WordPress: Caching, Internet Bots and Database issues

WP Supercache works very nice and has a lot of config options including a preload to cache all wordpress pages. One of my blogs however recieves average traffic and that coupled with the fact that I use tla, I didn’t want to use the preload option. The problem was that a lot of (malicious spamming) bots hit the blog very infrequently and requested 10’s of pages in a second. This caused lots of mysql-slow queries and other database related issues and caused an OOM before on my VPS.

While there are a number of solutions and approaches, below is the one I have taken and proves to be very reliable.

Solution to malicious bots hitting wordpress blogs and preventing mysql issues

The blog in question had its own mysql database and as a result I could limit the number of simultaneous mysql connections made by the blog.

mysql -u root -h localhost -p
mysql> show grants for myblog@'localhost';
mysql> grant usage on myblog.* to myblog@'localhost' with max_user_connections 5;

To test this, I opened 20 tabs in Firefox and went to a different page of the blog. I cleared the wp-supercache, logged out, and then right-clicked on one of the firefox tabs and went “refresh all”. All 20 tabs reloaded the different blog pages and posts. On some of the tabs I seen “Error establishing database connection”. This showed that the max_user_connections setting worked.

To test: Reload all open Tabs in Firefox

Wordpress default Database Error dialog

Custom MySQL Database error for WordPress

So on the rare occassion of a genuine reader seeing the “Error establishing a database connection”, I wanted a more friendly error with a retry option. Digg and twitter all have their own custom errors to cover such a scenario.

Digg's Custom Error Page

Twitter's Custom Error Page

 

Fortunately wordpress has this already thought of this and has a special page which it can show if it fails on a database connection.

Location of Script: /wp-content/db-error.php

In my custom db-error.php script I do:

  • Send a 503 Service Temporairly Unavailable (so search engines will not index the error page, and will recrawl the site again)
  • Send an email to me so I can monitor how many of these errors occur
  • Show a logo, some text, and a retry link.

<?php
header('HTTP/1.1 503 Service Temporarily Unavailable');
header('Status: 503 Service Temporarily Unavailable');
mail("youremail@email.com","Blog DB Error","There is a problem with the db!","From: yourblog@email.com");
?>
<!DOCTYPE HTML>
<html dir="ltr" lang="en-US">
<head><title>503 Service Temporarily Unavailable</title></head>
<body style="width:600px;margin:auto;margin-top:50px;">
<img src="http://yourblog.com/logo.jpg" />
<h1>Looks like we're getting a lot of database requests.</h1>
<p><a href="javascript:location.reload(true)">
Click to refresh and try load the blog again.</a></p>
</body>
</html>

Of course all going well, most users will recieve a wp-supercached page. This above is for internet bots who hit the blog 10’s and 100’s of times in the space of a second. I can also watch the email messages with the errors and verify the IP of who triggered it. I can then raise max_user_connections as needed to give more resources to the blog db without it overloading all of mysql on my VPS.

Note: this won’t affect google bot or any other genuine bots or web crawlers. It’s primarily aimed at bots who hammer wordpress blogs with many referrer URLs.

Posted in IT, Web Development | Tagged , , | 2 Comments

Installing and Updating WordPress with SVN from the Linux CLI

I’ve been using wordpress since the early 2.x releases. One thing that used to get me down was having to apply all the updates to wordpress as they were especially frequent in 2.x release. While wordpress has an automatic update option now, it only uses FTP or SFTP. I only use SCP over SSH myself for uploading and storing files to my VPS.

SVN however provides a very easy method to install and update your wordpress blog. While there are SVN applications such as tortise svn, I do a lot of SVN using the CLI.

Initial Install of WordPress

mkdir ~/public_blog
cd public_blog
svn co http://core.svn.wordpress.org/tags/3.1.1 .

Update WordPress from SVN to the latest version

cd ~/public_blog
svn sw http://core.svn.wordpress.org/tags/3.1.2 .

Notes

If you want to see the latest available version of wordpress, browse directly to http://core.svn.wordpress.org/tags/Then if there is a later version available use the svn switch (sw) command above.

Further Information

http://codex.wordpress.org/Installing/Updating_WordPress_with_Subversion
http://codex.wordpress.org/Using_Subversion
http://mark-kirby.co.uk/2008/how-to-install-wordpress-using-ssh-and-svn/

Posted in IT, Web Development | Tagged , , | Leave a comment

Quick Disk Benchmark for Windows (no setup required)

For a quick benchmark of a local disk, or network share on a Windows computer, there is a small application you can use. It requires no installation or setup. Just download, run the exe, and click “Start”. Wait a few minutes and you will have the Read and Write speeds listed in Megabytes.

The application is called ATTO Disk Benchmark (bench32.exe). While it is an old application, it had worked perfectly for me on all Windows installs, x32 and x64. I tried using newer versions, however they didn’t seem to like testing a Network drive (via Mapped Network Drive). The v2.34 version to which I have linked here does work OK with Network Drives.

When people think that working across a network with large files should be fine, I get them to run this Disk app which shows clearly the difference between local hard disk speed and the read and write speed across a network.

