Sam Kear dot com
working and playing with technology
How to Install Plex Media Server on Funtoo Linux
0If you haven’t heard of Plex Media Server I would highly recommend taking a look at it. Plex is a fully featured media server that provides content streaming to clients across a wired or wireless network. Plex is supported on several different platforms including Windows, Mac, Linux, and Android. You can also stream media to embedded devices such as the Roku.
Currently there isn’t an official ebuild for PMC but there is an unofficial build maintained by megacoffee.net that works quite well. I tested this installation process on an amd64 build of Funtoo but it should work fine on i386 as well
Installing Layman
The first step is to install Layman with support for mercurial. Layman is a package that provides a system for easily installing and updating portage overlays. Mercurial is basically just a revision control system for software development, similar to Git.
You can add mercurial to your list of use flags in /etc/make.conf, or add it as a package specific use flag for layman.
echo app-portage/layman mercurial >>/etc/portage/package.use
Then emerge the Layman package
emerge layman
Configuring Layman
Since the Megacoffee.net overlay isn’t part of the official layman repository list yet we must edit the Layman config file and add it manually.
nano -w /etc/layman/layman.cfg
Under the overlays section add the Megacoffee repository url (http://gentoo-overlay.megacoffee.net/repositories.xml).
After you’ve saved the changes to the config file you must instruct Layman to fetch the list of repositories.
layman -f
Once the list of repositories has been updated you can add the Megacoffee overlay to your system.
layman -a megacoffee
Editing Make.Conf
Next you must make portage aware of the Layman overlays, to do this simply add the source line below to your /etc/make.conf file. Source must be in all lowercase otherwise portage will complain about a syntax error in the file.
source /var/lib/layman/make.conf
You’ll also need to add the following USE flags to your system in order for all of the package dependenaces to be propertly installed
USE='gtk utils X'
Installing the Package
At this point your finally ready to emerge Plex into your system. If portage can’t find the package go back through the previous steps and check for any mistakes. Since the package isn’t part of the standard portage tree you will not see it without the overlay.
Plex has quite a few dependencies so the installation will take some time to complete.
This is a great point to stop have have a cup of coffee while you wait!
emerge plex-media-server
Starting the Plex Server
Plex doesn’t require any initial configuration before the server can be started, everything can be done from the web interface. Personally I think more developers should follow this example. I’d much rather change configuration settings from a nice pretty web interface instead of mucking around with text files.
You can start, stop, or check the status of the service with the following init script.
/etc/init.d/plex-media-server start
I also like to configure the media server to start automatically on boot.
rc-update add plex-media-server default
Accessing the Web Interface
Assuming the service started without any errors you should now be able to access the web interface. The management web server runs on port 32400.
http://<ip-address>:32400/manage
You should see the Plex media manager displayed in your browser. If you don’t see it check to make sure the plex-media-server service successfully started.
Checking for Package Updates
Checking for updates for Plex is a two step process. First synchronize the portage overlay on your system.
layman -S
Then use portage to see if an update is available.
emerge -p plex-media-server
What’s Next?
Once everything is up and running you can set up libraries within Plex to store movies, music, tv shows and whatever other media you may want to stream. If your media server doesn’t have much local storage space available you might want to consider creating a central storage system using FreeNAS.
Thanks to the guys at Megacoffee for creating and maintaining the ebuild for Plex!
Taking a Look at Windows 8 Consumer Preview Edition
1Microsoft released their second public preview of Windows 8 today which they are referring to as the “Consumer Preview Edition”. A more realistic title for this release might be “Consumer Panic Edition”. I was shocked to see that the new user interface hasn’t progressed since the developers preview edition was released last year.
If you’re feeling risky download one of the ISO files and take a look for yourself.
I installed the beta OS on a virtual machine using Virtual Box. The latest release of Virtual Box has full support for Windows 8.
What’s New?
Overall there doesn’t seem to be much that’s changed other than minor cosmetic tweaks.
The first difference I noticed during the installation of the beta fish to the loading screen. I guess Microsoft was trying to be clever about the fact that it’s a beta release.
The personalize page of the setup process received a minor tweak. In addition to assigning a PC name users can now select a background color from a pallet of predefined colors.
