Azure is Microsoft’s public cloud. It provides Infrastructure as a Service (IaaS) solutions, where you can rent computing power on demand, but it also has advanced Platform as a Service (PaaS) capabilities to run applications and services on the cloud with Microsoft Azure configuring and managing different aspects behind the scenes.
Microsoft provides a 30-day free trial with a $200 allowance to spend on Azure cloud products. This should be enough to get you started and show you how the Microsoft Azure cloud works for your WordPress site.
What if you're looking to try WordPress, but you're worried about losing access to the site after 30 days? The solution: Try letting us clone your website to a staging area to speed test.
Setting Up a Basic WordPress App on Microsoft Azure
This involves creating a WordPress Web App using the web application gallery on Microsoft Azure. The steps to create a free Microsoft Azure WordPress application are:
1. Create a Microsoft Azure account.
2. Create a new WordPress template from the Azure Portal, create a resource
3. Search for WordPress, select WordPress and choose "create"
4. Define the WordPress app initially with the default MySQL database
5. Start the app and define the admin username and password. Once completed, you will get a notification that will let you go to the resource.
6. This will take you to the dashboard to manage the site, click the URL on the page to begin installing WordPress, and select your preferred language.
Making Your Microsoft Azure WordPress Site Production-Ready
This setup works for a basic, low traffic WordPress website. Making WordPress on Azure production-ready and able to scale up requires technical expertise, and it can be prohibitively complex. If you are looking to scale up your site and make it secure you will need to set up additional applications.
Scalability is critical to handling the traffic demands your site will face once it is launched.
A content delivery network (CDN) is a vital part of any scalable website. Rather than requests coming all the way to a primary datacenter, a CDN serves pages from a location much closer to the end-user. This significantly speeds up the time it takes to render a web-page. This can be done on Azure by purchasing and setting up the Azure Content Delivery Network (CDN).
To handle traffic spikes, you need to decide how to distribute traffic across the available PHP app servers. On Azure you will need to purchase and configure an Azure Load Balancer, so the traffic can be properly spread across your servers.
The load balancer needs to send users to a cluster of identical virtual machines (VMs), where the code can be run. The amount needed will depend on incoming traffic. You will want to use Azure virtual machine scale sets to create and manage these identical VMs.
In addition to having a location for the code to run, you will need a file share to store the files and assets for the sites — in such a way that all the VMs have access. You will want to setup and configure Azure Files to handle all the WordPress files and make them available to the virtual machine scale set.
In addition to setting up the site for scalability, additional steps should be taken to secure the site so it is safe.
To allow all these apps to communicate together, you will need a way to safely store the tokens and credentials needed. On Azure, Azure Key Vault is the recommended solution for this.
All of those VMs need a safe network to use when they are communicating with one another. Using Azure Virtual Network allows your VMs to communicate with one another — without worrying about exposing that data to malicious actors.
Following the principle of least privilege, it is important to set up access limitations for users and applications. This can be done on Azure by using their Network security groups to set the correct permissions for each group, then assigning all users and applications to the appropriate groups.
Many organizations need to centrally manage their users’ identities and provide seamless integration across multiple applications. Numerous NWMC customers, including higher educational institutions, school districts, local governments, and other groups use a variety of single sign-on (SSO) solutions. On Azure that SSO is most likely Active Directory. Azure Active Directory can be integrated into your WordPress setup so users can use their AD login.
The goal is to end with an environment similar to this setup recommended by Microsoft:
This setup allows you to have a secure and highly scalable WordPress website on Azure. If you would rather not manually setup and configure all the applications you can use NW Media Collective's which comes configured out of the box to be highly scalable and secure.
WordPress on Azure—What’s Missing
Following the above steps will give you a scalable instance of WordPress running on Azure. However, it will be missing a number of important additional tools:
Multiple environments with feature parity: The above recipe gives you only one instance of your WordPress site. If your organization expects to have testing, verification, and/or development environments that accurately represent the way your site will work on the production environment, you will need to replicate this setup several times over.
Code deployment: You will also need to set up and manage your own system for moving code from Development to Test to Live. We recommend using git-based deployments.
Automated Backups: Automated, scheduled backups are an important part of any enterprise-grade WordPress setup.
Performance Monitoring: Serious websites need tools to monitor and troubleshoot problems.
Disaster Recovery: Keep your WordPress site live in the event of a disaster by distributing it across multiple availability zones.
World-class Support: If you do set up all of the above, you will also need to own your technical support; you are solely responsible to diagnose and address issues arising from keeping all of these puzzle pieces working together.