Godaddy go slow again?

This picks up where godaddy-troubles-slow-wordpress-grid-hosting-solution left off. Azbikelaw has been on so-called grid hosting from godaddy ever since the migration of Nov 2010. And it’s been pretty good ever since; it’s not blazing fast, e.g.  webpagetest.org on one particular afternoon saw a full  wordpress homepage load in under 3 seconds; 1st byte at under a second. So, acceptable.  As we learned in Dec of 2014 when problems arose trying to use wordpress on cazbike.org, grid hosting is no longer available for new accounts (i.e. azbikelaw is “grandfathered”). So, at that time cazbike.org to transitioned (albeit manually, I had to reload everything from scratch) to “cPanel” hosting. The pricing is the same.

That all worked fine from roughly December of 2014 until 7/23/2015 when I was seeing preposterously slow page load; almost a minute(!), with 1st byte at 23 seconds.

viewdns.info gives the first 1,000 reverse lookup’s for free, so e.g.

• viewdns.info for 192.186.210.40 (cazbike.net 93 results) or
• viewdns.info for 184.168.206.1 (azbikelaw.org 5,505 results!)

reveals who else might be having or causing difficulties. I did notice that one of our server-mates aitecgroup.com, had a nice-looking presumably joomla site that was loading pretty slowly, at 17 seconds with 12 seconds to 1st byte!?

As of 3PM 7/24 (arizona time), however things seem to have magically healed themselves. I had a theory it was my theme (Structure by Organic Themes), as it seems to have gotten better when i flip-flopped back and forth to twentyfourteen then back to structure — but that seems to be coincidence because aitecgroup is also running quite well at this moment. Here’s a 5 second homepage load at 3:27p.

Then by 4PM looks like everything slowed down again.  So I don’t understand what’s going on with the theme changes ??

Migrate Site

To test to try and isolate the trouble, migrated entire cazbike.org to azbikelaw.org/cazbike (azbikelaw and cazbike are on completely separate acccounts and servers)

1. Use one-click install of wordpress (4.2.3 at the time) into folder cazbike. Went and logged in and that was all fine. Took them about 5 minutes to get it done. [note: the database password can be found in the wp-config.php file]
2. Load the plugin wp-dbmanager by Lester “gamerz” Chan. Restore a recent database backup (created by same plugin) from cazbike.org. At this point site and everything is unusable [also verified that using wp-dbmanager to restore an installatron .SQL file works just as well; remember it’s easier potentially to edit the sql file to change the url]
3. use phpadmin to edit the two instances of www.cazbike.org to www.azbikelaw.org/cazbike in the wp_options table (I think they’re called home and url, or something). This step could have been done by editing the database backup file beforehand. Now site or at least the backend should be accessible by logging in with cazbike’s credentials
4. shell in (i guess ftp would work?) and move the cazbike folder to cazbikefirst
5.  mkdir cazbike. Get the full installatron wordpress backup of cazbike and place it in the cazbike folder. unpack it with tar -zxvf installatron.tar.gz Everything will be at the correct folder-level.
6. fix up database by copying the wp-config.php from cazbikefirst folder. Fix up permalinks somehow (might be easiest to just delete the .htaccess Fix up apache security as necessary (potentially delete the .htaccess files).
7. Log out if necessary. Now can log in with cazbike’s credentials and site should be working exactly as before, just from www.azbikelaw.org/cazbike/
8. Loose ends: it would probaby make sense to wipe out the wordfence data(?)… The media files will still be coming from cazbike.org… there is or must be a script to fix that; for now, I just left it… Jetpack needs to get “reauthorized” (it’s tied to azbikelaw’s account on wordpress.com; it did remember the jetpacky widgets (e.g. facebook, and image for subscribe).

The final product works “fast”, I mean acceptably fast, not blazing fast — as expected: e.g. 4 seconds to load home page, 1st byte 1 second. On the other server this was typically taking as much as minute(!).

