blog.bloke.com

It’s a free alternative to RedHat Enterprise. When I say alternative, I mean it’s a copy of it, as the GPL allows that! These guys do a great job. My vote for best distro for commercial use.

http://www.centos.org/

G’Day,

Although we compete with picnik, it’s sad to see it go.  Enough of that.  Check out our awesome HTML5 image/photo editor!

http://www.imagebot.com/

It’s so easy to make fun photo effects, has great stickers, easy logos, and so much more.

have fun,

Cameron

Thanks to muks for this, there is no way I would remember this so:

openssl s_client -connect mail.gimp.org:25 -starttls smtp

shows that the name is for mail.gtk.org, which is probably bad.

the output looks something like:

CONNECTED(00000003)
depth=1 /C=US/ST=Minnesota/L=Robbinsdale/O=gtk.org/CN=gtk.org CA/emailAddress=ca@gtk.org
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
 0 s:/C=US/ST=Minnesota/O=gtk.org/CN=mail.gtk.org/emailAddress=ca@gtk.org
 i:/C=US/ST=Minnesota/L=Robbinsdale/O=gtk.org/CN=gtk.org CA/emailAddress=ca@gtk.org
 1 s:/C=US/ST=Minnesota/L=Robbinsdale/O=gtk.org/CN=gtk.org CA/emailAddress=ca@gtk.org
 i:/C=US/ST=Minnesota/L=Robbinsdale/O=gtk.org/CN=gtk.org CA/emailAddress=ca@gtk.org
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIEZTCCA02gAwIBAgIBATANBgkqhkiG9w0BAQQFADB5MQswCQYDVQQGEwJVUzES
MBAGA1UECBMJTWlubmVzb3RhMRQwEgYDVQQHEwtSb2JiaW5zZGFsZTEQMA4GA1UE
ChMHZ3RrLm9yZzETMBEGA1UEAxMKZ3RrLm9yZyBDQTEZMBcGCSqGSIb3DQEJARYK
Y2FAZ3RrLm9yZzAeFw0wOTA0MTEwMDA1NDRaFw0xOTA0MDkwMDA1NDRaMGUxCzAJ
BgNVBAYTAlVTMRIwEAYDVQQIEwlNaW5uZXNvdGExEDAOBgNVBAoTB2d0ay5vcmcx
FTATBgNVBAMTDG1haWwuZ3RrLm9yZzEZMBcGCSqGSIb3DQEJARYKY2FAZ3RrLm9y
ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMS8INsrdFmXc2rFJp46
Z9OK+okWIh4zDiYc3o5sDNAawJnyxEXAL/MR6BjE7EFHMDVGw/gH2RqJ6/q6wPiU
RhXkwwcNdS9JlGw/z3XQYcvsvpGnRZp47A/Vgr66AallcGdB5UIsRMel7d8uDMSI
jziOxmFX/8iADF3SJrQ4DPNu6EPnvRTRPWSsPvpjrVky5y//J+XyQh9qzPrB9yKb
LCgkbHjWSfpYfuPgkqD7uqAi2fJdyCf4jmgf2k08yT1lQJE3aOa6V9qDsWf5FQ0H
a4oWgvGICv7FZkwHlYTAv8ePkAqrucZY0sYCN5G7MKqS2vTP2pGh+yRmm+x0MzvK
97MCAwEAAaOCAQowggEGMAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5T
U0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBQJwtbZWPsXwYi5LWii
h0az5S7QlDCBqwYDVR0jBIGjMIGggBQSdfM2tNf6+ivDLr7sCH/JaVUHAKF9pHsw
eTELMAkGA1UEBhMCVVMxEjAQBgNVBAgTCU1pbm5lc290YTEUMBIGA1UEBxMLUm9i
Ymluc2RhbGUxEDAOBgNVBAoTB2d0ay5vcmcxEzARBgNVBAMTCmd0ay5vcmcgQ0Ex
GTAXBgkqhkiG9w0BCQEWCmNhQGd0ay5vcmeCCQCFGCHaayHXtDANBgkqhkiG9w0B
AQQFAAOCAQEAfMXEDd46L1HfoBp4puRZKuoP4RQnsvttExmg9lqrCvWiIynq0Ijr
7f5gBFgtkgeUu9RX80sttqdcX44jM4IaYAfsbx+sPn8HKEhnH8Bz09Eh5Tvm1mXZ
JZDIKTbkW7BtmwhiB2umX2rmnx0X3ITM3PIgiEpbsytT+MSRdZLNmg3jfiF2SRY8
t15uF3zva7NwR1Sru4P+mz84sPcUt/AtLqZQ2NKFraE2ExClJYuxoFVD8jR+0tzr
uezf3sR/b0K88jmgiXvoMjg+e2j/Q7ckuey3yHeYKoAgp9II/yxYCHh+0b436FQP
0Tp1MgrcpMZYAnO2uizufj6vhA5gB0BaWw==
-----END CERTIFICATE-----
subject=/C=US/ST=Minnesota/O=gtk.org/CN=mail.gtk.org/emailAddress=ca@gtk.org
issuer=/C=US/ST=Minnesota/L=Robbinsdale/O=gtk.org/CN=gtk.org CA/emailAddress=ca@gtk.org
---
No client certificate CA names sent
---
SSL handshake has read 3112 bytes and written 354 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
 Protocol  : TLSv1
 Cipher    : DHE-RSA-AES256-SHA
 Session-ID: AC9ADA55403F144FF35FB970898628A130565EFF84E85E0F06A4252B8A3C01FE
 Session-ID-ctx:
 Master-Key: 3CAF412A90FD9844ECDC08C6669C483733E9618591850B57AEB161E4AE3866AF4E560F18B313709C5B94943351AE1B2D
 Key-Arg   : None
 Krb5 Principal: None
 Start Time: 1326071730
 Timeout   : 300 (sec)
 Verify return code: 19 (self signed certificate in certificate chain)
---
250 DSN

