I have a website (wordpress) published and it works perfectly, but from time to time it gets stuck. You try to enter the page and the server is like blocked, processing, and then for some minutes the website doesn't load.
I even added a cache system and performance optimizations, and the website is much faster now, but that keeps happening, from time to time (several times per day) the web is white, blank, loading for a long time.
I don't know what it is: a plugin? my code? it doesn't happen at a specific moment or action. So I can't identify when or where or why it happens.
So, can I somehow log the php code to know what is being executed at that moment? Where is the code stuck?
BTW, I already disabled the wp-cron. That's not it. And the web is huge so I can't start looking into every file for a loop or something, I need something faster.
I recommend checking on some query monitor which plugins / themes are responsible for the bottleneck. You can use GoDaddy's P3 Profiler plugin, which although it is not having updates, remains one of the best options for profiling a WordPress.
If you use cPanel, check the resource usage and try to identify patterns. For example, is the site slow at a specific time? On specific days of the week?
If you have access to Awstats or similar, you can check if there is any bot that accesses your site at some specific time.
If you treat only the symptom (slowness) you will continue to have the same problem. You need to find the source and then solve it at once.
Also check the access logs for detecting anomalies:
https://www.tecmint.com/find-top-ip-address-accessing-apache-web-server/
Looking on Google, I found some services that I think can help:
https://goupcloud.com [complete optimization and identification of bottlenecks (treatment in the cause and not symptom)]
https://www.wpfaster.org/ [full optimization]
https://www.wpspeedfix.com/ [full optimization]
Related
I'm a bit of an amateur so I'm sure I've missed something.
I'm running Divi on Wordpress. When i go to update a page, I get the "Your updates couldn't be saved" error. My Wordpress site, as well as it's CPanel, also are loading unusually slowly, which I think is related to the issue. After working on this for a bit, both my site and it's CPanel will fail to load, giving me a "can't establish a secure connection to the server" error. The third symptom, which I can't make heads nor tails of, when I click "update" in the page editor, my browser will often (but not always) launch another tab/pop-up either displaying a preview of the edits or the "pages" page on the WP admin side. All of these issues are new (although I've had similar loading speed issues in the past with this site).
Thinking it may be an overload on my server (which happened due to an attack a few months ago), I let it sit for a few days with no luck. Then, thinking it may be a caching issue on my end, I changed my DNS servers, cleared my browser cache, tried private browsing, used my phone, used different wifi and cellular networks. All to no avail. I briefly had slight luck using my phone as a hotspot, but it only temporarily improved the loading speeds.
I also tried disabling plugins. I made sure everything was up to date. No help.
I went into my wp-config.php file and increased the memory limit to 128M and the WP-max memory limit to 256M. This helped briefly–I could update and save one page but when I tried to change the next, I was back to base 1. I've also increased the memory limits in my .htaccess file. I don't have access to my PHP.init file (there are often delays reaching my host so I'm trying to avoid relying on them when possible).
My last guess (which I have yet to implement) is to update my PHP. That said, I'm running 7.3.6 and had no issue updating the site a few days ago so I'm not sure that's the problem, unless divi's newest update has compatibility issues with 7.3 versions of PHP...
Any further ideas would be greatly appreciated! I'm partway through a cosmetic update (which, I know should be done on a staging site but sometimes best practices are best learnt through mistakes like this) so my site looks somewhat half-finished. That is, I'm anxious to be able to edit it again.
Many thanks in advance
Whenever you try to save something, Divi will make a request through admin-ajax.php, it often happens that a security firewall detects that as a threat (which is obviously not), thus giving you the failed save message. Can you ask you host to check the rules that are triggered and whitelist that action? It can also come from plugins like Wordfence, make sure to whitelist it there too.
You can also attach that layout as JSON here, I can test it on my own server and if I can save changes, we should be on the right path.
I'm at my wits end here.
A client has a wordpress website that is expected to have heavy traffic incoming next saturday. I was asked to find out if the site can handle the load, and using JMeter my answer is "no", as it keeps having database connection issues.
