Bei meinem doch schon sehr populären Betrag zum Thema Hong Kong & Demonstrationen vor ein paar Tagen, ist mir die nicht funktionierende Kommentar-Funktion aufgefallen.
Als Resultat musste ich die Konfiguration meiner CloudFront-Distribution anpassen, sodass die Kommentarfunktion wieder ordentlich läuft und durch den eigentlich vorgeschalteten Cache-Filter durchdringt. Wer auch ein derartiges Problem hat, kann ganz einfach einen neuen “Cache Behavior” für die Datei wp-comments-post.php anlegen und diesen mit folgenden Settings konfigurieren:
Backup databases and data directories on the old server
Set up the new server including all software & services needed
Restore all backups to the new server
Change DNS setting to apply changes to all visitors
Sounds easy, right?
Everyone who’s done that kind of thing before, knows it’s never quite that easy. Doing the first step is quite straight forward. Not a big deal. For the second step I ended up using a combination of howtos to get everything set up properly:
My main goal was to run the smallest instance AWS has (currently t3.nano) which costs around $3.75 per month. It turned out, MariaDB (and for that also MySQL) does not start up properly at the nano instance with just 512MB of RAM. Therefore, I had to go at minimum with the t3.micro instance.
To ensure that load spikes are being handled properly and the server will not go offline during these peak times, a content distribution network (CDN) comes in handy. The great thing about AWS is that they’ve thought of all these scenarios and of course they’ve got a CDN solution ready to deploy. It’s called CloudFront. The tricky part here is, to have CloudFront kick in at the right time, because it caches content to deliver it from its own edge locations across the globe, but at the same time WordPress generates websites dynamically. So CloudFront needs to be able to work in that environment. Setting up CloudFront properly was the part that cost most time, but it works great now.
I have now deployed CloudFront with multiple sites all running on the same t3.micro instance. One by one I activated for CloudFront distribution and over the past couple of days the traffic handled by CloudFront is going up continuously.
To run massive load tests I used Apache JMeter for the first time. It’s a monster when it comes to load testing and it took me about an hour to get it running the first time. You can literally configure everything on there.
As it is when you’re setting up new things, you’ll have many “new things” you’re working with. In my case, it was the first time I used MariaDB, which is a fork from MySQL. It was also the first time I worked with php-fpm, which “is an alternative PHP FastCGI implementation with some additional features useful for sites of any size, especially busier sites”.
So far I’m quite happy with the current set up. Let’s see how this performs over time. My sites are constantly under attack from bots who are trying to figure out passwords and gain access otherwise to those sites. Yet, every site and server can and will eventually go down under just enough Denial of Service attacks. At the current attack level we’re doing OK, but let’s see how long this lasts and what adjustments I’ll have to deploy.
I recently re-launched this blog and for quite some years I have been having problems with spam. This blog is powered by WordPress — probably the most popular blog software out there. It is a popular target for spammers and other attachers who want to spread their “news”. Since the inception of this blog 13+ years ago, I’ve been receiving a lot of spam comments.
To fight off that spam, I’ve installed a plug-in called “Spam Karma” many years ago. It was working quite well, but for some reason it has stopped working. That’s probably related to the fact that the developer stopped maintaining it quite some years ago.
WordPress has its own spam fighting plug-in, which ships with WordPress by default. However, that’s built on top of an online service that you need to subscribe to. To have any significant spam fighting result, that subscription costs money. I can understand why they’re charging for their service as it keeps its database up-to-date with all the typical spam phrases, keywords, methods, etc. that those really creative spammers come up with. Yet, I believe there are a lot of other techniques that can be deployed before having to look at those real-time databases to catch the latest spam.
In fact, almost all spam I receive is always the same kind of stuff. There’s pharmaceutical products, health product, online products/services/websites, etc. To the naked eye comments relating such topics can be easily identified as spam. It’s not just the content, but also the way how these comments are composed, how their authors are called, what their backlink links to, etc.
So I ended up using a different anti-spam plug-in called “Antispam Bee” and as a form of saying “Thank you” to the author, I’m writing this blog post. I hope they are getting more people using their plug-in. It seems to work fine for me so far. The chart above shows the number of spam my antispam bee is collecting by day. It’s not that many at the moment, but if you add this up over the year, I would end up with thousands of spam comments, which I simply don’t have the time to process manually.
So again, a special thanks to the developers of Antispam Bee. Great job!
If someone of you is in the need of a spam fighting plug-in. Give the Antispam Bee a try. It works well for me.
So yesterday and today I’ve been tinkering with my blog and gave it a quick new look. The old style was from 2005 and I figured a 13 year old look might not up to our trained eyes yet. The new look still has some quirks like the cut off images on the right, but it is already way better than before. When I have time, I’ll probably fix those.
Just for the sake of documenting my progress, let’s check out some comparison screen shots.
Nachdem ich ewig nicht die DNS-Einträge, die Serverkonfiguration und die WordPressinstallation ändern wollte, habe ich dies nun endlich auf die Reihe bekommen. Fast 4 Jahre und 10 Monate nachdem dieser Blog aus der Taufe gehoben wurde, hat er nun endlich “Pretty Permalinks“. Ja, ich bin ein wenig langsam aber lieber spät als nie, wa? 🙂