48 replies to this topic

[awall]

say?

[djinkc]

Seems to be working jus

[djinkc]

st fine

[MtnBrewer]

Likewise.

[CaptRon]

Man, the timeouts have been really bad today.

[ScottS]

Working on it.... Looks like the search restriction didn't fully solve the problem.

[ScottS]

Mtn did a test not too long ago where he pinged the server while the board was down. The ping was just fine, which would lead me to believe that the problem is the board and not the server. Shutting down searches to bots and other non-registered users helped quite a bit, but now the problem is back for some reason.

[MoreAmmoPlz]

Hmmm. So much for that idea. Is the forum software up to date?

It's the https server IMO and the reason I say that is because it is throwing a 500 error back.

[MtnBrewer]

ETA3: In ACP, Support Tab, left-hand column click on "SQL Processes", table shows SQL server address and port.

No IP addresses in that table. In the host column it does say localhost so does that mean that the DB and web server are on the same box?

[MtnBrewer]

Yeah, that would be my assumption. And usually that's not an ideal setup for larger boards. You generally want a separate database server than your HTTP server. Load balancing and all.

Yeah agreed but I'm not sure we qualify as a larger board. We generally have on the order of 100-150 users on at any one time (including guests). The other board I mod had over 1600 online Sunday afternoon and it was like duck butter. I don't think there's any excuse for the kind of performance we've been experiencing with a user load as light as we have.

[MoreAmmoPlz]

I'm telling ya, I think the https server is crashing on that box. This last h0rk I received a connection refused which usually means the https server process isn't running.

[MoreAmmoPlz]

I just did a fresh install of the board software on my server. It said that if CHMOD is set to 0777 on all files, it can cause the 500 Server Error. They suggest resetting everything to 0755 and then following the CHMOD guide to change only certain areas to 0777.

Keep in mind it depends on what user account/group the https server is running under and the ower/group of the files. If the https server is running under the owner or group of the file then there isn't any reason to give everybody read/execute rights to the files.

[CaptRon]

I am more than willing to host the site on my server and manage the technical aspects of it. I've run several boards of this software on my server before, and am currently running one. I have a license for the software already. I'd ask for a fraction of the existing costs for me. My server is load based, meaning that during peak usage it reallocates CPU and RAM to me so there are no down times. I have unlimited bandwidth and storage of about 150GB.

I'll cast a vote for that, but I have no voting rights. LolSeriously though, Guest really seems to know a lot about this, and the timeouts are getting pretty frustrating. Especially when I need a good solid dose of asshat or need to get a big ol virtual kick in the nards.

[MoreAmmoPlz]

The way this software is designed, is to allow certain areas full access: attachment uploads, avatars, cache, etc. Those are the only areas that need to be 0777.

Right but 777 only makes sense when, for example, the https server process's user/group is run under nobody/nobody and the files are brewbrother/brothers. Then the server process would need 777 because it is neither the owner or group of the files. If the https server is run under nobody/brothers then 770 would suffice because they would be allowed read/write/execute under the group permission.

[MoreAmmoPlz]

But without 777, you as MoreAmmoPlz user of this board would not be able to upload your custom avatar. You are an "everyone" as far as the server is concerned. The webserver has no idea what a brewsbros is. Even ScottS is considered an everyone. You seem to assume that the owner of a website always has server level control. This server is on a shared resource without access to server level groups and users.

I would still be able to upload my avatar because it is the https server process user/group that is evaluated against the file/folder permissions.I'm not assuming you have control but rather advocating contacting your hosting provider and asking about the correct chmod settings because granting everyone access isn't always necessary and when it's not it's better to definitely not do it.

[MtnBrewer]

I would still be able to upload my avatar because it is the https server process user/group that is evaluated against the file/folder permissions.I'm not assuming you have control but rather advocating contacting your hosting provider and asking about the correct chmod settings because granting everyone access isn't always necessary and when it's not it's better to definitely not do it.

IPB is doing the hosting and you'd think that they'd know how to set the permissions correctly. Also if httpsd was crashing, that wouldn't explain why things get better when we turn off searches.

[CaptRon]

I would still be able to upload my avatar because it is the https server process user/group that is evaluated against the file/folder permissions.I'm not assuming you have control but rather advocating contacting your hosting provider and asking about the correct chmod settings because granting everyone access isn't always necessary and when it's not it's better to definitely not do it.

Right, generally I would agree with you if talking about file/folder security. The big exception is that it appears that Guest said that it is documented that specific permissions need to be applied to specific groups/folders/whatever. You should make sure you are in compliance with the documentation of the software. But generally I agree with you that 777 is not a good idea for most things.