I am trying to optimize a Wordpress at his best.
What I have done up to now :
WP-Cron disabled, called through a cron-tab query (every 10 min)
Disabled all plugins that aren't needed
Installed / configured WP Super Cache together with WP Minify
Disabled Revisions (but then re-enabled it because I was getting empty posts (strange)
Put a subdomain as a CDN for images and scripts
here is a classic report of Resource Usage on my control panel :
57.0% .../index.php ()
7.0% php -q ../wp-cron.php ()
5.0% httpd (...)
Specs :
Around 5000 unique visitors / day
I would like to avoid moving to a dedicated server (this a shared hosting) or at least try everything I can before having to move.... any idea?
I use the Total Cache plugin, the free version and it works very fine. I don't have problems with new posts.
http://wordpress.org/extend/plugins/w3-total-cache/
This plugin does everything also minify html,javascript and css
As pointed out by Ahmad Suhendri, dedicated server was a good idea. I moved to a dedicated server and now the website is very fast.
Related
I have a website that is running on an AWS server using the Bitnami Nginx and WordPress image.
https://www.athleticclubhk.com/
Recently it got all our ads on Google stopped due to malicious content. Oddly this time, its trickier then your standard malware of infected files. When visiting the site incognito, the first and only the first link click gets redirected using the following code:
window.location.replace("https://cartoonmines.com/scount");window.location.href = "https://cartoonmines.com/scount";
This is being injected on any link, however, upon investigating the loaded code on inspect its not injecting it into the page.
I've tried to hunt down the theme, plugins, core files and found nothing!
I replaced and reinstalled WordPress core files, deactivated all plugins and even swapped the theme - the problem is still there. I can't find any hidden .htaccess file in the entire root directory.
I even used GREP to try to look for anything fishy (any clues here that someone can help with?) nothing so far.
The site is still impacted with this so you can easily load the link ~ i do use malwarebytes to keep myself protected, incase you are opening this directly.
Can anyone help?
The redirection code is implanted to /wp-includes/js/wp-emoji-release.min.js.
How to confirm:
watch the cookies when clicking internal page, a new cookie is being set for tracking first clicks, named ht_rr
save complete webpage locally and try to load it, and check in Chrome dev tools, you'll see that in Console tab it complains about this Javascript file attempting to set the aforementioned cookie
While a temporary resolution of deleting the file will fix things for some time...
There's no excuse for not setting up a proper server stack. Bitnami or other "great stacks" won't cut it security-wise. They exist for "fast", but no "quality" setup, and of course, it's never going to be secure.
The file got created somehow / had write privileges. This indicates a problem with the setup most of the time. Unless you're using some nulled plugins or plugins from bad sources.
Once again, since the website was essentially "pwned", deleting the Javascript file does not mean complete disinfection. To preserve things in a secure state, I would recommend setting things on a clean server environment with strict PHP-FPM permissions aka "lockdown" chmod, and look for write errors to look for infected PHP files.
Check out some guides on the matter of secure NGINX/PHP-FPM setup:
NGINX and PHP-FPM. What my permissions should be?
Best practice secure NGINX configuration for WordPress
NGINX Security Headers, the right way
Just had the same problem and it was Zend Font Plugin, the same that some people mentioned before.
Installed Wordfence and this came out. Deleted the plugin and now the site is working perfectly.
Disable plugins and check again.
Change the database username and password.
Ask the hosting manager to check the host.
I have a WordPress website and it loads extremely slow. It is on AWS and when I connect to instance and command type top everything looks fine except in cloudwatch it spikes to 100% CPU Utilization.
When I click on a link on the website the .php-fpm.bin reaches %CPU that it shows when I run the command 'top' is between 20-22% and 4 or 5 of them are running which it shows as to reach 100% and that's when clicking on only 1 link.
How can I fix this and improve load time of website.
It is currently on t1.micro, I could upgrade instance but it should work fine on this. I know a couple people who are also hosting website on t1.micro instance and it works perfectly fine. I couldn't get them to help me out with it though.
I have checked all plugins and activated and deactivated all one by one and currently only plugins required are active. There are currently no cache plugins or anything like that as I am just sorting out the settings for W3 Total Cache.
I hope someone can help me out with this please
Thanks in advance.
Try to switch to the default WP Twenty Fourteen theme and see it the loading time is better, if it is - then the problem is with your theme.
Check for meaningless functions or curl calls in theme's functions.php file (if it is warez theme). Also check your theme's style.css file and observe if you use URL of backgrounds which come from different domain or if the theme import external style-sheets with #import rule.
In my opinion, T1 micro instances are just to small for website hosts. Their performance is variable, memory low and there is no guaranteed, amount of CPU reserved for you.
This page outlines how and when AWS will purposefully reduce the performance of T1-Micro instances:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts_micro_instances.html
Simplest fix is to upgrade to a larger instance.
If you're using W3 Total Cache try disabling (if you've turned on) the "Object Cache" feature
I have just launched the website - exactabacussoftware.com built with a custom theme in wordpress.
I noticed that the page load time was stupidly slow and when I checked the results with pingdom I could see that a lot of the analysis was duplicated and I'm not sure why this is or even if it is whats causing the site to load so slowly.
I haven't yet integrated a cache plugin which I intend to do but regardless of this I cannot see why this page loads for around 24 secs.
The entire site loads properly except for the blog page -
http://tools.pingdom.com/fpt/#!/cEmMjD/http://www.exactabacussoftware.com/blog
Server Spec:
Windows server 2008R2
IIS version 7.5
PHP version 5.3.19
Anyone got any ideas as to why this page is loading so slow?
here is the test sites result aswell for comparison -
http://tools.pingdom.com/fpt/#!/bw4JTo/wp-eas.exact3ex.co.uk
The only code changes have been the rewrites to the URL's
Over to you guys...