The Metro user interface received some minor tweaks. Some of the items are now smaller to make room for a few new things. Personally I still find the Metro interface to be very awkward and difficult to navigate. There doesn’t seem to be any rhyme or reason to the placement of icons, everything is just thrown together.
As far as I can tell nothings changed with the desktop, besides the new wallpaper of course. With the start menu gone I feel trapped whenever I’m on the desktop. To get back to the Metro screen you have to drag the mouse cursor to the lower left corner. There is a noticeable delay before the menu appears which seems unnecessary to me.
Marketing Hype
I haven’t seen any noticeable improvements in this release of Windows 8 which makes me wonder what Microsoft has been doing. It looks like all they’ve done is made a few minor changes to the interface and then gave it a new title. I keep hoping that Windows 8 will mature into a usable operating system by the time it’s released but at this point I’m not so sure that will ever happen.
Maybe the developers just don’t know what to do with the new interface, I know I sure don’t!
How to Setup the Axis M1011-W Wireless Security Camera
0February 26, 2012
by Sam
in How To Guides
In this post I’m going to walk through the process of setting up the Axis M1011-W wireless IP camera.
The M1011-W is the cheapest wireless model in the M10 camera series. This model is nearly identical to the M1031-W which I reviewed last year except it doesn’t include a light, speaker, or microphone.
If you don’t need those features you can save about $100 and buy the M1011-W instead.
Unboxing
Here’s what you get with the camera.
- AC adapter
- Standard and clamp mount bases
- Mounting screws
- Drywall anchors
- Cable ties
- Surveillance in use sticker
- Manual
The camera doesn’t include an ethernet cable although you will need one for the initial setup of the camera.
Initial Network Connection
To get started with the setup I plugged in the AC adapter and connected an ethernet cable from the camera directly to my network. The direct ethernet connection is required in order to enter the wireless network settings into the camera.
Once the camera boots it will automatically obtain an IP address via DHCP.
Assigning an IP Address
I recommend assigning a static IP address to the camera for the best reliability. You could use a DHCP reservation but doing so adds a possible point of failure for the camera.
The first step to assign an IP address is to download the Axis IP utility. The IP utility will scan your network for any Axis cameras that have not been configured yet and allow a permanent IP to be assigned.
When the utility runs it will automatically scan the network and list any cameras that have been detected.
Right click on the camera and select ‘Assign IP Address’. Next enter the static IP address you wish to assign to the camera, then click ‘Assign’.
To complete the address assignment wait 30 seconds then power cycle the camera by disconnecting and reconnecting the AC adapter.
If the IP was successfully assigned then you’ll see a message like the one below. If you don’t see this message try to run the discovery utility again.
Assigning the Root Password
After assigning an IP address you can connect to the cameras web interface to complete the setup process. The first time you connect to the web interface you will see the screen below which prompts you to enter a new root password.
Don’t worry about creating the self-signed certificate just yet, it’s easier to create it later in the process. I had issues using a password that contained special characters so select a password that uses standard characters.
Updating the Firmware
I like to update the firmware on the cameras before going any further with them. You can download the latest firmware from the Axis support page.
To update the firmware access the camera setup page by clicking on the setup link in the upper right corner of the web interface. Then select ‘Maintenance’ under the system options menu.
In the upgrade server section select ‘Choose File’, then choose the bin file you downloaded from the Axis web site. Click the ‘Upgrade’ button to start the firmware update process.
The camera will automatically reboot after the upgrade is finished. It took about 2 minutes before I was able to access the web interface again.
Configuring Wireless Network Settings
To connect the IP camera to your wireless network click on the setup link in the upper right corner of the web interface. Then select the ‘Wireless’ link under the ‘Basic Settings’ menu.
The cameras software will scan for any wireless networks within range and list them on the page. To connect to a wireless network click on the SSID of the network you want to connect the camera to, then enter the encryption key and click save.
If you need to connect the camera to a network that isn’t broadcasting the SSID you can enter the information manually.
At this point you can disconnect the ethernet cable from the camera and test out the wireless connection.
Date and Time Settings
Having the correct date and time settings is important to ensure that time stamps are accurate and scheduled tasks happen at the correct time. To configure these settings select ‘Date & Time’ under the system options menu.
