosting companies provide a $50 add-on subscription monthly for every reverse proxy that you need assistance with installation. Get further details from the support team of Web hosting companies.

1. Main and Proxied Sites Hosted on the Same Server:

If both the proxy and leading site are hosted on a similar server, the main one can execute a WordPress installation. In contrast, a typical WordPress installation controls the proxy site.Since you possess access to the sites and their shared web server, it is easy to install the reverse proxy rules for the main website. Subsequently, you can configure the proxy site to process from the reverse proxy.If both the sites are being hosted at Web hosting companies, you can contact Web hosting companies’ support team. Next, you can request them to install the reverse proxy. The process is as below:

Ensure that both the main and the proxy sites are hosted at Web hosting companies. But if not, then you can transfer both sites to Web hosting companies’ setup. You can do that either manually or after delivering a migration request.
Use a support ticket to submit a description of the domain configuration to the support team of Web hosting companies. It usually takes one business day to set up the reverse proxy.
Web hosting companies will install the appropriate reverse proxy rules on the leading site. Also, it will configure the proxy site to process the reverse proxy.

Below are the standard Nginx reverse proxy directives that Web hosting companies uses to load a subdirectory site across a reverse proxy:

location ^~ /subfolder/ {


proxy_pass http://subfolder.domain.com;


proxy_set_header X-Real-IP $remote_addr;


proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;


proxy_set_header X-Forwarded-Proto $scheme;


}

In this code, substitute the /subfolder/ placeholder with the real subdirectory name. Moreover, the http://subfolder.domain.com subdomain must match the URL being used to direct the reverse proxy at the proxied site.The caret and tilde symbols (^~) are present in the location directive. They inform Nginx that if it comes across the string defined, it must prevent the searching process for subsequent matches and finally use the commands mentioned here. Know in detail on reverse proxy directives of Nginx in its documentation.After that, configure the proxied site for loading across the reverse proxy. Below are the standard steps that Web hosting companies follows to organize the proxied site:

From the location where the proxied site is loaded, you have to make a subdirectory. Every file of the proxied website is shifted to this subdirectory.
Revise the configuration files of the webserver to label the new subdirectory as the root directory for that proxied site. Also, you have to add a rewrite rule to discard the subdirectory from the request URL for every request coming in.
Revise every URL in the database of the proxied site to be equivalent to the live site URLs (e.g., example.com/blog).
Edit the wp-config.php file of the proxied site with $_SERVER[‘HTTP_HOST’] definition, directing to the URL of the main site.
If you use an SSL certificate, define rigid rules in the wp-config.php file to prevent redirection loops.

Note: A proxied site cannot make URLs that replica the similar subdirectory within which the proxied site processes. For example, a proxied site at example.com/blog cannot make a directory or page at example.com/blog/blog.

2. Only the Proxied Site Hosted on Your Server:

If there is access only to the proxied site and the corresponding web server, you have to contact the leading site’s server admin. They will help you to set up the reverse proxy rules.For that, you should implement the same steps mentioned above. Apart from this case, you should configure the rules on two diverse servers.For hosting your proxied site through Web hosting companies, you need to add a domain to the site that will direct to the reverse proxy. Typically, the subdomain fulfills this purpose (e.g., blog. example.com) to process the proxied site on a subdirectory link (e.g., example.com/blog).Once your proxied site gets set up on Web hosting companies, feel free to contact the Web hosting companies support team for configuring the proxied site to load on a reverse proxy. During this time, the support team needs the actual IP of your for completion of the setup process to count visits properly. If you cannot provide a static IP because of the dynamic IP restrictions from several providers (like AWS CloudFront), your plan gets transferred to an equivalent bandwidth-based plan.Finally, the process of the setup of the reverse proxy on your server is not in the scope of Web hosting companies’ support. This is because only the server admin can look after it.

3. Only the Main Site Hosted on Your Server:

If there is access only to the main site and equivalent web server, it is necessary to set up the reverse proxy. Next, construct its rules for loading the proxied site from an outside host. The installation and configuration of the proxied site for loading across the reverse proxy is the duty of the admin of the secondary server.When your main site is being hosted at Web hosting companies, there will be access to the support team of Web hosting companies. You can create a support ticket to include the standard reverse proxy rules mentioned previously in the article. If needed, you can add some more customizations to those rules.In the present circumstances, you are entirely accountable for the configuration of the proxied site to load it on the reverse proxy correctly.