I just had to post how much I love valgrind.

I have a long live C program that once ran for 400 days straight serving out requests for my website.  It ran for so long that “ps’ just showed the year that it was started   Anyway  enhancements over the years have introduced some memory leaks, and within a number of hours, I had fixed all the leaks.  Some of the changes were in code I hadn’t touched for years.  It just makes things so easy.  So .. thanks Julian!

Cameron

If you just download the firefox tar, then you’ll get an error:

 ./firefox-bin: error while loading shared libraries: libstdc++.so.6: cannot open shared object file: No such file or directory

or

./firefox-bin: /usr/lib/libstdc++.so.6: version `GLIBCXX_3.4.9' not found (required by /home/cameron/firefox/libxul.so)

To fix this follow these steps.

cd ~
download the file: firefox-4.0.tar.bz2
tar xvf firefox-4.0.tar.bz2
cd firefox
download the fedora rpm: libstdc++
rpm2cpio libstdc++-4.3.0-8.i386.rpm | cpio -i --make-directories
#note the lack of / at front of usr/lib in the line below
mv usr/lib/libstdc++.so.6* .
rmdir usr/lib usr

hope that helps..

Cameron
Check out my new HTML5 app at: http://imagebot.com

I get the following when I install firefox 4 on ubuntu:

exec: 398: firefox/firefox-bin: not found

If you are trying to install firefox 4 for ubuntu, you also need

sudo apt-get install ia32-libs

It’s about 40meg, and after that you can either run it from the command line (firefox/firefox) or double click on “firefox” from gnome.

G’Day,
I’m thinking of adding iptable rules to block out various countries from connecting to various ports/services on my machines. Does anyone have any experience on this? Is there a noticable difference between < 100 rules and > 2000, > 10000?

Cameron

I’m almost certain this is wrong, but I’m keeping it as a note for myself:

I bought a macbook in October last year. It obviously cost more than $1000, and since I did not buy it in Australia there is not GST component (however, you might need to pay customs duty on entry to the country .. depending).

How do I depreciate this asset?

