Currently Viewing Posts Tagged “Web server”

Change directives of Nginx

My new server uses Nginx as a web server. When I check the error log of it, I saw a lot of warnings.

2016/08/27 07:30:03 [warn] 11951#11951: *590544 an upstream response is buffered to a temporary file /var/cache/nginx/fastcgi_temp/3/28/0000008283 while reading upstream, client: 107.174.247.88, server: www.phpbbchinese.com, request: “GET /download/file.php?id=109 HTTP/1.1”, upstream: “fastcgi://unix:/run/php/php7.0-fpm.sock:”, host: “www.phpbbchinese.com”

I did the search and found some posts about this kind of warnings. OK, let record it and see what happened later.

Increase buffers.

Edit /etc/nginx/nginx.conf

fastcgi_buffers 32 8k;

Continue reading “Change directives of Nginx”

Move to Linode Server

When you saw this post, it means the blog is moved to a new server at Linode.

New server is a little bit better than the old one at DigitalOcean.

Here is how old server looks like:

  • Operating system     Ubuntu Linux 14.04.4
  • Kernel and CPU     Linux 3.13.0-88-generic on x86_64
  • Processor information     Intel(R) Xeon(R) CPU E5-2630L v2 @ 2.40GHz, 1 cores
  • 1 GB RAM
  • 20 GB Storage SSD

digitalocean-spotlight

New server at Linode has following specs:

  • Operating system     Ubuntu Linux 16.04
  • Kernel and CPU     Linux 4.6.3-x86_64-linode70 on x86_64
  • Processor information     Intel(R) Xeon(R) CPU E5-2680 v3 @ 2.50GHz, 1 cores
  • 2 GB RAM
  • 24GB Storage SSD

linode-brentwood Continue reading “Move to Linode Server”

How to make the SSL site 100 in all four fields of SSLLAB Server Test

Now, a lot of web site are going to add SSL for security purpose.

Just like my site here, the SSL Report is as below.

ssl-report-yinfor

It is A+. The score is great. When I look at it close. There are four parts. Three of them are not 100%.

Can I make it all 100?

I use one test site to do my research and try to make it 100.

OK. Let me show you why and how to do it.

Continue reading “How to make the SSL site 100 in all four fields of SSLLAB Server Test”

HTTP/2 vs SPDY 3.1

I have a web site, which was powered by Nginx 1.7. The SPDY 3.1 was enabled. Later last week, I upgraded it to Nginx 1.9.7 mainline version.

HTTP/2 already built with Nginx from version 1.9.5.  Why not enable HTTP/2?

I just did a very rough test.

 

1. Pingdom testing tool

SPDY 3.1: Performance Grade 97/100, 18 request,  load time 3.17s

HTTP/2: 97/100 18 request,  867ms

2015-11-23_110618

2. GTmetrix

SPDY 3.1: Pagespeed score A 98%, YSlow score A 95%, Pageload 1.0s,

HTTP/2: Pagespeed score A 98%, YSlow score A 95%, Pageload time 0.6s

3. Webpagetest

SPDY 3.1: Grade F A A n/a C Check

HTTP/2:

2015-11-23_110914

Continue reading “HTTP/2 vs SPDY 3.1”

Server Name Indication (SNI)

Server Name Indication is an extension to the TLS computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process.

The most import reason to have this extension is to allow a server to present multiple SSL web site, or multiple certificates on the same IP address and TCP port number. So one IP address can serve more than one HTTPS web sites.

This extension insert the host name in the very first request sending from client Hello header. The standard TLS will send host name after handshaking.

TLS handshake using SNI

Continue reading “Server Name Indication (SNI)”

Shall I enable SPDY on SSL?

I have some sites with SSL enabled only. These sites are money related or security related. So SSL is a must have.

Now the question came to my head and it is Do I need to add SPDY on it?

Let me review the basic information of SPDY.

SPDY is an experiment with protocols for the web.  Its goal is to reduce the latency of web pages.

Here is the official page of this project: http://www.chromium.org/spdy

SPDY Goal:

The SPDY project defines and implements an application-layer protocol for the web which greatly reduces latency. The high-level goals for SPDY are:
  • To target a 50% reduction in page load time. Our preliminary results have come close to this target (see below).
  • To minimize deployment complexity. SPDY uses TCP as the underlying transport layer, so requires no changes to existing networking infrastructure.  
  • To avoid the need for any changes to content by website authors. The only changes required to support SPDY are in the client user agent and web server applications.
  • To bring together like-minded parties interested in exploring protocols as a way of solving the latency problem. We hope to develop this new protocol in partnership with the open-source community and industry specialists.

I like it. Reduce page load time.

 

SPDY adds a session layer atop of SSL that allows for multiple concurrent, interleaved streams over a single TCP connection.

The usual HTTP GET and POST message formats remain the same; however, SPDY specifies a new framing format for encoding and transmitting the data over the wire.

soarjOjSeS5hoFYvjtAnxCg

If I have https, or SSL enabled web-site, I just need to add SPDY on top of it. That is it.