How to Set Up Nginx as a Reverse Proxy:

If the situation is such that Web hosting companies do not host your website and the management of servers is your duty, then you should set up the reverse proxy on your own. Also, configure it to direct at the proxied site.Based on the operating system of your web server, you can install Nginx another way. When using Linux distributions, various Nginx packages can be used depending on the version of your Linux distribution.In the below example, the primary site is installed at example.com domain name. On the other hand, the proxied WordPress site is set up at subdomain, i.e., blog.domain.com. Both of them are controlled by Apache on a web server operating on Ubuntu 18.04. Moreover, in this example, Nginx is installed and configured in a reverse proxy on the main server.Firstly, access your server’s terminal through SSH. Next, use the apt-get command for updating the packages list of your distribution and then install Nginx on the webserver you use. Follow the below commands:

sudo apt update

sudo apt install nginx

Now you have to configure Nginx to proxy requests for those domains that are hosted on Apache. For that, prepare a new virtual host file. The present example uses the nano editor to include the code. However, you can use any code editor you like.

sudo nano /etc/nginx/sites-available/example.com.conf

Now set Nginx directives to direct requests to Apache after adding the below server {…} and location blocks:

server {

listen      80;

server_name example.com www.example.com;

index       index.php;

root        /var/www/example.com/public    # fallback for index.php

location / {

try_files $uri $uri/ /index.php?$query_string;

}location /blog {

proxy_pass http://blog.domain.com;proxy_http_version                 1.1;

proxy_cache_bypass                 $http_upgrade;

# Proxy headers

proxy_set_header Upgrade           $http_upgrade;

proxy_set_header Connection        "upgrade";

proxy_set_header Host              $host;

proxy_set_header X-Real-IP         $remote_addr;

proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-Proto $scheme;

proxy_set_header X-Forwarded-Host  $host;

proxy_set_header X-Forwarded-Port  $server_port;

# Proxy timeouts

proxy_connect_timeout              60s;

proxy_send_timeout                 60s;

proxy_read_timeout                 60s;

A subdirectory link, i.e., example.com/blog, is defined in the above code, and it will be hand out by the Apache server. Ensure that you use the public IP address (or URL) of your proxied website in the proxy_pass directive. For this example, the proxied website is hosted over the blog.domain.com subdomain.Note: Ensure that the proxied website is set up and all set to be served before you make any modifications.Learn more about every reverse proxy directive used here in Nginx’s complete index of directives.Now save the virtual host file. Next, activate the fresh virtual host by making a symlink for the files entitled example.com.conf in the /etc/Nginx/sites-available and the /etc/Nginx/sites-enabled directories.

sudo ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-enabled/example.com.conf

After that, test Nginx for any configuration errors.

sudo nginx -t

If there are no errors, reload Nginx to enforce the changes.

sudo systemctl reload nginx

Nginx is now successfully set up to function as a reverse proxy. For confirmation, you can use the phpinfo() function. It helps you to check the PHP variables loaded whenever you visit your proxied site.Within the SERVER_SOFTWARE and DOCUMENT_ROOT PHP variables, Apache hands out this domain across the backend. However, PHP variables like HTTP_X_REAL_IP and HTTP_X_FORWARDED_FOR validate that Nginx was used as a reverse proxy to direct the requests.It is possible to enhance the speed of serving the WordPress site on Nginx with the help of the fastcgi_cache and ngx_cache_purge modules. The first module would cache your website, whereas the second module automatically cleans out the cache depending on specific events. The related events can be editing or publishing a WordPress post.The Nginx Cache Controller WordPress plugin is useful to directly manage the proxy server cache of Nginx from your WordPress admin dashboard. But if you are currently using a WordPress Multisite installation, you have the freedom to use the Nginx Helper plugin.

How to Set up Apache as a Reverse Proxy:

First of all, confirm that you have two websites set up and operating at example.com and blog.domain.com. The first website doesn’t need to be a WordPress site. However, the second one must be a WordPress site because it is primarily used to load the blog of the root domain at the subdirectory link of example.com/blog.Begin configuration of Apache by opening your server’s terminal through SSH and permitting proxy module of Apache.

sudo a2enmod proxy proxy_http ssl

Executing the above command will most probably restart Apache for reloading the freshly defined directives.Now, you have to edit the virtual host file of your central server to make a reverse proxy. Below is the code to add:

<VirtualHost *>

DocumentRoot /var/www/app/public

SSLProxyEngine On    ProxyRequests off

ProxyPass /blog http://blog.domain.com

ProxyPassReverse /blog  http://blog.domain.com

</VirtualHost>

The ProxyPass directive creates a reverse proxy for the specified paths. On the other hand, the ProxyPassReverse command will interrupt the HTTP response headers delivered through this reverse proxy and rewrite them to go with the Apache server.Once the file is saved, edit your wp-config.php file after adding the below code before the line asking you to prevent editing.