Note: The Disk Benchmark utility uses MegaBytes. This is not to be mixed up with MegaBits. If a computer is connected to a Network at 100Mbps (the small b, means bits and not Bytes). Divide Mbps (megabits per second) by 8, to get MB/sec (megabytes per second).

Click here to download the Archive Download Link (64kB .exe file)
Try downloading it and seeing how fast your Local or Network disks are.

Sample Results

The disk benchmark tool starts reading and writing small files, and progresses to reading and writing larger files. Lots of small files takes longer to read and write compared to one single large file for example.

ATTO Disk Benchmark results on Western Digital 1TB Hard Drive - Medion 8855

ATTO Disk Benchmark results on SanDisk Cruzer 4GB USB Key

ATTO Disk Benchmark results on Seagate 160GB ST3160812AS - Dell 390

Disk Benchmark results on Seagate 160GB ST9160412ASG 2.5inch - Dell M6500

Posted in IT | Tagged , , , , , , | 3 Comments

Hetzner vServer (VPS)

Hetzner recently started offering VPS (Virtual Private Servers) since October 2010. Being a Hetzner customer and avidly interested in virtualization, I was keen to find out what setup they had in place and what functionality they offered VPS customers (I’m thinking of moving from Xen to KVM myself). While they did offer 1 month free during their testing phase back in May 2010, I found out a little too late. Over the Christmas I had some time, so I said I’d try the VQ7 for a month. Below is the information I gleaned from the VPS itself and the Hetzner Forums. Note the VPSs and (host) setup may have been changed since. This information is valid for a VQ7 obtained in December2010-January2011.

VQ7 VPS General Information

  • Single Core (see setup information below for MHz)
  • 1 IP Address
  • 512MB Ram
  • 20GB Hard Disk
  • 100Mbit Network Card
  • 1TB Traffic per Month (If exceeded the speed is reduced to 10Mbps)
  • €7.90 per month (setup of €19.90 Doesn’t seem to be a setup fee anymore. July2011)

Tools to Manage VPS

  • VNC Console Available
    The control panel opens a VNC applet connecting to the KVMhostIP on VNCssl (159XX)
    After the applet was open, the URL address bar showed the KVMhostIP I was connected to.
    I found that you can connect manually using a VNC client over non ssl to the KVMhostIP on port 59XX
    With a quick telnet test, I found there were 25 listening VMs on the KVMhostIP (5900 – 5925)
    With a quick test of URLs, browsing to http://188.40.x.xx/##/ (I found there were 27 VMs, where ## = VM number).
    The VNC Password in the control panel did not change (even if the VPS was stopped and started).
  • Bandwidth Usage Graphs
  • Optional Traffic Warning emails if Bandwidth exceeds X amount hourly, daily or monthly
  • Start | Stop (equivalent to turning off the power supply)| Reset (Stop and Start in succession) VPS
    Stop gave the warning: “Do you really want to stop the vServer? In most cases it is better to shutdown the vServer via Remote Konsole than stopping it. You should only stop it if it does not respond anymore.”
  • Rescue System
    Same system as for dedicated servers. Boots off Network to a LiveCD environment allowing mounting of disks and also to reinstall the OS using “installimage” a scripted hetzner installer to install debian, ubuntu, centos, fedora etc. Uses same IP, and gives a new root password for the temporary LiveCD session.
  • Monitoring System with email notifications

Setup Information

  • Uses KVM Virtualization
  • KVM Host connected to 1Gbit Lan (via forum.hetzner)
  • Not using Virtio (via lspci and forum.hetzner)
    The reason for this is incase people want to install different OS’s, that they don’t have to require paravirtualized drivers.
  • SAS Hard Drive in the KVM Host (unconfirmed, but fast IO results in the VPS)
  • KVM host running nginx on port 80 (for vncssl applet)
  • KVM host SSH responds: SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu4 (i.e. running: Ubuntu 10.04.1 LTS ?)
  • traceroute in and from the VPS did not reveal the KVM host IP. The HostIP was determined from the VNC Applet address in the Control Panel
  • No IPv6. No additional IPv4 options.
  • IPv6 subnet available (/64)
  • lspci
    Debian-50-lenny-64-minimal:~# lspci
    00:00.0 Host bridge: Intel Corporation 440FX – 82441FX PMC [Natoma] (rev 02)
    00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
    00:01.1 IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II]
    00:01.2 USB Controller: Intel Corporation 82371SB PIIX3 USB [Natoma/Triton II] (rev 01)
    00:01.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 03)
    00:02.0 VGA compatible controller: Cirrus Logic GD 5446
    00:03.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+ (rev 20)
    00:04.0 RAM memory: Qumranet, Inc. Device 1002
  • cat /proc/cpuinfo
    Debian-50-lenny-64-minimal:~# cat /proc/cpuinfo
    processor       : 0
    vendor_id       : GenuineIntel
    cpu family      : 6
    model           : 2
    model name      : QEMU Virtual CPU version 0.12.5
    stepping        : 3
    cpu MHz         : 2806.922
    cache size      : 4096 KB
    fpu             : yes
    fpu_exception   : yes
    cpuid level     : 4
    wp              : yes
    flags           : fpu de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx lm up rep_good pni cx16 popcnt lahf_lm
    bogomips        : 5638.24
    clflush size    : 64
    cache_alignment : 64
    address sizes   : 40 bits physical, 48 bits virtual
    power management:
  • Hard Disk setup
    Debian-50-lenny-64-minimal:~# cat /etc/fstab
    proc /proc proc defaults 0 0
    none /dev/pts devpts gid=5,mode=620 0 0
    /dev/hda1 none swap sw 0 0
    /dev/hda2 /boot ext3 defaults 0 0
    /dev/hda3 / ext3 defaults 0 0
    fdisk /dev/hda:
    /dev/hda1               1         262     2102562   82  Linux swap / Solaris
    /dev/hda2             263         295      265072+  83  Linux
    /dev/hda3             296        2610    18595237+  83  Linux