After some research, it seems that you depreciate laptops over 3 years.
Reference:

Using flat line depreciation: (equal each year).
Let’s say it’s $2001, and I bought it 18th October, 2009

First calculate number of days I didn’t have it
31+31+30+18 (number of days in july, aug, ..) = 110
Depreciation per year – $2000/3=$667.
Depreciation year end 2010: 2000/3*(365-110)/365 = $465
Depreciation 2011: 667
Depreciation 2012: 667
Depreciation 2013 (110 days) = rest = 201 (2000/3*110/365 = 200)

Also note that as far as I know, there is no rule to say it has to be bought in Australia! Crazy, so you also get the 50% small business tax concession
(so you can claim an additional $1000 in this case (2000*50%) on your tax return for 2010).

–
This is not tax advise, nor financial advise, and I am not qualified to give either. But if you need help loosing money on the stock market, follow my lead.

I’ve always known a few things that I should do to make my website go faster, (turn on expires, use multiple domains, geoip, ..etc) but nothing made it as clear as http://www.webpagtest.org/ that gave a pictorial view of what really happens when you load a page in IE (it uses an IE plugin to measure when things really happen).  Anyway to cut a long story short, I got the page load times for my site down to 2-3 seconds instead of 6-8 seconds.

Step 1. Turn on Keep-Alives.

 Surprisingly, this is off by default in apache, in httpd.conf set:

Step 2. Turn on compression.

You’ll need mod_deflate, but this is included by default.

In your VirtualHost config (assuming you are using that)

Step 3. Add Expires headers.

For me, I very rarely change my images, but I do occasionally change my javascript. So I set the expires for my images to 1 month, and js/css to 1day. What I probably should do is include a version number in my css and js, and also have them expire in 1 month.

Step 4. Move your images/css off to a different domain.

IE 7 (and other browsers) will only make 2 connections to any given domain name at a time (more recent browsers will make more). Perhaps the easiest is to make one for your images, one your for css and/or javascript. If you use cookies for your domain, and your images are on your domain, then the cookies will be sent with every image request. So what starts to happen is that the user is slowed down making the request for the image. Many users (most) have slower upload than download, and your cookies might be as large as 1k, and that can have a fairly big impact on how fast your site is viewed.

You should trade off the number of domains with the cost of a dns lookup. In the US you can expect a DNS lookup to take 20-120ms. In Australia, it’s more likely to be around 200ms for a US site.

You can just make simple aliases with apache using something like:

If you run a larger site with lots of images, you probably generate your site (well you should). A great way to get your images to be across multiple domains, and still get cached on different pages is to do a hash of the filename (or contents – slower), to generate the hostname to use. ie: “i”+(((hash(filename)%4)+1)+”ftimg.com”. I use java and jsp (and C), so I used the following snippets (watch out this will explode for large filenames).

and in java:

Step 5. Insert small js and css files directly into the page.

A lot of time is spent just connecting to a site (and very little time downloading for small files), so save the extra connection and include small css and js items right on the page. Also, if they are specific to that page, just include them. The advantage to having them separate is that on subsequent pages they will already be loaded, but if they are small or never used again, it’s pointless. Include css files like this:

And for Javascript:

Step 6. Put large repeated javascript and css into a seperate file.

Converse to Step 5, if you have repeated javascript, you should externalize them.

Step 7. Merge javascript files together. Merge css files together.

Most of the time you can do this by just making one file with all the contents in it. I’m currently tracking down a problem where two javascript files didn’t work nicely when placed in the same file.

Step 8. Use a CDN

If your site is large enough, use a CDN (google it). I’m using MaxCDN. Hard to beat $10 for 1TB, and even normally it’s $100/TB. They don’t have a presence in some countries where I do, so I hack up the IP address using my vdns so that I usually use them, but for some countries, I point to my own servers (that is a much longer story). I’ve only just started using them, but so far so good.

Step 9. Make sure webpages/images are not heavy

Sometimes you can use javascript to generate the html to reduce the size of the page. Less is more, so if you have too much stuff on your page, consider trying to simplify. It doesn’t work for all sites, but it works for most.

For images consider that you really don’t need that 24bit png, and an 8bit one would do. What I have been doing for the larger images loading the image in the Gimp (of course), compressing to say 256, 128, or 64 colours and see if I can notice a difference compared to the original image when I am zoomed in at 200%. In GIMP right click -> Image -> Indexed. Select the number of colours, and then click Ok. Then use Ctrl-Z, Ctrl-Y, Ctrl-Z, .. etc to see if you notice any difference.

