Remember at the end of the article NoLimit move from old servers to new servers is complete, we wrote that we can finally move on and that you definitely have something to look forward to? So, we put in a lot of work and managed to get everything we needed before Christmas. Under the Christmas tree you will receive a 257% performance increase of your NoLimit web hosting and then in January a new WEDOS Global Protection service!
Or rather, we are officially announcing it to you as of 24.12.2021 🙂 The increase of parameters will take place in mid-January.
He who does nothing will do nothing, but he will also go nowhere
This year we have made a lot of changes and improvements. We moved the service data to new HPE 3 PAR StoreServ Storage 8450 storage. We currently have 6 in operation and 1 in testing. Another 6 arrived in the past few days in our second WEDOS DC2 datacenter and we will be able to start preparing replication that will take data security, backup and availability to the next level. Whoever is interested will be able to have data on 2 data stores at the same time and in 2 datacenters. Every entry, every change is automatically written to both repositories.
We have made extensive modifications to the internal network. Line capacity has been increased, backup lines have been added, and we can solve problems more easily and quickly. Everything is also being prepared for the deployment of the brand new WEDOS Global service, which will be our biggest investment since the construction of DC2. If we take the list prices of hardware and contracts for 2-3 years, the investment will exceed CZK 100 million. You’ll hear about WEDOS Global in the article below (and more importantly, you’ll hear about it in the future), as it will be (not only) part of the NoLimit enhancements 😉
There have been a number of modifications to our cloud solution built on OpenNebula. The development in this regard has been quite challenging, because finding the ideal solution for hundreds of thousands of services of different types and focuses is not something many people in the world do.
In addition, dozens of other modifications were made to hardware, software, internal systems and processes. Yes, it has been accompanied by a number of minor complications and a small number of our customers have struggled with related issues, but you simply can’t make this much progress without it. He who does nothing will do nothing, but he will also go nowhere. And we’ve really pushed our services over the last year. It’s true that sometimes it hurt. Not just us, but some customers as well. However, we currently have services that are not only fast, but also stable.
It is also necessary to write that in the last months we have, except for planned modifications (during planned changes), the availability of almost all services 100%. And we have thousands of servers and hundreds of thousands of customers and services.
How to improve NoLimit?
The current NoLimit runs on fast HPE Moonshot servers with 3.8 Ghz processors in HPE Moonshot 1500 server cabinets, where you have 45 servers in one box and there are also 2 switches and a total connectivity of 320 Gbps . The database and the data itself are on HPE 3 PAR StoreServ Storage 8450 smart ALL FLASH storage. We use branded server SSDs designed for demanding server traffic everywhere.
The NoLimit web hosting service itself currently provides 7 separate PHP threads, 256 MB of memory for running scripts, HTTP/2 and a reverse proxy for content caching. If the customer can optimize their scripts, database tables and cache content, they can easily run websites with traffic in the upper tens of thousands of people per day thanks to fast processors. We have hundreds of customers like that today.
We know this because we download logs from all servers to a central server and evaluate them via Elasticsearch.
For more demanding sites that need, for example, more memory, we have an extra service Extra and for those who need performance so WMS, which are NoLimit on dedicated hardware with dedicated performance. You can literally buy a piece of physical server for yourself and there you can run a regular NoLimit web hosting.
From our data we know that WMS was one of the most visited websites in the Czech Republic built on WordPress, at least in terms of traffic. And it wasn’t exactly optimized. It was hundreds of thousands of visits per day and millions of requests.
It would seem that we have the ideal service for everyone, but why does anyone have a problem even on a WMS to run WordPress with a few visits per day?
Searching for the problem
There are many reasons why the web is slow. Customers don’t know how to set their cache properly, sometimes a plugin needs more connections out, poorly handled redirects, cluttered non-optimized databases, problematic plugins or templates, etc.
Normally everything works beautifully and runs fast. After a long time, you log into the administration and it is slow. All of a sudden you get an outage report. You don’t see any major traffic in your Google Analytics statistics and you’re already reporting an error.
The problem is what you can’t see
These problems are caused by long running scripts that someone called directly. This is a robot or automated script that does not visit your website as a normal visitor and run the JavaScript of your Google Analytics code in its browser.
Most often it is an attack, but it can also be a WordPress maintenance script. If you don’t follow the logs (access log and error log), you won’t find it.
If WordPress or another website is managed by an experienced user, it can handle many situations. For example, calling a redirect or a non-existent page will not take him a few seconds. This is a problem for many of our customers who just need a robot to run around looking for vulnerabilities and end up with 503.
In the picture you can see the robot testing the existence of the shell.php file. It uses a range of IP addresses to avoid detection. It’s always different domains that have the same problem – leaving it to WordPress and often multiple plugins to resolve 404 error pages and 301 redirects. This overloads their sites because it consumes PHP threads for a few seconds. .htaccess could solve this in units of ms.
But even .htaccess is not omnipotent and does not have unlimited capacity. Try putting hundreds of rules in it…
Of course, we protect our customers’ websites. We run probably the largest active blacklist, which is constantly updated. But many of the attacks are very careful. Within 7 days, they make only a few subtle requests that no one would even notice (they are across domains and IP ranges).
Normally, this wouldn’t matter. But if the customer doesn’t have well optimized scripts, there are more of these robots, or there is a very active robot of some search engine, it leads to the exhaustion of 7 PHP threads, then the accesses start to queue up and after 30 seconds they are discarded. Error 503 is returned.
Increasing the number of PHP threads from 7 to 25
Most customers do not understand this issue and are unable to resolve it in any way. They don’t listen to recommendations from customer support, they don’t read our articles and guides on how to solve it, and they often prefer to listen to some “experienced expert” who tells them to go to a competitor.
