Site Update

In the past two weeks or so, I’ve been fighting with the site instead of adding content. The hosting company was complaining of too high resource usage on a shared server… but was unable to provide me with detailed access log.

In late September the site was Reddited (thanks to the MS C 5.1 floppy fun article) which triggered a significant though brief spike in traffic. To lighten the database load, I set up a WordPress caching plugin, which unfortunately had a nasty side effect—it forced me to change the permalink format, which made it look to all search engines like the whole site changed.

The caching did make a difference, but doubled site traffic for about a week. I also set up an image lazy load plugin to further reduce the load. There’s also some kind of suspicious traffic hitting the server—I don’t believe for a second that 25% of the site’s readers suddenly went back to MSIE 6.0, but it could be something like this. Oh, and IP blocks have been set up for the busiest bees spamming from beyond the Great Firewall.

Normal service should resume soon. Long term (well, probably next year) the site most likely needs to move to a VPS with a fixed resource cap so that if the limit is hit, no other accounts on a shared server are affected. The challenge will be finding something cheap enough or raise funds somehow.

This entry was posted in Site Management. Bookmark the permalink.

8 Responses to Site Update

  1. Peter Godwin says:

    I’ve used a few cheap VPS hosts I can recommend. BuyVM and Vultr have both been reliable for me. Happy to throw $20 or so to the site to help.

    Another option to consider is actually Azure websites which has PHP support now, and might end up being free depending on your needs.

  2. Tux says:

    Been lurking the site for about a year now. I recommend RamNode.

  3. DOS says:

    I’m happy to donate so long as the mechanism for donating is secure-ish and not too hard.

  4. Michal Necasek says:

    Thanks for the suggestions! Looks like my next task is to figure out how much memory/disk space/bandwidth the site actually needs, and what other fun stuff might be added on a VPS.

  5. ender says:

    You can also look at kimsufi for low-cost dedicated servers.

  6. Heh I know all about those growing pains!

    The good thing is that it means your site is growing! The bad news is well it’ll require more TLC. I’ve had quite a number of fun struggles, but I think it’s gotten me in a better spot.

    Remember to do backups! I would have been completely screwed if I had not had some kind of backup scheme in place. Obviously more frequent backups are the way to go, I was only doing a weekly backup at one point, and lost a weeks worth of posts. Although google’s cache helped me to fish them out.

    I’m hosting right now with chicagovps.net I scooped a physical server, so I can run at 100% CPU and not get into any trouble. So that is quite nice. Now if only OS/2 ran under KVM…

    Also look at cloudflare. The good news is that they have helped me get better uptime numbers, but the bad side is now spam comes in through their hosts, not the 1:1 addresses.. Askimet does a great job, but it is insane how much spam I get a day. So I don’t even look at the queue anymore, but I purge it instead. I suspect the next thing I’ll do is break the sql server and web server roles out to separate VM’s and do something L4 ish for web balancing.

    The big thing I’ve found out the hard way is to keep stuff like NetHack for Windows CE on another VPS somewhere else, and password protect files to keep anti-virus idiots out.

    lowendbox always has cheap stuff, but as they say sometimes you get what you pay for. But cloudflare is free, you should check it out…

  7. Michal Necasek says:

    I stopped going through the spam posts years ago, there was just too much. In the worst spikes, I’d get 1,000+ spam comments a day (and then some botnet would get taken down and it’d go back to normal). Not a single spam comment ever got published, but that doesn’t stop the spammer morons–they don’t learn, if they did they’d have given up a long time ago. Clearly the only way to stop it for good would be making each post cost something (not necessarily money).

    I’m still figuring out my options. A VPS sounds attractive, but a real box has the huge advantage that no one will yell at me if spammers slow it down.

    BTW do you know some really good/reliable source for .htaccess magic to combat WordPress spam? A lot of the nasty traffic follows certain rather obvious patterns, but I’m not too experienced in that area (give me some C code and I’ll figure it out, no problem).

  8. I rely heavily on AkiMet. As long as you don’t use cloudflare, which will shunt all the access through their IP’s, what I did before was to run a SQL query against the comment table looking for spammers, and then ad them to the firewall and block their IP’s. I found that solution not only satisfying, but incredibly effective.

    Using the sql/pf way I’d get ~ 3,000 spam comments a month that Askimet would then flag and I’d manually purge when I got around to it. Now with Cloudflare I get ~30,000 a month. Although I can still block them from hitting my machine.. since they are botnet or something I don’t want them talking to me.

    What I really need to do is setup an apache reverse proxy so I can redirect based on browser string or something so I can track and shunt this stuff better.

Leave a Reply

Your email address will not be published. Required fields are marked *