All-in-One WP Security and Firewall plugin can be spectacular, but be careful

Over the weekend I installed the All-in-One WP Security and Firewall plugin to fix another issue–more on that tomorrow–and I ended up breaking my site. Hopefully I fixed it to a better state than it started in.

The lesson, as with many security tools, is to proceed with caution.

Read more

Make WordPress more mobile-friendly

I took some steps this weekend to make the site more mobile-friendly. I get a lot of traffic from tablets and phones, so I figure the better their experience, the more likely they are to stay around. Fortunately it’s not hard to make WordPress more mobile-friendly.

First, I switched to a 2-column format. On small screens, two columns display better than three.

Next I installed a plugin called definitely-allow-mobile-zooming. This forces your page to allow zooming on mobile devices, since some CSS disallows it. On some devices my page worked fine without it, but Google’s tools flagged me as mobile-unfriendly until I installed it.

Google is going to start tweaking search results based on whether the searcher is on a desktop or a mobile device and favor sites that render well under the searcher’s conditions, so these adjustments are worth making if you value search engine traffic.

Another easy Apache tweak

I ran my site through Google Page Speed on Tuesday, and scored a surprising 88 out of 100–higher than I expected. Getting above 90 is going to take some optimizations on files that WordPress updates may change, so I’m hesitant to do that, but one thing it told me to do was to cache more aggressively. That’s pretty easy, as it turns out, and I could definitely feel a difference afterward.

Here’s the trick. Read more

How to maximize a Computer Science degree

Yesterday an interesting question popped up on Slashdot, asking for an alternative to a computer science degree for an aspiring web developer. He complained that what he’s learning in class doesn’t relate to what he wants to do in the field.

Assuming that by “web developer” he means someone who can code stuff in ASP and/or PHP with a database backend and do stuff in Javascript–as opposed to a designer who just does HTML and CSS–I think he’s best off staying where he is and asking better questions.
Read more

How to use compression to help life with an SSD

Since pretty much everyone thinks my love of SSDs is insane, I’ll throw another insane idea on top of it: using data compression. It makes sense. Doing it selectively, you help performance, while saving space. At a much higher cost per gig, that saved space is very nice to have.

Here’s why compression makes sense. Under many circumstances, an SSD can saturate your IDE bus. Then you run into the 56K modem problem. The bus is saturated, but you want more speed, so what do you do? Compress the data. Although data compression makes people nervous (shades of DoubleSpace I’m sure), modems have been doing this for two decades. Why? Because it works.

So while your drive is happily shoving 200 megs per second through your IDE bus, if you can compress that file by 20 percent, guess what? You’ll get 20% better throughput.

CPU usage is the main objection to this. But in my experience, NTFS compression uses 20-40% of a recent (P4-class or newer) CPU when compressing. That’s the hard part. When decompressing, overhead is a lot less. The objections to NTFS compression really date to the days when 200 MHz was a fast CPU.

I don’t recommend just compressing your whole disk. Selective compression is a lot better. There’s no use trying to compress data that’s already compressed, and a lot of our data is.

Use the command COMPACT to do the job for you. Here’s my sequence of commands:

CD \
COMPACT /S /C *.doc *.xls *.rtf *.txt *.1st *.log readme* *.bmp *.wav *.wmf *.bat *.cmd *.htm *.html *.xml *.css *.hlp *.chm *.inf *.pnf *.cat

If you have other compressible files, of course you can add those.

This is a one-time event, but you can schedule it to happen daily or weekly if you want. Just put the two lines in a batch file and create a scheduled task to run it. The command will skip any files that are already compressed. While the compression itself doesn’t take a lot of CPU time, scanning the drive does, so you might want to run it while you’re away if you’re going to schedule it.

Don’t bother trying to compress your My Music or My Pictures directories; that data is all highly compressed already, so all you do is tax your CPU for no reason when you compress that kind of data. Of course the main reason people buy 1 TB drives is because they have hundreds of gigabytes of music and movie files. It’ll be a while before storing that kind of data on SSD is practical. In that case, buy an SSD to hold the operating system and apps, and a conventional drive to hold all that data.

Some people compress their C:\Program Files directory. This can work, but some programs are already compressed. I would be more inclined to experiment with subdirectories on a case-by-case basis. Try compressing one program directory, see if it packs down any, and if it does, great. If not, uncompress it and move on.

