from the inception, experience, design, graphics to the performance and analytics. live and prosper web pages!
Don't wanna be here? Send us removal request.
Statistics
We looked inside some of the posts by rogerovo and here's what we found interesting.
Average Info
Notes Per Post
67K
Likes Per Post
28K
Reblog Per Post
39K
Reply Per Post
14
Time Between Posts
2 months ago
Number of Posts By Type
Photo
8
Text
5
Link
3
Video
1
Last Seen Tumblr Blogs
Fun Fact
The average Tumblr user visits about 67 pages every month.
Photo
Can you spot the difference? Still better than a comic view of Sans Francisco.
31 notes
·
View notes
Text
“Classic” PHP Caches in 2016
APC (3.1.3)
For a time, APC ruled the world, and it was good.Then, it’s development stalled, apps began to break, and PHP 5.5 support never materialized under pressure of Zend. So sadly, end of story here.
Zend OPcache (7.0)
This is the current canonical solution, it comes bundled with every PHP since 5.5.
Zend knows a bit about PHP, no doubt. But its opcache is not really a one-size-fits-all solution, as APC. It usually comes up fastest in benchmarks, but at a price:
no user/variable caching
no clean up (once it gets full, it’s full and just waits for a complete waste purge or server reset)
The clean up thing becomes a problem when your complied php codebase is larger than the spare memory (rule of thumb 32MB per one average CMS). If you try to host even a small number of those, on a 2G VPS, it adds up quickly.
Zend OPCache never frees cache memory. Invalidation just marks space as “wasted” - lost for the rest of the server lifetime.
When you do run out, nothing catastrophic happens. The cache hit rate will start to drop slowly (tuning guides cite <99% as an indication of waste accumulation).
You can restart the server to clean the cache, but then it takes some time “warming up”.
The user caching can be outsourced by dedicated solutions, like memcached, apcu. Strangely there is currently no user caching available in PHP7 anywhere.
Other nice features include:
string caching
comment stripping
Zend Code Optimizer
PHP 7 support
Read more, than you ever wanted to know about OPcache.
XCache (3.2.0)
The rebels from lighttpd implemented op/variable caching in a way which makes it more flexible and it rocks. It’s supported on up to PHP 5.6 and is only marginally slower than Zend (rather in the “YMMV” area).
Significant features include:
user/variable caching
cache TTL
splittedcache (”pools”)
User caching is a no-brainer. People and apps got to used to it.
Splitted cache was designed to leverage parallel memory access on SMP computers, but that is more of a theoretical advantage. It’s not even clear, if it offers any advantage in a common multi-core system. But let’s not dismiss this one...
Having TTL’d cache items is a nice feature, but comes with new problems. One of the most painful is memory fragmentation management.
When you start deleting chunks of memory, holes appear. Dealing with this is more difficult as it sounds and fragmentation was a problem in APC. Sooner or later you end up with holes which are not big enough for new data.
The cache has to do garbage collection, look for holes big enough for now data, it can start cleaning up by moving fresh things around, etc. It all comes at some CPU cycle price and disrupts the speed-up summary.
This is where that splittedcache makes a comeback. XCache allows you to manage/clean pools separately, so you can partially reclaim the space, without the need to flush it all out.
I’m not really sure how keys are split to caches, whether you can influence that, or that there is a automated mechanism for fragmentation resolution in XCache. But you can push the button and gradually clean the cache up.
Note that XCache supports PHP 5.1 - 5.6, but hasn’t been updated in 18 months and PHP7 probably isn’t going to happen.
Does it matter?
When you can give enough memory to cache and have immutable source files in production, it doesn’t. You are better served with OPCache here most of the time.
When your can’t afford reserving space for seldom used items, when you run out of space, resets regularly on waste-limit, suffer from cache hit rate degradation, or high delete rates, it does. Consider XCache and it’s manageability.
Notes
This comparison assumes that you know the implications of different ways of serving PHP (fast/CGI, FPM, mod_php, LSAPI, etc) has on opcaching.
I couldn’t find any other opcache extensions for PHP 5.6
HHVM uses a different approach altogether and is not described here.
0 notes
Text
Wanting the page #52, of anything - does a user sound like that?
What is the motivation of a user clicking something other than start/end prev/next on a list pager?
Crawling the UX stackexchange I came across a benign looking question about paging list display - Display Previous Page on Page 1? Fair enough.
But then, it got me thinking...
When was the last time you said, ok I need to see page 11 of this set? Or 22. Or 3...
What is the motivation of a user clicking something other than start/end prev/next? Pagers have become a die hard part of webdesign. But not because they are useful, but because they are a "retarded" skeumorphism of real life paging. But paging of what?
Meaningless numbers are useless. They don't have a reference value, you don't know anything about the list length either. And even if you did, you can't reach it, because we can only show you handful of page numbers, so they still look somewhat appealing. Anyhow, your website pager is not as fast as flipping pages in a book. I dare you.
Let's get physical. Pages.
All printed content uses paging somehow, right? Yes. and it's a very useful feature, because paper doesn't move. Or change. Yet.
It's your only chance to grab and split a thick book and find a certain page by its page number.
You are using two key concepts there - you know where you are heading (you know the destination number) and you see the thickness as a reference, so you can pin point your final destination pretty quickly with decreasing step size (I bet it's the Fitts' law).
At least we could be using shortcuts for the sorting criterion (being it the first letter, price level, date, etc). That would already add an information scent.
Then the website said "pick a number"
The real issue may be that the programmer is gonna hate you for that. Because pagers are just a very handy shortcut to SQL queries.
Programmers, me inlcuded, like simple things like "SELECT LIMIT ($offset-1)*$page_length,$page_length"
No rocket science. That is left to the user...
But is this helpful? Definitely not.
