Recently we did some work for a customer who has been struggling with keeping load under control. The servers run a few websites, and most of the web traffic is for a handful of sites that process lots of short web transactions in PHP against a MySQL backend database. Since each transaction is mostly unique, caching wouldn’t help.

We have heard some mixed reviews of Lighttpd and decided to test it out, since it was built mainly for speed and performance. With only about an hour’s work of building, configuring, and testing, we had a fully functional Lighttpd web server running with PHP running in FastCGI mode. FastCGI offers a way to keep PHP running in memory, independently of each web server process.

In most LAMP environments, PHP is running in Apache via an Apache module, mod_php. In this case, mod_php is loaded by each Apache child process. With all of the libraries and files required, this is not very effecient. FastCGI keeps php processes running on their own, and then php scripts are passed off to it by the web server processes when needed.

We were impressed by the results.

This first graph shows the load averages on one server over the course of several days. The green dot indicates the point when we switched one of the main websites on this server over to Lighttpd.

We just did another switch to Lighttpd on a similar type of server, where most traffic consists of short high-volume transactions. Both servers are running Apache and Lighttpd side by side, with some websites still running on Apache and the high traffic ones running on Lighttpd.

I was surprised to read this article from Redmond Developer News, which describes Microsoft’s partnership with Zend. Zend is probably the most influential company driving PHP development and performance. Most large PHP websites we see are running on a *nix server platform because performance on Windows has historically been abysmal. But that may now change:

“A lot of PHP development happens on Windows,” says Mark de Visser, Zend’s chief marketing officer. “However, most deployment happens on Linux. Why? Because PHP just doesn’t run very well on Windows. That was something that Microsoft didn’t like and that we saw as a problem. So, we got together with the aim of making sure that PHP had equal performance on Windows as it has on Linux and Unix.”

Zend is claiming improved Windows performance of between 200 percent and 300 percent overall with Zend Core 2.0.

It is good to see collaboration on PHP from Microsoft. But I’m sure they will still be touting their web development platforms just the same.

Inc. Magazine just ranked the Raleigh-Cary area as the 7th largest business boomtown among US large cities. Last year, they ranked the Raleigh area as 13th in business boomtowns.

I have noticed recently that Raleigh downtime is really blowing up, just based on the number of cranes I see when driving through. Research Triangle Park is still booming and we see lots of startups and VC firms feeding them.

Wilmington is the highest ranking North Carolina city to appear on the “small cities” list. At the top of the list this year is St. George, Utah, which had an 8.4 percent year-over-year job growth rate and a whopping 41.8 percent five-year growth rate.

The PHP scripting language is very flexible and gives a lot of bang for the buck. However, it is often criticized by supporters of J2EE and other web development platforms for not scaling well. Nevertheless, we see plenty of large sites running on PHP as well as popular applications like Vbulletin.

Whenever a PHP script is run, mod_php or a php binary in CGI mode parses the script and spits the output to the web server to send along to the web browser. Basically, the php code is “compiled” on the fly. This works great until we start getting traffic to our site and have to compile the same code over, and over, and over again. Imagine having to compile an everyday program like Microsoft Office each time you load it - loading is already slow enough as it is! A PHP-driven site with lots of dynamic content will easy chew up the server’s CPU resources once the traffic hits hard enough.

Some advanced PHP applications use caching at the application level, such as Wordpress which now has some caching features. But what do you do when you have a large custom-written PHP content management system based on a sport that is now getting worldwide attention and traffic? That is the situation one of our customers was in recently. We implemented eAccelerator, an open-source project that implements caching in the PHP scripting engine. Their website explains that it “increases the performance of PHP scripts by caching them in their compiled state, so that the overhead of compiling is almost completely eliminated.”

Sure enough, eAccelerator worked as advertised. It cut the CPU usage on this particular server in half.

Realtime Black Lists (RBLs) are used by most mail servers these days in the always growing methods for controlling spam. RBLs are probably one of the oldest common methods of blocking spam, and remain in common practice because they give a lot of bang (over 50% incoming mail blocked) for the buck (free) and without too many false positives. I am updating some RBL configurations and just wanted to take a moment to review the RBLs we recommend and provide some info about them.

Spamcop
host: bl.spamcop.net
website: www.spamcop.net
how to check for a blacklisted host: http://spamcop.net/bl.shtml
about: Spamcop is one of the largest RBLs available for free use

NJABL
host: dnsbl.njabl.org
website: www.njabl.org
how to check for a blacklisted host: www.njabl.org/lookup.html
about: NJABL is another popular freely-available RBL, most listings are from clearly dynamic blocks of IP addresses and we have seen fewer false positives from NJABL than Spamcop.

Spamhaus
host: zen.spamhaus.org (combined)
website: www.spamhaus.org
how to check for a blacklisted host: www.spamhaus.org/zen/
about: Spamhaus is famous for its legal issues recently, they have been aggressively trying to prosecute spammers and deal with legal backlash from spammers as well. They maintain 3 main black lists:

• SBL: Direct UBE sources, spam services and ROKSO spammers
• XBL: Illegal 3rd party exploits, including proxies, worms and trojan exploits
• PBL: Non-MTA IP address ranges set by outbound mail policy.

