making bbPress (and WordPress) work better!


Nginx 1.9.5 brings built-in HTTP/2.0 support, replaces SPDY

Nginx 1.9.5 will ship this month shipped 9/22 with new HTTP/2.0 support:

It replaces the SPDY module since they cannot be both active at the same time. HTTP/2.0 spec was finalized May 14th 2015 so it can now be implemented and standardized.

HTTP/2.0 features only work over HTTPS (tls/ssl) connections in most browsers which is unfortunate since virtually all WordPress based websites could benefit from the speedup.

There is a catch in that your server must use OpenSSL 1.0.2 or newer (or be backported with ALPN support ala Redhat)

Nginx must be compiled with

./configure --with-http_v2_module (etc.)

and then in your Server {} block replace spdy with http2

server {
    listen 443 ssl http2;

This demo claims to demonstrate how HTTP/2.0 is faster for many small elements on a page:

Firefox 36+, Chrome 40+ and IE11 (on Windows 10) currently support HTTP/2.0 over TLS

PHP 7 Opcache adds Huge Pages support for extra performance

The PHP 7 opcache (open sourced by Zend, which replaced APC) gets a little performance boost from the added support of Huge Pages by Dmitry Stogov:

Added an experimental ability to move PHP code pages (PHP TEXT segment) into
HUGE pages.

; Enables or disables copying of PHP code (text segment) into HUGE PAGES.
; This should improve performance, but requires appropriate OS configuration.

Note that PHP must first be compiled with the appropriate configure option:

./configure --enable-huge-code-pages  (... etc.)

Essentially, Huge Pages (on OS that support them) reduces the size of the index that has to be searched to find allocated memory by allowing larger chunks of memory to be claimed instead of smaller blocks.

See the Debian wiki for a better explanation of huge pages:

This will have to benchmarked to prove if it really enhanced performance and by how much (I suspect low single digits but everything helps).

Also new to PHP 7 will be a file-based cache for the opcache which can be used as either the primary or a secondary cache level: Read the rest of this page »

New WordPress Attack Compromising 5000 Websites Every Day

There is a new WordPress attack going around and in the past two weeks it has taken off, infecting 5000 sites per day:

Its goal apparently is to redirect visitor browsers to a site that attempts all the latest breach hacks so their computer can be further compromised.

Scan your files (and perhaps database) for “visitorTracker_isMob”

grep -r "visitorTracker_isMob" *

or perhaps more specifically only .js files

grep "visitorTracker_isMob" -ri --include \*.js

PHP 5.4 reaches End-of-Life, PHP 7.0 release schedule filled, PHP 7.1 Branched

PHP 5.4 hit EOL yesterday (end of life). There will not be any further security updates for it. You should be using PHP 5.6 anyway, it is slightly faster.

Meanwhile PHP 7.1 has now received its own branch and the rest of the release candidate schedule has been filled out on the timetable:

Sep 17 2015 PHP7 RC 3
Oct 01 2015 PHP7 RC 4
Oct 15 2015 PHP7 RC 5
Oct 29 2015 PHP7 RC 6
Nov 12 2015 PHP7 Final

So every other Thursday through November will bring more and more stability to PHP 7.0 which will be the most important PHP release since PHP 4

CURL broken in CentOS 7 / RHEL7 for past year

If you suspected maybe WordPress and other PHP apps were slower to ping/trackback sites and other fetches under CentOS 7 than CentOS 6, you aren’t imagining things.

Apparently libCurl (and therefore Curl in PHP) has been broken for over a year now without RedHat applying the available patch and pushing an update.

patch: (note July 2013)

Read the rest of this page »

Google Apps for email (Gmail for your domain) blocks some legitimate mail by default

If you are using Google Apps for your domain name and gmail is your email service, then you aren’t getting important messages sent to “abuse” and “postmaster”.

Google intercepts all abuse@domain and postmaster@domain email and does NOT provide you with a copy by default! Thanks Google, ugh.

Read the rest of this page »

To Save the Future of WordPress, Steal This Idea…

A Little History…

Nearly 13 years ago, Michel Valdrighi quietly added some code to his
program which unknowingly was to become one of WordPress’s greatest abilities:

That code commit back in October 2002 contans a single note: “now with b2_filter support !” – perhaps the exclamation point exposing a little thrill that this was something new and exciting, but I have to wonder if he could actually imagine what it really meant for the future.

In fact with the addition of those functions “add_filter/apply_filters” one can begin to easily recognize some of the oldest source code as WordPress itself, compared to earlier versions.

Read the rest of this page »


Get every new post delivered to your Inbox.

Join 55 other followers