Anyone who manages WordPress sites knows how critical it is to keep them secure. Every day thousands of sites get hacked. The consequence of that are often disastrous. They range from lost income to Google blacklisting the WordPress site.
WordPress itself has always been very secure. But we never use WordPress in a vacuum. We install themes and plugins. We need to host the WordPress site somewhere. All these are potential attack vectors that someone can use to hack your WordPress site.
Because of its nature, serverless PHP makes a lot of these attack vectors irrelevant. This is another reason why it can be a great way to host a WordPress site. (Besides the ridiculous scaling potential.) It doesn’t matter whether you’re using Ymir or not.
But how can serverless PHP can help keep your WordPress site secure? Well, the best way to understand is by going over serverless PHP architectural elements and how they affect these attack vectors.
Serverless computing is a new cloud computing model centred on Functions as a Service (FaaS). A serverless PHP application is simply a PHP application that runs on one of those serverless computing platforms. But what’s so special about it, and why is there interest in using it instead of a regular server for PHP?
There are a lot of different hosting services. You can pay for a server on DigitalOcean or some other some other cloud provider. This is often the cheapest option, but then you have a server to manage.
If you don’t want to do that, you can use a Platform as a Service (PaaS) like Heroku. You tell them how big of a server you want and they take care of the rest. On your end, you just need to deploy your code and that’s it. WordPress hosting works similarly.
While platforms as a service help you worry less about your server, they don’t completely remove all server issues. You still have to wonder if you can handle spikes in traffic. That’s because most of these services won’t scale automatically to handle these scenarios.
Serverless computing offers a solution to this problem. It distills your cloud computing needs to its barest essence. Your cloud provider will run your code on-demand and only charge you for that.
This lets you only pay for what you use. (If your site receives no traffic, you pay nothing.) This architecture also lets you scale infinitely. In fact, serverless computing can scale to handle thousands of visitors almost instantly.
This is a transformative change for all programming languages. But even more so for PHP, since it’s a language uniquely positioned to leverage the benefits of serverless. Let’s explore why that is.
Serverless computing isn’t discussed much in the WordPress community. But it has the potential to transform how WordPress sites scale and perform.
No WordPress platform has more to gain from serverless computing than WooCommerce. Hosting a WooCommerce site comes with unique challenges that you don’t have when hosting a regular WordPress site. That’s why a lot of managed WordPress hosting companies started to offer dedicated WooCommerce hosting.
Serverless is the perfect technological solution to tackle those challenges. That’s why you’ll probably start hearing more and more about it.