Elliott C. Back: Internet & Technology

Denial of Service Attack (DOS), Grrr….

Posted in Hacking, My Blog, Performance, Spam, WTF by Elliott Back on November 4th, 2007.

Today I had the pleasure of a random guy in Mexico recursively downloading as much of my site as he could, which sent my CPU load to 2.0, a level that Dreamhost would find acceptable but which I personally freak out about. The r-dns and IP of this guy are:

dsl-189-171-15-59.prod-infinitum.com.mx
189.171.15.59

He started at 04/Nov/2007:12:04:36 and ended (by iptables ban) at 04/Nov/2007:20:17:03. In those 8 hours and thirteen minutes, he made over 250,000 requests. That’s an extra 8.5 requests per second from a single IP, which is clearly unacceptable behavior:

[root@fc624389 ~]# cat access_log | grep 189.171.15.59 | wc -l
251923

If you don’t believe me, the next biggest offender over the last 24 hours made only 4,400 requests:

[root@fc624389 ~]# cat access_log | cut -d’ ‘ -f1 | sort -n | uniq -c | sort -nr | more
251923 189.171.15.59
4403 66.249.73.116
2012 76.88.78.239
1646 70.141.105.233

The user agent of this guy doesn’t tell *me* anything about him, but maybe one of you readers has an idea?

189.171.15.59 – - [04/Nov/2007:12:04:38 -0500] “GET /wp-content/themes/greenmarinee/images/links_bullet.gif HTTP/1.1″ 200 467 “http://celebrity-photos.elliottback.com/” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Media Center PC 3.0; .NET CLR 1.0.3705; .NET CLR 1.1.4322)”

Another thing that bugs me is he requested each URL about 7 times. WTF? Do you really need to spider my site as fast as you can seven times?

[root@fc624389 ~]# cat access_log | grep 189.171.15.59 | cut -d’ ‘ -f11 | sort | uniq | wc -l
35414

I am either thinking of writing a very evil script to confuse non-google/msn/live/ask/yahoo bots by writing in an infinite number of invisible links into my websites, or installing some kind of mod_throttle into my apache. It looks like mod_limitipconn might help here, too.

01 Comments

Safari 3 Windows Review, Benchmark

Posted in Apple, Browsers, Computers & Technology, Firefox, Mac, Microsoft, Performance, Spread IE by Elliott Back on June 11th, 2007.

Safari has a new version, and a new platform. The once mac-only web browser has released Safari 3 for Windows XP, backed by claims of UI, performance, and integration superiority. The claims are that it is 2x faster in Javascript and HTML rendering, a claim we plan to test ourselves. Note that Safari, the first time it was launched, took about a minute to start up and froze the screen for that time. Only after that did it open fast.

safari.jpg

Javascript Performance Results

So, their biggest claim is Javascript performance, which they show like so:

js-performance.jpg

We’ll combine the overall results from these benchmarks together:

  1. JS/Bench
  2. DHTML Benchmark
  3. DOM Query Test
  4. JS Speed Tests

We find that depending how you look at it, Safari can actually be considered 3x slower than IE7, or roughly of equal speed. Here is an overall performance chart, with two columns–one is the raw average score, the other averages the worst-test group (three results) into one result and averages it:

overall.png
Safari doesn’t break much ground here

Here’s the per-test chart, which shows Safari kicking ass in the first test, losing the next three, tying the fourth with IE, and doing well again on the last test:

pertest.png

Other annoyances

Interestingly, Apple tries to bundle Safari with not one, but three separate Apple products: Quicktime, Bonjour, and Apple Update. On top of that, they break the back-mousebutton click that I’ve become used to using in IE/FF, and use tons of my RAM main memory up. No one sums it up better than Dev Hints who notes that “Safari Isn’t the Beauty That Apple Likes To Claim.” It’s not bad, and it’s getting better, but there are still bugs to be worked out.

26 Comments

Website Compression with mod_deflate

Posted in Mod_Rewrite, My Blog, Performance by Elliott Back on June 9th, 2007.

I just added mod_deflate to my server by using the following configuration:

LoadModule deflate_module modules/mod_deflate.so
<IFModule mod_deflate.c>
	SetOutputFilter DEFLATE
	SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
	SetEnvIfNoCase Request_URI \.(?:exe|t?gz|zip|bz2|sit|rar)$ no-gzip dont-vary
	SetEnvIfNoCase Request_URI \.pdf$ no-gzip dont-vary
	BrowserMatch ^Mozilla/4 gzip-only-text/html
	BrowserMatch ^Mozilla/4\.0[678] no-gzip
	BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
</IFModule>

The static parts of my pages now render with about 70% compression, meaning that I’m saving 2/3 of static page bandwidth now. Server load seems fine!

Update: You can also check the status of your site’s compression using this free online tool. For my site, it read:

URL: elliottback.com/wp/
Web server type: Apache/2.2.9 (Fedora)
Compression status: Compressed (gzip)
File Size Comparison (in bytes):

Original size: 36949 bytes
Compressed size: 11023 bytes
Savings in bytes: 25926 bytes

Percentage saved by compression: 71.0%
Transfer speed improvement: 3.3 X

6 Comments
« Previous PageNext Page »