Step 10. Put your ads in an iframe.

Actually, this should be like step 1, since even though you think ads run on fast servers, some analysis will quickly show you that 1. They are heavy, and 2. they are slow (even google). If your ad provider says they don’t support it, get someone else. It makes a huge difference in the loading time on your page. I’ve seen many say they don’t support it, but I tried it, and it worked just fine.

Step 11. Minimize your js (and css)

Remove unnecessary comments, and use minify tool to compress your javascript. There are a number of tools around to reduce the size. Check google for some (I didn’t minize my code yet).

Step 12. Turn off e-tags

It’s just a waste of space. Google for more info.

I got my content loaded in 1.7 seconds rather than 1.8 seconds without the etags [of course this was not tested very well]. Certainly in this case less is more!

Other notes

• Don’t use redirects – these will cause another page hit and more round trips. Instead you should configure apache to just load the page you want.
• Put your css files at the top, so that rendering can start. Similarly, if you can, put javascripts at the bottom.
• Have a small favicon.ico. Better to have one than not (else you get 404, which costs time), and don’t forget to make sure it has expires header.
• Compress multiple images into one. If you are using css, you can put all your images in the one image and just select the bits that you want. You can play around with the way you arrange the images, but generally having the images across the page will make them compress better.
• Include width and height tags. This means when the site renders it won’t be jumping around, and the user can just click on what they want. And of course the width/height should match the actual image. It annoys me to see large images scaled down to a small one, which sucks up bandwidth, slows down the image view, and generally is not a good user experience.
• Consider what browsers your users are using. Browsers like ie6/7 (and earlier versions of firefox) only allow two connections per domain, but newer browsers will allow more connections, and so the balance tips away from multiple servers because of the extra cost for DNS lookups. HTTP Pipelining seems to be a great feature to me, and I’m surprised that it’s not turned on by default for more browsers. It’s supported in most non-ie browsers, but usually disabled by default (except opera, which uses some heuristics to turn it on/off). Poor support from proxies seems to be the reason it is not more widely adopted.

Results

Although I haven’t finished optimizing my site, the changes I made have dramatically improved the page load time (and therefor the user experience). Note that in these graphs I already have ads in an iframe before and after, and I already have the images running off a different web server.

Before the optimizations:

After the optimizations: You can see that around 1.8 seconds all of my files have finished loading, and it’s only ad files that are still loading, and this has little impact to the user, since the ads are in an iframe.

Other considerations

You should also consider your situation as to how to optimize your site. For example if you are a scammer site, just there for the google keywords, and don’t get any repeat traffic and very low page views per user, then just whack everything onto the one page, you might as well get it all downloaded straight away, and no point in waiting for the secondary connections.

If on the other hand, you are facebook and get 100 page views per user for a visit, and they come back regularly, then you might consider having a lot of content written out by a javascript file that never changes so that you don’t need to reload that content each time. A good example for my site is the menu systems. I currently have a large div with all the contents of the menus, but if I changed that it a javascript that wrote out the contents, then I would only need to load that javascript once, while the user goes to all the pages (and I get higher than average page views / visit).

I guess people usually complain when they post about their various dealings with companies, and well, this post will be no different.

My first problem was that my server died after a few days, so this was fixed within a day or two, and they gave me 1-2 months free. Good for some, okay for me.

Now I’m trying to upgrade to 64 bit centos.  They don’t support it! (some comment about don’t support it on older servers), and they won’t let me upgrade my server till the 1 year contract expires in September (6 months away!) crazy!!

On the bright side, they did provide information for me to do it myself. (on the downside, it didn’t work, but that’s a pending issue, I’m sure I’ll get it going).

Also on the downside: 24/7 support.  Well, actually they don’t have 24/7 support for their dedicated servers.  At least according to the lady I just called (it’s 6:44am Friday there), and she said they don’t open till 9:30am.  Crazy stuff (and the reason for this post.  Because my server is down, I can’t reboot it, I can’t get kvm access to it, and .. well .. it’s down .. not good). Perhaps I’m spoiled by “theplanet” in the US (but their UK servers are too expensive for me $300/mo).

Can’t upgrade the server .. that’s just crazy…

Cameron