making bbPress (and WordPress) work better!


How to build HHVM 3.22 master trunk on CentOS 7

HHVM 3.20, 3.21 and 3.22 are still faster than PHP 7.2 especially with many connections under load, however as of October 2017 there still are no official pre-compiled HHVM packages for CentOS 7.x so we need to revisit how to build it by hand, which is not too difficult, just takes most servers awhile to assemble

There are instructions on the HHVM wiki for CentOS7 but they are a year out of date now.

The process is straightforward, first we need to not only make sure we have all the libraries we need but also the development libraries and most recently a newer version of the GCC compiler, we will use GCC 6.3 found in the official SCL Devtoolset-6 for CentOS 7 (trusted because it is built by Redhat/CentOS)

Read the rest of this page »

How to fix “mutation operation” errors in Firefox

You may find at some point using firefox you are unable to access some websites which rely on complex javascript libraries. When you look at the errors on the page, you see:

A mutation operation was attempted on a database that did not allow mutations

The solution is to make sure dom.indexedDB.enabled is set to true in about:config

One example of a website with this problem is which will not display anything on the page unless this setting is enabled. Developers should wrap such function calls in try/catch or other error handling so your entire website doesn’t fail. Browser sniffing is not adequate.

Nginx 1.9.5 brings built-in HTTP/2.0 support, replaces SPDY

Nginx 1.9.5 will ship this month shipped 9/22 with new HTTP/2.0 support:

It replaces the SPDY module since they cannot be both active at the same time. HTTP/2.0 spec was finalized May 14th 2015 so it can now be implemented and standardized.

HTTP/2.0 features only work over HTTPS (tls/ssl) connections in most browsers which is unfortunate since virtually all WordPress based websites could benefit from the speedup.

There is a catch in that your server must use OpenSSL 1.0.2 or newer (or be backported with ALPN support ala Redhat)

Nginx must be compiled with

./configure --with-http_v2_module (etc.)

and then in your Server {} block replace spdy with http2

server {
    listen 443 ssl http2;

This demo claims to demonstrate how HTTP/2.0 is faster for many small elements on a page:

Firefox 36+, Chrome 40+ and IE11 (on Windows 10) currently support HTTP/2.0 over TLS

PHP 7 Opcache adds Huge Pages support for extra performance

The PHP 7 opcache (open sourced by Zend, which replaced APC) gets a little performance boost from the added support of Huge Pages by Dmitry Stogov:

Added an experimental ability to move PHP code pages (PHP TEXT segment) into
HUGE pages.

; Enables or disables copying of PHP code (text segment) into HUGE PAGES.
; This should improve performance, but requires appropriate OS configuration.

Note that PHP must first be compiled with the appropriate configure option:

./configure --enable-huge-code-pages  (... etc.)

Essentially, Huge Pages (on OS that support them) reduces the size of the index that has to be searched to find allocated memory by allowing larger chunks of memory to be claimed instead of smaller blocks.

See the Debian wiki for a better explanation of huge pages:

This will have to benchmarked to prove if it really enhanced performance and by how much (I suspect low single digits but everything helps).

Also new to PHP 7 will be a file-based cache for the opcache which can be used as either the primary or a secondary cache level: Read the rest of this page »

New WordPress Attack Compromising 5000 Websites Every Day

There is a new WordPress attack going around and in the past two weeks it has taken off, infecting 5000 sites per day:

Its goal apparently is to redirect visitor browsers to a site that attempts all the latest breach hacks so their computer can be further compromised.

Scan your files (and perhaps database) for “visitorTracker_isMob”

grep -r "visitorTracker_isMob" *

or perhaps more specifically only .js files

grep "visitorTracker_isMob" -ri --include \*.js

PHP 5.4 reaches End-of-Life, PHP 7.0 release schedule filled, PHP 7.1 Branched

PHP 5.4 hit EOL yesterday (end of life). There will not be any further security updates for it. You should be using PHP 5.6 anyway, it is slightly faster.

Meanwhile PHP 7.1 has now received its own branch and the rest of the release candidate schedule has been filled out on the timetable:

Sep 17 2015 PHP7 RC 3
Oct 01 2015 PHP7 RC 4
Oct 15 2015 PHP7 RC 5
Oct 29 2015 PHP7 RC 6
Nov 12 2015 PHP7 Final

So every other Thursday through November will bring more and more stability to PHP 7.0 which will be the most important PHP release since PHP 4

CURL broken in CentOS 7 / RHEL7 for past year

If you suspected maybe WordPress and other PHP apps were slower to ping/trackback sites and other fetches under CentOS 7 than CentOS 6, you aren’t imagining things.

Apparently libCurl (and therefore Curl in PHP) has been broken for over a year now without RedHat applying the available patch and pushing an update.

patch: (note July 2013)

Read the rest of this page »