UPX does an outstanding job of packing down program files but it’s not completely transparent. I found enough programs didn’t run afterward that I gave up on it. NTFS compression is a lot less effective, but a lot more transparent. As long as you don’t compress your swap file or hibernation file (and Windows will warn you incessantly if you even try to do that), you won’t break anything with it.

If you enjoy tinkering with things, by all means feel free to experiment with UPX. There was a time when I would have probably done it, but given a choice today between playing with data compression or playing with metalworking tools, I’d rather play with my metalworking tools.

But I do really like this SSD. For the first time in a very long time, I can sit down at a computer running modern software and it still feels fast.

Fixing Windows font sizing. Sort of.

So, I’ve got this nifty new laptop. It’s fast and reliable and it’s got a huge 15-inch screen.

The screen’s native resolution is 1400×1050. So the huge screen is full of tiny text.No problem, right? Right-click on the desktop, hit properties, go to appearance, go to font size, select extra large, and go to town, right?

Not quite. When I did that, I got big, gorgeous fonts some of the time and little teeny fonts other times and lots of apps, even those from the Vole itself, can’t handle the font size change without going all goofy.

A better solution is hidden more deeply. Right-click on the desktop and select properties. But go to settings, advanced, and under general, you’ll find a DPI setting. Since the default is 96 DPI and this screen’s resolution is about 50% larger than I would like, I switched to a custom setting and scaled to 150%, which gives 144 DPI.

Many CSS-heavy web pages still display goofy, including this one, so I end up hitting CTRL-+ and CTRL– to adjust the sizes of pages to make them readable, but apps like Outlook (yes, I’m one of those poor souls stuck in an MS Exchange environment) that don’t respond well to the large fonts setting work much better when you change the DPI.

So now I can take advantage of the high resolution display to actually make the computer display look better, rather than merely cramming lots more stuff in the same space as before.

Optimizing dynamic Linux webservers

Linux + Apache + MySQL + PHP (LAMP) provides an outstanding foundation for building a web server, for, essentially, the value of your time. And the advantages over static pages are fairly obvious: Just look at this web site. Users can log in and post comments without me doing anything, and content on any page can change programmatically. In my site’s case, links to my most popular pages appear on the front page, and as their popularity changes, the links change.

The downside? Remember the days when people bragged about how their 66 MHz 486 was a perfectly good web server? Kiss those goodbye. For that matter, your old Pentium-120 or even your Pentium II-450 may not be good enough either. Unless you know these secrets…

First, the simple stuff. I talked about a year and a half ago about programs that optimize HTML by removing some extraneous tags and even give you a leg up on translating to cascading style sheets (CSS). That’s a starting point.

Graphics are another problem. People want lots of them, and digital cameras tend to add some extraneous bloat to them. Edit them in Photoshop or another popular image editor–which you undoubtedly will–and you’ll likely add another layer of bloat to them. I talked about Optimizing web graphics back in May 2002.

But what can you do on the server itself?

First, regardless of what you’re using, you should be running mod_gzip in order to compress your web server’s output. It works with virtually all modern web browsers, and those browsers that don’t work with it negotiate with the server to get non-compressed output. My 45K front page becomes 6K when compressed, which is better than a seven-fold increase. Suddenly my 128-meg uplink becomes more than half of a T1.

I’ve read several places that it takes less CPU time to compress content and send it than it does to send uncompressed content. On my P2-450, that seems to definitely be the case.

Unfortunately, mod_gzip is one of the most poorly documented Unix programs I’ve ever seen. I complained about this nearly three years ago, and the situation seems little improved.

A simple apt-get install libapache-mod-gzip in Debian doesn’t do the trick. You have to search /etc/apache/httpd.conf for the line that begins LoadModule gzip_module and uncomment it, then you have to add a few more lines. The lines to enable mod_gzip on TurboLinux didn’t save me this time–for one thing, it didn’t handle PHP output. For another, it didn’t seem to do anything at all on my Debian box.

