Deploy Production WordPress on Azure with High Availability

Architecture Overview

This architecture runs WordPress on Azure App Service, which provides managed hosting with built-in auto-scaling, health monitoring, and deployment slots. App Service handles the web tier complexity: load balancing across instances, automatic OS patching, and scaling from a minimum number of instances up to a configurable maximum based on CPU or request count metrics.

The database tier uses Azure Database for MySQL with automated backups and read replicas. Read replicas offload query traffic from the primary database, which matters for WordPress because most traffic is read-heavy (page views) with occasional writes (content publishing, comments). Automated backups provide point-in-time recovery in case of data corruption or accidental deletion.

Media files are stored in Azure Blob Storage and served through Azure CDN. WordPress’s default behavior of serving uploads from the application server creates a bottleneck at scale. Offloading media to Blob Storage with CDN delivery means static assets are served from edge locations close to visitors, reducing page load times and freeing App Service instances to handle dynamic PHP requests.

App Service and Auto-Scaling

Azure App Service runs WordPress with auto-scaling configured to maintain performance during traffic spikes. A minimum instance count (typically two) provides redundancy, while the maximum scales up to handle peak loads such as marketing campaigns or viral content. Scaling rules respond to CPU utilization, memory pressure, or HTTP queue depth, adding instances before performance degrades.

Managed MySQL Database

Azure Database for MySQL provides a fully managed relational database with automated daily backups, point-in-time restore, and configurable retention. Read replicas handle the read-heavy WordPress query pattern, reducing load on the primary instance. Connection credentials are stored in Azure Key Vault rather than in WordPress configuration files, preventing credential exposure in version control or server logs.

CDN and Media Storage

Azure CDN caches media files at edge locations globally. WordPress plugins or configuration direct media uploads to Azure Blob Storage, and CDN pulls content from Blob Storage on first request, then serves it from cache on subsequent requests. This architecture handles media-heavy sites (image galleries, video thumbnails, downloadable assets) without scaling the App Service tier for static content delivery.

Application Gateway with WAF

Azure Application Gateway with WAF enabled sits in front of App Service, inspecting incoming traffic for common web attacks: SQL injection, cross-site scripting, and other OWASP Top 10 vulnerabilities. WordPress is a frequent target for automated attacks, and WAF provides a security layer that does not require application-level changes or security plugins.

Common Customizations

• Add a staging slot: Request a deployment slot for staging and content preview, enabling blue-green deployments where content editors can review changes before swapping to production.
• Enable Redis caching: Ask for an Azure Cache for Redis instance to cache WordPress object and page caches, reducing database queries and improving response times for logged-out visitors.
• Configure custom domain and SSL: Extend the prompt to include custom domain binding with a managed SSL certificate through App Service or Application Gateway.
• Add email delivery: Request an integration with SendGrid or Azure Communication Services for reliable transactional email delivery (contact forms, password resets, comment notifications).