≡ Menu

Site News: Call For Help

As regular readers know, this website has been experiencing some significant issues over the past couple of days. For long stretches, the website was down, and certain pages have been unavailable throughout this period.

Why? That’s the tricky part. I’m not a tech guy, but as best I can tell, there were two issues:

1) Server trouble

The site is run on HostGator, and their customer support has been as effective as the Cowboys defense. I was informed that HG had temporarily restricted access to MySQL, which turned into several long stretches of temporary restrictions. I was also told that HG could not tell me what the problem was.

Initially, I was told that I had too many active plugins. I was using 20 plugins, and all seemed pretty useful, but I deactivated a few in hopes of fixing this problem. It did not. It may have been because traffic has been spiking (good news/bad news!), or it could be because I was using too many resources. I was basically told to go figure it out myself.

One solution would be to move the account to a dedicated server. A cheaper option would be to figure out how to optimize MySQL resource usage. I’ve also been told by some friends that there are even “simpler” solutions, including using a caching plugin. So I’ve tried doing that now, too, although that of course involves using another plugin.

Right now, the site is working just fine. And I’ve got a caching plugin going, which hopefully works. I also have tried to deactivate some other plugins. Will this fix the problem? I have no idea.

How you can help

I have no tech experience. When I started this site a little over two years ago, my biggest concern was the tech side of things. I’ve been able to survive with only a few bumps along the way, but I could really use a few helping hands. If you know are a developer, or understand what MySQL resource usage means, or have thoughts on how to fix things, they would be greatly appreciated. And if you can provide help with issue #2, that would be great, too.

2) Spammers

One IP address in Turkey tried to access the site 1210 times in one hour. This was the cause of the most recent restriction imposed by HG, and I think HG for actually telling me the reason this time. They also went ahead and banned that IP address.

Has this been happening before? Are other IP addresses trying to spam the site? As I understand it, certain countries are notorious for this, so some similar sites have been any IP address from those countries. To the extent you guys could help me figure out how to do this, or if this is an issue for my site, that would be great, too (I think you can do this in Cpanel, although again, this is not my area of expertise).

Summary

I could use some tech help. I’m doing my best to keep things running, but I have a day job that demands a significant amount of my time. As you can imagine, writing takes up quite a bit of time, too. As a result, there’s no time left over for me to handle tech issues. What’s the solution? I’m working on a couple, but a great short-term solution would be if any Football Perspective fans could offer some tech guidance.

Thanks, and I apologize for the intermittent site issues over the past few days.

Chase

  • Cory

    This will be a fairly lengthy post. I saw a tweet from Matt Miller and I figured I’d toss my hat in and help a *little*.

    I assume you are on shared hosting since you mentioned a dedicated server which in turn makes things a little trickier for you. If you do want to move to a dedicated server / VPS digital ocean ( digitalocean.com ) has VPS’ that start off at $5 a month. Be warned though unless you have time to dedicate (which you mention you have little of) these dedicated / VPS options will require upkeep by yourself UNLESS you go with a fully managed solution.

    Step 1 you could add a service such as https://www.cloudflare.com/ which has a lot of features. One of the more important ones you mentioned was spam and other shady connections to your site. This can and could help. More security features here: https://www.cloudflare.com/features-security

    Step 2. I see on builtwith.com that they have an ssl cert listed for you. securityheaders.com says you aren’t using Strict Transport Security. Also you’re using Ngninx as your server. HTML5 boilerplate (open source project w/ some developers from Google) has server configs that will help you enable STS and other security related headers and give you the benefit or using spdy which is part of HTTP/2 and can speed things up some. https://github.com/h5bp/server-configs-nginx

    There are also wordpress plugins for this. I can’t vouch for how good they are since I don’t use wordpress but one is https://wordpress.org/plugins/better-wp-security/

    Step 2 will take a little more technical knowledge so you may want to hold off on that or have someone set it up for you. If you go the dedicated route look into using a cache like https://www.varnish-cache.org/

    Another option to help with speed optimizations is Google’s PageSpeed module https://developers.google.com/speed/pagespeed/ (the service is not currently accepting new signups) (and I just checked it is only available to hostgator VPS/Dedicated customers sorry for this derp suggestion)