For the most accurate timing the camera can be configured to synchronize with an NTP server. If you don’t have a time server on your local network you can easily set up an NTP server using pfSense.
1. Select the appropriate time zone from the drop down menu.
2. Enable the check box for automatic daylight savings time changes.
3. Set the time mode to ‘Synchronize with NTP’.
Enabling HTTPS
Axis cameras default to using HTTP as the protocol for the web interface. I always change the protocol to HTTPS which provides secure transmission of passwords.
1. Click on the HTTPS menu item under system options.
2. Click ‘create self-signed certificate’
3. Fill out the certificate form, I set my expiration date to 3650 (10 years)
4. Change all of the HTTPS connection policies to ‘HTTPS only’
5. Click ‘set policy’ to save the changes
LED Settings
By default the camera’s LED will remain green when it’s functioning. I usually disable the LED because I think it draws unnecessary attention to the camera. The LED can also be set to flash when the video stream is being viewed.
If you want to change the behavior of the LED you can do so on the LED settings page in the web interface.
Camera Placement
The great think about wireless cameras is you can place them anywhere as long as there is a nearby power outlet. The standard camera base works well for placing the camera on a window sill or other flat surface.
The camera also comes with a clamp style mount that allows the camera to be clamped on to a shelf or ledge.
Both mounting options allow a decent amount of tilt so you can position the lens at the proper location.
You can also easily mount this cam to a wall using the included mounting screws and drywall anchors but I prefer the flexibility of being able to re-position my cameras if needed.
Future Plans
I plan on continuing to expanding my network of Axis security cameras in the near future. I’ve been very happy with their reliability and performance. Currently I have two M1011-W cameras and one M1031-W that I use to monitor my home.
Axis also makes a high definition model (M1054) which isn’t wireless but it does support POE (power over ethernet).
Comments
If you’ve been using an IP camera to monitor your home or business please let me know which model you’ve been using in the comments.
Upgrading to pfSense Version 2.0.1
1January 2, 2012
by Sam
in How To Guides
PfSense version 2.0.1 was released over the holidays which offers a few minor feature additions and quite a few bug fixes. Since this maintenance release includes fixes for a few security vulnerabilities it’s recommended that everyone upgrade to 2.0.1.
If you haven’t upgraded to pfSense version 2.0 yet then you can upgrade directly to version 2.0.1. If you’re already running version 2.0 you can upgrade to 2.0.1 using the web GUI or one of the other supported upgrade methods for pfSense.
The auto update system in the web GUI is pretty straightforward, it will automatically download and install the new release. The system configuration will be automatically transferred to the new version so you won’t have to reconfigure any of the settings.
Any packages that have been added will be automatically reinstalled after the update is applied. If your installation has several packages then it can take a while for the reinstallation to take place. All of the package settings will be automatically restored after they’ve been reinstalled.
List of Changes / Features
Below are some of the interesting improvements you’ll find in version 2.0.1. Check out the pfSense blog for a full list of changes and bug fixes in this release.
- Relayd can now be restarted from the services menu or dashboard widget
- Relayd now has it’s own tab in the system logs
- Wireless events also have their own tab in the system logs
- Remote syslog now supports three additional filters (Gateway Monitor events, Server Load Balancer events, and Wireless events)
- The DHCP server had been updated to version 4.2.3 to fix a security issue
- Some of the irrelevant log entries have been removed
Features Roadmap
If your curious what the future holds for pfSense then you can check out the features roadmap to see where things are headed. There is currently a long list of feature requests and additional improvements that are slated for version 2.1.
Taking a Look at #RefRef – The Latest Denial of Service Tool From Anonymous
1The hacking group Anonymous recently released a new denial of service tool called #RefRef. Previously the tool of choice for Anonymous supports was Low Orbit Ion Cannon (LOIC). LOIC is basically a brute force denial of service application that floods the target with TCP or UDP packets. Unlike LOIC #RefRef uses an SQL injection vulnerability to take down the target server by using resource exhaustion. I decided to download the new tool and take a closer look into how, and why it works.
Taking a look at the source
#RefRef is written in Perl making it platform independent. Perl is included with most Linux distributions but it is not installed on Windows by default, it’s fairly trivial to install Perl on Windows 7 though.