[i haven’t tried this yet, but here’s what must/should be changed in the database before importing it. My first attempt using crimson text editor resulted in “breaking” wordpress; i had to resort to importing the db backup via phpmyadmin] The first item MUST be changed in order for the transplant to work

1. ‘siteurl’,’http://www.cazbike.org’ and ‘home’,’http://www.cazbike.org’ must be http://www.azbikelaw.org/cazbike (can do manually in phpMyAdmin if necessary — if doing the following 3 steps, this should be automatically taken care of)
2. change all http://cazbike.org to http://www.cazbike.org (for consistency)
3. change all http://www.cazbike.org to http://www.azbikelaw.org/cazbike
4. change all http://www.azbikelaw.org/cazbike/docs , http://www.azbikelaw.org/cazbike/images, and http://www.azbikelaw.org/albums back to http://www.cazbike.org/docs, etc. (this is because the docs, images, and albums are static content that’s only on cazbike.org and works fine as-is. [one final thing i just noticed should be cleaned up, still had the broken path cazbike.net/frontpage/albums]
5. Paths: The media setting / upload path has to be corrected in the database (options table), e.g. it was /home/cazbike/public_html/wp/wp-content/uploads. The right value depends on the new installation so can’t be automated.  Are there other paths that must be updated? Note that this setting disappears from the wp admin settings/media panel when set to the default of wp-content/uploads, which does work fine, and is probably what makes most sense. I don’t find other hard-coded paths, except in wp-dbmanager which is absolute (why?)

/

This migration GUI tool could be used to perform the search and replace against a live database, as opposed to editing/importing an sql file, interconnectit.com [direct download link to v3.1.0beta; with ssh access, it’s easy to wget and then unizip it into the wordpress folder; don’t leave it there with it’s default name!] It’s very easy to use and comes in particularly handy for changeing the options table to get a blog going. Though, I guess i would prefer something that could be scripted.

This sed example used the alternate delimiter character to get around escaping problems with the slash. This has a couple of drawbacks: first i never actually tried/tested it, and second it doesn’t work on a live database, so there needs to be a way to restore the modified database (e.g. by having wp-dbmanager already installed):

sed -i "s|http://cazbike.org|http://www.cazbike.org|g" backupFile.sql

or using backslash escaping:
sed 's/http:\/\/cazbike.org\/docs/http:\/\/www.cazbike.org\/docs/g'

Moving to another godaddy server

So after a couple of frustrating calls with g.d. customer support. The second guy, who was pretty smart, almost as a toss-off said “well if all else fails you can ‘reset’ the account”. In doing so, when configuring cPanel, the account will be assigned to another server. Yay. Just visit gateway.godaddy.com and log in with the (account) password; this is very quick. It is all self-service and the account is completely wiped clean (so the customer has to do their own backup/restore). I made a full cPanel backup and ftp’ed it down to my local machine.

So as of 8/2/2015 afternoon, the IP is now 107.180.41.41. The cazbike.* domains don’t need to be mucked with, they automatically find the correct server.

After putting up a copy of the cPanel tarred backup, can restore individual folders by doing something like, from the home root (i.e. one level above public_html. It took me forever to find that –strip option!):

tar --wildcards --strip=2 -xvf backup-8.2.2015_12-47-38_cazbike.tar backup*/homedir/public_html/cazbikestatic

I had some difficulties with file permissions afterward — had to manually chmod 755 cazbikestatic after i untarred it, otherwise apache would not serve it. Anyway, can do that for all the static junk.

Cazbike.net as usual is the primary hosted domain.  Add-on domains (e.g. cazbike.org points to public_html/wp, etc), ftp accounts, need to be manually set up in cPanel.

Finally, to get wordpress going I did an installatron install listing cazbike.org as the url, and pointing it to the wp folder. Once that was all set up; installed wp-dbmanager and made a backup (may not have been necessary) and then changed wp to wpOriginal and recreated wp from an Installatron backup that was in the big tarball. Then copied the wpOriginal/wp-config.php over to get the right database. That all worked fine.

