Selected Work
Eight production case studies.
01 · Infrastructure · Production
Multi-Domain Infrastructure Consolidation
Migrated a dental industry platform from eight scattered
legacy domains onto a single consolidated structure.
Covered
WordPress Multisite configuration
across three canonical sites, fifteen-plus SSL
certificates via Let's Encrypt, path-preserving 301
redirects, and hash-based SPA redirect handlers written
in static HTML because hash fragments never reach the
server.
Server hardening covered SSH key-only access on a
non-standard port, UFW, Fail2ban, unattended security
upgrades, MariaDB socket authentication, and
rate-limited Nginx blocks for login and AJAX endpoints.
Zero downtime during migration. Automated deploy
pipeline through GitHub Actions replaced manual SFTP.
Full runbook delivered alongside the infrastructure.
Nginx
PHP-FPM 8.4
MariaDB
Let's Encrypt
GitHub Actions
WordPress Multisite
Ubuntu Server
02 · Platform · Offline-First System
Restaurant Management Platform Multi-Tenant PWA
Offline-capable restaurant operations system serving
multiple merchants with three distinct interfaces: admin
dashboard, handheld POS, and customer QR ordering. A
single Firebase Hosting deployment serves three custom
domains through runtime hostname detection and route
filtering.
The offline layer runs on Raspberry Pi using SurrealDB,
keeping service available when the internet goes down.
Role-based access control through Firebase custom claims
covers five roles across platform and merchant scope.
Production-to-staging migration tooling was built for
safe testing with real client data, excluding user and
session collections by design.
Three production environments with automated deployment
workflows. Documented migration procedures replicated by
the team without my involvement.
Firebase
Firestore
SurrealDB
Fastify
React
TypeScript
Playwright
pnpm Workspaces
Raspberry Pi
03 · Infrastructure as Code · AWS
Symfony Application Three-Environment AWS Architecture
Production Symfony cohort-based learning platform with
dev, staging, and production environments. Production
runs dual instances behind an Application Load Balancer
with shared Redis session storage, RDS PostgreSQL, and
S3-backed file storage. The entire stack provisioned
through Terraform.
Cross-VPC networking took an eight-hour troubleshooting
session covering security groups, route tables, peering
non-transitivity, and NAT gateway limitations. The
working solution RDS in public subnets with strict
security group restrictions went against the standard
playbook but was the right call for the constraints.
Runbook delivered with architecture diagrams and command
reference. Deployment time dropped from eight hours to
roughly one hour for subsequent environments.
Terraform
AWS Lightsail
RDS PostgreSQL
ALB
Redis
Symfony 7
Nginx
GitHub Actions
04 · Reliability · Observability
Production Monitoring Rollout
Built out Prometheus and Grafana for
the Symfony platform SLIs mapped to user-facing outcomes
rather than raw HTTP codes, SLOs with error budgets, and
the four golden signals applied to each service.
node_exporter and Prometheus run as systemd services on
Ubuntu.
First observability stack for the platform. The
framework carries across every future service the team
deploys.
Prometheus
node_exporter
Grafana
systemd
Ubuntu Server
05 · Automation · CI/CD
Deployment Pipelines Across 300+ Production Systems
GitHub Actions and GitLab CI/CD workflows covering
WordPress, Laravel, Symfony, React, and Next.js
applications. Build stages run on GitHub runners, rsync
deployment uses SSH deploy keys with restricted scopes,
and post-deploy hooks handle cache invalidation and
health verification.
A reusable WordPress workflow was extracted into its own
repository and adopted across client projects. Email
notifications on every deploy provide a paper trail with
commit diffs, author attribution, and links to the
commit or pull request.
Deployment errors reduced by roughly 90%, manual work by
60%. 99.7% uptime maintained across the managed fleet.
GitHub Actions
GitLab CI/CD
rsync
SSH Key Management
Node.js
Shell Scripting
06 · Incident Response · Recovery
Compromised WordPress Recovery Four-Hour Window
Client's WordPress site was compromised hours before a
campaign launch. Malicious code scattered across the
filesystem, injected content in the database, and the
original backup also affected.
Clean recovery required sanitising the database,
rebuilding affected files from a known-good source,
rotating all credentials, hardening wp-admin access, and
installing an automated backup system before the site
went back online.
Site restored with thirty minutes to spare. Campaign
launched on schedule. Client still refers new work years
later.
WordPress
MySQL
Linux Forensics
Security Hardening
Automated Backups
07 · Performance · E-Commerce
WooCommerce Performance Recovery
Page load times at 8+ seconds, conversion rates
declining, database bloated to 400MB of transient data
and orphaned revisions. Fix covered database cleanup,
image optimisation (8.2MB → 1.4MB assets), strategic
Redis caching, CDN integration, and Nginx FastCGI tuning
for the theme's response size.
Load time down to 2.1 seconds. Client reported a 35%
increase in conversions. The approach became standard
preventive maintenance across their other sites.
WordPress
WooCommerce
MySQL Optimisation
Redis
Nginx
CDN
08 · Cost Optimisation · Infrastructure
Infrastructure Right-Sizing 93% Monthly Cost Reduction
A production Symfony platform was heading toward a
Docker and ECS deployment. Before any provisioning
began, a cost analysis was run against the actual
workload: traffic patterns, compute requirements, and
the real cost of running managed container
infrastructure at that scale.
The analysis showed ECS was significantly
over-engineered for the use case. The recommendation was
pushed back with data a
Lightsail-based architecture behind an
Application Load Balancer covered all requirements at a
fraction of the cost. The decision was made before a
single resource was provisioned, which is the only time
it costs nothing to change direction.
Monthly infrastructure cost reduced from roughly £1,000
to £80. Full Terraform provisioning delivered. No
capability was lost in the trade-off.
Terraform
AWS Lightsail
ALB
RDS PostgreSQL
Symfony
Cost Analysis