The zen list combines all 3 into one big joy of blacklisting. Note that the Spamhaus blacklists are available free only for “low-traffic mail servers serving less than 100 users.”

Before implementing RBLs, make sure that you know how to whitelist around them and that your users understand that you are implementing these controls which do have the potential of blocking legitimate email. Many mail systems will allow you to implement RBLs on a per-destination-domain basis.

It looks like we missed announcing this earlier. Anyways, Tranquil Hosting is now an official RedHat hosting partner!

RedHat is the premiere Linux distributor and software company on this side of the globe. The company is headquartered just a few miles away from us in Raleigh, with 300 employees at NC State University’s Centennial Campus. RedHat’s flagship Linux distribution, RHEL (RedHat Enterprise Linux) is a popular choice for the web hosting industry due to its stability and proven performance handling large, dynamic website. RedHat also backs Fedora Project, a freely available Linux distro which was derived from RedHat’s original distro. Developments from Fedora are used to build the RHEL platform.

As a RedHat Hosting Partner, we have access to other RedHat products as well and can leverage RedHat software to better build solutions for our customers. Deployments with RHEL in hosting environments range from intense Web serving to large database and application servers.

On April 12, the CentOS team announced the final release of CentOS 5. This follows roughly 1 month after RedHat released RHEL 5. So far CentOS 5 is available for i386 (32-bit) and x86_64 (64-bit) PC hardware platforms although they expect to have future releases available to support PowerPC, IA64 and Sparc.

There are many updated software packages in CentOS 5, including Apache at 2.2 and MySQL at 5.0. I think the most significant part of CentOS 5 is the bundled Xen virtualization technology. We are doing some in-house testing with Xen now.

DirectAdmin is a web hosting control panel that we work with frequently. It certainly isn’t the most popular control panel out there, but with its clean and simple interface, spee, and price point, its a worthy contender. I recently ran into one of its shortcomings while doing a server migration.

I have been spoiled by WHM/Cpanel’s transfer scripts. They allow you to transfer sites pretty easily between servers. The scripts are automated to the point of saving and restoring user’s files, email accounts, forwarders, mysql databases, and all other relevant settings almost flawlessly. When moving sites between server’s its almost as simple as point-and-click. DirectAdmin has pretty good backup and restore features that can be used for transfers. The backup scripts packages a user’s account into a nice little tarball encapsulating all of their files, email accounts, settings, passwords, etc, much like cPanel’s scripts. The only problem is that when restoring these backups, all of the files are restored using the user’s permissions.

This becomes a problem when site owners and server admins set files to be owned by the Apache user, so that php apps can write to certain files. I contacted DirectAdmin about this and they say this is not a bug, and they wouldn’t want to restore files as root for security reasons. A server admin could then restore a malicious backup file, and if restored with root permissions, could drop a trojan or exploit on the server.

To work around this, I threw together some quick and dirty scripts to assist with a DirectAdmin server migration. I also got some random errors when DirectAdmin was importing MySQL databases, so these scripts will handle that as well

1. Export script
On the “old” server that we are moving sites away from, make a directory called /root/export and put this script in that directory, naming it export.sh:


#!/bin/bash
#
#
mysqluser="da_admin"
mysqlpass="YOUR.PASS.HERE"
cd /root/export
for i in `ls /var/lib/mysql/ | grep $1`;
do
mysqldump -Q --opt --user=$mysqluser --password=$mysqlpass $i > $i.sql
done
cd /home/$1
tar cvfpz /root/bin/$1-domains.tar.gz domains
cd /root/export
tar cvfz $1.tar.gz $1-domains.tar.gz $1*sql
rm -f $1*sql
rm $1-domains.tar.gz
scp $1.tar.gz root@10.1.1.1:import
rm -f $1.tar.gz


This script relies on you having passwordless ssh authentication setup to copy files via scp from oldserver to newserver.

2. Import script
On the new server that we are restoring sites to, make a directory called /root/import and place this script there named import.sh


#!/bin/bash
#
#
mysqluser="da_admin"
mysqlpass="YOUR.PASS.HERE"
tar xfz $1.tar.gz
cd /home/$1
rm -rf domains
mv /root/import/$1-domains.tar.gz .
tar xvfpz $1-domains.tar.gz
rm $1-domains.tar.gz
cd /root/bin
for i in `ls *sql | grep $1`;
do
dbname=`echo $i | awk -F. '{print $1}'`
echo $dbname
mysql --user=$mysqluser --password=$mysqlpass $dbname < $dbname.sql
rm -f $dbname.sql
done


chmod +x both scripts. Here is the process I follow when moving sites:

1. Create a list of sites from the old server to move
2. From the Reseller panel on the old server, create backups of all of the usernames you want to move
3. For each username, run “export.sh” on the old server with the username as an argument (i.e. ./export.sh joeuser)
4. The export.sh script will copy our custom tarball to the new server. You also need to manually copy all of the backup files from Step 2 to the reseller’s backup directory on the new server.
5. Restore all of the users from the Reseller panel on the new server
6. Import all of the custom backups on the new server. For each username, run import.sh with the username as the argument.

That should be it, happy transferring!