Webpage test looks like 6 seconds. which is fine if it’s consistent.

 

—

I should probably move both azbikelaw (need to do something by mid-Sept) and cazbike to another cPanel provider — i will have to look into pricing.

The Move to Webhost.pro

went swell. The move was completed 9/5/2015. I moved cazbike.org a couple of weeks earlier. WHP is quite cheap, with a basic plan that allows up to 5 domains / 5GB storage for $25/yr. And they have installatron, which seems to work very nicely- generating rotated backups of both wordpress blog installs.

xmlrpc.php attack while at WHP

one problem cropped up just a few weeks later: on Wed Sept 30, starting at 13:02 (server time is -0400 which is also EDT; so that would be 10:02 my time). The attack, such as it is, seems to have begun two days ago (Sept 29) and continues today on Oct 1; it is not continuous; it will go on for hours and then stop for an hour. Around 1PM my time on Sept 30 i noticed i was getting sporadic  Resource Limit Is Reached (error 508).

i began to be flooded with several requests per second for /xmlrpc.php (wordpress; from what I gather, i need it for jetpack to function) from IP  89.248.166.72 which belongs to a dutch isp and apparently known bad actor Netherlands Amsterdam Ecatel Ltd. At least I am not the only one, as of right now there are 13 reports against that server on abuseIPDB, all within the recent past. I will shoot an email to their abuse but from what I understand that won’t do anything.

I have blocked that address in .htaccess — is that the best thing to do? Deleting it doesn’t make the requests stop.  Anyway, after doing that I haven’t seen any more 508/resouce errors… so that’s good.

It abruply stopped at 7:09pm server time (so 4:09pm my time). Maybe webhostpro figured it out and blocked it? No. I see it started up again and as of until 9:36pm server time it was going strong (getting 508’s too) when it again suddenly ceased. (This continued, and from yet another IP from same dutch hosting company. Here is what is in .htaccess, this cleared up the 508 problems; first only allow logins from IP www.xxx.yyy.zzz or ppp.qqq.rrr.sss (home and coffee shop!) , don’t try and prevent everyone from getting xmlrpc, and lastly deny everything from those two bozos:

RewriteCond %{REMOTE_ADDR} !^www\.xxx\.yyy\.zzz$
RewriteCond %{REMOTE_ADDR} !^ppp\.qqq\.rrr\.sss$
RewriteRule ^wp-(login|register)\.php http://azbikelaw.org/hacker.html [R,L]

#<Files "xmlrpc.php">
#Order Allow,Deny
#deny from all
#</Files>

order allow,deny
deny from 89.248.166.72
deny from 93.174.93.61
allow from all

here is an attack sample from the archived log file:

89.248.166.72 - - [30/Sep/2015:13:02:01 -0400] "POST /xmlrpc.php HTTP/1.0" 200 394 "-" "Mozilla/5.0 (compatible; Googlebot/2.1;  http://www.google.com/bot.html)"

also note cPanel has a handy “visitors” function that lists the most recent rolling 1,000 server requests. When this attack was going on, I was getting 1,000 requests in like 30 minutes — many times more than normal.

The move away from WHP

Alas, my happy relationship with WHP (webhost.pro) was not to last. They, without warning suspended my account (so all domains go down) including locking me out of cPanel. No explanation. This lasted ~ 1/19 – 1/21/2016. And once i found out and submitted a ticket, they were bad about responding; 7 hours to reply and then didn’t say anything. When finally unsuspended a day or two later it appeared to be working very poorly (508’s and very slow in general). I was quickly able to generate a full cpanel backup and download it safely.

I first setup 1yr service on a starter plan (1 domain; $36/yr i think) on Siteground for cazbike.org and left azbikelaw.org shut down. The static site worked well enough.

A day or two later I set up azbikelaw on Hostgator on a one-step-up plan (multiple domains allowed, ~ $5/mo); that all went fine.