We all like Google, and Google Analytics is a cool tool. But, what happens when you want to run the tool yourself? You could take a look at phpMyVisites. The screenshots look impressive, and the demo illustrates impressive features. One thing I have never fully appreciated about Google Analytics is the fact that it uses Flash, which is still a bit of an annoyance for us Linux users.
phpMyVisites could be a viable supplement.
Yea, you read that right. Three commands and you can run a pen-test on your website/webserver. So, how?
kelvin@home:~$ sudo apt-get install nikto
kelvin@home:~$ sudo nikto -update
kelvin@home:~$ nikto -h www.thoughtdeposit.net
As you can see, Nikto is a web server scanner, apparently for over 3200 dangerous files/vulnerabilities. Additional features can be seen at the Nikto website, yet you will certainly want to add this old gem to your webserver toolbelt as soon as possible.
The dread of every webmaster. Of every e-commerce site. Of every blogger.
For those whom have advertising or offer services on their pages, a site that is down = a site not making money. The first step to solving a down site is knowing that it is down. But nobody wants to visit their site every few minutes, so, uptime checkers here we come!
Some sites are setup to monitor ports on your sever (e.g. port 80 for web service), and if the port is closed, they can perform an action. For instance, in geek code, if(sitedown) { sms(kelvin) }. Or, you can use the free services that have less features (for instance, less frequent checks or fewer ports.
All of this would be quite trivial to implement, but it already exists, so why not take advantage of it?
I use, and recommend, Hyperspin. But have heard nice things about Siteuptime.
I’ve always wondered, how would my site deal if a lot of traffic got sent to it? Could I tune it to maximize the return based on the hardware it is running on? Sure, and Siege appears to be the answer.
This little tool is a great way to slap tons of load on your sever. You’ll need a testing computer (say, a personal computer with quite a bit of power), a decent connection, and your website. This is how you run it:
kelvin@home: siege -c350 -t30s http://www.thoughtdeposit.net/tipstricksandhacks/gtd-in-dashboard
And this will yield:
Transactions: 474 hits
Availability: 100.00 %
Elapsed time: 29.71 secs
Data transferred: 4.98 MB
\Response time: 11.09 secs
Transaction rate: 15.95 trans/sec
Throughput: 0.17 MB/sec
Concurrency: 176.86
Successful transactions: 474
Failed transactions: 0
Longest transaction: 29.18
Shortest transaction: 1.20
See, pretty nifty, eh? Do a man on Siege to find what each switch stands for. Also of interest is ApacheBench and jMeter. I have tested out jMeter, and it appears to be a very full testing tool. A good list can be found here
I have tested out lighttpd using this tool, and decided to switch back to Apache (for now!) I look forward to testing out Apache’s worker MPM with PHP, and see if that gives a performance boost. Will report on that later.
This is a go live? I’ve just ripped Thought Deposit from the IT department nursery and flung her into the chaotic swirling internets. I wanted the freedom of a VPS, by far the most common VPS system for webhosting is Virtuozzo. Unfortunately Virtuozzo hosts have a rep for overselling processor time.
Our new VPS on Slicehost uses Xen virtualization. Overselling is not much of a problem with Xen based VPSes, largely thanks to Xen’s design. Slicehost also has a very cool AJAX console, for those times when you get firewall rule happy and lock yourself out — I’m told.
Default “slice” OSs are Ubuntu, CentOS, and Gentoo. But by following Marko’s Howto you can hijack your Ubuntu setup and install Debian over it, my preferred distro.
I just had to sludge through getting SSL working on the new HUNAN box, and found a pretty good guide for setting it up. Here it is for my personal record.