Rafe – Page 65

Author: Rafe (page 65 of 989)

How to speed up WordPress in an emergency

Over the past two days I’ve been linked to by Daring Fireball and BoingBoing. I’m running WordPress on a virtual server from SliceHost with 512 megs of RAM. Because I’m an incompetent systems administrator and just run everything with the defaults, the server did not react well to the additional traffic. Here’s a list of the things I did to whip the server into shape.

The first problem was that the load average on the server was spiking and it was becoming non-responsive. Even logging into the server via SSH took minutes, and Web pages weren’t really loading at all. WordPress was not using the database efficiently and the database load was killing the server. I attacked this problem by taking advantage of caching.

I discovered that query caching was not properly enabled in MySQL. The cache was enabled, but the cache size was set to zero, so nothing was being cached. After tweaking things a bit, I wound up giving MySQL a 10 megabyte cache. (You can read about setting up the MySQL cache in this article.) Since my server often runs into RAM problems, I didn’t want to allocate too much RAM to a new feature.

I also set up WordPress to use caching as well, using the DB Cache Reloaded plugin. I like it a bit better than plugins that cache entire pages like WP Super Cache. Those plugins are probably worth it for really big sites that get millions of hits a day, but my traffic is relatively low most of the time, so my goal is just to make sure it doesn’t blow up entirely when traffic spikes. DB Cache Reloaded does the job.

That made things work, mostly. However, I also ran into problems with MySQL going away. In those cases, WordPress just generates a page saying it can’t connect to the database. I’ve seen that happen during traffic spikes before, and I’m still not sure what causes it. My guess is that it’s because of some kind of lock contention issue. WordPress uses MyISAM tables, which don’t support row level locking. I may switch them over to InnoDB over the holiday. I had to log in and restart MySQL a couple of times over the past 24 hours, but it hasn’t happened again yet today.

Once I stopped overtaxing the database, things started slowing down because Apache was spawning so many processes that it used all of the memory on the server. Basically, when Apache spawns more than 50 processes, the server starts getting low on memory, which slows things down, which causes Apache to take longer to serve requests, which causes even more processes to be spawned as incoming requests pile up until the server grinds to a stop. I looked at my Apache configuration and saw that it was allowed to spawn as many as 150 processes. Given that they consume about 25 megabytes of memory each, this did not work well with my puny server. Cranking the MaxClients setting down to 25 did the trick here.

When I changed that setting, I also lowered the KeepAliveTimeout setting to 5 seconds. When KeepAlive is enabled, the server allows the browser to submit multiple requests over the same connection if it asks to do so. When a browser opens a persistent connection, it maintains its claim on the process that is serving its requests until the browser closes the connection or the timeout duration is exceeded. Because I lowered the number of processes, I lowered the timeout so that ill-behaving browsers don’t block other people from connecting if they’re not actually going to request more content.

Things are working better right now, and I’d be much happier if I knew what was causing the intermittent failures I am seeing with MySQL.

I should also probably do a better job of monitoring the server. The only diagnostic tool I used throughout the process was “top” and reloading the home page to see if the server was responsive.

Things we do to innocent people to prevent terrorism

November 23, 2010 / Rafe / 41 Comments

Here’s a non-comprehensive list of things innocent people have suffered in order to prevent terrorist attacks on America:

Monitored them on closed circuit television.
Asked them to present photo ID at the airport.
Required them to walk through a metal detector in order to go to the gate.
Required them to empty their pockets.
Required them to take their laptop out of its bag.
Required them to remove their shoes to go through security.
Prevented them from carrying more than a small amount of liquids past security.
Required them to put all containers containing liquids in a clear plastic bag.
Required them to have their carry on luggage hand-inspected by security.
Required them to put their checked luggage through an explosives detector.
Monitored their phone calls.
Monitored their Internet activity.
Subjected them to minimally invasive patdowns at security.
Forced them to walk through a backscatter X-ray scanner that shows their naughty bits to someone in another room.
Subjected them to invasive and humiliating patdowns.
Placed them on a no fly list for unknown reasons.
Kicked them off an airplane for looking suspicious.
Prevented them from flying because of their religion or ethnicity.
Roped them into terrorist plots using paid informants and then arrested them for being terrorists.
Tortured them using sleep deprivation, sensory deprivation, sexual humiliation, and extreme temperatures.
Subjected them to waterboarding.
Turned them over to governments of countries like Egypt and Syria in order to be tortured.
Beaten them to death.
Shot them.
Shot and killed them.
Blew them up using laser-guided bombs.
Killed them in Predator drone strikes.