The entire program only contains 51 lines of code, it’s pretty simple but very powerful. The meat of the exploit can be found in the subroutine below. The code injects the select benchmark command to the remote server.
sub now {
print "\n[+] Target : ".$_[0]."\n";
print "\n[+] Starting the attack\n[+] Info : control+c for stop attack\n\n";
while(true) {
$SIG{INT} = \&adios;
$code = toma($_[0]." and (select+benchmark(99999999999,0x70726f62616e646f70726f62616e646f70726f62616e646f))");
unless($code->is_success) {
print "[+] Web Off\n";
copyright();
}}}
What does this payload do?
The benchmark function is a legitimate MySQL command that instructs the server to evaluate an expression X number of times. This is useful for benchmarking a server to find out how long it takes to execute a query.
The command below instructs the remote server to evaluate the expression “0x70726f62616e646f70726f62616e646f70726f62616e646f” 99,999,999,999 (100 trillion) times, this takes a lot of CPU time to do.
select benchmark(99999999999,0x70726f62616e646f70726f62616e646f70726f62616e646f)
Looking deeper the expression 0x70726f62616e646f70726f62616e646f70726f62616e646f is in hex, if we convert this to ascii we get “probandoprobandoprobando”, which is probando repeated 3 times. Probando translates to “testing” in English.
So in short the code is asking the server to evaluate the phrase “testing” 100 trillion times. This results in the server using it’s own processing power to become overloaded, the more power the server has the faster it will crash.
Testing #RefRef
I don’t recommend testing this program out on anything besides a test server that you own, plenty of people were arrested last year for blindly running LOIC against public targets.
I tested running #RefRef on a Windows 7 x64 box, the target machine was running MySQL version 5.5.83.
When you run the perl script without any parameters it outputs the syntax usage which isn’t very helpful.
The basic usage of the program is perl ./refref.pl Target_URL. The script cannot just be blindly pointed at any target server, it must be targeted against a URL which runs a database query on the remote system. Not all servers are going to be vulnerable to this type of attack.
Once started RefRef will continue to connect to the server and send the injected SQL commands until it is terminated with CTRL+C. These queries can stack up very quickly on the remote server and cause the database to stop responding.
It only took about 25 seconds before the remote MySQL server stopped responding.
MySQL died fairly quickly.
The CPU core that MySQL was running on , (#4) became very busy as you can see below.
Looking at the Exploit in Wireshark
Looking at #RefRef in Wireshark shows that it only takes a total of 10 packets to connect to the remote server, send the exploit, then disconnect. It looks like a normal HTTP GET request until you notice the request being sent to the server.
If you want to filter a packet capture for the injection packet then use a display filter of “frame contains 0x70726f62616e646f70726f62616e646f70726f62616e646f” and you will see only the packets which contain the payload.
Below you can see the entire conversation between the client and the server.
- Frames 1-3 – Standard 3 way TCP handshake
- Frame 4 – HTTP GET request with the SQL injection appended to the end of the request. (0%20 and 0%20(select+benchmark)
- Frame 5 – Server sends an acknolegement to the attacker
- Frame 6 – Web server sends a response code of “200 OK”
- Frames 7 – 10 – TCP connection is gracefully terminated.
Protecting Servers Against #RefRef
There are a few different things that can be done to protect servers against exploits such as this one. The most important thing to remember is that web code should be hardened against SQL injection. All input received from the client side should be sanitized to make sure nothing extra is being passed to the database. PHP.net has a useful article that talks about SQL injection avoidance techniques which can be used.
Another method of protection is to block SQL commands from being inserted into HTTP requests using a .htaccess rule. I wouldn’t recomend soely relying on this method but it’s never bad to throw in some extra security where you can.
RewriteEngine on
RewriteCond %{QUERY_STRING} .*(/\*|union|select|insert|cast|set|declare|drop|update|md5|benchmark) [NC]
RewriteRule .* - [R=406,L]
If you have a Snort IDS setup on your network make sure you’re rules are up to date. There are a couple of different rules which are designed to detect #RefRef attacks on your network.
* 1:19870 <-> ENABLED <-> DOS Anonymous Perl RefRef DoS tool (dos.rules) * 1:19869 <-> ENABLED <-> DOS Anonymous PHP RefRef DoS tool (dos.rules)
The concept of SQL injection attacks is not new but this exploit demonstrates that they are still alive and well!