# ProxyPass Settings

# overrides the variables below to ensure that any

# request to /blog/* subdirectory is taken care of properly

$_SERVER['REQUEST_URI'] = '/blog' . $_SERVER['REQUEST_URI'];

$_SERVER['SCRIPT_NAME'] = '/blog' . $_SERVER['SCRIPT_NAME'];

$_SERVER['PHP_SELF'] = '/blog' . $_SERVER['PHP_SELF'];

Lastly, you have to update the database of your WordPress site to include the configuration values for /blog subdirectory link. For that, run the below SQL query:

UPDATE wp_options SET option_value = 'https://www.example.com/blog' WHERE option_name IN( 'siteurl', 'home' );

Now you can visit the https://www.example.com/blog URL and host your WordPress site at http://blog.domain.com subdomain load without altering its URL. You can carry on using WordPress as normal for browsing, writing, editing, and managing your site.

Limitations of a Reverse Proxy:

A reverse proxy causes a major security risk because it can read and modify all the traffic going through it. When you pass HTTPS traffic via the reverse proxy, it has to decrypt and encrypt the passing data. It implies that it should own the private keys of the SSL/TLS certificate. Hence, if any nasty party can negotiate your reverse proxy, it is allowed to log passwords and insert malware in your websites.
If you or your users can’t access your main server directly, using a reverse proxy leads to a single point of failure. To further understand, if you use a reverse proxy as a front to hand out multiple domains, its disconnection turns all the domains offline at once.
If you depend on a third-party reverse proxy like Cloudflare, keep in mind that you pass over sensitive info about your site to them. Though they are reliable, it is unpredictable what can be the outcome.
Bringing back the backups or letting staging sites go live on websites that load on a reverse proxy stops the proper loading of the proxied site.
The process of loading a WordPress Multisite installation on a reverse proxy can prove to be complex and challenging to maintain. That’s why Web hosting companies don’t allow the use of WordPress Multisite on a reverse proxy. But an individual WordPress subdirectory Multisite installation is helpful as an option to proxied sites.

Info:

Web hosting companies CDN possesses extremely low TTFB and famous for significantly improving your site’s performance. Each Web hosting companies account includes a free tier of Web hosting companies CDN. It is easy to set it up in a few seconds.The majority of the advantages given by CDNs are identical to those offered by the reverse proxies. Now the question is – which one to choose among CDN and a reverse proxy?You can settle with anyone as per your needs. If a reverse proxy is already installed, you will still notice an improvement in performance and speed from using a CDN. Both of them efficiently caches layer. Moreover, if there are any particular request handling requirements, you can easily configure it with a few custom headers directed by the reverse proxy or the CDN.

Summary:

The above article helps you to learn the complete setup process of a reverse proxy. Being highly flexible, WordPress is helpful as a blog or an e-commerce site, or a Learning Management System. Moreover, in a majority of cases, it is easy to customize WordPress to fulfill your requirements.Occasionally you might need to use a distinct domain or a secondary server for hosting an extra site. It may be due to different technology stacks, especially for a large enterprise site, or setting up a WordPress blog for a previously set up non-WordPress website.In both the above cases, a reverse proxy can prove helpful. So, you can gain the maximum benefit of WordPress without any compromise with the main website.

How to Fix and Resolve WordPress Not Sending Emails Issue (+ Tips to Fix It with Most Used Contact Form Plugins)

HostingXP Staff Writer

-

June 5, 2021

0

How to Fix and Resolve WordPress Not Sending Emails Issue (+ Tips to Fix It with Most Used Contact Form Plugins)

If you are planning to resolve WordPress not sending emails Issue read our step-by-step guide. We are also offering some tips to fix It with Most Used Contact Form Plugins.A typical issue website owners may face is that WordPress does not send emails properly or sends them.The majority of the managed WordPress hosting providers, counting Web hosting, don’t offer email hosting. But, this doesn’t imply that you cannot send emails from your WordPress setup. Usually, when you attempt to resolve the WordPress not sending emails problem, it is not a fault on the server. However, email is set up wrongly on the WordPress setup, or there is a compatibility issue.The present post discusses how to recognize why WordPress cannot send emails to you or the users. It also shows how to resolve it. You may be running a standard WordPress website or a WooCommerce store. In both cases, the below post will help you to fix the emails not sending issue.The post also discusses a few of the most famous contact form plugins and recognizes the exact reason behind the problem. Let’s get started:

Why Isn’t WordPress Sending Email?

