Malaysia Airlines Flight 370..No Updates?

First I want to say that my heart/prayers go out to the families of all the passengers on Malaysia Airlines Flight 370.  I can’t imagine being in their position and wish I could do something to help the.

First I want to say how surprised I am that no one can find Malaysia Airlines Flight 370.  I can’t help but think some sort of conspiracy or underlying issue is going on.  With all of the technology and radar today it seems very weird that we can’t locate a single piece from this plane.  I feel as if whatever happened to this plane is being done in a calculated effort to obfuscate it’s path/current position.  It seems to me that all of the flight tracking/gps/black box equipment must have been disabled prior to it’s disappearance because it’s clearly not sending a signal.

Other questions I also have:

  1. Can’t locate anyone iphone/android that was on the plane or there last known position?  Seems like a no brainer….
  2. No satellite imagery to find it’s last known position?
  3. Not a single phone call, text or email with last known position from any of the people on the plane?
  4. No distress calls from pilots at all prior?
  5. How tight is the security in the air port in which this airplane took off from?

Things that concern me are the lack of help from the Malaysian government.    There is also some interesting history on Flight 370 Copilot that raise some red flags or cause for concern.  But, the captain (Zaharie Ahmad Shah) was a self proclaimed “Tech Geek” who lived and breathed aviation.  He has logged 18,000+ aviation hours with a perfect record prior to boarding Malaysia Airlines Flight 370.  He joined Malaysia Airlines in 1981 giving him 30+ perfecting his craft.  I would say this is enough to believe there was no pilot error involved.

Also, while there was 2 Iranian men that had stolen passports on this flight, I feel as if there would need to be more than this in order to orchestrate some sort of terrorism on this plane (unless a bomb or remote device).  People use fake passports on a regular basis to get in and out of countries for various reasons (drugs, immigration, etc…).

I am glued to the internet search for updates on this because I feel there needs to be justice and closure.

DDOS attacks….Very Frustrating

DDOS attacks are becoming more and more familiar as everyday passes.  We currently host at one of the largest cloud providers in the world and they seem to be getting DDOS attacked on a bi weekly basis.  These DDOS attackers seem to attack these large hosting companies at the most vulnerable points.

Keep in mind, our hardware is dedicated at this provider.  We have our own rack, our own firewall and all of our servers are dedicated only to us.  It amazes me that these attackers can target such a giant and our site is effected pretty drastically.  When we reach out to our provider asking for an explanation, we get a pretty general response back that says there is nothing that can be done.

It seems to me that they target the largest players and do their best to try and bring them down.  They target them in ways where they are in essence cutting them off at the ankles.  Realistically anything on the internet with an IP address is vulnerable to a DDOS attack, but I have never had anything “small” of low importance get DDOS attacked.  Only sites or IP addresses that are high risk, high traffic seem to get attacked.  In my opinion, DDOS attacks are going to be the new form of extortion, bribery and protest in the coming years.  As long as an IP address is pingable on the internet, you are at risk.

So why do they do it? Are they sending a message?  Are they just doing it out of boredom?  I would love to get inside the head of a DDOS attacker and see what causes them to do such things.  It’s one thing if they are trying to send a political message, or have been wronged by the person or company that they are attacking.  But attacking companies or networks for little or no reason really doesn’t make sense to me.   It would be like someone walking up to you and punching you in the face for no reason (like the knock out game which I think is attorcious).

To date, our website has gone down twice in the last 3 months due to DDOS attacks, in which we have no control over.  We are starting to now develop recovery plans simply for unsuspected DDOS attacks.  This wastes time, money and causes a lot of unneeded stress.

Here is what a DDOS attack did to our main web server CPU:

DDOS attack on Memory

DDOS attack really didn’t affect our memory useage:

DDOS attack effect on Memory

Our overall performance score (Apdex) didn’t drop that much:

Apdex Score during DDOS attack

The moral of the story is the damage could have been worse, but still caused us to waste a lot of time and make sure that this wasn’t an internal issue.



Make your OpenCart Shopping Cart Faster RIGHT NOW!

This is a post dedicated to making OpenCart faster.   I am going to list in depth and in priority order the things that you can do to make your OpenCart install go much faster.  As a disclaimer, please backup all your files prior to doing any of this.  I am also not responsible if your cart goes down as a result of any of my recommendations.

EASY (low risk of damaging site if done incorrectly):

1.) Optimize images by running PNG’s through, or saving your JPG or GIF as web optimized in photoshop to reduce file size.  The overall goal here is to reduce the footprint of each page.

2.)  Disable and Uninstall any of the features/plugins you aren’t using through the admin interface.

3.) Minify JSS and CSS (JSS Minifier, CSS Minifier) to increase load time.

4.) Run your website through two speedtests: Pingdom and Web Page Test.  If Web Page test says your time to first byte is greater than 3 or 4 seconds, switch to a different host.  Think about getting a dedicated server or virtual dedicated.

5.) Implement a CDN.  Change any files that get used more than once in your layouts to point to files in the CDN.  For non enterprise level carts, I recommend Cloud Files by Rackspace (which is actually Akami).  Most of these changes will live in your catalog/view/theme/default/template/common/header.tpl and footer.tpl.

MODERATE (medium risk of damaging site if done incorrectly):

1.) Add index’s to your table to optimize your database.  Full Article here:

2.) Implement caching in your htaccess so your user’s don’t have to redownload files on every page they visit.