Now, for the configurations and issue I'm finding.
This is a cloud hosting that as far as I could find out is not shared, using a standard apache / linux configuration. Mysql's "max_connections" variable is 1000, and my tests fail even at something like 50 connections / sec. SHOW PROCESSLIST shows nothing out of the usual, at worst a couple threads sleeping for 3 seconds, but no hanged queries or anything of the sort.
Wordpress itself is a fairly standard configuration. Does use a couple plugins, the one most obviously affecting database performance being woocommerce. Everything else is a gallery plugin then some minor stuff like contact forms. 10 plugins total.
For cache I'm using W3 Total Cache's page, object and database caches. I'm even forcing caches for queries that aren't on the default configuration of W3 cache like COUNT() queries, and it seems to be working as it's showing all queries on homepage cached.
However, JMETER shows as high as 50% failure at 50/sec connections. It's not exactly consistent, sometimes goes up and down but still way above what would be considered acceptable and as I understand way below the server's 1000 connections limit. Still getting too many connections issue. If I turn off cache it goes to like 90%, so that's clearly helping.
At this point, I'm not sure how to further mitigate this problem. Even if I disable every plugin, the number stays above 1% since the homepage then displays barely anything, but obviously I cannot just disable all plugins as that pretty much breaks the website. I can hopefully disable a couple or temporarily force a static response out of them, but there has to be some underlying issue causing this, since I'm not sure that would even be acceptable for the client.
How could I further debug this problem? Is it possible that each plugin creates it's own new connection, for example? Is there a way I can debug, for example, how many connections were opened at the end of a script execution?
Look into using query monitor to see exactly what code is running what kind of queries how long they take etc.
https://wordpress.org/plugins/query-monitor/
This is a great tool for benchmarking performance optimizing templates and various calls.
My site checks the database for overdue reminders by making an AJAX request every 5 seconds. I've been told this is not ideal because of too many AJAX calls, one person said it's almost like DDOSing your own site if there are many people on with several tabs open etc.
The alternatives are using websockets or ajax-long-pulling. I can't use websockets because my shared hosting doesn't have that capability. Ajax-long-pulling is not ideal because of limited connections.
So a workaround I thought of would be to have a file on the server which simply stores a token. The browser reads this file via a hidden i-frame every 5 seconds, and if something relevant changes in the database the token is changed and this signals the browser to send an AJAX request to get the new reminders.
Would that be a feasible workaround to significantly reduce the load on the server since it's not making so many AJAX calls every 5 seconds since it's just reading the file instead?
"one person said it's almost like ..." - was that person the system administrator of the host where your site runs?
"because my shared hosting doesn't have that capability" - if writing lots of code is cheaper than switching web providers then you really need to look at your at the way you manage your hosting.
"Ajax-long-pulling is not ideal because of limited connections" - and you think the same problem would not apply to websockets?
You seem to be trying to fix a problem you don't know exists. And you don't seem to be in a position to evaluate whether any changes you make will have the desired effect.
After discounting comet and websockets, your only option for reducing the impact on the server is to reduce the frequency of polling. But your next step should be to get establish a capability to assess what impact the facility currently has on the server and how that changes if you change the behaviour. This can be rather tricky on a shared host - at best you're going to see a lot of noise generated by other tenants, but if you really were consuming a lot of resources, I'm quite confident that a competent hosting provider would be alerting you to this.
Is it possible for Joomla (or Wordpress) to run scripts without cron or visit triggers??
We have this installation that has been using CPU seconds and it's index.php appears in the active processes list of cPanel, but no cron, nor visits are being running. If we rename the index.php file the process disappears, if we resettle it, it re-executes after a few seconds. For some seconds disappears, sometimes appears up to triple WITHOUT having actual visits and no Cron Jobs running.
How is this possible?
We want to know for 2 reasons, security check, and making use of this extra possibility of running scripts if it exists.