There are specific reasons you may face problems with WordPress unable to send emails. They include:

Emails Are Sending but Going to Spam
Your Server Is not configured correctly
Your Contact Form Plugin is Sending ‘Spoof’ Emails

Now let’s go through how to recognize which of these may create the issue:

Emails Are Sending but Going to Spam:

Before performing any other tests, you need to ascertain that the emails from WordPress are not reaching spam.If a user mentions to you that WordPress does not send emails, the reason may be the emails are going inside spam.Inquire them to look at their spam folder for emails within the system. Few email clients may recognize emails from WordPress as spam since they are automated.

2. Your Server Isn’t Configured Correctly:

A typical reason why WordPress is not sending emails is your server is not configured for sending.The web servers are not developed for sending emails. Your server may not be configured to utilize the PHP mail() function.It is worth noting that you can effortlessly check if this is the cause of the problem and resolve it.

How to Test Whether the Server Is Sending Email?

The foremost thing you can carry out is to execute a test on your WordPress website through the free Check Email plugin.It is an essential plugin created to test whether your WordPress installation and/or server could send emails or not.After being installed, follow the below path in your WordPress dashboard.

 Tools > Check Email

Now enter your email address to send a test to, and then click on ‘Send test email.’Now you would notice a confirmation.Verify your email client to know whether you have received the test email or not. The subject line would mention “Test email from https://yourdomain.com.”Besides, make sure to look at your junk mail or spam folder. If you got an email, it suggests that WordPress can send emails on your web server.If the emails are still not received, it would probably be a misconfiguration with your contact form plugin or an incompatibility issue. To get assistance, you can contact the plugin developer. Mention to them that you executed the above test and that the email automatically works on your WordPress setup. Alternatively, you can follow the following steps for using any one of the famous contact form plugins.It is easy to know whether it is a compatibility issue or not if you are a Web hosting customer and possessing HHVM. Such users can momentarily switch to PHP 7 to examine the compatibility issue. It is pretty easy to switch to PHP 7 in your MyWeb hosting dashboard. Once the test is done, you can resume to HHVM.When Web hosting customers or those customers with some other hosts face connection problems, they can try an alternative port. The reason can be that host blocking the port.Web hosting utilizes the Google Cloud Platform. By default, this platform blocks outbound connections on port 25. As per Google, the outbound SMTP port remains block because this port is vulnerable to a considerable amount of misuse. For that case, you can try using an alternate port like 2525. The ports 587 and 465 are unlocked at Web hosting.3. Your Contact Form Plugin is Sending ‘Spoof’ Emails:If you have performed the above tests and your server is already configured to send emails, then the problem is with the plugin that sends emails from your WordPress website.Most probably, it would be a contact form plugin.The contact form plugins deliver emails that are occasionally recognized as spoof emails by the email clients. They are identical to the spam emails, and the email clients will ensign them as suspicious.The contact form emails area may be occasionally visible as a spoof. The reason is they are delivered from a different address compared to the one added to the From: field inside the email you get.Hence, if you have configured your contact form to fill the From field through the email address of the individual who fills out the form, however, the email originates from your WordPress site, then the problem is unique. The problem is your email client will be mistrustful of the email and may mark it as a spoof.The problem may occur if emails are sent to and from identical email addresses. Hence, if the situation is that your forms plugin sends out emails from your admin email id and you too configured to deliver them to the particular address, certain email providers may not prefer it. This kind of issue is less probable than the ‘spoof’ emails problem.For contact forms, usually, the receiver of the notification email will be you. The same suggests that you can modify the settings within your contact form plugin to solve the problem. Moreover, you can quickly test whether the emails are received or not.

Contact Form Plugins Affected:

A contact form plugin can be influenced due to the above issue. Below are specific plugins you may face the problem with:

Contact Form 7
Ninja Forms
Gravity Forms
Happy Form
Jetpack Contact Form
weForms
Formidable Forms

The below section discusses how to resolve the problem of emails not sending out for every contact form. First of all, let’s learn about how you fix the problem of WordPress not delivering emails for each of the reasons we recognized.

How to Prevent WordPress Emails from Going to Spam?

