Hosting & Infrastructure
Scottsdale Mint is hosted on Ymir, a serverless WordPress hosting platform built on AWS. Ymir manages Lambda function packaging, deployment, Aurora database provisioning, Redis cluster setup, S3 file storage, and CloudFront CDN configuration.
Request Flowโ
All inbound traffic passes through the following layers before reaching WordPress on Lambda:
Visitor โ Imperva WAF โ Amazon CloudFront โ AWS Lambda (WordPress)
- Imperva WAF โ First line of defence. Filters malicious traffic, DDoS mitigation, bot management, and IP reputation checks before any request reaches AWS.
- Amazon CloudFront โ CDN for performance. Caches static assets and cacheable pages at edge locations, handles SSL termination, and routes uncached requests to Lambda.
- AWS Lambda โ Executes WordPress to generate the response.
CloudFront is used for performance and request routing, not as a security firewall. Security filtering is handled entirely by Imperva upstream.
Ymir Configuration (ymir.yml)โ
The ymir.yml file at the repository root defines all infrastructure settings for every environment.
Productionโ
environments:
production:
domain: www.scottsdalemint.com
architecture: x86_64
concurrency: 800
gateway: false
deployment: image
website:
memory: 4096 # MB
timeout: 120 # seconds
console:
memory: 1024
timeout: 600
database:
server: scottsdalemint-aurora-prod
name: wordpress
cache: scottsdalemint-prod-v2
cdn:
caching: enabled
process_images: enabled
cookies_whitelist:
- woocommerce_cart_hash
- woocommerce_items_in_cart
- woocommerce_recently_viewed
- wp_woocommerce_session_*
excluded_paths:
- /uploads/elementor/*
- /addons
- /cart
- /checkout
- /my-account
forwarded_headers:
- origin
- authorization
- x-http-method-override
- x-wp-nonce
cron: 1
warmup: 100
build:
commands:
- composer install --no-dev
include:
- web/app/plugins/woocommerce
Staging & Developmentโ
| Setting | Staging | Development |
|---|---|---|
| Domain | staging.scottsdalemint.com | dev.scottsdalemint.com |
| Concurrency | 100 | 80 |
| Memory | 2048 MB | 2048 MB |
| Database Server | scottsdalemint-aurora-dev | scottsdalemint-aurora-dev |
| Database Name | wordpress_stg | wordpress_dev |
| Redis | scottsdalemint-dev-v2 | scottsdalemint-dev-v2 |
| Warmup | 40 requests | 20 requests |
AWS Services Usedโ
AWS Lambdaโ
- WordPress runs as Docker image-based Lambda functions (
deployment: image) via Ymir's container runtime - Each request is a fresh Lambda invocation โ no shared memory between requests
- Lambda image is built from
composer install --no-devand includes the WooCommerce plugin bundle - Lambda runs in your AWS VPC to access Aurora and Redis privately
Amazon Aurora MySQLโ
- Production:
scottsdalemint-aurora-prodโ Dedicated Aurora cluster, databasewordpress - Dev/Staging:
scottsdalemint-aurora-devโ Shared Aurora cluster (wordpress_stg/wordpress_dev) - Aurora provides automatic failover, read replicas, and point-in-time restore
- WordPress connects via
DB_WRITER_HOST(writes) andDB_READER_HOST(reads)
Amazon S3โ
- Uploads: All media library uploads are served from S3 (Ymir manages this automatically)
- KYC Documents: Customer identity verification documents are uploaded to a private S3 bucket
- Lambda packages: Ymir stores Lambda deployment packages in S3
Valkey / Redis (ElastiCache)โ
- Production:
scottsdalemint-prod-v2โ Dedicated Redis cluster - Dev/Staging:
scottsdalemint-dev-v2โ Shared Redis cluster - Client: Relay (PHP extension for high-performance Redis; RESP3 protocol)
- Compression: Zstandard (
zstd) โ fast, high-ratio compression - Serializer: igbinary โ compact binary PHP object serialization
- Use: Object cache (WP transients, WC sessions, query results), rate limiting
Amazon CloudFront CDNโ
CloudFront sits between Imperva and Lambda. Its role is performance and request routing, not security:
- Static asset caching โ CSS, JS, images served from edge locations
- HTML page caching โ Product and category pages cached at edge
- Image processing โ On-the-fly image resizing and optimization
- WooCommerce session awareness โ Cookies whitelisted so logged-in cart state is preserved:
woocommerce_cart_hashwoocommerce_items_in_cartwoocommerce_recently_viewedwp_woocommerce_session_*
- Cache bypass โ Checkout, cart, and My Account are never cached at CDN
- Header forwarding โ
origin,authorization,x-http-method-override,x-wp-nonce
Cache Bypass Pathsโ
These paths always bypass CloudFront and hit Lambda directly:
/uploads/elementor/*/addons/cart/checkout/my-account
Cron Jobsโ
WordPress cron is disabled (DISABLE_WP_CRON=1). Ymir runs scheduled WordPress cron tasks via its built-in cron system (cron: 1 in ymir.yml).
Critical scheduled tasks:
- Price update endpoint is called by the external Laravel pricing middleware every minute (external cron, not Ymir)
- WooCommerce order cleanup, email resend, etc. run via Ymir's cron runner
Deploymentโ
All deployments are triggered via Bitbucket Pipelines โ developers do not run Ymir deploy commands locally. See the full Deployment Guide for details.
IP Address Handlingโ
The site sits behind both Imperva WAF and Amazon CloudFront. The web/wp-config.php file correctly resolves the real visitor IP:
// Priority 1: CloudFront viewer address header
// Priority 2: Imperva / proxy connecting IP header
// Fallback: REMOTE_ADDR (direct connection)
Always use WC_Geolocation::get_ip_address() in custom code โ never use $_SERVER['REMOTE_ADDR'] directly, as it will return the CloudFront or Imperva edge server IP.
Environment Isolationโ
Each environment (production, staging, development) is fully isolated:
- Separate Aurora databases
- Separate Redis clusters (dev/staging share one cluster with different key prefixes)
- Separate S3 buckets for uploads
- Separate CloudFront distributions
- Separate Lambda function stacks
Plugin behavior also differs by environment โ see Configuration: Environments for details.