My First Impressions of Windows 8 Developers Preview Edition
0If you haven’t heard yet Microsoft is currently offering free downloads of the Developers Preview edition of Windows 8. I downloaded a copy and installed it in VirtualBox so I could see what’s new and mess around with the new features a bit. This version probably has a time bomb and will expire at some point as the actual release gets closer but Microsoft hasn’t said how long this version will work for.
You don’t have to use Windows 8 for very long to see that it has been heavily optimized for tablets, Microsoft might as well change the name to Windows 8 Tablet Edition.
New Start Menu
The start menu in Windows 8 looks nothing like what I would have expected. The new layout will probably work great for tablets and touch screens but not so well for the average user. Hopefully there will be an option to revert to the classic start menu. It looks like they’ve tried to copy the look of the home screen on Android OS.
You can drag the icons around on the screen to change their position but it just seems awkward. I don’t like that clicking on the start menu takes you completely away from the desktop.
Control Panel
The control panel is another area of Windows 8 that has been drastically changed. Similar to the start menu the control panel takes up the entire screen. Does Microsoft not expect anyone to run this new OS on anything besides a tablet?
They layout of the menus doesn’t seem useful or intuitive to me. If you click the “More Settings” button at the bottom you are taken to a Windows 7 style control panel that opens up on the Desktop.
Updated Task Manager
Microsoft has finally updated the task manager in Windows 8. I really like the new features, especially the app history tab. App history allows you to track how much CPU time and network activity an application has been consuming. Sorting the columns allows you to quickly find the top resource consumers running on the computer.
Valuable Feedback for Microsoft
The video below shows a systems administrators hilarious reaction after Windows 8 was installed on his computer.
Windows 8 Beta
I’ll be very interested to see what changes Microsoft makes to Windows 8 when the beta is released. MS has taken a very different approach with Windows 8 by publicly releasing such an early version of the new OS. Hopefully they are listening to all of the feedback they receive from their experiment.
Hostgator Disabled wp-cron.php Because of CPU Usage
4August 13, 2011
by Sam
in Web Hosting
I think it’s safe to say my blog is officially going through growing pains! Earlier this morning I had a chat session with Hostgator because I kept receiving database errors when I was checking on my site. I felt like I was having Déjà vu since it was only a couple weeks ago that I had slow WordPress database issues.
I never expected the amount of traffic this blog receives to grow so rapidly, last month there were 10 times the number of visits I received back in January of this year.
2011 Web Traffic
Ironically Hostgator’s support department found that the reason my server was so slow was due to one of the WordPress scripts on my site, wp-cron.php. Below is an excerpt of the email I received from HostGator.
Subject: Ticket [QCQ-15945XXX]: TOS/CPU Reply-To: 15945XXX@tickets.hostgator.com Hello, Unfortunately, we were forced to suspend the script "/home/<username>/public_html/samkear.com/wp-cron.php" as it was causing a high load on the server, and due to this affecting all of the other accounts on the system, we were forced to take immediate action for the health of the server. This particular script is used for certain wordpress tasks, such as trackbacks, link checks, and autoposting plug-ins. If you have a large volume of articles, we recommend that you disable this, or disable this on any particularly popular popular articles that you may have. Please let us know how you would like to proceed. Best Regards, SteveC Linux Systems Administrator HostGator.com LLC http://support.hostgator.com
In the message they said they were forced to suspend the script. As you can see below HostGator removed all permissions on the wp-cron.php file preventing all access to it.
I did some research on wp-cron and apparently the php script is called on every single page load! To me this seems to be out right ridiculous, why would WordPress implement such a sloppy function call?
HostGator’s suggestion to disable wp-cron all together was starting to sound pretty good.
I stumpled on a post on buildyourblog.net that was made just a few days ago that explains how to disable wp-cron.
Following Graham’s instructions I edited wp-config.php using the editor in cpanel to disable wp-cron. I then setup a cron job to run wp-cron.php twice a day. I let host gator know of the changes I implemented so hopefully they will restore permissions to the file soon.