I can't speak for WP, but I can't imagine any way of a script executing on it's own. I'd suggest looking at the apache logs and perhaps bump up the logging level to see where/how this might be happening. It sounds to me like your file has been hacked if you CERTAIN that no outside requests are launching it. In my adventures with hackers, the code is often hidden out of sight, so have a look at it with word-wrapping on and see if you can spot anything - it sounds awfully suspicious to me.
To add, your malicious obfuscated code may actually be in your data store, as is often the case with Magento, Drupal, Joomla and WordPress.
TL:DR Don't just inspect your files, but database records that output HTML too.
You should also open your browsers console and take a look at the network tab. Inspect it for suspicious connections.
I am currently creating a website in php that has a database backend (can be either MySQL or SQL Server) and I realized recently that if my database crashes at any time, my website will not run properly and probably cause some headaches.
So what is the proper thing to display on the website if my database (or any crucial outside component) goes down? My particular website relies heavily on its database and will be almost useless without it.
One option I have been told is to email the website admin and display a Error 500 page that says something is wrong with the server and basically make the website unusable till the issue is fixed. Is there anything else I could do to work around this problem? Are there any ways to design a website so that the database (any crucial component) crashing isn't an issue?
I am looking for general rules of thumb as well as specific examples of how people have worked around this in the past. Also, these examples don't just have to be for my website example.
If you only have one database server, and the website cannot work without it's database, there is no magic : you'll have to display some sort of nice error page, informing the users there is a technical problem and that the website will come back shortly.
Generally speaking :
Chances of such a problem are pretty low
If your website is a normal one, people will tend to accept a problem once in a while, especially if you communicate about it.
If you can afford it (and have the technical knowledge to set this up), you could use two database servers, with replication (MySQL supports this) between them : one master, which you use, and a slave, that's considered as a backup.
Then, if the master falls, your application will use the slave.
Of course, this will greatly reduce the risks of a database-related problem (having two servers crash at the same time is quite unlikely), but you'll still have problems with all other components -- like your webserver : if you only have one, you might want to consider using two, with the second one as a fallback.
After that, if you still have money (and think you need an even better uptime for your website), you'll want to think about the case when your datacenter has a problem -- setting up server in two separate locations...
The proper thing to display is a simple "oops" error message that gives away no information that would be helpful to hackers. Something along the lines of "We're experiencing technical difficulties" or "website unavailable". This is for security purposes.
It would be good to have an error logging and notification system in place to notify an administrator in case of a crash. That would be fairly simple to write, but I'm sure there are already libraries that handle this. (There's a tutorial with code samples at http://net.tutsplus.com/tutorials/php/404403-website-error-pages-with-php-auto-mailer/ and a simpler example at http://www.w3schools.com/php/php_error.asp)
There are ways to design the architecture of your web site to handle a database component crashing. It's not architecting your website, it's architectin the whole environment. For example, database clustering for high availability (http://en.wikipedia.org/wiki/High-availability_cluster). It's not cheap.
Overall, you just need to ensure that you're doing your error handling properly. A database crash is a classic example ofr why we need error handling. There are plenty of resources and guidance for this.
http://www.google.com/search?q=Error+Handling+Guidelines&rls=com.microsoft:en-us&ie=UTF-8&oe=UTF-8&startIndex=&startPage=1
Edit
I found this and thought it was a very nice resource for answering how to handle the errors:
http://www.nyphp.org/PHundamentals/7_PHP-Error-Handling
It is considered best practice to return a HTTP 500 status code in the event that your database being down, or any other crippled service, prevents your website from functioning properly. Depending on your websites functionality, this could be on a page by page basis or site wide. For example, your "About Us" page may not need database capabilities while your search page would. You could thus keep the "About Us" page up and running but return a 500 status code when someone goes to your search page.
Do not give any technical information about why the site is not working to the end user. This could be a security risk.
If you are using apache, this document will tell you how to setup custom error pages:
http://httpd.apache.org/docs/2.0/custom-error.html
I recommend you use plain HTML for your 500 status code pages. You can also have your PHP pages send a 500 status code via the header() function, documented here:
http://php.net/manual/en/function.header.php