Seems odd to me that some people are so much more offended by a couple of items on this list than they are by all the rest.

A third kind of freedom

November 21, 2010 / Rafe / 59 Comments

John Gruber posted a piece on Friday that is a must read for people who are interested in mobile computing, noting an absence of killer apps for Android. In it he talks about some reasons why, despite the strengths of the platform, we’re not seeing developers create unique, compelling applications for it. I don’t use an Android device, so it could be that Gruber’s argument rests on a shaky foundation, but it seems right to me from what I’ve read.

What I want to talk about, though, is a sort of “third freedom” when it comes to computing. The first freedom, referred to as Freedom 0 by Mark Pilgrim, is the freedom to “run the program, for any purpose.” Back in the day, people called it “libre” software to distinguish it from software that’s free in the “free beer” sense. That’s the second freedom. Software that’s free to download and install — freeware.

Obviously Apple’s iOS does not represent Freedom 0 in any way. You use it on Apple’s devices, under Apple’s terms, or not at all. Yes, you can jailbreak your phone but that is considered completely out of bounds. For the most part, Apple seems to see Freedom 0 as a negative. As far as the second freedom goes, some iOS software is freeware, some isn’t.

What Apple offers in exchange for giving up Freedom 0 (and they ask not only end users but also developers to give it up) is a new freedom for computer users — the freedom to install stuff on your computer without screwing things up. Freedom 0 is about giving you the right to screw up your computer in whatever way you see fit. Apple’s freedom is about giving you the opportunity to install any of thousands of applications with the knowledge that your phone will work just as well after you install them as it did before, and that you can get rid of those applications whenever you want.

Hackers and power users see this as a bad tradeoff, but I would imagine that for many users, this tradeoff is completely worth it. Ask any of the people who pay Geek Squad hundreds of dollars to disinfect their PCs whether they’d give up some of the freedom to do what they like to their PC in exchange for never having to deal with those sorts of problems again.

The iPhone was a huge hit before you could install apps for it at all, so it’s not as though this third freedom was the key to its success, but it’s clear that it is the key to the success for third party developers for iOS. It’s why people are willing to go through all of the pain of dealing with the App Store approval process to get their software onto the iOS platform.

The vast majority of users don’t want to be systems administrators any more than most drivers want to be mechanics. Apple has already built one successful platform that offers users the opportunity to avoid that responsibility, and it looks like they’re trying to bring that model to personal computing as well. I wouldn’t bet against them at this point.

Everything you needed to know about backscatter

November 19, 2010 / Rafe / 8 Comments

Bruce Schneier has rounded up all the links on the backscatter X-ray scanners and related issues. Bullet points:

The health risks of the scanners are overblown.
The claims that the scanning/groping will make flying safer are even more overblown.
The deployment of these scanners has more to do with lobbying than with a rational evaluation of the best way to make flying safer.

In this piece (not yet linked by Schneier), TSA screeners surveyed say that conducting the more invasive patdowns makes their job worse. My inclination in the face of this new scanning is to request the patdown for exactly that reason. Walking through the machine imposes a cost on the person being scanned, and no cost on the person doing the scanning. The patdown sucks for the person conducting the patdown and the person being patted down. Seems more fair to me.

As far as predictions go, my guess is that the money has been spent and we are not likely to see the government back off on the scanning. As irritated as people are now, they’ll eventually come to accept it, and it will become one more permanent contributor to the horrible experience that air travel has become.

