The following softwares are used in conjunction with WordPress to make site building easy.


Cloudflare is a popular tool for securing access to hosted resources. Cloudflare sits between DNS resolution and the web server(s), preventing an array of web-based security threats, especially denial of service (dos) attacks. Cloudflare also increases website speed by distributing static assets across its own content delivery network (cdn).

Cookie Notice

While plugins like WPMUDEV's Branda Pro can provide cookie notices, we prefer to use Cookiebot, which scans your website for cookies and categorizes them for easy use by your visitors. This helps maintain transparency and legal compliance.

Custom Fields and Post Types

We typically use Pods for creating custom data structured but Advanced Custom Fields is also available to you. There tools make data management easy, allowing for a more maintainable website.

Data Visualization

WP Data Tables is a fancy table and graph generator that will display your data in a very user-friendly layout.


Antivirus is crucial for any public facing service. Beyond the layers of firewalls and other security measures employed by Web Infrastructure, server filesystems are also regularly scanned and protected by ESET's server security.


Gravity Forms and Gravity Perks are great for collecting user input and building workflows. You can even use these to build custom APIs, especially if you're willing to throw veneer of Django in front of your website.

Google Workspace

It's Google. While Web Infrastructure doesn't use the Google Cloud Platform, it does use Google Workspace for managing and securing email. Domain Key Identified Mail (DKIM) and the Sender Policy Framework (SPF) are provided by Google Workspace the Gmail API. Mail is sent via Gmail's Simple Mail Transfer Protocol (SMTP) servers.

Google is also used for analytics and off-site storage of service data.


Kubernetes provides scheduling and server management: allowing hardware to be scaled independently of hosted services.


Updates can be hard to manage at scale. Luckily, Canonical's Landscape makes server updates and management relatively trivial and can be deployed entirely on premises.


MainWP simplifies the maintenance and operation of the numerous websites we manage. This helps keep your site both up to date and more secure.


Services can be reliably addressed within the globally distributed Kubernetes cluster through MetalLB provided ip addresses. This abstracts the cluster provided resources away from the hosting mechanisms making them easier to consume.


Rclone is a magic software that allows accessing remote cloud storage as if it were local. Rclone is used at the server level for moving snapshots of raw files to remote data centers (i.e. Google).

Search and Filter

Search WP and Facet WP make it simple for your visitors to find what they need.

Site Builder

The Web Infrastructure site builder is a white labeled version of Beaver Builder: a fantastic front end development tool that allows for templating and fast development.

To make your Site Building experience even better, we add Beaver Themer and Power Pack to a custom Beaver Builder Theme.


The data required to run a web service, such as files and databases, must be replicated across all servers capable of hosting that service. Presently, Syncthing is used for this replication. Syncthing allows encrypted, peer to peer (p2p) data synchronization and doesn't leak data to any external company. Beyond that, it plays very nicely with the other tools used in this architecture. Unfortunately, Syncthing requires full file replication, instead of sharding data, and can cause services to break when hosted by multiple services. It can also, occasionally, break services by not fully replicating metadata, such as proper ownership permissions. Because of these flaws, a better suited solution for data replication within the Web Infrastructure is being developed; that project is the Cache Tier File System.


Termageddon provides auto-updating legal policies (e.g. a privacy policy) that clarify how you use your visititors' data.


To ensure safe communication between servers over the open internet, software communication is encapsulated within a Tinc mesh virtual private network (vpn). As a mesh vpn, servers communicate directly with each other when possible and route traffic through other servers on the network when it is not. This also means that any server can fail and traffic will be routed around the failed server automatically, preventing any downtime in communication.


Ingress routing across the globally distributed cloud is reliably handled by Traefik. Traefik runs as a daemon set on all service nodes and is exposed as a load balancer within the cluster vpn. This allows additional firewall servers to bridge the gap between the public network and the cluster by forwarding all incoming traffic to Traefik.

Updraft Plus

Updraft Plus can be a lifesaver. It provides automated backups that can be used for both rollbacks and migrations

WP All Import / Export

WP All Import and WP All Export allow you to create wordpress data from a spreadsheet as well as download your wordpress data as a spreadsheet.