Paste the following into your htaccess file:

# turn on the module for this directory
<IfModule mod_expires.c>
ExpiresActive on
# set default
ExpiresDefault “access plus 24 hours”
ExpiresByType image/jpg “access plus 1 months”
ExpiresByType image/gif “access plus 1 months”
ExpiresByType image/jpeg “access plus 1 months”
ExpiresByType image/png “access plus 1 months”
ExpiresByType text/css “access plus 1 months”
ExpiresByType text/javascript “access plus 1 months”
ExpiresByType application/javascript “access plus 1 months”
ExpiresByType application/x-shockwave-flash “access plus 1 months”

DIFFICULT (doing anything wrong in here will white screen your website)

1.) Comment out any unnecessary items in your catalog/controller/common/header.php and footer.tpl (back this file up first).   Examples of things I have removed without breaking the cart:

$this->data[‘categories’] = $this->getCategories(0);  //<-this made a big improvement

$results = $this->model_localisation_language->getLanguages(); <-was able to remove this because I am serving only english on my site

$results = $this->model_localisation_currency->getCurrencies(); <-was able to remove this because only accepting the US dollar

I have done several other things to this file but my installs are custom and I hard code things like to logo, favicon and other no brainer items.  By hard coding these in the header, you can get rid of the loops and all the queries it takes to resolve these on every page load.  This improves load time significantly.

Let me know if you have any questions, I would be happy to help.

Benefits of using a CDN (Content Delivery Network): My Analysis

Why should I use a CDN….is it it worth it?  You may be asking yourself this question.  My answer to this questions is YES, you should use a CDN and here is why.  Upon deciding to use a CDN, we researched several of the top companies.  The companies included Akami, Cloudflare, Amazon Cloud Front, EdgeCast and MaxCDN.

Our requirements were very simple for our CDN, we required an origin PULL style CDN that also allowed us to purge our files through an easy to use API.  What this means (origin PULL) is, if the asset that the user is looking for isn’t currently on the CDN for any reason, the CDN will pull (from the origin..usually www.) it off of the www version of our site automatically with no impact in speed to the user.  Also, being able to purge through an API was critical as the particular site that needed this has a custom CMS where the administrators are constantly updating images and other assets on the fly.

Our example use case for a PULL CDN:

User requests and it’s the file isn’t there.  The CDN will automatically request from our regular site, download, compress it and cache it on there servers.

In our initial testing, even when the CDN had to request our file from our site it was just as fast as if it was downloading from our site anyways.

After getting the initial pricing for this, Akami was instantly out as we couldn’t get into a plan for less than about $1500 a month.  This was a little out of our price range even though they seem to have to market share of all the larger companies.

After various reasons of not choosing the other CDN providers, EdgeCast was the fastest in getting back to us and there technical team was very helpful in getting the CDN launched very quickly.  They also had very competitive pricing and seemed to want to grow with us in terms of contract etc…  Also, since we are predominantly US based at the moment, we were very happy with there coverage here (and in Canada).

Once selecting EdgeCast, we were able to get up and running very quickly on the CDN.  We use Symfony Framework in the particular application so setting up the CDN was as simple as a configuration change to replace www. with cdn. on all image/css/js assets throughout the whole site.  From start to finish, our production environment (including SSL traffic) was up and running in about 2 days.

The site that we implemented the CDN now loads in less than 1 second.  Before we implemented the CDN it took about 1.25 second to load the site.  Here is a snapshot of what the Pingdom Website Speed Test says about our site after the CDN implementation.  Keep in mind, this particular site is an extremely complex application that sees more than 15,000 visits per day with an average of 5 page view per visit!

Website Speedtest Screenshot




One thing to notice also, is our New Relic score went up slightly, but we scored near perfect prior to implementing the CDN.

My First Post in a long time

This is my first post.  It’s going to be a short one, but it’s here.   I plan on sharing my thoughts, experiences and advice on several topics ranging from enterprise level web development all the way down to how to play a particular poker hand.

Here’s a little bit about me:

I am married to a wonderful woman who gladly puts up with all of my shit (which I am very thankful for) and I have a very energetic son who keeps my wife and myself very busy.  I work for an ecommerce website (won’t mention the name for the sake of this being indexed with the name of the company) and I also own a website company based out of Scottsdale Arizona.  Nearly all of my time is spent working for this ecommerce company, with any of the remainder (which is little) being spent on the web company.  The ecommerce company that I work for is the fastest growing company I have ever worked for, dealt with or been a part of.  We grow at a speed that doesn’t exist in business, and it’s actually quite exciting.  The reason for our growth really boils down to a few things…a passionate/knowledgeable CEO, passionate associates at the company who care ALOT about the future and finally being well capitalized and positioned within our market.  I am very fortunate as I love what I do (if you don’t I recommend trying it) and am learning new things every day.  I am surrounded by great people in both places and am fortunate to only be able to provide value but also get to glean good information from my peers.

If I am not working, I am usually spending time with my family, friends or trying to squeeze a poker session in here and there.  Spending time with my son/wife, and playing poker are really the only two activities that I allows my mind to escape from work.  But as I said before, i really enjoy what I do so it doesn’t always feel like work… (unless something is down and this happens).

I look forward to sharing my thoughts on various topics, feel free to comments or ask questions.