Charlie Sebold to the rescue. He provided the following lines that worked for him on his Debian box, and they also worked for me:

# mod_gzip settings

mod_gzip_on Yes
mod_gzip_can_negotiate Yes
mod_gzip_add_header_count Yes
mod_gzip_minimum_file_size 400
mod_gzip_maximum_file_size 0
mod_gzip_temp_dir /tmp
mod_gzip_keep_workfiles No
mod_gzip_maximum_inmem_size 100000
mod_gzip_dechunk Yes

mod_gzip_item_include handler proxy-server
mod_gzip_item_include handler cgi-script

mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/postscript$
mod_gzip_item_include mime ^application/ms.*$
mod_gzip_item_include mime ^application/vnd.*$
mod_gzip_item_exclude mime ^application/x-javascript$
mod_gzip_item_exclude mime ^image/.*$
mod_gzip_item_include mime httpd/unix-directory
mod_gzip_item_include file .htm$
mod_gzip_item_include file .html$
mod_gzip_item_include file .php$
mod_gzip_item_include file .phtml$
mod_gzip_item_exclude file .css$

Gzipping anything below 400 bytes is pointless because of overhead, and Gzipping CSS and Javascript files breaks Netscape 4 part of the time.

Most of the examples I found online didn’t work for me. Charlie said he had to fiddle a long time to come up with those. They may or may not work for you. I hope they do. Of course, there may be room for tweaking, depending on the nature of your site, but if they work, they’re a good starting point.

Second, you can use a PHP accelerator. PHP is an interpreted language, which means that every time you run a PHP script, your server first has to translate the source code into machine language and run it. This can take longer than the output itself takes. PHP accelerators serve as a just-in-time compiler, which compiles the script and holds a copy in memory, so the next time someone accesses the page, the pre-compiled script runs. The result can sometimes be a tenfold increase in speed.

There are lots of them out there, but I settled on Ion Cube PHP Accelerator (phpa) because installation is a matter of downloading the appropriate pre-compiled binary, dumping it somewhere (I chose /usr/local/lib but you can put it anywhere you want), and adding a line to php.ini (in /etc/php4/apache on my Debian box):

zend_extension=”/usr/local/lib/php_accelerator_1.3.3r2.so”

Restart Apache, and suddenly PHP scripts execute up to 10 times faster.

PHPA isn’t open source and it isn’t Free Software. Turck MMCache is, so if you prefer GPL, you can use it.

With mod_gzip and phpa in place and working, my web server’s CPU usage rarely goes above 25 percent. Without them, three simultaneous requests from the outside world could saturate my CPU.

With them, my site still isn’t quite as fast as it was in 2000 when it was just serving up static HTML, but it’s awfully close. And it’s doing a lot more work.

And we\’re live

I’m pleased to unveil The Silicon Underground, Version 5.0. I’d still like to do some design work and a little more tweaking here and there, but now that we’ve reached the point where what we have now is better than anything we’ve had before, it’s time to throw the switch.

Design. The default layout is CSS-based. Some people don’t like CSS, because Internet Explorer won’t resize text on pages that use CSS. You can pick “clean,” a layout that doesn’t use CSS, from the menu at the top left. It’s about double the size of the CSS-based layout but will render well in browsers that have issues with CSS.

Click one link, and the site stores your preference.

Over time, I will probably introduce new templates. The two I have now are pretty generic; I literally dropped my old logo into existing templates and made just one or two other changes.

Filtering. Maybe you just come here for the computer-related entries and couldn’t care less about what I write about toy trains. Or vice-versa. You can selectively indicate which story categories you want to ignore, and the site will remember your preference.

Search. The search functions on the previous software I was using (b2) were nice at first, but once I had several hundred entries in the site, it started getting less and less useful. This search engine allows you to limit your searches within a topic and to perform three types of search: exact phrase, all words, and any words.

Speed. While the uplink speed of my DSL line is still a limiting factor, now it’s the biggest limiting factor. The database search now accounts for about 10% of the time you spend waiting for the page. Previously it was more than half.

I hope you enjoy it.

Hacking Mozilla Firebird

Nothing frustrates me more than unfulfilled potential. And that’s why Mozilla Firebird, in spite of its amazing strengths–great speed and small footprint, aside from the things it inherited from Mozilla like good standards compliance, tabbed browsing, popup blocking–well, it bugs me. Why settle for being great when you can be the best there ever was and make people wonder if there ever will be anything better?
Every other modern browser I’ve seen lets you turn off GIF animation. I always do. Still ads very rarely bother me. Moving ads do about 99.999% of the time. As it turns out, Firebird still has the capability, the control panel option is just gone now, in order to make the browser less confusing.

To get it back, locate the file prefs.js inside your profile. In Linux, search your home directory; in Windows, use the Find File option and remember that every Mozilla-derived browser you have installed will have one. Once you find it, open it in a text editor and add the following line:

user_pref(“image.animation_mode”, “none”);

Another good option, if you like movement but don’t like looping distraction, is to replace the word “none” with “once”. Then the animation cycles once and terminates.