Continue reading “Shall I enable SPDY on SSL?”

How to make your blog faster than 95% of all websites

My blog is rebuild a few days ago. I did a web site speed test through Pingdom. My home page is so fast.

pingdom-blog

The result looks so good.

Your website is faster than 95% of all tested websites

Even the performance grade is only 85 of 100, the load time is 647ms. Load time is more important than others.

Continue reading “How to make your blog faster than 95% of all websites”

How to Disable ETags in Apache httpd.conf

What are ETags?

ETag is a standard used for determining whether the client (web browser) already has the latest version. If it has, it’s simply loaded from local cache. If not, the new version is requested.

An ETag is a hash generated based on either the inode number, the last modified time and / or the size (in bytes) of a file. The default behaviour in Apache webserver is to use all properties to generate the ETag.

 

What’s the problem with ETags?

Although etags do no harm in a single server set-up, it is harmful when you have multiple servers replication the served files. The problem is that the generated ETags most likely differ per server. So when the client re-requests an un-updated file on a different server than the last time the ETags do not much and a new version is requested, while this would not be necessary. This hurts performance (page load). You can find more information about this in the ‘Configure ETags‘ article on the Yahoo Developer Network.

How To Disable ETags in httpd.conf

To disable the use of ETags in the Apache webserver simply put the following FileETag directive in your httpd.conf:

FileETag none

This will disabled the use of ETags completely.

 

How to move blog from MovableType 5.27 to WordPress 3.7

There are very few guide on web about migrate blog from MovableType 5.27 to WordPress 3.7.
Here is my own experience to do it.

Step 1: Prepare the data on MovableType 5.27

Using MovableType export function is not enough, because the exported file has entries, tags and comments, but no keywords.
When WordPress import plugin working on this type of export file, it will not import tags. It only import MovableType keywords as WordPress tags.
So that, I found an solution to export MovableType with keywords, which are actually tags in MovableType.
Add a new template file. Add following into it and publish it.


AUTHOR: <$MTEntryAuthor strip_linefeeds="1"$>
TITLE: <$MTEntryTitle strip_linefeeds="1"$>
BASENAME: <$MTEntryBasename$>
STATUS: <$MTEntryStatus strip_linefeeds="1"$>
ALLOW COMMENTS: <$MTEntryFlag flag="allow_comments"$>
CONVERT BREAKS: <$MTEntryFlag flag="convert_breaks"$>
ALLOW PINGS: <$MTEntryFlag flag="allow_pings"$>
PRIMARY CATEGORY: <$MTEntryCategory$>
CATEGORY: <$MTCategoryLabel$>
DATE: <$MTEntryDate format="%m/%d/%Y %I:%M:%S %p"$>
TAGS: <$MTTagName quote="1"$>
-----
BODY:
<$MTEntryBody convert_breaks="0"$>
-----
EXTENDED BODY:
<$MTEntryMore convert_breaks="0"$>
-----
EXCERPT:
<$MTEntryExcerpt no_generate="1" convert_breaks="0"$>
-----
KEYWORDS:
<$MTTagName quote="1"$>
-----

COMMENT:
AUTHOR: <$MTCommentAuthor strip_linefeeds="1"$>
EMAIL: <$MTCommentEmail strip_linefeeds="1"$>
IP: <$MTCommentIP strip_linefeeds="1"$>
URL: <$MTCommentURL strip_linefeeds="1"$>
DATE: <$MTCommentDate format="%m/%d/%Y %I:%M:%S %p"$>
<$MTCommentBody convert_breaks="0"$>
-----

PING:
TITLE: <$MTPingTitle strip_linefeeds="1"$>
URL: <$MTPingURL strip_linefeeds="1"$>
IP: <$MTPingIP strip_linefeeds="1"$>
BLOG NAME: <$MTPingBlogName strip_linefeeds="1"$>
DATE: <$MTPingDate format="%m/%d/%Y %I:%M:%S %p"$>
<$MTPingExcerpt$>
-----

--------

Continue reading “How to move blog from MovableType 5.27 to WordPress 3.7”

Install LEMP on Centos 6.4 64bit at Burst.Net VPS

It is a guide to install LEMP on a Centos 6.4 64bit VPS at Burst.net. It is also working on other VPS. LEMP stands for Linux, NginX, MySQL, PHP.

First of all, rebuild the OS on VPS with Centos-6.2-x86_64.
os-load

Other VPS providers have similar interface to rebuild / reload operation system.

After 5 to 10 minutes, the VPS is ready to use.

SSH to VPS through PUTTY with root account.  The following installation steps will be done in terminal window.

1) Update the system to Centos 6.4

yum update

There are 158 updates need to be installed. So just confirm it and wait all the updates completed. Then the Centos is updated from 6.2 to 6.4.

Continue reading “Install LEMP on Centos 6.4 64bit at Burst.Net VPS”

  • Archives