1. Whitelist the Email Address:

If email reaches spam, inquire your users to whitelist all your emails by including your email address into their list of contacts.If the email is moved to the inbox in Gmail, it implies that emails from the particular address will not spam in the future. It is pretty safe to add the address to contacts.

2. Use a Safer Email Address:

It may be necessary to assess the email address from which your website is sending the email. As a default, it is vital to evaluate the admin email address. If contact@, info@, sales@, or anything similar, the email providers may consider it spam.Make sure to try altering the email address and let it appear something more professional. Also, make sure any emails delivered to the particular address are switched to your standard address to ensure you don’t miss out on any replies. It is easy to do the same with the creation of an alias of your email address.

3. Set up Email Authentication:

Your domain name may not be authenticated correctly for your email. This can be a reason for WordPress emails reaching spam.

How to Set Up SMTP in WordPress to Send Email?

After executing the email test above, you may find that the emails are not being sent from your site. If this is the issue, then you have to use a third-party SMTP provider. Subsequently, connect it with your site to make sure it resumes sending the emails.SMTP (Simple Mail Transfer Protocol) relocates emails over networks. Hence, if your server is not correctly configured to deliver emails, it makes it possible.There are plenty of SMTP providers to opt from. The free ones are also included in the choice. So, it would help if you dedicated some time.

How to Configure Your Forms Plugin to Send Email Correctly?

The situation arises that your server is configured for sending emails, but there is still an issue with entries to forms not being sent. It may mean that you have to alter the settings for the condition.Let’s learn about what to do for each of the famous forms of plugins to let such emails again.For every of these form plugins, it is assumed that you have attempted to add SMTP to your site. If not, your server is already sending emails (and you already checked the spam folder), but still, the emails are unable to send.

Fix Contact Form 7 Not Sending Emails:

Contact Form 7 is the most famous free WordPress form plugins. It is one of the oldest plugins.To fix the email not sending issue, modify the address from which your emails are sending out.Within your WordPress admin, follow the below path:Contact > Contact FormsChoose the form you created and then open the ‘Mail’ tab.Confirm that the ‘From’ field possesses the admin email address of your website instead of the email address input within the form. The same can be used in the ‘Reply to’ field only.Ensure not to use the same email addresses for the ‘From’ and ‘To’ fields. Try to use a different email address compared to the one you already use for your site.Now save your changes.Examine the result after completing the form on your own.

Fix Gravity Forms Not Sending Emails:

One of the most famous and highly esteemed top-notch form plugins is the Gravity Forms. The possibilities are less to come across problems with emails not delivering from this plugin than the one with Contact Form 7. The plugin documentation shows in-depth guidance.Try out the options in the documentation in sequence until the issue gets solved.

Fix Ninja Forms Not Sending Emails:

Ninja Forms supports both free and premium versions both. There are plenty of add-on plugins. The WordPress repository lets you freely download them.If you face problems associated with emails with Ninja Forms, it is recommended to use the SendWP plugin.The intention behind the design of SendWP is to let SMTP start functioning on your server. The same can be done using free plugins. If the problem is not related to your server not delivering email, SendWP cannot solve it.If you want to stay away from paying $9/month for SendWP, implement the below email troubleshooting guide within their documentation.

Fix HappyForms Not Sending Emails:

HappyForms plugin comes in a free and premium version both. It includes a help guide, but it does not discuss the solution of emails not sending.To modify the email address from which Happy Forms are being sent, you can change email settings for a form separately. The procedure is the same as with Contact Form 7.Follow the below path:HappyForms > All FormsNow choose the form you wish to edit. You will see an interface opened up, and it appears like the Customizer.Now open the ‘Email’ tab.From there, you can modify the ‘To’ and ‘From’ addresses for notifications as well as confirmations. So, you can make sure spoof emails are not being sent.After the changes are implemented, click the ‘Update’ button present at the top and review your form.

Fix weForms Not Sending Emails:

weForms plugin also supports free and premium versions. This plugin allows you to organize the plugin to use email through an assortment of email providers. The collection includes WordPress, SendGrid, etc.There is a troubleshooting guide available to solve the email not sending out the issue. Ensure to follow the guide properly to recognize the cause of the problem and let your emails resume working again.

Fix Jetpack Contact Form Not Sending Emails:

If the Jetpack plugin runs, you may be using the basic contact form provided along with it. This is easy to do with adding a form block to a post or page in WordPress.Jetpack comes with limited options for configuration, unlike the dedicated forms plugins. However, you can alter the address to which emails are sent.Since Jetpack does not use a field from the form within the To or From field, the chances of problems associated with emails are fewer. If the problem occurs, the reason will be you are delivering emails to and from an identical address.After the form is added, click on the editing icon over it. Next, you will see a dropdown menu. Use it to alter the address to which forms are being sent.If you wish to alter the address from which forms are sent, you need to modify the admin email address for your site.