Our abandonment of the rule of law will continue

November 18, 2010 / Rafe / 3 Comments

Yesterday a federal court acquitted one of the men accused of the 1998 embassy bombings in Tanzania and Kenya of 11 of 12 charges against him, including every charge of murder. He was convicted on one charge of conspiracy, which carries a sentence of 20 years to life. He probably would have been found guilty on more charges had the judge not ruled out all evidence and testimony obtained through the use of torture. Needless to say, plenty of people are arguing that this illustrates the flaws of trying terrorists in civilian court, rather than the problems inherent in torturing accused criminals in a society that claims to operate under the rule of law.

As Glenn Greenwald points out, this was a show trial anyway, since the President claims the right to continue to imprison prisoners like Ahmed Ghailani under the laws of war, regardless of the outcome of their trial. So we convicted him, but we weren’t going to release him no matter what.

I think the question many people who care about civil liberties ask themselves is how we got here. We knew that the entire post-9/11 era was utterly lawless under the Bush administration, but we can all remember that Barack Obama promised to change all that when he became President. After two years of an Obama presidency, we now know that very little has changed.

Yesterday I read GQ’s profile of Attorney General Eric Holder. The writer seeks to understand how Holder could go from principled defender of civil liberties to being an active participant in the continuation of the abuses of the Bush administration. In the end the article shows how choices made in the past restrict the options that are available today.

That’s not to excuse Eric Holder or Barack Obama. They’ve chosen to abandon the principles they once defended. It is to say that our problems are much bigger any particular person, even if they’re the President. Eric Holder’s choice is to compromise or resign. The options available to Barack Obama are to compromise or to throw away everything else he may want to accomplish as President.

Nearly the entire mechanism of federal government became invested in indefinite detention without charges, torture, and the exclusion of captives from civilian courts, and so the resistance to changing those practices and admitting fault is comprehensive. Congress refused to fund the effort to shut down Gitmo. Career lawyers at the Justice Department are resistant to any efforts to punish their current and former colleagues who conjured up the legal justifications for torture and indefinite detention. The military has never welcomed accountability to civilian authorities for wartime conduct. Most importantly, most voters don’t seem to much care about any of the abuses that have occurred.

The Eric Holder profile mentions guidelines for trying detainees that seem reasonable to me, assuming that in both cases, the pre-War on Terror rules of procedure and evidence are followed:

The guidelines that emerged from the task force last summer erected clear rules: If the crime is committed against a civilian target on U.S. soil, the case goes to civilian court; if the crime is against U.S. troops overseas, the case goes to a military commission.

If we followed those rules and actually released those defendants who were found not guilty, we’d be on the road to recovery. But of course, one problem we’ve found in releasing prisoners is that we’ve had a hard time finding anyone to take those prisoners who will agree not to torture and kill them.

My point is this: we are so far down the road of selling out our purported national values that it is likely to be a generation before we even start to make a real effort toward recovering them. Life goes on with the knowledge that our craven impulses dominate our noble ideals.

Your email address as your identity

November 17, 2010 / Rafe / 6 Comments

Alexandra Petri explains, in a funny way, what your e-mail address says about you and talks about changing fashions in the world of email. It also includes a helpful guide, here’s an example:

@YourWorkEmail You either work somewhere important or don’t understand the concept behind e-mail. You have a tendency to forward people joke e-mails with picture attachments.

I have long been a follower of email fashion. I think I originally subscribed to The Well because an @well.com email address had a certain amount of cachet and because I knew my ISP email address wouldn’t have any staying power. Then I realized that vanity domains were where it was at. I registered rc3.org as a place to get mail (and have a home page, of all things) before blogs even existed. Eventually I switched to Gmail (although my vanity email address and my well.com email address still work perfectly well) mainly for simplicity. When you tell someone “gmail dot com” over the phone you never have to spell anything, and nobody looks down on you for using Gmail.