We put our heads together, went through the stats and calculated that a large portion of these people will be saved if we increase the number of threads to 25. Yes, potentially, NoLimit can handle 257% more requests, which for more experienced customers is another higher tens of thousands of visitors or units of bots.
Reserve in the form of an increase in the number of PHP threads by 257% will ensure that even a non-optimized site can withstand occasional onslaughts of robots, scripts communicating confusingly, multiple launches of various telemetry and analysis, etc.
It’s an incredible waste of resources, but that’s the trend of the moment. 10 years ago, webmasters monitored their websites, optimized them and if something was wrong, they replaced it or modified it themselves. Today, they install the CMS, upload the recommended extensions and a few other plugins that might be useful and don’t worry about it further. We have to adapt to that.
Along with this extreme increase in the number of PHP processes, we will also increase some PHP parameters.
WEDOS Global Protection must be deployed
Our new WEDOS Global service network will include services from the WEDOS Protection range. In between is a more advanced filter that puts an obstacle in the way of potentially problematic accesses. This can be a simple redirect, an automatic test if the browser can accept a cookie and in case of problematic IPs, even a captcha.
Different parts of the website may be protected differently. For example, the administration directory for visitors outside the Czech Republic automatically with cookies, for Asia with capatchou, etc. Most of the time you won’t even have to worry about this. We will set everything up for you.
Of course, this is just an example. WEDOS Global Protection are in development. However, we have deployed this protection with a number of customers and it has helped them tremendously. We know it works.
WEDOS Global Protection will be deployed on all NoLimit in the basic version. What you see in the screenshots above will no longer be the case. Now we can’t block all suspicious traffic, we only block the problematic traffic. However, WEDOS Global Protection will put obstacles in the way of attackers to stop them.
By the way, WEDOS Global will also support HTTPS/3, so 73% of visitors whose browsers already support it will see a significant speed increase.
With the new WEDOS Global Protection service we have big, truly global ambitions. The service will initially be available on all continents and will consist of more than 1,100 physical servers connected in 25 datacenters around the world. If necessary, we will gradually increase the capacity. We are currently negotiating dozens of other sites.
How to change the NoLimit service parameters
The basic idea is to increase the number of PHP threads from 7 to 25. This is done automatically for all NoLimit services. So you don’t have to change anything. Of course, the Extra service will have higher parameters for running scripts, daily backups, guaranteed availability and so on will remain.
SNI will automatically be part of the NoLimit service. With HTTP/2, SNI increases the download speed of the entire site.
Of course, the increase in the number of PHP threads must be reflected in the price of the service. We give you 257% more performance and that means fewer customers (services) on the physical server. The new price for the service will be CZK 68.80 excluding VAT per month. We are raising the price by 25.80 CZK (SNI is included in the price of the service), i.e. by 60%. For an extra 60% you get 257% more power, plus WEDOS Global Protection as soon as possible. The price of this protection alone will be charged in the hundreds of crowns per month in the world, because as is well known, such protection is very expensive (and also demanding in terms of equipment and setup).
For the price of 1 coffee in a better cafe you get a monthly web hosting with parameters that are extremely above average.
The price will only start to be calculated from the next billing period (from the extension). Specifically, around mid-January, we will make a performance increase and all issued calls for payment from then on will be at the new price. You can take the opportunity to extend your service now at a lower price. It can be done in the administration.
We don’t make web hosting more expensive because of some inflation or more expensive energy or more expensive salary costs for our staff. From this perspective, the price remains the same, but we are significantly increasing the performance and adding services for which the world pays tens of dollars per month (our new WEDOS Global Protection).
We will write much more about WEDOS Global Protection next time.
I don’t need more threads, I’m old school and I know how to optimize everything
If you don’t need such brutal performance and the current parameters are enough for you, we have good news for you. For enthusiasts like you, we have created a new LowCost. It has 7 PHP threads and even there is no mandatory SNI (it can be turned off/on, we calculate for 0 CZK before we decide what to do with SNI next), because we know that there are still people who don’t need it. However, it is true that it will soon be impossible to do without it…
The switch from NoLimit to LowCost is of course free of charge. With NoLimit, LowCost will be an additional service that you just turn on before renewing your service. It works similarly to Extra. LowCost cannot be combined with Extra. For experienced users it is not a problem, because they can solve the backups themselves via 5 GB WEDOS Disk, which is free of charge, scripts can be optimized (who needs 512 MB RAM and more for running scripts, or other higher parameters, so they better buy anyway WMS), and we accept the guarantee of availability to everyone anyway if a mistake happens with us.
Similarly with the additional service of unlimited aliases. Most customers, who run dozens of sites on NoLimit, often forget about an older site on the alias and it causes problems (security vulnerabilities, missing patches, etc.). Therefore, unlimited aliases will not be possible with LowCost. In our experience, more experienced users tend to try to separate the services into separate web hosts, or use a WMS where you can have multiple sites without aliases.
Hosting LowCost will also not be as strictly protected by WEDOS Global Protection. This is partly to address potential security vulnerabilities on behalf of the customer. With LowCost hosting, we assume that a more experienced developer, for whom the service is intended, can protect it himself, or leave a security “hole” there on purpose (for example, for compatibility with the old solution). Of course, we will test all this and we will see according to the data obtained.
Conclusion
We have been thinking for a long time how to solve the “problem” sites. We’ve tried tutorials, community forums, we have CMS experts who can advise, but none of it has quite worked. The only solution is to waste a lot of power and improve site protection.
Of course, we don’t want to do this at the expense of the people affected by the problem, so a LowCost tariff will be created for the more experienced to activate.
At the same time, we want to offer special web hosting for CMS in winter at the latest, where the fastest possible solution will be available. But more on that next time. Plus, we’ll submit benchmarks for everything.