Web Server Issue Fixed

     I found and fixed the web server issue causing images to load slow for one client I knew of.  The issue was that the server was starving for threads, the Apache defaults are not adequate for a larger busier site and we have sufficient machine resources to support a much larger configuration.  Now this customers images load in milliseconds instead of seconds.  The seconds were the time Apache was taking to ramp up processes.  Now the minimum is sufficient to support traffic bursts and it can ramp up to very higher if necessary.

Log Rotation Resolved

     The log rotation issues have been resolved.  Fail2ban is no longer grinding on huge logs and making the server slow.  In addition, I’ve implemented file system caching so that local copies of frequently used files are kept on local disk negating the need to fetch them via NFS.  I’ve also recompiled the server using maximum optimization and made other optimizations.

     The result of these things is that it’s cut the time it takes to load our main page (which has some PHP and database lookups) from around 800ms to about 250ms, a notable improvement.

     However, I have one customer who has a site that loads a small number of images and those images are still taking from 5 seconds to 15 seconds to load.  I have a games page here that loads several hundred tiles that are actually larger than the images on his site and they all load in under 100ms.

     The only difference I can see between his code and mine is that he is using JavaScript to load, I am just using the img tag.  There is also a very odd thing in that the delay in loading images on his site is always an even multiple of 5 seconds, always.

     We recently upgraded to 2.4.12, the latest version of Apache.  I am wondering if anyone else is seeing any issues on their site. If so, please let me know, seeing what is common might help me diagnose and resolve this problem.

Web Hosting Trouble

     Our web server is slower than normal presently because of a failure of logrotate, a program which moves and compresses old logs.  This has a allowed a large amount of log data to build up.

     That in turn has caused fail2ban to consume a lot of resources, particularly disk I/O, and also flush the disk cache because it has to go through a couple of months worth of logging instead of the current days logs.

     I am working on correcting this and cleaning out the old logs, it may take a day or two because of the volume of logs involved.

WordPress Editor

If you would like to have more control over your WordPress posts, for example change fonts, or change the size of fonts, or the font color, or perhaps you need subscripts for things like H2O, or super scripts for things like X2 + Y2 = Z2, or add special characters like a for valentines day, or maybe I my dog, you can do all this and more with a plugin called WP Edit that replaces the TinyMCE editor that comes with WordPress.

Isomedia Maintenance Outage

Because our equipment is located at an Isomedia co-location facility, our services will be impacted by these two maintenance outages:

Schedule:
February 18, 2015 12:30am to 4:00am PST

Description:
ISOMEDIA will be performing network maintenance on our core network.
During this maintenance event customers can expect multiple brief outages.
We apologize in advance for any inconvenience caused during this
maintenance.

Schedule:
February 19, 2015 12:30am to 4:00am PST

Description:
ISOMEDIA will be performing network maintenance on our core network.
During this maintenance event customers can expect multiple brief outages.
We apologize in advance for any inconvenience caused during this
maintenance.

Referrals Appreciated

January, and to a somewhat lesser extend February, are typically lean months for Eskimo North, and by extension myself personally, owing to a combination of people recovering from Christmas, having to spend more for heating, etc.

At the same time I have higher than normal expenses, a $200 “maintenance” fee from one of our DSL providers, a $500 extortion fee to maintain our entries in the RADB routing database so our IP space is visible on networks that filter BGP4 routes against RADB (I say extortion fee because charging $500 to maintain a simple database entry is ridiculous and they only get away with it because they’re a monopoly in this critical area), etc.

I really appreciate it when you refer new customers to Eskimo North.  I also appreciate it your business.  If you’re finding yourself constantly running out of quota, please consider upgrading your account.  If there is a website you’ve been thinking about creating, now is an excellent time.

I apologize that I’ve been a little slow to respond to some of your requests.  I’ve been ill, first a flu at the beginning of January, then a month long head cold that is finally abating, so I’ve also been a bit low on personal energy but I’m largely on the mend now.

Apache Upgraded

Apache web server has been upgraded from 2.4.10 to 2.4.12.  This is primarily a bug fix release, per the following Apache release notes:

Apache HTTP Server 2.4.12 Released

The Apache Software Foundation and the Apache HTTP Server Project
are pleased to announce the release of version 2.4.12 of the Apache
HTTP Server (“Apache”). This version of Apache is our latest GA
release of the new generation 2.4.x branch of Apache HTTPD and
represents fifteen years of innovation by the project, and is
recommended over all previous releases. This release of Apache is
principally a security, feature and bug fix release. NOTE: there
was no release of 2.4.11.

CVE-2014-3583 (cve.mitre.org)
mod_proxy_fcgi: Fix a potential crash due to buffer over-read, with
response headers’ size above 8K.

CVE-2014-3581 (cve.mitre.org)
mod_cache: Avoid a crash when Content-Type has an empty value.
PR 56924.

CVE-2014-8109 (cve.mitre.org)
mod_lua: Fix handling of the Require line when a LuaAuthzProvider is
used in multiple Require directives with different arguments.
PR57204.

CVE-2013-5704 (cve.mitre.org)
core: HTTP trailers could be used to replace HTTP headers
late during request processing, potentially undoing or
otherwise confusing modules that examined or modified
request headers earlier. Adds “MergeTrailers” directive to restore
legacy behavior.

Also in this release are some exciting new features including:

*) Proxy FGI and websockets improvements
*) Proxy capability via handler
*) Finer control over scoping of RewriteRules
*) Unix Domain Socket (UDS) support for mod_proxy backends.
*) Support for larger shared memory sizes for mod_socache_shmcb
*) mod_lua and mod_ssl enhancements
*) Support named groups and backreferences within the LocationMatch,
DirectoryMatch, FilesMatch and ProxyMatch directives.

We consider this release to be the best version of Apache available, and
encourage users of all prior versions to upgrade.