I certainly haven’t used my work email for anything personal for at least 15 years. It’s so gauche.

OpenTable needs competition

November 15, 2010 / Rafe / 2 Comments

This weekend I read a restaurant owner’s perspective on OpenTable. In short, he feels like OpenTable charges to much to arrange reservations, but that most restaurants feel like they must use it if they want to be competitive. In other words, that OpenTable has captured such a large portion of the online restaurant reservations market that they are able to extract monopoly profits.

Here’s how he breaks down the numbers:

One independent study estimates that OpenTable’s fees (comprised of startup fees, fixed monthly fees, and per-person reservation fees) translate to a cost of roughly $10.40 for each “incremental” 4-top booked through OpenTable.com. To put that in perspective, consider that the average profit margin, before taxes, for a U.S. restaurant is roughly 5%. This means that a table of 4 spending $200 on dinner would generate a $10 profit. In this example, all of that profit would then go to OpenTable fees for having delivered the reservation, leaving the restaurant with nothing other than the hope that that customer would come back (and hopefully book by telephone the next time).

What this looks like to me is a great opportunity for someone to build and launch an OpenTable competitor. I think the key would be to charge less than OpenTable, and make sure that restaurants could stay on OpenTable and book reservations through the competing site as well. Restaurants aren’t going to dump OpenTable since it is omnipresent, but I think most would gladly link from their own sites to a competitor if it would save them money and they still booked the reservation.

The catch is that OpenTable is good at what they do. They have a fully integrated solution where they provide a computer to use to book reservations. They offer a solution that enables restaurants to book reservations through OpenTable their own Web site. And, most importantly, people can find restaurants through the OpenTable Web site and mobile apps. That said, if OpenTable is really overpriced, the opportunity exists to take them on. After reading the article, I’d love to see someone give it a shot.

For what it’s worth, I could see Yelp going into the reservations business. Is there any reason the detail pages at Yelp don’t have a “make a reservation” link for restaurants that accept them? The opportunity is there.

Sarah Palin fans in a nutshell

November 15, 2010 / Rafe / 6 Comments

Here’s a quote from an actual review of Sarah Palin’s new book at Borders.com:

This book, though unread by me as yet, should probably be required reading in schools across our country.

Thanks, Snoopy from NJ. You made my week already.

When should you change your passwords?

November 12, 2010 / Rafe / 0 Comments

One of my closely held beliefs is that expiring passwords reduce rather than increase security because the more often you have to change your passwords, the less likely you are to remember them. That is offset by the fact that people tend to use one password everywhere, so if you force people to change them, that pattern can be broken to some extent.

This week, Bruce Schneier has an essay on the subject. Here’s his bottom line, but read the whole thing:

So in general: you don’t need to regularly change the password to your computer or online financial accounts (including the accounts at retail sites); definitely not for low-security accounts. You should change your corporate login password occasionally, and you need to take a good hard look at your friends, relatives, and paparazzi before deciding how often to change your Facebook password. But if you break up with someone you’ve shared a computer with, change them all.

Apple open sources their Java implementation

November 12, 2010 / Rafe / 0 Comments

First Apple deprecated their Java implementation. Now they’ve released it as open source:

Oracle and Apple today announced the OpenJDK project for Mac OS X. Apple will contribute most of the key components, tools and technology required for a Java SE 7 implementation on Mac OS X, including a 32-bit and 64-bit HotSpot-based Java virtual machine, class libraries, a networking stack and the foundation for a new graphical client. OpenJDK will make Apple’s Java technology available to open source developers so they can access and contribute to the effort.

The question that remains for me is whether Apple will continue to contribute code to OpenJDK. (Hopefully they will.)

This, combined with the fact that Apple is no longer going to ship Flash on OS X, seems to signal that Apple isn’t interested in being responsible for shipping updates for other people’s runtimes any more. You can certainly run Java or Flash on your Mac if you like, but the vendor is responsible for making sure that your runtime is patched and secure.

rc3.org

Strong opinions, weakly held