Fix Formidable Forms Not Sending Emails:

Formidable Forms plugin supports a free and premium version. If you are facing emails not sending contact forms in this plugin, then official documentation advises adding SMTP to your website.Have you done it, and still things are not working? Well, it is perhaps because your emails got marked as ‘spoof’ emails. The reason is they are being sent out from an address that is not the exact sending address.

Within the WordPress admin, follow the below path:

Formidable > FormsNow choose the form you wish to edit. Next, you click on the ‘Settings.’ tab available at the top. ‘Actions & Notifications’ tab is present at the side; click on it. From there, open the ‘Email notification’ meta box.Now you can change the address from which the notification emails are sent and from. As a default, it uses the admin email address for both and not an email address used from the form.To modify the address for which the emails are sent, you need to edit the ‘To’ field and manually enter the email address you wish to use.The changes will be saved in the settings screen as you continue doing. Hence, make sure you confirm that you entered correctly.If your emails are unable to send via WordPress, such typical problems can be the root causes.

Summary:

Occasionally WordPress cannot send emails, and you may struggle with what the cause is. This problem is one of the most typical WordPress errors. It can be since the emails are reaching spam, or your server is not configured for sending emails, or maybe the settings of your contact form demand changes.The above guide assists you in evaluating the reason why your WordPress site cannot send emails and lets you fix it. Soon, you must see your emails working correctly.

LATEST ARTICLES

A Comprehensive Guide to Deploying a Next.js Application on Cloudways with GitHub Actions

Strategic Overview

The Modern Web Deployment Triad

The "Git Push to Deploy" Workflow

Preparing the Next.js App

The 'Standalone' Output: A Critical Optimization

Build Output Comparison

Default Build

'Standalone' Build

Final Build Step: Including Static Assets

Provisioning the Cloudways Server

Architecting Secure Access

Principle of Least Privilege

Credential Security Model

Master Credentials

Dedicated App User

Storing Credentials in GitHub Secrets

Constructing the GitHub Actions Workflow

PM2 Command Cheatsheet

Interactive Troubleshooting

Error: "Permission denied (publickey)"

Error: "Connection timed out"

GitHub Action Fails on `npm install` or `npm run build`

PM2 Process Fails to Start or Enters a Crash Loop

Quick Decision Guide

Monthly Cost Comparison (USD)

1. Totally-Free Jamstack

2. Static Site + Object Storage

3. Self-Hosted Open Source

4. Managed Open Source

5. Full-Service SaaS

Cost-Cutting Tips

Your Managed VPS Just Got Downgraded

Root Access

Hour Support SLA

Backup History Slashed

Locked SSH Port

Observability Blackout

"One-Size-Fits-All" PHP

The Escape Routes: Regain Your Freedom

VPS Provider Cheat Sheet: Managed with Root Access

How to Read (and Use) the Grid

Cost vs. Management Effort

Performance Flags That Matter

Location, Location, Location

Migration Friction

Typical Decision Patterns Community Members Ask About

Bottom Line

The working mechanism of Gzip Compression:

Steps to enable Gzip compression a WordPress website through .htaccess file

Configuration Code

Key Details & Next Steps

If your website is hosted on an Nginx server, include the below lines of codes:

How to decrease your website’s HTTP request:

Method-1: Decrease the number of Shopify apps:

Method-2: Lazy image loading:

Method-3: Simplify Store code:

Tips to reduce the HTTP requests:

Also Read:

What is CAPTCHA?

Reasons to Use CAPTCHA for WordPress Login and Registration:

Default vs. Custom WordPress Login and Registration Form

Set-Up of reCAPTCHA in Custom WordPress Login and Registration Form:

Securing Your WooCommerce Login Page using a CAPTCHA:

Including a CAPTCHA on Your Contact Form:

Summary:

The addition of CAPTCHA to your WordPress needs these 3 steps:

What Is a Reverse Proxy?

Info:

Reverse Proxy Server vs. Forward Proxy Server:

Why Use a Reverse Proxy?

Advantages of Using a Reverse Proxy:

Load Balancing:

Global Server Load Balancing (GSLB):

Enhanced Security:

Info:

Powerful Caching:

Superior Compression:

Optimized SSL Encryption: