Blog Archives
Htaccess Site Speed Impact
Does the .htaccess File Slow Site Performance
Bloggers often ask the question “does using .htaccess for security or redirection slow down the site”? The answer should perhaps not be a simple yes or no. Some hosts recommend .htaccess should not be too large (not have a lot of rules) as it has a bad impact on performance. Then again some users have very long lists of rules in their .htaccess files and their sites are still fast enough to satisfy visitors and accepted Google page load speeds.
We need to weigh the benefits of using .htaccess for security, redirection and site configuration against any performance penalties (or advantages). Once we understand how .htaccess works on our blogs we can make the decision how we will this extremely useful file.
JQuery DataTables
JQuery DataTables with WordPress and Drupal
DataTables is a plug-in for the jQuery Javascript library. DataTables is a very flexible tool for adding advanced interactions to to any HTML table. It adds controls providing searching, sorting and pagination.
DataTables works with most popular CMS and web based CRM systems with plugins available out-of-the-box for many of these, including WordPress, Drupal and Joomla.
I’ve recently been using the DataTables JQuery scripts for a couple of tables on a WordPress and a Drupal site, so I’m taking the opportunity to briefly discuss the plugins I’m using, and the differences using DataTables with these 2 content management systems.
GNAX Hosting Review
How Good is GNAX Hosting
Let me start by saying my own sites are hosted on the GNAX (General Net Access) network. We’ve been using the GNAX backbone since October 2012. If I wasn’t completely satisfied with the service, I would have moved my sites long ago.
GNAX hosting also provides the international backbone for our fully managed hosting service.
GNAX is VPS or Higher
GNAX is not your regular hosting service provider. They don’t offer the shared hosting packages most of us use for our WordPress sites.
The lowest level hosting you can get with GNAX is your own VPS. If you are looking for el-cheapo shared hosting, GNAX hosting is not the place to look.
If you are wanting shared hosting, you need to look for a second or 3rd tier service provider. You cannot sign up for a shared hosting account directly with GNAX.
Website Down for Visitor Safety
Website Offline after DoS Attack
My Drupal website, graphicline.co.za, remains offline today following yesterdays JavaScript injection / denial of service attack. I decided to take the site offline to ensure the safety of visitors while I check the site for any malware. My hosting service technicians are also examining the server for any possible faults or configuration problems. Other sites on sub-domains of graphicline.co.za were affected at times, and further disruptions of service are expected.
The DoS (denial of service) attack began in the early hours of January 24 2012 and continued for nearly 2 hours. During this time thousands of attempts were made to inject JavaScript redirect code into the website (there are too many related entries in the log to count). Although initial inspection showed no successful hack, I felt it prudent to take the site down until certain no malware or other bad stuff had been included.
Banned IPs
Banning the Bad Hosts
I’m a no-compromise banner. It doesn’t take much effort to get an IP banned from my websites. A single bad event will normally be enough to block access to my sites from an IP address. Several attempts from a range of IP’s with a common service provider will get the entire IP range banned, the hostname or domain banned.
Currently there are about 700 entries in the banned list – representing millions of IPs, and the list gets longer daily. I cannot recall a day this year when at least one new bad IP was not added to the list.
Sharing the Bad IP Info
Mostly these IP’s were simply denied access, and no record was kept about the reason for the ban. At one time I started keeping a record, then lost interest and lacked time to continue. So I decided to start again, this time publishing the info where I can get to it, and other bloggers can also find the details. So now it’s published as a page on this blog…
GNAX Hosting – Early Results
GNAX Hosting – So Far So Good
Last week I moved my domain graphicline.co.za to GNAX VPS hosting. I’ve watched Google page load times get shockingly poor the past four months. Nothing I’ve done on-site to improve performance has made any difference. I’d already tried several caching systems and offloaded some files to a CDN and other fast servers – with no improvement.
Eventually, after trying everything else, the only conclusion I could draw was the long path bottleneck between Google’s Mountain View servers and the data centre servers hosting my domain was the main culprit in the time it took for Big G to load pages.
Average page loads for 2 of the sites (WordPress) on the domain had gone from under 2.5 seconds in May to over 4 seconds in August and over 5 by September, while the main site (Drupal) was approaching 4 seconds from under 2 in May. Minimum page load speed had got to nearly 4 seconds for one site by September.
Is Your Website Slow
Website Slow – Look to Your Server
When we find problems with our website speed, we look at our website system – Right? We (those of us on shared hosting anyway) have been conditioned by our service providers to think whenever our sites are running slow, it’s our code that’s the problem, not the server provided by the hosting company the site is running on.
Well, sometimes it is. But then again, often it’s not.
When is it the Server?
There are some circumstances when the server is nearly always the problem. Let’s look at some clues:
Apache Down
Our Website Server Has a Problem
The horrible feeling of clicking on a page, and the site reports a server error, and stays down… Since just after midday yesterday the Apache server hosting graphicline.co.za and all our sub sites has experienced problems. Major configuration changes were rolled out starting on Sunday April 16, which have severely disrupted the function of these sites…
Memory Allocation Reset to Default
First off all, memory allocations were reset to the server default value of 32MB – totally inadequate to run Drupal and WordPress. Then today I discovered sub-domains with static HTML files only were also throwing up a server error – so the sub-domains weren’t being seen as such by the server.
Views Reloaded
Revamping a Drupal User Guide
Some time ago I added a number of Drupal video guides from several sources to pages on one of my websites. These were really only intended for my use while getting to grips with Drupal CMS. Then they were forgotten. Recently I was Googling something and lo and behold, one of these pages was on page 1 SERP. (When I added the videos, I didn’t yet have the meta-tags module to include “noindex” for robots, so Google indexed the lot).
But these pages had no content; most just had the video, either embedded using YouTube or in iframes from vimeo. Seeing as I am in the process of reworking a lot of the web site, sorting out the taxonomy (tags) and adding headings and descriptions to these, as well as undertaking an appearance overhaul of pages showing teasers e.g. blog pages, article summary pages and so on, I decided it was time to do something useful to the numerous pages of Drupal video guides. The collection is being updated and re-published in the form of a Drupal ‘book content type’ at Drupal Guidebook (graphicline.co.za).
No Website Url Less Spammers
Jan 8
Posted by Mike
Removing Website URL from Comment Forms Stops Spammers
Another way to stop spam comments – get rid of the website URL in comment forms. We’ve finally got rid of nearly all spam comments on graphicline.co.za. Although the site was already protected by Project Honeypot, and comments use a CAPTCHA challenge, we were still getting a lot of spam.
Instead of switching to RECAPTCHA with it’s more difficult text, we looked for another way to reduce successful spam comments.
The common factor to all spam comments was the inclusion of a homepage URL in the form field. The thinking was; if there’s no field for the URL, then spambots may fail as they can’t finish their job. Without a homepage URL field, manual spammers may be discouraged from posting rubbish as well.
Read the rest of this entry →
Posted in Spam
Leave a comment
Tags: Comment Spam, Drupal, hack, Spam Comments, Spam in blogs