I think the issue is with a custom theme.
Try doing this steps:
Remove all active widgets
Uninstall all plugins
Check loading time - if not improved it's an issue with custom theme.
One more thing to do (to check if it's not the host issues) - activate default wordpress theme and check average loading speed, if speed is not improved try to configure your server correctly or change hosting plan or hosting provider.
Wait 21.07s (The web browser is waiting for data from the server).
The most common reason for this in the case of Apache is the usage of DNS Reversal Lookup. What this means is that the server tries to figure out what the name of your machine is, each time you make a request. This can take several seconds, and that explains why you have a long WAIT time and then a very quick load, because the matter is not about bandwidth.
The obvious solution for this is to disable hostnamelookup in /etc/httpd/conf/httpd.conf
HostnameLookups Off
The WP back end of a site I'm working on (It's a multisite) takes about 25 seconds to load.
Everything was working fine until yesterday and the front end still works perfectly well. All other sites on the same server run just as well, so it MUST be a WP back end issue.
I don't remember exactly what change it was that made it so slow. I remember updating WP recently (to version 3.4.2), adding some plugins on one of the sites and changing the max upload file size.
I tried to disable all the plugins, changing the themes back to default, changing the max file size back, and adding define('WP_MEMORY_LIMIT', '1024M'); (and other values) to WP-config but none of it helped.
Also tried to 'Update network', but I got an error - couldn't connect to host.
Any ideas?
I got in touch with our network admin and we resolved the issue.
I will copy his answer here. Hope it helps someone.
Does Wordpress use 'self-referential URLs' ? What I mean by this is...
is wordpress trying to access it's own templates/css using fully
qualified domain names in the URL (e.g. http://example.co.uk/someurl )
Because we use Network Address Translation (NAT) on our firewalls to
hide the real IP address of the server, it has the side effect that if
the server tries to access it's own URLs, it will try to send the
traffic to the external interface on our firewall, which is where the
DNS resolves to.
The fix for this is very simple - we just add the site url into the
/etc/hosts file so that the server knows to use it's own IP address
instead of the address on the firewall.
So he added our address to the hosts file and now it works perfectly.
Awesome.
I've seen this before where the admin pages are trying to poll external Wordpress sites for details of Wordpress upgrades, plugin updates and Wordpress news. If there's no proper access (because of firewall restrictions, bad DNS, etc) then the page has to wait for the HTTP requests (I think WP uses cURL) to timeout.
If you're still unable to identify the cause I'd recommend a catch-all solution of installing xdebug and profiling the page with webgrind, xcachegrind, etc
Had the same problem for a week and now the problem of very slow WP-admin was solved!
Before, I cannot access my sites if I use incognito or I am not logged in as WP user, but all times in the wp-admin, it takes me 40 seconds- minute or even never.
Solution that worked:
I accessed the files in the file manager using the CPanel, and I saw so many unused and unnecessary folders and themes and that's the reason that causes the very slow access to admin.
It was because during the days of being a newbie, I stuffed a lot of files in the Public Http and that made it congested.
I logged in to another CPanel account that I bought personally before, and compared the folders of the "proper" versus the "congested" and compress, backed-up and deleted all the unnecessary.
My host: Hostgator, responded well also.
Hope this would help others.
I also had a very slow Dashboad in wordpress. Reading the James C´s answer, I realized that my site is located in a corporate intranet behind a firewall to access internet.
James C answered:
"I've seen this before where the admin pages are trying to poll external Wordpress sites for details of Wordpress upgrades, plugin updates and Wordpress news. If there's no proper access (because of firewall restrictions, bad DNS, etc) then the page has to wait for the HTTP requests (I think WP uses cURL) to timeout."
My solution was avoid all the internet conections: (1) disable all the wordpress updates using the wordpress plugin "Disable all wordpress updates". (2) activate de wordpress pluging "Disable google fonts"
After these two plugin activations, the Dashboard works to a suitable speed.
Been having a bit of a problem with my site regarding our caching method and my php code not refreshing or flushing.
To start, my site is a WordPress site on a dedicated Nginx webserver. I used W3 Total Cache for the initial caching setup. Everything was set up to cache through Memcached.
(I should note, my website is somewhat of a 'guest' on this server, which is bit of a semi-community donation semi-sponsored server that runs some other things. The admins are skilled but also volunteers. I have their full support for fixing things, but they don't have time to troubleshoot my very odd issue (especially because I asked for caching to get turned on for the site myself). If we had some hints on what to go on it would make things easier for us than taking shots in the dark ;) So any suggestions are welcomed.)
At some point we noticed that changes to php pages and Wordpress & Plugin updates were not working at all, while the code on the server reflected updates, the pages still processed through the older php code.
This presented a couple unique issues. W3 Total Cache stores it settings in php files. Other php files, when deleted, stop working, but when they are restored to the server, memcached still insists on using its ultra-old memcached copy. The W3 Total Cache settings, whether i removed or altered the settings php files, would NOT stop running everything through cached memcached data.
The server admin attempt rebooting memcached and then flushing it. Neither of those seemed to have any effect. All the other basic settings seem to be set-up correctly.
We can, of course, still add new plugins, all the data that comes from the database works just fine.
At least one other site on the server that is not wordpress also uses memcached with no issues.
Any help is appreciated, should be able to provide further information if it is needed.
Do you have apc.stat = 0 in your settings? Does restarting php engine help?
This is going to sound really obvious but you didn't mention it so:
Did you try turning off the Total Cache plugin entirely to confirm you can see the changes when caching is disabled?
Until you've done that and made sure you get the results you expect, there's no way to know that memcached is really the problem.