Staq Infrastructure Overview

Staq is a high performance AWS WordPress Hosting platform. Below is how our infrastructure works.

WPStaq Container

Our infrastructure is built entirely on Amazon Web Services (AWS), leveraging clusters hosted within Virtual Private Clouds (VPCs) and customized AWS EC2 instances. These integrate seamlessly with a range of AWS services to ensure optimal performance and security:

  • CloudFront - Content Delivery Network (CDN)
  • S3 - Object Storage
  • RDS - Managed Relational Database
  • IAM - Identity and Access Management
  • EBS - High-Performance Block Storage
  • Lambda - Serverless Computing
  • ACM - SSL Certificate Manager
  • ElastiCache Redis - Managed Caching for Redis
  • Shield - DDoS Protection
  • Route 53 - Scalable DNS

Together, these services allow us to offer exceptional performance, security, and scalability to our users.

Pooled Resources: A Summary

Our architecture is built on a highly decoupled environment, utilizing multiple AWS services to maximize efficiency and performance.

In this setup, databases and hard disks are independent of the server, allowing the server to focus exclusively on processing tasks, while data management and storage are handled by specialized services like RDS and S3.

While a WordPress site check may show a baseline of 256MB of memory, in reality, each site taps into a vast pool of resources across AWS services such as EBS, RDS, S3, CloudFront, and Cloudflare. This means the true capacity extends far beyond what’s displayed, with resources automatically scaling as needed to meet demand.

Bottom line: By decoupling resources from the server, we deliver unmatched efficiency, scalability, and performance—empowering your site with the full strength of AWS, without being confined to the limitations of a single server.

EC2 Instances: Isolation and Security

Every site runs in isolation, using a unique Linux user with strict permissions to maintain privacy and security. For example, each site is allocated up to 10 simultaneous PHP processes (easily configurable to more), ensuring complete separation from other sites' resources.

Burstable Resources & Load Balancers

Our EC2 instances are designed for burstable performance, with no more than 30 live sites per instance to ensure high availability and performance.
Each site benefits from the following resources:

  • Server: A baseline of 4 vCPUs, burstable as needed, 16 GB of RAM, and access to an elastic file system (EBS) for additional memory if needed beyond 16 GB.
  • Database: A baseline of 4 vCPUs and 16 GB RAM via our MariaDB RDS instances.
  • Storage: A baseline of 3,000 IOPS using GP3 SSDs via AWS EBS.

If additional resources are required, please contact us and we can discuss our enterprise plans with you. Our enterprise plans are completely customizable and we can scale effortlessly:

  • Server: Up to 128 vCPUs and 512 GB of memory, with the option to integrate load balancers.
  • Database: Up to 128 vCPUs and 1 TB of RAM.
  • Storage: Up to 16,000 IOPS, 1 GB/s throughput, and a maximum of 16 TB per EBS volume (with up to 28 volumes per instance).

All instances on our platform include continuous monitoring, intrusion prevention systems, and watch dogs, ensuring protection against internal and external threats. Our watch dogs monitor CPU and RAM usage in real-time and can intervene before resource issues affect the entire server.

We also collect performance analytics for each site, accessible from your dashboard. If ongoing abuse is detected, we may recommend upgrading a site to a more suitable plan to maintain stability.

Pooled Resources: Comprehensive View

In addition to burstable instances, our infrastructure is designed to fully decouple services, utilizing the full spectrum of AWS capabilities for enhanced performance and security. Here’s how:

  • Decoupled RDS databases: Our databases run in a non-public network within the VPC, accessible only by the EC2 instances, and powered by MariaDB.
  • Redis Object Caching: We use Redis to optimize script execution and minimize database requests, enhancing site performance.
  • Built-in Page Caching: Our custom caching system integrates with Nginx at the server level, reducing the need for third-party plugins like WP Rocket.
  • Media Library Offloading: WordPress media files are automatically offloaded to S3, secured by IAM policies, with AWS Lambda handling image optimization serverlessly.
  • DDoS Protection: In addition to Fail2Ban, we use custom-built filters to intelligently block abusive traffic, cross-checking IP behavior and location to ensure precision.
  • CDN Integration: With a click, you can place your entire site behind AWS CloudFront or Cloudflare. This ensures that traffic is cached at the edge, reducing server load and boosting performance, while AWS Shield provides an additional layer of DDoS protection.

Have Questions?

If you’d like to learn more about how our infrastructure works, book a call with us, and we’ll be happy to answer any questions.