Shut down your browser if it’s open, then save the file. Close the file, then reopen your browser. You’ll now be able to browse in peace.

There are bunches of other good tips at this page. Here are my favorites:

Disable blinking text by creating the file user.js in the same directory as your prefs.js file if it doesn’t exist (it doesn’t by default), and insert the following text:

// Put an end to blinking text!
user_pref(“browser.blink_allowed”, false);

Disable the marquee tag by creating the file usercontent.css in the same directory as your prefs.js file if it doesn’t exist (it doesn’t by default), and insert the following text:

/* Stop those marquee tags! */
marquee {
-moz-binding : none !important;
display : block;
height : auto !important;
}

Speed up browsing on fast machines by creating the file user.js in the same directory as your prefs.js fileif it doesn’t exist (it doesn’t by default), and insert the following text, which removes a quarter-second delay before starting to render the page:

// This one makes a huge difference. Last value in milliseconds (default is 250)
user_pref(“nglayout.initialpaint.delay”, 0);

Turn on pipelining to speed things up some more by creating the file user.js in the same directory as your prefs.js file if it doesn’t exist (it doesn’t by default), and insert the following text:

// Enable pipelining:
user_pref(“network.http.pipelining”, true);
user_pref(“network.http.proxy.pipelining”, true);
user_pref(“network.http.pipelining.maxrequests”, 100);

Why my ramdisk techniques don’t work with XP

I got a question today in a roundabout way asking about ramdisks in Windows, specifically, where to find my instructions for loading Win98 into a ramdisk, and how to do the same in XP.
I haven’t thought about any of this kind of stuff for more than two years. It seems like two lifetimes.

The original instructions appeared in my book, Optimizing Windows (now in the half-price bin at Amazon.com), and instructions to use DriveSpace to compress the disk appear here. You can get the freeware xmsdisk utility this trick requires from simtel.

These techniques absolutely do not work with Windows NT4, 2000, or XP. Despite the similar name, Windows NT/2000/XP are very different operating systems than Windows 9x. Believe it or not, they’re much more closely related to IBM’s OS/2 than they are to Windows 98. Since there is no DOS laying underneath it all, there’s no easy way to do the trickery that the bootable ramdisk tricks use. What these two tricks do is literally intercept the boot process, copy Windows into the ramdisk, then continue booting.

There’s a $99 piece of software called SuperSpeed that gives the NT-based operating systems this capability. I haven’t used it. I imagine it works using the same principle, hooking into the boot process and moving stuff around before booting continues.

The downside, no matter what OS you use, is the boot time. XP boots in seconds, and my book talks about the trickery necessary to get 95 and 98 to boot in 30 seconds or less. But any time you’re moving a few hundred megs or–yikes–a gig or two of data off a disk into a ramdisk, the boot process is going to end up taking minutes instead.

Is it worth it? For some people, yes. It’s nice to have applications load instantly. A lot of things aren’t CPU intensive. You spend more time waiting for your productivity apps to load than you do waiting for them to do anything. Web browsing and e-mail are generally more bandwidth- and disk-intensive than they are CPU-intensive (although CSS seems determined to change that).

But a lot of games aren’t especially disk-intensive, with the possible exception of when they’re loading a new level. So loading the flavor-of-the-week FPS game into a ramdisk isn’t going to speed it up very much.

Of course, XP is far, far more stable than 98. Windows 9x’s lack of stability absolutely drives me up the wall, and for that matter, I don’t think 2000 or XP are as stable as they should be. Given the choice between XP or 98 in a ramdisk, I’d go for XP, with or without speedup utilities.

I’ve made my choice. As I write, I’m sitting in front of a laptop running 2000 (it’s VPNed into work so I can keep an eye on tape backup jobs) and a desktop PC running Linux. I have a 400 MHz Celeron with Windows 98 on it, but it’s the last Win9x box I have (I think I had 4 at one point when I was writing the aforementioned book). Sometimes I use it to play Baseball Mogul and Railroad Tycoon. Right now it doesn’t even have a keyboard or monitor connected to it.

I guess in a way it feels like hypocrisy, but I wrote the first couple of chapters of that book with a word processor running in Red Hat Linux 5.2 (much to my editor’s chagrin), so I started down that path a long, long time ago.

WordPress Appliance - Powered by TurnKey Linux