    You could also ask host gator to install mod_security (the nginix variant) if it isn’t already available https://www.modsecurity.org/

    Other WordPress Plugins:
    Akismet for Comment spam https://wordpress.org/plugins/akismet/
    Yoast Database Optimizer: https://yoast.com/wordpress/plugins/optimize-db/
    WordPress Optmizer: https://wordpress.org/plugins/wp-optimize/
    * Yoast has some fairly good things for WordPress * https://yoast.com/wordpress/plugins/

    If you can’t do any of this at the very least look into getting CloudFlare. With a cache plugin and OP Code Cache enabled it might take some of the stress off your site and enhance your security and be all that you need.

    WordPress Cache and Optimizations: http://codex.wordpress.org/WordPress_Optimization/Caching
    WordPress Nginix setups: http://codex.wordpress.org/Nginx
    WordPress Site Optmizations: http://codex.wordpress.org/WordPress_Optimization

    I know this might not be of much help to you, and seems to be all over the place, but hopefully it sends you in the right direction.

    -Cory

    • Chase Stuart

      Many thanks. I haven’t heard of Yoast, but that sounds like it might be something useful for me given this situation. Any suggestion between that one and WP Optimize (presumably I wouldn’t use both)? I already have Akismet, although I don’t think that would address the specific problem of an IP address trying to access the site 1200 times in an hour.

      Step 2 sounded…. interesting, but can you dumb it down for me?

      Appreciate the thoughtful response.

      Chase

      • Cory

        Easiest way to explain it is… HSTS protects the visitor of your site from man in the middle attacks and assures the user connected to your site. Since you aren’t selling, or collecting any information it’s not such a big issue. You already have an ssl cert so it makes sense to take advantage of the SSL and offer users the security afforded by it. Here is a video explaining HSTS
        https://www.youtube.com/watch?v=zEV3HOuM_Vw

        Hostgator tech support may enable this for you or at least give you access to the configuration files so you can use the server config I linked to above from HTML5 boilerplate server configs.

        An added benefit of using Strict Transport is that Google will eventually prioritize SSL enabled sites in their search results http://googleonlinesecurity.blogspot.com/2014/08/https-as-ranking-signal_6.html

        Off name recognition alone I would go with Yoast database optimize but I don’t work with wordpress enough to give a great suggestion here.

        Cloudflare’s free plan https://www.cloudflare.com/plans may honestly be all you need to block those IP’s accessing your site couple thousand times really quickly, which HostGator seems to offer through their admin panel http://support.hostgator.com/articles/specialized-help/technical/cloudflare/what-is-cloudflare-how-do-i-enable

        • Chase Stuart

          Many thanks, Cory. I’m going to look into all this.

        • Chase Stuart

          I just ran the WP-Optimize plugin (I had trouble installing Yoast, so I went with the other).

          I think the problem may have been I had thousands of post revisions. I hadn’t realized what that meant, but after running the optimizer, my “wp_posts” table/database went from 238.6MB to 30.9MB. Even as somebody who knows nothing about what that means, I think that sounds like a pretty significant change. The total size of my database has shrunk from well over 300 MB to 102 MB. I also cleaned out the thousands of spam comments that I never did anything with since I thought it was fine that they were stuck in spam.

          Am I being naive in thinking this could fix a lot of my problems?

          • Matt Graham

            Tables/database going from 238 to 31 300 to 102 is definitely good. All those extra rows are MySQL “resources” that your site has to use to get info. Getting rid of them will reduce the “resource usage” you need. Hopefully that’s enough.

  • Regi Alston

    Just wanted to check and see if you’ve gotten any help. L
    I am a sysadmin and would be willing to help you.
    Let me know,
    Regi

    • Chase Stuart

      Hi Regi… I’d be happy to hear from anyone willing to offer some help.

  • Matt Graham

    There’s a good chance that adding caching (plus the optimizations) will give you enough to keep the site up. I’d suggest you let those changes marinate for a week or two to see if things have improved.

  • I use webfaction.com for my hosting and am very happy with it so far. Their support is great and they’re a little more developer friendly.