This change should make a big impact on the overall performance of the site since wp-cron won’t have to run hundreds of times daily. The WordPress authors really need to look into changing the cron functionality in WordPress.
Upgrading the Mystique Theme for WordPress to Version 3
4August 12, 2011
by Sam
in How To Guides
Not long after I started this blog I discovered the Mystique theme for WordPress and I’ve been using it ever since.
Mystique has a lot of features that I really like but some of the functions were out of date and needed to be updated so I was very happy to see that a new version was recently released.
The WordPress dashboard notified me that I should update Mystique from version 2.4 to 2.5.1. After installing the new version I found the notice below at the top of my control panel.
I didn’t understand why WordPress did not automatically update the theme to version 3+ since it was the newest version. I found that Mystique 3+ is only available on the authors website, it cannot be found using the WordPress theme search.
The author seems to have forked Mystique into the basic/light version (2.4.x) and the Atom powered version (3.x). Apparently other people are confused about the update process as well, check out the Mystique update drama post.
Here are the steps to upgrade from Mystique 2.4 to 3.0.5.
During the upgrade you will lose all of your Mystique settings (be careful)!
1. Backup text widgets – This upgrade will wipe out all of your widgets. I recommend taking notes on what widgets you were using and if you have any text widgets make a backup of their contents. This will make it much easier to get the theme back to the way it was prior to the upgrade.
2. Switch to a temporary theme – The author’s instruction say to de-activate and delete the old theme which works but makes it much more difficult to roll back if you have a problem. Instead I think it’s best to activate a new theme such as one of the defaults like twenty-twelve.
3. Rename the Mystique theme directory – If you didn’t do step 2 then you can skip this step. Via FTP or another file manager rename your mystique theme directory to mystique-old. On my HostGator server the location was /public_html/samkear.com/wp-content/themes/mystique. Your location may vary depending on your directory structure.
4. Download Mystique 3.0.5 – The file you need is called mystique-wordpress.zip, you can download it from the theme’s website. (Or from here: Mystique 3.1)
5. Upload the new theme – Upload the zip file to WordPress using the theme manager in the Control Panel (Appearance\Themes\Install Themes). Once the zip file is uploaded you should see a message that the theme was successfully installed. If you receive an error that says “destination folder already exists” then make sure the rename in step #3 actually took affect.
Wordpress Theme Upload
6. Activate the new theme – Once the theme is installed you can activate it and begin using it. It took me a bit of time to restore my widgets and the other settings that were lost but everything seems to be working pretty well so far.
My thoughts about version 3
So far I’m happy with the new version and I like the updates that have been made. Lots of people are complaining about the fact that you lose all of your settings during the upgrade. While I agree that it is an inconvienance I think more people should be apprecitiaeve of the fact that Mystique is a free theme!
You can find a list of all the changes in Mystique version 3 on the DigitalNature website.
Troubleshooting Slow WordPress Database Performance
0July 28, 2011
by Sam
in System Administration
Recently I noticed that my WordPress blog seemed to be running dog slow. The admin control panel was taking 30 seconds to load and it was taking even longer to bring up the list of posts. Static content was loading just fine but it seemed like anything that had to query the database was extremely slow.
My blog is hosted on a shared server from HostGator which has actually worked very well so far, although at times I’ve noticed that the server seems to become bogged down. My guess was someone else on my server was putting the MySQL database under a heavy load and slowing things down for everyone on the server. One of the big drawbacks of shared vs dedicated hosting is that you don’t know how much other people are using the server, but with dedicated servers comes a higher price.
Database Performance Statistics
HostGator allows you to access phpMyAdmin through the cPanel interface which provides some statistics on MySQL database usage. I noticed that the value for slow_queries was fairly high but since I don’t have root access to the server I couldn’t tell what the value of long_query_time was set to. So this value alone isn’t a guarantee that there is a problem with the database.
phpMyAdmin Statistics
There were a few other values that showed up in red within phpMyAdmin such as Innodb_row_lock_time_avg , and Qcache_lowmem_prunes. This seemed to suggest that the database may be a bit busy.
HostGator Support
I decided to contact HostGator’s tech support department and ask them to take a look at the server. Below is the transcript of my chat with them.
System: There are currently 0 people in front of you and 171 chat technicians assisting customers.