(Realistic) Solutions?
Workaround buttons (prev/next, random next) - this might be easy to do, but the "novelty” may be more than the user can handle right now. something I used recently:
Actual useful buttons (”next tier, by sort criterion”) - this is where I want to go, but implementing it may need man-hours because of it’s contextual character.
Infiniscroll (includes “load more”) - industry went mostly this way. It’s sexy, it’s kinda “just add water” solution. But to do it right (usability and stuff) is harder than it looks. Definitely see great Smashing feature on these.
0 notes
Text
SSL Cipher-Suite Ramble
Spoiler: get the state-of-art setting here: https://cipherli.st/
If you need to see, what’s going on, how Alice and Bob are doing, check:
https://en.wikipedia.org/wiki/Cipher_security_summary
https://en.wikipedia.org/wiki/Hash_function_security_summary
If you need a recommendation about key lengths, and the protection they offer into the future, https://www.keylength.com/en/compare/ has some publications and standards compared.
OpenSSL is one of the leading implementations, check it for cipher support and speed (Intel “Skylake” processors bring a nice AES boost).
Of course, always check the correctness of your final installation - ssllabs.com test suite is still great.
0 notes
Text
mod_security rule sets in 2016
1. Mod_security comes bundled with the nicely branded, free OWASP CRS. Thing is - it’s stale since 2013... and is pure hell of false positives.
2. The official commercial alternative is Trustware SpiderWeb WAF, which seems to receive updates daily (no list, nor trial) at a hefty 500$/y.
3. You google further, you find the Atomicorp Gotroot ModSecurity Rules. They claim superior history and performance (”works right out of the box without any tuning and without interference”). Again, no trial or update feed, and at 200$/y.
4. And then, hidden from sight, is the Comodo WAF, which is receiving updates (every month or biweekly, at least) - and is free (registration necessary). The set seems balanced and shows a decent detection rate so far for me.
Comodo seems to use emergingthreats (now by proofpoint.com) as an internal source. ET is a great source of free and premium snort/fw rules, but does not offer converted mod_security signatures.
Snort
Snort itself (by VRT, now Talos), has an extensive web-app section in it’s free registered set, but again, it’s not easy to convert to mod_security.
Snort can work in place of mod_security, but has a major drawback - it can not see inside HTTPS traffic - which mod_security can.
Do you know of any other “live” resources?
0 notes
Link
we can’t just treat screens in the 5.5” range simply as a scaled-up version of a smaller phone. Grips completely change, and with that, your interface might need to do so, as well.
I think prototyping will become even more important. So if you haven’t jumped on that train, now’s the time.
includes nice thumb heat-maps
0 notes
Photo
your #microcopy's gonna getcha... @ http://perldoc.perl.org
0 notes
Link
It's easy to get caught in an "optimization" frenzy. Especially when it comes to such complex and side-effect loaded environment as the TCP stack.
This hard-core explanation sheds a little light into the dangers net.ipv4.tcp_tw_recycle, net.ipv4.tcp_tw_reuse and how to correctly solve the problems you think these options handle.
0 notes
Video
youtube
Just in case you’re getting a little too serious about your app. ;)
16 notes
·
View notes
Text
Cheatsheet: Contexts of MySQL GRANTs
Where can each grant directive be applied?
dt { font-weight:bold;} dd { font-size: smaller;} th { padding: 12px 3px; background-color: #ddd;} td { padding: 0.5em 0.25em; vertical-align:middle; border: ;} code { display: block;}
GRANT Global Database Table Column Procedure Proxy
ALTER
Enable use of ALTER TABLE.
yesyesyes
ALTER ROUTINE
Enable stored routines to be altered or dropped.
yesyesyes
CREATE
Enable database and table creation.
yesyesyes
CREATE ROUTINE
Enable stored routine creation.
yesyes
CREATE TEMPORARY TABLES
Enable use of CREATE TEMPORARY TABLE.
yesyes
CREATE VIEW
Enable views to be created or altered.
yesyesyes
DROP
Enable databases, tables, and views to be dropped.
yesyesyes
EVENT
Enable use of events for the Event Scheduler.
yesyes
EXECUTE
Enable the user to execute stored routines.
yesyesyes
GRANT OPTION
Enable privileges to be granted to or removed from other accounts.
yesyesyesyesyes
INDEX
Enable indexes to be created or dropped.
yesyesyes
INSERT
Enable use of INSERT.
yesyesyesyes
LOCK TABLES
Enable use of LOCK TABLES on tables for which you have the SELECT privilege.
yesyes
SELECT
Enable use of SELECT.
yesyesyesyes
SHOW VIEW
Enable use of SHOW CREATE VIEW.
yesyesyes
TRIGGER
Enable trigger operations.
yesyesyes
UPDATE
Enable use of UPDATE.
yesyesyesyes
Meta keywords: ALL is all expect grant. USAGE is none.
As of MySQL 5.6
... and the accompanying perl oneliner: perl -ne '@s=qw~Global Database Table Column Procedure Proxy~; if (/^(.*?)\t+(.*?) Levels: (.*)\.$/) { $g=$1; $gd=$2; $l=$3; my %l=map { $k="\u$_"; $k => "yes"; } split /, /; print "<tr><td><dl><dt>$g<dd>$gd</dd></dt></dl></td>"; foreach (@s) { print "<td>$l{$_}</td>";} print "</tr>\n"; } ' sql-grants
0 notes
Photo
Nice half-way solution to the "click-to-copy-without-flash" trauma by crayon-syntax-highlighter. By using an icon for copy which preselects the text (we have seen those ) and tells you what to do (Nielsen-grade) in a nice way (Norman-grade)
Wonder if ti's platform-aware...
PS, that's http://www.mysqlperformanceblog.com using that plugin.
0 notes