Initial VPS Tests

Tests and results varied. This is in no way complete. Results were slightly higher when I got the VPS first (with ~8000 Requests Per Second with Apache, and ~19 Seconds for compress-gzip).

  • Network Speed: Full 100Mbps. Tested with wget.
  • phoronix-test-suite benchmark apache
    Phoronix Test Suite v2.8.2
    Installed: apache [v1.1.0]
    …….
    Average: 6794.33 Requests Per Second
    Compare Results
  • phoronix-test-suite benchmark compress-gzip
    Installed: compress-gzip [v1.1.0]
    …….
    Average: 22.38 Seconds
    Compare Results

Update – Feb 2011

So people were asking about uptime of the VPS. As I host a number of VPSs I was also keen to find out how uptime and kernel updates to the host would be applied and handled by hetzner.

During the week, I came back to find the following in a screen session I had running on my main server:

Debian-50-lenny-64-minimal:~#
Broadcast message from root@Debian-50-lenny-64-minimal (Mon Feb 14 13:13:40 2Power button pressed
The system is going down for system halt NOW!
Connection to 88.xxx.xxx.xxx closed by remote host.

Clearly the host had went down for a reboot. I checked www.hetzner-status.de and sure enough the reboot was scheduled. I’m not sure how much notice was given. I should have received an email but it was my own fault I wasn’t subscribed. The downtime was 10 minutes. I was suprised that it was done during the middle of a weekday (as opposed to out of office hours). Below is the image of the scheduled downtime notice from the hetzner-status.de website. This was the first downtime in 60 days.

Update – April 2011

After keeping an eye on http://www.hetzner-status.de I found that Hetzner was now “pausing” VPSs when the KVM host had to go down for a reboot. This has pros and cons. The advantage been that services will remain running on the VPS when unpaused/started. If the KVM host reboot is quick, connections to your VPS may remain alive. The disadvantage been that you might never know if there were issues and that the KVM host had to be rebooted. Thus typing “uptime” may not reflect an accurate figure.

I also found that ports 59XX on the KVMhostIP were no longer accessible from the Internet or from an internal Hetzner IP (crossed out text above to reflect this).

An accurate reflection of uptime?

Debian-50-lenny-64-minimal:~# uptime
 13:07:49 up 73 days, 22:44,  1 user,  load average: 0.00, 0.00, 0.00

Hetzner do seem to be listing all reboots and pauses of VPSs on their status website so you know if anything did happen. You can also subscribe for email and news alerts.

Screenshots of hetzner-status showing “pause” of Vservers:

English Text

German Text

Update – July 2011

IPv6 Subnet (/64) is now available for free. Simply log into the hetzner robot, and you can request it automatically (automated setup).

Posted in IT, Virtualization | Tagged , | 33 Comments

Thompson Broadband Router (UPC) Model: TWG870

So I recently got 100Mbps Broadband from UPC :) My Cisco EPC2425 got replaced with a Thompson Broadband Router (Model: TWG870UIR).

Default Settings

Login URL: http://192.168.0.1
Username: <blank>
Password: admin

SSID: UPC00XXXXX  (AFAIK, the SSID of Thompsons will be in the format UPC00….)
WPA2-PSK: <should be on the sticker underneath the router>

Manuals in PDF

See attached two manuals for this Thompson Broadband Router.
                                         

Thoughts

The router itself is nicer than the EPC2425. It is a gigabit router, so my wired network is much faster than before. The wireless (n) was OK. I highly recommend that if you want to get full 100Mbps, you will need to use a Ethernet Cable (see my article on creating a network cable). I got max 60-70Mbps via wireless. This router however has no Dynamic DNS options (as had the EPC2425, albeit that didn’t work great either as its settings didn’t remain).

The 100Mbps broadband speed from UPC was very good. (100Mbps down, 7 to 10Mbps up) I am able to download 12.5MB (megabytes) a second consistently. However that is only with the use of a Download Manager (which downloads several threads together). I used LeechGet 2009 (worked ok). With a single download, speeds were around 4MB/sec. Speed tests on the UPC website  (and UPC nl website) showed the advertised download and upload speeds.

A Download Manager (or program with threaded download capability) is required to get full use of the 100Mbps Internet connection.

Posted in Broadband, IT | 103 Comments