Susan Tu: Welcome to Hostgator live chat, my name is Susie. Please bear with me a moment while I look into that for you.
Sam: Thanks
Susan Tu: Well, it looks like the server might’ve had some high loads a little bit ago, but they have already lowered again. And they weren’t too high even. The site itself loaded very quickly for me though. Is it still loading slowly for you?
Sam: the site loads quickly but any functions that query the database from within wordpress take a very long time
Sam: lately this seems to have been happening quite frequently
Susan Tu: Do you have any caching plugins like W3 Total Cache?
Sam: no, none that I’m aware of. I’m not familiar with total cache
Sam: should I be using that?
Susan Tu: I would suggest using it if the queries have been slowing down. You may also want to see about getting the databases optimized.
Sam: ok, I will look into those items
Sam: I appreciate you looking in to the issue, if it persists I will get back in touch with you
Sam: closed this chat intentionally.
I was expecting the support agent to indicate that the server was in fact overloaded so I was both surprised and skeptical by the response. The agent did make a couple of interesting suggestions though. One was to use the W3 Total Cache plugin for WordPress, and the second suggestion was to optimize my database.
PhpMyAdmin has a function that will optimize your databases so I ran the optimize function on all of my tables. My WordPress database so the process did not take very long.
Optimizing tables
Caching Plugins
Optimizing the tables didn’t seem to cure my performance issue so I decided to look into the W3 total cache plugin. I did some research on this plugin and it seems to be very popular. W3 can cache almost any aspect of a WordPress blog using memory and disk caching. The plugin is pretty simple to set up and has lots of options that advanced users can tweak if they want to.
I ran a speed test on my blog using YSlow before and after installing W3 Total Cache and did see some improvement in the test score. I was still seeing really bad performance in my WordPress admin control panel though.
Disabling WordPress Plugins
Since I was still seeing issues I spoke with Hostgator support to see if there was anything they could do since nothing seemed to be working. During this chat they asked me if I had disabled all of my WordPress plugins. At first I was frustrated by this response but then I decided to comply with their request and disable all of the plugins I was using.
Well after disabling all of my plugins the slow performance issues disappeared! I was really surprised by this since I had been using the same plugins for quite some time and the slow performance issue had only recently appeared.
I begin re-enabling my plugins one at a time to find out which one of them was causing the problems. It turned out that the Web Ninja Google Analytics plugin was causing the problem. I’m not sure what caused this plugin to begin having issues but I decided it wasn’t worth worrying about since I could simply find another plugin to use.
Yoast offers a Google Analytics plugin that works qutie well, I’m actually a big fan of all of the plugins that Joost has created.
Conclusions
Part of why I enjoy troubleshooting problems is that I usually learn new things during the process of solving an issue. The key things I learned from this problem were..
1. If your having problems with WordPress disable all of your plugins and see if the problem still exists.
2. Database statisics are really only valuable if you have a benchmark to compare it to, such as past performance stats.
3. It’s probably a good idea to use a caching plugin such as W3 Total Cache. In most cases it probably helps and I don’t think it can do any harm, especially on a shared server.
4. Database performance on a shared server is not guaranteed. If you want to ensure no one else is abusing your database get a dedicated server.
5. Listen to the suggestions from HostGator’s tech support 
pfSense 2.0 Release Candidate 3 Now Available
3
PfSense 2.0 hit another milestone last week with the announcement that RC3 is now available!
In the announcement Chris Buechler states that RC3 will probably be the last release candidate before the final release of version 2.0.
I glanced through the list of commits and it looks like the majority of changes in RC3 are bug fixes. I’m glad to see that the developers are working on polishing things up and fixing bugs instead of trying to implement any new features at this point. If you want to take a look at the list of commits check out the pfSense GIT hub.
The announcement of RC3 comes about 3 months after the first release of pfSense 2.0 last March. There was never an official RC2 build of pfSense 2.0 although there were snapshot builds.
Hopefully once the official 2.0 release is out the developers can shift their efforts towards updating all of the documentation for version 2.0. Many of the wiki pages and other references are inaccurate and out of date.
Surprisingly someone has already published a book for pfSense 2 called the pfSense 2 cookbook. If you need a solid collection of howto guides for pfSense 2 you may want to pick up a copy.
