Staq Infrastructure Overview

Staq is a high performance AWS WordPress Hosting platform. Below is how our infrastructure works.

WPStaq Container

Our infrastructure is built entirely on Amazon Web Services (AWS), using customized AWS EC2 instances within Virtual Private Clouds (VPCs).

Rather than using traditional containerization platforms that have overhead, we’ve built our own high-performance orchestration layer that behaves like a containerized environment — purpose-built for WordPress.

This proprietary system allows each site to dynamically pool and utilize additional AWS resources beyond what’s statically allocated to it. This design provides the efficiency of containers with the flexibility and raw performance of dedicated AWS infrastructure.

We integrate seamlessly with a full suite of AWS services to deliver maximum performance, scalability, and security:

  • CloudFront – Global Content Delivery Network (CDN)
  • S3 – Object Storage for media and backups
  • RDS – Managed Relational Database
  • IAM – Identity and Access Management
  • EBS – High-Performance Block Storage
  • Lambda – Event-driven Serverless Functions
  • ACM – SSL Certificate Manager
  • ElastiCache (Redis) – Managed Caching Layer
  • Shield – DDoS Protection
  • Route 53 – Scalable DNS

Together, these services enable Staq to deliver a hybrid architecture that combines container-like efficiency with the elasticity of AWS — resulting in faster, more stable, and more scalable WordPress performance.

Pooled Resources: A Summary

Our architecture is built on a highly decoupled environment, utilizing multiple AWS services to maximize efficiency and performance.

In this setup, databases and hard disks are independent of the server, allowing the server to focus exclusively on processing tasks, while data management and storage are handled by specialized services like RDS and S3.

While a WordPress site check may show a baseline of 256MB of memory, in reality, each site taps into a vast pool of resources across AWS services such as EBS, RDS, S3, CloudFront, and Cloudflare. This means the true capacity extends far beyond what’s displayed, with resources automatically scaling as needed to meet demand.

Bottom line: By decoupling resources from the server, we deliver unmatched efficiency, scalability, and performance—empowering your site with the full strength of AWS, without being confined to the limitations of a single server.

Our systems are continuously monitored and include automated recovery mechanisms. If any process or service becomes critical, Staq automatically handles cleanup or restarts to restore normal operations.

EC2 Instances: Isolation and Security

Every site runs in isolation, using a unique Linux user with strict permissions to maintain privacy and security. For example, each site is allocated up to 10 simultaneous PHP processes (easily configurable to more), ensuring complete separation from other sites' resources.

Firewall

Our firewall operates across multiple layers — from iptables, NGINX, PHP and WordPress — to intelligently detect and respond to abnormal traffic or code behavior.

When caching is configured correctly, a sudden spike in PHP or CPU usage typically signals a DDoS attack or bot floods attempting to overwhelm resources.

The Staq Firewall automatically analyzes these patterns and takes immediate corrective action — blocking abusive traffic, isolating offending processes, and preserving resources for legitimate visitors.

By combining caching intelligence with automated threat detection, our firewall ensures consistent uptime and stable performance, even under unexpected load conditions.

Auto-Healing and Emergency Recovery

Our platform includes automated recovery systems that monitor every server in real time. When critical thresholds are reached, our internal monitor automatically triggers emergency actions to prevent downtime.

Here’s how it works:

  • Automatic Service Recovery: If Nginx or PHP-FPM becomes unresponsive, the system automatically restarts the affected services.
  • Disk and Process Monitoring: If disk usage exceeds 98% or memory/swap usage crosses defined thresholds, emergency cleanup and recovery actions are executed until stability is restored.
  • EMERGENCY_ALERT Notifications: Our monitoring layer immediately notifies the operations team when critical events occur, ensuring rapid human intervention if needed.
  • Disk Space: Auto increases upon hitting certain thresholds.

These safeguards mean that most issues are resolved automatically, long before they impact uptime.

Burstable Resources & Load Balancers

Our EC2 instances are designed for burstable performance, with no more than 30 live sites per instance to ensure high availability and performance.
Each site benefits from the following resources:

  • Server: A baseline of 4 vCPUs, burstable as needed, 16 GB of RAM, and access to an elastic file system (EBS) for additional memory if needed beyond 16 GB.
  • Database: A baseline of 4 vCPUs and 16 GB RAM via our MariaDB RDS instances.
  • Storage: A baseline of 3,000 IOPS using GP3 SSDs via AWS EBS.

If additional resources are required, please contact us and we can discuss our enterprise plans with you. Our enterprise plans are completely customizable and we can scale effortlessly:

  • Server: Up to 128 vCPUs and 512 GB of memory, with the option to integrate load balancers.
  • Database: Up to 128 vCPUs and 1 TB of RAM.
  • Storage: Up to 16,000 IOPS, 1 GB/s throughput, and a maximum of 16 TB per EBS volume (with up to 28 volumes per instance).

All instances on our platform include continuous monitoring, intrusion prevention systems, and watch dogs, ensuring protection against internal and external threats. Our watch dogs monitor CPU and RAM usage in real-time and can intervene before resource issues affect the entire server.

We also collect performance analytics for each site, accessible from your dashboard. If ongoing abuse is detected, we may recommend upgrading a site to a more suitable plan to maintain stability.

High Availability

For clients requiring full high availability (HA) architecture—such as redundant EC2 instances in different zones, multi-AZ databases, and self-healing clusters—our Enterprise Plan includes bespoke solutions designed specifically for uninterrupted uptime and failover protection.

Pooled Resources: Comprehensive View

In addition to burstable instances, our infrastructure is designed to fully decouple services, utilizing the full spectrum of AWS capabilities for enhanced performance and security. Here’s how:

  • Decoupled RDS databases: Our databases run in a non-public network within the VPC, accessible only by the EC2 instances, and powered by MariaDB.
  • Redis Object Caching: We use Redis to optimize script execution and minimize database requests, enhancing site performance.
  • Built-in Page Caching: Our custom caching system integrates with Nginx at the server level, reducing the need for third-party plugins like WP Rocket.
  • Media Library Offloading: WordPress media files are automatically offloaded to S3, secured by IAM policies, with AWS Lambda handling image optimization serverlessly.
  • DDoS Protection: In addition to Fail2Ban, we use custom-built filters to intelligently block abusive traffic, cross-checking IP behavior and location to ensure precision.
  • CDN Integration: With a click, you can place your entire site behind AWS CloudFront or Cloudflare. This ensures that traffic is cached at the edge, reducing server load and boosting performance, while AWS Shield provides an additional layer of DDoS protection.

Have Questions?

If you’d like to learn more about how our infrastructure works, book a call with us, and we’ll be happy to answer any questions.